Loopback Detection Configuration

Loopback Detection is a Layer 2 network protection mechanism used to promptly detect and handle loops in the network. Network loops can cause broadcast, multicast, and unknown unicast packets to be sent repeatedly, resulting in waste of network resources or even network paralysis. The loop detection function periodically sends detection packets through the interface and checks whether the packets return to the device, thereby determining whether there is a loop under the interface or VLAN. Once a loop is detected, the device will send an alarm, record logs, and process the interface according to user configurations (such as shutting down the interface), putting the interface into a controlled state to minimize the impact of the loop on the network.

Working Principle

The implementation of loop detection is based on the following working mechanism:

On interfaces or VLANs with loop detection enabled, the device sends detection packets at fixed time intervals (configured via loopback-detection interval-time). The detection packets are sent in broadcast mode, with the destination MAC address being the broadcast address, the Ethernet type being 0x9998, and the packet payload containing the sending port name or VLAN information.

Loop detection supports two detection granularities:

• Interface-based detection: After enabling loop detection in the interface view, the device only sends detection packets from the interface itself and monitors whether it receives the packets it sent from the same interface. If received, it is determined that there is a loop in the network connected to this interface, and the configured action for the interface is triggered.
• VLAN-based detection: After enabling loop detection in the VLAN view, the device sends detection packets on all member interfaces within the VLAN and monitors whether any interface in the VLAN receives the packets it sent. As long as the packet is received by any interface in the VLAN (which can be a different port from the sending interface), it is determined that there is a loop in the VLAN, and the configured action for the interfaces in the VLAN is triggered.

After detecting a loop, the device immediately executes the configured processing action: by default, shutting down the interface (shutdown) or only recording a log (logging). After the interface is shut down, the device continuously monitors the loop status. If an automatic recovery time is configured (loopback-detection recovery-time), the device will attempt to recover the interface after this time; if the loop has been eliminated, the interface returns to its normal state; otherwise, it remains in a controlled state. Users can also manually recover the shut-down interface (via no shutdown or clear loopback-detection).

Configuration

Operation	Description
Configure the sending cycle of detection messages	Optional (Global)
Configure the sending cycle of alarm logs	Optional (Global)
Enable the loop detection function of the interface/VLAN	Mandatory (Interface/VLAN)
Configure loop detection processing actions	Optional (Interface)
Configure the automatic recovery time of the interface	Optional (Interface)

Configure the Sending Cycle of Detection Messages

Use this command to set the sending interval of loop detection packets. The smaller the interval, the higher the detection sensitivity, but the greater the system resource consumption.

Operation	Command	Description
Enter the system configuration view	configure terminal	-
Configure the sending cycle	loopback-detection interval-time* interval *	interval: The value range is 10 to 300 seconds, with a default of 30 seconds.

Configure the Sending Cycle of Alarm Logs

This command sets the interval at which the system repeatedly prints alarm logs after an interface is shut down due to a loop. The default value of 0 means that repeated printing is not performed.

Operation	Command	Description
Enter the system configuration view	configure terminal	-
Configure the log sending cycle	loopback-detection log-time* interval *	interval: The value range is 10–300 seconds, with a default of 0 seconds

Enable the Loop Detection Function of the Interface/VLAN

When configured in the interface view, it only takes effect on the current interface and adopts an interface-based detection mechanism; when configured in the VLAN configuration view, it takes effect on all ports within the VLAN and adopts a VLAN-based detection mechanism.

Operation	Command	Description
Enter the interface configuration view	interface ethernet* interface-id *	-
Enable interface loop detection	loopback-detection enable	-
Or enter the VLAN configuration view	vlan* vlan-id *	-
Enable VLAN loop detection	loopback-detection enable	-

Configure Loop Detection Processing Actions

The action that the device performs on the interface when a loop is detected.

Operation	Command	Description
Enter the interface configuration view	interface ethernet* interface-id *	-
Configure action	loopback-detection action {logging | shutdown}	logging: Only record logs;
shutdown: Record logs and close the interface (default)

Configure the Automatic Recovery Time of the Interface

After the interface is shut down due to a loop, how long will it take to automatically attempt to return to the normal state? If the loop has disappeared after recovery, the interface will be re-enabled.

Operation	Command	Description
Enter the interface configuration view	interface ethernet* interface-id *	-
Configuration recovery time	loopback-detection recovery-time* interval *	interval : The value range is 10 to 65535 seconds

Caution

NOTE: If the automatic interface recovery time is not configured, the interface will not recover automatically after being shut down. You need to manually recover it by executing the commands “shutdown” and “no shutdown” in sequence under the interface view. Alternatively, you can restart all shutdown interfaces by executing the “clear loopback-detection” command under the system view.

Display and Maintenance

Operation	Command
Check the global, port/VLAN configurations for loop detection	show loopback-detection config
Check the loop detection status (interfaces that are shut down and the reasons)	show loopback-detection status
Check the errdown status of all interfaces	show interface errdown
Clear the loop detection information and re-enable all interfaces that have been shut down.	clear loopback-detection

Configuration example

Networking Requirements

There are multiple user VLANs under a certain switch. To prevent loops caused by users’ incorrect connections within VLAN 100, it is required to enable VLAN-based loop detection in VLAN 100. When a loop is detected, the port should be shut down, and the interface automatic recovery time should be set to 60 seconds. Meanwhile, configure interface-based loop detection for the individual port Ethernet47, with the action being only logging without shutting down the port. The global loop detection period is 10 seconds, and the interval for sending alarm logs is 10 seconds.

Configuration steps

1. Configure the global loop detection period

sonic(config)# loopback-detection interval-time 10
sonic(config)# loopback-detection log-time 10

2. Enable loop detection in the VLAN view, add the interface to the VLAN in the interface view, and configure the loop detection action and the automatic recovery time of the interface.

sonic(config)# vlan 100
sonic(config-vlan-100)# loopback-detection enable
sonic(config-vlan-100)# exit
sonic(config)# interface ethernet 1
sonic(config-if-1)# switchport access vlan 100
sonic(config-if-1)# loopback-detection action shutdown
sonic(config-if-1)# loopback-detection recovery-time 60
sonic(config)# interface ethernet 2
sonic(config-if-2)# switchport access vlan 100
sonic(config-if-2)# loopback-detection action shutdown
sonic(config-if-2)# loopback-detection recovery-time 60
sonic(config)# interface ethernet 3
sonic(config-if-3)# switchport access vlan 100
sonic(config-if-3)# loopback-detection action shutdown
sonic(config-if-3)# loopback-detection recovery-time 60

3. Enable the Ethernet47 loop detection function and configure the loop detection action

sonic(config)# interface ethernet 47
sonic(config-if-47)# loopback-detection enable
sonic(config-if-47)# loopback-detection action logging

4. Verification

View configuration information

sonic# show loopback-detection config
packets interval time: 10 (sec)
log interval time: 10 (sec)

Port/Vlan                     Action             Recovery-Time               Status
----------------------------------------------------------------------------------------------
Ethernet1                    shutdown                 60
Ethernet2                    shutdown                 60
Ethernet3                    shutdown                 60
Ethernet47                   logging                                          enable
Vlan100                                                                       enable

Check the loop detection status (if Vlan100 has a loop)

sonic# show loopback-detection status
You can re-up err-down ports one by one by "no shutdown" under interface config, re-up all by "clear loopback-detection", or configure "loopback-detection recovery-time" for automatic recovery.

loopback is detected
Port                  Status         Caused By                Time
----------------------------------------------------------------------
Ethernet1             shutdown       Vlan100                  00:00:05
Ethernet2             shutdown       Vlan100                  00:00:05
Ethernet3             shutdown       Vlan100                  00:00:05

Caution

NOTE: The command “show loopback-detection status” only displays real-time loop detection events. When an interface is shut down due to a loop and the loop disappears for a period of time (3 times the interval), the command will no longer display relevant information. In this case, if you need to check the interfaces that have been shut down by loop detection, please use the “show interface errdown” command. “Time” indicates the time elapsed since the last detected loop.