In traditional HP switches, the state of a link is driven directly by the reported state of the port, which is required for rapid detection of link faults. However, the consequence of this is that a marginal transceiver, optical, or wire cabling, one that "flaps" up and down several times per second, can cause STP and other protocols to react poorly, resulting in a network outage. The link-flap option expands the functionality of the existing fault finder function to include a "link-flap" event and a new action of "warn-and-disable." Together, these additions allow the errant condition to be detected, and the port in question can be optionally disabled.
Syntax:
Sensitivity thresholds are static. In a 10-second window, if more than the threshold number of link state transitions (up or down) are detected, the event is triggered. The 10-second window is statically determined, that is, the counters are reset every 10 seconds, as opposed to being a sliding window. The counters are polled twice per second (every 500 milliseconds), and the event is triggered if the sensitivity threshold is crossed at that time.
The sensitivity thresholds are:
High |
3 transitions in 10 seconds |
Medium |
6 transitions in 10 seconds |
Low |
10 transitions in 10 seconds |
Configuring the link-flap event and corresponding action applies to all ports and port types (it is a global setting per FFI event type). Note that normal link transition protocols may prevent link state changes from occurring fast enough to trigger the event for some port types, configurations, and sensitivity settings.
When the link-flap threshold is met for a port configured for warn
(for example, fault-finder link-flap sensitivity medium action warn
), the following message is seen in the switch event log.
When the link-flap threshold is met for a port configured for warn-and-disable (for example, fault-finder linkflap sensitivity medium action warn-and-disable
), the following messages are seen in the switch event log.
02672 FFI: port number-Excessive link state transitions02673 FFI: port number-Port disabled by Fault-finder.02674 FFI: port number-Administrator action required to re-enable.
The warn-and-disable action is available for all fault-finder events on an individual basis. It may be used, for example, to disable a port when excessive broadcasts are received. Because the fault-generated disabling of a port requires operator intervention to re-enable the port, such configuration should be used with care. For example, link-flap-initiated disablement is not desired on ports that are at the client edge of the network, because link state changes there are frequent and expected.
HP does not recommend automatic disabling of a port at the core or distribution layers when excessive broadcasts are detected, because of the potential to disable large parts of the network that may be uninvolved and for the opportunity to create a denial-of-service attack.
Within the Web Management interface, double-clicking an event on a port that was configured with warn-and-disable and that has met the threshold to trigger the disable action brings up a dialog box with the event details, as shown in Link-flap on port 1 event detail dialog box. The event dialog box now contains a button at the bottom of the page, which can be used to re-enable the disabled port. The button remains, even if the port has already been brought up through a prior exercise of it, or if the port was re-enabled via some other interface (for example, the command line). Re-enabling an already enabled port has no effect. The button to acknowledge the event remains unchanged.