Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Nexus 7000 - Unicast RPF statistics

Dear all,

I've configured unicast RPF on my VLAN interfaces but now I'm trying to see where the drop statistics are reported and how much detail they have. Can anyone point me to the correct command to show the counter?

I've also read to get a more detailed drop output you need to assign a permit/deny logging ACL to show the rogue source addressing. Again could anyone point me to a good resource on how to do this?

Regards and thanks in advance,

Col

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: Nexus 7000 - Unicast RPF statistics

Hi Col,

The configuration guide says that

Per-interface statistics on packets dropped due to a  failed unicast RPF check are not available but Per-forwarding engine basis

which means Per-module.

Global Statistics

http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/security/configuration/guide/Cisco_Nexus_7000_NX-OS_Security_Configuration_Guide__Release_5.x_chapter22.html#con_1064158

You can use a command below to see number of  packets that were dropped due to URP per-module.

N7K-b(config-if)# show ver | i image
   kickstart image file is: bootflash:/n7000-s1-kickstart.5.0.3.bin
   system image file is:    bootflash:/n7000-s1-dk9.5.0.3.bin


N7K-b(config-if)# show hardware internal errors module 2 | egrep RPF|DROP
95   CL2 RPF check Fail Pkt count                  0000000059140804   1-48 I1
455  Exception cause: DROP (Unicast)               0000000059140804   1-48 I1
N7K-b(config-if)# show hardware internal errors module 2 | egrep RPF|DROP
95   CL2 RPF check Fail Pkt count                  0000000069140415   1-48 I1
455  Exception cause: DROP (Unicast)               0000000069140415   1-48 I1

Regards,

Kimihito.

3 REPLIES
New Member

Re: Nexus 7000 - Unicast RPF statistics

Hi Col,

The configuration guide says that

Per-interface statistics on packets dropped due to a  failed unicast RPF check are not available but Per-forwarding engine basis

which means Per-module.

Global Statistics

http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/security/configuration/guide/Cisco_Nexus_7000_NX-OS_Security_Configuration_Guide__Release_5.x_chapter22.html#con_1064158

You can use a command below to see number of  packets that were dropped due to URP per-module.

N7K-b(config-if)# show ver | i image
   kickstart image file is: bootflash:/n7000-s1-kickstart.5.0.3.bin
   system image file is:    bootflash:/n7000-s1-dk9.5.0.3.bin


N7K-b(config-if)# show hardware internal errors module 2 | egrep RPF|DROP
95   CL2 RPF check Fail Pkt count                  0000000059140804   1-48 I1
455  Exception cause: DROP (Unicast)               0000000059140804   1-48 I1
N7K-b(config-if)# show hardware internal errors module 2 | egrep RPF|DROP
95   CL2 RPF check Fail Pkt count                  0000000069140415   1-48 I1
455  Exception cause: DROP (Unicast)               0000000069140415   1-48 I1

Regards,

Kimihito.

New Member

Re: Nexus 7000 - Unicast RPF statistics

Kimihito,

Thank you for your reply!

I'm not sure which team you're in a Cisco but do you know if there is any thoughts on having a global counter in future versions of the code? If not then I'll speak to my SE about a feature request.

Again thank you for answering my question

Regards,

Col

New Member

Re: Nexus 7000 - Unicast RPF statistics

Hello Col,

I'm in TAC. I see a Closed enhancement request bug (internal one) that requested global statistics and per-interface statistics for RPF.

According to the bug, there is no plan to implement global statistics at this moment.

Could you please talk to your Cisco representative for further disscusstoin of this request ?

I really appreciate for your suggestion that makes our products better.

I will send you private message the internal bug id that makes easier when you talk to your Cisco representative.

Regards,

Kimihito.

1083
Views
0
Helpful
3
Replies
CreatePlease to create content