MAC Moves Loop Prevention in VPLS Network Overview
Starting in Junos OS 14.2, you can configure the router to prevent a loop in a VPLS network. In a virtual private LAN service (VPLS) deployment, when a previously learned media access control (MAC) address appears on a different physical interface, for example, local interfaces (Gigabit Ethernet interfaces) or label switched Interfaces (LSIs), or within a different unit of the same physical interface and if this behavior occurs frequently, then it is considered a MAC move.
You can configure the router to report a MAC address move based on the following parameters:
Number of times a MAC address move occurs
Specified period of time over which the MAC address move occurs
Configuration errors at the network can force traffic into never ending circular paths or loops. These loops in the VPLS network cause frequent MAC moves between different interfaces which can be used to rectify the problem by disabling such an interface in the network. The following two approaches can be used to disable the interface causing the loop:
Base learning interface (base IFL) approach algorithm- This is the primary approach used to disable the looped interface. Base interface information is maintained for every MAC in the routing instance. If the MAC stays at the interface it was first learned for 300 seconds, then the interface-MAC association is considered to be stable and this interface is considered as the base interface of the MAC. If the MAC move happens frequently between the local interface and the LSI interface while the base interface of the MAC is an LSI, then the local interface is considered to be looped and has to be disabled.
Statistical approach algorithm– This is the secondary approach used to disable the looped interface. If the MAC has not been learned for over 300 seconds at an interface, then it does not have a base interface and hence the statistical approach is used.
If the MAC that has no base interface information( Base Learning interface is null) starts moving, then the statistics of such MAC moves between different interfaces is learned. If the statistics show MAC moves from LSI to local interface or from local interface to local interface, then the local interface is considered to be looped and is disabled.
There are certain MACs that can move between different interfaces, for example, mastership change in the Virtual Router Redundancy Protocol (VRRP). The base interface of such MAC moves cannot be maintained as this leads to the assumption of a loop creation. Hence, such MACs should be configured as virtual MACs. Example of virtual MACs are 00:00:5e:00:01:xx for VRRP, 00:00:0c:07:ac:xx for hot standby router protocol (HSRP) , 00:07:b4:00:01:xx for global server load balancing (GSLB), and 02:bf:xx:xx:xx:xx for VMotion.
Starting with Junos OS Release 17.4R1, the global-mac-move statement replaces the vpls-mac-move statement. The following timers under the global-mac-move statement help in monitoring the disabled interfaces:
Cooloff time — The cooloff time starts when the interface gets disabled. During this time any MAC move happening in the routing instance is ignored. This ensures that only one interface is blocked at a given time on a routing instance, and blocking of another interface happens only after the expiration of the cooloff timer provided the given MAC moves are still observed. By default, the cooloff time is 30 seconds.
Interface recovery time — When an interface gets disabled , it is disabled permanently. Configuring the interface recovery time ensures that the interface gets enabled on completion of the interface recovery time duration. We recommend that you configure an interface recovery time of more than 300 seconds.
Statistical approach wait time — The time when the statistics are collected after MAC moves are observed to determine the existence of a loop when there is no base IFL for the MAC address. . By default, the statistical approach wait timer is 30 seconds.
Before the base learning interface of a MAC address is established, the statistical approach algorithm is used in MAC move loop prevention. When a statistical approach algorithm is used, the offending MAC address is shown with a MAC address of 00:00:00:00:00:00. Until the base learning interface of MAC addresses are established, this may cause interfaces with routing loops to be misidentified.