Routing

Expand all | Collapse all

LSI interface mac-limit

Jump to Best Answer
  • 1.  LSI interface mac-limit

    Posted 12-24-2019 05:16

    is interface-mac-limit works with the Label Switch Interfaces (LSI).
    For example below, 20 Macs were learned by lsi.1066267. If we configure “interface-mac-limit 1 packet-action drop”, will there be only one Mac learned? Then all packets with new source Mac will be dropped?

    CAP1RJ_re0> show vpls mac-table instance VPLS count

    2849 MAC address learned in routing instance VPLS bridge domain __VPLS_BS

     

    MAC address count per interface within routing instance:

    Logical interface MAC count
    […]
    lsi.1066267:none 20
    […]

     

    Or in order to do this we need to add this option for the whole routing instance?

     

    https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/vrf-table-label-edit-routing-instances-vp.html


    When you include the vrf-table-label statement in the configuration of a VRF routing instance, a label-switched interface (LSI) logical interface label is created and mapped to the VRF routing table. Any routes in the VRF routing table are advertised with the LSI logical interface label allocated for the VRF routing table. When packets destined for the VRF routing instance arrive on a core-facing interface, they are treated as if the enclosed IP packet arrived on the LSI interface and are then forwarded and filtered based on the correct table.



  • 2.  RE: LSI interface mac-limit

     
    Posted 12-24-2019 07:56

    Hi,

     

    First of all, AFAIK, no one is using vrf-table-label in VPLS instance. This is for l3vpn application.

     

    LSI interface is nothing but a logical interface within VPLS. From MAC learning perspective in dataplane, it has no difference compared with other CE facing interfaces. Each lsi is tied to a remote PE. If you configure  “interface-mac-limit 1 packet-action drop”, you will have only one MAC learned for each interface, including lsi. All packets with new sources would be dropped. Better to test it out first without packet-action drop so that it won't cause any impact. If confirmed it's limiting the MAC table, you can also define packet-action drop as desired 

     



  • 3.  RE: LSI interface mac-limit

    Posted 12-26-2019 03:16

    Than you for your response.

    can it be configured under the interface? And if it will be configured under the interface this will be applicable only for the interface?

     

    Or you are saying that this is configured under vpls instance and applicable to all interfaces that are configured there?

     

    Regards.



  • 4.  RE: LSI interface mac-limit

     
    Posted 12-26-2019 12:58

    You can confugure it under instance and limit will apply to all the interfaces in the instance.


    Or you can apply the knob only to the interface, that limit will apply to only to that interface


    Example:

    set routing-instances test protocols vpls interface-mac-limit 1

    set routing-instances test protocols vpls interface xe-3/0/6.0 interface-mac-limit 1

     


    You can confirm whether the limit is applied or not over here:

    show vpls statistics

    Local interface: ge-0/0/2.0, Index: 645
    Multicast packets: 0
    Multicast bytes : 0
    Flooded packets : 0
    Flooded bytes : 0
    Current MAC count: 1 (Limit 1)   <<<<<

    PS: Please accept my response as solution if it solves your query, kuods are appreciated too!

    Thanks
    Vishal

     



  • 5.  RE: LSI interface mac-limit

    Posted 12-30-2019 00:28

    Will the same for for the LSI interface:

    set routing-instances test protocols vpls interface LSI interface-mac-limit 1

     

    regards,

    Alex



  • 6.  RE: LSI interface mac-limit
    Best Answer

     
    Posted 01-02-2020 09:52

    Hi Alex,

     

    The system would not allow you to configure this knob specifically for LSI interface you might encounter following error while trying to configure the knob for LSI:

     

    Interface must be part of this routing instance

    error: commit failed: (statements constraint check failed)

     

    If you want to set the limit on number of MACs learned at VPLS instance level you can change that value using “mac-table-size” knob. The default MAC address table size for each domain is 5120 addresses.

     

    https://www.juniper.net/documentation/en_US/release-independent/nce/topics/task/configuration/vpls-mac-address-limiting-solutions.html

     

     

    PS: Please mark my response as solution if it solves you query, kudos are appreciated too!

     

     

    Thanks Vishal