1. Home
  2. Cisco Systems
  3. 2960 Ethernet interfaces going down

2960 Ethernet interfaces going down

In the past week or two, I've hada three or four Gigabit Ethernet interfaces on about as many 2960s go down and say "err-diabled". One doesn't even have anything attached to it!

SES-Distribution#sh int Gi0/4 GigabitEthernet0/4 is down, line protocol is down (err-disabled) Hardware is Gigabit Ethernet, address is 0022.be29.eb04 (bia

0022.be29.eb04) MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Auto-duplex, Auto-speed, media type is 10/100/1000BaseTX input flow-control is off, output flow-control is unsupported ARP type: ARPA, ARP Timeout 04:00:00 Last input 1w5d, output 1w5d, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 15298 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 18322903 packets input, 20805679728 bytes, 0 no buffer Received 18297621 broadcasts (0 multicasts) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 15121276 multicast, 0 pause input 0 input packets with dribble condition detected 166633 packets output, 226858846 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier, 0 PAUSE output 0 output buffer failures, 0 output buffers swapped out

However, no errors are counted. How can I start to figure out what is happening and why?

Reply to
John Oliver
Loading thread data ...

it could be:

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 15298

But my guess would be some sort of port-security triggered.

Please post the configuration of the mentioned interface

Reply to
Nicolai

Start with "sh errdis ?" and look at the options. I don't have a 2960 to hand but the 3550 I just checked offers detect, flap-values and recovery. We have recovery enabled and "sh errdis rec" shows (would show) a list of interfaces that would be reenabled at the next timeout. I don't know what you'll see.

Sam

Reply to
Sam Wilson

SES-Distribution#sh errdisable recovery ErrDisable Reason Timer Status

----------------- -------------- bpduguard Disabled channel-misconfig Disabled dhcp-rate-limit Disabled dtp-flap Disabled gbic-invalid Disabled link-flap Disabled loopback Disabled pagp-flap Disabled psecure-violation Disabled security-violatio Disabled sfp-config-mismat Disabled storm-control Disabled udld Disabled vmps Disabled

Timer interval: 300 seconds

Interfaces that will be enabled at the next timeout:

SES-Distribution#sh errdisable det SES-Distribution#sh errdisable detect ErrDisable Reason Detection Mode

----------------- --------- ---- bpduguard Enabled port channel-misconfig Enabled port community-limit Enabled port dhcp-rate-limit Enabled port dtp-flap Enabled port gbic-invalid Enabled port invalid-policy Enabled port link-flap Enabled port loopback Enabled port lsgroup Enabled port pagp-flap Enabled port psecure-violation Enabled port/vlan security-violatio Enabled port sfp-config-mismat Enabled port storm-control Enabled port udld Enabled port vmps Enabled port SES-Distribution#sh errdisable fl SES-Distribution#sh errdisable flap-values ErrDisable Reason Flaps Time (sec)

----------------- ------ ---------- pagp-flap 3 30 dtp-flap 3 30 link-flap 5 10

Reply to
John Oliver

Every Gi interface shows the same thing.

There is no config for this specific interface, other then VLAN membership:

SES-Distribution#sh run Building configuration...

Current configuration : 4102 bytes ! ! Last configuration change at 08:50:00 PST Thu Nov 13 2008 by admin ! NVRAM config last updated at 08:53:43 PST Thu Nov 13 2008 by admin ! version 12.2 no service pad service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname SES-Distribution ! enable secret 5 ****************************** ! username admin privilege 15 password 7 ******************** aaa new-model aaa authentication login default local aaa authorization exec default local aaa authorization network default local ! aaa session-id common clock timezone PST -8 clock summer-time PDT recurring system mtu routing 1500 ip subnet-zero ! ip domain-name domain.com ip name-server 10.99.16.5 ip name-server 10.99.16.7 ip igmp snooping tcn query solicit ip igmp snooping querier no ip igmp snooping vlan 1 ! ! ! ! ! no file verify auto spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 switchport access vlan 2 ! interface GigabitEthernet0/3 switchport access vlan 2 ! interface GigabitEthernet0/4 switchport access vlan 2 ! interface GigabitEthernet0/5 switchport access vlan 2 ! interface GigabitEthernet0/6 switchport access vlan 2 ! interface GigabitEthernet0/7 switchport access vlan 2 ! interface GigabitEthernet0/8 switchport access vlan 2 ! interface GigabitEthernet0/9 switchport access vlan 3 ! interface GigabitEthernet0/10 switchport access vlan 3 ! interface GigabitEthernet0/11 switchport access vlan 3 ! interface GigabitEthernet0/12 switchport access vlan 3 ! interface GigabitEthernet0/13 switchport access vlan 3 ! interface GigabitEthernet0/14 switchport access vlan 3 ! interface GigabitEthernet0/15 switchport access vlan 3 ! interface GigabitEthernet0/16 switchport access vlan 3 ! interface GigabitEthernet0/17 switchport access vlan 4 ! interface GigabitEthernet0/18 switchport access vlan 4 ! interface GigabitEthernet0/19 switchport access vlan 4 ! interface GigabitEthernet0/20 switchport access vlan 4 ! interface GigabitEthernet0/21 switchport access vlan 4 ! interface GigabitEthernet0/22 switchport access vlan 4 ! interface GigabitEthernet0/23 switchport access vlan 4 ! interface GigabitEthernet0/24 switchport access vlan 4 ! interface GigabitEthernet0/25 switchport access vlan 5 ! interface GigabitEthernet0/26 switchport access vlan 5 ! interface GigabitEthernet0/27 switchport access vlan 5 ! interface GigabitEthernet0/28 switchport access vlan 5 ! interface GigabitEthernet0/29 switchport access vlan 5 ! interface GigabitEthernet0/30 switchport access vlan 5 ! interface GigabitEthernet0/31 switchport access vlan 5 ! interface GigabitEthernet0/32 switchport access vlan 5 ! interface GigabitEthernet0/33 switchport access vlan 6 ! interface GigabitEthernet0/34 switchport access vlan 6 ! interface GigabitEthernet0/35 switchport access vlan 6 ! interface GigabitEthernet0/36 switchport access vlan 6 ! interface GigabitEthernet0/37 switchport access vlan 6 ! interface GigabitEthernet0/38 switchport access vlan 6 ! interface GigabitEthernet0/39 switchport access vlan 6 ! interface GigabitEthernet0/40 switchport access vlan 6 ! interface GigabitEthernet0/41 switchport access vlan 5 ! interface GigabitEthernet0/42 switchport access vlan 5 ! interface GigabitEthernet0/43 switchport access vlan 5 ! interface GigabitEthernet0/44 switchport access vlan 5 ! interface GigabitEthernet0/45 switchport access vlan 5 ! interface GigabitEthernet0/46 switchport access vlan 5 ! interface GigabitEthernet0/47 switchport access vlan 5 ! interface GigabitEthernet0/48 switchport access vlan 5 ! interface Vlan1 ip address 10.99.16.54 255.255.248.0 no ip route-cache ! interface Vlan2 no ip address no ip route-cache ! ip default-gateway 10.99.16.1 ip http server ip http secure-server snmp-server community public RO radius-server source-ports 1645-1646 ! control-plane ! ! line con 0 line vty 5 15 ! ntp clock-period 36028626 ntp server 10.99.16.5 end

Reply to
John Oliver

OK, try 'sh int status err-disabled' if your IOS supports that.

Sam

Reply to
Sam Wilson

try the various "sh err-dis" subcommands and it should be able to tell you what is going on.

you can also set the ports (or entire switch) to auto recover after a time, and AFAIR for specific types of error.

Reply to
Stephen

SES-Distribution#sh int status err-disabled

Port Name Status Reason Err-disabled Vlans Gi0/4 err-disabled loopback

And, of course, that interface is down again. I'm shutting it and then no-shutting it. But, apparently, it's just going to go down again.

Reply to
John Oliver

Your command output is conveying a reason - "loopback".

A simple Google search (err-disabled loopback) returned the following link (among others):

formatting link
Do a simple search within the document for the term "Loopback error" to find the information desired.

Best Regards, News Reader

Reply to
News Reader

So check up on the errdisable recovery command(s). BUT...

... what he said! Find out what the problem is (you have a loop in your network somewhere) and fix it and then the port will stop going down.

Sam

Reply to
Sam Wilson

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.