[j-nsp] Network, trouble after customer created a loop *inside* a VM host

[Jeff Meyers]

Hi Michele,

> So STP didn't protect you and you faced the loop.

okay, but how is this a loop from the perspective of the switches in the 
higher levels?  The Procurve sees packets coming in from the same port 
where they were sent out. Isn't that by definition not a loop?

> When the loop occurs, frames that your switches send down keep coming
> back up, and you see MAC flaps. The 2824 is not smart enough to warn you
> about that.

But why would that cause trouble the way it did? We had:

- trouble even in Vlans not even present on the switch
- mac moving messages on the router - although there is just one 
physical downlink - probably indicating, that macs move between vlans(?) 
but the port in question is an access-port

Do you have an idea how that is even possible?

> You might try to use PVST in your EXs, if they support it, because it
> uses a different MAC, but I bet the vswitch would drop that as well.

I guess any solution that can be bypassed simply by filtering packets by 
the customer, will be abused eventually. How do others solve that problem?


Best regards,
Jeff