Ports Shutting Down 2

[sohtnax]

Lately it seems as though arndom ports hav been shutting down on my 3500 series switch.

Here is the status on one of the ports that recently went down. Can anyone tell me what is causing this, and how I can prevent it????

FastEthernet0/20 is administratively down, line protocol is down
Hardware is Fast Ethernet, address is 0009.7c7a.a210 (bia 0009.7c7a.a210)
Description: Jack45L - mfayaz
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s
input flow-control is off, output flow-control is off
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue :0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
162748543 packets input, 1155652981 bytes, 0 no buffer
Received 370056 broadcasts, 0 runts, 0 giants, 0 throttles
39 input errors, 39 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 109291 multicast, 0 pause input
0 input packets with dribble condition detected
244992833 packets output, 956243023 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out

 

[fmonteiro]

This interface is "administratively down". It means that the interface was manually "shutdown".In this case you must have this command listed as an interface command. Perhaps you should limit the access to your equipment.

 

[sohtnax]

Access is limited, and I am the only person who does in fact have access. Therefore, my problem is that they are shutting down on their own.

Any thoughts?

 

[rburke]

Why don't you try reseting the Enale password and telnet password and see if they are still shutting down... Unless it is a software error I've never heard of there is only one way for a port to go Admin down, that is y someone shutting it down manually. Try reseting the passwords and see if it continues.


Burke

 

[schim]

Manually shut down ??? This is complete bullshit.As you can see there are input errors coming from your client.The cause of this can be a broken patch-cord or wall-outlet.Happens a lot.Replace the cord and check again.

greetz Schim

 

[sohtnax]

Thanks Schim!

 

[sohtnax]

How can I clear the errors on these ports?

 

[schim]

sohtnax,

Go in enabled mode , command = clear counters fa0/23

all counters are set to 0 now.

bye

 

[IPKONFIG]

Interresting...

Cisco IOS based switches have the concept of error-disable for shutting down active ports that are having problems, like flapping ports with excessive link state changes, excessive bundle/unbundle requests from EtherChannel, Spanning-Tree Protocol (STP) problems, and UniDirectional Link Detection (UDLD) problems. So to make the statement that Shim made of,"Manually shut down ??? This is complete bullshit. doesn't seem to help anyone that's having these problems.

To automatically assume that you have a cable issue is a little presumptuous if you ask me. A lot of things could be causing errors on a switch port. Let me list a few of them:
Duplex mismatch
Speed mismatch
Faulty NIC card
Attenuation due to electrical interference
And of course a possible cable issue.

Last but not least, this switch port did not shut itself down due to CRC's or FCS errors. Compared to the input packets on this port, the CRC's and FCS's are less than 1/2 of 1% of the total traffic. There is another issue here besides the CRC's and FCS errors. Only my opinion.


"I can picture a world without war. A world without hate. A world without fear. And I can picture us attacking that world, because they'd never expect it."
- Jack Handey, Deep Thoughts

 

[fynx]

Firstly,

Schim - where do you get off? You don't become this forums top expert by talking bullshit. IPKONFIG is one of the most enlightened and helpful people I've ever worked with on a problem posted here. If you have something positive to add then fine but if you're going to be rude and arrogant I'd rather you kept it zipped.

Secondly...
I wish all I had to do was change cables every time I got a network problem!!! lol...

Thirdly... <calm...>
switch# show interface status
is a useful command in later revisions of IOS (12.2+ ?) is a useful command to see a summary of the interface statuses. I have to use it a lot, much of my infrastructure came from an older IBM background and most of the buildings I support are flood wired with type-1 cabling (the stuff with loop bars in for token ring networks). Cisco were the only manufacturer which could support the use of type-1 cabling for Ethernet, by err-disabling ports that it recognises as being an open type-1 data connector - just another reason for having ports in err-disabled state.

Keep up the good work IPK!
Cheers,
Phil.

If everything is coming your way then you're in the wrong lane.

 

[schim]

Mr.Fynx,

Copying a cisco book is no problem for most of the people.My ambition doesnot go to become a forum expert , i only want to help people straight-forward offering a real solution though without a lot of &quot;copy paste&quot; cisco talk ,that is what benefits most questions here.So step down off your cloud and communicate in a normal way.

cheers, Schim

 

[junior238]

First off I would like to say that the switch does not put ports in administratively shutdown mode on its own. The switch will err-disable ports or block traffic via STP on ports but not shut them down. What I suspect is happening is that at one point you shut the port down, wrote the config to startup and then turned the port back on without saving the config. I would do a show run and show start and make sure that the port isn't shutdown in the startup config. I would also check the uptime on the swith when you expereince this problem to rule out a difference in your startup and running configs. Next is a message I posted that should help you trouble shot err-disabled ports.

I've been reading these posts about err-disabled ports, and nobody seems to be giving an accurate solution. I've have ports that go err-disabled every day. Removing things like STP, and port security are not a solution. Here are some very useful commands when troubleshooting err-disabled ports.

switch#show inte status err-disable

This command will show you the ports that are err-disable and then give you the exact reason of why it is shutdown.


switch#show errdisable detect
ErrDisable Reason Detection status
----------------- ----------------
pagp-flap Enabled
dtp-flap Enabled
link-flap Enabled
gbic-invalid Enabled

This command will show you what auto detection is the switch is performing.


switch#show errdisable flap-values
ErrDisable Reason Flaps Time (sec)
----------------- ------ ----------
pagp-flap 3 30
dtp-flap 3 30
link-flap 5 10

This command will show you what values need to be met in order to go err-disable.


And most useful:
switch#show errdisable recovery
ErrDisable Reason Timer Status
----------------- --------------
udld Disabled
bpduguard Disabled
channel-misconfig Disabled
pagp-flap Disabled
dtp-flap Disabled
link-flap Disabled
psecure-violation Disabled
gbic-invalid Disabled

Timer interval: 300 seconds

Interfaces that will be enabled at the next timeout:

This command allows you to see what can be auto recovered. Now obviously all of these values can be modified throug the config mode.


Hope this helps more the the other garbage I've been reading.

PJ

 

[bierhunter]

A switch can automatically put a port in &quot;administratively shutdown&quot; mode if there is a port security violation. Do you have port security enabled? Just thinking that maybe you inherited this switch and a previous person configured it.

The only times I've seen admin shutdowns are when a person does it, or a security violation occurs.

Cable problems, errors, etc will not cause administrative shutdowns.

Good luck.

 

[kythri]

I've got a port on a switch connected to a printer that has just gone &quot;admin down&quot;. It did this automatically without person-intervention.

Is there an easy way to turn this port back on in the web-interface?

My company has terminated it's network guy, and pushed network support off to some of us techs here, and we don't really know much more than the web console settings...

Thanks for the help.

 

[kccane03]

A port can also go "Admin Down" if there is a duplex-mismatch. I am using a 6509. If you use the command:

show errdisable-timeout

Port ErrDisable Reason Port ErrDisableTimeout Action on Timeout
---- ------------------- ---------------------- -----------------
3/37 duplex-mismatch Enable No Change

You will see why a the port locked up. Now from CiscoWorks or command line, this port is "Admin Down".