Support Support Downloads Knowledge Base Apex Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[EX/QFX] How to verify and recover an interface that is moved down due to the BPDU error

0

0

Article ID: KB24166 KB Last Updated: 08 Jun 2021Version: 4.0
Summary:

This article explains how to verify if an interface has detected the BPDU error and recover the interface from the disabled state.

Symptoms:

When any port is configured as an edge port under STP and block-bpdu-on-edge is enabled for STP, then upon receipt of BPDUs on the edge port, the edge port will be disabled.

Solution:

The STP status before the interface detects the BPDU error is as follows:

{master:0}[edit]
user@switch# run show spanning-tree bridge    

STP bridge parameters 
Context ID                          : 1
Enabled protocol                    : RSTP

STP bridge parameters for VLAN 114
  Root ID                           : 114.00:21:59:cb:b5:41
  Root cost                         : 1
  Root port                         : ge-0/0/0.0   Hello time                        : 2 seconds
  Maximum age                       : 20 seconds
  Forward delay                     : 15 seconds
  Message age                       : 1 
  Number of topology changes        : 2
  Time since last topology change   : 2346 seconds
  Topology change initiator         : ge-0/0/0.0   Topology change last recvd. from  : 02:21:59:cb:b5:43
  Local parameters 
    Bridge ID                       : 4210.80:71:1f:e7:81:81
    Extended system ID              : 1
    Internal instance ID            : 0

{master:0}[edit]
user@switch# run show spanning-tree interface 

Spanning tree interface parameters for VLAN 114

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ge-0/0/14.0       128:1        128:1    114.002159cbb541         1  FWD    ROOT 
ge-0/0/0.0      128:527      128:527   4210.80711fe78181  200000000 FWD    DESG 

{master:0}[edit]
user@switch# show interfaces ge-0/0/0 
unit 0 {
    family ethernet-switching {
        port-mode trunk;
        vlan {
            members all;
        }
    }
}

The configuration being used under the STP hierarchy to have BPDU protect on the ge-0/0/0 interface is as follows:

{master:0}[edit]
user@switch# show protocols vstp 
bpdu-block-on-edge;
vlan v114 {
    bridge-priority 4k;
    interface ge-0/0/14.0 {
        cost 1;
    }
    interface ge-0/0/0.0 {
        cost 200000000;
        edge;
    }
}

When the ge-0/0/0 interface starts to receive BPDU, the STP interface removes the interface from its list, as the interface is transitioned to the down (disable) state:

user@switch# run show spanning-tree interface

Spanning tree interface parameters for VLAN 114

Interface   Port ID          Designated          Designated    Port             State           Role
                              port ID            bridge ID     Cost
ge-0/0/14.0 128:527         128:527      32882.28c0da3d5041  200000000           FWD            ROOT

Verification:

Verifying if the interface is disabled due to BPDU protect feature:

{master:0}[edit]
user@switch# run show ethernet-switching interfaces ge-0/0/0.0 
Interface    State  VLAN members        Tag   Tagging  Blocking 
ge-0/0/0.0        down   v114                114   tagged   Disabled by bpdu-control  
{master:0}[edit]
user@switch# run show interfaces ge-0/0/0           
Physical interface: ge-0/0/0, Enabled, Physical link is Down   Interface index: 132, SNMP ifIndex: 784
  Link-level type: Ethernet, MTU: 1514, Speed: Auto, Duplex: Auto, BPDU Error: Detected, MAC-REWRITE Error: None,

{master:0}[edit]
user@switch# run show log messages   
Mar 26 05:22:24 BALA clear-log[4195]: logfile cleared
Mar 26 05:23:28  BALA mgd[3976]: UI_COMMIT: User 'root' requested 'commit' operation (comment: none)
Mar 26 05:23:31  BALA eswd[1114]: ESWD_BPDU_BLOCK_ERROR_DISABLED: ge-0/0/0.0: bpdu-block disabled port 

Unplugging and re-plugging the interface will not help in bringing it up:

root@BALA# run show ethernet-switching interfaces ge-0/0/0.0 
Interface    State  VLAN members        Tag   Tagging  Blocking 
ge-0/0/0.0        down   v114                114   tagged   Disabled by bpdu-control

Recovery:

BPDU error recovery can be performed manually or dynamically by using a pre-defined configuration.

The command that is used to manually recover the BPDU error is as follows:

Non-ELS:

{master:0}[edit]
user@switch# run clear ethernet-switching bpdu-error interface <interface_name>

ELS:

         {master:0}[edit]
         user@switch# run clear error bpdu interface <interface_name>
Or

This error can also be dynamically recovered by using the following configuration:

{master:0}[edit]
user@switch # show ethernet-switching-options 
bpdu-block {
   disable-timeout 10;
}

Note: Disable-timeout is in seconds and the interface will be transitioned to the 'up' state in 10 seconds.

When the BPDU errors are cleared, the interface will transition from the disabled state to down and then to the up state:

{master:0}[edit]
user@switch# run show ethernet-switching interfaces ge-0/0/0.0
Interface     State         VLAN members         Tag      Tagging    Blocking
ge-0/0/0.0      down             v114            114      tagged    blocked by STP

{master:0}[edit]
user@switch# run show ethernet-switching interfaces ge-0/0/0.0
Interface     State        VLAN members          Tag      Tagging     Blocking
ge-0/0/0.0      up             v114             114         tagged     unblocked
Modification History:

2020-02-06: Added QFX.
2021-05-25: Added ELS config for clearing errors and added relevant documentation to 'Related Links'

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search