Juniper Config Commit causes Cisco Etherchannels to go into err-disable state

Marian Ďurkovič md at bts.sk
Fri Apr 6 18:50:54 UTC 2018


Please see the link below, that ugly hack should be disabled asap on all your
Cisco boxes:

https://supportforums.cisco.com/t5/lan-switching-and-routing/spanning-tree-etherchannel-guard-misconfig/td-p/1147273

MD


On Fri, 6 Apr 2018 11:31:17 -0700, Keenan Tims wrote
> What it's telling you is totally unclear, though. I've asked TAC to
> explain to me the packet behaviour that generates this errdisable, and
> haven't been able to get a clear answer from them. It seems to come out
> of 'nowhere' on multi-vendor networks, where all other vendors are
> perfectly happy and no operational or configuration issue is evident,
> other than Cisco shutting the port. As far as I can tell from the
> documentation's description of this case, it should not even be 
> possible for it to trigger when LACP is in use (as the 'port channel' 
> is negotiated by LACP, not configured by the user...), yet it 
> certainly can.
> 
> FWIW, I've also seen this between Juniper and Cisco, and have been
> forced to disable the misconfig detection.
> 
> If you know exactly what Cisco's STP is telling me happened with this
> error, I'd really love to know, it might at least help to understand 
> how it could be triggering, because it is definitely not 'port-channel 
> misconfiguration'.
> 
> Keenan
> 
> On 2018-04-05 02:26 PM, Naslund, Steve wrote:
> > It really does not resolve anything it just allows a bad configuration to
work.  The guard is there so that if one side is configured as a channel and the
other side is not, the channel gets shut down.  Allowing it to remain up can
cause a BPDU loop.  Your spanning tree is trying to tell you something, you
should listen or you could get really hard to isolate issues.
> >
> > Steven Naslund
> > Chicago IL  
> >
> >> -----Original Message-----
> >> From: NANOG [mailto:nanog-bounces at nanog.org] On Behalf Of Joseph Jenkins
> >> Sent: Thursday, April 05, 2018 4:16 PM
> >> To: Robert Webb
> >> Cc: nanog at nanog.org
> >> Subject: Re: Juniper Config Commit causes Cisco Etherchannels to go into
err-disable state
> >>
> >> No there isn't, but from what I am getting responses both onlist and off
list is to just run this on the Cisco switches:
> >>
> >> no spanning-tree etherchannel guard misconfig
> >>
> >> and that should resolve the issue.
> >>
> >> Thanks Everyone.



More information about the NANOG mailing list