Cisco Error Disabled Ports

=====Verify port status:
show int status
show interfaces Gi1/0/1 status

 
Cisco-2960X#sh int status

Port      Name               Status       Vlan       Duplex  Speed Type
Gi1/0/1   HP_C7K             err-disabled 20           auto   auto 10/100/1000BaseTX
Gi1/0/2   HP_C7K             connected    20         a-full a-1000 10/100/1000BaseTX
Gi1/0/3   HP_C7K             notconnect   20           auto   auto 10/100/1000BaseTX
Gi1/0/4   HP_C7K             notconnect   20           auto   auto 10/100/1000BaseTX
Gi1/0/5   HP_C7K             connected    20         a-full a-1000 10/100/1000BaseTX
Gi1/0/6   HP_C7K             connected    20         a-full a-1000 10/100/1000BaseTX
Gi1/0/7   HP_C7K             notconnect   20           auto   auto 10/100/1000BaseTX
Gi1/0/8   HP_C7K             connected    20         a-full a-1000 10/100/1000BaseTX
Gi1/0/9   HP_C7K             notconnect   20           auto   auto 10/100/1000BaseTX
Gi1/0/10  HP_C7K             notconnect   20           auto   auto 10/100/1000BaseTX
Cisco-2960X#show interfaces Gi1/0/1 status

Port      Name               Status       Vlan       Duplex  Speed Type
Gi1/0/1  HP_C7K              err-disabled 20         auto   auto 10/100/1000BaseTX

=====Check to see if errdisable recovery is turned on

Cisco-2960X#show errdisable recovery

ErrDisable Reason            Timer Status
-----------------            --------------
arp-inspection               Disabled
bpduguard                    Disabled
channel-misconfig (STP)      Disabled
dhcp-rate-limit              Disabled
tp-flap                      Disabled
gbic-invalid                 Disabled
inline-power                 Disabled
link-flap                    Disabled
mac-limit                    Disabled
loopback                     Disabled
pagp-flap                    Disabled
port-mode-failure            Disabled
pppoe-ia-rate-limit          Disabled
psecure-violation            Disabled
security-violation           Disabled
sfp-config-mismatch          Disabled
small-frame                  Disabled
storm-control                Disabled
udld                         Disabled
vmps                         Disabled
psp                          Disabled
dual-active-recovery         Disabled
evc-lite input mapping fa    Disabled
Recovery command: clear      Disabled

Timer interval: 300 seconds

Interfaces that will be enabled at the next timeout:

=====To enable auto recovery:
I’m not recommending this because you should figure out WHY the port is going into an error disabled state and fix it. But if you just want the port to auto-recover from that state, you can set it.

For this example I’m using loopback.

errdisable recovery cause loopback
errdisable recovery interval 30                   [interval is in seconds]

So basically what the above is doing, when the port goes into a error-disabled state caused by loopback, recover from that state in 30 seconds. It’s just like you going in there and doing a shut/no shut on the port.

Verify it’s enabled:

Cisco-2960X#show errdisable recovery

ErrDisable Reason            Timer Status
-----------------            --------------
arp-inspection               Disabled
bpduguard                    Disabled
channel-misconfig (STP)      Disabled
dhcp-rate-limit              Disabled
dtp-flap                     Disabled
gbic-invalid                 Disabled
inline-power                 Disabled
link-flap                    Disabled
mac-limit                    Disabled
loopback                     Enabled
pagp-flap                    Disabled
port-mode-failure            Disabled
pppoe-ia-rate-limit          Disabled
psecure-violation            Disabled
security-violation           Disabled
sfp-config-mismatch          Disabled
small-frame                  Disabled
storm-control                Disabled
udld                         Disabled
vmps                         Disabled
psp                          Disabled
dual-active-recovery         Disabled
evc-lite input mapping fa    Disabled
Recovery command: clear      Disabled

Timer interval: 30 seconds

Interfaces that will be enabled at the next timeout:

=====Reasons why this happens:

There are various reasons for the interface to go into errdisable. The reason can be:

-Duplex mismatch
-Port channel misconfiguration
-BPDU guard violation
-UniDirectional Link Detection (UDLD) condition
-Late-collision detection
-Link-flap detection
-Security violation
-Port Aggregation Protocol (PAgP) flap
-Layer 2 Tunneling Protocol (L2TP) guard
-DHCP snooping rate-limit
-Incorrect GBIC / Small Form-Factor Pluggable (SFP) module or cable
-Address Resolution Protocol (ARP) inspection
-Inline power

=====To see why it happened:

1. show logging command

Cisco-2960X#sh logging

May 2 14:01:17.223 Tampa: %ETHCNTR-3-LOOP_BACK_DETECTED: Loop-back detected on GigabitEthernet0/20.
May 2 14:01:17.223 Tampa: %PM-4-ERR_DISABLE: loopback error detected on Gi0/2, putting Gi0/20 in err-disable state
May 2 14:01:18.229 Tampa: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/20, changed state to down

2. If you have enabled errdisable recovery, you can determine the reason for the errdisable status if you issue the show errdisable recovery command. Here is an example:

Cisco-2960X#show errdisable recovery

ErrDisable Reason    Timer Status
-----------------    --------------
udld                 Enabled
bpduguard            Enabled
security-violatio    Enabled
channel-misconfig    Enabled
pagp-flap            Enabled
dtp-flap             Enabled
link-flap            Enabled
l2ptguard            Enabled
psecure-violation    Enabled
gbic-invalid         Enabled
dhcp-rate-limit      Enabled
mac-limit            Enabled
unicast-flood        Enabled
arp-inspection       Enabled

Timer interval: 300 seconds

Interfaces that will be enabled at the next timeout:

Interface      Errdisable reason      Time left(sec)
---------    ---------------------    --------------
Gi1/0/20     bpduguard                273
More Stories
External DNS Load Balancing POC