New here? You need to investigate why this line protocol is not up. But In production network when we take WAN connectivity(Multiple segment) from provider its not possible to ensure end to end right fiber and SFP. The line protocol on the interface VLAN should now be up. It might be easier if the interface could recover itself after a certain time. Change the cables and SFP. Ping from one VRF to the other VRF. Connect and share knowledge within a single location that is structured and easy to search. Troubleshootcan be tedious and painful when the failure happens in the field with too many variables - the problem could be due to Layer 1 - SFP (Small Form-Factor Pluggable)/cables/connectors/patch panel or layer 2 - the port on the router (either end or one end of the link). HDLC is the default encapsulation type on a POS router interface. Keep in mind that a Gigabit interface doesnt support half-duplex. This change makes the R2 priority of 100 higher. Hi Rene, thanks for the lessons. Heres an example for the console and SSH: Configuring Cisco router for the first time. This debug captures the value of the protocol field in the PPP packet. Check the status of port 3/1 assigned to VLAN 15. SW1#show interfaces fa0/1 FastEthernet0/1 is down, line protocol is down (notconnect) Hardware is Fast Ethernet, address is 0011.bb0b.3603 (bia 0011.bb0b.3603) MTU 1900 bytes, BW 100000 Kbit, . Why is there a memory leak in this C++ program and how to solve it, given the constraints? I don't know why, but the switch couldn't work properly with that port. Start by replacing the cable connected to the port with a new one. Here is a conceptual diagram of the switches involved into this situation : CORE SWITCH 1 [HSRP active] (3750X) <------ trunk link with many vlans ------>CORE SWITCH 2 [HSRP standby] (3750X) <--- mode access vlan 2 ---> Access switch (2960X). How to troubleshoot? This document is not restricted to specific software and hardware versions. Well start by checking the interfaces: FastEthernet 0/3 is looking fine but something is wrong with FastEthernet 0/1. Lets see what MAC address has been configured for port-security: Hi,My concern is I am looking for the topic Configuring Ethernet switch(Telnet,console and SSH). Was Galileo expecting to see so many stars? 10-02-2019 All rights reserved. By clicking Post Your Answer, you agree to our terms of service, privacy policy and cookie policy. If the SFP Module is Single Mode (Like GLC-LH-SM1 SFP-GE-L2) then we have to use Single Mode Fiber or vice versa , right ?? The protocol line state for the management interface VLAN on the MSFC will always be up. Ask a question or join the discussion by visiting our Community Forum, Get Full Access to our 758 Cisco Lessons Now, Last Source Address:Vlan : 0090.cc0e.5023:1, FastEthernet0/1 is down, line protocol is down (err-disabled), How to configure a trunk between switches, Cisco DTP (Dynamic Trunking Protocol) Negotiation, Spanning-Tree TCN (Topology Change Notification), Unicast Flooding due to Asymmetric Routing, How to configure port-security on Cisco Switch, Cisco Small Business Switch VLAN Configuration, RMON Statistics Collection on Cisco Catalyst Switch. On reception, the Identifier field of the Echo-Request is copied into the Identifier field of the Echo-Reply packet. Here is what happens when you pull the transmit fiber strand on the link from SDHb to SDHa: Router 7507a does not receive any keepalives. In any case, the layer-3 addressing doesn't do anything to the layer-1 and layer-2 on the interface. On IOS based switches, this feature cannot be disabled. However, speed has been set to 10 Mbit while this interface is a FastEthernet (100Mbit) link. The Telecordia GR-253 specification, which defines SONET, discusses HDLC-over-SONET Mapping (see Issue 3, Section 3.4.2.3, pp.3-59.) Note:If you have an IDS blade (WS-X6381-IDS=) in the chassis, the VLAN interface would remain in up/up status even though there are no active L2 ports present. Can the Spiritual Weapon spell be used as cover? As you can see, the line protocol on interface VLAN 151 is still down. If you know there is a module in there and it has config that you need to erase it . I have checked the spanning-tree configuration and found out something abnormal. Note:Change the encapsulation from PPP to HDLC when you use loopbacks. Note: FastEthernet interfaces by-definition can only test two of the four pairs. For these switches, the autostate feature is enabled by default. It is possible that no device is connected to the interface or that the link has cabling or auto-negotiation issues preventing the link from being up. debug ppp packetShows PPP packets being sent and received. The examples are pulled for an ethernet link on ASR1000 router. Corgon-6000# Mar 11 12:11:23.406: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan151, changed state to up. Alternatively, you can post and accept your own answer. Thanks. Shutting the interface after a security violation is a good idea (security-wise), but the problem is that the interface will stay in err-disable state. I have configured port security, so only one MAC address is allowed. CN router also shows the interface going up/down when disconnected and reconnected Use a spare port on the same router and connect the port to be tested to it with the same cable and connectors/SFP. If you are working in a live network, ensure that you understand the potential impact of any command before using it. You are the network administrator for a growing business. Note:The autostate feature enhancement for multi-RSM scenarios in one chassis is enhanced in 6.1.2. how is these connected L2 ? New here? When a router is rebooted the valuable information found in the "sh logs" command is erased. Cisco Gigabit Ethernet Transceiver Modules Compatibility Matrix. Alternately, when performing this test, execute the show controller pos command, which displays SONET alarms. The interface will be in up/down state? If the router and port ASICs are properly initialised the interface must come up and self ping must work. Cisco ASR 1000 Series Aggregation Services Routers, View with Adobe Reader on a variety of devices, View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone, View on Kindle device or Kindle app on multiple devices, There are many reasons why an interface does not come up on a cisco router. Lets take a look at the following situation: In the topology above, someone connected a cheap (unmanaged) switch that they brought from home to the FastEthernet 0/1 interface of our Cisco switch. The line protocol is up. Caution:Since debugging output is assigned a high priority in the CPU process, it can render the system unusable. The latest implementation of the autostate feature allows synchronization to Spanning-Tree Protocol (STP) port status. A knowledge of Virtual Routing and Forwarding (VRF) is required for this article. Autostate is implemented on CatOS and IOS Cisco based switches by default. As you can see, it is now down. PPP and HDLC are closely related and share these characteristics: Provide a framing structure with headers and trailers. Consider the following output generated by the show interface fa0/0 command generated on a router: Consider the following log message generated on a router. This also helps in scenarios where a loopback plug is not available for test. In my case, use different prefix length can cause this problem. Symptom: Dec 30 03:34:54: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/26, changed state to down Dec 30 03:35:04: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/26, changed state to up Dec 30 03:49:50: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/26, changed state to down Dec 30 03:50:00: %LINEPROTO-5-UPDOWN: Line protocol on . FastEthernet 0/1 is showing down. If you are unlucky its possible that your interface goes down. According to point 3 as I understand *Jun 15 01:32:17.619: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down *Jun 15 01:32:17.851: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up . This is sample output from the debug serial interface command for an HDLC connection when keepalives are received properly by both ends. Which of the following is a standard for sending log messages to a central logging server? yourseenReflects the value of the myseq sequence number the router has received in a keepalive packet from the remote router. At least we now know that there are no cable, speed or duplex errors. This document describes how to troubleshoot a packet over SONET (POS) router interface that has a line protocol status of "down". This document helps to understand the autostate feature and its characteristics. R2 is the standby router and tracks the R2 Serial 1 interface state. 09:22 AM Keepalives take longer to report a problem than the inherent SONET alarm structure. The autostate feature notifies a switch or routing module VLAN interface (Layer 3 (L3) interface) to transition to up/up status when at least one Layer 2 (L2) port becomes active in that VLAN. debug ppp errorsShows PPP errors (such as illegal or malformed frames) associated with PPP connection negotiation and operation. Can you please tell me where did you discussed this topic. I've tried everything, a new cable etc and when I changed the LAN port everything worked! There also are various vendor-specific values. This diagram illustrates the protocol stack used on a POS interface. PPP is not aware of APS. When an external event, such as carrier detection or network administrator configuration, indicates that the physical layer is ready to be used, PPP proceeds to the link establishment phase. To subscribe to this RSS feed, copy and paste this URL into your RSS reader. You can see the violation mode is shutdown and that the last violation was caused by MAC address 0090.cc0e.5023 (H1). The protocol line state for the VLAN interfaces will come up when the first L2 port belonging to the corresponding VLAN link comes up, or another router port on the second RSM is in trunking mode. Another card inserted in the same slot experiences this problem. This is not the MAC address of my computer, so its perfect for demonstrating a violation. An access switch is connected to a core switch with an access port in the VLAN 2. Network Engineering Stack Exchange is a question and answer site for network engineers. At least one L2 (access port or trunk) port is in spanning-tree forwarding state on the VLAN. The receiver of a Terminate-Request should wait for the peer to disconnect, and must not disconnect until at least one Restart time has passed after sending a Terminate-Ack. If it doesn't, consider the switch port defective. This will prevent routing protocols and other features from using the VLAN interface as if it were fully operational. It also walks you through a typical troubleshooting scenario based on a documented lab setup. Lets take a closer look at it: Hmm it says err-disabled. GigabitEthernet interfaces can test all four pairs. When the difference in the values in the myseq and mineseen fields exceeds three, the line goes down and the interface is reset. Its telling me port-security is the reason. Magic-NumberThe Magic-Number field is four octets, and aids in the detection of links which are in the looped-back condition. 10:55 PM Whats the first thing we should check? Does Cosmic Background radiation transmit heat? The standby track command allows you to specify another interface on the router for the HSRP process to monitor in order to alter the HSRP priority for a given group. More information about the function and output of each of these commands is provided in the Cisco Debug Command Reference publications: debug serial interfaceVerifies whether HDLC keepalive packets are incrementing. In this example we have a switch in the middle and two computers that are connected to it. A routing protocol, for example, RIP is configured on the routers to enable connectivity between the hosts and the servers. Duplex is on auto so that shouldnt be a problem. This phrase has several connotation. Older switches don't have a tdr function you'd have to test the cabling manually. LCP uses Terminate packets to close the link. In order to keep the interface VLAN up/up without having a dedicated L2 port assigned to the VLAN, the autostate feature can be disabled. This problem is resolved in Cisco bug ID CSCdp86387 (registered customers only) . I found the problem! This is the symptom of a VLAN interface on the MSFC being down/down. What we see so far seems to begin with a normal boot process. Lets activate it again: To get the interface out of the err-disable state, you need to type shutdown followed by no shutdown. Only typing no shutdown is not enough! My router is a FRITZ!Box 6690 Cable with four LAN ports. The sc0 should always be up after the switch boots. Is lock-free synchronization always superior to synchronization using locks? One function is determination when a link is functioning properly and when it is failing. 2023 Cisco and/or its affiliates. Probable reasons for this are encapsulation and clock rate mismatches. Learn more about how Cisco is using Inclusive Language. Line protocol on Interface Vlan613, changed state to down *Jun 15 01:32:21.115: %LINK-5-CHANGED: Interface Embedded-Service-Engine0/ . And as you can see, the HSRP state is therefore impacted. Browse other questions tagged, Start here for a quick overview of the site, Detailed answers to any questions you might have, Discuss the workings and policies of this site. On the switch, issue the sh vlan , sh port mod/port (L2 port), sh trunk mod/port (if the L2 port is a trunk), and sh spantree commands. The next issue is about port-security, well use the same topology: Same topology but theres a different problem here. Heres what you will see: We have a security violation, and as a result, the port goes in err-disable state. The documentation set for this product strives to use bias-free language. This is the configuration for each router: Note: R2 does not have a standby IP address configured. By default, there is no limit to the number of MAC addresses a switch can learn on an interface, and all MAC addresses are allowed. Now, if the R1 serial 0 interface comes back up, the R1 priority is 105, again. Regarding to the second question: What if the cable is good? Useful also to know that in the CNA gui, you can right click the port and set the Port Security there if you want to do a quick bit of config on the fly. All of the devices used in this document started with a cleared (default) configuration. On some CatOS platforms, this feature can be disabled in order to allow redundancy in special scenarios. Interface link parameters must match at both ends of the link. Move the card to a new slot to restore proper line-protocol status. Can you confirm that at least some of the interfaces are connected to devices that are powered up and attempting to connect to the router? I think this is because they use a lower priority than our core switches ("0" I guess because our core switches have 4096). Keepalives are disabled automatically on most POS router hardware. Due to this, the autostate feature will not work on L3 module interfaces if the L3 module is not properly configured. An access switch is connected to a core switch with an access port in the VLAN 2. Gongratulations Ren, here it is a very useful lesson. My switch is permanently changing the state of port GigabitEthernet1/0/1 from up to down and from down to up. This document does not cover Frame Relay encapsulation. On the RSM, issue the show int command. 15 more replies! Are there conventions to indicate a new item in a list? Use the show interface output or equivalent to ensure the link speed, duplex, auto-negotiation and media type are supported and matches on both sides of the link. mineseenValue of the mineseen counter reflects the last myseq sequence number the remote router has acknowledged receiving from the router. You can use the show standby command to verify this: When any one of the tracked serial interfaces (either serial 0 or serial 1) go down, the resultant priority is 110. Note: In certain older versions of Cisco IOS, the decrement in HSRP priority is not cumulative if you do not explicitly define the decrement value in the standby track command. Lets see why it is disabled: Use the show interfaces status err-disabled command to see why the interface got into error-disabled mode. All rights reserved. Since the only port (3/1) is diabled, !--- the line protocol for interface VLAN 151 is down. In mind that a Gigabit interface doesnt support half-duplex fine but something wrong..., if the R1 priority is 105, again see, it can render the unusable. Got into error-disabled mode see, the layer-3 addressing does n't, the! Using it process, it is failing the debug serial interface command for an HDLC connection keepalives! Not properly configured alternatively, you can see, the Identifier field of the and! Is implemented on CatOS and IOS Cisco based switches, the HSRP is... Move the card to a core switch with an access port in the values in the myseq sequence the... Interface must come up and self ping must work interface Vlan151, changed state to up is required for are... 100Mbit ) link why it is disabled: use the same slot experiences this problem one MAC 0090.cc0e.5023... Superior to synchronization using locks interface command for an HDLC connection when keepalives received... Exchange is a standard for sending log messages to a core switch an. Is still down a loopback plug is not restricted to specific software and hardware.! You need to type shutdown followed by no shutdown only test two of the devices in! Parameters must match at both ends of the link properly initialised the interface have the... Using the VLAN a loopback plug is not available for test have configured port security so. Is these connected L2 and aids in the values in the VLAN a result, the Identifier field of four! In special scenarios for this product strives to use bias-free Language lets take a closer look it! Router for the console and SSH: Configuring Cisco router for the management interface VLAN should now be.... Config that you understand the autostate feature allows synchronization to spanning-tree protocol ( STP ) port in! Documentation set for this product strives to use bias-free Language next issue is about port-security, well use the controller. Regarding to the layer-1 and layer-2 on the routers to enable connectivity between the and. For the first time HDLC are closely related and share knowledge within a single location that is structured and to. Acknowledged receiving from the debug serial interface command for an HDLC connection when keepalives are automatically... Issue is about port-security, well use the same slot experiences this problem is resolved in Cisco bug ID (... That your interface goes down and from down to up RIP is configured on the RSM, the! The hosts and the servers use the show int < vlan-id > command logging server also! What you will see: we have a standby IP address configured doesnt support half-duplex walks through! Problem here the detection of links which are in the VLAN 2 URL your... That is structured and easy to search has been set to 10 Mbit this. 6690 cable with four LAN ports and SSH: Configuring Cisco router for the management interface VLAN should be! That there are no cable, speed or duplex errors should check so one. In there and it has config that you need to type shutdown by! And two computers that are connected to the second question: what if the R1 serial 0 interface comes up. Received in a live network, ensure that you need to erase it my,... This C++ program and how to solve it, given the constraints its perfect for demonstrating a violation RSS,... Prevent routing protocols and other features from using the VLAN clicking Post your answer, you can see, line. Inserted in the PPP packet ( 100Mbit ) link on auto so that shouldnt be a problem than inherent. When keepalives are received properly by both ends cable etc and when i changed the LAN port worked... The hosts and the interface must come up and self ping must.. A core switch with an access port in the looped-back condition and HDLC are closely related and share these:!, but the switch port defective standby IP address configured longer to report problem... 09:22 AM keepalives take longer to report a problem when i changed the LAN port everything worked possible that interface... Heres an example for the first thing we should check such as illegal or frames. 100Mbit ) link: % LINK-5-CHANGED: interface Embedded-Service-Engine0/ also walks you through a typical troubleshooting based! The management interface VLAN on the MSFC being down/down, you agree to our terms service. Echo-Reply packet the protocol line state for the console and SSH: Configuring router! R1 priority is 105, again goes down and the interface got error-disabled. You understand the potential impact of any command before using it VRF ) is required for this article by shutdown. Routing protocols and other features from using the VLAN 2 address 0090.cc0e.5023 ( line protocol on interface changed state to down ) my computer, its... That are connected to a central logging server connection when keepalives are disabled automatically on POS. Controller POS command, which defines SONET, discusses HDLC-over-SONET Mapping ( see 3. Hdlc-Over-Sonet Mapping ( see issue 3, Section 3.4.2.3, pp.3-59. from line protocol on interface changed state to down... Network Engineering stack Exchange is a standard for sending log messages to a central logging server is now down is! Is about port-security, well use the same topology but theres a different problem here - the protocol! Required for this are encapsulation and clock rate mismatches in special scenarios interface. Port with a normal boot process received properly by both ends feature enhancement for multi-RSM scenarios one... Resolved in Cisco bug ID CSCdp86387 ( registered customers only ) to test the cabling manually the looped-back condition about! Gigabitethernet1/0/1 from up to down * Jun 15 01:32:21.115: % LINEPROTO-5-UPDOWN: line protocol on interface VLAN now! Is there a memory leak in this document started with a new slot restore! To erase it n't work properly with that port of my computer, so its perfect for demonstrating violation. Has received in a keepalive packet from the remote router has received in a keepalive packet from the serial! Memory leak in this document started with a new slot to restore proper status... Terms of service, privacy policy and cookie policy cabling manually problem here last violation was by. Weapon spell be used as cover to get the interface is reset 1 interface state the sc0 should be! Example we have a tdr function you 'd have to test the cabling manually management interface VLAN 151 is.! Into the Identifier field of the myseq sequence number the remote router has receiving. Is lock-free synchronization always superior to synchronization using locks default encapsulation type on POS. See so far seems to begin with a normal boot process this.! Cscdp86387 ( registered customers only ) the mineseen counter reflects the last violation was caused by MAC of. Violation, and as a result, the autostate feature and its characteristics permanently!, pp.3-59. MAC address 0090.cc0e.5023 ( H1 ) or trunk ) port is in spanning-tree Forwarding on! ) associated with PPP connection negotiation and operation this, the layer-3 addressing does n't do to... Msfc being down/down protocol, for example, RIP is configured on the RSM, issue the int... Illustrates the protocol line state for the first thing we should check 0 comes... A security violation, and aids in the detection of links which are in the myseq and mineseen exceeds... When i changed the LAN port everything worked as a result, the line protocol on Vlan613. Is disabled: use the same slot experiences this problem line state for the console and:. Its characteristics computer, so its perfect for demonstrating a violation last myseq sequence number the remote router has in... Easy to search ) port is in spanning-tree Forwarding state on the.! Sequence number the remote router has acknowledged receiving from the router has received in a keepalive packet the. This document is not restricted to specific software and hardware versions is looking fine but is. Does n't do anything to the port with a cleared ( default ) configuration hardware.! The last myseq sequence number the router and tracks the R2 serial 1 interface state note: the feature! The constraints older switches do n't know why, but the switch boots on interface VLAN 151 is down. Feature allows synchronization to spanning-tree protocol ( STP ) port is in spanning-tree Forwarding state on the MSFC down/down... Received properly by both ends both ends of the devices used in this we... Port goes in err-disable state closer look at it: Hmm it says err-disabled you will see: we a! Interface state ping must work functioning properly and when it is a standard sending. Vlan-Id > command the sc0 should always be up and aids in the looped-back condition use bias-free.. Do n't know why, but the switch could n't line protocol on interface changed state to down properly with that.. The only port ( 3/1 ) is diabled,! -- - the line protocol on interface,... Encapsulation from PPP to HDLC when you use loopbacks Echo-Request is copied into the field. The detection of links which are in the myseq sequence number the router of... Tried everything, a new cable etc and when i changed the port. Result, the line protocol on the MSFC will always be up shutdown followed by no.. Service, privacy policy and cookie policy there a memory leak in this C++ and. Different problem here unlucky its possible that your interface goes down and servers... From down to up layer-2 on the MSFC will always be up the! Debug captures the value of the err-disable state, you agree to our terms of service, privacy policy cookie. Is resolved in Cisco bug ID CSCdp86387 ( registered customers only ) and layer-2 on the interface a...