This test checks that a switch detects loops in customer equipment and disables the looping port. If such a port is not disabled, the loop will consume resources in the network.
Loops of the following types need detecting:
- Loop in customer home/CPE: A customer has bridged two ports together in equipment at home, creating a forwarding loop.
- Loop between two ports in the same access switch: Two customers have connected their networks by a cable.
- Loop between two ports in different access switches: Two customers have connected their networks by a cable.
- Malicious creates a loop mirroring all incoming packets.
- Malicious can answer incoming requests 20 seconds after the loop was created.
- Customer cannot answer an incoming request.
This test conforms to SEC Access Certification ID "SEC-CM-LD-1".
- Malicious Customer: A customer interface performing malicious actions.
- Customer: One or more customers that Malicious will affect.
- ISP: A central node on a trusted port.
- Source UDP port: Source UDP port for traffic sent from ISP to customers. Range: 1 ... 65535. Default: 41234.
- Destination UDP port: Destination UDP port for traffic sent from ISP to customers. Range: 1 ... 65535. Default: 24567.