Configuring VPLS Loop Prevention Due to MAC Moves
In a virtual private LAN service (VPLS) deployment, when a previously learned media access control (MAC) address appears on a different physical interface, for example, local interfaces (Gigabit Ethernet interfaces) or label switched Interfaces (LSIs), or within a different unit of the same physical interface and if this behavior occurs frequently, then it is considered a MAC move. The router reports a MAC address move based on the number of times a MAC address move occurs and the specified period of time over which the MAC address move occurs. Configuration errors at the VPLS network can lead to loops that cause frequent MAC moves between different interfaces. These moves can be used to rectify the problem by disabling such interface in the network. The following two approaches can be used to disable the interface:
Base learning interface (base IFL) approach algorithm — This is the primary approach used to disable the looped local interface.
Statistical approach algorithm — This is the secondary approach used to disable the looped local interface.
Some virtual MACs can genuinely move between different interfaces and such MACs can be configured to ignore the moves. The cooloff time and the statistical approach wait time are used internally to find out the looped interface. The interface recovery time can be configured to auto-enable the interface that gets disabled due to a loop in the network.
Before you begin to configure loop prevention in a VPLS network:
Configure the VPLS topology.
Configure the VPLS routing instances.
Enable VPLS MAC move action on a VPLS instance.
Configure the routing and signaling protocols.
The following uses the global-mac-move command, which replaced the vpls-mac-move command starting with Junos OS Release 17.4R1.
To configure loop prevention in a VPLS network:
- Configure the threshold time and the threshold count to
detect MAC moves.[edit protocols l2-learning global-mac-move]user@host# set threshold-time secondsuser@host# set threshold-count seconds
For example, configure the threshold time as 30 and the threshold count as 4 to detect MAC moves.[edit protocols l2-learning global-mac-move]user@host# set threshold-time 30user@host# set threshold-count 4
If the threshold time and threshold count are not configured, then the default values are used. The default value of threshold time is 1 second, and default value of threshold count is 50.
- (Optional) Configure a cooloff time to ensure that no
other interface gets disabled once an interface, for a routing instance,
is disabled during this time period.[edit protocols l2-learning global-mac-move]user@host# set cooloff-time seconds
- (Optional) Configure the statistical approach wait time
to determine the existence of a loop based on the statistics collected
after MAC moves are observed when there is no base IFL for the MAC
address.[edit protocols l2-learning global-mac-move]user@host# set statistical-approach-wait-time seconds
- (Optional) Configure the interface recovery time to ensure
that the disabled interface gets enabled on completion of the interface
recovery time duration.[edit protocols l2-learning global-mac-move]user@host# set interface-recovery-time seconds
- (Optional) Configure the virtual MAC address to ignore
the MAC moves as this leads to the assumption of loop creation.[edit protocols l2-learning global-mac-move]user@host# set virtual-mac mac-address
- Configure the VPLS routing instance of an interface.[edit routing-instances instance-name]user@host# set instance-type vplsuser@host# set interface interface
- Enable MAC move action on the interface for the VPLS instance,
and configure the VPLS neighbor.[edit routing-instances instance-name]user@host# set protocols vpls enable-mac-move-actionuser@host# set protocols vpls no-tunnel-servicesuser@host# set protocols vpls vpls-id vpls-iduser@host# set protocols vpls neighbor IP-address