I have a situation which is a little different than what I've seen posted here regarding UDLD. I'm using MX100s in active/passive connecting to a stack of (3) MS225 switches. I'm using the switches to do isolated VLANs for WAN connectivity. The primary internet connections are VLAN 3001 and the cellular (MG21E) connections are VLAN 3002. Port Internet 1 on both MX100s and the ISP router are connected to port 48 on all three switches, and port LAN 2 (configured as a WAN interface) on both MX100s and the MG21E are connected to port 46 on all three switches. I have RSTP enabled and BPDU Guard set on the ports. UDLD is set to Alert Only. This is a standard configuration for several branches and I have not had any problems with it until now. I'm bringing up another site exactly as described but what I'm seeing is switch 2 port 46, which connects to the Spare MX on LAN 2, is blocking packets. The port has an orange circle/line, The Configuration section shows " Blocking - BPDU guard activated" and the status section shows "Unidirectional link (outbound fault) (neighbor ID: 683A1EB7D106 , port: 45 )". I've tried disabling RSTP and BPDU Guard just to see what happens but the same results, orange circle/line and the UDLD error. I have site-to-site VPNs to several sites and when I check the status it indicates that it cannot connect tunnels on all links, which tells me port 2/46 really is blocking traffic. I don't have time to spend lengthy calls with support so I'm hoping someone has seen this before and can offer guidance. Thanks in advance.
... View more
SD-WAN, or Software-Defined Wide-Area Networking, is a subset of Software-Defined Networking (SDN), which is itself an umbrella term encompassing several network technologies with the purpose of making the network agile and flexible. SDN includes the common network boundaries, or delineations, such as: SDA - Software-Defined Access works commonly in the campus network delineation such as wired and wireless access for endpoints SDDC - Software-Defined Data Center obviously encompasses data center network technologies such as high-speed LAN access for compute and storage SDWAN - Software-Defined Wide-Area Network focuses primarily on WAN technologies which includes public access circuits such as Direct Internet or MPLS Each of these delineations share the same four basic pillars, or goals: Abstraction - De-coupling the Management plane, the Control plane and the Data plane allows for simplified management in the User Interface while allowing for configurations to be executed but the complexity is hidden from human eyes. Automation - Rapid provisioning (centralized), on-the-fly traffic flow and data path selection, end-to-end configuration services Analytics - Centralized flow-based collection of data from network devices, real-time visibility and mitigation, telemetry (back-in-time visibility) Security - Microsegmentation, group tags, Network-wide end-to-end policy enforcement SD-WAN incorporates the use of "overlays" to accomplish these goals. The idea is to create a multi-path OSI Layer 3 network as the "underlay", or foundation. The underlay should be highly available and resilient, able to re-route in case of any path outage. Overlay technologies such as DMVPN and mGRe are used to create an OSI Layer 2 tunnel from end-to-end. As this statement implies, end devices are able to communicate with other end devices at Layer 2, ensuring that the complexity of the underlay is completely transparent. To manage such an architecture manually would be a very large undertaking because first of all one must manage the complexity of the underlay, then one must manage the overlay as an entirely separate network. This is the advantage of Abstraction and Automation. A centralized management platform is able to communicate directly to network appliances over the Management plane, while network devices can communicate with each other using the Control plane. Separating these planes out of the traditional single-use Data plane ensures that things like configurations, path selections and policy enforcement can happen unimpeded by events which may occur on the Data plane. Below is a high-level example of a typical use-case topology for SD-WAN:
... View more