Best practice to prevent network loops with Omada SDN solution
Apply to: Omada SDN Controller v5 and above, Omada L2+ and L3 switches.
This article will introduce the recommended configuration for a network including router, switches of differernt layers and end devices.
1. Introduction to loop prevention.
Network loops occur when there are multiple paths between two devices in a network, resulting in an infinite loop of data transmission, which in turn leads to broadcast storms, MAC table instability, and a significant degradation in overall network performance, even a complete crash.
There are several techniques to prevent and resolve Ethernet network loops, such as Spanning Tree (STP), Loopback Detection (LPD), ERPS, etc. Omada SDN Solution incorporates two key mechanisms: STP and Loopback Detection. Loopback detection is a feature that identifies loops in the network, when a loop is detected, the system can automatically block certain ports to break the loop and maintain network stability. STP is a network protocol designed to prevent network loops in Ethernet networks, it creates a spanning tree within a network of connected layer-2 bridges (typically Ethernet switches), and disables all other links that are not part of the spanning tree, thereby preventing loops.
2. What we recommend and why not using single technique.
We recommend enabling STP only between the linking ports of switches and LPD only on all edge ports.
Using only Loopback Detection may cause the upper switch to incorrectly block the port, which has an expanded impact on the network. What LPD do is each port with LPD enabled will periodically boradcast the loop detection packets and check if the packet sent will be received again on this port later, if so, this port will be blocked due to loop detected. As the topology below, usually if there’s not an redundancy link set between the switches, the loop will most likely be mistakenly formed between the edge ports by end users, they may be connecting two ports together with a wire or some wireless devices may form a loop due to wireless backhaul or something else. In this case, the best action is to block this edge port only and the loop will be gone, however, if you enable LPD on all ports, the uplink port, even the ports of core switches will also send the detection packets, and these packets also have a chance to go all the way around the whole network and go back to this port through the loop on the edge. Then this port will be blocked, if this is the uplink port of a core switch, it could cause the entire network going down, which is unacceptable.
Using STP only may lead to two problems, explained below by text and figure.
Problem one: Most end devices like APs, PCs and IoT devices will not respond to the STP BPDU, in this case, the STP will have to wait for 2*Forward Delay which is 30s by default before starting the transmission on this port according to the IEEE protocol, which will be a long wait.
Problem two: Usually the devices connected to edge ports will be plugged and unpluuged frequently, and also if the ethernet cable isn’t of good quality, this port will be linked up and down frequently. Every time a port is linked up or down, the whole STP system will need to calculate and reconverge, causing a waste of system resource.
So by combining these two features, network loops can be effectively avoided and resolved at all levels of the network topology, and the impact of topology changes on the network can be minimized, typical topology as below:
Omada SDN Solution recommends configuring the STP feature on the trunk switch ports between switches, and the Loopback Detection feature on the access switch ports connected wired clients like wireless APs and IoT devices. Take the network topology above as an example, the switch ports used to connect to other switches to make the redundancy network topology are trunk ports, the switch ports used to connect to Omada EAPs, IP cameras, and other clients are access ports.
3. Configuration in controller mode.
About how to configure STP on trunk ports, please refer to Spanning Tree Configuration in Omada SDN Controller mode, a similar network topology is introduced to realize redundancy and loop-free by STP.
To configure Loopback Detection on access ports, go to Site Settings > Wired Networks > LAN > Profile, edit the profile to be applied to access ports, and select Loopback Detection mode for Loopback Control. “Loopback Detection Port Based” mode is enabled for the “All” profile, and other profiles generated by the controller may have different modes with the controller version, it is suggested to check and change the Loopback Control mode to “Port Based” if a profile is applied to access ports. After enabling loopback detection on the port profile, the feature is automatically enabled on the access ports with the profile bound.
- Loopback Detection Port Based: when a loop is detected on a port, the port will be blocked, which is commonly used;
- Loopback Detection VLAN Based: when a loop is detected on a VLAN, the VLAN will be blocked;
- Spanning Tree: STP will be enabled on the port, choose this mode for trunk ports.
You can also enable the feature by port profile overrides. Go to Devices, click a switch then Ports, edit a switch port, or batch edit some switch ports, check “Profile Overrides”, select “Loopback Detection Port Based”, and then click Apply to make the feature take effect on the ports.
4. Configuration in standalone mode.
- Configure STP in standalone mode
In the management web page, go to L2 FEATURES – Spanning Tree – STP Config, first, tick the Spanning Tree option to enable it globally, for the mode, usually we use RSTP, for the CIST priority and other parameters, just keep default, you can also set the priority higher (Please note that the smaller number means higher priority, for example 4096 is higher than 32768) on the core switches to make sure their ports won’t be blocked. After the configuration, don’t forget to click Apply.
After that, go to Port Config, and enable it on the uplink ports of this switch. Click Apply after configured.
- Configure Loopback detection in standalone mode
In management web page, go to L2 FEATURES – Switching – Port – Loopback Detection, first, tick the Loopback Detection Status to enable it globally, and enable it on all edge ports which you need to enable LPD. Keep other parameters as default and don’t forget to click Apply to save these configurations.
Here, we have introduced the recommended plan for preventing loops in wired networks and the configuration method. For more detailed intrtoduction and CLI commands, please check the User Guide and CLI Guide.
Czy ten poradnik FAQ był pomocny?
Twoja opinia pozwoli nam udoskonalić tę stronę.
z United States?
Uzyskaj produkty, wydarzenia i usługi przeznaczone dla Twojego regionu.