No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - Ethernet Switching

CloudEngine 8800, 7800, 6800, and 5800 V200R003C00

This document describes the configuration of Ethernet services, including configuring MAC address table, link aggregation, VLANs, MUX VLAN, Voice VLAN, VLAN mapping, QinQ, GVRP, VCMP, STP/RSTP/MSTP, VBST, SEP, RRPP, ERPS, LBDT, and Layer 2 protocol transparent transmission.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring MAC Address Flapping Detection

Configuring MAC Address Flapping Detection

Context

MAC address flapping detection detects all MAC addresses on the device. If MAC address flapping occurs, the device sends an alarm to the NMS. MAC address flapping occurs when a MAC address is learned by two or three interfaces in the same VLAN and the MAC address entry learned later overrides the earlier one. Generally, the interface that first learns the MAC address is the correct outbound interface, which is called the original interface. The interface that learns the MAC address later is called the flapped interface. The flapped interface is often the interface where a loop occurs or an interface on the downstream network where a loop occurs. The flapped interface needs to be shut down or configured with storm control.

By default, the system performs MAC address flapping detection in all VLANs. In a data center virtualization scenario (virtual terminal migration), MAC address flapping may occur. This is a normal situation where MAC address flapping detection is not required. You can configure the whitelist of VLANs in MAC address flapping detection to prevent MAC address flapping detection from being performed in a specified VLAN.

If modifying the aging time of flapping MAC address entries takes a long time, MAC address flapping may occur again and the Error-Down time may be increased. To ensure that the system performs MAC address flapping detection in a timely manner, adjust the aging time of flapping MAC addresses correctly.

When a loop on a network causes MAC address flapping and the network does not support loop prevention protocols, to eliminate the loop, configure an action to take after MAC address flapping occurs on the corresponding interface.

On VXLAN networks, MAC address flapping detection can be performed based on Layer 2 sub-interfaces. The device shuts down a Layer 2 sub-interface when detecting MAC address flapping on the sub-interface. Only one Layer 2 subinterface can be shut down within a MAC entry aging interval.

NOTE:
  • To prevent uplink traffic interruption, you are not advised to configure the action performed when MAC address flapping is detected on upstream interfaces.
  • MAC address flapping detection can only detect loops on interfaces, but cannot obtain the entire network topology. If the user network connected to the switch supports loop prevention protocols, use the loop prevention protocols instead of MAC address flapping detection.
  • When MAC address flapping occurs in a VLAN or BD and the loop is not eliminated, if the interface is added to or removed from an Eth-Trunk, the values of Original-Port and Move-Ports in MAC address flapping records remain unchanged. After the loop is eliminated, delete MAC address flapping entries and perform detection again. This prevents the incorrect source and flapped interfaces from being detected, loop location, and punishment action (Error-Down state or storm control) from being delivered to the incorrect flapped interface.

  • The MAC address flapping detection function can only detect a single ring. When there are multiple rings, the MAC address flapping detection function detects only the first ring. That is, if two or more rings exist in a VLAN, the system reports only alarms about interfaces in the first ring, regardless of whether the port status in the first ring is Up or Down.
  • The MAC address flapping detection function can only detect the first ring in a VLAN within the configurable aging time (5 minutes by default). For example, MAC address flapping between PortA and PortB. After PortA or Port B goes Down and MAC address flapping between PortC and PortD within the same aging time, the flapped interfaces in the alarm are still PortA and PortB.
  • By default, MAC address triggered ARP entry update is enabled. If MAC address flapping occurs for more than 10 times, MAC address triggered ARP entry update is disabled. After MAC address flapping is eliminated, MAC address triggered ARP entry update is enabled automatically.

  • On models excluding the CE6880EI, when MAC address flapping occurs on an interface, the system suppresses packets. In this case, the forwarding rate of the outbound interface is 1% of the bandwidth of the inbound interface by default. Packets are not suppressed in the following two situations:
    • The interface is configured with storm control and storm suppression.
    • Multicast is enabled globally.
    • If the MAC address flaps to the peer-link, traffic suppression associated with MAC address flapping does not take effect on the peer-link.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run mac-address flapping detection [ security-level { low | middle | high } ]

    Global MAC address flapping detection is configured.

    By default, global MAC address flapping detection is enabled. The detection security level is middle, that is after MAC addresses change for 10 times, the system considers that MAC address flapping occurs.

  3. (Optional) Run mac-address flapping detection exclude vlan { vlan-id1 [ to vlan-id2 ] } &<1-10>

    The whitelist of VLANs in MAC address flapping detection is configured.

    By default, the whitelist of VLANs in MAC address flapping detection is not configured.

  4. (Optional) Run mac-address flapping detection exclude mac-address mac-address-mask

    The whitelist of MAC in MAC address flapping detection is configured.

    By default, no MAC address is added to the MAC flapping detection whitelist.

  5. (Optional) Run mac-address flapping aging-time aging-time

    The aging time of flapping MAC addresses is set.

    By default, the aging time of flapping MAC addresses is 5 minutes.

  6. (Optional) Configure the interval for reporting traps periodically when MAC address flapping is detected.
    1. Run mac-address flapping periodical trap enable

      The device is enabled to report a trap periodically when detecting MAC address flapping.

      By default, the device is disabled from reporting a trap periodically when detecting MAC address flapping.

    2. Run mac-address flapping periodical trap interval interval

      The interval for reporting traps periodically is configured when MAC address flapping is detected.

      By default, the device reports traps periodically at an interval of 2 minutes when detecting MAC address flapping.

      NOTE:

      This command can be configured for all interfaces and is only valid for the flapped interface.

  7. (Optional) Configure the action performed on the interface when MAC address flapping is detected on the interface.
    1. Run interface interface-type interface-number

      The interface view is displayed.

      Or run interface interface-type interface-number.subnum mode l2

      The Layer 2 sub-interface view is displayed.

    2. Run mac-address flapping trigger error-down

      The interface is configured to enter the Error-Down state after MAC address flapping occurs.

      By default, an interface is not configured to enter the Error-Down state after MAC address flapping occurs.

  8. Run commit

    The configuration is committed.

Verifying the Configuration

Run the display mac-address flapping command to check the MAC address flapping detection configuration.

Follow-up Procedure

When the action is set to error-down, if MAC address flapping occurs, the interface enters the Error-Down state and the device sends an alarm to the NMS. The device records the status of an interface as Error-Down when it detects that a fault occurs. The interface in Error-Down state cannot receive or send packets and the interface indicator is off. You can run the display error-down recovery command to check information about all interfaces in Error-Down state on the device.

When the interface is in Error-Down state, check the cause. You can use the following modes to restore the interface status:
  • Manual (after the interface enters the Error-Down state)

    When there are few interfaces in Error-Down state, you can run the shutdown and undo shutdown commands in the interface view or run the restart command to restore the interface.

  • Auto (before the interface enters the Error-Down state)

    If there are many interfaces in Error-Down state, the manual mode brings in heavy workload and the configuration of some interfaces may be ignored. To prevent this problem, run the error-down auto-recovery cause mac-address-flapping interval interval-value command in the system view to enable an interface in error-down state to go Up and set a recovery delay. You can run the display error-down recovery command to view automatic recovery information about the interface.

    NOTE:

    This mode is invalid for the interface that has entered the Error-Down state, and is only valid for the interface that enters the Error-Down state after the error-down auto-recovery cause mac-address-flapping interval interval-value command is used.

Translation
Download
Updated: 2019-05-08

Document ID: EDOC1100004351

Views: 93459

Downloads: 276

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next