Solved: Layer 2 problem if is disabled CDP

Max Devaine · ‎08-04-2022

Hello,
I have strange issue. I have core topology see attachment. You can see HP IRF stack where are connected servers etc.
And you can see two Cisco SG550X stacks, one stack in one locality and second stack in second locality.
If I disable cdp on Cisco SG550X stack in Locality 1, then Mikrotiks on Cisco stack in Locality 2 have problems - on L2 is many packets drop.
If I enable cdp again, then is all ok.
All stacks are in same MSTP domain, no errors in spanning tree.
I found only one thing. If Mikrotik on Cisco stack2 is unaccessible, then his MAC address is on Cisco PortChannel port (Po1).

So, HP switch:

<HPE1>display mac-address dc2c-xxxx-b860
MAC Address      VLAN ID    State            Port/NickName            Aging
dc2c-xxxx-b860   15         Learned          BAGG41                   Y

Cisco SG550X Locality 1:

cisco#show mac address-table address DC:2C:xx:xx:B8:60
Flags: I - Internal usage VLAN
Aging time is 300 sec

    Vlan          Mac Address         Port       Type    
------------ --------------------- ---------- ---------- 
     15        dc:2c:xx:xx:b8:60      Po1      dynamic

I lookend on LACP configuration between HP and Cisco1, but all looks ok (on cisco is channel-group mode auto, on hpe dynamic lacp, load sharing is src-dst mac etc.).

On HPE (I tried disable/shutdown one port for test, this is why one port has status U):

<HPE1>display link-aggregation summary 
Aggregation Interface Type: 
BAGG -- Bridge-Aggregation, BLAGG -- Blade-Aggregation, RAGG -- Route-Aggregation 
Aggregation Mode: S -- Static, D -- Dynamic 
Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing
Actor System ID: 0x8000, d894-0371-6d69

AGG        AGG   Partner ID              Selected  Unselected  Individual  Share
Interface  Mode                          Ports     Ports       Ports       Type 
--------------------------------------------------------------------------------
BAGG41     D     0x1   , 40a6-e8ff-beaa  1         1           0           Shar


<HPE1>display link-aggregation verbose Bridge-Aggregation 41
Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing 
Port Status: S -- Selected, U -- Unselected,  
             I -- Individual, * -- Management port 
Flags:  A -- LACP_Activity, B -- LACP_Timeout, C -- Aggregation, 
        D -- Synchronization, E -- Collecting, F -- Distributing, 
        G -- Defaulted, H -- Expired 

Aggregate Interface: Bridge-Aggregation41
Aggregation Mode: Dynamic
Loadsharing Type: Shar
Management VLAN : None
System ID: 0x8000, d894-0371-6d69
Local: 
  Port             Status  Priority Oper-Key  Flag
--------------------------------------------------------------------------------
  XGE1/0/33        S       32768    31        {ACDEF}
  XGE2/0/33        U       32768    31        {AC}
Remote: 
  Actor            Partner Priority Oper-Key  SystemID               Flag   
--------------------------------------------------------------------------------
  XGE1/0/33        49      1        1000      0x1   , 40a6-xxxx-beaa {ACDEF}
  XGE2/0/33        206     1        1000      0x1   , 40a6-xxxx-beaa {ACEF}

Cisco SG550X Locality 1:

cisco#show lacp port-channel 1
Port-Channel Po1
       Port Type 10 Gigabit Ethernet
       Attached Lag id:
       Actor
               System Priority:1
               MAC Address:    40:a6:xx:xx:be:aa
               Admin Key:      1000
               Oper Key:       1000
       Partner
               System Priority:32768
               MAC Address:    d8:94:xx:xx:6d:69
               Oper Key:       31
cisco-cluster#show lacp 
  port-channel         IEEE 802.3 link aggregation information of port-channel
  GigabitEthernet      1 giga ethernet interface to configure
  GE                   1 giga ethernet interface to configure
  TenGigabitEthernet   10 Giga ethernet interface to configure
  XG                   10 Giga ethernet interface to configure
cisco-cluster#show lacp TenGigabitEthernet
 <1-8>  TenGigabitEthernet device number ; 0 for slot.

I tried shutdown one port from LACP, but problem still persist.

Have anyone idea where can be problem?

Thank you

Max

Georg Pauwen · ‎08-04-2022

Hello,

a Cisco switch stack definitely needs CDP:

A switch stack appears as a single switch in the network. Therefore, CDP discovers the switch stack, not
the individual stack members. The switch stack sends CDP messages to neighboring network devices
when there are changes to the switch stack membership, such as stack members being added or removed.

So you need to have it enabled. That said, since you have a multi-vendor environment, it might be a better idea to use LLDP (which is non-Cisco proprietary)...

View solution in original post

Georg Pauwen · ‎08-04-2022

Hello,

a Cisco switch stack definitely needs CDP:

A switch stack appears as a single switch in the network. Therefore, CDP discovers the switch stack, not
the individual stack members. The switch stack sends CDP messages to neighboring network devices
when there are changes to the switch stack membership, such as stack members being added or removed.

So you need to have it enabled. That said, since you have a multi-vendor environment, it might be a better idea to use LLDP (which is non-Cisco proprietary)...

Max Devaine · ‎08-04-2022

Hello,

thank you, I miss this information :-/.

I know what is CDP and LLDP, bud I didn't know about CDP is needed for stack. Now it is clear.

About LLDP. There was many bugs in cisco switch in past. Our cisco stacks crashed many times, because many bugs with LLDP + PoE + IP Phones from different vendors. There was released some bugfixes (I think last in 2.5.8.12 release), but I don't trust cisco about this anymore.

I looked to actual release notes and there is some bugfixes about ARP isssue. My version is v2.5.8.15 and actual version is 2.5.9.13.

Thanks

Max