Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[EX/QFX] Optimum configuration to recover out of MAC suppression during EVPN MAC Mobility

0

0

Article ID: KB35676 KB Last Updated: 13 Apr 2020Version: 1.0
Summary:

In EVPN scenario, a MAC address can move from one Ethernet segment (port) to another segment (port). LEAFs/SPINEs/Provider Edge (PE) devices discover the host MAC address on its local interfaces or from a remote LEAF/SPINE/PE devices.

When a PE device learns a mac-address locally and that MAC is already advertised by remote EVPN device, then it must decide which of the MAC advertisement messages to use. This is decided using the parameter detection-threshold and detection-window. Then auto-recovery will kick in to consider the best mac-advertisement.

Symptoms:

The default settings of MAC MOBILITY parameters are quite aggressive. However, in some cases we need to have optimum settings to allow this MAC move in valid scenarios like VRRP convergence, STP, VMotion, Server Migration etc.

Solution:

Use the configurations below to overcome any MAC mobility suppression, aka. duplicate MAC suppression. This has been tested with VRRP protocol convergence during which the VRRP MAC moves between the peers until the Master election completes. During VMotion, we can see up to 6 times the MAC being moved from one hypervisor to another. The following setting should help in overcoming that:

set protocols evpn duplicate-mac-detection detection-threshold 20
set protocols evpn duplicate-mac-detection detection-window 5
set protocols evpn duplicate-mac-detection auto-recovery-time 5

Note: If there is a loop in the network or the MAC moves for more than 20 times within 5 seconds, then the MAC will be suppressed. The detection threshold cannot be increased more than a value of 20.

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search