[c-nsp] UDLD enabling port prematurely?

[Victor Sudakov]

Dumitru Ciobarcianu wrote:
> > 
> > This does not look good. If a broadcast frame arrives to this port
> > before a BPDU does, there will be a storm and a lot of MAC flapping.
> > Is there a way to keep the port from forwarding traffic until the UDLD
> > state is Bidirectional ?
> 
> You can try to enable spanning-tree loopguard.
> It will disable the port until it receives an BPDU from the other side.

Seems like a great idea, thank you.

"The STP loop guard feature provides additional protection against
Layer 2 forwarding loops (STP loops). An STP loop is created when an
STP blocking port in a redundant topology erroneously transitions to
the forwarding state. This usually happens because one of the ports of
a physically redundant topology (not necessarily the STP blocking
port) no longer receives STP BPDUs. In its operation, STP relies on
continuous reception or transmission of BPDUs based on the port role.
The designated port transmits BPDUs, and the non-designated port
receives BPDUs.

When one of the ports in a physically redundant topology no longer
receives BPDUs, the STP conceives that the topology is loop free.
Eventually, the blocking port from the alternate or backup port
becomes designated and moves to a forwarding state. This situation
creates a loop.

The loop guard feature makes additional checks. If BPDUs are not
received on a non-designated port, and loop guard is enabled, that
port is moved into the STP loop-inconsistent blocking state, instead
of the listening / learning / forwarding state"



-- 
Victor Sudakov,  VAS4-RIPE, VAS47-RIPN
sip:sudakov at sibptus.tomsk.ru