Got it

[Knowledge sharing]Switch reporting many CPCAR alarms for BPDU-tunnel packets

Latest reply: Sep 28, 2018 22:32:03 551 1 1 0

Hello all,

Please check out a new post where you can find a possible cause for receiving many BDPU-tunnel packets.

Fault symptom:

Receiving a lot of CPCAR alarms reported for BPDU-tunnel packets. Even if we increased the allowed ammount of this traffic using user defined policy all the packets were still dropped.

Log message :

May 17 2018 16:59:25+02:00 DST SYS %DEFD/4/CPCAR_DROP_LPU(l)[123]:Rate of packets to cpu exceeded the CPCAR limit on the LPU in slot 0. (Protocol=bpdu-tunnel, CIR/CBS=1024/192512, ExceededPacketCount=9563)


Method to increase allowed ammount of this traffic  using user defined policy :


[SYS]display current-configuration configuration cpu-defend-policy bpdu


cpu-defend policy bpdu

description BPDU-Tunel

car packet-type bpdu-tunnel cir 1024 cbs 192512

auto-defend trace-type source-mac source-portvlan




[SYS]display cpu-defend configuration all

Car configurations on mainboard.


Packet Name         Status     Cir(Kbps)   Cbs(Byte)


output ommited


Car configurations on slot 0.


Packet Name         Status     Cir(Kbps)   Cbs(Byte)  Queue  Port-Type


bpdu-tunnel         Enabled         1024      192512      5         NA


other values ommited



This increase was not helpfull - there are dropped frames still present and grows:


[SYS]display cpu-defend statistics packet-type bpdu-tunnel

Statistics on slot 0:


Packet Type          Pass(Packet/Byte)   Drop(Packet/Byte)  Last-dropping-time


bpdu-tunnel                          0             4087481  2018-05-17 14:09

                                             0           357700321


transparent.gifRoot Cause:

We found that the l2protocol-tunnel group-mac command has been enabled on the system view, but it

wasn’t enabled  on any interfaces.

So if the switch receive the packets with the destination MAC 0100-0ccd-cdd0 it will be sent to the CPU and then dropped:


l2protocol-tunnel lacp group-mac 0100-0ccd-cdd0

l2protocol-tunnel vtp group-mac 0100-0ccd-cdd0

l2protocol-tunnel cdp group-mac 0100-0ccd-cdd0

l2protocol-tunnel udld group-mac 0100-0ccd-cdd0

l2protocol-tunnel pagp group-mac 0100-0ccd-cdd0

l2protocol-tunnel pvst+ group-mac 0100-0ccd-cdd0


   If you don’t need configure Layer 2 protocol transparent transmission, please undo all the commands above;

   If you need this function, please also enable the l2protocol-tunnel on the interfaces.

   Then the logs about bpdu-tunnel packets lost will be disappeared.


In order to stop receiving the CPCAR alarms and pass the bpdu packets according to the user defined policy it is required to configure the l2protocol-tunnel command also on any interfaces.

  • x
  • convention:

Created Sep 28, 2018 22:32:03 Helpful(0) Helpful(0)

totally helpful
View more
  • x
  • convention:



You need to log in to comment to the post Login | Register

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."

My Followers

Login and enjoy all the member benefits


Huawei Enterprise Support Community
Huawei Enterprise Support Community
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Please bind your phone number to obtain invitation bonus.