Loops detected in the network for mac

MitchQuad · ‎07-22-2022

Hi all,

I'm seeing intermittent "%L2FM-2-L2FM_MAC_FLAP_DISABLE_LEARN_N3K: Loops detected in the network for mac" errors on a Nexus 3548 (on 9.3(9)), in a vPC pair, connected to another vPC pair directly via L2 at another site. The switch is SITE2-CORE-02 in the diagram below.

The odd thing is it's "among ports Eth1/43 and Eth1/45" and Eth1/43 is an unused port, no config, no transceiver plugged in. Eth1/45 is one of the L2 links to the other site's vPC primary. The MAC addresses are all of the addresses on the Vlan SVIs.

The site is running OSFP across a couple of VLANs across all 4 cores, and during initial troubleshooting I've noticed that four Vlan15 adjacencies are stuck in an EXSTART or EXCHANGE state, despite the config being identical. The CORE-01 switches are in EXCHANGE/DROTHER and EXSTART/BDR with each other, and CORE-02 switches are EXSTART/DROTHER, EXSTART/DR. The rest of the adjacencies between the switches are all fine.

Config is
Interface Vlan15
no ip ospf passive-interface
ip ospf priority 255
ip router ospf 1 area 0.0.0.0

Checking out some troubleshooting steps for OSFP they all suggest turning on debugging and looking for issues there, like mismatched MTU. I've turned on debugging for OSPF but I don't seem to be getting any messages through for it.

I'm not entirely sure if the OSPF problem is related to the loop issue, or why either of them are happening at this point. Where can I go from here? Thank you

Jitendra Kumar · ‎07-22-2022

Troubleshooting Loop Detection Error Message

Cisco Nexus 3000 Series switches leverage L2FM for software MAC learning (and, subsequently, loop detection). FWM was used in the Cisco Nexus 5000/6000 days. The L2FM disables dynamic MAC address learning within the individual VLAN that the loop is detected in. It does not disable the dynamic MAC address learning globally. This is done to protect the control plane of the switch, as a MAC constantly moving between two ports within one or more VLANs can significantly impact the CPU of the switch with sufficient scale.

2016 Apr 11 18:00:18 %L2FM-2-L2FM_MAC_FLAP_DISABLE_LEARN_N3K: Loops detected in the network for mac XXXX.XXXX.XXXX among ports Eth1/48 and Eth1/50/3 on vlan 4 - Disabling dynamic learning notifications for a period between 120 and 240 second

Per the above logs, the L2FM disables the dynamic MAC address learning within the individual VLAN 4 that the loop is detected in. It does not disable the dynamic MAC address learning globally.

The possible causes of this message are:

MAC addresses move because of incorrect Spanning Tree Protocol (STP)-port state convergence.
MAC addresses move because the source of the data is physically moved across all switches while STP states are converged and in correct states.

Procedure

Command or Action Purpose

Step 1	switch# conf t	Enters the configuration mode.
Step 2	switch# mac address-table notification mac-move	Enables MAC-move notification on the switch.

Thanks,
Jitendra

Jitendra Kumar · ‎07-22-2022

Troubleshooting Loop Detection Error Message

Cisco Nexus 3000 Series switches leverage L2FM for software MAC learning (and, subsequently, loop detection). FWM was used in the Cisco Nexus 5000/6000 days. The L2FM disables dynamic MAC address learning within the individual VLAN that the loop is detected in. It does not disable the dynamic MAC address learning globally. This is done to protect the control plane of the switch, as a MAC constantly moving between two ports within one or more VLANs can significantly impact the CPU of the switch with sufficient scale.

2016 Apr 11 18:00:18 %L2FM-2-L2FM_MAC_FLAP_DISABLE_LEARN_N3K: Loops detected in the network for mac XXXX.XXXX.XXXX among ports Eth1/48 and Eth1/50/3 on vlan 4 - Disabling dynamic learning notifications for a period between 120 and 240 second

Per the above logs, the L2FM disables the dynamic MAC address learning within the individual VLAN 4 that the loop is detected in. It does not disable the dynamic MAC address learning globally.

The possible causes of this message are:

MAC addresses move because of incorrect Spanning Tree Protocol (STP)-port state convergence.
MAC addresses move because the source of the data is physically moved across all switches while STP states are converged and in correct states.

Procedure

Command or Action Purpose

Step 1	switch# config t	Enters the configuration mode.
Step 2	switch# mac address-table notification mac-move	Enables MAC-move notification on the switch.

Thanks,
Jitendra

MitchQuad · ‎07-22-2022

Thanks Jitendra,

I have tried to turn this on as well actually, but running show mac address-table notification mac-move after reports that
MAC Move Notify : disabled as if it wasn't turned on at all

r.heitmann · ‎07-20-2023

tuning

(a) the notification about something detected

is completely different from

(b) detecting, if a (supposed) loop is in the network

isn't it?

IMHO mac-move-notification commands won't help if the sensitivity of loop-detecton should be modified!?

MHM Cisco World · ‎07-22-2022

I will divide the issue into two part
for OSPF two point
1-MTU mismatch
2-TTL =1 "solve by "router peer under vPC"

MHM Cisco World · ‎07-22-2022

for L2
why you orphan one side and vPC other side?
it is better to do double sided vPC.