Troubleshooting Tip: SFP module port flap OR port not coming UP due to Module in ERROR state

Description
This article describes about the probable cause and fixes for FortiSwitch 'Module in ERROR state' error.

Scope
FSW version 6.4.x and above

- FortiSwitch SFP/SFP+ port may not come up OR the port will keep flapping UP and down.
- FortiSwitch may report high CPU usage.

Solution
1) '# get switch modules status' and ' # get switch modules summary' command outputs may show 'Module in ERROR state' as shown below from CLI:

# get switch modules status

Port(port5)
Module in ERROR state

# get switch modules summary

  Portname State Type Transceiver RX Vendor Part Number Serial Number
  __________ _______ _______ ____________ ___ ________________ ________________ ______________

  port5 ERROR
  port6 ERROR

2) This error may also increase FortiSwitch CPU usage due to ‘Diagnostic Monitoring Interface (DMI)’ 'dmid' process:

# get system performance status
CPU states: 1% user 66% system 0% nice 43% idle
Memory states: 11% used
Average network usage: 0 kbps in 1 minute, 0 kbps in 10 minutes, 0 kbps in 30 minutes
Uptime: 15 days, 10 hours, 29 minutes

# get system performance top
Run Time: 15 days, 10 hours and 29 minutes
0U, 57S, 43I; 2023T, 1712F
            dmid 1858 R 97.0 0.5 ---------------- > dmid
   igmpsnoopingd 1822 R N 1.9 0.7
           ctrld 1851 S 1.9 0.5
            lfgd 1820 S 1.9 0.5
        lldpmedd 1857 S 0.9 0.7

3) To overcome FortiSwitch 'Module in ERROR state' error – use a supported FortiSwitch Transceiver suitable for the FortiSwitch Model, refer below link for FortiSwitch Compatible Transceivers list:

https://docs.fortinet.com/document/fortiswitch/hardware/compatible-transceivers?model=all

4) Check the logs on the FSW using the below command

execute log filter view-lines 1000

execute log display

Open the logs in a notepad file and search for any logs related to the port#. You may find below errors on the SFP ports:-

15: 2021-08-10 14:30:47 log_id=0100001050 type=event subtype=link pri=warning vd=root action="physical-port-change" user="dmid" status="None" switch.physical-port="port28" msg="port28, failed BASE ID Check Sequence"

This error is fixed in FSW versions 6.4.11, 7.0.4, 7.2.0 and above.

Note: For an updated FortiSwitch Compatible Transceivers list visit: https://docs.fortinet.com/product/fortiswitch/hardware

5) If the above step does not resolve the issue, contact Fortinet Support and attach the below data for analysis:

- FortiSwitch Model
- Transceiver Make and Model:
- Validate if the Transceiver model is supported on FortiSwitch Model (refer FortiSwitch Compatible Transceivers list).
- Attach following logs from FortiSwitch:

# show full
# diag debug report
# diagnose switch modules state-machine
# get switch modules detail                    
# get switch modules summary                   
# get switch modules status               

Related articles:

https://community.fortinet.com/t5/FortiSwitch/Troubleshooting-Tip-SFP-SFP-transceivers-port-fiber-li...

https://community.fortinet.com/t5/FortiSwitch/Technical-Tip-Recommended-Port-speed-configuration-for...

https://community.fortinet.com/t5/FortiSwitch/Technical-Tip-Recommended-port-speed-configuration-whe...

https://community.fortinet.com/t5/FortiSwitch/Technical-Tip-Recommended-port-speed-configuration-for...

https://community.fortinet.com/t5/FortiSwitch/Technical-Tip-Port-speed-configuration-for-DAC-Direct-...