Comware

 View Only

  • 1.  Loop protection

    Posted Aug 07, 2017 01:48 PM

    Hi,

    i have an entire L2 network based on HP/HPE switches (most of them are comware based). I never needed to enable STP because i preferred use of LAGs between access switches and core. I faced a noisy issue last days when someone (worker or cleaner) plugged the same patch into 2 wall plates. This caused a flood storm toward core switches and i had to isolate a floor before to detect this issue. I'm wondering if there's a way to automatically prevent this kind of incident (bpdu guard or other kind of loop protection). Thanks a lot!

     



  • 2.  RE: Loop protection

    Posted Aug 08, 2017 04:05 AM

    Hello

    To prevent loops from being created at the edge of your network.
    Perform the below on the switch:

    1. system-view
    2. loopback-detection enable
    3. loopback-detection multi-port-mode enable

    4. interface interface-type interface-number
    5. loopback-detection enable
    6. loopback-detection control enable
    7. loopback-detection per-vlan enable
    8. loopback-detection action { no-learning | semi-block |
    shutdown } Optional.

    By default, a looped interface drops the incoming packets and correctly sends packets; the system generates traps and log messages, and deletes all MAC address entries of the looped interface. With the shutdown keyword specified, the switch shuts down the looped ports and set their physical state to Loop down. When a looped port recovers, you must use the undo shutdown command to restore its forwarding capability.

     



  • 3.  RE: Loop protection

    Posted Aug 08, 2017 04:27 AM

    Hello,

    thanks for your reply. Do you suggest to enable only for access ports? For uplink trunks i'd like to avoid because they're in LACP toward core switches.

    Thanks,

     



  • 4.  RE: Loop protection

    Posted Aug 08, 2017 04:42 AM

    Yes, Only enabling loopdetection on access ports is enough. I don't like it either that it disables my uplink ports.

    Kind regards

     



  • 5.  RE: Loop protection

    Posted Aug 08, 2017 05:51 AM

    1. system-view
    2. loopback-detection enable
    3. loopback-detection multi-port-mode enable

    these commands enable as system global? they affect on uplinks too or not?



  • 6.  RE: Loop protection

    Posted Aug 08, 2017 05:56 AM

    You need to configure it globally first to enable it.

    If you don't configure loopdetection on port level  for your uplinks you will be fine.

     



  • 7.  RE: Loop protection

    Posted Aug 08, 2017 05:58 AM

    Great! Thanks again



  • 8.  RE: Loop protection

    Posted Aug 08, 2017 07:34 AM

    See the mmr_sf-EN_US000005234 HPE Knowledge Article (title: HPE Networking Switches - How to Guard Against Edge Loops), just as a reference.

    The @Anonymous statement "I never needed to enable STP because i preferred use of LAGs between access switches and core" is a little bit unclear: enabling STP (or RSTP) feature on network swithces is not mutually exclusive (like saying either (R)STP or LAGs) with the presence of LAGs between Core and Edge switches...



Related Content