Solved: default udld message interval and blocked port(STP)

sarahr202 · ‎08-21-2012

Hi everybody

My book says on 4500 and 6500 switches, the default message interval of udld is 15 sec. Udld can detect a unidirectional link in about three interval which is 45 sec. Once the unidirection link is detected, udld will send message every sec for 8 seconds after the port is put in errdisable state if aggresive mode is configured.

So let do the math it wll take 45 seconds plus 8 seconds before udld put the port in errdisable state. A blocked port ( STP) will transition to forwarding state in 45 seconds( assuming default timers) if it stops receiving bpdu.. So If the default is considered for udld and stp, stp will transition its blocked port to forwarding state before udld put that port in errdisable state assuming udld aggressive mode

Based on the above, is it not true if switch is left to default timers for stp and udld, stp will transition its blocked to forwarding state before udld disables it ?

thanks.

Rolf Fischer · ‎08-22-2012

If I understand your question right, you are comparing UDLD and STP timers particulary for STP blocked ports with having aggressive mode err-disable in mind. I don't think that this can happen.

If the STP calculates the logical topology for the first time, there might some ports result in blocked state. Because this ports never had a bidirectional UDLD neighborship to other devices, nothing can go wrong.

A different scenario is a topology change with a port transition from forwarding to blocking state. I'm not sure about that. If a port is shutdown or UDLD is deactivated, a special message ("Flush") is sent to the neighbor(s) to inform them.

(RFC 5171:

....

Whenever an interface gets disabled and UDLD is running, or whenever UDLD is disabled on an interface, or whenever the device is reset, all existing cache entries for the interfaces affected by the configuration change are cleared, and UDLD sends at least one message to inform the neighbors to flush the part of their caches also affected by the status change. This mechanism is meant to keep the caches coherent on all the connected devices.

....

)

I assume the same thing happens when a port transitions into STP blocked state, but I'm not sure. If so, again nothing can go wrong.

Maybe I find some time to try it in a lab environment.

Hope that helps at least a little bit.

Rolf

View solution in original post

Rolf Fischer · ‎08-22-2012

If I understand your question right, you are comparing UDLD and STP timers particulary for STP blocked ports with having aggressive mode err-disable in mind. I don't think that this can happen.

If the STP calculates the logical topology for the first time, there might some ports result in blocked state. Because this ports never had a bidirectional UDLD neighborship to other devices, nothing can go wrong.

A different scenario is a topology change with a port transition from forwarding to blocking state. I'm not sure about that. If a port is shutdown or UDLD is deactivated, a special message ("Flush") is sent to the neighbor(s) to inform them.

(RFC 5171:

....

Whenever an interface gets disabled and UDLD is running, or whenever UDLD is disabled on an interface, or whenever the device is reset, all existing cache entries for the interfaces affected by the configuration change are cleared, and UDLD sends at least one message to inform the neighbors to flush the part of their caches also affected by the status change. This mechanism is meant to keep the caches coherent on all the connected devices.

....

)

I assume the same thing happens when a port transitions into STP blocked state, but I'm not sure. If so, again nothing can go wrong.

Maybe I find some time to try it in a lab environment.

Hope that helps at least a little bit.

Rolf

sarahr202 · ‎08-24-2012

Thanks Rolf

I apologize for the late reply and not being very articulate in my first post.

Let say we have a network consists of many switches. Among those switches, we have sw1 and sw2.

Rest of switched network--trunk--Sw1f1/1--------------f1/1 Sw2--trunk--rest of switched network

Sw1 an sw2 have udld enabled on their f1/1 ports. Further assume network is stable i.e no current stp calculation is going on.

Sw1/1 is blocking port f1/1. Sw2's f1/1 port is chosen as a designated port.

Case1:

Let say we have udld normal mode configured.

For some reason, udld at sw1 is not receiving echo from its neighbor sw2, after 45 seconds( assuming default udld interval 15 sec) udld generates a syslog message.

In above case sw1 will start transitioning its blocked port through listening ,learning and forwarding states after 20 sec which could generate bridging loop.

Case2:

Let say sw1 and sw2 have udld configured in aggressive mode.

Even though the sw1 f1/1 is blocking its port, traffic such as udld messages are allowed to be exchanged .

For some reason, udld at swf1/1 is not receiving echo from its neighbor sw2. Assumming default timers, it will take 45 +8 seconds for udld to declare the link as unidirectional.

why 45 + 8 seconds?

default message interval for udld is 15 seconds. If no echo is received in three interval time i.e 45 sec, udld suspect a unidirectional link. Udld then sends udld messages every second for 8 seconds before putting the port in errdisable state.

So altogether it will take 53 seconds for udld to put f1/1 in errdisable state.

Stp will put its blocked port to forwarding state in 45 seconds if the blocked ports stop receiving bpdu. So in this case Stp on sw1 will be able to sw1's blockedport f1/1 in forwarding state before udld disable the port.

the end result is the port will be disabled albeit a lillte late.

I just want to confirm the above as my book suggested.

thanks

Rolf Fischer · ‎09-05-2012

Doing some lab playing around, I was suprised seeing the results.

First: Your're right, though STP Blocking state typically is described as "receiving and processing exclusiveley BPDUs and sending nothing", UDLD is processed too:

Access1#show spanning-tree interface gi0/46

Vlan Role Sts Cost Prio.Nbr Type

VLAN0001 Altn BLK 4 128.46 P2p

*Mar 1 02:21:28.860: udld process packet received, length 109 (Gi0/46)

(...)

*Mar 1 02:21:29.564: UDLD send probe message, flags = rec_timeout (Gi0/46)

Now the interaction between STP and UDLD timers.

Regaring timers, there are 2 extremes for the occurrence of a link error:

- immediate after an UDLD refresh

- shortly before receiving the next UDLD refresh

Between this extremes we have 15 seconds per default.

Here now the corresponding debugs (note the timestamps):

Access1#show spanning-tree interface gi0/45
Vlan                Role Sts Cost      Prio.Nbr Type
VLAN0001            Altn BLK 19        128.45   P2p

! link-error simulated now - shortly before receiving the next UDLD refresh
Access1#show udld gi0/45 | i Exp
    Expiration time: 31
! STP MaxAge timed out
*Mar 1 06:14:42.139: STP: VLAN0001 Gi0/45 -> listening
Access1#show udld gi0/45 | i Exp
    Expiration time: 11
Access1#
*Mar 1 06:14:54.563: allNeighborsAgedOutEventduring link up. (Gi0/45)
*Mar 1 06:14:54.563: Phase set from ADV to LUP because all neighbors aged out (Gi0/45)
*Mar 1 06:14:54.563: prev= 0 entry = 2231B50 next = 0 exp_time = 0 (Gi0/45)
*Mar 1 06:14:54.563: udsb->cache = 0x1EED16C (Gi0/45)
*Mar 1 06:14:54.563: timeout timer = 7 (Gi0/45)
*Mar 1 06:14:55.561: timeout timer = 6 (Gi0/45)
*Mar 1 06:14:56.568: timeout timer = 5 (Gi0/45)
! STP 1x Fwd-Delay
*Mar 1 06:14:57.147: STP: VLAN0001 Gi0/45 -> learning
! next STP state change to FWD at 06:15:12 (2x Fwd-Delay)
*Mar 1 06:14:57.566: timeout timer = 4 (Gi0/45)
*Mar 1 06:14:58.564: timeout timer = 3 (Gi0/45)
*Mar 1 06:14:59.563: timeout timer = 2 (Gi0/45)
*Mar 1 06:15:00.561: timeout timer = 1 (Gi0/45)
*Mar 1 06:15:01.567: timeout timer = 0 (Gi0/45)
*Mar 1 06:15:01.567: Phase set to udld_advertisement from phase udld_link_upin aggresive mode after all neighbors aged out. (Gi0/45)
*Mar 1 06:15:01.567: %UDLD-4-UDLD_PORT_DISABLED: UDLD disabled interface Gi0/45, aggressive mode failure detected
*Mar 1 06:15:01.567: %PM-4-ERR_DISABLE: udld error detected on Gi0/45, putting Gi0/45 in err-disable state
*Mar 1 06:15:01.576: STP: VLAN0001 sent Topology Change Notice on Gi0/1
*Mar 1 06:15:01.576: Port UDLD set error disabled (Gi0/45)
*Mar 1 06:15:01.576: Phase set to udld_advertisement after timer_expired. (Gi0/45)

=> No problem in this case.

! link-error simulated now - immediate after UDLD refresh
*Mar 1 06:43:50.929: Single neighbor detected (Gi0/45)
*Mar 1 06:43:50.929: Checking if link is bidirectional (Gi0/45)
*Mar 1 06:43:50.929: Found my own ID
! STP MaxAge timed out
*Mar 1 06:44:10.013: STP: VLAN0001 Gi0/45 -> listening
! STP 1x Fwd-Delay
*Mar 1 06:44:25.021: STP: VLAN0001 Gi0/45 -> learning
! UDLD 3x 15 Sec
*Mar 1 06:44:35.565: allNeighborsAgedOutEventduring link up. (Gi0/45)
*Mar 1 06:44:35.565: Phase set from ADV to LUP because all neighbors aged out (Gi0/45)
*Mar 1 06:44:35.565: prev= 0 entry = 22FA490 next = 0 exp_time = 0 (Gi0/45)
*Mar 1 06:44:35.565: udsb->cache = 0x1EED16C (Gi0/45)
*Mar 1 06:44:35.565: timeout timer = 7 (Gi0/45)
*Mar 1 06:44:36.563: timeout timer = 6 (Gi0/45)
*Mar 1 06:44:37.562: timeout timer = 5 (Gi0/45)
*Mar 1 06:44:38.568: timeout timer = 4 (Gi0/45)
*Mar 1 06:44:39.566: timeout timer = 3 (Gi0/45)
! STP 2x Fwd-Delay
*Mar 1 06:44:40.028: STP: VLAN0001 sent Topology Change Notice on Gi0/1
*Mar 1 06:44:40.028: STP: VLAN0001 Gi0/45 -> forwarding
*Mar 1 06:44:40.565: timeout timer = 2 (Gi0/45)
*Mar 1 06:44:41.563: timeout timer = 1 (Gi0/45)
*Mar 1 06:44:42.561: timeout timer = 0 (Gi0/45)
*Mar 1 06:44:42.561: Phase set to udld_advertisement from phase udld_link_upin aggresive mode after all neighbors aged out. (Gi0/45)
*Mar 1 06:44:42.561: %UDLD-4-UDLD_PORT_DISABLED: UDLD disabled interface Gi0/45, aggressive mode failure detected
*Mar 1 06:44:42.561: %PM-4-ERR_DISABLE: udld error detected on Gi0/45, putting Gi0/45 in err-disable state
*Mar 1 06:44:42.569: STP: VLAN0001 sent Topology Change Notice on Gi0/1
*Mar 1 06:44:42.569: Port UDLD set error disabled (Gi0/45)
*Mar 1 06:44:42.569: Phase set to udld_advertisement after timer_expired. (Gi0/45)

So the answer seems to be: In the worst case, there is a chance for a 2-second-loop.

I don't think this can really kill a LAN but I wonder why they designed the timers this way.

Pretty interesting!

Best regards

Rolf

danrya · ‎11-28-2012

One other clarification, with UDLD normal mode, if a UDLD timeout occurs, we send an empty echo to our neighbor. If the empty echo is received (true unidirectional link), the neighbor that receives the empty echo will err-disable the port.

Dan Ryan, NCE

Cisco Systems, Inc