Cisco switch err-disabled fault

One outlet had poor contact. Because there was no wiring module, I just fixed the wiring block and the network was ready for use. After a week, the network was broken again and I asked another colleague to change the wiring module, as a result, my colleague told me that changing the wiring module would not work, and the network would still be disconnected. I thought it was strange. I told him that the Network was originally accessible, but the wiring module was not good.

I will remove the wiring module, directly add the crystal head, test the network cable, the tester shows that the network is connected, and then wipe the computer, still show broken line. I connected the network port of the network cable to the network card of the laptop, and the laptop also showed a disconnection, judging the network port failure. Go to the Cisco switch and run the show interface command to check whether line is down (ERR-disabled)

 

Using the no shutdown command, the port still fails, and another port is replaced, and the faulty network returns to normal.

 

I think it's strange that the network port suddenly fails? Cisco switches are not so easy to break.

 

Use the command shutdown, and then use no shutdown

 

 

The network port returns to normal. Why does this happen? It may be that when a colleague changes the network module, the line is short-circuited, resulting in the software failure of the switch.

 

Baidu: For more details, the following is a netizen's article:

 

 

 

Solve the Problem of err-disabled on the port

Troubleshooting when the interface is in err-Disable

Fault symptoms:
If the line is disconnected, the physical indicator is off or displayed in Orange (the status of the indicator varies with the platform)

The show interface output shows the interface status:
Fastethernet0/47 is down, line protocol is down (ERR-disabled)
The interface status is err-Disable.

SW1 # Show interfaces status

Port name status VLAN duplex Speed Type
Fa0/47 err-disabled 1 autoauto 10/100 basetx

If the interface status is err-Disable, the show interfaces status err-disabled command can be used to view the cause of triggering err-Disable.
The following is an example of bpduguard. The spanning-tree bpduguard enable is configured on the port connected to the switch.

SW1 # Show interfaces status err-Disabled

Port name Status reason
Fa0/47 err-disabled bpduguard

The cause of err-Disable generated by the interface can be viewed by the following command. The default configuration of the system is that all listed causes can cause the interface to be set to err-Disable.

SW1 # Show errdisable detect
Errdisable reason Detection Status
---------------------------------
Udld Enabled
Bpduguard Enabled
Security-violatio Enabled
Channel-misconfig Enabled
Specified cure-violation Enabled
DHCP-rate-limit Enabled
Unicast-flood Enabled
Vmps Enabled
Pagp-flap Enabled
DTP-flap Enabled
Link-flap Enabled
L3pxguard Enabled
GBIC-invalid Enabled
Loopback Enabled
DHCP-rate-limit Enabled
Unicast-flood Enabled

From the list, we can see that the common causes include udld, bpduguard, link-flap, and loopback.
The specific cause of err-Disable can be viewed by show interface status err-Disable.

In interface mode, shutdown and no shutdown are used for manual activation.

In the default configuration, once the interface is set to err-Disable, IOS will not try to restore the interface.
This can be viewed by show errdisable recovery. All values under the timer status are disable.
In the following example, because bpduguard is manually configured for recovery, the value of timer status changes to enable.

SW1 # Show errdisable recovery
Errdisable reason timer status
-------------------------------
Udld disabled
Bpduguard Enabled
Security-violatio disabled
Channel-misconfig disabled
Vmps disabled
Pagp-flap disabled
DTP-flap disabled
Link-flap disabled
L3pxguard disabled
Specified cure-violation disabled
GBIC-invalid disabled
DHCP-rate-limit disabled
Unicast-flood disabled
Loopback disabled

Timer interval: 300 seconds

Interfaces that will be enabled at the next Timeout:

Interface errdisable reason time left (SEC)
----------------------------------------
Fa0/47 bpduguard 217

To configure the interface for iOS to reactivate errdisable, run the following command:

SW1 (config) # errdisable recovery cause bpduguard

SW1 (config) # errdisable recovery cause?
All enable timer to recover from all causes
Bpduguard enable timer to recover from BPDU guard error disable state
Channel-misconfig enable timer to recover from Channel misconfig disable state
DHCP-rate-limit enable timer to recover from DHCP-rate-limit error disable state
DTP-flap enable timer to recover from DTP-flap error disable state
GBIC-invalid enable timer to recover from invalid GBIC error disable state
L3pxguard enable timer to recover from l2protocol-tunnel error disable state
Link-flap enable timer to recover from link-flap error disable state
Loopback enable timer to recover from loopback detected disable state
Pagp-flap enable timer to recover from pagp-flap error disable state
Export cure-violation enable timer to recover from your cure violation disable state
Security-violation enable timer to recover from 802.1x violation disable state
Udld enable timer to recover from udld error disable state
Unicast-flood enable timer to recover from unicast flood disable state
Vmps enable timer to recover from vmps shutdown error disable

After the preceding command is configured, IOS tries to restore the interface that is set to err-Disable after a period of time. The default value is 300 seconds.
However, if the source that causes err-Disable is not cured, the interface will be set to err-Disable again after the restoration.

To adjust the err-Disable timeout, run the following command:
SW1 (config) # errdisable recovery interval?
<30-86400> timer-interval (SEC)
It can be adjusted to 30-300 seconds. The default value is seconds.

If the cause of err-Disable is udld, the following command is very useful:
SW1 # udld Reset
No ports are disabled by udld.

At the same time, when an interface is set to err-Disable, a series of logs are usually generated as follows:

* Mar 15 15:47:19. 984: % SPANTREE-2-BLOCK_BPDUGUARD: pinned ed BPDU on port fastethernet0/47 with BPDU guard enabled. Disabling port.
SW1 #
* Mar 15 15:47:19. 984: % PM-4-ERR_DISABLE: bpduguard error detected on fa0/47, putting fa0/47 in err-Disable state
SW1 #
* Mar 15 15:47:21. 996: % LINK-3-UPDOWN: interface fastethernet0/47, changed state to down
It is also useful to collect these logs.
Therefore, we recommend that you configure a syslog server to collect log information.

*************************
SW1 # Show interfaces status

Port name status VLAN du...

***************

Enable the errdisable function, so that you can use show errdisable to view the cause of errdisable and solve the problem with more information.
******************

If you want to avoid any impact, use
No errdisable detect cause loopback
Run the command to run the dead port, No sh.
If there is no problem, it must be a loop. You can find another time and use the Plugging Method to unplug the network cable one by one for the switch that is suspected to be faulty. Of course, there are more effective methods, you can check the status of all RJ45 and GI ports of the faulty switch. If there is errdisable information, the problem arises.

 

 

Switch # Show interfaces status err-Disabled

Port name Status reason
Fa0/22 err-disabled link-flap
Fa0/37 for office in 100 k err-disabled link-flap
Fa0/41 unknow err-disabled link-flap
Fa0/42 training dc066 err-disabled link-flap
Fa0/45 Production Line VM err-disabled link-flap
Switch # Show errdisable detect
Errdisable reason Detection Status
---------------------------------
Pagp-flap Enabled
DTP-flap Enabled
Link-flap Enabled
L3pxguard Enabled
GBIC-invalid Enabled
Loopback Enabled
Switch # Show interfaces status err-Disabled

Port name Status reason
Fa0/22 err-disabled link-flap
Fa0/37 for office in 100 k err-disabled link-flap
Fa0/41 unknow err-disabled link-flap
Fa0/42 training dc066 err-disabled link-flap
Fa0/45 Production Line VM err-disabled link-flap
Switch # sh errdisable flap-Values
Errdisable reason flaps time (SEC)
---------------------------------
Pagp-flap 3 30
DTP-flap 3 30
Link-flap 5 10 (Link-flap is caused by poor link quality)

 

CloseErrdisable detect
Switch# No errdisable detect cause all

 

This article is from the "yegaopeng" blog, please be sure to keep this http://yegaopeng.blog.51cto.com/816739/1550602

Cisco switch err-disabled fault