- Index
- Preface
- Overview
- Using the Command-Line Interface
- Getting Started with CMS
- Assigning the Switch IP Address and Default Gateway
- Clustering Switches
- Administering the Switch
- Configuring SDM Templates
- Configuring Switch-Based Authentication
- Configuring 802.1X Port-Based Authentication
- Configuring Interface Characteristics
- Configuring SmartPort Macros
- Configuring VLANs
- Configuring VTP
- Configuring Voice VLAN
- Configuring STP
- Configuring MSTP
- Configuring Optional Spanning-Tree Features
- Configuring DHCP Features
- Configuring IGMP Snooping and MVR
- Configuring Port-Based Traffic Control
- Configuring CDP
- Configuring UDLD
- Configuring SPAN and RSPAN
- Configuring RMON
- Configuring System Message Logging
- Configuring SNMP
- Configuring Network Security with ACLs
- Configuring QoS
- Configuring EtherChannels
- Configuring IP Unicast Routing
- Configuring HSRP
- Configuring IP Multicast Routing
- Configuring MSDP
- Configuring Fallback Bridging
- Troubleshooting
- Supported MIBs
- Working with the Cisco IOS File System, Configuration Files, and Software Images
- Unsupported Commands in Cisco IOS Release 12.1(19)EA1
Configuring UDLD
This chapter describes how to configure the UniDirectional Link Detection (UDLD) protocol on the Catalyst 3560 switch.
Note For complete syntax and usage information for the commands used in this chapter, refer to the command reference for this release.
This chapter consists of these sections:
Understanding UDLD
UDLD is a Layer 2 protocol that enables devices connected through fiber-optic or twisted-pair Ethernet cables to monitor the physical configuration of the cables and detect when a unidirectional link exists. All connected devices must support UDLD for the protocol to successfully identify and disable unidirectional links. When UDLD detects a unidirectional link, it administratively shuts down the affected port and alerts you. Unidirectional links can cause a variety of problems, including spanning-tree topology loops.
Modes of Operation
UDLD supports two modes of operation: normal (the default) and aggressive. In normal mode, UDLD can detect unidirectional links due to misconnected ports on fiber-optic connections. In aggressive mode, UDLD can also detect unidirectional links due to one-way traffic on fiber-optic and twisted-pair links and to misconnected ports on fiber-optic links.
In normal and aggressive modes, UDLD works with the Layer 1 mechanisms to learn the physical status of a link. At Layer 1, autonegotiation takes care of physical signaling and fault detection. UDLD performs tasks that autonegotiation cannot perform, such as detecting the identities of neighbors and shutting down misconnected ports. When you enable both autonegotiation and UDLD, the Layer 1 and Layer 2 detections work together to prevent physical and logical unidirectional connections and the malfunctioning of other protocols.
A unidirectional link occurs whenever traffic sent by a local device is received by its neighbor but traffic from the neighbor is not received by the local device.
In normal mode, UDLD detects a unidirectional link when fiber strands in a fiber-optic port are misconnected and the Layer 1 mechanisms do not detect this misconnection. If the ports are connected correctly but the traffic is one way, UDLD does not detect the unidirectional link because the Layer 1 mechanism, which is supposed to detect this condition, does not do so. In case, the logical link is considered undetermined, and UDLD does not disable the port.
When UDLD is in normal mode, if one of the fiber strands in a pair is disconnected and autonegotiation is active, the link does not stay up because the Layer 1 mechanisms did not detect a physical problem with the link. In this case, UDLD does not take any action, and the logical link is considered undetermined.
In aggressive mode, UDLD detects a unidirectional link by using the previous detection methods. UDLD in aggressive mode can also detect a unidirectional link on a point-to-point link on which no failure between the two devices is allowed. It can also detect a unidirectional link when one of these problems exists:
•On fiber-optic or twisted-pair links, one of the ports cannot send or receive traffic.
•On fiber-optic or twisted-pair links, one of the ports is down while the other is up.
•One of the fiber strands in the cable is disconnected.
In these cases, UDLD shuts down the affected port.
In a point-to-point link, UDLD hello packets can be considered as a heart beat whose presence guarantees the health of the link. Conversely, the loss of the heart beat means that the link must be shut down if it is not possible to re-establish a bidirectional link.
If both fiber strands in a cable are working normally from a Layer 1 perspective, UDLD in aggressive mode detects whether those fiber strands are connected correctly and whether traffic is flowing bidirectionally between the correct neighbors. This check cannot be performed by autonegotiation because autonegotiation operates at Layer 1.
Methods to Detect Unidirectional Links
UDLD operates by using two mechanisms:
•Neighbor database maintenance
UDLD learns about other UDLD-capable neighbors by periodically sending a hello packet (also called an advertisement or probe) on every active port to keep each device informed about its neighbors.
When the switch receives a hello message, it caches the information until the age time (hold time or time-to-live) expires. If the switch receives a new hello message before an older cache entry ages, the switch replaces the older entry with the new one.
Whenever a port is disabled and UDLD is running, whenever UDLD is disabled on a port, or whenever the switch is reset, UDLD clears all existing cache entries for the ports affected by the configuration change. UDLD sends at least one message to inform the neighbors to flush the part of their caches affected by the status change. The message is intended to keep the caches synchronized.
•Event-driven detection and echoing
UDLD relies on echoing as its detection mechanism. Whenever a UDLD device learns about a new neighbor or receives a resynchronization request from an out-of-sync neighbor, it restarts the detection window on its side of the connection and sends echo messages in reply. Because this behavior is the same on all UDLD neighbors, the sender of the echoes expects to receive an echo in reply.
If the detection window ends and no valid reply message is received, the link might shut down, depending on the UDLD mode. When UDLD is in normal mode, the link might be considered undetermined and might not be shut down. When UDLD is in aggressive mode, the link is considered unidirectional, and the port is shut down.
If UDLD in normal mode is in the advertisement or in the detection phase and all the neighbor cache entries are aged out, UDLD restarts the link-up sequence to resynchronize with any potentially out-of-sync neighbors.
If you enable aggressive mode when all the neighbors of a port have aged out either in the advertisement or in the detection phase, UDLD restarts the link-up sequence to resynchronize with any potentially out-of-sync neighbor. UDLD shuts down the port if, after the fast train of messages, the link state is still undetermined.
Figure 22-1 shows an example of a unidirectional link condition.
Figure 22-1 UDLD Detection of a Unidirectional Link
Configuring UDLD
This section describes how to configure UDLD on your switch. It contains this configuration information:
•Enabling UDLD on an Interface
•Resetting an Interface Disabled by UDLD
Default UDLD Configuration
Table 22-1 shows the default UDLD configuration.
Configuration Guidelines
These are the UDLD configuration guidelines:
•UDLD is not supported on ATM ports.
•A UDLD-capable port also cannot detect a unidirectional link if it is connected to a UDLD-incapable port of another switch.
•When configuring the mode (normal or aggressive), make sure that the same mode is configured on both sides of the link.
Enabling UDLD Globally
Beginning in privileged EXEC mode, follow these steps to enable UDLD in the aggressive or normal mode and to set the configurable message timer on all fiber-optic ports on the switch:
|
|
|
---|---|---|
Step 1 |
configure terminal |
Enter global configuration mode. |
Step 2 |
udld {aggressive | enable | message time message-timer-interval} |
Specify the UDLD mode of operation: •aggressive—Enables UDLD in aggressive mode on all fiber-optic ports. •enable—Enables UDLD in normal mode on all fiber-optic ports on the switch. UDLD is disabled by default. An individual interface configuration overrides the setting of the udld enable global configuration command. For more information about aggressive and normal modes, see the "Modes of Operation" section. •message time message-timer-interval—Configures the period of time between UDLD probe messages on ports that are in the advertisement phase and are detected to be bidirectional. The range is from 7 to 90 seconds. Note This command affects fiber-optic ports only. Use the udld interface configuration command to enable UDLD on other port types. For more information, see the "Enabling UDLD on an Interface" section. |
Step 3 |
end |
Return to privileged EXEC mode. |
Step 4 |
show udld |
Verify your entries. |
Step 5 |
copy running-config startup-config |
(Optional) Save your entries in the configuration file. |
To disable UDLD globally, use the no udld enable global configuration command to disable normal mode UDLD on all fiber-optic ports. Use the no udld aggressive global configuration command to disable aggressive mode UDLD on all fiber-optic ports.
Enabling UDLD on an Interface
Beginning in privileged EXEC mode, follow these steps either to enable UDLD in the aggressive or normal mode or to disable UDLD on a port:
|
|
|
---|---|---|
Step 1 |
configure terminal |
Enter global configuration mode. |
Step 2 |
interface interface-id |
Specify the port to be enabled for UDLD, and enter interface configuration mode. |
Step 3 |
udld port {aggressive | disable} |
UDLD is disabled by default. •udld port—Enables UDLD in normal mode on the specified port. •udld port aggressive—Enables UDLD in aggressive mode on the specified port. •udld port disable—Disables UDLD on the specified fiber-optic port. This command overrides the UDLD global setting and is available only on fiber-optic ports. For more information about aggressive and normal modes, see the "Modes of Operation" section. |
Step 4 |
end |
Return to privileged EXEC mode. |
Step 5 |
show udld interface-id |
Verify your entries. |
Step 6 |
copy running-config startup-config |
(Optional) Save your entries in the configuration file. |
Resetting an Interface Disabled by UDLD
Beginning in privileged EXEC mode, follow these steps to reset all ports disabled by UDLD:
|
|
|
---|---|---|
Step 1 |
udld reset |
Reset all ports disabled by UDLD. |
Step 2 |
show udld |
Verify your entries. |
You can also bring up the port by using these commands:
•The shutdown interface configuration command followed by the no shutdown interface configuration command restarts the disabled port.
•The no udld {aggressive | enable} global configuration command followed by the udld {aggressive | enable} global configuration command re-enables the disabled ports.
•The udld port disable interface configuration command followed by the udld port [aggressive] interface configuration command re-enables the disabled fiber-optic port.
•The errdisable recovery cause udld global configuration command enables the timer to automatically recover from the UDLD error-disabled state, and the errdisable recovery interval interval global configuration command specifies the time to recover from the UDLD error-disabled state.
Displaying UDLD Status
To display the UDLD status for the specified port or for all ports, use the show udld [interface-id] privileged EXEC command.
For detailed information about the fields in the command output, refer to the command reference for this release.