Есть два коммутатора (core1 и core2) DGS-3610-26G, объединены между собой линком 10Г.
На core2 приходит канал от одного из провайдеров, 2 порта объединены static agrregataion. Влан от этого провайдера уходит через 10Г на core1.
Иногда у этого провайдера случаются косяки, и коре2 детектирует кольцо:

74:04:12:31: %RLDP-3-LINK_DETECT_ERROR: Detected loop detection error on interface AggregatePort 3.Set this interface errordisable.
74:04:12:32: %SPANTREE-5-TOPOTRAP: Topology Change Trap.
74:04:12:34: %LINK-3-UPDOWN: Interface AggregatePort 3, changed state to down.
74:04:12:34: %LINEPROTO-5-UPDOWN: Line protocol on Interface AggregatePort 3, changed state to down.
74:04:12:34: %SPANTREE-5-TOPOTRAP: Topology Change Trap.
74:04:16:14: %ARPGUARD-4-DOS_DETECTED: ARP DoS attack was detected.
74:04:17:32: %PORT_SECURITY-4-ERR_RECOVER: Interface AggregatePort 3 recover from an error.
74:04:17:32: %RLDP-3-LINK_DETECT_RECOVER: Interface AggregatePort 3 recovered from loop error.
74:04:17:35: %LINK-3-UPDOWN: Interface AggregatePort 3, changed state to up.
74:04:17:35: %LINEPROTO-5-UPDOWN: Line protocol on Interface AggregatePort 3, changed state to up.
74:04:17:37: %RLDP-3-LINK_DETECT_ERROR: Detected loop detection error on interface AggregatePort 3.Set this interface errordisable.
74:04:17:38: %SPANTREE-5-TOPOTRAP: Topology Change Trap.
74:04:17:40: %LINK-3-UPDOWN: Interface AggregatePort 3, changed state to down.
74:04:17:40: %LINEPROTO-5-UPDOWN: Line protocol on Interface AggregatePort 3, changed state to down.
74:04:17:40: %SPANTREE-5-TOPOTRAP: Topology Change Trap.
74:04:18:05: %ARPGUARD-4-DOS_DETECTED: ARP DoS attack was detected.

В момент обнаружения кольца на AggregatePort 3 core 2 ложит порт в error disable, что впринципе верно, но при этом же core 1 ложит 10Г линк тоже в error disable, что уже доставляет серьезные проблемы, потому что вся сеть ложиться на 1 минуту.

core 1:

*Jan 3 15:07:12: %RLDP-3-LINK_DETECT_ERROR: Detected loop detection error on interface TenGigabitEthernet 1/1.Set this interface errordisable.
*Jan 3 15:07:14: %LINK-3-UPDOWN: Interface TenGigabitEthernet 1/1, changed state to down.
*Jan 3 15:07:14: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet 1/1, changed state to down.
*Jan 3 15:10:08: %ARPGUARD-4-DOS_DETECTED: ARP DoS attack was detected.
*Jan 3 15:12:13: %PORT_SECURITY-4-ERR_RECOVER: Interface TenGigabitEthernet 1/1 recover from an error.
*Jan 3 15:12:13: %RLDP-3-LINK_DETECT_RECOVER: Interface TenGigabitEthernet 1/1 recovered from loop error.
*Jan 3 15:12:15: %LINK-3-UPDOWN: Interface TenGigabitEthernet 1/1, changed state to up.
*Jan 3 15:12:15: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet 1/1, changed state to up.
*Jan 3 15:12:16: %ARPGUARD-4-DOS_DETECTED: ARP DoS attack was detected.
*Jan 3 15:14:46: %ARPGUARD-4-DOS_DETECTED: ARP DoS attack was detected.
*Jan 3 15:24:50: %ARPGUARD-4-DOS_DETECTED: ARP DoS attack was detected.
*Jan 3 15:30:16: %ARPGUARD-4-DOS_DETECTED: ARP DoS attack was detected.
*Jan 3 15:33:24: %ARPGUARD-4-DOS_DETECTED: ARP DoS attack was detected.

Два вопроса:
Как отключить на 10Г портах Loopback detection. В Цисках такая функция предусмотрена.
Как более подробнее узнать на что конкретно ругается %ARPGUARD-4-DOS_DETECTED: ARP DoS attack was detected.

_________________
Не важно веришь ли ты в бога, важно верит ли он в тебя...

Вся документация есть в свободном доступе на нащем ftp ftp://ftp.dlink.ru/pub/Switch/DGS-3610% ... scription/
no rldp enable