Using Simple Loop Prevention Protocol (SLPP) Guard

Simple Loop Prevention Protocol (SLPP) is an application that detects loops in an MLAG or Split Multi-link Trunking (SMLT) network on VOSS/BOSS switches.

SLPP Guard is a complementary feature for ExtremeXOS switches that helps prevent loops in networks by administratively disabling an edge port if a switch receiveS an SLPP PDU from an SMLT network. SLPP Guard detects and discards SLPP control PDUs on a per port basis. SLPP Guard identifies SLPP PDUs using the Ethernet type field of the packet, which is configurable. When an SLPP PDU is received on a port that has SLPP Guard activated on it, it is immediately disabled. After a configurable timeout value expires (associated with each port), the port is automatically re-enabled.
Note

Note

When SLPP Guard disables a port, the disabled status is not persistent. If the switch reboots, the port is enabled when the switch comes back up.
Note

Note

If you use the CLI to enable or disable a port that has been disabled by SLPP Guard, the port is enabled or disabled as applicable and the recovery timer is stopped for that port.

When a new user is authenticated by netlogin, the enable attribute of SLPP Guard is given to netlogin. Netlogin processes this attribute and sends the enable attribute message to the SLPP Guard module. If all users are unauthenticated by netlogin, a disable message for the port is sent to SLPP Guard. At the time of re-authentication, if the FA-Service-Request = SLPPGUARD is removed from the RADIUS server, then netlogin sends an SLPP Guard disable message.

Note

Note

If you modify the RADIUS attributes in between authentication, then a port restart or clear all netlogin clients is required in order for the service attributes to change on the port.

The status is enabled and the entry in the save configuration command is sent to enable slpp guard port port_list for the following scenarios:

The status is enabled and the saved configuration contains default values for the following scenarios:

The most common use case is with an IP phone with two ports: one for a switch and one for a computer (see SLPP Use Case). If you plug both IP phone ports onto the edge switch, a loop is created. To avoid a loop in the SMLT network, on the ExtremeXOS edge switch, enable SLPP Guard on the ports that are connected to the IP phone.
Click to expand in new window
SLPP Use Case

Supported Platforms

ExtremeSwitching X435, X450-G2, X460-G2, X670-G2, X440-G2, X465, X590, X620, X690, X695, X870, 5420, 5520 series switches.

Limitations