11-17-2008 08:48 AM - edited 03-06-2019 02:31 AM
I am a Network Performance Manager for a large network. We recently were having problems with DTP packets from Cisco Switches causing ifinunknownprotos on the Cisco Routers. We have also identified ifinunknownprotos on the Cisco routers from Juniper Switches as well. I was wondering if anyone happens to know if Juniper has a Protocol similar to DTP that would cause this?
Solved! Go to Solution.
11-17-2008 10:21 AM
Hello James,
there are different possible reasons for the unknown protocol.
If your Cisco routers are not running IS-IS , IS-IS hello PDUs sent by Juniper routers can count as unknown protocol.
We have a case like this in our DMZ even if all devices are Cisco routers and multilayer switches but some take part in a DMZ IS-IS domain and others don't participate.
On the last ones c7206VXR with NPE-G2 we can see unknown protocols to increment with a frequency that is that of IS-IS hello messages.
This is just an example.
Another could be the new LLDP protocol (used with third party phones and similar to CDP)
If you can you should try to get a packet capture of what arrives on the port to understand what they are.
Hope to help
Giuseppe
11-17-2008 12:41 PM
If the port/interface receives any packet/frame for which it does not understand the encapsulation type would be reported as Unknown protocol.
On routers I remember this counter was implemented with 12.4T train.
This is not an error a simple notification that this interface is receiving unsupported encapsulation or protocols.
Now this may based on the interface configuration and IOS feature support that which such protocols might fall into this category, only a sniffer capture could let you know what traffic is increasing that counter.
11-17-2008 10:21 AM
Hello James,
there are different possible reasons for the unknown protocol.
If your Cisco routers are not running IS-IS , IS-IS hello PDUs sent by Juniper routers can count as unknown protocol.
We have a case like this in our DMZ even if all devices are Cisco routers and multilayer switches but some take part in a DMZ IS-IS domain and others don't participate.
On the last ones c7206VXR with NPE-G2 we can see unknown protocols to increment with a frequency that is that of IS-IS hello messages.
This is just an example.
Another could be the new LLDP protocol (used with third party phones and similar to CDP)
If you can you should try to get a packet capture of what arrives on the port to understand what they are.
Hope to help
Giuseppe
11-18-2008 09:51 AM
Thanks alot for all your help!
11-17-2008 12:41 PM
If the port/interface receives any packet/frame for which it does not understand the encapsulation type would be reported as Unknown protocol.
On routers I remember this counter was implemented with 12.4T train.
This is not an error a simple notification that this interface is receiving unsupported encapsulation or protocols.
Now this may based on the interface configuration and IOS feature support that which such protocols might fall into this category, only a sniffer capture could let you know what traffic is increasing that counter.
11-18-2008 09:51 AM
Thanks!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: