Network Loop Protection
Network loops can lead to slow and unresponsive networks. But it’s easy to protect your network from loops, using a range of features on Allied Telesis switches.
What is a Network Loop?
Network loops are also known as Layer 2 switching loops or bridge loops, because they occur at Layer 2. Put simply, a loop occurs when a network is cabled in a way that allows traffic to get to a destination by multiple paths. Here’s an example:
Why Are Network Loops a Problem?
By definition, broadcast traffic is flooded to every port on a switch within a layer 2 domain, except for the received port. With a switching loop, the broadcast traffic is transmitted around the loop indefinitely, and each looped packet is sent back to every other port in the domain. This leads to a lot of unnecessary broadcast traffic in the network, which can impact other network traffic.
Broadcast Storms
If left unchecked, you can end up with a broadcast storm, where the number of frames can eventually take your network down. A broadcast storm most commonly occurs because of a switching loop, either due to a cabling error or the failure of a protocol that protects a deliberate physical loop.
MAC Address Thrashing
Loops can also confuse the switch’s database of MAC address entries. If a loop means that you can reach a destination through two different ports (for example port 1 or port 6), the MAC address table will constantly swap (thrash) between the two.
How Do Network Loops Form?
Modern networks are often complex and distributed, so it can be difficult to know how devices are connected. This can lead to loops from human errors in cabling. But physical loops are most often added deliberately because they’re actually a good thing, for redundancy. Physical loops make your network resilient to switch or port failure, by providing alternative paths. The trick is to protect the network from the negative consequences of loops.
How Do You Protect the Network from Loops?
Allied Telesis AlliedWare Plus switches have three different mechanisms for avoiding the problems associated with loops:
- Loop Protection (MAC address thrash limiting and LDF)
- Storm control
- Protocols that manage topologies (STP, EPSR and G.8032)
Loop protection (MAC address thrash limiting and LDF)
Thrash limiting, also known as rapid MAC movement, detects the rapid changes in MAC address table entries that a loop causes, and takes action to deal with the loop. It is highly user-configurable—from the rate that indicates a loop to the action for the switch to take.
With thrash limiting, the switch only detects a loop when a storm has occurred, which can cause disruption to the network. To avoid this, AlliedWare Plus uses loop detection in conjunction with thrash limiting. Loop detection sends special Loop Detection Frame (LDF) packets out each port and listens to see if that port receives its LDF packets again. If a port does receive its LDF packets again, that means there is a loop. You can choose to have AlliedWare Plus disable the port, disable the link, or notify you by sending an SNMP trap.
Loop detection can detect loops before a network storm occurs, avoiding the risk and inconvenience of traffic disruption.
Storm control
There are two options for storm control on AlliedWare Plus switches. One option lets you limit how much broadcast, multicast and destination lookup failure traffic each port receives. The port simply drops packets over the limit, preventing a storm from overloading the port.
The other option is QoS Storm Protection, which also sets a limit on the rate of traffic received at each port. It uses the switches’ powerful Quality of Service (QoS) suite, allowing for more control. It will automatically disable the affected port or VLAN, and produce log entries and SNMP traps, so you can quickly identify the affected port.
Protocols to manage topologies
Physical loops are useful in networks, because they provide backup, which makes a network resilient if a device or link fails. If there are multiple possible paths to each destination, if a link fails, traffic can simply change to another path.
To take advantage of this, you need to use a layer 2 protocol that manages the paths, blocking and unblocking ports as needed to create a single logical path at any time. AlliedWare Plus supports several of these protocols, for ring and other topologies.
Ring topologies are popular in networks that need a high level of resiliency. AlliedWare Plus offers two protocols to protect your ring from loops: the standards-based G.8032 Ethernet Ring Protection and our own Ethernet Protection Switching Ring (EPSR). Both can react to changes in topology as fast as 50 ms, so end users don’t even notice a link failure.
Other topologies can be protected with the popular Spanning Tree Protocol (STP). AlliedWare Plus supports the original STP protocol, the faster RSTP (Rapid STP), and MSTP (Multiple STP) for large networks. These protocols use special frames, called BPDUs, to constantly check link status and work out the best paths available. You can add BPDU Guard to provide extra protection for edge ports. RSTP is enabled by default on all switch ports.
Through all these mechanisms, Allied Telesis switches keep your network safely loop- and storm-free without compromising service or reliability.