So I work for an ISP that has ~900 customers. We use a cloud core as our core router on it I have some firewall rules to limit the amount of icmp packets any source can send to any destination to help mitigate PoD attacks. What I have noticed as that in pretty regular intervals on the output chain I’ll get hammered by upwards of 100 pings per second going from source 255.255.255.255 to a few ip’s in our network. The strange thing is that the source mac isn’t the same on all these ping requests. Has anyone run into this before and if so any tips on tracking it down. If it helps we use cambium equipment almost exclusively with some redline mixed in. We use cisco switches as we branch out from our cloud core most of them operating as layer 2 switches if im not mistaken. Cisco 3550’s to be precise.