Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
939
Views
5
Helpful
3
Replies

VLAN -Ignored packets

danpwalker
Level 1
Level 1

‎06-11-2007 08:26 PM - edited ‎03-05-2019 04:38 PM

Hi All,

Just looking for some ideas to troubleshoot a Mgt Vlan issue. We have quite a large, flat L2 network running RSTP and have been having issues with the VLAN for some time. Basically its flakey with some switches (and devices behind them) dropping packets and inaccessible on Vl10. In such cases its possible to an extended ping to the device which wakes it up and then apparently populates the ARP cache. Vlan 10 interfaces are also showing ?ignored? errors and, to a lesser extent, ?throttles?.

To summarise:

? Approx 15 x 2950s run at aggregation layer and terminate on a 6506

? No physical errors on the trunk interfaces. No bandwidth saturation issues.

? High number ARP Vs IP packets on the mgt VLAN. Debug ARP showed no problems.

? Large number of throttles in Vlan.

? Large number of broadcasts in Vlan (especially in relation to input traffic).

? Large number of ignored packets in Vlan. Ignored packets are normally symptomatic of buffer/CPU issues which is not the case and Cisco docs don?t offer any further troubleshooting advice.

? ?Storm-control broadcast level x.x? and ?storm-control action trap? have been enabled on the trunk ports along with the ?allowed VLAN? cmd.

? The ARP time out default has also been changed from the default to 5 minutes to no effect (may account for some of the additional ARP traffic).

? There are also some trunks running the ?native vlan 10? cmd which Im not able to remove as it prevents access to the devices behind it. Carrying untagged traffic into Vlan may be an issue but wouldn?t be responsible for ?ignored? packets?

? Mgt VLAN is also using process switching.

Anyone had any similar issue or any ideas re any further troubleshooting? An example output from one of the 2950s below.

Cheers.

*

*Ignored and b?cast packets*

2950_01#sh int vlan 10

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/40 (size/max)

5 minute input rate 87000 bits/sec, 139 packets/sec

5 minute output rate 468000 bits/sec, 62 packets/sec

648641484 packets input, 1576333980 bytes, 0 no buffer

Received 266803178 broadcasts (0 IP multicast)

0 runts, 0 giants, 195206 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 132075465 ignored <<< IGNORED!

378481703 packets output, 1285951018 bytes, 0 underruns

*

** Physical Trunk**

2950_01#sh controllers ethernet-controller g0/1

Transmit Receive

473263562 Bytes 2493608151 Bytes

4139804096 Frames 960683870 Frames

63007766 Multicast frames 31 FCS errors

27809995 Broadcast frames 165735724 Multicast frames

0 Pause frames 399656139 Broadcast frames

*

**ARP Vs IP Packets**

2950_01#sh int vlan 10 accounting

Vlan10 Mgt

Protocol Pkts In Chars In Pkts Out Chars Out

IP 35962865 22840592 33196205 3594660941

ARP 133006620 3687132588 590645 35438700

*

***ARP Vs IP Packets**

B2SH_2950_01#sh int vlan 10 switching

Vlan10 Mgt

Throttle count 195514

Protocol Path Pkts In Chars In Pkts Out Chars Out

IP Process 35978520 30711457 33210601 3602399851

ARP Process 133160464 3696367358 590978 35458680

*

*Config*

2950_01#sh run int vl10

interface Vlan10

description Mgt

ip address x.x.x.x x.x.x.x

no ip route-cache

arp timeout 300

end

*

*CPU*

2950_01#sh proc cpu | ex 0.00

CPU utilization for five seconds: 19%/9%; one minute: 15%; five minutes: 15%

Labels:
0 Helpful
3 Replies 3

beth-martin
Level 5
Level 5

‎06-15-2007 11:13 AM

By default, all layer 2 ports are in dynamic desirable mode, so the layer 2 port tries to form a trunk link and sends out DTP packets to the remote device. When a layer 3 interface is connected to a layer 2 switchport, it is not able to interpret these frames, which results in Input errors, WrongEncap errors, and Input queue drops.

In order to resolve this, change the mode of the switch port to static access or trunk as per your requirement.

Switch2(config)#int fa1/0/12

Switch2(config-if)#switchport mode access

or

Switch2(config)#int fa1/0/12

Switch2(config-if)#switchport trunk encapsulation dot1q

Switch2(config-if)#switchport mode trunk

0 Helpful

danpwalker
Level 1
Level 1
In response to beth-martin

‎06-18-2007 11:32 PM

Hi Beth, Thanks for the feedback. However, each port is already configured as per above and trunks also configured with 'switchport nonegotiate' which will disable DTP.

There are also a large number of broadcasts evident on the VLAN interface so its possible the ignored packets may be a byproduct of this?

5 minute input rate 82000 bits/sec, 129 packets/sec

5 minute output rate 206000 bits/sec, 47 packets/sec

381508 packets input, 31085953 bytes, 0 no buffer, Received 179001 broadcasts, 17 throttles, 89457 ignored

0 Helpful

glen.grant
VIP Alumni
VIP Alumni

‎06-19-2007 03:37 AM

Maybe you can clarify or maybe I dont understand , you say it is a management vlan 10 . Is this really a management vlan in which it is just used to manage the the 2950's and you have a different vlan trunked along with it for the data ? If so then yes there seems to be too much data flowing across that vlan to be strictly a mgt vlan, half a meg per second for a mgt. vlan is too much . You might start looking for somewhere someone has accidently bridged your mgt and data vlan together . Also use the bug toolkit to look for bugs related to the code versions you are using.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card