08-22-2011 06:07 AM - edited 02-21-2020 04:26 AM
Dear community,
We had a customer who created a loop on his access layer and STP blocked some interfaces in order to protect the network.
So far normal behavior , however we would like to receive from the device when such events happen, typically when an interface is set onto err-disable or shut down (I guess it is more err-disable).
We noticed that somehow the concerned interface was sometimes staying down without checking back and maybe change its status.
I tried some commands like :
snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency
snmp-server enable traps port-security (This is probably more for MAC quantity excess over the interface)
I found also a nice MIB called Cisco-Err-Disable
But I have the feeling I miss something on the device side,
Any help to put this in place would be greatly appreciated,
Thanks
Solved! Go to Solution.
08-23-2011 10:47 AM
STP will not put the port into err-disable mode. The CISCO-ERR-DISABLE mib will report when the port is placed into a err-disable state from one of these events published in the MIB:
CErrDisableFeatureID ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"An integer-value assigned to various features/events
that can error disable a system entity
udld: Unidirectional Link Detection
bpduGuard: Spanning Tree BPDU Guard feature that prevents
processing BPDU packets on an access interface
channelMisconfig: General Link Aggregation mis-configuration
pagpFlap: Cisco's PAGP Link Aggregation protocol errors
dtpFlap: Dynamic Trunking Protocol errors
linkFlap: Link State flapping
l2ptGuard: L2 Protocol Tunnel errors
dot1xSecurityViolation: 802.1x authentication violations
portSecurity: Port Security violations
gbicInvalid: Invalid GBIC errors (examples include
unsupported GBIC being inserted)
dhcpRateLimit: DHCP snooping rate limit violation
unicastFlood: Unicast Flooding threshold violations
vmps: VLAN Membership Policy Server feature related errors
stormControl: storm control (broadcast/multicast/unicast)
threshold violations
inlinePower: Errors in inline power
arpInspection: Errors detected by Dynamic Arp Inspection
(DAI) feature
portLoopback: Interface Loopback Error
packetBuffer: Packet Buffer Error
macLimit: Errors detected by Mac Address Limit feature
linkMonitorFailure: Link Monitoring failure
oamRemoteFailure: Remote Failure detected by Ethernet OAM
(Operations, Administration, and Maintenance) feature
dot1adIncompEtype: 802.1ad Ether-type Incompatible errors
dot1adIncompTunnel: 802.1ad Pdu Tunnel Incompatible errors
sfpConfigMismatch: Mismatch on SFP configuration
communityLimit: Vlan Community Limit violations
invalidPolicy: QoS Policy violation
lsGroup: Errors detected by Link State Group Tracking feature
ekey: Errors detected by Error Key Mechanism
portModeFailure: Port mode change failure
pppoeIaRateLimit: Errors detected by PPPoE Intermediate Agent
Rate Limit feature
oamRemoteCriticalEvent: Ethernet OAM Remote Critical Event
Failure
oamRemoteDyingGasp: Ethernet OAM Remote Dying Gasp Failure
oamRemoteLinkFault: Ethernet OAM Remote Link Fault Failure
mvrp: Errors detected by Multiple VLAN Registration Protocol
The switch will generate the traps with:
#snmp-server enable traps errdisable
- Dan
08-23-2011 10:47 AM
STP will not put the port into err-disable mode. The CISCO-ERR-DISABLE mib will report when the port is placed into a err-disable state from one of these events published in the MIB:
CErrDisableFeatureID ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"An integer-value assigned to various features/events
that can error disable a system entity
udld: Unidirectional Link Detection
bpduGuard: Spanning Tree BPDU Guard feature that prevents
processing BPDU packets on an access interface
channelMisconfig: General Link Aggregation mis-configuration
pagpFlap: Cisco's PAGP Link Aggregation protocol errors
dtpFlap: Dynamic Trunking Protocol errors
linkFlap: Link State flapping
l2ptGuard: L2 Protocol Tunnel errors
dot1xSecurityViolation: 802.1x authentication violations
portSecurity: Port Security violations
gbicInvalid: Invalid GBIC errors (examples include
unsupported GBIC being inserted)
dhcpRateLimit: DHCP snooping rate limit violation
unicastFlood: Unicast Flooding threshold violations
vmps: VLAN Membership Policy Server feature related errors
stormControl: storm control (broadcast/multicast/unicast)
threshold violations
inlinePower: Errors in inline power
arpInspection: Errors detected by Dynamic Arp Inspection
(DAI) feature
portLoopback: Interface Loopback Error
packetBuffer: Packet Buffer Error
macLimit: Errors detected by Mac Address Limit feature
linkMonitorFailure: Link Monitoring failure
oamRemoteFailure: Remote Failure detected by Ethernet OAM
(Operations, Administration, and Maintenance) feature
dot1adIncompEtype: 802.1ad Ether-type Incompatible errors
dot1adIncompTunnel: 802.1ad Pdu Tunnel Incompatible errors
sfpConfigMismatch: Mismatch on SFP configuration
communityLimit: Vlan Community Limit violations
invalidPolicy: QoS Policy violation
lsGroup: Errors detected by Link State Group Tracking feature
ekey: Errors detected by Error Key Mechanism
portModeFailure: Port mode change failure
pppoeIaRateLimit: Errors detected by PPPoE Intermediate Agent
Rate Limit feature
oamRemoteCriticalEvent: Ethernet OAM Remote Critical Event
Failure
oamRemoteDyingGasp: Ethernet OAM Remote Dying Gasp Failure
oamRemoteLinkFault: Ethernet OAM Remote Link Fault Failure
mvrp: Errors detected by Multiple VLAN Registration Protocol
The switch will generate the traps with:
#snmp-server enable traps errdisable
- Dan
08-23-2011 11:08 PM
Hello Dan,
Thank you very much for you explanation, this is very clear now,
I will simulate this in lab, thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide