Header Only - DO NOT REMOVE - Extreme Networks

ELRP per vlan - is that possible?


Userlevel 4
XOS firmware
Port configured as trunk and have some vlans tagged
ELRP in case of loop in one of the vlans, disables a link on a port
Is there any way of disabling a specific vlan, on which the loop is caused, instead of disabling the port?

BTW, EAS series switches, which have a similar to DLink firmware, have the option of loopdetect and they disable a specific vlan, not a whole port

8 replies

Userlevel 6
Hello Nick,

Unfortunately there is not a way to disable a VLAN. I believe if the VLAN is disabled instead of the port it would make it difficult to locate where the loop originated from and shutdown traffic unnecessarily. If you are running ERLP on an uplink port you can exclude that port so it will not be disabled if a loop is detected. This way ELRP will still run and log if there is a loop but it won't disable the port.
Userlevel 4
Patrick Voss wrote:

Hello Nick,

Unfortunately there is not a way to disable a VLAN. I believe if the VLAN is disabled instead of the port it would make it difficult to locate where the loop originated from and shutdown traffic unnecessarily. If you are running ERLP on an uplink port you can exclude that port so it will not be disabled if a loop is detected. This way ELRP will still run and log if there is a loop but it won't disable the port.

I mean -- to disable a specific vlan on that port instead of disabling whole port with all vlans
That port is used as an interconnect between 2 ISP's and each service is in a separate vlan. We do want to disable service if the loop is occurred, but we do not want to disable all the services

DLink can do that, Cisco can do that, Extreme EAS can do that, why XOS cannot do that??
Userlevel 6
Patrick Voss wrote:

Hello Nick,

Unfortunately there is not a way to disable a VLAN. I believe if the VLAN is disabled instead of the port it would make it difficult to locate where the loop originated from and shutdown traffic unnecessarily. If you are running ERLP on an uplink port you can exclude that port so it will not be disabled if a loop is detected. This way ELRP will still run and log if there is a loop but it won't disable the port.

ELRP is an EXOS based protocol. What protocol is being used on the other vendors to block traffic on one vlan on a port?
Userlevel 4
Patrick Voss wrote:

Hello Nick,

Unfortunately there is not a way to disable a VLAN. I believe if the VLAN is disabled instead of the port it would make it difficult to locate where the loop originated from and shutdown traffic unnecessarily. If you are running ERLP on an uplink port you can exclude that port so it will not be disabled if a loop is detected. This way ELRP will still run and log if there is a loop but it won't disable the port.

I do not know which protocol uses Extreme EAS switches
Userlevel 6
Patrick Voss wrote:

Hello Nick,

Unfortunately there is not a way to disable a VLAN. I believe if the VLAN is disabled instead of the port it would make it difficult to locate where the loop originated from and shutdown traffic unnecessarily. If you are running ERLP on an uplink port you can exclude that port so it will not be disabled if a loop is detected. This way ELRP will still run and log if there is a loop but it won't disable the port.

I am sure there are other protocols that will achieve what you are looking for. What I am saying is ELRP will not allow you to block a specific VLAN on a port.
Userlevel 6
Patrick Voss wrote:

Hello Nick,

Unfortunately there is not a way to disable a VLAN. I believe if the VLAN is disabled instead of the port it would make it difficult to locate where the loop originated from and shutdown traffic unnecessarily. If you are running ERLP on an uplink port you can exclude that port so it will not be disabled if a loop is detected. This way ELRP will still run and log if there is a loop but it won't disable the port.

Nick, we have a feature request already opened for this. It's a good feature.
Userlevel 7
Patrick Voss wrote:

Hello Nick,

Unfortunately there is not a way to disable a VLAN. I believe if the VLAN is disabled instead of the port it would make it difficult to locate where the loop originated from and shutdown traffic unnecessarily. If you are running ERLP on an uplink port you can exclude that port so it will not be disabled if a loop is detected. This way ELRP will still run and log if there is a loop but it won't disable the port.

I think you could catch the log and remove the port of the vlan with a script. That means the whole blocking would rely on your script.
Userlevel 7
Hi Nick,

the primary use case for ELRP is to protect against looped access ports. Even a trunk, e.g. to a hypervisor host, should be disabled in case of a loop via this access port, IMHO.

To selectively and dynamically block VLANs on inter switch links, you can use the different STP variants, EAPS, or ELRP.

In general, I would enable ELRP on access port only and disable the egress port if a loop is detected.

EXOS switches are quite flexible due to scripting, but I can only advise to exercise this flexibility with caution. All operations personnel needs to be able to debug the scripts, which in general is harder than writing it in the first place.

Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it.
-- Brian W. Kernighan

Thanks,
Erik

Reply