is interface-mac-limit works with the Label Switch Interfaces (LSI).For example below, 20 Macs were learned by lsi.1066267. If we configure “interface-mac-limit 1 packet-action drop”, will there be only one Mac learned? Then all packets with new source Mac will be dropped?
CAP1RJ_re0> show vpls mac-table instance VPLS count
2849 MAC address learned in routing instance VPLS bridge domain __VPLS_BS
MAC address count per interface within routing instance:
Logical interface MAC count[…]lsi.1066267:none 20[…]
Or in order to do this we need to add this option for the whole routing instance?
When you include the vrf-table-label statement in the configuration of a VRF routing instance, a label-switched interface (LSI) logical interface label is created and mapped to the VRF routing table. Any routes in the VRF routing table are advertised with the LSI logical interface label allocated for the VRF routing table. When packets destined for the VRF routing instance arrive on a core-facing interface, they are treated as if the enclosed IP packet arrived on the LSI interface and are then forwarded and filtered based on the correct table.
First of all, AFAIK, no one is using vrf-table-label in VPLS instance. This is for l3vpn application.
LSI interface is nothing but a logical interface within VPLS. From MAC learning perspective in dataplane, it has no difference compared with other CE facing interfaces. Each lsi is tied to a remote PE. If you configure “interface-mac-limit 1 packet-action drop”, you will have only one MAC learned for each interface, including lsi. All packets with new sources would be dropped. Better to test it out first without packet-action drop so that it won't cause any impact. If confirmed it's limiting the MAC table, you can also define packet-action drop as desired
Than you for your response.
can it be configured under the interface? And if it will be configured under the interface this will be applicable only for the interface?
Or you are saying that this is configured under vpls instance and applicable to all interfaces that are configured there?
You can confugure it under instance and limit will apply to all the interfaces in the instance.
Or you can apply the knob only to the interface, that limit will apply to only to that interface
Example:set routing-instances test protocols vpls interface-mac-limit 1set routing-instances test protocols vpls interface xe-3/0/6.0 interface-mac-limit 1
You can confirm whether the limit is applied or not over here:show vpls statisticsLocal interface: ge-0/0/2.0, Index: 645Multicast packets: 0Multicast bytes : 0Flooded packets : 0Flooded bytes : 0Current MAC count: 1 (Limit 1) <<<<<PS: Please accept my response as solution if it solves your query, kuods are appreciated too!ThanksVishal
Will the same for for the LSI interface:
set routing-instances test protocols vpls interface LSI interface-mac-limit 1
The system would not allow you to configure this knob specifically for LSI interface you might encounter following error while trying to configure the knob for LSI:
Interface must be part of this routing instance
error: commit failed: (statements constraint check failed)
If you want to set the limit on number of MACs learned at VPLS instance level you can change that value using “mac-table-size” knob. The default MAC address table size for each domain is 5120 addresses.
PS: Please mark my response as solution if it solves you query, kudos are appreciated too!