ON THIS PAGE
Example: Prevention of Loops in Bridge Domains by Enabling the MAC Pinnning Feature on Trunk Interfaces
This example shows how to avoid loops in bridge domains by enabling the MAC pinning feature on trunk interfaces.
Requirements
This example uses the following hardware and software components:
MX Series 5G Universal Routing Platforms
Junos OS Release 16.1 running on the routers
Overview
A MAC move occurs when a MAC address frequently appears on a different physical interface than the one it was learned on. Frequent MAC moves indicate the presence of loops. Loops can occur in Layer 2 bridges and in VPLS networks. To avoid loops, you can enable the MAC pinning feature on the interfaces. The MAC pinning feature is applicable only when dynamic learning of MAC addresses over interfaces is enabled.
This example shows how to enable MAC pinning on three aggregated trunk interfaces in a bridge domain.
Topology
In this example, you configure the interfaces xe-0/1/1 and xe-0/3/1 on the MX Series router as an aggregated
Ethernet interface, ae1. You can configure the other four
interfaces, ge-4/0/6, ge-4/1/6, xe-4/2/0, and xe-4/3/0, as aggregated Ethernet interfaces, ae2 and ae3. Each of these aggregated Ethernet interfaces
are configured as trunk interfaces. Trunk interfaces accept only tagged
packets and forward the packets within a specified bridge domain, BD_Trunk_all. Specify the list of VLAN IDs for the interfaces
and the bridge domain. When a tagged packet is received on any of
the aggregated trunk interfaces, the packet is accepted, and the packet
is forwarded within the bridge domain that is configured with the
matching ID.
In the bridge domain, after specifying the VLAN ID, specify 131000 as the maximum number of MAC addresses that can be learned on each of the aggregated Ethernet trunk interfaces and specify 1048575 as the size of the MAC address table for the bridge domain or VLAN.
In this topology, frequent MAC moves can occur, which can result
in loops. To prevent these loops, you can configure MAC pinning. When
you configure MAC pinning on an interface, the MAC address learned
on the interface cannot be learned on another interface in the same
bridge domain. For example, configure MAC pinning on the aggregated
Ethernet interface ae1. When a packet is received on this
interface, the packet is accepted, and the packet is forwarded within
the bridge domain with the matching ID. However, if a packet with
the same MAC address is received on any other trunk interface, say ae2, the packet is discarded or dropped as that MAC address
is pinned to the trunk interface ae1. This behavior is
common to all trunk interfaces configured on the router, regardless
of whether access pinning is enabled on the trunk interface or not.
Configuration
CLI Quick Configuration
To quickly configure this example, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy level.
set interfaces xe-0/1/1 gigether-options 802.3ad ae1 set interfaces xe-0/3/1 gigether-options 802.3ad ae1 set interfaces ge-4/0/6 gigether-options 802.3ad ae3 set interfaces ge-4/1/6 gigether-options 802.3ad ae3 set interfaces xe-4/2/0 gigether-options 802.3ad ae2 set interfaces xe-4/3/0 gigether-options 802.3ad ae2 set interfaces ae1 flexible-vlan-tagging set interfaces ae1 encapsulation flexible-ethernet-services set interfaces ae1 unit 0 family bridge interface-mode trunk set interfaces ae1 unit 0 family bridge vlan-id-list 1-5 set interfaces ae2 flexible-vlan-tagging set interfaces ae2 encapsulation flexible-ethernet-services set interfaces ae2 unit 0 family bridge interface-mode trunk set interfaces ae2 unit 0 family bridge vlan-id-list 1-5 set interfaces ae3 flexible-vlan-tagging set interfaces ae3 encapsulation flexible-ethernet-services set interfaces ae3 unit 0 family bridge interface-mode trunk set interfaces ae3 unit 0 family bridge vlan-id-list 1-5 set bridge-domains BD_Trunk_all vlan-id-list 1-5 set bridge-domains BD_Trunk_all bridge-options mac-table-size 1048575 set bridge-domains BD_Trunk_all bridge-options interface ae1.0 interface-mac-limit 131000 set bridge-domains BD_Trunk_all bridge-options interface ae2.0 interface-mac-limit 131000 set bridge-domains BD_Trunk_all bridge-options interface ae3.0 interface-mac-limit 131000 set switch-options interface ae1.0 interface-mac-limit 131000 set switch-options interface ae1.0 mac-pinning set switch-options interface ae2.0 interface-mac-limit 131000 set switch-options interface ae2.0 mac-pinning set switch-options interface ae3.0 interface-mac-limit 131000 set switch-options interface ae3.0 mac-pinning
Procedure
Step-by-Step Procedure
The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode
To configure MAC pinning on trunk interfaces in bridge domains:
Configure the interfaces as member aggregated Ethernet interfaces.
[edit interfaces] user@host#
set interfaces xe-0/1/1 gigether-options 802.3ad ae1user@host#set interfaces xe-0/3/1 gigether-options 802.3ad ae1user@host#set interfaces ge-4/0/6 gigether-options 802.3ad ae3user@host#set interfaces ge-4/1/6 gigether-options 802.3ad ae3user@host#set interfaces xe-4/2/0 gigether-options 802.3ad ae2user@host#set interfaces xe-4/3/0 gigether-options 802.3ad ae2Configure the aggregated Ethernet interfaces as trunk interfaces and specify the list of VLAN IDs.
user@host#
set interfaces ae1 flexible-vlan-tagginguser@host#set interfaces ae1 encapsulation flexible-ethernet-servicesuser@host#set interfaces ae1 unit 0 family bridge interface-mode trunkuser@host#set interfaces ae1 unit 0 family bridge vlan-id-list 1-5user@host#set interfaces ae2 flexible-vlan-tagginguser@host#set interfaces ae2 encapsulation flexible-ethernet-servicesuser@host#set interfaces ae2 unit 0 family bridge interface-mode trunkuser@host#set interfaces ae2 unit 0 family bridge vlan-id-list 1-5user@host#set interfaces ae3 flexible-vlan-tagginguser@host#set interfaces ae3 encapsulation flexible-ethernet-servicesuser@host#set interfaces ae3 unit 0 family bridge interface-mode trunkuser@host#set interfaces ae3 unit 0 family bridge vlan-id-list 1-5Specify the name of the bridge domain.
[edit bridge-domains] user@host#
set bridge-domains BD_Trunk_all vlan-id-list 1-5Specify the size of the MAC address table for the bridge domain.
user@host#
set bridge-domains BD_Trunk_all bridge-options mac-table-size 1048575Specify the maximum number of MAC addresses that can be learned on all three trunk interfaces.
user@host#
set bridge-domains BD_Trunk_all bridge-options interface ae1.0 interface-mac-limit 131000user@host#set bridge-domains BD_Trunk_all bridge-options interface ae2.0 interface-mac-limit 131000user@host#set bridge-domains BD_Trunk_all bridge-options interface ae3.0 interface-mac-limit 131000Configure MAC pinning on each of the aggregated Ethernet interfaces at the [
edit switch-options] hierarchy level.[edit switch-options] user@host#
set switch-options interface ae1.0 interface-mac-limit 131000user@host#set switch-options interface ae1.0 mac-pinninguser@host#set switch-options interface ae2.0 interface-mac-limit 131000user@host#set switch-options interface ae2.0 mac-pinninguser@host#set switch-options interface ae3.0 interface-mac-limit 131000user@host#set switch-options interface ae3.0 mac-pinning
Results
From configuration mode, confirm your configuration
by entering show interfaces and show bridge-domains commands. If the output does not display the intended configuration,
repeat the instructions in this example to correct the configuration.
user@host#show interfacesinterfaces { xe-0/0/0 { flexible-vlan-tagging; encapsulation flexible-ethernet-services; unit 0 { family bridge { interface-mode trunk; vlan-id-list 1-5; } } } xe-0/1/1 { gigether-options { 802.3ad ae1; } } xe-0/3/1 { gigether-options { 802.3ad ae1; } } ge-4/0/6 { gigether-options { 802.3ad ae3; } } ge-4/1/6 { gigether-options { 802.3ad ae3; } } xe-4/2/0 { gigether-options { 802.3ad ae2; } } xe-4/3/0 { gigether-options { 802.3ad ae2; } } ae1 { flexible-vlan-tagging; encapsulation flexible-ethernet-services; unit 0 { family bridge { interface-mode trunk; vlan-id-list 1-5; } } } ae2 { flexible-vlan-tagging; encapsulation flexible-ethernet-services; unit 0 { family bridge { interface-mode trunk; vlan-id-list 1-5; } } } ae3 { flexible-vlan-tagging; encapsulation flexible-ethernet-services; unit 0 { family bridge { interface-mode trunk; vlan-id-list 1-5; } } } } user@host#show bridge-domainsbridge-domains { BD_Trunk_all { vlan-id-list 1-5; bridge-options { mac-table-size { 1048575; } interface ae1.0 { interface-mac-limit { 131000; } } interface ae2.0 { interface-mac-limit { 131000; } } interface ae3.0 { interface-mac-limit { 131000; } } } } } user@host#show switch-optionsswitch-options { interface ae1.0 { interface-mac-limit { 131000; } mac-pinning; } interface ae2.0 { interface-mac-limit { 131000; } mac-pinning; } interface ae3.0 { interface-mac-limit { 131000; } mac-pinning; } }
If you have completed configuring the device, enter commit from the configuration mode.
Verification
Verifying that MAC Pinning Is Configured Correctly
Purpose
Ensure that MAC pinning is enabled on the trunk interfaces.
Action
From operational mode, enter the show l2-learning
interface command.
user@host> show l2-learning interface
Routing Instance Name : default-switch
Logical Interface flags (DL -disable learning, AD -packet action drop,
LH - MAC limit hit, DN - Interface Down, MP - MAC Pinning)
Logical BD MAC STP Logical
Interface Name Limit State Interface flags
xe-0/0/0.0 8192
BD_Tru.. 1024 Forwarding
BD_Tru.. 1024 Forwarding
BD_Tru.. 1024 Forwarding
BD_Tru.. 1024 Forwarding
BD_Tru.. 1024 Forwarding
Routing Instance Name : default-switch
Logical Interface flags (DL -disable learning, AD -packet action drop,
LH - MAC limit hit, DN - Interface Down, MP - MAC Pinning)
Logical BD MAC STP Logical
Interface Name Limit State Interface flags
ae1.0 131000 MP
BD_Tru.. 131000 Forwarding
BD_Tru.. 131000 Forwarding
BD_Tru.. 131000 Forwarding
BD_Tru.. 131000 Forwarding
BD_Tru.. 131000 Forwarding
Routing Instance Name : default-switch
Logical Interface flags (DL -disable learning, AD -packet action drop,
LH - MAC limit hit, DN - Interface Down, MP - MAC Pinning)
Logical BD MAC STP Logical
Interface Name Limit State Interface flags
ae2.0 131000 MP
BD_Tru.. 131000 Forwarding
BD_Tru.. 131000 Forwarding
BD_Tru.. 131000 Forwarding
BD_Tru.. 131000 Forwarding
BD_Tru.. 131000 Forwarding
Routing Instance Name : default-switch
Logical Interface flags (DL -disable learning, AD -packet action drop,
LH - MAC limit hit, DN - Interface Down, MP - MAC Pinning)
Logical BD MAC STP Logical
Interface Name Limit State Interface flags
ae3.0 131000 MP
BD_Tru.. 131000 Forwarding
BD_Tru.. 131000 Forwarding
BD_Tru.. 131000 Forwarding
BD_Tru.. 131000 Forwarding
BD_Tru.. 131000 Forwarding
Meaning
The Interface flags field indicates the
interfaces that have MAC pinning enabled.