Home > Err-disabled Recovery Questions

Err-disabled Recovery Questions

November 25th, 2019 Go to comments

Question 1

Question 2

Explanation

You can also bring up the port by using these commands:
+ The “shutdown” interface configuration command followed by the “no shutdown” interface configuration command restarts the disabled port.
+ The “no udld {aggressive | enable}” global configuration command followed by the “udld {aggressive | enable}” global configuration command re-enables the disabled ports.
+ The “no udld port” interface configuration command followed by the “udld port [aggressive]” interface configuration command re-enables the disabled fiber-optic port.
+ The “errdisable recovery cause udld” global configuration command enables the timer to automatically recover from the UDLD error-disabled state, and the “errdisable recovery interval interval” global configuration command specifies the time to recover from the UDLD error-disabled state.

Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750/software/release/12-2_52_se/configuration/guide/3750scg/swudld.html

Therefore in fact in this question answer “UDLD reset” is acceptable but it does not clearly describe how.

Question 3

Question 4

Question 5

Question 6

Explanation

In order to turn on errdisable recovery and choose the errdisable conditions, issue this command:
cat6knative#errdisable recovery cause ?
…….

gbic-invalid Enable timer to recover from invalid GBIC error disable state

Reference: https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/69980-errdisable-recovery.html

Question 7

Question 8

Explanation

This is the paragraph which describes about the “show errdisable recovery” command on Cisco website:

“If you have enabled errdisable recovery, you can determine the reason for the errdisable status if you issue the “show errdisable recovery” command. An example of the output of this command is shown below:

Switch#show errdisable recovery
ErrDisable Reason    Timer Status
-----------------    --------------
udld                 Enabled
bpduguard            Enabled
security-violatio    Enabled
channel-misconfig    Enabled
pagp-flap            Enabled
dtp-flap             Enabled
link-flap            Enabled
l2ptguard            Enabled
psecure-violation    Enabled
gbic-invalid         Enabled
dhcp-rate-limit      Enabled
mac-limit            Enabled
unicast-flood        Enabled
arp-inspection       Enabled

Timer interval: 300 seconds

Interfaces that will be enabled at the next timeout:

Interface      Errdisable reason      Time left(sec)
---------    ---------------------    --------------
  Fa2/4                bpduguard          273

Reference: https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/69980-errdisable-recovery.html

So answer A seems to be correct but the above quote is very misleading. In fact, this command is used to verify which services/features were enabled for err-disable recovery (notice that the err-disable recovery feature is disabled by default for all services and features and we have to manually turn them on if we want to use via the command “errdisable recovery cause …”). If we allows all above services/features to automatically recover then we will not know the reason a port was error-disabled.

In fact, the best way to determine why a port is in the err-disabled state is to view the Syslog messages. For example:

%PM-4-ERR_DISABLE: psecure-violation error detected on Fa0/1, putting Fa0/1 in err-disable state

This means Fa0/1 is put in err-disabled state because of a port security violation.

Note: The command “show errdisable detect” is used to identify which services are enabled for Errdisable only (for example, services like “arp-inspection”, bpduguard, UDLD,…)

Question 9

Explanation

When a port is error-disabled, the LED associated with the port on the front panel is solid orange.

Reference: https://www.cisco.com/c/en/us/support/docs/lan-switching/ethernet/12017-20.html

Error-disabled is same as shut down state so all traffic on this port are stopped.

Question 10

Explanation

When a port security is violated, that port can be put into errdisable state -> B is correct.

When a maximum number of hosts per port was reached, learning a new MAC address can put that port into errdisable state -> D is correct.

Comments
  1. bierrrr
    January 10th, 2020

    Q2. I think C is incorrect. You can’t do “shut and restart” but “shut and no shut”. I think the answer should be A and B.

  2. bierrrr
    January 10th, 2020

    Q8. According to Cisco documentation:

    show errdisable detect—Displays the current settings of the errdisable timeout feature and, if any of the portsthat they are err are currently error disabled, the reason or disabled.
    https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/69980-errdisable-recovery.html

    This is confusing because it suggests three answers are correct (A B C)

  3. bierrrr
    January 10th, 2020

    Q8. According to Cisco documentation:

    Displays the current settings of the errdisable timeout feature and, if any of the ports are currently error disabled, the reason that they are error disabled.
    https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/69980-errdisable-recovery.html

    This is confusing because it suggests three answers are correct (A B C)

  4. Suntzu
    January 17th, 2020

    Switch#(config) udld reset (resets disabled udld ports).
    ^ This will reset disabled ports that encounter udld issues?

    Q1 is not worded correctly in my opinion.

  5. Suntzu
    January 17th, 2020

    Question 4

    %SPANTREE-2-CHNL_MISCFG: Detected loop due to etherchannel misconfiguration
    of Gi4/1

    ^That is an etherchannel misconfiguration error and it puts the port into errdisable due to STP loop issue. How is the answer ONLY UDLD?

  6. Suntzu
    January 17th, 2020

    Switch#(config) udld reset (resets disabled udld ports).
    ^ This will reset disabled ports that encounter udld issues?

    Q1 is not worded correctly in my opinion.

    And, “shut/ no shut”

  7. Manti
    January 25th, 2020

    The fourth question should be:

    You have recently deployed an access switch with two fiber cables that connect it to a distribution switch in EtherChannel mode. Soon after it booted up, one of the uplink ports to the distribution switch was error-disabled.

    Which statement describes the reason for the failure?
    A. The switch is operating in UDLD aggressive mode and it failed to receive a UDLD message from the peer.
    B. The port-channel detected an inconsistent configuration.
    C. The switch is operating in UDLD normal mode and it failed to receive a UDLD message from the peer.
    D. Spanning tree is detected a loop.

    Correct Answer: A

  8. Dan21
    February 11th, 2020

    Question 10 I think is collision

    Causes of Errdisable

    This feature was first implemented in order to handle special collision situations in which the switch detected excessive or late collisions on a port. Excessive collisions occur when a frame is dropped because the switch encounters 16 collisions in a row. Late collisions occur after every device on the wire should have recognized that the wire was in use. Possible causes of these types of errors include:

    A cable that is out of specification (either too long, the wrong type, or defective)

    A bad network interface card (NIC) card (with physical problems or driver problems)

    A port duplex misconfiguration

    A port duplex misconfiguration is a common cause of the errors because of failures to negotiate the speed and duplex properly between two directly connected devices (for example, a NIC that connects to a switch). Only half-duplex connections should ever have collisions in a LAN. Because of the carrier sense multiple access (CSMA) nature of Ethernet, collisions are normal for half duplex, as long as the collisions do not exceed a small percentage of traffic.

    There are various reasons for the interface to go into errdisable. The reason can be:

    Duplex mismatch

    Port channel misconfiguration

    BPDU guard violation

    UniDirectional Link Detection (UDLD) condition

    Late-collision detection

    Link-flap detection

    Security violation

    Port Aggregation Protocol (PAgP) flap

    Layer 2 Tunneling Protocol (L2TP) guard

    DHCP snooping rate-limit

    Incorrect GBIC / Small Form-Factor Pluggable (SFP) module or cable

    Address Resolution Protocol (ARP) inspection

    Inline power

  1. No trackbacks yet.