Posted on January 30, 2019 8:15 pm
 |  Asked by Alessandro Onesta
Print Friendly, PDF & Email


we have a network topology which connencts 3 sites using 3 different P2P link based on VxLAN over IP-OSPF links (see attached file).
My doubt is about loop protection, in all 3 links we allow all the vlan/vni so, potentially, a L2 loop can happens, as I know STP BPDU are filtered over vxlan links, do we need some l2 loop protection? or the VxLAN technology protects about L2 Loops?

Many thanks in advance

Posted by Alex
Answered on January 30, 2019 9:38 pm

VXLAN utilises a split-horizon model to avoid a loop in this topology, BUM traffic received over a VXLAN tunnel is only forwarded to the local ports, it’s not forwarded back out a VXLAN tunnel. However this doesn’t prevent the potential for a loop, if the correct protection methods (STP etc) are not put in place in each of the local sites.

Posted by Yashwanth Veluri
Answered on January 31, 2019 3:47 am

Hey Alessandro,

If the links between the sites are L3 interfaces, there wouldn’t be an L2 loop. But if they are normal L2 links allowing vlans, then both the vxlan frames as well as STP frames would be exchanged between the devices. The STP frames will not be vxlan encapsulated and exchanged between the sites, but they will be sent normally (unencapsulated) over the L2 links. This way, the STP would help in loop prevention.

Posted by Alessandro Onesta
Answered on January 31, 2019 2:37 pm

Many thanks guys

Posted by Isidore Moreno
Answered on August 28, 2020 12:33 pm

Hi Yashwamth,

I'm not sure to understand the behaviour with BPDU.
According you said, I understand that a BPDU frame coming from a "legacy switch" (outside the VxLAN fabric) to an Arista switch (which is configured as a VTEP), is not encapsulated into a VxLAN packet ? But forwarded to the other VTEP without VxLAN encapsulation ?

Do you have a document from Arista which explain this ? I tried to find it but without success.


Thank you very much


Post your Answer

You must be logged in to post an answer.