Overview
When a loop occurs on a network, broadcast, multicast, and unknown unicast packets are repeatedly transmitted on the network. This wastes network resources and may even cause a network breakdown. To minimize the impact of loops on a Layer 2 network, a detection technology that quickly notifies users of loops is required. When a loop occurs, users are requested to check network connections and configurations, and control the problematic interface.
If LDT packets are received by the same interface, a loopback occurs on the interface or a loop occurs on the network connected to the interface.
If LDT packets are received by another interface on the same device, a loop occurs on the network connected to the interface.
Trap: The device reports a trap to the NMS and records a log, but does not take any action on the interface.
Block: The device blocks this interface, and can forward only BPDUs.
No learning: The interface is disabled from learning MAC addresses.
Shutdown: The device shuts down the interface.
Quitvlan: The interface is removed from the VLAN where a loop occurs.
The problematic interface continues to send LDT packets. If the device receives no LDT packets from the problematic interface within the recovery time, it considers that the loop is eliminated on the interface and restores the interface.
LDT can only detect loops on a single node, but cannot eliminate loops on the entire network in the same manner as ring network technologies of ERPS, RRPP, SEP, Smart Link, and STP/RSTP/MSTP/VBST.
Configuration Notes
This example applies to all versions of the modular switches.
In V200R008C00 and earlier versions, LDT does not take effect in dynamic VLANs
LDT and LBDT cannot be configured simultaneously.
LDT needs to send a large number of LDT packets to detect loops, occupying system resources. Therefore, disable LDT if loops do not need to be detected.
When loops occur in multiple VLANs on many interfaces, LDT performance is lowered due to limitations of security policies and CPU processing capability. The greater the number of involved VLANs and interfaces, the lower the performance. In particular, the performance of the standby chassis in the cluster is lowered. Manually eliminating loops is recommended.
LDT cannot be used with ring network technologies of ERPS, RRPP, SEP, Smart Link, and STP/RSTP/MSTP/VBST. Do not configure ring network technologies on an interface of a LDT-enabled VLAN. If LDT has been enabled globally and ring network technologies need to be configured on an interface, disable LDT on the interface first.
LDT sends only tagged packets and can only detect loops based on VLANs. LDT can detect loops in a maximum of 4094 VLANs.
When a loop occurs on the network-side interface where the Block or Shutdown action is configured, all services on the device are interrupted. Do not deploy LDT on the network-side interface.
The Quitvlan action cannot be used with GVRP, HVRP, or the action of removing an interface from the VLAN where MAC address flapping occurs.
- The blocked ports of LDT cannot block GVRP packets. To ensure that GVRP runs normally and prevent GVRP loops, do not enable GVRP on the blocked port of LDT.
Networking Requirements
In Figure 6-35, a new branch network of an enterprise connects to the aggregation switch Switch, and VLANs 10 to 20 are deployed on the branch network. Loops occur due to incorrect connections or configurations. As a result, communication on the Switch and uplink network is affected.
It is required that the Switch should immediately detect loops on the new branch network to prevent the impact of loops on the Switch and uplink network.
Configuration Roadmap
The configuration roadmap is as follows:
- Enable LDT on GE1/0/1 of the Switch to detect loops in a specified VLAN so that loops on the downstream network can be detected.
- Configure an action after loops are detected so that the Switch can immediately shut down the interface where a loop is detected. This prevents the impact of the loop on the Switch and uplink network.
NOTE:Configure interfaces on other switching devices as trunk or hybrid interfaces and configure these interfaces to allow packets from corresponding VLANs to pass through. This ensures Layer 2 connectivity on the new network and between the new network and the Switch.
Procedure
- Enable global LDT.
<HUAWEI> system-view[HUAWEI] sysname Switch[Switch] loop-detection enable //Enable LDT globally.
- Enable LDT in VLANs.
[Switch] vlan batch 10 to 20[Switch] loop-detection enable vlan 10 to 20 //Enable the device to detect loops on all interfaces in VLANs 10 to 20.
- Set the interval for sending LDT packets.
[Switch] loop-detection interval-time 10 //Set the interval for sending LDT packets to 10s. - Configure an action taken after a loop is detected.
# Enable the trap function for LDT.
[Switch] snmp-agent trap enable feature-name ldttrap //Enable the LDT alarm function so that the device can send LDT traps.# Set the action to Shutdown.
[Switch] interface gigabitethernet 1/0/1[Switch-GigabitEthernet1/0/1] stp disable //Disable STP on the interface.[Switch-GigabitEthernet1/0/1] port hybrid tagged vlan 10 to 20[Switch-GigabitEthernet1/0/1] loop-detection mode port-shutdown ///Configure the Shutdown action to be taken on GE1/0/1 after a loop is detected.[Switch-GigabitEthernet1/0/1] quit
- Verify the configuration.
# After the configuration is complete, run the display loop-detection command to check global LDT information.
[Switch] display loop-detectionLoop Detection is enabled. Detection interval time is 10 seconds.Following VLANs enable loop-detection: VLAN 10 to 20Following ports are blocked for loop: NULLFollowing ports are shutdown for loop: GigabitEthernet1/0/1 Include Vlans: 10Following ports are nolearning for loop: NULL Following ports are trapped for loop: NULL Following ports are quitvlan for loop: NULL
# Check LDT information on GE1/0/1.
[Switch] display loop-detection interface gigabitethernet 1/0/1The port is enabled. The port's status list: Status WorkMode Recovery-time EnabledVLAN -----------------------------------------------------------------------Shutdown Shutdown 255 10 Normal Shutdown 255 11 Normal Shutdown 255 12 Normal Shutdown 255 13 Normal Shutdown 255 14 Normal Shutdown 255 15 Normal Shutdown 255 16 Normal Shutdown 255 17 Normal Shutdown 255 18 Normal Shutdown 255 19 Normal Shutdown 255 20
The command output shows that LDT is enabled in VLANs 10 to 20 and the Shutdown action is taken on GE1/0/1 in VLAN 10, indicating that loops are detected in VLAN 10.
NOTE:After loops are detected in one or more VLANs, the system shuts down the involved interface and loops are removed. In this case, LDT may be unable to detect all VLANs where loops occur.
Configuration Files
Switch configuration file
#
sysname Switch#
vlan batch 10 to 20
#
loop-detection enable
loop-detection interval-time 10
loop-detection enable vlan 10 to 20
#
interface GigabitEthernet1/0/1
port hybrid tagged vlan 10 to 20
stp disable
#
snmp-agent trap enable feature-name LDTTRAP
#
returnSee more please click
