Since a VSS is a single system image, does it make sense to enable UDLD for links between the switch pair? We've seen some recovery problems that we feel might be due to UDLD mistakenly identifying an ISL link as unidirectional, especially in a configuration with ASA-SMs in an HA configuration.
UDLD in VSS configurations
udldvss
Related Solutions
UDLD is generally run on fibre media, it is not required on UTP due to the use of Fast Link Pulse which is already monitoring link status.
This page has a very good explanation of the various L2 protections available. Here is an excerpt specifically regarding UDLD:
UDLD is used to detect if a link is only available in one direction, for example half the fibre is disconnected. UDLD performs this check faster than STP will bring the port in to a fowarding state. That means if you have UDLD and STP enabled then UDLD will prevent STP from bringing a port in to a state where it will forward traffic to nowhere.
A unidirectional link occurs when traffic is transmitted between neighbors in one direction only. Unidirectional Link Detection is a Layer 2 protocol. UDLD performs tasks that Layer 1 mechanisms, such as auto negotiation, cannot perform. When UDLD and auto-negotiation are enabled, both Layer 1 and Layer 2 detections work together to prevent physical and logical unidirectional connections and the malfunctioning of other protocols. Unidirectional links can cause spanning-tree topology loops. UDLD enables devices to detect when a unidirectional link exists and also to shut down the affected interface. UDLD is useful on a fiber ports to prevent network issues resulting in miswiring at the patch panel causing the link to be in up/up status but the BPDUs are lost.
With UDLD enabled, the switch periodically sends UDLD protocol packets to its neighbor and expects the packets to be echoed back before a predetermined timer expires. If the timer expires, the switch determines the link to be unidirectional and shuts down the port. If messages are not received within the timeout interval (45 seconds), the port is disabled. The messages are sent out every default interval, which is 15 seconds.
The 45 seconds it takes to detect a unidirectional link and errdisable the port is less than the 50 seconds it would take for STP to transition the port to a Forwarding state, which is based on 20 seconds for Max Age + 30 seconds for Listening and Learning. This prevents a loop that would otherwise be caused if STP transitioned the port into the Forwarding state because of a lack of received BPDUs.
So in summary, yes they can be run together and on fibre links they should be run together.
Short version of the answer: a little bit of both, but it's not meant to be a technology to directly improve availability
Long version of the answer: As others have pointed out, manufacturer's traditional definitions of MTBF and availability focus on hardware failures. Other factors -- human error, buggy software, planned maintenance, etc. -- are considerations in developing an architecture but are made at the individual user level.
For a hardware-only perspective, VSS doesn't impact availability. It's the same hardware being used, so the same MTBF/MTTR numbers are utilized and the end availability equations are the same.
For a more holistic perspective, it's really a toss-up and will depend largely on your individual wants and needs. On one hand, you could consider it less reliable since it's a complex piece of technology and a single "virtual point of failure" (i.e., the VSS control plane) will impact both pieces of redundant gear. On the other hand, it can be viewed to increase availability since a single virtual device renders the network much simpler, making it less likely for other things to go wrong (fewer devices to manage, no HSRP/VRRP, non-looped STP domain, simpler L3 topology, etc.).
The market has pretty much shown that most network engineers view VSS and similar technologies as an improvement over a traditional L2 distro/access topology, but there are other technologies you could go with. For example, a routed L3 access layer could achieve most of the benefits of VSS, but VLANs would be unable to span multiple access layer devices, making the solution potentially useless in some scenarios (e.g., virtualized data centers).
Best Answer
If you are referring the the VSL between the to VSS switches, I don't think it makes sense to enable UDLD because LMP will detect a unidirectional link.
For this and more LMP and VSS info: http://www.cisco.com/en/US/docs/solutions/Enterprise/Campus/VSS30dg/VSS-dg_ch2.html#wp1055977