I have a c3750G L3 switch running c3750-ipservicesk9-mz.122-53.SE2.bin image.
Attached to this switch is a server with ip 10.2.158.53 (on vlan 158)
The same switch has the VLAN interface for VLAN158
I am extremely confident that the NIC for the server is OK
The symptoms I am seeing is that when I ping the server from the switch (using all possible source addresses) I see this..
ping 10.2.158.53 re 100 so vlan 158
Type escape sequence to abort.
Sending 100, 100-byte ICMP Echos to 10.2.158.53, timeout is 2 seconds:
Packet sent with a source address of 10.2.158.126
Success rate is 84 percent (84/100), round-trip min/avg/max = 1/2/9 ms
As you can see every sixth packet is dropped but, if I ping the same host at the same time from anywhere else in our global network and with the same ping timeout value (2s) I see no packet loss at all.
Im stumped. Anybody out there have any ideas as to what might be going on here?
Cheers in advance
Do you have icmp redirects enabled on that VLAN?
Is it possible to run wireshark on the server and capture the packets to see what is actually happening on the wire?
A best guess is that it is to do with control plane policing on the switch.
ICMP to and from an IP on the actual switch itself is handled in software by the control plane and so the 3750 may well be limiting the amount of ICMP packets being processed.
ICMP through the switch ie. from one end device to another is hardware switched and that is why you see normal response times for those pings.
If it is the above then it's not really a problem because generally traffic to and from the server will be from other devices and not the switch itself.
thanks for the informative response. Do you have any ideas as to how I can check / verify whether your suggested reason is the actual cause?
Unfortunately no as i don't have access to either of the switch types at the moment hence the reason it is just a best guess really.
Note also i said it could be control plane policing which i'm not sure the 3750 actually supports but the general principle still applies ie. ICMP to the switch itself is handled differently than ICMP through the switch so i still suspect it is linked to this.
Sorry i can't be more help.
Found this post that explains this phenomonon which I thought I'd share.. Thanks to those that responded
your response prompted me to try some more ping tests which have produced some additional detail that may help.
If I ping the same host from other directly attached network devices (another identical c3750, a stack of c3750s and an ASA that connect directly to the original c3750) I get the same ping response - 5 pings reply then one times out (the ASA gives !!!!!?!!!!!? etc).
Does this add anything to the mix? Im still completely stumped..
Your tests would suggest it is not to do with the handling of ICMP on the 3750 itself then because if you ping from the ASA, for example, the packets are actually going through the switch.
And this only happens within the site ie. if you ping from a remote site it all works fine ?
That is correct Jon yes. Pinging from Cisco devices on site yield the same ping response behaviour; ping from offsite Cisco devices is good.