Customer reported that he registers mac-flapping logs on AR router between two ports that are being connected to stack switch and on VLAN 1. Topology as below:
Log were observed in logbuffer for mac-flapping and also observing display mac-address output, the mac-address aaaa-aaaa-aaaa was changing from one port to the other.
1. Check what exactly represents the only MAC-address that flaps between ports. I observed that it represents the stack system MAC.
<HUAWEI> display stack
Stack topology type : Link
Stack system MAC: aaaa-aaaa-aaaa
MAC switch delay time: 2 min
Stack reserved vlan: 4093
2. We needed to understand why stack system MAC is sent on both stack ports where RSTP was running properly and g0/0/1 from S5700-1 was in discarding state. We have captured packets on discarding port to check if there were really packets sent from the discarding port which was causing the flapping.
3. We observed that discarding port was sending packets with Source-MAC, the stack sytem MAC (aaaa-aaaa-aaaa) which was clearly causing the issue because naturally the other port connected to the router sends packets with same source-mac as it was in forwarding.
4. Packets collected which were damaging the network, were LLDP packets :). We've done some research and observed even though the switch had its port in discarding phase, there are still sent frames of inter-switch signaling protocols such as LLDP or LACP. In our case, LLDP was enabled on the discarding port which was sending LLDP frames with Source MAC as the stack system MAC which was causing mac-flapping on router.
There were three solutions for solving this case at first moment.
1. Confiure Eth-trunks between AR router and stack switch. It would have consider as single link toward switch and no mac-flapping would happen. But on our case, we couldn't propose this to customer. AR161 doesn't support LACP.
2. Remove all traffic from VLAN 1. By having PVID on VLAN 1, LLDP packets are sent without vlan-tag, AR would receive it and tag it with PVID vlan 1. But this was not possible because he had all Management traffic on VLAN 1 ! Highly not recommended !
3. Disable LLDP on discarding port using undo lldp enable. It was accepted solution in our case and LLDP packets were no longer sent and no more mac-flapping.