Symptoms
SSDP is not supported with multicast snooping mode enabled in an environment where LACP is configured by using a lag for teaming.The reason it is not supported is because of the nature of vMotion which causes a mirror of MAC addresses to VMs running on other hosts.When a VM has vMotion performed that causes the vNic of VMs running on other hosts not involved in that vMotion on the same vSwitch to send SSDP packets to the host switch causing a packet loop on the virtual switchOnce traffic is on the virtual switch the host switch loops the SSDP packets with the MAC addresses of the other VMsWhen this is seen in a Cisco Nexus you will be able to see this withshow CISCO LOG"L2FM-2-L2FM_MAC_FLAP_DISABLE_LEARN: Disabling learning in vlan xxx for 120s due to too many mac moves"If you are within the upstream switch and are pinging within the VM network you will likely see unexpected ICMP dropsThis may also cause BGP/BFD to go down or be intermittentThis may affect all VLANs within the virtual switchTo diagnose check -nsxdp-cli vswitch instance listto see if MAC learning is enabled on the uplinksthis issue can be seen in a packet capture of the vmnics of the vSwitchpktcap-uw --uplink=vmnicX --capture UplinkSndKernel,UplinkRcvKernel --ng -o <name-of-pcap>pktcap-uw --uplink=vmnicX --capture UplinkSndKernel,UplinkRcvKernel --ng -o <name-of-pcap>packet capture while the issue is happening and view the packet capture to see SSDP (port 1900) flooding the packet capture
Purpose
To provide the symptoms of the problem when it does occur, diagnose and workaround the issue
Cause
The topology is configured for LACP by using lag as teaming which causes a mirror on vMotion for destination hosts. When Multicast snooping is enabled after vMotion of VMs, the host switch will loop the SSDP packets with MAC address of VMs running on other hosts that are not involved in vMotion. The vSwitch then forwards incoming SSDP packets back out to the external network/switches.
Impact / Risks
When multicast filtering is set to Multicast Snooping SSDP traffic is initiated during vMotion from the vNIC of a VM on another host to the vSwitch that causes VMs not involved in vMotion to send SSDP packets to the virtual switch which will then forward incoming SSDP packets back out to the external network.
Workaround
Change multicast filter mode from snooping to legacy or block SSDP packets (port 1900)
