Errdisable reason and recovery procedure
Errdisable reason and recovery procedure:
This document defines the errdisabled reason & describes how to recover from it, and provides examples of errdisable recovery.
Note: The port status of err-disabled displays in the output of the show interfaces interface_number status command.
Function of Errdisable:
When a switch port is error disabled state, it is effectively shut down and no traffic is sent or received on that port. The port LED is set to the color orange and, when you issue the show interfaces command, the port status shows err-disabled. bellow is an example of error-disabled port status looks like from the command-line interface (CLI) of the switch:
SW1#show interfaces fastEthernet 0/1 status Port Name Status Vlan Duplex Speed Type Fa0/1 err-disabled 100 full 1000 1000BaseSX
Or, if the interface has been disabled because of an error condition, you can see messages that are similar to these in both the console and the syslog:
%SPANTREE-SP-2-BLOCK_BPDUGUARD: Received BPDU on port fastEthernet0/1 with BPDU Guard enabled. Disabling port. %PM-SP-4-ERR_DISABLE: bpduguard error detected on Fi0/1, putting Fi0/1 in err-disable state
This message show when a host port receives the (BPDU) bridge protocol data unit. The actual message depends on the reason for the error condition.
This feature was first implemented to handle special collision situations in which the switch detected excessive or late collisions on a port. Excessive collisions occur when a frame is dropped because the switch encounters 16 collisions in a row. Late collisions occur after every device on the wire should have recognized that the wire was in use. Possible causes of these types of errors include:
- A cable that is out of specification (either too long, the wrong type, or defective)
- A bad network interface card (NIC) card (with physical problems or driver problems)
- A port duplex misconfiguration
A port duplex misconfiguration is a common cause of the errors because of failures to negotiate the speed and duplex properly between two directly connected devices (for example, a NIC that connects to a switch). Only half-duplex connections should ever have collisions in a LAN. Because of the carrier sense multiple access (CSMA) nature of Ethernet, collisions are normal for half duplex, as long as the collisions do not exceed a small percentage of traffic.
There are various reasons for the interface to go into errdisable. The errdisable reason can be:
- Duplex mismatch
- Port channel misconfiguration
- BPDU guard violation
- UniDirectional Link Detection (UDLD) condition
- Late-collision detection
- Link-flap detection
- Security violation
- Port Aggregation Protocol (PAgP) flap
- Layer 2 Tunneling Protocol (L2TP) guard
- DHCP snooping rate-limit
- Incorrect GBIC / Small Form-Factor Pluggable (SFP) module or cable
- Address Resolution Protocol (ARP) inspection
- Inline power
Note: Error-disable detection is enabled for all of these reasons by default. In order to disable error-disable detection, use the no errdisable detect cause command. The show errdisable detect command displays the error-disable detection status.
Configuration Example of errdisable recovery:
errdisable recovery cause udld
errdisable recovery cause bpduguard
errdisable recovery cause security-violation
errdisable recovery cause pagp-flap
errdisable recovery cause link-flap
errdisable recovery cause sfp-config-mismatch
errdisable recovery cause gbic-invalid
errdisable recovery cause l2ptguard
errdisable recovery cause psecure-violation
errdisable recovery cause port-mode-failure
errdisable recovery cause dhcp-rate-limit
errdisable recovery cause mac-limit
errdisable recovery cause vmps
errdisable recovery cause storm-control
errdisable recovery cause arp-inspection
errdisable recovery cause link-monitor-failure
errdisable recovery cause oam-remote-failure
errdisable recovery cause loopback
errdisable recovery interval 30
- show version—Displays the version of the software that is used on the switch.
- show interfaces interface interface_number status—Shows the current status of the switch port.
- show errdisable detect—Displays the current settings of the errdisable timeout feature and, if any of the ports are currently error disabled, the reason that they are error disabled.
- show interfaces status err-disabled—Shows which local ports are involved in the errdisabled state.
- show etherchannel summary—Shows the current status of the EtherChannel.
- show errdisable recovery—Shows the time period after which the interfaces are enabled for errdisable conditions.
- show errdisable detect—Shows the reason for the errdisable status.
If you have enabled errdisable recovery, you can determine the reason for the errdisable status