How to make 2 clients on same VLAN communicate to each other when tunnel-loop-prevention is enabled?

MVP Expert
MVP Expert

How to make two clients on same VLAN communicate to each other when tunnel-loop-prevention is enabled on tunneled-node configuration at controller?

Whenever we enable tunnel-loop-prevention on controller while we configure tunneled-node, the communication between two tunneled-node client on same VLAN is blocked or dropped.

If the tunneled-node clients are of different VLANs then they can communicate between them even when the tunnel-loop-prevention is enabled on the controller.


To make two tunneled-node client on same VLAN to communicate between them, we need to enable "local-proxy-arp" for the interface VLAN on the controller.

Once it is enabled now the tunneled-node clients on same VLAN can communicate between each other. 


To enable "local-proxy-arp":

Get to the interface of the VLAN on the controller

Example :

(config)#interface vlan 5
(config)#ip local-proxy-arp


To enable tunnel loop prevention on controller

(config)# tunnel-loop-prevention



Show commands:

To check if tunnel-loop-prevention is enabled or disabled

#show tunneled-node config

Tunnelded node Server: Enabled
Tunnel Loop Prevention: Enabled


To check if local-proxy-ap is enabled:

#show interface vlan 5

Look for in the output "ProxyARP enable"



Version history
Revision #:
2 of 2
Last update:
‎08-04-2015 05:39 PM
Updated by:

Thank you for the info.  This is very helpful.  I have another question to add to this.  Once you enable tunnel loop prevention and proxy arp is there anyway to find a loop if one occurs? We have intentially looped the network and we can't seem to figure out the best way to find it.  Thanks ahead of time for any help. 

Search Airheads
Showing results for 
Search instead for 
Did you mean: