Some of you may know Cisco’s err-disable recovery feature, which allows to automatically bring a port from err-disable back to UP state. Huawei switches have similar functionality, which is called error-down auto-recovery.
There are five reasons a port can enter into error-down state:
- BPDU protection
- EFM threshold
- EFM remote failure
- Auto defend
- Link flapping
- MAC address flapping
Let’s take a look, how this feature works, in a network running STP, when BPDU protection is the reason that a port goes into DOWN state. If you are not familiar with BPDU protection feature, read my previous article “Protecting STP on Huawei switches”.
I have configured STP BPDU protection on the Ethernet 0/0/1 interface of labnarioSW1 switch as follows:
[labnarioSW1]int e0/0/1 [labnarioSW1-Ethernet0/0/1]stp edged-port enable [labnarioSW1]stp bpdu-protection
Error-down auto-recovery feature has been enabled on the switch using command:
[labnarioSW1]error-down auto-recovery cause bpdu-protection interval 30
Option “interval” specifies how long (in seconds) our interface will be in DOWN state before it transitions to UP state. Any integer ranging from 30 to 86400 can be chosen.
On the other end of this Ethernet link labnarioSW2 switch is connected, to simulate STP attack. STP is temporary disabled on the Ethernet 0/0/1 port of the labnarioSW2, to prevent the Ethernet 0/0/1 port of the labnarioSW1 switch from transition to DOWN state.
The only role of the labnarioSW2 switch is to generate BPDU frames. Any other device, which can send STP BPDU frames, can be connected as well. So let’s start sending STP BPDUs:
[labnarioSW2-Ethernet0/0/1]stp enable
Please see log messages, generated by the BPDU protection and error-down auto-recovery feature, enabled on labnarioSW1 switch:
[labnarioSW1] May 23 2013 21:30:34-08:00 labnarioSW1 %%01MSTP/4/BPDU_PROTECTION(l)[62]:This edged-port Ethernet0/0/1 that enabled BPDU-Protection will be shutdown, because it received BPDU packet! May 23 2013 21:30:34-08:00 labnarioSW1 %%01ERRDOWN/4/ERRDOWN_DOWNNOTIFY(l)[63]:Notify interface to change status to error-down. (InterfaceName=Ethernet0/0/1, Cause=bpdu-protection) May 23 2013 21:30:34-08:00 labnarioSW1 ERRDOWN/4/ErrordownOccur:OID 1.3.6.1.4.1.2011.5.25.257.2.1 Error-down occured. (Ifindex=6, Ifname=Ethernet0/0/1, Cause=bpdu-protection) May 23 2013 21:30:34-08:00 labnarioSW1 %%01PHY/1/PHY(l)[64]: Ethernet0/0/1: change status to down
To display the status of the error-down auto-recovery, use the command:
[labnarioSW1]display error-down recovery int e0/0/1 interface error-down cause recovery remainder time(sec) ------------------------------------------------------------------------------ Ethernet0/0/1 bpdu-protection 30 17 [labnarioSW1]display error-down recovery int e0/0/1 interface error-down cause recovery remainder time(sec) ------------------------------------------------------------------------------ Ethernet0/0/1 bpdu-protection 30 8 [labnarioSW1]display error-down recovery int e0/0/1 interface error-down cause recovery remainder time(sec) ------------------------------------------------------------------------------ Ethernet0/0/1 bpdu-protection 30 3
After 30 seconds, error-down auto-recovery feature transitions port back to UP state:
May 23 2013 21:31:03-08:00 labnarioSW1 %%01ERRDOWN/4/ERRDOWN_DOWNRECOVER(l)[67]:Notify interface to recover state from error-down. (InterfaceName=Ethernet0/0/1) May 23 2013 21:31:03-08:00 labnarioSW1 ERRDOWN/4/ErrordownRecover:OID 1.3.6.1.4.1.2011.5.25.257.2.2 Error-down recovered. (Ifindex=6, Ifname=Ethernet0/0/1, Cause=bpdu-protection, RecoverType=auto recovery) May 23 2013 21:31:05-08:00 labnarioSW1 %%01PHY/1/PHY(l)[68]: Ethernet0/0/1: change status to up