Comware Based

Hybrid Ports going into blocked state when lldp global is enabled

 
prodigy811
Frequent Advisor

Hybrid Ports going into blocked state when lldp global is enabled

Hi there,

I have Hybrid ports set up , with both voice and data..When I turn on LLDP globally thos ports go int blocked state. I have looked at the logs and a little weird "port hybrid vlan 1 in view Gigabit etc faailed to be matched". Has anyone come accross this before, also I do have undo vlan 1 on all ports etc

 

Regards

8 REPLIES 8
akg7
HPE Pro

Re: Hybrid Ports going into blocked state when lldp global is enabled

Hello @prodigy811 ,

Can you share the softwre version and device mode and config used for that port?

Also share 'display logbuffer reverse' and also share spanning tree status on port?

Thanks!

Note: While I am an HPE Employee, all of my comments (whether noted or not), are my own and are not any official representation of the companyAccept or Kudo
prodigy811
Frequent Advisor

Re: Hybrid Ports going into blocked state when lldp global is enabled

Hi there,

 

Many thanks for response. The Model is a 5510 48G PoE+ 4SFP+ HI 1-slot Switch, version HPE Comware Software, Version 7.1.045, Release 1122P02

To note, this switch was installed to replace a faulty cisco switch. Hence trying to enable LLDP globally

Port config is;

port link-mode bridge
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 31 tagged
port hybrid vlan 2 untagged
port hybrid pvid vlan 2
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 31 enable
shutdown
stp edged-port
lldp compliance admin-status cdp txrx
lldp tlv-enable dot1-tlv protocol-vlan-id 31
lldp tlv-enable med-tlv network-policy 31
poe enable

Section in logbuffer;


%Sep 7 17:20:00:624 2021 switch SHELL/4/SHELL_CMD_MATCHFAIL: -User=**-IPAddr=**; Command port hybrid vlan 1 in view GigabitEthernet1/0/3 failed to be matched.

akg7
HPE Pro

Re: Hybrid Ports going into blocked state when lldp global is enabled

Hello @prodigy811 ,

Config looks correct however device is running on very old software version and I will advise you to upgrade it to latest version.

Can you confirm if this interface is 'shutdown' or you tried to 'unshutdown' as well?

Also can you configure below comands as well:

lldp global enable
lldp compliance cdp

Thanks!

Note: While I am an HPE Employee, all of my comments (whether noted or not), are my own and are not any official representation of the companyAccept or Kudo
Ivan_B
HPE Pro

Re: Hybrid Ports going into blocked state when lldp global is enabled

Hi @prodigy811 !

Could you reproduce the issue and post here:

1. Output from the following commands:

 

display stp interface <blocked_port_number>
display stp abnormal-port
display stp down-port

 

2. Log messages (display logbuffer) relevant to the port blocking?

One question - does it happen only on ports where you have IP phones and PCs connected? What if you connect a PC directly to such a hybrid port? Will it be blocked as well?

And I agree with akg7, the idea about firmware upgrade makes a lot of sense since your current version is from initial releases and is about 4 years old

 

I am an HPE employee

Accept or Kudo

prodigy811
Frequent Advisor

Re: Hybrid Ports going into blocked state when lldp global is enabled

Hi all,

Many thanks for your replies and recommendations.. To answer your question Ivan, I cannot be 100% sure but it seems that it only happens to ports where both pc and phone are connected. Ill need to arrange some more downtime to run these test again. Once I do ill reply here. thanks again all for your help

Ivan_B
HPE Pro

Re: Hybrid Ports going into blocked state when lldp global is enabled

If STP blocks such ports, it is probably because it gets STP BPDUs back. Since it happens only (as for now) on ports with VoIP phones and PCs behind them, maybe there is an incorrect forwarding between vlan 31 and vlan 2 inside the phone, between its two Ethernet interfaces, so multicast and broadcast traffic from one vlan leaks to another and thus a loop is created. And it's not clear why it happens only when LLDP is enabled, maybe LLDP messages are not compliant to CDP or phones do not recognize them and instead of terminating those on the phone itself, the phone treats it as a multicast and forwards. And since the phone didn't recognize CDP message, it doesn't set its VLAN configuration correctly and that's how this leak between vlans happen.

It is just a hypothesis, don't take it as a root cause. Since you are going to plan a downtime, upgrade the switch, implement configuration changes as per akg7's suggestions (enable CDP compliance for LLDP globally) and test. As far as I remember Cisco phones, you can check VLAN configuration of its both Ethernet interfaces (switch-facing and PC-facing) from the phone itself - ensure that VLAN config is per your expectations - VoIP traffic tagged in vlan 31 and PC is in untagged vlan 2.

 

I am an HPE employee

Accept or Kudo

prodigy811
Frequent Advisor

Re: Hybrid Ports going into blocked state when lldp global is enabled

Hi all,

Just an FYI, completed upgrade succesfully and put LLDP Compliance CDP and LLDP Global Enable commands in and all looked good, no mac addresses have been blocked. However the phones lost there IP addresses. The display mac address only saw vlan 2. The long and short of it I took out "undo voice vlan mode auto" in the port config and that worked. 

So my question is; iitially the issue was LLDP Global command caused issue and mac addresses where then blocked. The phones where getting there IP address. When I configured " lldp compliance cdp & lldp global enable it must have caused the issue as they where the only changes. It was fixed by removing the "undo voice vlan mode auto" config.
If you have any theories why that was the fix id be grateful for you input.

Thanks

prodigy811
Frequent Advisor

Re: Hybrid Ports going into blocked state when lldp global is enabled

Hi all,

Any ideas on my above questions?