ELRP per vlan - is that possible?

  • 0
  • 1
  • Question
  • Updated 11 months ago
  • Answered
XOS firmware
Port configured as trunk and have some vlans tagged
ELRP in case of loop in one of the vlans, disables a link on a port
Is there any way of disabling a specific vlan, on which the loop is caused, instead of disabling the port?

BTW, EAS series switches, which have a similar to DLink firmware, have the option of loopdetect and they disable a specific vlan, not a whole port
Photo of Nick Yakimenko

Nick Yakimenko

  • 2,404 Points 2k badge 2x thumb

Posted 11 months ago

  • 0
  • 1
Photo of Patrick Voss

Patrick Voss, Employee

  • 11,474 Points 10k badge 2x thumb
Hello Nick,

Unfortunately there is not a way to disable a VLAN. I believe if the VLAN is disabled instead of the port it would make it difficult to locate where the loop originated from and shutdown traffic unnecessarily. If you are running ERLP on an uplink port you can exclude that port so it will not be disabled if a loop is detected. This way ELRP will still run and log if there is a loop but it won't disable the port.
Photo of Patrick Voss

Patrick Voss, Employee

  • 11,474 Points 10k badge 2x thumb
ELRP is an EXOS based protocol. What protocol is being used on the other vendors to block traffic on one vlan on a port?
Photo of Nick Yakimenko

Nick Yakimenko

  • 2,404 Points 2k badge 2x thumb
I do not know which protocol uses Extreme EAS switches
Photo of Patrick Voss

Patrick Voss, Employee

  • 11,474 Points 10k badge 2x thumb
I am sure there are other protocols that will achieve what you are looking for. What I am saying is ELRP will not allow you to block a specific VLAN on a port.
Photo of Stephen Williams

Stephen Williams, Employee

  • 8,838 Points 5k badge 2x thumb
Nick, we have a feature request already opened for this.  It's a good feature.
Photo of Grosjean, Stephane

Grosjean, Stephane, Employee

  • 12,532 Points 10k badge 2x thumb
I think you could catch the log and remove the port of the vlan with a script. That means the whole blocking would rely on your script.
Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 12,782 Points 10k badge 2x thumb
Hi Nick,

the primary use case for ELRP is to protect against looped access ports. Even a trunk, e.g. to a hypervisor host, should be disabled in case of a loop via this access port, IMHO.

To selectively and dynamically block VLANs on inter switch links, you can use the different STP variants, EAPS, or ELRP.

In general, I would enable ELRP on access port only and disable the egress port if a loop is detected.

EXOS switches are quite flexible due to scripting, but I can only advise to exercise this flexibility with caution. All operations personnel needs to be able to debug the scripts, which in general is harder than writing it in the first place.
Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it.
-- Brian W. Kernighan
Thanks,
Erik