Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
521
Views
0
Helpful
3
Replies

erridisable on remote switch port, I think a switch is connected to the other side

suisse
Level 1
Level 1

‎01-03-2018 05:55 AM - edited ‎03-08-2019 01:17 PM

I have a ticket for a remote site switch that looks like it has had changes made to it that aren't clear.

 

I have a port that is in a errdisable state due to BPDU guard.  The switchport is in access mode and it has portfast enabled.   As soon as the autorecovery retries it instantly goes back into into errdisabled so in my mind there is a network appliance on the other side of this port.

 

Is there any danger in disabling the portfast feature before being able to visit this site in person or get eyes on it?  What would you do to troubleshoot this?

Labels:
0 Helpful
3 Replies 3

Maarten Brok
Level 1
Level 1

‎01-03-2018 08:16 AM

I also do think you hit the BPDUGuard functionality. You say you can confirm the interface on your side is in errdisable state?

 

Please look into the logging of your switch:
show log

and see what caused this issue, spanning-tree portfast will not be the cause, as it skips the first steps of the spanning-tree protocol.

 

If the BPDUGuard is the cause, either unplug that cable or delete the 'spanning-tree bpduguard enable' command from the interface and 'shutdown' / 'no shutdown' the interface to clear the errdisable state.

0 Helpful

suisse
Level 1
Level 1
In response to Maarten Brok

‎01-03-2018 08:59 AM

Yes sir, the switch I can access remotely has a particular switchport in an errdisable state.  When the recovery timer hits 0 and it attempts to recover, the int status of that port briefly shows 'not connected' followed by going right back to errdisabled.

 

error disable reason = bpduguard

 

the switchport has this command pertaining to spanning-tree

spanning-tree portfast edge for the switchport

 

 

It also has these global commands:

 

spanning-tree portfast edge bpduguard default
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
errdisable recovery cause bpduguard

 

 

0 Helpful

paul driver
VIP
VIP
In response to suisse

‎01-03-2018 09:19 AM - edited ‎01-03-2018 09:20 AM

Hello

I would say bpduguard is doing its job, As such I would admin down that port and wait for the offender to complain as possibly it will be some user being a bit naughty and trying to extended their network port access.

 

Lastly I would recommend disabling error recovery for bpduguard as you would like to know the cause of the problem is ,But you have recovery enabled then this problem could just relocate to another access-port

res

Paul

 

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card