Unidirectional Link Detection (UDLD) is a Cisco proprietary extension that lives to detect miss-configured and broken links between Cisco switches. It verifies that they can both send and receive data on a point-to-point link. This can be used to assist spanning-tree and compliments things like ‘loop guard’ and ‘bridge assurance’ in your spanning-tree designs.
Why is UDLD an assistance to STP? Well lets think of a scenario in which a link has gone unidirectional (data can only be sent or received) you then have a problem that the switches will not see BPDU’s which in turn can result in bridging loops. You are mainly susceptible to this with fibre (can get with copper but generally ‘link pulses’ will detect and therefore its rare). A switch will notice when a physical connection breaks due to the lost of L1 electrical keepalives (Ethernet ‘link beats’) and UDLD will verify we are working at L2 (lower the STP operation).
As it is a tool to assist spanning-tree it should detect a unidirectional link before STP therefore the timers must be sent for this (STP MaxAge + 2x Forward Delays Expire – approx. 50 seconds). UDLD default timers are 15 seconds (3x 15 seconds = 45 seconds to detect).
So how does it work;
- Once UDLD is enabled on the interface (and only Cisco devices) it starts to send special frames to well know MAC 01:00:0C:CC:CC:CC, this results in each switch discovering each other.
- Once discovery has occured the switch will send its own device ID along with originator port ID and a timeout value to its peer.
- The peer switch will then echo the frame back
- The frame should be recived and all is good in the world. However if no frames are recieved back from a peer for a certain amount of time the port is suspected to have gone into a unidirectional state
- The switch will then port the port in one of two states – ‘Normal’ or Aggressive’
The desicion on which state is defined in teh configuration.
The physical state of the port will stay up but UDLD marks it as undetermined. As the port remains up you still run the risk of bridging loops occurring.
This mode actively tries to re-establish the relationship between the switches by sending a UDLD frame 8 times every 1 second. If no response comes back after that time frame the port is put in ‘errdisable’ state. As a safety net during the configuration of this mode the ‘errdisable’ state will only occur if bidirectional communication has already be established (will mark as ‘unknown’).
UDLD-3-DISABLE: Unidirectional link detected on port 1/2. Port disabled
You can configure one end of a point-to-point link to be aggressive and the other as normal, this just means that one side will go ‘errdisable’. It may be that this is an option that solves a specific problem for you.
UDLD can be either enabled per interface or globally. When done globally it will be enabled on all Fibre ports (not copper). The thing to be aware of when enabling is that for UDLD the peer must understand and process UDLD frames (i.e. Cisco switch with UDLD enabled at its end) so if you enable globally ensure all your fibre connections go to Cisco devices capable of UDLD or you will end up running the risk of confusion when port states start displaying ‘unknown’.
(config)# udld [enable | aggressive | message time <sec>] (config-if) udld port [aggressive | disable] # udld reset # show udld interface