In one mobile IP bear dual-plane network, NE40E01 and NE40E02 connect to MSC and MGW.One gigabit Ethernet was added to one VLAN. When capturing packets in this port by Ethereal software, there were some unicast packets forward to this port which affected performance of the network.
So this problem is caused by different paths of uplink and downlink in IP BB network. The blue path traffic needs layer 2 forwarding through NE40E01, but the MAC address can only be learned by NE40E02 ARP detection packet in the blue path direction. When NE40E01 MAC is aged after 6 minutes, NE40E02 APR is still not aged, so NE40E01 can not learn Softswitch01 MAC address, then NE40E01 will forward unicast by broadcasting unicast packets to each port of the same VLAN.
1. Change NE40E01 MAC aging time, making it more than ARP aging time of 20 minutes. Then before NE40E01 MAC address ages, ARP is aged, then NE40E02 send ARP detection packets, updating NE40E01 MAC address aging time. 1800s is suggested for NE40E MAC aging-time.
2. Configure Static MAC for SoftSwitch in NE40E01 and NE40E02.
Refer to attachment figure.
VRRP is run on NE40E01 and NE40E02 and for Softswitch01, NE40E01 is the master gateway and NE40E02 the slave gateway. To avoid loops between Switch01, NE40E01 and NE40E02, MSTP is enabled. The link between Switch01 and NE40E02 is blocked. In IP Core NE80E01, there is load balancing for routing to SoftSwitch01.
NE40E/80E use load balancing per traffic mode by default, so there is one situation as in Figure 2, where uplink traffic of SoftSwtich1 is forwarded through the red line path, but downlink traffic from IP core to Softeswtich1 is forward through the blue path:
In this situation, if NE40E01 does not learn the Softswitch1 MAC address, the downlink unicast traffic will be forwarded by broadcast as unknown unicast packets.
For uplink traffic of SoftSwitch1 (Figure 2 red path), NE40E01 is the gateway and the traffic will be forwarded by layer 3 to NE40E01 (just need the ARP table, not layer 2, so no need for MAC table); The downlink traffic through the blue path will be forwarded by layer 3 in NE40E02, then switch to NE40E01, after that switch to Switch01, this traffic is layer 2 traffic in NE40E01. So NE40E01 needs to check the MAC table to forward this layer 2 traffic. If NE40E01 can not find SoftSwitch01 MAC in the MAC table, it will broadcast to each port of the same VLAN.
The red path traffic can not cause MAC learning because it is directly forwarded by the ARP table, but blue traffic reaching NE40E02 will cause ARP to Softswitch1. NE40E01 can learn softswtich MAC address through NE40E02 ARP packets. So traffic can be forwarded correctly in NE40E01 by unicast. But after MAC address ageing (NE40E/80E MAC aging time is 6 minutes by default), there is no Softswitch1 MAC in NE40E01. This packet can be just forwarded by broadcast.