ASR 9000 MAC Limiting on Bridge Domain Access Circuit
I've been running into an issue and wondering if anyone else has experienced the same problem. I have an ASR 9006 running IOS XR 5.3.3 in my lab and I've created a test bridge domain. Within that bridge domain, under the access circuit, I've configured a mac limit of 50 with the 'no flood' action. When this limit is hit, mac address learning is disabled as expected, but the problem is that its never re-enabled. If i stop all traffic on that interface, the mac learning remains disabled indefinitely until I change the configuration to either remove mac limiting or change the action to none. I would like to think that at some point it it would back off and re-enable mac learning after seeing that the mac address count has dropped below the threshold. Any ideas?
RP/0/RSP0/CPU0:LAB-ASR9006-01#sho l2vpn bridge-domain bd-name 9 det
AC: GigabitEthernet0/2/0/9.300, state is up Type VLAN; Num Ranges: 1 VLAN ranges: [300, 300] MTU 8986; XC ID 0x208000c; interworking none MAC learning: disabled (MAC-limit action) Flooding: Broadcast & Multicast: enabled Unknown unicast: disabled (MAC-limit action) MAC aging time: 300 s, Type: inactivity MAC limit: 50, Action: limit, no-flood, Notification: syslog MAC limit reached: yes MAC port down flush: enabled MAC Secure: disabled, Logging: disabled Split Horizon Group: none Dynamic ARP Inspection: disabled, Logging: disabled IP Source Guard: disabled, Logging: disabled DHCPv4 snooping: disabled IGMP Snooping: enabled IGMP Snooping profile: none MLD Snooping profile: none Storm Control: bridge-domain policer Static MAC addresses: Statistics: packets: received 1437063 (multicast 189407949, broadcast 44127, unknown unicast 0, unicast 0), sent 18 bytes: received 301982330 (multicast 40280180924, broadcast 3293496, unknown unicast 0, unicast 0), sent 1008 MAC move: 0 Storm control drop counters: packets: broadcast 0, multicast 0, unknown unicast 0 bytes: broadcast 0, multicast 0, unknown unicast 0 Dynamic ARP inspection drop counters: packets: 0, bytes: 0 IP source guard drop counters: packets: 0, bytes: 0
RP/0/RSP0/CPU0:LAB-ASR9006-01#sho run l2vpn bridge group 9 Mon Feb 5 06:23:53.371 EST l2vpn bridge group 9 bridge-domain 9 mac aging time 300 ! withdraw state-down ! mtu 9000 interface GigabitEthernet0/2/0/9.300 mac limit maximum 50 action no-flood notification syslog ! ! ! vfi 9 vpn-id 9 autodiscovery bgp rd auto route-target 9:9 ! neighbor 192.168.2.100 pw-id 91 ! neighbor 192.168.2.200 pw-id 91 ! ! routed interface BVI9 ! ! !
RP/0/RSP0/CPU0:LAB-ASR9006-01#sho l2vpn forwarding bridge-domain 9:9 loc 0/2/CPU0 Mon Feb 5 06:29:21.345 EST Bridge MAC Bridge-Domain Name ID Ports addr Flooding Learning State -------------------------------- ------ ----- ------- -------- -------- --------- 9:9 0 4 0 Enabled Enabled UP
Listen: https://smarturl.it/CCRS8E37Follow us: twitter.com/ciscochampionSometimes, situations require temporary fixes. Sometimes, the network becomes an afterthought in overall office design and planning. In either situation, it may require netw...
In this special edition of the Insider Series, we hear from Cisco partners who have taken steps to be more eco-friendly and sustainable. We hear what inspires ASHRAE, Southwire, Igor, and NTT to create a workplace that is centered around people and how th...
We know that the Type-1 LSA describes the link type connected to the router, the neighbor router and the subnet number.In this topology, assume we dont have a Type-2 LSA, so each router will create its own Type-1 LSA, the Type-1 LSA will describe the neig...
Here are some commonly asked questions and answers to help with your adoption of Cisco DNA Center Wireless. Subscribe to this post to stay up-to-date with the latest Q&A and recommended Ask the Experts (ATXs) sessions to attend.
Q. I have a Cisco Appl...
Why IETF changed and inverted OSPF Type-7 LSA VS Type-5 LSA election In RFC 3101 compared to OLD RFC 1587?Many people learns that the Type-7 LSA and Type-5 election (ON Versus OE routes) depends on RFC 3101 for NSSA published in 2003 and RFC 1587 for NSSA...