Home > IT Blogs > Network technologies and trends >

Network technologies and trends:

Err-disable

Nov 22 2008   7:22AM GMT

Why should we consider implementing DHCP Snooping?



Posted by: Yasir Irfan
Networking, Security, DHCP, Switches, Cisco, Switching, Cisco 2960, Cisco 2950, Cisco 6500, Cisco Tips, Cisco 3560, Cisco 3750-E, Cisco 3560-E, Err-disable, Cisco Systems, Cisco 6500 Series Catalyst Switch, Cisco 6503, DHCP Snooping

Dear FriendsIn my previous post I was discussing about the DHCP Snooping, it may be hard to believe a DHCP sever can lead to lot troubles in your network. Consider a host sends out DHCP discovery packets, it listens for a DHCP offers packets and accepts the first available offer from a DHCP server. Guess what happens if the host gets a DHCP offer from a rouge DHCP server? The host could end up with using rouge DHCP server with an IP address and the default gateway. The host cannot access any of the resources from your network. 

Yes we can prevent this with DHCP snooping thanks to Cisco. DHCP snooping classifies interfaces as either trusted or untrusted. DHCP messages received on trusted interfaces will be permitted to pass through the Cisco switch, but DHCP messages received on untrusted interface in a Cisco Switch results in putting the interface into error disable state. Configuring DHCP snooping in a Network is quite troublesome job but I will try to make things easier for you by using a scenario, which hopefully I am going post soon.

AddThis Social Bookmark Button     1 Comment     RSS Feed     Email a friend

Aug 17 2008   5:55AM GMT

What is the Link-flap error in Cisco Switches?



Posted by: Yasir Irfan
Switches, Cisco, Cisco 2950, Cisco 6500, Cisco 3560, Cisco 3750-E, Cisco 3560-E, Link-Flap, Err-disable, Layer 1 issues

Link flap means that the interface continually goes up and down in a Cisco Switch. The interface is put into the errdisabled state if it flaps more than five times in 10 seconds. The common cause of link flap is a Layer 1 issue such as a bad cable, duplex mismatch, or bad Gigabit Interface Converter (GBIC) card. Look at the console messages or the messages that were sent to the syslog server that state the reason for the port shutdown.

13w0d: %PM-4-ERR_DISABLE: link-flap error detected on Fa0/28, putting Fa0/28 in err-disable state 

Issue this command in order to view the flap values:

SRCL-ONC-3550-AS01# sho errdisable flap-values  ErrDisable Reason    Flaps     Time (sec)

—————–        ——   ———-

pagp-flap                        3       30

dtp-flap                           3       30

link-flap                           5       10

SRCL-ONC-3550-AS01# 

The interface can be recovered from errdisable state by reenabling the port using the errdisable recovery cause link-flap. This command is used to configure the recovery mechanism so that the interface can be brought out of the disabled state and allowed to try again. You can also set the time interval. Errdisable recovery is disabled by default in Cisco Switches; when enabled, the default time interval is 300 seconds.

Once you enable the errdisable state you can see the following log in the Cisco switch which is trying to recover the error disable interface (link-flap error)

13w0d: %PM-4-ERR_RECOVER: Attempting to recover from link-flap err-disable state on Fa0/28

AddThis Social Bookmark Button     0 Comments     RSS Feed     Email a friend