Mitigating flapping transceivers
In traditional switches, the state of a link is driven directly by the reported state of the port, which is required for rapid detection of link faults. However, the consequence of this is that a marginal transceiver, optical, or wire cabling, one that "flaps" up and down several times per second, can cause STP and other protocols to react poorly, resulting in a network outage. The link-flap option expands the functionality of the existing fault finder function to include a "link-flap" event and a new action of "warn-and-disable." Together, these additions allow the errant condition to be detected, and the port in question can be optionally disabled.
Syntax:
fault-finder <link-flap> sensitivity {<low | medium | high} > action {<warn | warn-and-disable>}
Default settings: Sensitivity = Medium; Action = Warn
Sensitivity thresholds are static. In a 10-second window, if more than the threshold number of link state transitions (up or down) are detected, the event is triggered. The 10-second window is statically determined, that is, the counters are reset every 10 seconds, as opposed to being a sliding window. The counters are polled twice per second (every 500 milliseconds), and the event is triggered if the sensitivity threshold is crossed at that time.
The sensitivity thresholds are:
High |
3 transitions in 10 seconds |
Medium |
6 transitions in 10 seconds |
Low |
10 transitions in 10 seconds |
Configuring the link-flap event and corresponding action applies to all ports and port types (it is a global setting per FFI event type). Note that normal link transition protocols may prevent link state changes from occurring fast enough to trigger the event for some port types, configurations, and sensitivity settings.
When the link-flap threshold is met for a port configured for
warn
(For example,
fault-finder link-flap sensitivity medium action warn
), the following message is seen in the switch event log.
02672 FFI: port <number>-Excessive link state transitions
When the link-flap threshold is met for a port configured for warn-and-disable (For example,
fault-finder linkflap sensitivity medium action warn-and-disable
), the following messages are seen in the switch event log.
02672 FFI: port <number>-Excessive link state transitions
02673 FFI: port <number>-Port disabled by Fault-finder.
02674 FFI: port <number>-Administrator action required to re-enable.
The warn-and-disable action is available for all fault-finder events on an individual basis. It may be used, For example, to disable a port when excessive broadcasts are received. Because the fault-generated disabling of a port requires operator intervention to re-enable the port, such configuration should be used with care. For example, link-flap-initiated disablement is not desired on ports that are at the client edge of the network, because link state changes there are frequent and expected.
Hewlett Packard Enterprise does not recommend automatic disabling of a port at the core or distribution layers when excessive broadcasts are detected, because of the potential to disable large parts of the network that may be uninvolved and for the opportunity to create a denial-of-service attack.