Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2514
Views
0
Helpful
1
Replies

L2VPN Bridge Domain - Looping Detection

ty.chan007
Level 1
Level 1

‎01-08-2017 10:35 PM

Hi,

I am using VPLS with manual provisioning. I am expecting there is L2 looping within the bridge domain. but i can not find the way to detect it.

In normal Catalyst or ME switch, i reply on "MAC address flapping" log to detect with VLAN is looping but in Bridge-domain, there is no MAC flapping log. any idea or work around ?

Regards,

Labels:
0 Helpful
1 Reply 1

Peter L
Level 1
Level 1

‎01-08-2017 11:49 PM

Hi

The same/similar function is available in the ASR9k. Its' called mac-secure. Mac-secure is configured under the bridge-domain. In this example its configured with action shutdown so when it detects a moving mac it will do a shutdown of the AC.You can also configure it with action none. You will then get a log entry but the AC will not be shutdown.

 bridge group test
  bridge-domain 123
   mac
    secure
     action shutdown
     logging

You will see the following entry in your syslog when this happens

RP/0/RSP0/CPU0:asr9k#LC/0/0/CPU0:Oct 19 08:41:08.800 : l2fib[256]: %L2-L2FIB-5-SECURITY_MAC_SECURE_VIOLATION_AC : MAC secure in AC GigabitEthernet1000_0_0_3.333 detected violated packet that was previously learned in AC GigabitEthernet1000_0_0_1.333 - source MAC: 0000.0000.0001, destination MAC: ffff.ffff.ffff; action: shutdown

To clear the shutdown AC you need to issue the following command

clear l2vpn bridge-domain bd-name 123

Regards Peter

0 Helpful
Customers Also Viewed These Support Documents