09-23-2014 06:13 AM - edited 03-07-2019 08:51 PM
A Customer monitors servers using Microsoft SCOM. He complains that several times a day SCOM alerts because some servers seem to be unreachable. Sending endless Ping from hosts in the subnet of SCOM to hosts in a servers subnet showed that hundreds of replies were missing during a day. When pinging within the same subnet we didn't see any lost replies. So the losses only occur between different subnets.
The Core consists of two N7k with HSRP for the server vlans. Servers are connected to N5k's
I Couldn't find packet drops nor an increase of error counters on involved interfaces.
Does anybody have an idea how to go on in this case?
Many Thanks!
Kind Regards,
Urs
09-23-2014 06:53 AM
Might be its due to Copp Policy.
09-23-2014 11:16 PM
That was my first thought, too. But what I do not understand is why Copp would drop packets not determined for the CPU. Only if I do a Ping to the Vlan interface I got hits in class-map copp-system-class-monitoring. This does not happen if i Ping a server in the subnet. Is there probably another class-map dropping ICMP? I can see lots of drops in these two class-maps:
- class-map copp-system-class-l2-default
- class-map class-default
09-23-2014 11:36 PM
Check this:
https://supportforums.cisco.com/document/59621/icmpping-drops-when-pinging-nexus-7000
https://supportforums.cisco.com/document/107031/packet-loss-when-pinging-nexus-7000
HTH
09-23-2014 11:44 PM
This article exactly describes the behavior I can see. Pinging the Nexus itself results in Control plane policy drops. Pinging another device in the subnet does not cause drops as the traffic is not destined for the CPU. Nevertheless some ICMP Replies do not find the way back to the sender. My question is where to look for the reason for these lost packets.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide