Identifying and Eliminating Layer 2 Loops
Introduction
To improve reliability of an Ethernet switching network, device redundancy and link redundancy are commonly used. However, due to many factors such as networking adjustment, configuration modification, and upgrade/migration, loops may still occur. In a broadcast domain, if Layer 2 devices forward broadcast frames repeatedly, a broadcast storm will occur, and the MAC address table becomes unstable, affecting services, degrading communication quality, or even interrupting services.
The following describes how to identify and eliminate Layer 2 loops.
Identifying Loops
You can identify loops as follows:
- Check whether a broadcast storm occurs on an interface.
<HUAWEI> display interface brief | include up PHY: Physical *down: administratively down ^down: standby (l): loopback (s): spoofing (b): BFD down (e): ETHOAM down (d): Dampening Suppressed (p): port alarm down (dl): DLDP down InUti/OutUti: input utility rate/output utility rate Interface PHY Protocol InUti OutUti inErrors outErrors 10GE2/0/3 up up 70% 70% 0 0 10GE2/0/5 up up 70% 70% 0 0 MEth0/0/0 up up 0.01% 0.01% 0 0 NULL0 up up(s) 0% 0% 0 0
Compare bandwidth usage of interface traffic with that of normal services. If bandwidth usage of interface traffic is much higher than that of normal services, a loop may occur.
If a broadcast storm occurs on only one interface, a self-loop may occur or a loop may occur on the downstream device.
If a broadcast storm occurs on two interfaces, a loop may occur between interfaces or on a ring network.
If a broadcast storm occurs on more than two interfaces, multiple types of loops may occur.
- Check whether MAC address flapping occurs.
Query logs to check MAC address flapping records on the interface.
Check the log.log file or run the display logbuffer command. The following information indicates that there are MAC address flapping records and a loop may occur on the corresponding interface.Sep 15 2013 15:23:58 A8_CE12808_1 %%01FEI/4/hwMflpVlanLoopAlarm_active(l):CID=0x807f047e-alarmID=0x095e0012;MAC flapping detected, VlanId = 310, MacAddress = 0016-3e00-0464, Original-Port = Eth-Trunk49, Flapping port = Eth-Trunk33,-. Please check the network to which the interface learning a flapping MAC address is connected.
Run the display mac-address flapping command in any view to query MAC address flapping records on the interface.
In the command output, MoveNum indicates the MAC address flapping count in a specified time range. If the value of MoveNum is large, many MAC address flappings occur. In this case, a loop probably occurs. Rectify the fault on the interface.
Check whether the protocol status is unstable.
When a loop occurs, packets of some protocols such as OSPF may be lost or looped back to the local device, or there are multiple copies of replicated packets. As a result, the protocol status may become unstable. If there are many logs similar to the following, a loop may occur:Sep 16 2013 10:55:56 A8_CE12808_1 %%01OSPF/6/NBR_CHANGE(l):CID=0x808304c7;Neighbor changes event: neighbor status changed. (ProcessId=1, NbrIpAddr=10.192.0.46, NbrEvent=1-Way, NbrPreviousState=ExStart, NbrCurrentState=Init) Sep 16 2013 10:55:56 A8_CE12808_1 %%01OSPF/6/NBR_CHANGE(l):CID=0x808204c3;Neighbor changes event: neighbor status changed. (ProcessId=1, NbrIpAddr=10.192.0.46, NbrEvent=2WayReceived, NbrPreviousState=Init, NbrCurrentState=ExStart)
Check whether protocol packets such as ARP packets sent to the CPU are suppressed or discarded.
When many packets are sent to the CPU due to a loopback, the packets may be suppressed. You can run the display cpu-defend statistics packet-type arp all command to query packet statistics. If a large number of packets are discarded, a loop may occur.<HUAWEI> display cpu-defend statistics packet-type arp all Statistics(packets) on slot 2 : -------------------------------------------------------------------------------- PacketType Total Passed Total Dropped Last Dropping Time Last 5 Min Passed Last 5 Min Dropped -------------------------------------------------------------------------------- arp 34515 14346678 - 34515 1678 --------------------------------------------------------------------------------Use loopback detection (LBDT) to detect loops.
Enable LBDT on the corresponding interface and in a VLAN. The device periodically sends LBDT packets. When the local interface receives the sent LBDT packets, a loop occurs. After configuring LBDT on an interface and in a VLAN, run the display loopback-detect command to check the loop status.
Eliminating Loops
Loops seriously affect the network performance and even cause service exceptions, so loops need to be eliminated immediately. You can use the following measures to eliminate loops:
- Physical connection errors may cause loops. Onsite engineers need to check network connections and remove redundant network cables or optical fibers. During fault locating on the live network, you can shut down an interface to disconnect a link.
After an interface is shut down, services may be interrupted. Therefore, exercise caution when shutting down an interface.
It is difficult to eliminate loops physically on the live network. Instead, in most situations, configurations need to be performed to eliminate loops. For example, you can shut down an interface or remove an interface from the VLAN where loops occur.
In addition, when ring network protocols such as Spanning Tree Protocol (STP) and Smart Link are abnormal, loops may occur. You need to rectify faults of the features that cause loops. Collect the results of the preceding troubleshooting procedure, configuration files, logs, and alarms of the device, and contact technical support personnel.
Related Information
For more information about Layer 2 loops and solutions, see the following document: