VLAN loop prevention

Table 1. Simple Loop Prevention Protocol product support

Feature

Product

Release introduced

Simple Loop Prevention Protocol (SLPP)

5320 Series

Fabric Engine 8.6

5420 Series

VOSS 8.4

5520 Series

VOSS 8.2.5

5720 Series

Fabric Engine

7520 Series

Fabric Engine 8.10

7720 Series

Fabric Engine 8.10

VSP 4900 Series

VOSS 8.1

VSP 7400 Series

VOSS 8.0

Loop Prevention

Under certain conditions, such as incorrect configurations or cabling, loops can form. This is true mainly for Layer 2 bridged domains, such as VLANs.

Simple Loop Prevention Protocol (SLPP) provides active protection against Layer 2 network loops on a per-VLAN basis. SLPP uses a lightweight hello packet mechanism to detect network loops. Sending hello packets on a per VLAN basis allows SLPP to detect VLAN based network loops for untagged as well as tagged IEEE 802.1Q VLAN link configurations. After SLPP detects a loop, the port is shutdown.

Note

Note

If you use SLPP in a vIST environment, you must enable it on both vIST peers. When an SLPP packet of a vIST peer is looped through UNI ports to the other device, that device will shut down its UNI port due to receiving SLPP packets from its peer. A device‘s own SLPP packets will go over a vIST connection but will not be forwarded by its vIST peer back onto its UNI ports.

Configure the SLPP functionality with the following criteria:

Instead of manually recovering a port that is shutdown by SLPP, you can configure an automatic recovery delay per port. The auto-recover-delay command specifies the minimum amount of time after which the port is brought back up. The maximum amount of time that can pass until the port is brought back up is two times the configured auto-recover-delay value.

Loops can be introduced into the network in many ways. One way is through the loss of an MLT/link aggregation configuration caused by user error or malfunctioning equipment. This scenario does not always introduce a broadcast storm, but because all MAC addresses are learned through the looping ports, does significantly impact Layer 2 MAC learning. Spanning Tree cannot, in all cases, detect such a configuration issue, whereas SLPP reacts and disables the malfunctioning links and limits network impact to a minimum.

The desire is to prevent a loop from causing network problems, while also attempting not to totally isolate the edge where the loop was detected. Total edge closet isolation is the last resort to protect the rest of the network from the loop. With this in mind, some administrators adopt the concept of an SLPP primary switch and SLPP secondary switch. These are strictly design terms and are not configuration parameters. The Rx thresholds are staggered between the primary and secondary switch. Therefore, the primary switch disables an uplink immediately upon a loop occurring. If this resolves the loop issue, then the edge closet still has connectivity back through the SLPP secondary switch. If the loop is not resolved, then the SLPP secondary switch disables the uplink and isolates the closet to protect the rest of the network from the loop.

As the number of VLANs running SLPP scale off of a specific uplink port, increase the Rx-threshold value to prevent complete isolation of the offending edge. The primary goal of SLPP is to protect the core at all costs. In certain loop conditions, what can occur is the secondary switch also detects the loop and SLPP Rx-threshold of the secondary switch is reached before the primary can stop the loop by taking its port down. Therefore, both switches eventually take their ports down and the edge is isolated. The larger the number of VLANs associated with the port, the more likely this can occur, especially for loop conditions that affect all VLANs.

Important

Important

The loop detection functionality of the device must not be used under normal operating conditions. Only use it if directed by technical support personnel.

You cannot configure the EtherType for SLPP. The switch uses an EtherType of 0x8102 .