HI Moshen, From: vpp-dev@lists.fd.io <vpp-dev@lists.fd.io> on behalf of Mohsen Meamarian via lists.fd.io <meamarian.mohsen=gmail....@lists.fd.io> Date: Monday, 2 August 2021 at 18:45 To: vpp-dev@lists.fd.io <vpp-dev@lists.fd.io> Subject: [vpp-dev] MAC Learning in vpp Hi friends, I want to implement port security in vpp. I assume that the l2learn_process function in l2_learn.c runs periodically when vpp is active and When a device is connected to my system , this function helps to learn it's mac. Is this assumption true ?
No. l2_learn runs for all packets that are received on a link on which learning is enabled. You can see it in the trace you provided. It is learning in this VLIB node that will populated the l2fib. because when I run the sh l2fib command , it returns nothing. but when I set an interface as a bridge , the sh l2fib command returns something. my commands : create bridge-domain 2 arp-term 1 create loopback interface set int l2 bridge loop0 2 bvi set interface state loop0 up set interface l2 bridge GigabitEthernet0/8/0 2 show bridge-domain 2 detail show l2fib all but i have a problem here. vpp drop ping packet.Where can the problem come from? I attached my trace command result to this mail.I get " l2-flood: BVI L3 mac mismatch " error. That shows an ARP packet destined to a unicast MAC. That packet was flooded, suggesting an l2fib miss and unknown-unicast flooding is enabled. The dst MAC of the packet did not match the MAC of the BVI (the only other interface in the BD) so it was dropped. /neale
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#19893): https://lists.fd.io/g/vpp-dev/message/19893 Mute This Topic: https://lists.fd.io/mt/84615988/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
