CCIE Routing & Switching v5 Workbook -
CCIE R&S v5 Advanced Technology Labs -
LAN Switching
Unidirectional Link Detection
A Note On Section Initial Configuration Files: You must load the
initial configuration files for the section, named LAN Switching Initial
Spanning Tree, which can be found in
. Reference the Virtual Routers &
Physical Switches Diagram to complete this task.
Task
Configure UDLD to prevent unidirectional links from forming on any of the inter-
switch links in the Layer 2 network.
Configuration
SW1 - SW4:
interface range FastEthernet0/19 - 20
udld port aggressive
!
interface range FastEthernet0/23 - 24
udld port aggressive
Verification
UDLD, like Loop Guard, is used to prevent loops caused by unidirectional links. The
difference between the features is that Loop Guard uses STP BPDUs to detect
these failures, whereas UDLD uses its own keepalive mechanism. UDLD is a Cisco
proprietary feature in which peers discover each other by exchanging frames sent to
the well-known MAC address 01:00:0C:CC:CC:CC. Each switch sends its own
device ID along with the originator port ID and timeout value to its peer. Additionally,
a switch echoes back the ID of its neighbor. If no echo frame with the switch’s own ID
has been seen from the peer for a certain amount of time, the port is suspected to be
unidirectional. What happens next depends on UDLD mode of operation.
In Normal mode, if the physical state of port (as reported by Layer 1) is still up,
UDLD marks this port as Undetermined but does NOT shutdown or disable the
port, and it continues to operate under its current STP status. This mode of
operation is informational and potentially less disruptive (although it does not
prevent physical loops). If UDLD is set to Aggressive mode, when the switch loses
its neighbor it actively tries to re-establish the relationship by sending a UDLD
frames 8 times every 1 second. If the neighbor does not respond after that, the port
is considered to be unidirectional and sent to err-disable state. The port is not
automatically recovered unless UDLD err-disable recovery is configured.
In certain designs there are unidirectional links that Loop Guard can prevent and
UDLD cannot, and likewise ones that UDLD can prevent but Loop Guard cannot.
For example, if a loop occurs because of a physical wiring problem (for example,
someone mistakenly mixes up the send and receive pairs of a fiber link), UDLD can
detect this, but Loop Guard cannot. Likewise, if there is a unidirectional link caused
by a failure in the STP software itself, although much more rare, Loop Guard can
detect this but UDLD cannot. Based on this, the features can be configured at the
same time to protect against all possible unidirectional link scenarios.
Although in this design UDLD is configured on copper UTP interfaces, this case is
usually not needed in a real network design because of the Fast Link Pulse (FLP)
signals that already track the interface status on wired interfaces. Instead, UDLD is
more commonly run on fiber optic interfaces. UDLD can be enabled globally or at
the port level in both modes, however if configured globally it only applies to fiber
link ports. For this reason, we’re enabling it at the port level on all switches.
Verify that UDLD is enabled, and neighbors have been discovered, for example
between SW1 and SW3:
SW1#show udld fastethernet0/19
Interface Fa0/19
---
Port enable administrative configuration setting: Enabled / in aggressive mode
Port enable operational state: Enabled / in aggressive mode
Current bidirectional state: Bidirectional
Current operational state: Advertisement - Single neighbor detected
Message interval: 15000
Time out interval: 5000
Entry 1
---
Expiration time: 42300
Device ID: 1Current neighbor state: Bidirectional
Device name: FDO1227X2KE Port ID: Fa0/19
Neighbor echo 1 device: CAT0906R10C
Neighbor echo 1 port: Fa0/19
Message interval: 15
Time out interval: 5
CDP Device name: SW3
!
!SW3#show udld fastethernet0/19
Interface Fa0/19
---
Port enable administrative configuration setting: Enabled / in aggressive mode
Port enable operational state: Enabled / in aggressive mode
Current bidirectional state: Bidirectional
Current operational state: Advertisement - Single neighbor detected
Message interval: 15000
Time out interval: 5000
Entry 1
---
Expiration time: 34600
Device ID: 1Current neighbor state: Bidirectional
Device name: CAT0906R10C Port ID: Fa0/19
Neighbor echo 1 device: FDO1227X2KE
Neighbor echo 1 port: Fa0/19
Message interval: 15
Time out interval: 5
CDP Device name: SW1
!
!SW1#show udld neighbors
PortDevice Name
Device ID
Port ID
Neighbor State
---------------
---------
-------
--------------
Fa0/19 FDO1227X2KE1
Fa0/19Bidirectional
Fa0/20 FDO1227X2KE1
Fa0/20Bidirectional
Fa0/23 CAT1025NMR81
Fa0/23Bidirectional
Fa0/24 CAT1025NMR81
Fa0/24Bidirectional