cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5909
Views
0
Helpful
12
Replies

FastEthernet1/0 is up, line protocol is down. Please help!!!

cisco24x7
Level 6
Level 6

I have a Cisco 2610 with NM-1FE fast ethernet port.

this Fast Ethernet is connected to a Cisco 2960

on port g0/21. Port g0/21 is hard code to 100-full

duplex. The Cisco 2610 Fast ethernet interface

is also hard code to 100-full duplex. However,

on the Cisco 2610, it says that F1/0 is up but

line protocol is down. I performed several "shut"

and "no shutdown" on both the catalyst 2960 and

the Cisco 1FE interface, but the line protocol is

still down. Why? Can anyone help?

BGP_Trigger#sh run int f1/0

Building configuration...

Current configuration : 97 bytes

!

interface FastEthernet1/0

ip address 192.168.1.9 255.255.255.240

speed 100

full-duplex

end

BGP_Trigger#

BGP_Trigger#sh int f1/0

FastEthernet1/0 is up, line protocol is down

Hardware is AmdFE, address is 0001.961f.1b70 (bia 0001.961f.1b70)

Internet address is 192.168.1.9/28

MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive set (10 sec)

Full-duplex, 100Mb/s, 100BaseTX/FX

ARP type: ARPA, ARP Timeout 04:00:00

BGP_Trigger#ping 192.168.1.9

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.1.9, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

BGP_Trigger#

C2960#sh run int g0/21

Building configuration...

Current configuration : 160 bytes

!

interface GigabitEthernet0/21

description BGP_Trigger F1/0

switchport access vlan 666

media-type rj45

speed 100

duplex full

spanning-tree portfast

end

C2960#

C2960#sh mac address-table dynamic interface g0/21

Mac Address Table

-------------------------------------------

Vlan Mac Address Type Ports

---- ----------- -------- -----

666 0001.961f.1b70 DYNAMIC Gi0/21

Total Mac Addresses for this criterion: 1

C2960#

C2960#sh int g0/21

GigabitEthernet0/21 is up, line protocol is up (connected)

Hardware is Gigabit Ethernet, address is 0019.551b.d615 (bia 0019.551b.d615)

Description: BGP_Trigger F1/0

MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive not set

Full-duplex, 100Mb/s, link type is auto, media type is 10/100/1000BaseTX

input flow-control is off, output flow-control is unsupported

ARP type: ARPA, ARP Timeout 04:00:00

12 Replies 12

Edison Ortiz
Hall of Fame
Hall of Fame

Not sure if you've tried this:

1) Change the speed/duplex to auto/auto on both ends

2) Try another patch cable

3) Try another switchport in the 2960

4) Try reseating the module in the 2610 router

5) Upgrade the IOS code in the 2610

6) Get another NM-1FE

HTH,

__

Edison.

1- yes (still have issue)

2- yes (this port is working with another Unix box so the port is good)

3- yes (still have issue)

4- It is running the code known to good. I use this code in production, as recommended by Cisco TAC

5- Code on 2960 is good as well, as recommended by Cisco TAC

6- I do not have a spare NM-1FE

CCIE Security

c2600-ik9o3s3-mz.123-24a.bin On C2610

c2960-lanbasek9-mz.122-25.SEE4.bin

David

This is pretty interesting. I note that there is communication over the link since the switch has learned the MAC of the router:

C2960#sh mac address-table dynamic interface g0/21

Mac Address Table

-------------------------------------------

Vlan Mac Address Type Ports

---- ----------- -------- -----

666 0001.961f.1b70 DYNAMIC Gi0/21

I wonder if there could be an issue with VLAN 666? Are there other ports in VLAN 666 that are working? Do the symptoms change if you put that port into a different VLAN with known working ports?

HTH

Rick

HTH

Rick

Rick,

I have a couple of Unix machines on VLAN 666

and they are working fine. Furthermore, one

of the firewall interfaces is also in VLAN 666

as well. All devices on VLAN 666 point to the

firewall as the default gateway, except this

NM-1FE interface on the 2610.

I also move the NM-1FE to another vlan 667 but

it does not work either.

By the way, I heard that you will be giving

some presentations at Cisco facility in

Herndon at the begining of March, correct?

David

David

I see the problem - but am still not sure what is causing it. In the show interface output from the switch:

C2960#sh int g0/21

GigabitEthernet0/21 is up, line protocol is up

Keepalive not set

If the switch port has keepalive not set then its interface will be up/up (as it is) and the neighbor interface will be up/down. I am not sure why keepalive is disabled on the switch but that is the issue.

Yes I will be doing a presentation at Cisco in Herndon in early March. Will I see you there?

HTH

Rick

HTH

Rick

Rick,

I disabled "keepalive" on the switchport for

testing 'cause I am getting desperate -:(

I re-enabled keepalive back on but same issue.

problem is that I am a firewall/security person so troubleshooting layer-1/layer-2 is

not my strong point -:(

Yes, I will be in Herndon that week. Looking

forward to your presentation.

C2960#clear mac address-table dynamic

C2960#sh int g0/21

GigabitEthernet0/21 is up, line protocol is up (connected)

Hardware is Gigabit Ethernet, address is 0019.551b.d615 (bia 0019.551b.d615)

Description: BGP_Trigger F1/0

MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive set (10 sec)

Full-duplex, 100Mb/s, link type is auto, media type is 10/100/1000BaseTX

input flow-control is off, output flow-control is unsupported

ARP type: ARPA, ARP Timeout 04:00:00

Last input 00:02:21, output 00:00:00, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/40 (size/max)

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 3000 bits/sec, 6 packets/sec

2335 packets input, 149746 bytes, 0 no buffer

Received 87 broadcasts (0 multicast)

0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 watchdog, 8 multicast, 0 pause input

0 input packets with dribble condition detected

213475 packets output, 16444884 bytes, 0 underruns

0 output errors, 0 collisions, 1 interface resets

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier, 0 PAUSE output

0 output buffer failures, 0 output buffers swapped out

C2960#sh mac address-table dynamic int g0/21

Mac Address Table

-------------------------------------------

Vlan Mac Address Type Ports

---- ----------- -------- -----

666 0001.961f.1b70 DYNAMIC Gi0/21

Total Mac Addresses for this criterion: 1

C2960#

Try these suggestions:

1) Disable keepalive at both devices

or

2) Try setting the speed to 10/FD

HTH,

__

Edison.

David

I thought that I had found it but that is not the case :(

Here is my current thought and suggestion:

- the switch has learned the MAC from the router which demonstrates that there is some physical communication from router to switch.

- the show interface counters on the switch may not represent the current situation:

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 3000 bits/sec, 6 packets/sec

2335 packets input, 149746 bytes, 0 no buffer

can you clear the counters, let it run for a bit and post the output of a new show interface?

- can you also clear the counters on the router, let it run a bit and post the output of show interface?

- if data is flowing from router to switch but apparently not from switch to router then it suggests a possible problem with the transmit side from the switch, a possible problem with the cable connecting them (I have more than once seen a bad pin in a cable produce the symptom of one way communication), or a possible problem with the receive side of the router. If you temporarily move the router connection to a different switch port that should check out the switch possibility. If you change the cable connecting the switch and router that should check out the cable possibility. If you take the existing port on the switch and the existing cable and connect it to something else and it works that would point to a problem on the receive of the router.

[edit] re-reading the entire thread I see that you have apparently already tried some of the things that I suggest.

HTH

Rick

HTH

Rick

Rick,

All of your suggestions are valid. Thanks.

Here is my current situation:

1- cable is good. I've tested and verified

that the cable is good and works with a

Linux workstation,

2- the switchport is good. The switchport

is tested and verified with a Linux machine

on VLAN666, on the same port that the Cisco

2610 NM-1FE is connected to.

Therefore, I can safely eliminate both the

switchport and the cable because it is tested

and verified that it works with other

devices.

What I did next:

1- remove the NM-1FE from the Cisco 2610. I

then remove the Cisco 2610 altogether.

2- insert the NM-1FE into a Cisco 2621 router

running the same IOS code as the C2610. I

then assign the same ip address to the

interface F1/0. Last step, I connected

interface F1/0 into the same catalyst 2960 switch on port g0/21. To my suprise,

everything works. It does not matter if

I set the interface F1/0 to 100/full or

auto/auto or 100/full or auto/auto on the

catalyst 2960. Everything just works. Not

only it works on the Cisco 2621, it also

works on the Cisco 3620 as well.

It makes me wonder. Does Cisco 2610 support

NM-1FE module? I've tried it on three

different Cisco 2610 with the same result.

In other words, it does not work. It is

possible but very unlikely, that all four

Cisco 2610 have a bad NM slot.

After playing with the speed/duplex a little

bit more, this is what I've found out:

Cisco 2610 can only support, at most, 10-full

on the NM-1FE. If you hard code the F1/0

to 100-full, it will NOT work. You can use

100-full if you use the NM-1FE on Cisco 2621 or Cisco 3640. Just test and verify it.

In other words, I can only utilize 10-full

on the NM-1FE if that card is used on the

cisco 2610.

Thanks again everyone for your help.

David

Good for you :)

I am a bit surprised but your testing does seem to demonstrate the limitation.

See you in March.

HTH

Rick

HTH

Rick
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: