Rule ID
SV-255978r882276_rule
Version
V1R1
CCIs
In topologies where fiber optic interconnections are used, physical misconnections can occur that allow a link to appear to be up when there is a mismatched set of transmit/receive pairs. When such a physical misconfiguration occurs, protocols such as STP can cause network instability. UDLD is a layer 2 protocol that can detect these physical misconfigurations by verifying that traffic is flowing bidirectionally between neighbors. Ports with UDLD enabled periodically transmit packets to neighbor devices. If the packets are not echoed back within a specific time frame, the link is flagged as unidirectional and the interface is shut down.
If any of the switch ports have fiber optic interconnections with neighbors, review the Arista MLS switch configuration to verify that Loop Guard is enabled globally or on a per interface basis.
switch# sh run | sec spanning-tree
spanning-tree guard loop default
Or,
interface Ethernet6
spanning-tree guard loop
If the switch has fiber optic interconnections with neighbors and Loop Guard is not enabled, this is a finding.Configure the Arista MLS switch to enable Loop Guard to prevent Unidirectional Link Detection (UDLD) and to protect against one-way connections. switch(config)#spanning-tree guard loop default switch(config)# Alternatively, configure Loop Guard on each interface: switch(config-if-Eth6)# spanning-tree guard loop Note: UDLD is a Cisco-proprietary protocol. However, other switch vendors, such as 3Com, Extreme, and D-Link, have similar functionality in their products, respectively: Device Link Detection Protocol (DLDP), Extreme Link Status Monitoring (ELSM), and D-Link Unidirectional Link Detection (DULD).