cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1137
Views
0
Helpful
4
Replies

ifinunknownprotos

jdreed2829
Level 1
Level 1

I am a Network Performance Manager for a large network. We recently were having problems with DTP packets from Cisco Switches causing ifinunknownprotos on the Cisco Routers. We have also identified ifinunknownprotos on the Cisco routers from Juniper Switches as well. I was wondering if anyone happens to know if Juniper has a Protocol similar to DTP that would cause this?

2 Accepted Solutions

Accepted Solutions

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello James,

there are different possible reasons for the unknown protocol.

If your Cisco routers are not running IS-IS , IS-IS hello PDUs sent by Juniper routers can count as unknown protocol.

We have a case like this in our DMZ even if all devices are Cisco routers and multilayer switches but some take part in a DMZ IS-IS domain and others don't participate.

On the last ones c7206VXR with NPE-G2 we can see unknown protocols to increment with a frequency that is that of IS-IS hello messages.

This is just an example.

Another could be the new LLDP protocol (used with third party phones and similar to CDP)

If you can you should try to get a packet capture of what arrives on the port to understand what they are.

Hope to help

Giuseppe

View solution in original post

deyadav
Cisco Employee
Cisco Employee

If the port/interface receives any packet/frame for which it does not understand the encapsulation type would be reported as Unknown protocol.

On routers I remember this counter was implemented with 12.4T train.

This is not an error a simple notification that this interface is receiving unsupported encapsulation or protocols.

Now this may based on the interface configuration and IOS feature support that which such protocols might fall into this category, only a sniffer capture could let you know what traffic is increasing that counter.

View solution in original post

4 Replies 4

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello James,

there are different possible reasons for the unknown protocol.

If your Cisco routers are not running IS-IS , IS-IS hello PDUs sent by Juniper routers can count as unknown protocol.

We have a case like this in our DMZ even if all devices are Cisco routers and multilayer switches but some take part in a DMZ IS-IS domain and others don't participate.

On the last ones c7206VXR with NPE-G2 we can see unknown protocols to increment with a frequency that is that of IS-IS hello messages.

This is just an example.

Another could be the new LLDP protocol (used with third party phones and similar to CDP)

If you can you should try to get a packet capture of what arrives on the port to understand what they are.

Hope to help

Giuseppe

Thanks alot for all your help!

deyadav
Cisco Employee
Cisco Employee

If the port/interface receives any packet/frame for which it does not understand the encapsulation type would be reported as Unknown protocol.

On routers I remember this counter was implemented with 12.4T train.

This is not an error a simple notification that this interface is receiving unsupported encapsulation or protocols.

Now this may based on the interface configuration and IOS feature support that which such protocols might fall into this category, only a sniffer capture could let you know what traffic is increasing that counter.

Thanks!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: