We are having a BGP EVPN VxLAN L2 overlay in our campus network.
I am now looking for a way to protect ourselves against loops in the VxLan Fabric.
According to the configuration guide, we can perform rate-limiting on the vtep to restrict BUM traffic:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/17-13/configuration_guide/vxlan/b_1713_bgp_evpn_vxlan_9500_cg/configuring_evpn_vxlan_layer_2_overlay_network.html#Cisco_Reference.dita_45158b5f-a68d-44dd-9bce-a93dbe0040...
The configuration example mentions the following match in the class-map:
Leaf-01# configure terminal
Leaf-01(config)# class-map match-all CL2Miss
Leaf-01(config-cmap)# match l2 dst-mac miss
Leaf-01(config-cmap)# exit
I can't find any documentation that explains the "dst-mac miss" classification.
Can someone clarify:
- Is this only broadcast traffic (all f in the dst-mac)?
- Does it also include multicast?
I know the statement in the configuration guide mentions BUM traffic rate-limiting, but I am not convinced by just that sentence.
In the Qos configuration guide, Cisco refers to a missing mac-address, but doesn't explain what it means by that.
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/16-12/configuration_guide/qos/b_1612_qos_9500_cg/configuring_qos.html#concept_rpn_ly3_ddb
Thank you for helping out.
Sven.