Can a switchport be configured to be disabled due to excessive errors

Unanswered Question
Feb 14th, 2008
User Badges:

While looking through 4500 IOS installation/config-guides/reference-guides I thought I saw a method to configure a switchport to become disabled due to excessive input/output errors. Is there such a capability/feature?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)

Hi, I read your post and the closest thing I know of to what you are asking is the storm control command. I know you can set and error threshold but not sure if it will shutdown the port.

storm-control level

To set the suppression level, use the storm-control level command. Use the no form of this command to turn off the suppression mode.

storm-control {broadcast | multicast | unicast} level level[.level]

no storm-control {broadcast | multicast | unicast} level

Syntax Description


Broadcast traffic.


Multicast traffic.


Unicast traffic.


Integer suppression level; valid values are from 0 to 100 percent.


(Optional) Fractional suppression level; valid values are from 0 to 99.


All packets are passed.

james.hicks Thu, 02/14/2008 - 17:28
User Badges:

Thank you for your reply. I'm aware of storm-control for bcst/mcast/ucast. We have been asked to allow a customer owned and maintained switch to be connected to our switch (we are providing a isolated vlan for the customer, but they need more ports). The interface is in access mode, on the isolated vlan .

We have spanning-tree bpduguard enabled globally, so of course the port errdisabled when the coam switch was connected when bpdu's arrived. So we will disable portfast on that port. Plus I suggest at a minimum;

spanning-tree guard root

switchport access vlan xxx

switchport nonegotiate

no cdp enable

While putting together some info on the stp guard root I thought I'd seen something about errdisable/?? when input and/or output error counters were high. I'll reread the sections tomorrow.

Actually, malformed frames are tossed aren't they?

We were wanting to be sure we protected our device from customer induced issues.


james.hicks Thu, 02/14/2008 - 17:40
User Badges:

As you can see by my other reply, the stp bpdu guard did it's job when the customer switches bdpdu's arrived on the interface.

I reviewed errdisable and I understand it takes effect by default for other features when enabled (bdduguard, link-flap, security-violation, etc).

We will allow the customer switch to be connected to ours for the time being. I was wanting to mitigate customer induced problems/mis-configs/ect from effecting our box.

Thanks Edison.



This Discussion