Changing Duplicate MAC Address Detection Settings
When a host is physically moved or when a host is reconfigured on a different Ethernet segment, the PE device sends an updated MAC advertisement route to other PE devices to update their route table. If there is a misconfiguration in the network, MAC advertisement messages oscillate between the different routes causing MAC address flapping. This makes the network more vulnerable and wastes network resources. By default, Junos OS detects and suppresses duplicate MAC addresses. Optionally, you can also configure the length of time that the duplicate MAC address is suppressed. When the PE device encounters duplicate MAC addresses, Junos OS generates a syslog message.
To change the duplicate MAC address detection settings , include the duplicate-mac-detection statement at either the [edit routing-instances routing-instance-name protocols] hierarchy level or the[edit logical-systems logical-system-name routing-instances routing-instance-name protocols] hierarchy level:
You can modify the following options under the duplicate-mac-detection statement:
detection-window—The time interval used in detecting a duplicate MAC address. The value can be from 5 through 600 seconds. The default is 180 seconds
detection-threshold—The number of MAC mobility events that are detected for a given MAC address within the detection-window before it is identified as a duplicate MAC address. Once the detection threshold is reached, updates for the MAC address are suppressed. The value can be from 2 through 20. The default is 5.
auto-recovery-time—(Optional) The length of time a device suppresses a duplicate MAC address. At the end of this duration, MAC address updates will resume. The value can be from 5 through 360 minutes. If a value is not specified, then the MAC address continues to be suppressed.
To ensure that the mobility advertisements have sufficient time to age out, set an auto-recovery-time greater than the detection-window.
To manually clear the suppression of duplicate MAC addresses, use the clear evpn duplicate-mac-suppression command.
To view MAC duplicate addresses in the EVPN MAC database, use the show evpn database command. The following example displays a sample output. The output fields related to duplicate MAC detections are State, Mobility history, and MAC advertisement route status:
user@PE1> show evpn database mac-address 00:00:00:00:00:02 extensive
Instance: ALPHA VLAN ID: 100, MAC address: 00:00:00:00:00:02 State: 0x1 <Duplicate-Detected> Mobility history Mobility event time Type Source Seq num Aug 03 17:22:28.585619 Local ge-0/0/2.0 31 Aug 03 17:22:30.307198 Remote 10.255.0.3 32 Aug 03 17:22:37.611786 Local ge-0/0/2.0 33 Aug 03 17:22:39.289357 Remote 10.255.0.3 34 Aug 03 17:22:45.609449 Local ge-0/0/2.0 35 Source: ge-0/0/2.0, Rank: 1, Status: Active Mobility sequence number: 35 (minimum origin address 10.255.0.2) Timestamp: Aug 03 17:22:44 (0x5983be54) State: <Local-MAC-Only Local-To-Remote-Adv-Allowed> MAC advertisement route status: Not created (duplicate MAC suppression) IP address: 10.0.0.2 Source: 10.255.0.3, Rank: 2, Status: Inactive MAC label: 300176 Mobility sequence number: 34 (minimum origin address 10.255.0.3) Timestamp: Aug 03 17:22:39 (0x5983be4f) State: <> MAC advertisement route status: Not created (inactive source) IP address: 10.0.0.3