2960 Ethernet interfaces going down

Discussion in 'Cisco' started by John Oliver, Nov 25, 2008.

  1. John Oliver

    John Oliver Guest

    In the past week or two, I've hada three or four Gigabit Ethernet
    interfaces on about as many 2960s go down and say "err-diabled". One
    doesn't even have anything attached to it!

    SES-Distribution#sh int Gi0/4
    GigabitEthernet0/4 is down, line protocol is down (err-disabled)
    Hardware is Gigabit Ethernet, address is 0022.be29.eb04 (bia
    0022.be29.eb04)
    MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
    reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation ARPA, loopback not set
    Keepalive set (10 sec)
    Auto-duplex, Auto-speed, media type is 10/100/1000BaseTX
    input flow-control is off, output flow-control is unsupported
    ARP type: ARPA, ARP Timeout 04:00:00
    Last input 1w5d, output 1w5d, output hang never
    Last clearing of "show interface" counters never
    Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops:
    15298
    Queueing strategy: fifo
    Output queue: 0/40 (size/max)
    5 minute input rate 0 bits/sec, 0 packets/sec
    5 minute output rate 0 bits/sec, 0 packets/sec
    18322903 packets input, 20805679728 bytes, 0 no buffer
    Received 18297621 broadcasts (0 multicasts)
    0 runts, 0 giants, 0 throttles
    0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
    0 watchdog, 15121276 multicast, 0 pause input
    0 input packets with dribble condition detected
    166633 packets output, 226858846 bytes, 0 underruns
    0 output errors, 0 collisions, 1 interface resets
    0 babbles, 0 late collision, 0 deferred
    0 lost carrier, 0 no carrier, 0 PAUSE output
    0 output buffer failures, 0 output buffers swapped out


    However, no errors are counted. How can I start to figure out what is
    happening and why?

    --
    * John Oliver http://www.john-oliver.net/ *
     
    John Oliver, Nov 25, 2008
    #1
    1. Advertising

  2. John Oliver

    Nicolai Guest

    > However, no errors are counted. How can I start to figure out what is
    > happening and why?


    it could be:

    Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 15298

    But my guess would be some sort of port-security triggered.

    Please post the configuration of the mentioned interface
     
    Nicolai, Nov 25, 2008
    #2
    1. Advertising

  3. John Oliver

    Sam Wilson Guest

    In article <>,
    John Oliver <> wrote:

    > In the past week or two, I've hada three or four Gigabit Ethernet
    > interfaces on about as many 2960s go down and say "err-diabled".
    > :
    > :
    > However, no errors are counted. How can I start to figure out what is
    > happening and why?


    Start with "sh errdis ?" and look at the options. I don't have a 2960
    to hand but the 3550 I just checked offers detect, flap-values and
    recovery. We have recovery enabled and "sh errdis rec" shows (would
    show) a list of interfaces that would be reenabled at the next timeout.
    I don't know what you'll see.

    Sam
     
    Sam Wilson, Nov 25, 2008
    #3
  4. John Oliver

    John Oliver Guest

    On Tue, 25 Nov 2008 19:46:22 +0000, Sam Wilson wrote:
    > In article <>,
    > John Oliver <> wrote:
    >
    >> In the past week or two, I've hada three or four Gigabit Ethernet
    >> interfaces on about as many 2960s go down and say "err-diabled".
    >> :
    >> :
    >> However, no errors are counted. How can I start to figure out what is
    >> happening and why?

    >
    > Start with "sh errdis ?" and look at the options. I don't have a 2960
    > to hand but the 3550 I just checked offers detect, flap-values and
    > recovery. We have recovery enabled and "sh errdis rec" shows (would
    > show) a list of interfaces that would be reenabled at the next timeout.
    > I don't know what you'll see.


    SES-Distribution#sh errdisable recovery
    ErrDisable Reason Timer Status
    ----------------- --------------
    bpduguard Disabled
    channel-misconfig Disabled
    dhcp-rate-limit Disabled
    dtp-flap Disabled
    gbic-invalid Disabled
    link-flap Disabled
    loopback Disabled
    pagp-flap Disabled
    psecure-violation Disabled
    security-violatio Disabled
    sfp-config-mismat Disabled
    storm-control Disabled
    udld Disabled
    vmps Disabled

    Timer interval: 300 seconds

    Interfaces that will be enabled at the next timeout:

    SES-Distribution#sh errdisable det
    SES-Distribution#sh errdisable detect
    ErrDisable Reason Detection Mode
    ----------------- --------- ----
    bpduguard Enabled port
    channel-misconfig Enabled port
    community-limit Enabled port
    dhcp-rate-limit Enabled port
    dtp-flap Enabled port
    gbic-invalid Enabled port
    invalid-policy Enabled port
    link-flap Enabled port
    loopback Enabled port
    lsgroup Enabled port
    pagp-flap Enabled port
    psecure-violation Enabled port/vlan
    security-violatio Enabled port
    sfp-config-mismat Enabled port
    storm-control Enabled port
    udld Enabled port
    vmps Enabled port
    SES-Distribution#sh errdisable fl
    SES-Distribution#sh errdisable flap-values
    ErrDisable Reason Flaps Time (sec)
    ----------------- ------ ----------
    pagp-flap 3 30
    dtp-flap 3 30
    link-flap 5 10

    --
    * John Oliver http://www.john-oliver.net/ *
     
    John Oliver, Nov 25, 2008
    #4
  5. John Oliver

    John Oliver Guest

    On Tue, 25 Nov 2008 20:15:38 +0100, Nicolai wrote:
    >> However, no errors are counted. How can I start to figure out what is
    >> happening and why?

    >
    > it could be:
    >
    > Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 15298


    Every Gi interface shows the same thing.

    > But my guess would be some sort of port-security triggered.
    >
    > Please post the configuration of the mentioned interface


    There is no config for this specific interface, other then VLAN
    membership:

    SES-Distribution#sh run
    Building configuration...

    Current configuration : 4102 bytes
    !
    ! Last configuration change at 08:50:00 PST Thu Nov 13 2008 by admin
    ! NVRAM config last updated at 08:53:43 PST Thu Nov 13 2008 by admin
    !
    version 12.2
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    service password-encryption
    !
    hostname SES-Distribution
    !
    enable secret 5 ******************************
    !
    username admin privilege 15 password 7 ********************
    aaa new-model
    aaa authentication login default local
    aaa authorization exec default local
    aaa authorization network default local
    !
    aaa session-id common
    clock timezone PST -8
    clock summer-time PDT recurring
    system mtu routing 1500
    ip subnet-zero
    !
    ip domain-name domain.com
    ip name-server 10.99.16.5
    ip name-server 10.99.16.7
    ip igmp snooping tcn query solicit
    ip igmp snooping querier
    no ip igmp snooping vlan 1
    !
    !
    !
    !
    !
    no file verify auto
    spanning-tree mode pvst
    spanning-tree extend system-id
    !
    vlan internal allocation policy ascending
    !
    interface GigabitEthernet0/1
    !
    interface GigabitEthernet0/2
    switchport access vlan 2
    !
    interface GigabitEthernet0/3
    switchport access vlan 2
    !
    interface GigabitEthernet0/4
    switchport access vlan 2
    !
    interface GigabitEthernet0/5
    switchport access vlan 2
    !
    interface GigabitEthernet0/6
    switchport access vlan 2
    !
    interface GigabitEthernet0/7
    switchport access vlan 2
    !
    interface GigabitEthernet0/8
    switchport access vlan 2
    !
    interface GigabitEthernet0/9
    switchport access vlan 3
    !
    interface GigabitEthernet0/10
    switchport access vlan 3
    !
    interface GigabitEthernet0/11
    switchport access vlan 3
    !
    interface GigabitEthernet0/12
    switchport access vlan 3
    !
    interface GigabitEthernet0/13
    switchport access vlan 3
    !
    interface GigabitEthernet0/14
    switchport access vlan 3
    !
    interface GigabitEthernet0/15
    switchport access vlan 3
    !
    interface GigabitEthernet0/16
    switchport access vlan 3
    !
    interface GigabitEthernet0/17
    switchport access vlan 4
    !
    interface GigabitEthernet0/18
    switchport access vlan 4
    !
    interface GigabitEthernet0/19
    switchport access vlan 4
    !
    interface GigabitEthernet0/20
    switchport access vlan 4
    !
    interface GigabitEthernet0/21
    switchport access vlan 4
    !
    interface GigabitEthernet0/22
    switchport access vlan 4
    !
    interface GigabitEthernet0/23
    switchport access vlan 4
    !
    interface GigabitEthernet0/24
    switchport access vlan 4
    !
    interface GigabitEthernet0/25
    switchport access vlan 5
    !
    interface GigabitEthernet0/26
    switchport access vlan 5
    !
    interface GigabitEthernet0/27
    switchport access vlan 5
    !
    interface GigabitEthernet0/28
    switchport access vlan 5
    !
    interface GigabitEthernet0/29
    switchport access vlan 5
    !
    interface GigabitEthernet0/30
    switchport access vlan 5
    !
    interface GigabitEthernet0/31
    switchport access vlan 5
    !
    interface GigabitEthernet0/32
    switchport access vlan 5
    !
    interface GigabitEthernet0/33
    switchport access vlan 6
    !
    interface GigabitEthernet0/34
    switchport access vlan 6
    !
    interface GigabitEthernet0/35
    switchport access vlan 6
    !
    interface GigabitEthernet0/36
    switchport access vlan 6
    !
    interface GigabitEthernet0/37
    switchport access vlan 6
    !
    interface GigabitEthernet0/38
    switchport access vlan 6
    !
    interface GigabitEthernet0/39
    switchport access vlan 6
    !
    interface GigabitEthernet0/40
    switchport access vlan 6
    !
    interface GigabitEthernet0/41
    switchport access vlan 5
    !
    interface GigabitEthernet0/42
    switchport access vlan 5
    !
    interface GigabitEthernet0/43
    switchport access vlan 5
    !
    interface GigabitEthernet0/44
    switchport access vlan 5
    !
    interface GigabitEthernet0/45
    switchport access vlan 5
    !
    interface GigabitEthernet0/46
    switchport access vlan 5
    !
    interface GigabitEthernet0/47
    switchport access vlan 5
    !
    interface GigabitEthernet0/48
    switchport access vlan 5
    !
    interface Vlan1
    ip address 10.99.16.54 255.255.248.0
    no ip route-cache
    !
    interface Vlan2
    no ip address
    no ip route-cache
    !
    ip default-gateway 10.99.16.1
    ip http server
    ip http secure-server
    snmp-server community public RO
    radius-server source-ports 1645-1646
    !
    control-plane
    !
    !
    line con 0
    line vty 5 15
    !
    ntp clock-period 36028626
    ntp server 10.99.16.5
    end

    --
    * John Oliver http://www.john-oliver.net/ *
     
    John Oliver, Nov 25, 2008
    #5
  6. John Oliver

    Sam Wilson Guest

    In article <>,
    John Oliver <> wrote:

    > On Tue, 25 Nov 2008 19:46:22 +0000, Sam Wilson wrote:
    > > In article <>,
    > > John Oliver <> wrote:
    > >
    > >> In the past week or two, I've hada three or four Gigabit Ethernet
    > >> interfaces on about as many 2960s go down and say "err-diabled".
    > >> :
    > >> :
    > >> However, no errors are counted. How can I start to figure out what is
    > >> happening and why?

    > >
    > > Start with "sh errdis ?" and look at the options. I don't have a 2960
    > > to hand but the 3550 I just checked offers detect, flap-values and
    > > recovery. We have recovery enabled and "sh errdis rec" shows (would
    > > show) a list of interfaces that would be reenabled at the next timeout.
    > > I don't know what you'll see.

    >
    > SES-Distribution#sh errdisable recovery
    > SES-Distribution#sh errdisable detect
    > SES-Distribution#sh errdisable flap-values
    > [nothing helpful]


    OK, try 'sh int status err-disabled' if your IOS supports that.

    Sam
     
    Sam Wilson, Nov 25, 2008
    #6
  7. John Oliver

    Stephen Guest

    On Tue, 25 Nov 2008 19:25:19 +0100 (CET), John Oliver
    <> wrote:

    >In the past week or two, I've hada three or four Gigabit Ethernet
    >interfaces on about as many 2960s go down and say "err-diabled". One
    >doesn't even have anything attached to it!


    try the various "sh err-dis" subcommands and it should be able to tell
    you what is going on.

    you can also set the ports (or entire switch) to auto recover after a
    time, and AFAIR for specific types of error.

    >
    >SES-Distribution#sh int Gi0/4
    >GigabitEthernet0/4 is down, line protocol is down (err-disabled)
    > Hardware is Gigabit Ethernet, address is 0022.be29.eb04 (bia
    >0022.be29.eb04)
    > MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
    > reliability 255/255, txload 1/255, rxload 1/255
    > Encapsulation ARPA, loopback not set
    > Keepalive set (10 sec)
    > Auto-duplex, Auto-speed, media type is 10/100/1000BaseTX
    > input flow-control is off, output flow-control is unsupported
    > ARP type: ARPA, ARP Timeout 04:00:00
    > Last input 1w5d, output 1w5d, output hang never
    > Last clearing of "show interface" counters never
    > Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops:
    >15298
    > Queueing strategy: fifo
    > Output queue: 0/40 (size/max)
    > 5 minute input rate 0 bits/sec, 0 packets/sec
    > 5 minute output rate 0 bits/sec, 0 packets/sec
    > 18322903 packets input, 20805679728 bytes, 0 no buffer
    > Received 18297621 broadcasts (0 multicasts)
    > 0 runts, 0 giants, 0 throttles
    > 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
    > 0 watchdog, 15121276 multicast, 0 pause input
    > 0 input packets with dribble condition detected
    > 166633 packets output, 226858846 bytes, 0 underruns
    > 0 output errors, 0 collisions, 1 interface resets
    > 0 babbles, 0 late collision, 0 deferred
    > 0 lost carrier, 0 no carrier, 0 PAUSE output
    > 0 output buffer failures, 0 output buffers swapped out
    >
    >
    >However, no errors are counted. How can I start to figure out what is
    >happening and why?

    --
    Regards

    - replace xyz with ntl
     
    Stephen, Nov 25, 2008
    #7
  8. John Oliver

    John Oliver Guest

    On Tue, 25 Nov 2008 20:52:09 +0000, Sam Wilson wrote:
    > OK, try 'sh int status err-disabled' if your IOS supports that.


    SES-Distribution#sh int status err-disabled

    Port Name Status Reason
    Err-disabled Vlans
    Gi0/4 err-disabled loopback


    And, of course, that interface is down again. I'm shutting it and then
    no-shutting it. But, apparently, it's just going to go down again.

    --
    * John Oliver http://www.john-oliver.net/ *
     
    John Oliver, Nov 26, 2008
    #8
  9. John Oliver

    News Reader Guest

    John Oliver wrote:
    > On Tue, 25 Nov 2008 20:52:09 +0000, Sam Wilson wrote:
    >> OK, try 'sh int status err-disabled' if your IOS supports that.

    >
    > SES-Distribution#sh int status err-disabled
    >
    > Port Name Status Reason
    > Err-disabled Vlans
    > Gi0/4 err-disabled loopback
    >
    >
    > And, of course, that interface is down again. I'm shutting it and then
    > no-shutting it. But, apparently, it's just going to go down again.
    >


    Your command output is conveying a reason - "loopback".

    A simple Google search (err-disabled loopback) returned the following
    link (among others):

    http://ciscosystems.com/application/pdf/paws/69980/errdisable_recovery.pdf

    Do a simple search within the document for the term "Loopback error" to
    find the information desired.

    Best Regards,
    News Reader
     
    News Reader, Nov 26, 2008
    #9
  10. John Oliver

    Sam Wilson Guest

    In article <4a1Xk.94$>,
    News Reader <> wrote:

    > John Oliver wrote:
    > > On Tue, 25 Nov 2008 20:52:09 +0000, Sam Wilson wrote:
    > >> OK, try 'sh int status err-disabled' if your IOS supports that.

    > >
    > > SES-Distribution#sh int status err-disabled
    > >
    > > Port Name Status Reason
    > > Err-disabled Vlans
    > > Gi0/4 err-disabled loopback
    > >
    > >
    > > And, of course, that interface is down again. I'm shutting it and then
    > > no-shutting it. But, apparently, it's just going to go down again.


    So check up on the errdisable recovery command(s). BUT...

    > Your command output is conveying a reason - "loopback".
    >
    > A simple Google search (err-disabled loopback) returned the following
    > link (among others):
    >
    > http://ciscosystems.com/application/pdf/paws/69980/errdisable_recovery.pdf
    >
    > Do a simple search within the document for the term "Loopback error" to
    > find the information desired.


    .... what he said! Find out what the problem is (you have a loop in your
    network somewhere) and fix it and then the port will stop going down.

    Sam
     
    Sam Wilson, Nov 26, 2008
    #10
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Peter
    Replies:
    2
    Views:
    1,083
  2. Brad B.
    Replies:
    1
    Views:
    684
  3. Darren Green
    Replies:
    5
    Views:
    773
    Hansang Bae
    Jun 24, 2004
  4. Rip Reechi
    Replies:
    1
    Views:
    550
    David Van Cleef
    Jul 1, 2004
  5. Voitec
    Replies:
    2
    Views:
    486
    Voitec
    Mar 20, 2005
Loading...

Share This Page