Determining Layer 2 Loops
When network services become unavailable, the indicator flashes regularly, and there is a pause during login, Layer 2 loops may occur on the network.
You can use the following methods to check whether there are Layer 2 loops.
Method 1: Check the interface traffic to detect broadcast storms.
Run the following command on the device: display interface brief | include up
Check the number of interfaces that transmits abnormal traffic and traffic direction to determine the position and causes of a loop.
Note: You can check only the current traffic. In this case, compare the current traffic volume with the normal service traffic volume. If the current traffic volume is much larger than the normal service traffic volume, Layer 2 loops may occur. If the current traffic volume is slightly larger than the normal service traffic volume or broadcast suppression is configured, you need to use other methods to determine whether Layer 2 loops occure.
Method 2: Check whether MAC address flapping occurs continuously.
Before checking MAC address flapping, check whether MAC address flapping prevention is configured. If MAC address flapping prevention is configured, disable this function or use other methods to determine whether Layer 2 loops occur.
1.Run the display trapbuffer command to check the alarm about MAC address flapping (alarm OID: 1.3.6.1.4.1.2011.5.25.160.3.7). 2.Run the mac-address flapping detection command to enable global MAC address flapping detection and run the display mac-address flapping record command to check the MAC address flapping record.
Check the interface where MAC address flapping occurs to determine the position and causes of a loop.
Note: Layer 2 loops can be determined only when MAC address flapping occurs continuously. If there are few MAC address flapping records, it is a normal situation.
Method 3: Configure loopback detection to detect loops.
Run the loopback-detect enable command to enable loopback detection on all interfaces; run the loopback-detect packet vlan vlan-id command to enable loopback detection in a specified VLAN and run the loopback-detect action action-type command to configure an action taken on an interface where a loop is detected (the loopback-detect packet vlan vlan-id and loopback-detect action action-type commands need to be configured on the interfaces where loops need to be detected); Run the display loopback-detect command to check loopback detection information.
Check the interface status to determine the position and causes of a loop.
Note: Loopback detection requires that the device should send a large number of detection packets to detect loops, which occupies system resources. Therefore, disable loopback detection if loops do not need to be detected.
Eliminating Layer 2 Loops
When there are Layer 2 loops, broadcast storms seriously affect services, and services need to be restored quickly, use the loop prevention method.
Step 1: Determine the Layer 2 network topology. The complete topology information is the prerequisite for resolving loop problems.
Step 2: Use the methods that affect services to the minimum degree.
1. Remove the interface from the VLAN where a loop occurs.
2. Shut down the interface where a loop occurs.
3. Remove the network cable or fiber where a loop occurs.
Step 3: Check whether loops are eliminated and services are restored.
Manual loop prevention can resolve loop problems, but the original network topology may be changed and original functions such as link backup and load balancing may be affected.
You can perform Layer 2 network optimization.
Scenario 1: Deploy a loop prevention protocol.
If loops are caused by physical loops and no loop prevention protocol is configured, deploy a common loop prevention protocol based on the network plan. Loop prevention protocols include STP/RSTP/MSTP, RRPP, SEP, VBST, and ERPS.
Scenario 2: Improve the quality and reliability of the physical link.
When the physical link is unreliable, packets of a loop prevention protocol are congested and lost. As a result, a temporary loop occurs. In this case, check the physical link and replace the network cable or fiber. If protocol packets are discarded due to insufficient bandwidth, increase the bandwidth or use the aggregated link to improve the link reliability.
