Hpe Aruba and loop-protect

loop-protect

this is a simple guide to enable the loop-protect feature on your Hpe/Aruba switch.

Connect to your cli and issue this command :

Show loop-protect

loop-protect

As you can see it’s disabled.

Now we can enable it per port or per vlan basic… anyway , the way that i prefer is per VLAN and, after that , we need to choose which physical port is on it

So now we enable per VLAN mode with this command:

loop-protect mode vlan

loop-protect

For example we can enable it on vlan 1 and 3 ..

loop-protect

As we can see, it’s enable only vlans 1 and 3

loop-protect

At this point, we have to assign the loop-protect on a port basics . In our case we have an 2530 with 48 port and so, this is the command:

loop-protect 1-48 receiver-action send-disable

loop-protect

Now we are ready to testing it…

This is my magic looping cable!

loop-protect

Now we can check what’s happened with the command..:

Show loop-protect

loop-protect

And we can see that port 29 is now detected and blocked.

loop-protect

that’s it.

6 Comments

  1. When I connect an HP1800 on one of those port on my 2540 and loop it, I start dropping pings on my 29 root switch and it affects all of my network, No dropped pings on my 2540 and no port shutdown. What am I missing?

    Reply
    • it seems that you have a network calibration due to STP..
      Switch to a RSTP or disable it…

      Marco

      Reply
  2. I have some questions
    1. do u ever enable full loop trunk lacp
    let say I have I have 3x 2530 switches.
    SW1 p47-48 -> SW2 p47-48, SW2 p45-46 -> SW3 p45-46, SW3 p47-48 -> SW1 p45-46

    2. do you disable STP and enable loop-protect in TRUNK LACP
    3. do you enable jumbo frame just for port that connected to storage
    tq

    Reply
  3. Hi Marco,
    thanks for your good explanation. I looked at this topic myself and in our environment older hp 2510 series switches are not able to do loop protection on vlan mode. “New” 2530 switches have this feature. So my question is what are the advantages with vlan mode on and multiple vlans? From my understanding loop protection with default settings can only monitor the default vlan but in test environment it was also able to block loops with ports in different vlans.

    Reply
    • You are true …
      This is an example with multiple vlans and loop protect enable only on vlan 1 and 2 (voice vlan).

      SW12# show run

      Running configuration:

      ; J9772A Configuration Editor; Created on release #YA.16.05.0008
      ; Ver #12:00.04.19.02.13.98.82.34.61.18.28.f3.84.9c.63.ff.37.27:06
      hostname “SW12”
      fault-finder broadcast-storm sensitivity high
      fault-finder bad-driver sensitivity high
      fault-finder bad-transceiver sensitivity high
      fault-finder bad-cable sensitivity high
      fault-finder too-long-cable sensitivity high
      fault-finder over-bandwidth sensitivity high
      fault-finder loss-of-link sensitivity high
      fault-finder duplex-mismatch-hdx sensitivity high
      fault-finder duplex-mismatch-fdx sensitivity high
      fault-finder link-flap sensitivity high
      timesync sntp
      sntp unicast
      sntp server priority 1 193.204.114.232
      time timezone 120
      ip default-gateway 172.16.52.252
      interface 52
      name “FIBER OPTIC LINK TO SWCORE – Rack A ”
      exit
      snmp-server community “public” unrestricted
      vlan 1
      name “DEFAULT_VLAN”
      untagged 1-52
      no ip address
      exit
      vlan 20
      name “VOIP Vodaphone”
      tagged 1-52
      no ip address
      exit
      vlan 30
      name “PLC – Wonderware”
      tagged 51-52
      no ip address
      exit
      vlan 40
      name “PCs”
      tagged 51-52
      no ip address
      exit
      vlan 50
      name “WIFI-DIAB”
      tagged 51-52
      no ip address
      exit
      vlan 70
      name “PRINTERS”
      tagged 51-52
      no ip address
      exit
      vlan 80
      name “WIFI-GUESTS”
      tagged 51-52
      no ip address
      exit
      vlan 4094
      name “MANAGEMENT”
      tagged 47-52
      ip address 172.16.52.12 255.255.255.0
      exit
      spanning-tree
      spanning-tree 1 admin-edge-port
      spanning-tree 1 bpdu-filter
      spanning-tree 2 admin-edge-port
      spanning-tree 2 bpdu-filter
      spanning-tree 3 admin-edge-port
      spanning-tree 3 bpdu-filter
      spanning-tree 4 admin-edge-port
      spanning-tree 4 bpdu-filter
      spanning-tree 5 admin-edge-port
      spanning-tree 5 bpdu-filter
      spanning-tree 6 admin-edge-port
      spanning-tree 6 bpdu-filter
      spanning-tree 7 admin-edge-port
      spanning-tree 7 bpdu-filter
      spanning-tree 8 admin-edge-port
      spanning-tree 8 bpdu-filter
      spanning-tree 9 admin-edge-port
      spanning-tree 9 bpdu-filter
      spanning-tree 10 admin-edge-port
      spanning-tree 10 bpdu-filter
      spanning-tree 11 admin-edge-port
      spanning-tree 11 bpdu-filter
      spanning-tree 12 admin-edge-port
      spanning-tree 12 bpdu-filter
      spanning-tree 13 admin-edge-port
      spanning-tree 13 bpdu-filter
      spanning-tree 14 admin-edge-port
      spanning-tree 14 bpdu-filter
      spanning-tree 15 admin-edge-port
      spanning-tree 15 bpdu-filter
      spanning-tree 16 admin-edge-port
      spanning-tree 16 bpdu-filter
      spanning-tree 17 admin-edge-port
      spanning-tree 17 bpdu-filter
      spanning-tree 18 admin-edge-port
      spanning-tree 18 bpdu-filter
      spanning-tree 19 admin-edge-port
      spanning-tree 19 bpdu-filter
      spanning-tree 20 admin-edge-port
      spanning-tree 20 bpdu-filter
      spanning-tree 21 admin-edge-port
      spanning-tree 21 bpdu-filter
      spanning-tree 22 admin-edge-port
      spanning-tree 22 bpdu-filter
      spanning-tree 23 admin-edge-port
      spanning-tree 23 bpdu-filter
      spanning-tree 24 admin-edge-port
      spanning-tree 24 bpdu-filter
      spanning-tree 25 admin-edge-port
      spanning-tree 25 bpdu-filter
      spanning-tree 26 admin-edge-port
      spanning-tree 26 bpdu-filter
      spanning-tree 27 admin-edge-port
      spanning-tree 27 bpdu-filter
      spanning-tree 28 admin-edge-port
      spanning-tree 28 bpdu-filter
      spanning-tree 29 admin-edge-port
      spanning-tree 29 bpdu-filter
      spanning-tree 30 admin-edge-port
      spanning-tree 30 bpdu-filter
      spanning-tree 31 admin-edge-port
      spanning-tree 31 bpdu-filter
      spanning-tree 32 admin-edge-port
      spanning-tree 32 bpdu-filter
      spanning-tree 33 admin-edge-port
      spanning-tree 33 bpdu-filter
      spanning-tree 34 admin-edge-port
      spanning-tree 34 bpdu-filter
      spanning-tree 35 admin-edge-port
      spanning-tree 35 bpdu-filter
      spanning-tree 36 admin-edge-port
      spanning-tree 36 bpdu-filter
      spanning-tree 37 admin-edge-port
      spanning-tree 37 bpdu-filter
      spanning-tree 38 admin-edge-port
      spanning-tree 38 bpdu-filter
      spanning-tree 39 admin-edge-port
      spanning-tree 39 bpdu-filter
      spanning-tree 40 admin-edge-port
      spanning-tree 40 bpdu-filter
      spanning-tree 41 admin-edge-port
      spanning-tree 41 bpdu-filter
      spanning-tree 42 admin-edge-port
      spanning-tree 42 bpdu-filter
      spanning-tree 43 admin-edge-port
      spanning-tree 43 bpdu-filter
      spanning-tree 44 admin-edge-port
      spanning-tree 44 bpdu-filter
      spanning-tree 45 admin-edge-port
      spanning-tree 45 bpdu-filter
      spanning-tree 46 admin-edge-port
      spanning-tree 46 bpdu-filter
      spanning-tree 48 admin-edge-port
      spanning-tree 48 bpdu-filter
      spanning-tree 49 admin-edge-port
      spanning-tree 49 bpdu-filter
      spanning-tree 50 admin-edge-port
      spanning-tree 50 bpdu-filter
      spanning-tree bpdu-protection-timeout 10 priority 4 force-version rstp-operation
      no tftp server
      loop-protect 1-48
      loop-protect mode vlan
      loop-protect vlan 1,20
      loop-protect disable-timer 600
      no dhcp config-file-update
      no dhcp image-file-update
      no dhcp tr69-acs-url
      password manager

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *