取消
显示结果 
搜索替代 
您的意思是: 
cancel
6486
查看次数
40
有帮助
6
评论
Eric_Liu
Cisco Employee
Cisco Employee
概要介绍
本文主要介绍了什么是errdisable,如何发生的以及如何恢复端口状态。
前提
Errdisable特性适用于运行IOS系统的Catalyst交换机以及部分运行CatOS的交换机,因为CatOS已经淘汰,所以本文主要介绍运行IOS平台的交换机。

Errdisable的作用
1. 该特性会通知管理员某个端口出现了问题;
2. 该特性会预防由于端口问题而导致更为严重的网络问题,就像上面的例子,如果不将端口置为errdisable,网络有可能会出现环路。
Errdisable发生的条件
当系统在端口上检测到某种错误,系统就会关闭该端口并将端口置为errdisable

当一个端口被置为errdisable时,该端口将被关闭掉并无法收发信息,端口的LED灯也会变为橙色。这时,您可以使用show interface g x/y status来查看端口状态,如下所示:
cat6knative#showinterfaces gigabitethernet 4/1 status
Port Name Status Vlan Duplex Speed Type
Gi4/1 err-disabled 100 full 1000 1000BaseSX
并且,您也会在show log信息里看到类似以下的信息:
%SPANTREE-SP-2-BLOCK_BPDUGUARD: Received BPDU on port GigabitEthernet4/1 with BPDU Guard enabled. Disabling port.%PM-SP-4-ERR_DISABLE: bpduguard error detected on Gi4/1, putting Gi4/1 in err-disable state
该信息表示某个端口配置了BPDU GUARD,而收到了BPDU,所以会被置为errdisable状态。具体原因会不同,我们会在下面介绍。
发生errdisable的常见原因列举:
1. 双工不匹配
2. Port Channel配置有误
3. BPDU GUARD的端口收到BPDU
4. UDLD问题
5. 链路频繁翻动
6. 违反了端口安全规则
7. PAgP翻动
8. 违反了L2TP Guard
9. DHCP SNOOPING的速率超了
10. 违反了ARP INSPECTION

Errdisable的恢复方法
当发现一个端口处于errdisable状态,首先应该识别原因,解决问题,然后再重新启用端口,不然的话,端口不久仍会回到errdisable状态。
一般情况下,如果端口发生errdisable,你总会看到日志弹出,类似于下面的日志,该条目就指明了原因,例如:
%SPANTREE-SP-2-BLOCK_BPDUGUARD: Received BPDU on port GigabitEthernet4/1 with BPDU Guard enabled. Disabling port. %PM-SP-4-ERR_DISABLE: bpduguard error detected on Gi4/1, putting Gi4/1 in err-disable state
PM-SP-4-ERR_DISABLE: udld error detected on Gi4/1, putting Gi4/1 in err-disable state.
%PM-4-ERR_DISABLE: link-flap error detected on Gi4/1, putting Gi4/1 in err-disable state
%PM-4-ERR_DISABLE: loopback error detected on Gi4/1, putting Gi4/1 inerr-disable state
DOT1X-SP-5-SECURITY_VIOLATION: Security violation on interface GigabitEthernet4/8, New MAC address 0080.ad00.c2e4 is seen on the interface in Single host mode%PM-SP-4-ERR_DISABLE: security-violation error detected on Gi4/8, putting Gi4/8 in err-disable state
重新启用端口
当你找到引起errdisable的原因,并修复问题以后,端口仍会保持disable状态;这时,有两种办法让其恢复,一种办法是在接口下使用shutdown命令接着no shutdown命令来手动恢复;第二种办法是设定errdisable恢复时间。
命令:show errdisable revovery,用来查看默认的errdisable恢复设置,一般情况下,都是disable的。
cat6knative#show errdisable recoveryErrDisable Reason Timer Status----------------- --------------udld Disabledbpduguard Disabledsecurity-violatio Disabledchannel-misconfig Disabledpagp-flap Disableddtp-flap Disabledlink-flap Disabledl2ptguard Disabledpsecure-violation Disabledgbic-invalid Disableddhcp-rate-limit Disabledmac-limit Disabledunicast-flood Disabledarp-inspection Disabled Timer interval: 300 seconds Interfaces that will be enabled at the next timeout:
如果想要设定由于某种原因导致的errdisable端口能过一段时间自动恢复,需要以下命令:
cat6knative#errdisable recovery cause ? all Enable timer to recover from all causes arp-inspection Enable timer to recover from arp inspection error disable state bpduguard Enable timer to recover from BPDU Guard error disable state channel-misconfig Enable timer to recover from channel misconfig disable state dhcp-rate-limit Enable timer to recover from dhcp-rate-limit error disable state dtp-flap Enable timer to recover from dtp-flap error disable state gbic-invalid Enable timer to recover from invalid GBIC error disable state l2ptguard Enable timer to recover from l2protocol-tunnel error disable state link-flap Enable timer to recover from link-flap error disable state mac-limit Enable timer to recover from mac limit disable state pagp-flap Enable timer to recover from pagp-flap error disable state psecure-violation Enable timer to recover from psecure violation disable state security-violation Enable timer to recover from 802.1x violation disable state udld Enable timer to recover from udld error disable state unicast-flood Enable timer to recover from unicast flood disable state
cat6knative(Config)#errdisable recovery interval 400
该命令表示,每过400秒,端口都会尝试恢复为enable状态,但是如果造成disable的原因还存在的话,端口仍会进入errdisable状态。该值最小可以设置为30
最后,为大家提供几个验证的命令:
show interfaces interface interface_number status
show errdisable detect
show interfaces status err-disabled
show errdisable recovery
感谢大家阅读,希望给您提供到帮助,如果还是无法解决问题,请到思科官方网站开case.
原文来自:http://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/69980-errdisable-recovery.html

评论
sxsure001
Spotlight
Spotlight
沙发!lollol
Luke Huang
Cisco Employee
Cisco Employee
blgao
Cisco Employee
Cisco Employee
支持下
Lin Zhang
Level 1
Level 1
支持:)
Fisheryu
Cisco Employee
Cisco Employee
:):):):):):)
xupeng
Cisco Employee
Cisco Employee
谢谢楼主分享
入门指南

使用上面的搜索栏输入关键字、短语或问题,搜索问题的答案。

我们希望您在这里的旅程尽可能顺利,因此这里有一些链接可以帮助您快速熟悉思科社区:









快捷链接