Configuring MAC Address Flapping Detection
Context
MAC address flapping detection detects all MAC addresses on the device. If MAC address flapping occurs, the device sends an alarm to the NMS. MAC address flapping occurs when a MAC address is learned by two or three interfaces in the same VLAN and the MAC address entry learned later overrides the earlier one. Generally, the interface that first learns the MAC address is the correct outbound interface, which is called the original interface. The interface that learns the MAC address later is called the flapped interface. The flapped interface is often the interface where a loop occurs or an interface on the downstream network where a loop occurs. The flapped interface needs to be shut down or configured with storm control.
By default, the system performs MAC address flapping detection in all VLANs. In a data center virtualization scenario (virtual terminal migration), MAC address flapping may occur. This is a normal situation where MAC address flapping detection is not required. You can configure the whitelist of VLANs in MAC address flapping detection to prevent MAC address flapping detection from being performed in a specified VLAN.
If modifying the aging time of flapping MAC address entries takes a long time, MAC address flapping may occur again and the Error-Down time may be increased. To ensure that the system performs MAC address flapping detection in a timely manner, adjust the aging time of flapping MAC addresses correctly.
When a loop on a network causes MAC address flapping and the network does not support loop prevention protocols, to eliminate the loop, configure an action to take after MAC address flapping occurs on the corresponding interface.
On VXLAN networks, MAC address flapping detection can be performed based on Layer 2 sub-interfaces. The device shuts down a Layer 2 sub-interface when detecting MAC address flapping on the sub-interface. Only one Layer 2 subinterface can be shut down within a MAC entry aging interval.
- To prevent uplink traffic interruption, do not configure the action performed when MAC address flapping is detected on upstream interfaces.
- MAC address flapping detection can only detect loops on interfaces, but cannot obtain the entire network topology. If the user network connected to the switch supports loop prevention protocols, use the loop prevention protocols instead of MAC address flapping detection.
When MAC address flapping occurs in a VLAN or BD and the loop is not eliminated, if the interface is added to or removed from an Eth-Trunk, the values of Original-Port and Move-Ports in MAC address flapping records remain unchanged. After the loop is eliminated, delete MAC address flapping entries and perform detection again. This prevents the incorrect source and flapped interfaces from being detected, loop location, and punishment action (Error-Down state or storm control) from being delivered to the incorrect flapped interface.
- The MAC address flapping detection function can only detect a single ring. When there are multiple rings, the MAC address flapping detection function detects only the first ring. That is, if two or more rings exist in a VLAN, the system reports only alarms about interfaces in the first ring, regardless of whether the port status in the first ring is Up or Down.
- The MAC address flapping detection function can only detect the first ring in a VLAN within the configurable aging time (5 minutes by default). For example, MAC address flapping between PortA and PortB. After PortA or Port B goes Down and MAC address flapping between PortC and PortD within the same aging time, the flapped interfaces in the alarm are still PortA and PortB.
By default, MAC address triggered ARP entry update is enabled. If MAC address flapping occurs for more than 10 times, MAC address triggered ARP entry update is disabled. After MAC address flapping is eliminated, MAC address triggered ARP entry update is enabled automatically.
- On models excluding the CE12800E that has the ED-E/EG-E/EGA-E series cards installed, when MAC address flapping occurs on an interface, the system suppresses packets. In this case, the forwarding rate of the outbound interface is 1% of the bandwidth of the inbound interface by default. Packets are not suppressed in the following two situations:
- The interface is configured with storm control and storm suppression.
- Multicast is enabled globally.
- If the MAC address flaps to the peer-link, traffic suppression associated with MAC address flapping does not take effect on the peer-link.
Procedure
- Run system-view
The system view is displayed.
- Run mac-address flapping detection [ security-level { low | middle | high } ]
Global MAC address flapping detection is configured.
By default, global MAC address flapping detection is enabled. The detection security level is middle, that is after MAC addresses change for 10 times, the system considers that MAC address flapping occurs.
- (Optional) Run mac-address flapping detection exclude vlan { vlan-id1 [ to vlan-id2 ] } &<1-10>
The whitelist of VLANs in MAC address flapping detection is configured.
By default, the whitelist of VLANs in MAC address flapping detection is not configured.
- (Optional) Run mac-address flapping detection exclude mac-address mac-address-mask
The whitelist of MAC in MAC address flapping detection is configured.
By default, no MAC address is added to the MAC flapping detection whitelist.
- (Optional) Run mac-address flapping aging-time aging-time
The aging time of flapping MAC addresses is set.
By default, the aging time of flapping MAC addresses is 5 minutes.
- (Optional) Configure the interval for reporting traps periodically when MAC address flapping is detected.
- Run mac-address flapping periodical trap interval interval
The interval for reporting traps periodically is configured when MAC address flapping is detected.
By default, the device reports traps periodically at an interval of 2 minutes when detecting MAC address flapping.
This command can be configured for all interfaces and is only valid for the flapped interface.
- Run mac-address flapping periodical trap interval interval
- (Optional) Configure the action performed on the interface when MAC address flapping is detected on the interface.
- Run commit
The configuration is committed.
Verifying the Configuration
Run the display mac-address flapping command to check the MAC address flapping detection configuration.
Follow-up Procedure
When the action is set to error-down, if MAC address flapping occurs, the interface enters the Error-Down state and the device sends an alarm to the NMS. The device records the status of an interface as Error-Down when it detects that a fault occurs. The interface in Error-Down state cannot receive or send packets and the interface indicator is off. You can run the display error-down recovery command to check information about all interfaces in Error-Down state on the device.
Manual (after the interface enters the Error-Down state)
When there are few interfaces in Error-Down state, you can run the shutdown and undo shutdown commands in the interface view or run the restart command to restore the interface.
Auto (before the interface enters the Error-Down state)
If there are many interfaces in Error-Down state, the manual mode brings in heavy workload and the configuration of some interfaces may be ignored. To prevent this problem, run the error-down auto-recovery cause mac-address-flapping interval interval-value command in the system view to enable an interface in error-down state to go Up and set a recovery delay. You can run the display error-down recovery command to view automatic recovery information about the interface.
This mode is invalid for the interface that has entered the Error-Down state, and is only valid for the interface that enters the Error-Down state after the error-down auto-recovery cause mac-address-flapping interval interval-value command is used.