Err-disabled Recovery Questions
Question 1
Question 2
Explanation
You can also bring up the port by using these commands:
+ The “shutdown” interface configuration command followed by the “no shutdown” interface configuration command restarts the disabled port.
+ The “no udld {aggressive | enable}” global configuration command followed by the “udld {aggressive | enable}” global configuration command re-enables the disabled ports.
+ The “no udld port” interface configuration command followed by the “udld port [aggressive]” interface configuration command re-enables the disabled fiber-optic port.
+ The “errdisable recovery cause udld” global configuration command enables the timer to automatically recover from the UDLD error-disabled state, and the “errdisable recovery interval interval” global configuration command specifies the time to recover from the UDLD error-disabled state.
Therefore in fact in this question answer “UDLD reset” is acceptable but it does not clearly describe how.
Question 3
Question 4
Question 5
Question 6
Explanation
In order to turn on errdisable recovery and choose the errdisable conditions, issue this command:
cat6knative#errdisable recovery cause ?
…….
gbic-invalid Enable timer to recover from invalid GBIC error disable state
Question 7
Question 8
Explanation
This is the paragraph which describes about the “show errdisable recovery” command on Cisco website:
“If you have enabled errdisable recovery, you can determine the reason for the errdisable status if you issue the “show errdisable recovery” command. An example of the output of this command is shown below:
Switch#show errdisable recovery ErrDisable Reason Timer Status ----------------- -------------- udld Enabled bpduguard Enabled security-violatio Enabled channel-misconfig Enabled pagp-flap Enabled dtp-flap Enabled link-flap Enabled l2ptguard Enabled psecure-violation Enabled gbic-invalid Enabled dhcp-rate-limit Enabled mac-limit Enabled unicast-flood Enabled arp-inspection Enabled Timer interval: 300 seconds Interfaces that will be enabled at the next timeout: Interface Errdisable reason Time left(sec) --------- --------------------- -------------- Fa2/4 bpduguard 273
So answer A seems to be correct but the above quote is very misleading. In fact, this command is used to verify which services/features were enabled for err-disable recovery (notice that the err-disable recovery feature is disabled by default for all services and features and we have to manually turn them on if we want to use via the command “errdisable recovery cause …”). If we allows all above services/features to automatically recover then we will not know the reason a port was error-disabled.
In fact, the best way to determine why a port is in the err-disabled state is to view the Syslog messages. For example:
%PM-4-ERR_DISABLE: psecure-violation error detected on Fa0/1, putting Fa0/1 in err-disable state |
This means Fa0/1 is put in err-disabled state because of a port security violation.
Note: The command “show errdisable detect” is used to identify which services are enabled for Errdisable only (for example, services like “arp-inspection”, bpduguard, UDLD,…)
Question 9
Explanation
When a port is error-disabled, the LED associated with the port on the front panel is solid orange.
Reference: https://www.cisco.com/c/en/us/support/docs/lan-switching/ethernet/12017-20.html
Error-disabled is same as shut down state so all traffic on this port are stopped.
Question 10
Explanation
When a port security is violated, that port can be put into errdisable state -> B is correct.
When a maximum number of hosts per port was reached, learning a new MAC address can put that port into errdisable state -> D is correct.
Q2. I think C is incorrect. You can’t do “shut and restart” but “shut and no shut”. I think the answer should be A and B.
Q8. According to Cisco documentation:
show errdisable detect—Displays the current settings of the errdisable timeout feature and, if any of the portsthat they are err are currently error disabled, the reason or disabled.
https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/69980-errdisable-recovery.html
This is confusing because it suggests three answers are correct (A B C)
Q8. According to Cisco documentation:
Displays the current settings of the errdisable timeout feature and, if any of the ports are currently error disabled, the reason that they are error disabled.
https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/69980-errdisable-recovery.html
This is confusing because it suggests three answers are correct (A B C)
Switch#(config) udld reset (resets disabled udld ports).
^ This will reset disabled ports that encounter udld issues?
Q1 is not worded correctly in my opinion.
Question 4
%SPANTREE-2-CHNL_MISCFG: Detected loop due to etherchannel misconfiguration
of Gi4/1
^That is an etherchannel misconfiguration error and it puts the port into errdisable due to STP loop issue. How is the answer ONLY UDLD?
Switch#(config) udld reset (resets disabled udld ports).
^ This will reset disabled ports that encounter udld issues?
Q1 is not worded correctly in my opinion.
And, “shut/ no shut”
The fourth question should be:
You have recently deployed an access switch with two fiber cables that connect it to a distribution switch in EtherChannel mode. Soon after it booted up, one of the uplink ports to the distribution switch was error-disabled.
Which statement describes the reason for the failure?
A. The switch is operating in UDLD aggressive mode and it failed to receive a UDLD message from the peer.
B. The port-channel detected an inconsistent configuration.
C. The switch is operating in UDLD normal mode and it failed to receive a UDLD message from the peer.
D. Spanning tree is detected a loop.
Correct Answer: A
Question 10 I think is collision
Causes of Errdisable
This feature was first implemented in order to handle special collision situations in which the switch detected excessive or late collisions on a port. Excessive collisions occur when a frame is dropped because the switch encounters 16 collisions in a row. Late collisions occur after every device on the wire should have recognized that the wire was in use. Possible causes of these types of errors include:
A cable that is out of specification (either too long, the wrong type, or defective)
A bad network interface card (NIC) card (with physical problems or driver problems)
A port duplex misconfiguration
A port duplex misconfiguration is a common cause of the errors because of failures to negotiate the speed and duplex properly between two directly connected devices (for example, a NIC that connects to a switch). Only half-duplex connections should ever have collisions in a LAN. Because of the carrier sense multiple access (CSMA) nature of Ethernet, collisions are normal for half duplex, as long as the collisions do not exceed a small percentage of traffic.
There are various reasons for the interface to go into errdisable. The reason can be:
Duplex mismatch
Port channel misconfiguration
BPDU guard violation
UniDirectional Link Detection (UDLD) condition
Late-collision detection
Link-flap detection
Security violation
Port Aggregation Protocol (PAgP) flap
Layer 2 Tunneling Protocol (L2TP) guard
DHCP snooping rate-limit
Incorrect GBIC / Small Form-Factor Pluggable (SFP) module or cable
Address Resolution Protocol (ARP) inspection
Inline power