Support for CISCO interface err-disabled status

awaum · 11 August 2017 09:11

Hello,

CISCO devices have a mechanism to automatically shut down a port when there’s a policy violation (Port Security Violation, BPDU guard, etc.)

In LibeNMS these err-disabled ports appear as “OK”, because no error on the interface-error counters are detected (which is true).

However I’d like to monitor my devices for such ports which are in “err-disabled” state (because these are exactly the ports you are interested in).

My suggestion is to create something like an "extended port"state that is “NULL” by default and "carries the “cErrDisableIfStatusCause” if this port appears in the “cErrDisableIfStatusTable” (-> http://oidref.com/1.3.6.1.4.1.9.9.548.1.3) of the device. My suggestion is that this will also cause that this port “carries the red flag”.

The way you can currently detect this kind of ports is not very reliable:
The CISCO device could throw SNMP traps, which is not supported by Libre (as traps are not reliable anyway).
The CISCO device does report such incidents via syslog (but syslog reliability, by default, suffers for the same reasons as SNMP traps) and syslog-monitoring is something that has to be set up first (and is not trivial …).

I believe that Libre is widely spread in environments which have CISCO devices. Such a feature, I believe, would be highly appreciated… what do you think?

Thank you!

Best regards,
awaum

shimamizu · 15 August 2017 17:47

+1 this would be useful to have, nice to have for Arista and other platforms too.

scubaaadan · 24 August 2017 08:51

+1 this would be useful to have indeed

Laista · 25 August 2017 10:07

This is something i was looking at too!
Could we lift this request? Its superb

marmstrong94 · 25 September 2017 05:35

I, too, have been wanting to see this in LibreNMS. Would definitely be helpful for multiple violation modes as well. Restrict doesn’t shutdown a port (or give an interface status of err-disabled) but sends traps. According to LibreNMS docs, the only traps recorded are port up/down traps, so not even restrict modes are caught be LMNS. My org heavily utilizes Port security, so it would be handy to have an immediate notification.

aauvinet · 25 September 2017 09:02

+1 me too ,

Andy_Lemin · 31 October 2017 13:24

+1 from us too

Rosiak · 5 November 2017 15:48

Should be possible as I did precisely the same for CiscoSB

For the devices I have tested against CISCO-ERR-DISABLE-MIB doesn’t seem viable, perhaps we could use cpsIfPortSecurityStatus instead?

rokkhan · 24 January 2019 19:06

+1 from here

hfpbtrs · 6 March 2019 08:33

+1 from me.

Wolfraider · 8 March 2019 16:26

+1 from me

soto2080 · 21 August 2019 05:01

As far as I know, Libre now only classified ports as up/up, up/down and admindown in the port status bar.
I vote for an err-disable type of port status should be here too.

thasser · 16 November 2020 14:50

+1 from me.

Nathanael_Pearson · 27 January 2021 14:57

+1 from me.

D35TR00GITHUB · 22 June 2021 01:44

Love the idea!

mvenes · 29 September 2021 08:37

+1 from me

MTex · 31 August 2022 11:11

+1 from me

Tom_Jones · 31 August 2022 21:54

+1 , I had this problem two days ago ( Cisco error disable ). If LibreNMS could of detected this port state , it would of saved me 8 hours to track down.

lovalim · 2 February 2023 13:28

+1 we had a similar issue yesterday, but tom can you tell me how you traced the problem.

Tom_Jones · 10 February 2023 00:55

On the Cisco, show interface - that is how I found the problem when I was in the Cisco.