MAC Movement Resolution

Based on the example above, Port 1 is selected for the mac-movement action (shutdown | raslog) because it has a higher number of LIFs in the list. The LIFs port 1,vlan 10 and port 1, vlan 20 are either shutdown with the actions logged, or the movement details are committed to the RAS log.

The default mac-movement action is raslog. All mac-movement information is saved to the RAS log. When the auto-recovery time limit expires, the LIF becomes operational, and the tracking process is started again.

Note

Logical interfaces (LIFs) that are part of a tunnel, inter-chassis link (ICL), or pseudowire (PW) are ignored and are not subject to any resolution action.

Auto-recovery is enabled by default. The LIF will remain shut down for 5 minutes (default). This time is configurable to a range of 3 through 30 minutes. The auto-recovery mode can be disabled from the command line.

Shutdown can be disabled from the command line, and logging enabled as the only action when the threshold is exceeded. The MAC movement details will be captured in the RAS log.

RAS Log Examples:

MAC move detected and action defined as RAS log
- 2019/12/09-02:38:37, [L2SS-1034], 16815, DCE, ERROR, SLX, Repeated MAC move detected for MAC 0000.0500.0001 VLAN 10 on Interface Eth 0/18
- 2019/12/09-02:38:37, [L2SS-1035], 16816, DCE, ERROR, SLX, Repeated mac move detected for MAC 0000.0500.0001 BRIDGE-DOMAIN 11 on Interface Eth 0/18.11
MAC move detected and action to shutdown LIF
- 2019/12/09-02:32:02, [L2SS-1033], 16805, DCE, INFO, SLX, Shut down recovery(from MAC Move detect) for Logical- Interface Eth 0/18.11 and BRIDGE-DOMAIN 11
- 2019/12/09-02:32:02, [L2SS-1025], 16806, DCE, INFO, SLX, Shut down recovery(from MAC Move detect) for Interface Eth 0/18 and VLAN 10
Shutdown recovery
- 2019/12/09-02:32:12, [L2SS-1024], 16807, DCE, ERROR, SLX, Repeated MAC move detected for MAC 0000.0500.0001 VLAN 10, Interface Ethernet 0/6 shut down for VLAN 10
- 2019/12/09-02:32:12, [L2SS-1032], 16808, DCE, ERROR, SLX, Repeated MAC move detected for MAC 0000.0500.0001 BRIDGE-DOMAIN 11, interface Ethernet 0/6 shut down

MCT Use Case: MAC loop between CCEPs

If MAC movement between C1 and C2 has crossed the threshold MAC move limit, the LIF shutdown action is taken on the cluster node with the higher IP address. For example: Leaf1 has the higher cluster IP configured. Leaf1 takes the decision to shut down the LIF connecting to C1 and communicates to Leaf2 to shutdown the corresponding LIF connecting to C1.

MCT Use Case: MAC loop between CCEP and CEP

If MAC movement between C1 and H1 has crossed the threshold MAC move limit the LIF shutdown action is taken on the cluster node with the higher IP address. For example, Leaf1 has the higher cluster IP configured. Leaf1 takes the decision to shut down the LIF on C1, and communicates to Leaf2 to shutdown the corresponding LIF on C1. If the MAC movement is happening between the CCEP and CEP, the action will always be taken on the CCEP.

MCT Use Case: MAC loop between CEPs

If MAC movement between H1 and H2 has crossed the threshold MAC move limit, the action is taken by each Leaf independently. Leaf1 and Leaf2 will run MAC move detection separately.

Note

In an IP fabric configuration, it may be necessary for the MAC movement detection feature to take precedence over BGP dampening. In this situation, the BGP mac dampening count must be set at lower value than the mac-move threshold, as shown below.

device(config)# do show running-config evpn
	evpn a duplicate-mac-timer 5 max-count 10
	!
	device(config)# exit
	device(config)# show mac-address-table mac-move
	Mac Move Action: Shutdown
	Mac Move detect: Enable
	Threshold: 7
	Auto-Recovery: Enable
	Auto-Recovery-time: 3

Note

In an IP fabric configuration, this feature must be enabled on all leaf nodes.

Note

This feature is also supported on bridge domains.