Unknown new s-series feature: V8.62 "control-frame-learning disable" ?

  • 1
  • 1
  • Question
  • Updated 2 years ago
  • Answered
2 weeks ago a new s-series firmware was going public.

Release Notes tell me the following new feature:



which kind of "control-frames" can be disabled from learning? In what szenario will help me that function?

Unfortunately no manual for V8.62 is available! No KB Article, nothing that will explain that feature.

Regards
Photo of M.Nees

M.Nees, Embassador

  • 9,264 Points 5k badge 2x thumb

Posted 2 years ago

  • 1
  • 1
Photo of Alex Morrissey

Alex Morrissey, Employee

  • 862 Points 500 badge 2x thumb
Hello Matthias,

We will be writing up a article to cover this but in summary this feature disables learning of the source MAC address of frames destined to a 01-80-C2-XX-XX-XX destination MAC.  This feature is intended to be used in environments where an EOS switch may have multiple links to a switch that doesn't utilize a unique MAC address per port.  This can cause the EOS switch to learn the mac address of the switch on multiple ports including ports that are in a blocking state per spanning tree.  There is a possibility that traffic destined to the remote switch MAC address may be dropped if the forwarding database has the MAC address for the remote switch learned on a blocked port where traffic cannot be egressed.

-Alex
Photo of M.Nees

M.Nees, Embassador

  • 9,264 Points 5k badge 2x thumb
Hi Alex,

normally i think STP blocking state will not update the mac address table. So from that point of view that does not make sense ?!

i think i should wait till the KB Article is fully written. I hope the Article has enough deepness to get a complete understanding of that feature and the szenario this would be helpful.

Regards
Photo of Alex Morrissey

Alex Morrissey, Employee

  • 862 Points 500 badge 2x thumb
Hello Matthias,

Being in a blocked state will prevent the switch from transmitting and have it discard any traffic that comes in.  The exception to this is control frames such as STP where the frames are received and processed and the source MAC address learned.  If the remote switch uses the same MAC address for all its ports then this could cause some issues for traffic destined to that remote switch mac such as SNMP or Telnet.  When forwarding the traffic to that remote MAC the most recent entry in the database could be on a blocked port so the traffic would be dropped.  By disabling learning the source MAC from control frames then the EOS switch would then rely on other packets to learn the source mac of the remote switch and populate its tables. 

-Alex
Photo of David Froehlich

David Froehlich

  • 252 Points 250 badge 2x thumb

Does this mean that Enterasys (EOS) switches actually learn MAC addresses from STP BPDUs into their CAM table? This will most likely lead to CAM inconsistencies due to the facts you described. Do Extreme (XOS) switches have the same problem? Just to make sure that we are aware of the facts and being able to configure the same behaviour for EOS and XOS gear.

Other vendors describe in their pubilc documentation that they do not learn source MAC addresses from received BPDUs. Most likely because it doesn't really make sense and to avoid such inconsistencies.

Source: http://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/24063-pvid-inconsistency-24063.html
This article is more than a decade old but still contains correct and useful Information.

Quote: "the fact that switches typically do not learn a source’s MAC addresses from BPDU frames."

Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 12,886 Points 10k badge 2x thumb
The 01-80-C2-XX-XX-XX MAC address range comprises more than just the STP destination MAC address, see e.g. http://standards.ieee.org/develop/regauth/grpmac/public.html.