Calix Community  
 
Reply
Community Manager
Posts: 2
Registered: ‎06-01-2017
0

Re: Best practice for MAC aging

thanks

Highlighted
Frequent Contributor
Posts: 81
Registered: ‎12-14-2012
0

Re: Best practice for MAC aging

We had a problem with lots of traffic that was broadcast on our Motorola GPON system. They did not have specific guidence on what the MAC ageing time should be, but provided some general rules.

 

 

1)


Make sure when you increase the ageing time you do not max out the total number of MAC addresses a piece of equipment can handle. We found that may be less than what is in the specs.

 

 

2)


The ageing time of the upstream device(s) should be similar.

 

 

The default ageing time for the Moto gear was 300 seconds, we ended up going as high as 1200 seconds on most of the OLTs, but found 900 seconds to work the best on a couple. Our gateways devices are set to 1100 seconds. Most of those OLTs have around 1500 ONTs connected.

 

 

We arrived at those numbers by running Wireshark on a computer connected to an ONT and watching for packets whose destination IP is not the IP of the computer running Wireshark. We raised the ageing time until the traffic was at a level we could be comfortable with. For example going to 1800 from 1200 seconds did reduce the broadcast of traffic, but the percent reduced from 1200 seconds was minimal. The two OLTs that are at 900 second ageing time had odd behavior at 1200 seconds even though the configuration of the OLTs was otherwise the same as others that worked fine at 1200 seconds.

 

I could not find a MAC ageing time setting on the E7-20, any clues where it is ?

Senior Member
Posts: 47
Registered: ‎02-13-2010
0

Re: Best practice for MAC aging

not quite sure on the e7-20 but on the e7-2 it's in the security profiles section CMS > PROFILE > E7 > SECURITY

Senior Member
Posts: 47
Registered: ‎02-13-2010
0

Re: Best practice for MAC aging

So just an update on sorin and my situation, we did a maintenance last night turned off HSRP on a VLAN with 1200 hosts set arp aging to 270 on cisco and 300 mac agging across our cyan/ciena switching and calix, which basically dropped all the broadcast and unicast flooding close to zero.  It looks like it was a mixture of things that where happening as we did it in steps and could see a big changes each time and last we turned off HSRP and it dropped to basically zero.  

Contributor
Posts: 92
Registered: ‎01-16-2014
0

Re: Best practice for MAC aging

MAC aging mismatch accounted for about 2/3 of the unicast flooding while the rest was HSRP. We dropped from about 500mbps at peak to 0.

Frequent Contributor
Posts: 81
Registered: ‎12-14-2012
0

Re: Best practice for MAC aging

We had to turn off HSRP on some VLANs because certain customer devices did not like getting packets from a different MAC than the shared IP MAC. Good to know HSRP contributes to large amounts of broadcast traffic.

 

Side point - I have seen some customer devices with really bad DHCP clients contributing to large broadcast traffic. In the DHCP server log there is one customer device that consistantly goes through a DISCOVER/OFFER/REQ/ACK cycle once a minute even though our standard lease time is 7 hours. It is like I am a kid again and asking my Dad if we are there yet on a 500 mile trip.

Calix Certified
Posts: 1,867
Registered: ‎03-11-2010
0

Re: Best practice for MAC aging

We have a daily exception report that is based on our DHCP log file that lists the top 10 most active MAC addresses for DHCP requests.  Sometimes we end up calling the customer to power-cycle, or if it's a cable modem customer, reboot their cable modem.