RE: udld on 3550

From: Scott Morris (swm@emanon.com)
Date: Thu Jul 08 2004 - 20:58:12 GMT-3

• Next message: Scott Morris: "RE: udld on 3550"
• Previous message: Kenneth Wygand: "RE: udld on 3550"
• Maybe in reply to: tycampbell@comcast.net: "udld on 3550"
• Next in thread: Scott Morris: "RE: udld on 3550"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

The cause state is on by default... Meaning that every port in your system
will detect things like port security violations, udld violations, etc. and
place the port in an errdisabled state if this occurs.

The port will remain in this state until you manually do something about it
(shut/no shut).

The errdisable recovery code has been added in to allow a timer (default 300
sec) to be used to automatically reset the port, but you can control for
which violations. For example, if UDLD is your culprit, given the
hardware/cable problem that has ensued, you would not want the switch
magically reenabling the port every 5 minutes. Talk about intermittantly
screwing up your network with a potential stp loop!

On the other hand, for something like port security, you may just want to
punish your users for, say 3 hours, and ignore their pleas for help due to
their ignoring your policies about one machine per port policy. :)

 
Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, CISSP,
JNCIP, et al.
IPExpert CCIE Program Manager
IPExpert Sr. Technical Instructor
swm@emanon.com/smorris@ipexpert.net
http://www.ipexpert.net
 
 

-----Original Message-----
From: Kenneth Wygand [mailto:KWygand@customonline.com]
Sent: Thursday, July 08, 2004 5:08 PM
To: swm@emanon.com; ccie2be; tycampbell@comcast.net; ccielab@groupstudy.com
Subject: RE: udld on 3550

Hey Scott,

Thank you for your explanation, but due to my ignorance, I'm still confused.

Let's say you have a port f0/1 for which you enable "errdisable detect
cause". Does this mean that the IOS will "realize" when this port goes to
errdisable state, but if "errdisable detect cause" was disabled, that the
IOS wouldn't know the port went to errdisable state?

Then if "errdisable recovery" is enabled for that port, the IOS will take
the port out of errdisable state when the configured timer expires, or 300
seconds by default. If "errdisable recovery" is disabled for that port, but
"errdisable detect cause" is enabled, the IOS will *know*
(detect) the errdisable state, but will not recover from it. Is this
correct?

If this is not correct, can you please explain with a real-world example of
the possible combinations and how the router views each situation as such?

Thanks! :)

Kenneth E. Wygand
Systems Engineer, Project Services
CISSP #37102, CCNP, CCDP, ACSP, Cisco IPT Design Specialist, MCP, CNA,
Network+, A+
Custom Computer Specialists, Inc.
"The only unattainable goal is the one not attempted."
-Anonymous

-----Original Message-----
From: Scott Morris [mailto:swm@emanon.com]
Sent: Thursday, July 08, 2004 4:56 PM
To: Kenneth Wygand; 'ccie2be'; tycampbell@comcast.net;
ccielab@groupstudy.com
Subject: RE: udld on 3550

The 'detect cause' is setting up WHY you would stick a port into an
errdiabled state. You can turn the things off which annoy you.

The 'recovery' part is setting up what to do after you have been annoyed.

So by default, the switch likes to annoy you, but not do anything about it!
It's all in the perspective!

 
Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, CISSP,
JNCIP, et al.
IPExpert CCIE Program Manager
IPExpert Sr. Technical Instructor
swm@emanon.com/smorris@ipexpert.net
http://www.ipexpert.net
 
 

-----Original Message-----
From: Kenneth Wygand [mailto:KWygand@customonline.com]
Sent: Thursday, July 08, 2004 4:27 PM
To: ccie2be; Scott Morris; tycampbell@comcast.net; ccielab@groupstudy.com
Subject: RE: udld on 3550

Tim,

This is what I was able to find, which confuses me a bit - what is the
difference between "errdisable detect cause" (which is enabled by
default) and "errdisable recovery" (which is disabled by default)?

<SNIP>
"ERRDISABLE DETECT CAUSE" command
---------------------------------
errdisable detect cause
Use the errdisable detect cause global configuration command to enable error
disable detection for a specific cause or all causes. Use the no form of
this command to disable the error disable detection feature.

Defaults
Detection is enabled for all causes.

"ERRDISABLE RECOVERY" command
---------------------------------
errdisable recovery
Use the errdisable recovery global configuration command to configure the
recover mechanism variables. Use the no form of this command to return to
the default setting.

Defaults
Recovery is disabled for all causes.

The default recovery interval is 300 seconds.
</SNIP>

Kenneth E. Wygand
Systems Engineer, Project Services
CISSP #37102, CCNP, CCDP, ACSP, Cisco IPT Design Specialist, MCP, CNA,
Network+, A+
Custom Computer Specialists, Inc.
"The only unattainable goal is the one not attempted."
-Anonymous

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
ccie2be
Sent: Thursday, July 08, 2004 4:09 PM
To: Scott Morris; tycampbell@comcast.net; ccielab@groupstudy.com
Subject: Re: udld on 3550

Unless I'm mistaken ( which happens often), all causes (there are about a
dozen or so) of err-disabled are enabled by default.

Isn't that right?

----- Original Message -----
From: "Scott Morris" <swm@emanon.com>
To: <tycampbell@comcast.net>; <ccielab@groupstudy.com>
Sent: Thursday, July 08, 2004 2:05 PM
Subject: RE: udld on 3550

> You may also want to add "errdisable recovery cause udld" to actually
enact
> it. The interval is simply the timer.
>
>
> Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713,
CISSP,
> JNCIP, et al.
> IPExpert CCIE Program Manager
> IPExpert Sr. Technical Instructor
> swm@emanon.com/smorris@ipexpert.net
> http://www.ipexpert.net
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
Of
> tycampbell@comcast.net
> Sent: Thursday, July 08, 2004 8:47 AM
> To: ccielab@groupstudy.com
> Subject: udld on 3550
>
> I have a task that specifies that both switches should be able to
determine
> whether a physical link defect prohibits bidirectional
communication...
>
> ok..this is udld
>
> but after that, it says that they should be able to automatically
recover
> after an hour....
>
> would this be "errdisable recovery interval 3600" ?
>
> just want to make sure....
>
>
> Thanks!
>
>

• Next message: Scott Morris: "RE: udld on 3550"
• Previous message: Kenneth Wygand: "RE: udld on 3550"
• Maybe in reply to: tycampbell@comcast.net: "udld on 3550"
• Next in thread: Scott Morris: "RE: udld on 3550"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Aug 01 2004 - 10:11:50 GMT-3