Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
861
Views
0
Helpful
4
Replies

Can a switchport be configured to be disabled due to excessive errors

james.hicks
Level 1
Level 1

‎02-14-2008 08:16 AM - edited ‎03-05-2019 09:09 PM

While looking through 4500 IOS installation/config-guides/reference-guides I thought I saw a method to configure a switchport to become disabled due to excessive input/output errors. Is there such a capability/feature?

Labels:
0 Helpful
4 Replies 4

williamsdo
Level 3
Level 3

‎02-14-2008 02:43 PM

Hi, I read your post and the closest thing I know of to what you are asking is the storm control command. I know you can set and error threshold but not sure if it will shutdown the port.

storm-control level

To set the suppression level, use the storm-control level command. Use the no form of this command to turn off the suppression mode.

storm-control {broadcast | multicast | unicast} level level[.level]

no storm-control {broadcast | multicast | unicast} level

Syntax Description

broadcast

Broadcast traffic.

multicast

Multicast traffic.

unicast

Unicast traffic.

level

Integer suppression level; valid values are from 0 to 100 percent.

.level

(Optional) Fractional suppression level; valid values are from 0 to 99.

Defaults

All packets are passed.

http://www.cisco.com/en/US/customer/docs/switches/lan/catalyst2940/software/release/12.1_19_ea1/configuration/guide/swtrafc.html#wp1129705

0 Helpful

james.hicks
Level 1
Level 1
In response to williamsdo

‎02-14-2008 05:28 PM

Thank you for your reply. I'm aware of storm-control for bcst/mcast/ucast. We have been asked to allow a customer owned and maintained switch to be connected to our switch (we are providing a isolated vlan for the customer, but they need more ports). The interface is in access mode, on the isolated vlan .

We have spanning-tree bpduguard enabled globally, so of course the port errdisabled when the coam switch was connected when bpdu's arrived. So we will disable portfast on that port. Plus I suggest at a minimum;

spanning-tree guard root

switchport access vlan xxx

switchport nonegotiate

no cdp enable

While putting together some info on the stp guard root I thought I'd seen something about errdisable/?? when input and/or output error counters were high. I'll reread the sections tomorrow.

Actually, malformed frames are tossed aren't they?

We were wanting to be sure we protected our device from customer induced issues.

Jph

0 Helpful

Edison Ortiz
Hall of Fame
Hall of Fame

‎02-14-2008 03:06 PM

excessive input/output errors ? it depends on what kind of traffic, the feature is called errdisable and it's enabled by default

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sga/configuration/guide

__

Edison.

0 Helpful

james.hicks
Level 1
Level 1
In response to Edison Ortiz

‎02-14-2008 05:40 PM

As you can see by my other reply, the stp bpdu guard did it's job when the customer switches bdpdu's arrived on the interface.

I reviewed errdisable and I understand it takes effect by default for other features when enabled (bdduguard, link-flap, security-violation, etc).

We will allow the customer switch to be connected to ours for the time being. I was wanting to mitigate customer induced problems/mis-configs/ect from effecting our box.

Thanks Edison.

Jay

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card