cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
862
Views
0
Helpful
4
Replies

Can a switchport be configured to be disabled due to excessive errors

james.hicks
Level 1
Level 1

While looking through 4500 IOS installation/config-guides/reference-guides I thought I saw a method to configure a switchport to become disabled due to excessive input/output errors. Is there such a capability/feature?

4 Replies 4

williamsdo
Level 3
Level 3

Hi, I read your post and the closest thing I know of to what you are asking is the storm control command. I know you can set and error threshold but not sure if it will shutdown the port.

storm-control level

To set the suppression level, use the storm-control level command. Use the no form of this command to turn off the suppression mode.

storm-control {broadcast | multicast | unicast} level level[.level]

no storm-control {broadcast | multicast | unicast} level

Syntax Description

broadcast

Broadcast traffic.

multicast

Multicast traffic.

unicast

Unicast traffic.

level

Integer suppression level; valid values are from 0 to 100 percent.

.level

(Optional) Fractional suppression level; valid values are from 0 to 99.

Defaults

All packets are passed.

http://www.cisco.com/en/US/customer/docs/switches/lan/catalyst2940/software/release/12.1_19_ea1/configuration/guide/swtrafc.html#wp1129705

Thank you for your reply. I'm aware of storm-control for bcst/mcast/ucast. We have been asked to allow a customer owned and maintained switch to be connected to our switch (we are providing a isolated vlan for the customer, but they need more ports). The interface is in access mode, on the isolated vlan .

We have spanning-tree bpduguard enabled globally, so of course the port errdisabled when the coam switch was connected when bpdu's arrived. So we will disable portfast on that port. Plus I suggest at a minimum;

spanning-tree guard root

switchport access vlan xxx

switchport nonegotiate

no cdp enable

While putting together some info on the stp guard root I thought I'd seen something about errdisable/?? when input and/or output error counters were high. I'll reread the sections tomorrow.

Actually, malformed frames are tossed aren't they?

We were wanting to be sure we protected our device from customer induced issues.

Jph

Edison Ortiz
Hall of Fame
Hall of Fame

excessive input/output errors ? it depends on what kind of traffic, the feature is called errdisable and it's enabled by default

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sga/configuration/guide

__

Edison.

As you can see by my other reply, the stp bpdu guard did it's job when the customer switches bdpdu's arrived on the interface.

I reviewed errdisable and I understand it takes effect by default for other features when enabled (bdduguard, link-flap, security-violation, etc).

We will allow the customer switch to be connected to ours for the time being. I was wanting to mitigate customer induced problems/mis-configs/ect from effecting our box.

Thanks Edison.

Jay

Review Cisco Networking for a $25 gift card