Finally, starting with the version of RouterOS v6.37 and higher, protection against loops has appeared.
Loop Protect can be enabled on ethernet, vlan, eoip, eoipv6 interfaces.
Via WEB and Winbox on the interface settings page, opening the Interfaces menu.
Through the CLI, you need to go to the required submenu:
Continue reading “Configure Loop Protect in RouterOS (MikroTik)”
For example, I will use the D-Link DES-3200 switch, on other models the setting for LoopBack Detection is essentially the same.
Activation of the LoopBack Detection (LBD) function on the switch:
Enabling LoopBack Detection on ports 1 through 16:
config loopdetect ports 1-16 state enable
Setting recover_timer (time in seconds for which the port will be disabled if a loop is detected), interval (interval between sending loop detection packets), mode (port-based — port is blocked or vlan-based — vlan traffic is blocked in which a loop is detected):
config loopdetect recover_timer 300 interval 10 mode port-based
Let us configure that it is written to the log that a loop was detected and the traps were not sent:
config loopdetect log state enable
config loopdetect trap none
In the web interface, you can configure this feature in the “L2 Features” – “Loopback Detection Settings”.
For example, configure Loopback Detection on the Alcatel OmniStack LS 6224 switch.
Let’s look at the current settings for Loopback Detection:
Let’s go into the configuration mode, enable and specify some parameters of Loopback Detection:
loopback-detection mode src-mac-addr
loopback-detection interval 30
Turn on the client ports Loopback Detection:
interface range ethernet e1-24,g2-4
g1 I have an uplink, so I did not enable Loopback Detection on it.
Let’s configure automatic activation of the port after 3000 seconds, if it was turned off due to the loop (you can specify the value in seconds 30-86400, standard 300):
errdisable recovery interval 3000
errdisable recovery cause loopack-detection
show errdisable recovery
show errdisable interfaces
Exit the configuration mode and save the configuration:
copy running-config startup-config