Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

clear errdisable - is not working

Hello everyone,

from cisco site:

You can re-enable a port by using the shutdown and  no  shutdown interface configuration commands, or you can clear error disable  for VLANs by using the clear errdisable  interface command.

This example shows how to re-enable all VLANs that were  error-disabled on port 2.

Switch# clear errdisable interface GigabitEthernet 0/2 vlan

Practice:

I have got on a L2-switch (C2960 Software (C2960-LANBASEK9-M), Version 12.2(44)SE6) a port in err-disable state.

!

interface GigabitEthernet0/15

switchport access vlan 103

switchport mode access

switchport port-security

switchport port-security mac-address 0000.0000.0001

speed 100

!

Switch_Colo_Cisco1#sh run int gi 0/15int gigabitEthernet 0/15

GigabitEthernet0/15 is down, line protocol is down (err-disabled)

!

Switch_Colo_Cisco1#clear errdisable interface gigabitEthernet 0/15 vlan 103

!

Switch_Colo_Cisco1#sh  port-security          

Secure Port  MaxSecureAddr  CurrentAddr  SecurityViolation  Security Action

                (Count)       (Count)          (Count)

---------------------------------------------------------------------------

     Gi0/15              1            1                  1         Shutdown

---------------------------------------------------------------------------

Total Addresses in System (excluding one mac per port)     : 0

Max Addresses limit in System (excluding one mac per port) : 8192

It was cleared only by shutdown/no shutdown on the interface.

Why the command 'clear errdisable int ... ' doesn't work properly?

--

Have a nice day,

Dimitry

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

clear errdisable - is not working

Hi,

You can configure either to shut down the entire port in the case of errdisable detection (which is the default) or int the cases of bpduguard and port-security violations you have the possibility just to shut down the offending Vlan instead of the entire port (since 12.2(37)SE IOS version with Cat2960). If you decide to configure just to shut down the Vlan (e.g. via the global configuration command "errdisable detect cause port-security shutdown vlan") then you can use the command in question (ie. "clear errdisable interface vlan) to clear the errdisable status (instead of shut/no shut of the interface).

Best regards,

Antonin

6 REPLIES
Bronze

clear errdisable - is not working

To clear the errdisable, perform a shut, then no shut on the interface.

Ven

Ven Taylor
New Member

clear errdisable - is not working

hi,

yes it is clear.  not clear why we need the command "clear errdisable"...

--

Dimitry

New Member

clear errdisable - is not working

HI Mate..

The usage guidelines is as follows:

"Use the clear errdisable interface privileged EXEC command on the switch stack or on a standalone switch to re-enable a VLAN that was error disabled [clear errdisable interface (int-id) vlan (vlan-list)]"

So, i assume that by default will only recover SVI interfaces.

hope this helps

regards

New Member

clear errdisable - is not working

Good morning,

Intersting... BUT  SVI it is a L3 interface...

errdisable reason:

bpduguard         

channel-misconfig 

dhcp-rate-limit   

dtp-flap          

gbic-invalid      

inline-power      

link-flap         

mac-limit         

loopback          

pagp-flap         

port-mode-failure 

psecure-violation 

security-violation

sfp-config-mismatch

small-frame       

storm-control     

udld              

vmps          

It is not for L3 interface at all.  btw on int vlan * we can't command 'switchport port-security'

Thanks for try!  My question is still without an answer ;D


--

Dimitry

Silver

clear errdisable - is not working

Hi,

You can configure either to shut down the entire port in the case of errdisable detection (which is the default) or int the cases of bpduguard and port-security violations you have the possibility just to shut down the offending Vlan instead of the entire port (since 12.2(37)SE IOS version with Cat2960). If you decide to configure just to shut down the Vlan (e.g. via the global configuration command "errdisable detect cause port-security shutdown vlan") then you can use the command in question (ie. "clear errdisable interface vlan) to clear the errdisable status (instead of shut/no shut of the interface).

Best regards,

Antonin

New Member

clear errdisable - is not working

Hello Antonin,

Thank you very much for the explanation.

--

Have a nice day,

Dimitry

16345
Views
0
Helpful
6
Replies
CreatePlease to create content