Switch Port auto shuts/ port shuts itself down – Troubleshooting


Following is a list of vectors that may assist in troubleshooting issues where the port behavior look like it is shutting itself down.

  • Cable/ Power Management.

A link light does not guarantee that the cable is fully functional. The cable could have encountered physical stress that causes it to be functional at a marginal level. Normally you can identify this situation if the port has many packet errors, or the port constantly flaps.  Under certain circumstances, link up/down situations are usually a result of power management features or jitter tolerance (which must not exceed 1.4 nanoseconds) issues associated with the NIC (usually with other hosts, not switches). Windows has a power management capability that can disable the NIC. When the NIC is disabled for power management, due to no network activity, it drops the link to the switch. In this case, the link up/down events are expected behavior with any vendor switch. The switch does not know why it was turned off, simply that it did. If there is a concern about the link going up/down on NICs with the Windows systems,disable the power management feature as a first step.

    • Try a different cable.
    • Disable power management
  • Bad Port/Module, or Interface not enabled.

Look for errdisable, disable or shutdown status. The show module command can indicate faulty, which can indicate a hardware problem.

    • Try a known good port.
  • Auto Negotiation

Auto-negotiation issues can result from nonconforming implementation, hardware incompatibilities, or software defects. When NICs or vendor switches do not conform exactly to the IEEE specification 802.3u, problems can result. Hardware incompatibility and other issues can also exist as a result of vendor-specific advanced features, such as autopolarity or cable integrity, which are not described in IEEE 802.3u for 10/100 Mbps autonegotiation. (You will be able to force the speed to 100Mb only, as 1000Mb needs to be auto-negotiated).

Both ends of the link must be set to the same value or the link cannot connect. Disabling auto-negotiation is only required if end-devices such as older Gigabit NICs are used which cannot support IEEE 802.3z. Do not disable auto-negotiation between switches unless absolutely required, as disabling auto-negotiation hides link drops or physical layer problems, which results in STP loops.
If the port goes into shutdown mode immediately after a reboot of the switch, the probable cause is the port security setting. If unicast flooding is enabled on that port, it can cause the port to shut down after a reboot. Cisco recommends that you disable the unicast flooding because it also ensures that no flooding occurs on the port once the MAC address limit is reached.

    • Confirm Auto-Neg settings on both end.
    • Check Port Security Settings
    • Check Unicast Flooding.
  • Port or Interface Status is errDisable

By default, software processes inside the switch can shut down a port or interface if certain errors are detected. You have to manually re-enable the port or interface to take it out the errdisable state.  The problem reoccurs until the root cause is determined. Remember, a port being error-disabled is not by itself a cause for alarm, as long as one determines and resolves its root cause.

There are various reasons for the interface to go into errdisable:

    • Duplex mismatch
    • Port channel misconfiguration
    • BPDU guard violation
    • UDLD condition
    • Late-collision detection
    • Link-flap detection
    • Security violation
    • L2TP guard
    • DHCP snooping rate-limit
    • Incorrect GBIC / SFP module or cable
    • ARP inspection
    • Inline power
  • Duplex Mismatch:

When operating at a half-duplex setting, some data link errors such as FCS, alignment, runts, and collisions are normal. Generally, a one percent ratio of errors to total traffic is acceptable for half-duplex connections. If the ratio of errors to input packets is greater than two or three percent, performance degradation can be noticed. If the switch port receives a lot of late collisions, this usually indicates a duplex mismatch problem and can result in the port being placed in an errdisable status. The half duplex side only expects packets at certain times, not at any time, and therefore counts packets received at the wrong time as collisions.In duplex mismatch scenario, on half duplex side, you will see collisions & specially, late collisions. On full duplex side, you will see FCS/ CRC errors. Also, It is the nature of duplex mismatches that they do not significantly affect switching when the traffic levels are very low. At high levels of traffic, however, a very high percentage of traffic on a (duplex) mismatched port will be dropped due to CRC errors and late collisions.

    • BPDU Guard is a basic feature that will automatically shut down a port when BPDU’s are received on it. It is common to configure PortFast and BPDU Guard on host access ports.
    • UDLD:UDL is a link where traffic goes out one way, but no traffic is received coming back. The switch does not know that the link coming back is bad (the port thinks the link is up and working). A broken fiber cable or other cabling/port issues can cause this one-way only communication. These partially functional links can cause problems such as STP loops when the switches involved do not know that the link is partially broken. UDLD can put a port in errdisable state when it detects a unidirectional link.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s