DLDP Technology White Paper

    16-08-2018

H3C_彩色.emf



Overview

A link becomes unidirectional when only one end of the link can receive packets from the other end.

Unidirectional fiber links occur in the following cases:

Fibers are cross-connected.

A fiber is not connected at one end or one fiber of a fiber pair is broken.

Figure 1 shows a correct fiber connection and two types of unidirectional fiber connections.

Figure 1 Correct and incorrect fiber connections

Physical layer detection mechanisms, such as auto-negotiation, can detect physical signals and faults. However, they cannot detect communication failures for unidirectional links where the physical layer is in connected state.

As a data link layer protocol, the Device Link Detection Protocol (DLDP) detects the following:

Whether the fiber link or twisted-pair link is correctly connected at the link layer.

Whether the two ends of the link can exchange packets correctly.

When DLDP detects unidirectional links, it can automatically shut down the faulty port to avoid network problems. Alternatively, a user can manually shut down the faulty port. DLDP cooperates with physical layer protocols to monitor link status and avoid physical and logical unidirectional links.

DLDP implementation

Concepts

DLDP neighbor states

If port A can receive link-layer packets from port B on the same link, port B is a DLDP neighbor of port A. Two ports that can exchange packets are neighbors.

Table 1 DLDP neighbor states

DLDP timer

Description

Confirmed

The link to a DLDP neighbor is bidirectional.

Unconfirmed

The state of the link to a newly discovered neighbor is not determined.

DLDP port states

A DLDP-enabled port is called a DLDP port. A DLDP port can have multiple neighbors, and its state varies by the DLDP neighbor state.

Table 2 DLDP port states

State

Description

Initial

DLDP is enabled on the port, but is disabled globally.

Inactive

DLDP is enabled on the port and globally, and the link is physically down.

Bidirectional

DLDP is enabled on the port and globally, and at least one neighbor in Confirmed state exists.

Unidirectional

DLDP is enabled on the port and globally, and no neighbor in Confirmed state exists. In this state, a port does not send or receive packets other than DLDP packets.

DLDP timers

Table 3 DLDP timers

DLDP timer

Description

Advertisement timer

Advertisement packet sending interval (the default is 5 seconds and is configurable).

Probe timer

Probe packet sending interval. This timer is set to 1 second.

Echo timer

The Echo timer is triggered when a probe is launched for a new neighbor. This timer is set to 10 seconds.

Entry timer

When a new neighbor joins, a neighbor entry is created and the corresponding entry timer is triggered if the neighbor is in Confirmed state. When an Advertisement is received, the device updates the corresponding neighbor entry and the Entry timer.

The setting of an Entry timer is three times that of the Advertisement timer.

Enhanced timer

The Enhanced timer is triggered, together with the Echo timer, when the Entry timer expires. The Enhanced timer is set to 1 second.

DelayDown timer

If a port is physically down, the device triggers the DelayDown timer, rather than removing the corresponding neighbor entry. The default DelayDown timer is 1 second and is configurable.

When the DelayDown timer expires, the device removes the corresponding DLDP neighbor information if the port is down, and does not perform any operation if the port is up.

RecoverProbe timer

This timer is set to 2 seconds. A port in Unidirectional state regularly sends RecoverProbe packets to detect whether a unidirectional link has been restored to bidirectional.

DLDP authentication mode

You can use DLDP authentication to prevent network attacks and illegal detecting.

Table 4 DLDP authentication mode

Authentication mode

Processing at the DLDP packet sending side

Processing at the DLDP packet receiving side

Non-authentication

The sending side sets the Authentication field of DLDP packets to 0.

The receiving side examines the authentication information of received DLDP packets and drops packets where the authentication information conflicts with the local configuration.

Plaintext authentication

The sending side sets the Authentication field to the password configured in plain text.

MD5 authentication

The sending side encrypts the user configured password by using MD5 algorithm, and assigns the digest to the Authentication field.

Mechanism

Detecting one neighbor

When two devices are connected through an optical fiber or a network cable, enable DLDP to detect unidirectional links to the neighbor. The following illustrates the unidirectional link detection process in two cases:

Unidirectional links occur before you enable DLDP.

Figure 2 Cross-connected fibers

As shown in Figure 2, before you enable DLDP, the optical fibers between Device A and Device B are cross-connected. After you enable DLDP, the four ports are all up and in Unidirectional state, and they send RecoverProbe packets. Take Port 1 as an example to illustrate the unidirectional link detection process.

a. Port 1 receives the RecoverProbe packet from Port 4, and returns a RecoverEcho packet.

b. Port 4 cannot receive any RecoverEcho packet from Port 1, so Port 4 cannot become the neighbor of Port 1.

c. Port 3 can receive the RecoverEcho packet from Port 1, but Port 3 is not the intended destination, so Port 3 cannot become the neighbor of Port 1.

The same process occurs on the other three ports. The four ports are all in Unidirectional state.

Unidirectional links occur after you enable DLDP.

Figure 3 Broken fiber

As shown in Figure 3, Device A and Device B are connected through an optical fiber. After you enable DLDP, Port 1 and Port 2 establish the bidirectional neighborship in the following way:

a. Port 1 that is physically up enters the Unidirectional state and sends a RecoverProbe packet.

b. After receiving the RecoverProbe packet, Port 2 returns a RecoverEcho packet.

c. After Port 1 receives the RecoverEcho packet, it examines the neighbor information in the packet. If the neighbor information matches the local information, Port 1 establishes the neighborship with Port 2 and transits to Bidirectional state. Port 1 then starts the Entry timer and periodically sends Advertisement packets.

d. After Port 2 receives the Advertisement packet, it establishes the Unconfirmed neighborship with Port 1. Port 2 then starts the Echo timer and Probe timer, and periodically sends Probe packets.

e. After receiving the Probe packet, Port 1 returns an Echo packet.

f. After Port 2 receives the Echo packet, it examines the neighbor information in the packet. If the neighbor information matches the local information, the neighbor state of Port 1 becomes Confirmed. Port 2 then transits to Bidirectional state, starts the Entry timer, and periodically sends Advertisement packets.

The bidirectional neighborship between Port 1 and Port 2 is now established.

After that, when Port 2's Rx end fails to receive signals, Port 2 is physically down and enters the Inactive state. Because Port 2's Tx end can still send signals to Port 1, Port 1 stays up. After the Entry timer for Port 2 expires, Port 1 starts the Enhanced timer and Echo timer, and sends a probe packet to Port 2. Because Port 1's Tx line is broken, Port 1 cannot receive the Echo packet from Port 2 after the Echo timer expires. Port 1 then enters the Unidirectional state, and sends a Disable packet to Port 2. At the same time, Port 1 deletes the neighborship with Port 2, and starts the RecoverProbe timer. Port 2 stays in Inactive state during this process.

When an interface is physically down, but the Tx end of the interface is still operating, DLDP sends a LinkDown packet to inform the peer to delete the relevant neighbor entry.

Detecting multiple neighbors

When multiple devices are connected through a hub, enable DLDP on all interfaces connected to the hub to detect unidirectional links among the neighbors. When no Confirmed neighbor exists, an interface enters the Unidirectional state.

Figure 4 Network diagram

As shown in Figure 4, Device A through Device D are connected through a hub, and enabled with DLDP. When Ports 1, 2, and 3 detect that the link to Port 4 fails, they delete the neighborship with Port 4, but stay in Bidirectional state.

Port shutdown modes

DLDP provides the auto and manual port shutdown modes.

Table 5 DLDP port shutdown modes

Mode

When DLDP detects a unidirectional link

When the link becomes bidirectional

Auto

DLDP automatically shuts down the port.

DLDP automatically brings up the port.

Manual

You must manually shut down the port.

You must manually bring up the port.

The manual mode prevents normal links from being shut down because of false unidirectional link reports in the following cases:

The network performance is low.

The device is busy.

The CPU usage is high.

Restrictions

When you configure DLDP, follow these configuration restrictions and guidelines:

DLDP supports plaintext authentication and MD5 authentication. Make sure the authentication modes and passwords on both sides are the same.

For DLDP to operate correctly, enable DLDP on both sides and set the same Advertisement packet sending interval on both sides.

Set the Advertisement interval according to your network condition. If the interval is too long, DLDP cannot shut down the unidirectional link in time. If the interval is too short, the number of protocol packets increases. This might result in protocol packet loss and detection errors in poor network conditions.

If a hub (or a non-DLDP device) connects two DLDP devices, it processes DLDP packets as data packets. If a port becomes Unselected in a link aggregation group or is blocked by STP, it cannot forward DLDP packets. As a result, a DLDP state flapping might occur.

Application scenarios

As shown in Figure 5, Device A and Device B are connected through two fiber pairs. When the link that connects Rx end of port 2 and Tx end of port 1 is disconnected, Port 2 is physically down. Port 1 cannot detect the link failure and keeps sending packets to port 2. As a result, data loss occurs.

To resolve the problem, configure DLDP to automatically shut down the faulty port upon detecting a unidirectional link, and automatically bring up the port after you clear the fault.

Figure 5 Network diagram

新华三官网