Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
528
Views
0
Helpful
3
Replies

Enabling Trustsec is causing switches to error disable

lukeblewett
Level 1
Level 1

‎05-10-2022 04:52 PM

We have CTS deployed across our network and are using a mix of C3850's and 9300 switches. 

All the 3850's appear to be functioning fine.

However some of the 9300's (all provisioned with the same template from DNA-C) are going to error disabled when CTS is applied to the uplink trunk.

 

The Cause appears to be UDLD, and although UDLD error disable recovery is on, the link will immediately fail again once it recovers. 

 

We have replaced a number of optics, and tested with new fibre to rule out bad hardware causing uni directional links.
This only occurs once the CTS Manual command is appllied.

 

Has anyone else seen this problem?

Labels:
0 Helpful
3 Replies 3

marce1000
VIP
VIP

‎05-10-2022 11:01 PM

 

 - Not seen that problem , but for 9300 use current advisory software release, if applicable : https://software.cisco.com/download/home/286315874/type/282046477/release/Fuji-16.9.5  , check if that can help.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

ashishr
Level 1
Level 1

‎05-10-2022 11:04 PM - edited ‎05-10-2022 11:15 PM

Hi @lukeblewett Trustsec and UDLD should work separately. UDLD should get triggered irrespective of trustsec configuration.

If you have confirmed that the issue happens only when 'cts manual' is configured on port and when 'cts manual' is removed UDLD starts working properly please check if there are any switches in environment that are not showing this behaviour. If you find any switch that is not showing this behaviour compare configuration and IOS-XE version and check if they match. If they are running different versions, downgrade non-working switch to match version of working switch and check if the same issue is seen.

You may have to open a TAC case to work on this issue.

 

Thanks

0 Helpful

ayden_beeson86
Level 1
Level 1

‎11-16-2022 04:13 PM

To anybody else coming across this, it turns out the 6840s are dropping inbound data when its tagged, so the UDLD is doing exactly what it should do.

This included even inbound CDP etc so its functionally dropping everything except ARP (if i recall correctly)

The 6840s in question were showing minor error in show module switch all and TAC recommended an RMA, which seems to have helped in one place we were seeing it, we are in the middle of swapping out units at the other location so we shall see.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card