Tim's Technology Gauntlet Wiki

User Tools

Site Tools

Trace: 1.1.aii
cisco:certification_topics:ccie-ei:1.1.aii

This is an old revision of the document!

Table of Contents

Switchport Security

Errdisable recovery

Causes

  • Can be caused by:
    • arp-inspection
      • Detects errors with dynamic ARP inspection.
    • bpduguard
      • Detects when a spanning-tree bridge protocol data unit (BPDU) is received on a port configured for STP PortFast.
    • dhcp-rate-limit
      • Detects an error with DHCP snooping.
    • dtp-flap
      • Detects when trunking encapsulation is changing from one type to another.
    • gbic-invalid
      • Detects the presence of an invalid GBIC or SFP module.
    • inline-power
      • Detects an error with offering PoE inline power.
    • l2ptguard
      • Detects an error with L2 Protocol Tunneling.
    • link-flap
      • Detects when the port link state is flapping between the up and down states.
    • loopback
      • Detects when an interface has been looped back.
    • pagp-flap
      • Detects when an EtherChannel bundle's ports no longer have consistent configurations.
    • pppoe-ia-rate-limit
      • Detects errors with PPPoE Intermediate Agent rate limiting.
    • psecure-violation
      • Detects conditions that trigger port security configured on a port.
    • psp
      • Detects an error related to protocol storm protection.
    • security-violation
      • Detects errors related to 802.1X security.
    • sfp-config-mismatch
      • Detects errors related to SFP config mismatches.
    • small-frame
      • Detects errors when VLAN-tagged packets are too small and arrive above a certain time.
    • storm-control
      • Detects when a storm control threshold has been exceeded on a port.
    • udld
      • Detects when a link is seen to be unidirectional.
    • all
      • Detects every possible cause.

Configuration

  • To configure all causes
    • switch(config)#errdisable detect cause all
  • To configure one cause
    • switch(config)#errdisable detect cause <cause name>
    • switch(config)#errdisable detect cause link-flap
  • To disable all causes
    • switch(config)#no errdisable detect cause all
  • To disable one cause
    • switch(config)#no errdisable detect cause <cause name>
    • switch(config)#no errdisable detect cause link-flap

Recovery Options

  • Automatically recover from all error conditions
    • switch(config)#errdisable recovery cause all
  • Automatically recover from one error condition
    • switch(config)#errdisable recovery cause mac-limit
  • Else, to recover from an errdisabled state, the port must be shut/no shut.
    • switch(config-line)#int te 1/0/1
switch(config-if)#shut
*Nov 23 06:47:22.720: %LINK-5-CHANGED: Interface TenGigabitEthernet1/0/1, changed state to administratively down
switch(config-if)#no shut
*Nov 23 06:47:30.749: %LINK-3-UPDOWN: Interface TenGigabitEthernet1/0/1, changed state to up

Recovery Interval

  • Default recovery interval is 300 secs (5 mins)
  • Modify recovery interval by
    • switch(config)#errdisable recovery interval ?
  <30-86400>  timer-interval(sec)
    • switch(config)#errdisable recovery interval 30

Backlinks

CCIE-EI v1.1

cisco/certification_topics/ccie-ei/1.1.aii.1763909894.txt.gz · Last modified: by Name

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki