Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1969
  • Last Modified:

My cisco 3560 switch is putting GI0/48 into "err-disable state after displaying "Loopback error detected" How do I fix this?

My cisco 3560 switch is putting GI0/48 into "err-disable state after displaying "Loopback error detected"  How do I fix this?

GI0/48 is the uplink port to a Juniper SSG-5 firewall.  Simple switchport access, no trunking on the default "Vlan 1"  The device connected to this port is at IP address 172.17.7.254, the default gateway is 172.17.7.1 /24 (which is the IP address of the switch that is throwing these errors and shutting down this port.  Internet access is obtained via MPLS which is routed by this switch as well.



CIS3560SW71A1_A#sh run
Building configuration...

Current configuration : 4617 bytes
!
version 12.2
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname CIS3560SW71A1_A
!
enable secret 5 $1$BISF$2EYqTad.78j843MnI9CR6.
!
no aaa new-model
clock timezone CST -6
clock summer-time CDT recurring
system mtu routing 1500
ip subnet-zero
no ip source-route
ip routing
ip domain-name corp.sourcemed.biz
!
!
!
!
errdisable recovery cause pagp-flap
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface GigabitEthernet0/5
 description SM71FP01PRD
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
 description SM71DC01PRD
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
 description SM71DC02PRD
!
interface GigabitEthernet0/10
!
interface GigabitEthernet0/11
!
interface GigabitEthernet0/12
!
interface GigabitEthernet0/13
!
interface GigabitEthernet0/14
!
interface GigabitEthernet0/15
!
interface GigabitEthernet0/16
!
interface GigabitEthernet0/17
!
interface GigabitEthernet0/18
!
interface GigabitEthernet0/19
!
interface GigabitEthernet0/20
!
interface GigabitEthernet0/21
!
interface GigabitEthernet0/22
!
interface GigabitEthernet0/23
!
interface GigabitEthernet0/24
!
interface GigabitEthernet0/25
!
interface GigabitEthernet0/26
!
interface GigabitEthernet0/27
!
interface GigabitEthernet0/28
!
interface GigabitEthernet0/29
!
interface GigabitEthernet0/30
!
interface GigabitEthernet0/31
!
interface GigabitEthernet0/32
!
interface GigabitEthernet0/33
!
interface GigabitEthernet0/34
!
interface GigabitEthernet0/35
!
interface GigabitEthernet0/36
!
interface GigabitEthernet0/37
!
interface GigabitEthernet0/38
!
interface GigabitEthernet0/39
!
interface GigabitEthernet0/40
!
interface GigabitEthernet0/41
!
interface GigabitEthernet0/42
!
interface GigabitEthernet0/43
!
interface GigabitEthernet0/44
!
interface GigabitEthernet0/45
 description UPLINK_IP_Telephony
 switchport access vlan 77
!
interface GigabitEthernet0/46
 description TELECOM SERVER
 switchport access vlan 77
!
interface GigabitEthernet0/47
 description ROME MPLS UPLINK
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 728
 switchport mode trunk
 switchport nonegotiate
 speed 100
 duplex full
!
interface GigabitEthernet0/48
 description SSG5 eth0/1
 speed 100
 duplex full
!
interface GigabitEthernet0/49
 description Uplink to CIS3560SW71A1_B
!
interface GigabitEthernet0/50
!
interface GigabitEthernet0/51
!
interface GigabitEthernet0/52
!
interface Vlan1
 description Rome Network
 ip address 172.17.7.1 255.255.255.0
!
interface Vlan77
 description IP_Telephony
 ip address 172.17.77.1 255.255.255.0
!
interface Vlan728
 description MPLS Uplink
 ip address 172.16.50.46 255.255.255.252
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.50.45
ip route 10.1.0.0 255.255.254.0 172.16.50.45
ip route 172.16.0.0 255.255.0.0 172.16.50.45
ip route 172.16.50.0 255.255.255.0 172.16.50.45
ip route 172.22.22.0 255.255.255.240 172.17.7.254
ip route 172.23.23.0 255.255.255.240 172.17.7.254
ip route 192.168.1.0 255.255.255.0 172.17.7.254
ip route 192.168.168.0 255.255.255.0 172.16.50.45
ip http server
!
logging source-interface Vlan1
logging 172.16.1.205
logging 172.16.1.110
no cdp run
snmp-server community smsnmpro2001 RO
snmp-server community smsnmprw2001 RW
snmp-server location Rome
snmp-server contact Layer_2
!
control-plane
!
banner motd ^C
       ,,,,,
      /'^ ^'\
     ((o)-(o))
--oOOO--(_)--OOOo-------------------------------------------------
 You Are Attempting To Access a Private        |           |
 Network.  Unauthorized Access is Strictly    :|:         :|:
 Forbidden.  Violators Will be Prosecuted!   :|||:       :|||:
                                         ..:|||||||:...:|||||||:..
  .oooO                                  _________________________
  (   )      Oooo.
---\ (-------(   )------------------------------------------------
    \_)       ) /              Source Medical Solutions
             (_/                    CIS3560SW71A1_A


^C
!
line con 0
 exec-timeout 5 0
 password 7 03295E0F155F345E120C5854
 logging synchronous
 login
line vty 0 4
 exec-timeout 10 30
 timeout login response 300
 password 7 062B0A255F1E1C0B5912535A
 logging synchronous
 login
 length 0
line vty 5 15
 login
!
end

CIS3560SW71A1_A#  


CIS3560SW71A1_A#sh spanning-tree

VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    32769
             Address     18ef.6331.c680
             Cost        4
             Port        49 (GigabitEthernet0/49)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     9c4e.2001.4a80
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi0/1            Desg FWD 19        128.1    P2p
Gi0/2            Desg FWD 19        128.2    P2p
Gi0/3            Desg FWD 19        128.3    P2p
Gi0/4            Desg FWD 19        128.4    P2p
Gi0/5            Desg FWD 4         128.5    P2p
Gi0/6            Desg FWD 19        128.6    P2p
Gi0/7            Desg FWD 4         128.7    P2p

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------

Gi0/9            Desg FWD 4         128.9    P2p
Gi0/12           Desg FWD 100       128.12   P2p
Gi0/14           Desg FWD 4         128.14   P2p
Gi0/17           Desg FWD 4         128.17   P2p
Gi0/19           Desg FWD 4         128.19   P2p
Gi0/20           Desg FWD 4         128.20   P2p
Gi0/21           Desg FWD 4         128.21   P2p
Gi0/22           Desg FWD 19        128.22   P2p
Gi0/23           Desg FWD 4         128.23   P2p
Gi0/24           Desg FWD 4         128.24   P2p
Gi0/25           Desg FWD 19        128.25   P2p
Gi0/26           Desg FWD 4         128.26   P2p
Gi0/29           Desg FWD 4         128.29   P2p
Gi0/32           Desg FWD 4         128.32   P2p
Gi0/36           Desg FWD 4         128.36   P2p
Gi0/38           Desg FWD 4         128.38   P2p
Gi0/39           Desg FWD 4         128.39   P2p
Gi0/42           Desg FWD 19        128.42   P2p
Gi0/43           Desg FWD 4         128.43   P2p

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------

Gi0/44           Desg FWD 4         128.44   P2p
Gi0/48           Desg FWD 19        128.48   P2p
Gi0/49           Root FWD 4         128.49   P2p


VLAN0728
  Spanning tree enabled protocol ieee
  Root ID    Priority    33496
             Address     9c4e.2001.4a80
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    33496  (priority 32768 sys-id-ext 728)
             Address     9c4e.2001.4a80
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi0/47           Desg FWD 19        128.47   P2p

CIS3560SW71A1_A#
0
smadmin
Asked:
smadmin
  • 4
  • 2
1 Solution
 
smadminAuthor Commented:
CIS3560SW71A1_A#sh spanning-tree

VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    32769
             Address     18ef.6331.c680
             Cost        4
             Port        49 (GigabitEthernet0/49)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     9c4e.2001.4a80
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi0/1            Desg FWD 19        128.1    P2p
Gi0/2            Desg FWD 19        128.2    P2p
Gi0/3            Desg FWD 19        128.3    P2p
Gi0/4            Desg FWD 19        128.4    P2p
Gi0/5            Desg FWD 4         128.5    P2p
Gi0/6            Desg FWD 19        128.6    P2p
Gi0/7            Desg FWD 4         128.7    P2p

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------

Gi0/9            Desg FWD 4         128.9    P2p
Gi0/12           Desg FWD 100       128.12   P2p
Gi0/14           Desg FWD 4         128.14   P2p
Gi0/17           Desg FWD 4         128.17   P2p
Gi0/19           Desg FWD 4         128.19   P2p
Gi0/20           Desg FWD 4         128.20   P2p
Gi0/21           Desg FWD 4         128.21   P2p
Gi0/22           Desg FWD 19        128.22   P2p
Gi0/23           Desg FWD 4         128.23   P2p
Gi0/24           Desg FWD 4         128.24   P2p
Gi0/25           Desg FWD 19        128.25   P2p
Gi0/26           Desg FWD 4         128.26   P2p
Gi0/29           Desg FWD 4         128.29   P2p
Gi0/32           Desg FWD 4         128.32   P2p
Gi0/36           Desg FWD 4         128.36   P2p
Gi0/38           Desg FWD 4         128.38   P2p
Gi0/39           Desg FWD 4         128.39   P2p
Gi0/42           Desg FWD 19        128.42   P2p
Gi0/43           Desg FWD 4         128.43   P2p

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------

Gi0/44           Desg FWD 4         128.44   P2p
Gi0/48           Desg FWD 19        128.48   P2p
Gi0/49           Root FWD 4         128.49   P2p


VLAN0728
  Spanning tree enabled protocol ieee
  Root ID    Priority    33496
             Address     9c4e.2001.4a80
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    33496  (priority 32768 sys-id-ext 728)
             Address     9c4e.2001.4a80
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi0/47           Desg FWD 19        128.47   P2p

CIS3560SW71A1_A#
0
 
smadminAuthor Commented:

CIS3560SW71A1_A#sh run
Building configuration...

Current configuration : 4617 bytes
!
version 12.2
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname CIS3560SW71A1_A
!
enable secret 5 $1$BISF$2EYqTad.78j843MnI9CR6.
!
no aaa new-model
clock timezone CST -6
clock summer-time CDT recurring
system mtu routing 1500
ip subnet-zero
no ip source-route
ip routing
ip domain-name corp.sourcemed.biz
!
!
!
!
errdisable recovery cause pagp-flap
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface GigabitEthernet0/5
 description SM71FP01PRD
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
 description SM71DC01PRD
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
 description SM71DC02PRD
!
interface GigabitEthernet0/10
!
interface GigabitEthernet0/11
!
interface GigabitEthernet0/12
!
interface GigabitEthernet0/13
!
interface GigabitEthernet0/14
!
interface GigabitEthernet0/15
!
interface GigabitEthernet0/16
!
interface GigabitEthernet0/17
!
interface GigabitEthernet0/18
!
interface GigabitEthernet0/19
!
interface GigabitEthernet0/20
!
interface GigabitEthernet0/21
!
interface GigabitEthernet0/22
!
interface GigabitEthernet0/23
!
interface GigabitEthernet0/24
!
interface GigabitEthernet0/25
!
interface GigabitEthernet0/26
!
interface GigabitEthernet0/27
!
interface GigabitEthernet0/28
!
interface GigabitEthernet0/29
!
interface GigabitEthernet0/30
!
interface GigabitEthernet0/31
!
interface GigabitEthernet0/32
!
interface GigabitEthernet0/33
!
interface GigabitEthernet0/34
!
interface GigabitEthernet0/35
!
interface GigabitEthernet0/36
!
interface GigabitEthernet0/37
!
interface GigabitEthernet0/38
!
interface GigabitEthernet0/39
!
interface GigabitEthernet0/40
!
interface GigabitEthernet0/41
!
interface GigabitEthernet0/42
!
interface GigabitEthernet0/43
!
interface GigabitEthernet0/44
!
interface GigabitEthernet0/45
 description UPLINK_IP_Telephony
 switchport access vlan 77
!
interface GigabitEthernet0/46
 description TELECOM SERVER
 switchport access vlan 77
!
interface GigabitEthernet0/47
 description ROME MPLS UPLINK
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 728
 switchport mode trunk
 switchport nonegotiate
 speed 100
 duplex full
!
interface GigabitEthernet0/48
 description SSG5 eth0/1
 speed 100
 duplex full
!
interface GigabitEthernet0/49
 description Uplink to CIS3560SW71A1_B
!
interface GigabitEthernet0/50
!
interface GigabitEthernet0/51
!
interface GigabitEthernet0/52
!
interface Vlan1
 description Rome Network
 ip address 172.17.7.1 255.255.255.0
!
interface Vlan77
 description IP_Telephony
 ip address 172.17.77.1 255.255.255.0
!
interface Vlan728
 description MPLS Uplink
 ip address 172.16.50.46 255.255.255.252
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.50.45
ip route 10.1.0.0 255.255.254.0 172.16.50.45
ip route 172.16.0.0 255.255.0.0 172.16.50.45
ip route 172.16.50.0 255.255.255.0 172.16.50.45
ip route 172.22.22.0 255.255.255.240 172.17.7.254
ip route 172.23.23.0 255.255.255.240 172.17.7.254
ip route 192.168.1.0 255.255.255.0 172.17.7.254
ip route 192.168.168.0 255.255.255.0 172.16.50.45
ip http server
!
logging source-interface Vlan1
logging 172.16.1.205
logging 172.16.1.110
no cdp run
snmp-server community smsnmpro2001 RO
snmp-server community smsnmprw2001 RW
snmp-server location Rome
snmp-server contact Layer_2
!
control-plane
!
banner motd ^C
       ,,,,,
      /'^ ^'\
     ((o)-(o))
--oOOO--(_)--OOOo-------------------------------------------------
 You Are Attempting To Access a Private        |           |
 Network.  Unauthorized Access is Strictly    :|:         :|:
 Forbidden.  Violators Will be Prosecuted!   :|||:       :|||:
                                         ..:|||||||:...:|||||||:..
  .oooO                                  _________________________
  (   )      Oooo.
---\ (-------(   )------------------------------------------------
    \_)       ) /              Source Medical Solutions
             (_/                    CIS3560SW71A1_A


^C
!
line con 0
 exec-timeout 5 0
 password 7 03295E0F155F345E120C5854
 logging synchronous
 login
line vty 0 4
 exec-timeout 10 30
 timeout login response 300
 password 7 062B0A255F1E1C0B5912535A
 logging synchronous
 login
 length 0
line vty 5 15
 login
!
end

CIS3560SW71A1_A#  
0
 
Craig BeckCommented:
The switch has detected a loop that wasn't blocked by STP.

Do you have more than 1 connection to the LAN from the Juniper box?  If so, are those interfaces bridged?
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
smadminAuthor Commented:
I have the uplink I mentioned in the question sitting on eth0/1 and then there is a server on the network that has two interfaces.  The interface plugged into the switch directly is 172.17.7.5 and the other interface plugs into the SSG-5 for internet printing.  It's IP address is 172.17.7.54.  Should I place this second interface on a different network?
0
 
Craig BeckCommented:
Have you bridged the NICs on the server?  That would explain why the port to the Juniper is disabled.

The switch is putting Gi0/48 into err-disabled state because it has received a keepalive through the same port from which it originally was sent (which made me think the Juniper has 2 interfaces connected).
0
 
smadminAuthor Commented:
no
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now