When a network port encounters an error. This port is automatically shutdown to ensure network stability. When error-disable is enabled.

The predefined error are as follows;

arp-inspection 
bpduguard
channel-misconfig
dhcp-rate-limit              
gbic-invalid                 
l2ptguard                  
link-flap
mac-limit
link-monitor-failure
loopback
oam-remote-failure
pagp-flap
port-mode-failure
psecure-violation
security-violation
sfp-config-mismatch
storm-control
udld
vmps

Primary function of error-disable is fault detection. Secondary you can set up recovery, per predefined error.  This can be done by ;

errdisable recovery cause

Be sure to set the recovery interval to your specific needs;

errdisable recovery interval 60

Whenever  a port is disabled due to an error-disable condition you should see something like ;

somerouter#show interface GigabitEthernet1/6
GigabitEthernet1/6 is down, line protocol is down (err-disabled)
--//output omitted for brevity//--

Interesting to see that the port is in down/down status with an err-disabled condition.

If you do not resolve the root cause the log will be flooded with

Jan 10 08:51:35.074 CET: %PM-4-ERR_RECOVER: Attempting to recover from link-flap err-disable state on Gi1/6
Jan 10 08:51:37.179 CETT: %PM-4-ERR_DISABLE: link-flap error detected on Gi1/6, putting Gi1/6 in err-disable state

To resolve the problme one has to know the root cause, for this you’ll have to issue the command “show errdisable recovery”. First you see a list of errors where recovery is enabled, or disabled. (See column ‘Timer Status’)

somerouter#sh errdisable recovery
ErrDisable Reason            Timer Status
-----------------            --------------
arp-inspection               Disabled
bpduguard                    Enabled
channel-misconfig            Enabled
dhcp-rate-limit              Disabled
gbic-invalid                 Enabled
l2ptguard                    Disabled
link-flap                    Enabled          
mac-limit                    Disabled
link-monitor-failure         Disabled
loopback                     Disabled
oam-remote-failure           Disabled
pagp-flap                    Enabled
port-mode-failure            Disabled
psecure-violation            Enabled
security-violation           Enabled
sfp-config-mismatch          Disabled
storm-control                Disabled
udld                         Enabled
vmps                         Enabled

Timer interval: 60 seconds                     

Interfaces that will be enabled at the next timeout:

Interface       Errdisable reason       Time left(sec)
---------       -----------------       --------------
Gi1/6                 link-flap           47

Root cause for the problem with interface Gi1/6 lies in link-flap. This is somewhat cryptic but will give you an idea where to find the solution.

Possible root causes are;
dodgy cabling
faulty optics (sfp/gbic)
wrong speed/duplex settings
hardware loop

In this particular case I suspected the speed/duplex settings.

somerouter(config-if)#speed nonegotiate
somerouter(config-if)#shut
somerouter(config-if)#no shut
somerouter(config-if)#
Jan 10 11:20:31.589 CET: %LINK-5-CHANGED: Interface GigabitEthernet1/6, changed state to administratively down
somerouter(config-if)#
Jan 10 11:20:33.703 CET: %LINK-3-UPDOWN: Interface GigabitEthernet1/6, changed state to up
somerouter(config-if)#
Jan 10 11:20:33.712 CET: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/6, changed state to up

Link was forced down and up to get rid of the error-disable condition.
Terminal monitor was turned on to instantly see what is going on.
Logging tells me that the port is admin down and that changed to up.
Et voilà, line protocol is also changed to up.

Root cause found and resolved.