01-18-2023 03:30 AM
Hello , can someone help me with my problem, I have 9500 switches with udld aggressive on each interface , but i have some issues when i try to test it. If i disconnect one of the fiber optic ( TX or RX) interface just go down(not connected) , but it should be err-disabled by UDLD .
Solved! Go to Solution.
01-19-2023 06:50 AM
Hey @MHM Cisco World ,
I haven't tried out the Cat9K switch platforms myself but it might be that the MAC ACL on those is supported in the outbound direction, too. This is, after all, a platform-specific issue.
It is also possible, based on the particular switch architecture, that the redirection of specific frames based on the destination MAC address into the CPU occurs before the ingress ACL (the redirection TCAM entries come first, ACL entries come second). This would in theory explain why the ACL in the ingress direction didn't seem to work.
The 0100.0ccc.cccc is indeed a destination MAC address used by many Cisco protocols - CDP, VTP, UDLD, PAgP, to name a few. But that doesn't matter in this case. For testing UDLD which is a protocol with zero dependencies on other protocols, we don't care what else gets blocked.
I may try (no guarantees on the availability) to test this in a lab myself but for that, I would need to know the exact types of the switches that @kalzigitovadil used, and the IOS-XE versions.
Best regards,
Peter
01-19-2023 09:01 PM
Cisco Catalyst C9500-48Y4C-A IOS-XE : 17.3.5 Amsterdam
01-19-2023 08:01 PM
When i use mac access-list with IN Direction , SW dont put port into err-disable state , but when i use OUT direction UDLD works fine and block my interface
01-29-2023 04:34 AM
I usually not leave any issue under I fully get what real issue behind it,
but because I have one brain and two hand ten fingers I dont have much time to deep analysis each issue, but when I have time I go back and check issue.
so sorry for late reply, really sorry.
I return back to this issue and I figure out important point,
first check the UDLD flow packet,
then if both SW connect via P2P link then both UDLD must show same SW-ID and Echo-ID
I see port-ID is correct but the SW-ID is different!!!
-------------------------Core switch
#show udld
Entry 1
---
Expiration time: 36900 ms
Cache Device index: 1
Current neighbor state: Bidirectional
Device ID: 98A2C02D2080
Port ID: Gi1/1/1
Neighbor echo 1 device: 5C31924BD0
Neighbor echo 1 port: Twe1/0/1
TLV Message interval: 15 sec
No TLV fast-hello interval
TLV Time out interval: 5
-------------------------------Access switch
Entry 1
---
Expiration time: 37100 ms
Cache Device index: 1
Current neighbor state: Bidirectional
Device ID: 5C31924BD0
Port ID: Twe1/0/1
Neighbor echo 1 device: 8F3FB5EC980
Neighbor echo 1 port: Gi1/1/1
TLV Message interval: 15 sec
TLV fast-hello interval: 200 ms
TLV Time out interval: 5
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide