Use the Error-Disable feature to avoid expansion of the switch (1)

Some Problems of switches and other network devices not only affect the operation of a port, but also affect the normal operation of the entire switch. As shown in, if a host with an IP address of 192.168.0.2 has a virus, it continuously sends a broadcast storm to its broadcast domain or performs multiple ARP detection, at this time, the switch port connecting to this PC will constantly flash, indicating that the amount of data transmitted is very large. If we do not suppress this situation, this problem will affect the entire switch, or even the entire network, and eventually lead to a decline or breakdown of network performance.

I. Use the Error-Disable feature to avoid problem Expansion

Is there an effective mechanism that can lock the problem to the minimum extent and avoid the infinite expansion of the problem involving innocence? In Cisco Series switches, the Error-Disable feature is used to solve this problem. With the error-disable feature, the error status can affect the entire switch or other networks, the switch can promptly detect errors of specific interfaces and automatically set the port to Error-Disable to prohibit any data forwarding.

As shown in, network administrators on each port of the vswitch set strict port security rules. At this time, if the host 192.168.0.2 sends illegal data packets, it violates port security regulations. As long as the switch enables the Error-Disable feature, the switch can detect this situation in a timely manner. The switch port connected to the host is set to Error-Disable immediately. The switch will not accept any data packets from the illegal host until the interface returns to normal. By using this mechanism, network threats or faults can be limited to the minimum range to avoid affecting other normal switch ports.

Before enabling this feature, the network administrator needs to know which errors the switch will automatically monitor. This will be of great help for subsequent maintenance and troubleshooting. Generally, different models may cause different errors. In most cases, Cisco Series switches can detect the following common errors. Such as unicast expansion, storm control, port security violation, link flip, DHCP speed limit violation, BPDU Protection Detection, ARP detection, and more than 10 kinds of errors. However, because there are large differences between different models, the administrator needs to confirm according to the enterprise's own needs before purchasing a switch.