Extreme Networks

Thank you, and its time to implement. I appreciate the help.

Yea I think you are on the right track. Given your needs, that sounds like it is probably the best plan.

We've been using ELRP perodic log without blocking and our vm environment takes a hit when a loop occurs. We have multiple MLAG 20 gig uplinks to edge switches, stacked switches, DC switches, WLAN controllers and firewalls which in the past have created a loop because of hardware failure or user miss-configure error. I believe I would rather it drop to 10G or half and still be up and working. Thanks for your help and I'm still working out the config. I wish it was a bit simpler like seeing a diagram. The diagrams I see don't include MLAGs, LAGs, or core where edge switching is connected too. I'm envisioning ELRP blocked on egress access ports like a 460 housing users then exclude sharing ports to cores. Then for the cores and DC670's ELRP blocking egress on the uplinks because this would stop non user traffic loops for HA hardware failures. Am I on the right path? Thanks.

Yea. I would consider VM's an "edge" port in this scenario, but some caution is needed there because you may have multiple VLANs on those links. A loop on ANY VLAN on the port would block ALL traffic. If you are okay with taking the MLAG ports down if a loop is detected, potentially segmenting downstream devices, then it can be enabled there as well.

I guess with ELRP egress blocking you can kind of boil it down to this:

• If you enable it, you need to be willing for that port to be completely blocked should a loop be detected based on an ELRP frame that left that port.
• If you do not enable it on a port, that port will never be blocked if a loop is detected on that port.

Of course, I am assuming you are disabling the ports, you don't have to disable them. You can simply log and/or trap.