Interface Issues: Errors, Discards, Duplex, Speed, Port Status, and PoE
Key Takeaways
- Interface counters separate physical errors, congestion discards, administrative shutdowns, and policy blocks.
- CRC errors, runts, giants, and late collisions point to physical media, MTU, or duplex problems.
- Discards are intentional drops caused by full queues, buffers, QoS policy, or ACL/firewall rules, not bad cabling.
- Duplex and speed mismatches cause poor throughput even when the link light is solid.
- PoE troubleshooting spans power budget, IEEE standard, device class, cable quality, and port configuration.
Interface Issues and Counters
An interface can be up and still unhealthy. N10-009 expects you to read clues from switch, router, firewall, access point, and endpoint interfaces. The diagnostic questions are: is the port administratively enabled, is link present, did speed and duplex negotiate correctly, are errors increasing, are packets being discarded, and is power being delivered when required?
Port Status
| Status clue | Meaning | Next check |
|---|---|---|
| Administratively down | Disabled by configuration | Verify change records, enable if approved |
| Down/down | No Layer 1 link | Cable, endpoint, transceiver, port |
| Up/down or err-disabled | Link or protocol problem | Errors, security violation, STP, UDLD, keepalive |
| Up/up but no traffic | Link present, forwarding path fails | VLAN, ACL, IP, ARP, counters |
| Flapping | Link repeatedly rises and falls | Cable, optic, power, NIC, logs |
Port security, BPDU guard, loop protection, and storm control can intentionally err-disable a port after a violation. That is different from a broken cable even though users report both as "the network is down."
Errors and What They Suggest
| Counter | Common cause |
|---|---|
| CRC errors | Bad cable, EMI, dirty fiber, or duplex mismatch |
| Runts | Frames under 64 bytes, usually collisions or NIC/cabling faults |
| Giants | Frames over the MTU, often a jumbo-frame mismatch |
| Late collisions | Duplex mismatch or a segment exceeding the half-duplex collision domain |
| Input errors | General receive problems, framing or physical |
| Output errors | Transmit problems, congestion, or interface hardware |
Counters that climb under load are more meaningful than stale totals from an old incident. Clear counters only when local practice allows, then reproduce the issue to watch them grow.
Discards Are Not Errors
A discard is an intentional drop of an otherwise valid frame. The device may lack buffer space, the egress queue may be congested, a QoS policy may drop lower-priority traffic during contention, or an ACL/firewall may deny forwarding. When users report slowness and output discards climb on an uplink while error counters stay at zero, congestion is far more likely than a bad endpoint IP.
| Discard type | Troubleshooting clue |
|---|---|
| Input discards | Cannot process received frames fast enough, or policy drop |
| Output discards | Egress queue congestion or shaping/policing |
| QoS drops | Lower-priority traffic dropped during congestion |
| ACL/firewall drops | Policy intentionally denies traffic |
Duplex and Speed Mismatch
Autonegotiation normally sets speed and duplex. The classic fault is one side hard-coded to full duplex while the other autonegotiates and defaults to half duplex. Symptoms include poor throughput, late collisions and CRC errors on the half-duplex side, and the telltale pattern that small pings succeed but large file transfers crawl. The fix is to set both sides identically: either auto/auto or matching fixed values.
| Symptom | Likely issue |
|---|---|
| Negotiates 100 Mbps instead of 1 Gbps | Pair fault, cable rating, port limit, or forced setting |
| High collisions on one side only | Half-duplex behavior from a mismatch |
| Good ping, terrible bulk transfer | Duplex mismatch, errors, or congestion |
| Speed fixed on one side only | Autonegotiation mismatch risk |
PoE Troubleshooting
Power over Ethernet feeds phones, cameras, access points, and IoT devices from the switch (the PSE, Power Sourcing Equipment) to the device (the PD, Powered Device). Know the IEEE tiers cold: 802.3af (PoE) delivers ~15.4 W at the PSE and 12.95 W at the PD; 802.3at (PoE+) delivers ~30 W / 25.5 W; 802.3bt (PoE++) Type 3 delivers 60 W / 51 W and Type 4 delivers ~100 W / 71.3 W. A switch with a fixed power budget can run out of watts as you add high-draw devices even though each port is healthy.
| PoE clue | Check |
|---|---|
| Device never powers on | PoE enabled, standard match, port budget, cable pairs |
| Boots then reboots | Power class too low, budget exhausted, cable loss |
| New APs fail after additions | Total switch power budget exceeded |
| Injector works, switch port does not | Switch PoE capability or config |
| Data link up, no power | Non-PoE port, disabled PoE, or incompatible PD |
A practical PoE budgeting example: a 48-port switch advertises a 370 W PoE budget. If you connect 30 Wi-Fi 6 access points that each negotiate 802.3at and draw 25 W under load, that is 750 W of demand against 370 W of supply. The switch powers the first set of APs and then refuses or browns out the rest, which looks like "random APs keep failing." The fix is not a new cable; it is a larger power supply, a PoE+ budget calculation, or distributing APs across more switches. Always sum the worst-case PD draw, not the idle draw.
Worked Example: Slow Backups Over a Gigabit Link
Nightly backups that used to finish in two hours now take eight. The link shows up/up at 1 Gbps and pings are sub-millisecond. You check interface counters and find late collisions and CRC errors climbing only on the server side, while the switch side reports output errors. This is the fingerprint of a duplex mismatch: the server NIC was hard-set to 1000/full during a build, while the switch port autonegotiated and the combination collapsed to a half-duplex state on one end. Pings (tiny, infrequent frames) rarely collide, so they hide the problem; sustained backup traffic saturates the link and collisions explode.
Setting both ends to autonegotiate, or both to the same fixed values, restores full throughput. The takeaway for the exam: late collisions plus good ping but terrible bulk transfer equals duplex mismatch.
Common Traps
Do not treat discards as errors or errors as discards; the exam distinguishes them deliberately. An increasing input error counter means frames arrived malformed (physical or framing), while an increasing input discard counter means good frames were dropped by buffer or policy limits. Another trap is forgetting that an err-disabled port is an intentional protective shutdown (port security violation, BPDU guard, or UDLD) and must be cleared and the root violation fixed, not simply re-enabled in a loop.
Exam Focus
For N10-009, do not stop at "the port is up." Errors point to media, duplex, or framing. Discards point to congestion, queues, QoS, or policy. PoE faults require checking both the electrical power path and the Ethernet data path, and you should know the 802.3af, 802.3at, and 802.3bt wattage tiers well enough to spot an under-powered device.
A switch port is up, but file transfers are extremely slow. One side is forced to full duplex and the other autonegotiated to half duplex. What is the most likely problem?
Output discards on a switch uplink rise during busy periods, but physical error counters stay at zero. What is the most likely cause?
An access point repeatedly boots and then reboots after being moved to a new switch. The data link stays up the whole time. Which PoE factor should you check first?