The ErrDisable feature is implemented to handle special situations where the switch detected excessive or late collisions on a port, port duplex misconfiguration, EtherChannel misconfiguration, Bridge Protocol Data Unit (BPDU) port-guard violation, UniDirectional Link Detection (UDLD), and other (miscellaneous) causes.
The error-disable function allows the switch to shut down a port when it encounters physical, driver or configuration problems. A port being error-disabled is not by itself a cause for alarm, but a symptom of a problem that must be resolved.
Troubleshooting an ErrDisable Port on the CatOS Platforms:
Determine cause of ErrDisable error on the port. For example, a show port might indicate a parameter mismatch of EtherChannel.
In this case, it was err-disable due to channel-misconfig.
Fix identified ErrDisable cause (for example, match parameters on either end of link).
After fixing cause of problem , the port will still be disabled (and the port LEDs are still orange). Re enable the port manually by entering set port enable.
Troubleshooting an ErrDisable Port on the IOS Platforms:
When a port is in error-disabled state, it is effectively shut down and no traffic is sent or received on that port. The port LED is set to the orange color and, when you issue the show interfaces command, the port status shows as Errdisabled.
Following is an example of what an error-disabled port looks like:
switch#show int G1/0/1GigabitEthernet1/0/1 is down, line protocol is down (err-disabled)
To find out the main reason for err-disable state. In our case it is port security violation on port Gi1/0/1.
switch#show interfaces status err-disabledPort Name Status ReasonGi1/0/1 SERVER01 err-disabled psecure-violationGi1/0/46 err-disabled psecure-violationGi2/0/12 err-disabled psecure-violation
To recover a port that is in an Errdisable state, manual intervention is required, and the administrator must access the switch and configure the specific port with 'shutdown' followed by the 'no shutdown' command. This command sequence will enable the port again, however, if the problem persists expect to find the port in Errdisable state again soon.
you may not want a port with a security violation to come back up without administrative intervention, but a port downed due to a flapping host you might want automatically turned back on after a few minutes. You can issue the "errdisable recovery cause" command to configure and see a list of switch port errors that the switch can automatically recovery from.
In the below example setting Errdisable autorecovery for BPDU GUARD.
The second option you can configure is the time interval in which the switch waits before it re-enables the err-disabled port. The default recovery interval is 300 seconds.
While this err-disable recovery feature can be a great time saver it is still important to investigate and correct the real issue that is causing the switch ports to fail into an err-disabled state.
Hi, we currently have Cisco ASA 5525 running software version 9.6(4)36 in Site A. We need to replace the existing Cisco ASA 5505 in Site B that's connected via S2S VPN. With FirePOWER 1010 NGFW, can I still connect Site A to Site B via S2...
If we have stack of 2 X 9300 switches, stack needs to be renumbered, do we need to renumber the stack members to unused number first and reboot it multiple times to take slot renumbering Eg: sw1 is member 1 and sw2 is member 2 . End state requirement...
I'm having an issue where I attempted to use Putty to SSH into the switch and it would not even attempt to connect. However, I was able to connect from Solarwinds and for a short period of time Windows CMD via SSH into the switch. Solarwinds and CMD both ...
Right now I have a RV320 in my main office, connected to 6 other offices, with RV3xx;sThey are configured with IP Only in the Local/Remote Group with WAN1 - Working I need help to have a Fail Over, for the Main office, to Failover to WAN2Do I need to...
Hey guys I have a question about TDR results on my Cisco 3650 Switch.It shows up that I have a wrong cabling connection with inverted pairs and another pair with short/crosstalk. But the phoneds and desktops connected to it works normally except the ...