Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Creating an Exclusion List for MAC Pinning

SUMMARY Use an exclusion list to exclude MAC addresses from being pinned in an EVPN network.

MAC pinning allows you to control the movement of MAC addresses and prevents the creation of network loops by pinning a virtual machine’s MAC address to an interface. When you enable MAC pinning on an interface in an EVPN network, the MAC addresses that are learned on the interface are identified as pinned MAC addresses on that interface and in the MAC advertisement message. This prevents virtual machines (MAC addresses) from being moved to another interface in the EVPN network. However, in some cases, you might not want to pin all the MAC addresses for an interface; instead, you might want to exclude a few MAC addresses. For example, the Virtual Router Redundancy Protocol (VRRP) provides redundancy with the primary and backup router sharing a virtual MAC address. The network needs to know when the VRRP virtual MAC address has moved from the primary VRRP router to the backup VRRP router, so in this case, you would want to exclude the VRRP virtual MAC address from being pinned.

While MAC pinning is enabled separately on individual interfaces, the exclusion list is configured globally on the device. When you configure an exclusion list, the l2ald process verifies the newly learned addresses on the interface against the MAC addresses on the exclusion list. Addresses that are not on the exclusion list are identified as pinned MAC addresses. Addresses that are in the exclusion list are identified as dynamically learned MAC addresses. When the device sends the MAC IP advertisement route message to other devices, the pinned MAC addresses will be identified with the static flag in the extended community set to 1.

When you add a MAC address to the exclusion list that was previously identified as a pinned address, the l2ald process removes the pinned MAC address from the MAC address tables, adds it back in as a dynamic nonpinned MAC address, and sends an updated MAC route advertisement messages to the other devices. A similar process happens when you remove a MAC address from the exclusion list.

To configure an exclusion list, include a list of MAC addresses with the exclusive-mac parameter at the [edit protocols l2-learning global-mac-move] hierarchy level.

For example, if you want to set an exclusion list for MAC addresses 00:00:5E:00:01:01 and 00:00:5E:00:01:20, you include the following configuration. The output for show bridge mac-table displays the following

To remove a MAC address from the exclusion list, use the delete configuration mode command at the [edit protocols l2-learning global-mac-move] hierarchy. For example, delete protocols l2-learning global-mac-move exclusive-mac 00:00:5E:00:01:01.

The following show bridge mac-table output shows how MAC addresses are learned by other PE devices and identifies the excluded MAC addresses and pinned MAC addresses.

The following features supports exclusion lists for EVPN MAC pinning:

  • EVPN-MPLS, EVPN-VXLAN, EVPN, ELAN, and EVPN E-tree.

  • EVPN routing instances and virtual-switch routing instances.

  • All-active and single-active EVPN routing instances.

  • MAC mobility extended community support for EVPN Type 5 routes.

  • Static MAC addresses.

  • MC-LAG.

Benefits of Using an Exclusion List for MAC pinning

Exclusion lists allows you to have more flexibility and more control in configuring devices and interfaces on your network.

Related Documentation