Detecting and preventing network loops

What is claimed is: 1. A computer-implemented method comprising: identifying a port, on a network device, that is in a blocking state, the blocking state for dropping one or more types of packets and preventing the port from forwarding the one or more types of packets; first determining a first number of packets received through the port by a hardware element on the network device; second determining a second number of packets received through the port and dropped by the hardware element on the port; third determining a third number of control packets received through the port by a CPU process on the network device; fourth determining whether the third number>(first number−second number); fifth determining that the blocking state has failed to prevent the port from forwarding the one or more types of packets in response to a positive result of the fourth determining; and correcting, in response to a positive outcome of the fifth determining, the failed blocking state by disabling the port, setting the port to a state that allows some traffic to pass while preventing other traffic from passing, and/or re-configuring one or more links of the port. 2. The computer-implemented method of claim 1 , wherein the control packets comprise at least one bridge protocol data unit (BPDU) packet. 3. The computer-implemented method of claim 1 , wherein the control packets comprise at least one link aggregation control protocol (LACP) packets. 4. The computer-implemented method of claim 1 , wherein the control packets comprise at least one link layer discovery protocol (LLDP) packet and/or at least one cisco discovery protocol (CDP) packet. 5. The computer-implemented method of claim 1 , wherein the port is one of an access port or a trunk port, wherein all virtual local area networks (VLANs) configured on the trunk port are marked as blocked. 6. The computer-implemented method of claim 1 , wherein the first number of packets transmitted comprises a rate of packets transmitted, and wherein the second number of packets transmitted comprise a rate of control packets received. 7. The computer-implemented method of claim 1 , wherein the one or more types of packets comprises all packets excluding the control packets, wherein the hardware element comprises an application specific integrated circuit. 8. A network device comprising: one or more processors; and a computer-readable storage medium having stored therein instructions which, when executed by the one or more processors, cause the one or more processors to perform operations comprising: identifying a port, on a network device, that is in a blocking state, the blocking state for dropping one or more types of packets and preventing the port from forwarding the one or more types of packets; first determining a first number of packets received through the port by a hardware element on the network device; second determining a second number of packets received through the port and dropped by the hardware element on the port; third determining a third number of control packets received through the port by a CPU process on the network device; fourth determining whether the third number>(first number−second number); fifth determining that the blocking state has failed to prevent the port from forwarding the one or more types of packets in response to a positive result of the fourth determining; and correcting, in response to a positive outcome of the fifth determining, the failed blocking state by disabling the port, setting the port to a state that allows some traffic to pass while preventing other traffic from passing, and/or re-configuring one or more links of the port. 9. The device of claim 8 , wherein the control packets comprise at least one bridge protocol data unit (BPDU) packet. 10. The device of claim 8 , wherein the control packets comprise at least one link aggregation control protocol (LACP) packets. 11. The device of claim 8 , wherein the control packets comprise at least one link layer discovery protocol (LLDP) packet and/or at least one cisco discovery protocol (CDP) packet. 12. The device of claim 8 , wherein the port is one of an access port or a trunk port, wherein all virtual local area networks (VLANs) configured on the trunk port are marked as blocked. 13. The device of claim 8 , wherein the first number of packets transmitted comprises a rate of packets transmitted, and wherein the second number of packets transmitted comprise a rate of control packets received. 14. The device of claim 8 , wherein the one or more types of packets comprises all packets excluding the control packets, wherein the hardware element comprises an application specific integrated circuit. 15. A non-transitory computer-readable storage media having stored therein instructions which, when executed by a processor, cause the processor to perform operations comprising: identifying a port, on a network device, that is in a blocking state, the blocking state for dropping one or more types of packets and preventing the port from forwarding the one or more types of packets; first determining a first number of packets received through the port by a hardware element on the network device; second determining a second number of packets received through the port and dropped by the hardware element on the port; third determining a third number of control packets received through the port by a CPU process on the network device; fourth determining whether the third number>(first number−second number); fifth determining that the blocking state has failed to prevent the port from forwarding the one or more types of packets in response to a positive result of the fourth determining; and correcting, in response to a positive outcome of the fifth determining, the failed blocking state by disabling the port, setting the port to a state that allows some traffic to pass while preventing other traffic from passing, and/or re-configuring one or more links of the port. 16. The media of claim 15 , wherein the control packets comprise at least one bridge protocol data unit (BPDU) packet. 17. The media of claim 15 , wherein the control packets comprise at least one link aggregation control protocol (LACP) packets. 18. The media of claim 15 , wherein the control packets comprise at least one link layer discovery protocol (LLDP) packet and/or at least one cisco discovery protocol (CDP) packet. 19. The media of claim 15 , wherein the port is one of an access port or a trunk port, wherein all virtual local area networks (VLANs) configured on the trunk port are marked as blocked. 20. The media of claim 15 , wherein the first number of packets transmitted comprises a rate of packets transmitted, and wherein the second number of packets transmitted comprise a rate of control packets received.