ASR 9000 MAC Limiting on Bridge Domain Access Circuit
I've been running into an issue and wondering if anyone else has experienced the same problem. I have an ASR 9006 running IOS XR 5.3.3 in my lab and I've created a test bridge domain. Within that bridge domain, under the access circuit, I've configured a mac limit of 50 with the 'no flood' action. When this limit is hit, mac address learning is disabled as expected, but the problem is that its never re-enabled. If i stop all traffic on that interface, the mac learning remains disabled indefinitely until I change the configuration to either remove mac limiting or change the action to none. I would like to think that at some point it it would back off and re-enable mac learning after seeing that the mac address count has dropped below the threshold. Any ideas?
RP/0/RSP0/CPU0:LAB-ASR9006-01#sho l2vpn bridge-domain bd-name 9 det
AC: GigabitEthernet0/2/0/9.300, state is up Type VLAN; Num Ranges: 1 VLAN ranges: [300, 300] MTU 8986; XC ID 0x208000c; interworking none MAC learning: disabled (MAC-limit action) Flooding: Broadcast & Multicast: enabled Unknown unicast: disabled (MAC-limit action) MAC aging time: 300 s, Type: inactivity MAC limit: 50, Action: limit, no-flood, Notification: syslog MAC limit reached: yes MAC port down flush: enabled MAC Secure: disabled, Logging: disabled Split Horizon Group: none Dynamic ARP Inspection: disabled, Logging: disabled IP Source Guard: disabled, Logging: disabled DHCPv4 snooping: disabled IGMP Snooping: enabled IGMP Snooping profile: none MLD Snooping profile: none Storm Control: bridge-domain policer Static MAC addresses: Statistics: packets: received 1437063 (multicast 189407949, broadcast 44127, unknown unicast 0, unicast 0), sent 18 bytes: received 301982330 (multicast 40280180924, broadcast 3293496, unknown unicast 0, unicast 0), sent 1008 MAC move: 0 Storm control drop counters: packets: broadcast 0, multicast 0, unknown unicast 0 bytes: broadcast 0, multicast 0, unknown unicast 0 Dynamic ARP inspection drop counters: packets: 0, bytes: 0 IP source guard drop counters: packets: 0, bytes: 0
RP/0/RSP0/CPU0:LAB-ASR9006-01#sho run l2vpn bridge group 9 Mon Feb 5 06:23:53.371 EST l2vpn bridge group 9 bridge-domain 9 mac aging time 300 ! withdraw state-down ! mtu 9000 interface GigabitEthernet0/2/0/9.300 mac limit maximum 50 action no-flood notification syslog ! ! ! vfi 9 vpn-id 9 autodiscovery bgp rd auto route-target 9:9 ! neighbor 192.168.2.100 pw-id 91 ! neighbor 192.168.2.200 pw-id 91 ! ! routed interface BVI9 ! ! !
RP/0/RSP0/CPU0:LAB-ASR9006-01#sho l2vpn forwarding bridge-domain 9:9 loc 0/2/CPU0 Mon Feb 5 06:29:21.345 EST Bridge MAC Bridge-Domain Name ID Ports addr Flooding Learning State -------------------------------- ------ ----- ------- -------- -------- --------- 9:9 0 4 0 Enabled Enabled UP
Distribution listsA distribution-list is used to control routing update either coming to your router or leaving from the router. Distribution-lists work on a variety of different IOS routing protocols like EIGRP, RIP, and OSPF. Distribution-li...
Policy Based Routing (PBR) Policy based routing is use to path manipulation. It is used for implementing policy that causes the packet to take a different direction. Policy based routing allows source based routing. Routing table is destin...
BGP community Local-AS Local-AS is a well known BGP community and its use in confederations scenarios to prevent the transmit of traffic outside the local-as. If you are not sure about what is BGP communities are and how its work then I ad...
BGP Communities_No-advertise configuration
The community attribute is a transitive optional attribute. Communities can be used to mark a set of prefixes that share a common property. Any BGP router can tag routes in incoming and out...
BGP route reflector (RR) configuration of two RR servers
We have already learned what route reflector is and why we use route reflector. In this section we will see the configuration of two RR servers and will learn about deep RR behavior...