Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

BPDU Guard and UDLD

I would like to enable UDLD on the uplink ports to both the distribution and access layer switches. Can this be done without any interruption to the network or does this need to be done during an outage?

In regards to BPDU guard, does this need to be enabled on the distribution switches as well or only on the access-layer switches? Does an outage need to be scheduled for this?

1 ACCEPTED SOLUTION

Accepted Solutions

Re: BPDU Guard and UDLD

By default, UDLD is disabled globally and enabled in readiness on fiber ports. As UDLD is an infrastructure protocol needed between switches only, it is disabled by default on copper ports as these tend to be used for host access.

Once globally enabled, all FE and GE fibre ports have UDLD enabled by default. You can enable udld on other ports if you want as well (eg set udld enable 3/1 where 3/1 is a copper 10/100 port). Trunk or not doesn't matter.

Steve

4 REPLIES

Re: BPDU Guard and UDLD

When you enable UDLD it will cause the link disruption, so schedule an outage. If I remember correctly each link is down for a matter of seconds (less than 15 seconds) as it learns about the neighbors.

BPDU-Guard provides a method for preventing loops by moving a non-trunking port into an ErrDisable state when a BPDU is received on that port.

Under normal conditions, a BPDU packet should never be received on an access-port configured for PortFast. If a BPDU is observed, it indicates an invalid and possibly dangerous configuration that would require the access-port to be shut down. When the BPDU-Guard feature is enabled however, spanning tree shuts down PortFast-configured interfaces that receive BPDUs instead of putting them into the spanning-tree blocking state. The command works on a per switch basis and not per port. As such you can place it on any switch that has portfast enbled. No outage needs to be scheduled.

Steve

New Member

Re: BPDU Guard and UDLD

One last question regarding UDLD... Is it safe to assume that this can be enabled on all fiber uplink ports even if they are not in trunking mode? For example on our core switches trunking (802.1q) is not enabled. Is it safe to enable UDLD on these connections as well? All connections are gig fiber.

Re: BPDU Guard and UDLD

By default, UDLD is disabled globally and enabled in readiness on fiber ports. As UDLD is an infrastructure protocol needed between switches only, it is disabled by default on copper ports as these tend to be used for host access.

Once globally enabled, all FE and GE fibre ports have UDLD enabled by default. You can enable udld on other ports if you want as well (eg set udld enable 3/1 where 3/1 is a copper 10/100 port). Trunk or not doesn't matter.

Steve

New Member

Re: BPDU Guard and UDLD

Thanks for your help Steve.

173
Views
5
Helpful
4
Replies
CreatePlease to create content