Unexpected output drops on ASR

sdavids5670 · ‎02-24-2018

The topology is like this (sorry this is the best I could do in draw.io):

The router in the middle is a GRE head end router. Traffic coming into Gi0/0/0 and Gi0/0/1 is native IP and traffic going out Gi0/0/2 is GRE-encapsulated traffic (not encrypted at this point). There is NO QoS configuration on Gi0/0/2. For some reason Gi0/0/2 is seeing a relatively high output drop rate (approx 1/2 of 1 percent). Interface Gi0/0/2 is in a front-door VRF and the GRE traffic supports only about 45 spokes at this time. The total traffic rate never gets very high and even a single output drop seems like it would be too high for the flows that are using this interface. The hold-queue is set to default (40 packets). Is it possible that this is the result of microbursts (seems unlikely)? When I issue "show interface gi0/0/2 summary" I never see anything other than a 0 in the OHQ (pkts in output hold queue).

Georg Pauwen · ‎02-24-2018

Hello,

if it is a GRE tunnel, MTU could be a reason. Post the configuration of the router...

sdavids5670 · ‎02-24-2018

@Georg Pauwen wrote:

Hello,

if it is a GRE tunnel, MTU could be a reason. Post the configuration of the router...

I'll start with this (see below) and if you think I need to post more config let me know. If this were a fragmentation issue wouldn't the drops show up under the tunnel interface instead of the physical interface? I should also add that I do see flow drops in the default class for several of the spokes (per-tunnel QoS) but the drops do not add up to the drops I see on the physical interface (phys > flow drops).

policy-map QOS-OUT-INET
description Child policy to the SHAPING-POLICY-xMbps
class EF-PRI
priority
police cir 1544000
conform-action transmit
exceed-action drop
class NETWORK-CONTROL
bandwidth remaining percent 5
queue-limit 1500 packets
class AF41-QUEUE
bandwidth remaining percent 40
fair-queue
queue-limit 1500 packets
class AF31-QUEUE
bandwidth remaining percent 34
fair-queue
queue-limit 1500 packets
class AF21-QUEUE
bandwidth remaining percent 16
class SCAVENGER
bandwidth remaining percent 1
fair-queue
queue-limit 1500 packets
class class-default
bandwidth remaining percent 4
fair-queue
queue-limit 1500 packets
!
policy-map SHAPING-POLICY-20Mbps
description Shaping for Broadband-based Tunnel at 20 Mbps
class class-default
shape average 20000000
service-policy QOS-OUT-INET
policy-map SHAPING-POLICY-5Mbps
description Shaping for Broadband-based Tunnel at 5 Mbps
class class-default
shape average 5000000
service-policy QOS-OUT-INET
policy-map SHAPING-POLICY-10Mbps
description Shaping for Broadband-based Tunnel at 10 Mbps
class class-default
shape average 10000000
service-policy QOS-OUT-INET
policy-map SHAPING-POLICY-15Mbps
description Shaping for Broadband-based Tunnel at 15 Mbps
class class-default
shape average 15000000
service-policy QOS-OUT-INET
!
interface Tunnel999
description Internet-based transport INET-BRANCH
bandwidth 1000000
ip address 192.168.1.2 255.255.255.0
no ip redirects
ip mtu 1400
ip flow monitor NETFLOW input
ip flow monitor NETFLOW output
ip nhrp authentication REDACTED
ip nhrp map multicast dynamic
ip nhrp map group Group-20Mbps service-policy output SHAPING-POLICY-20Mbps
ip nhrp map group Group-5Mbps service-policy output SHAPING-POLICY-5Mbps
ip nhrp map group Group-10Mbps service-policy output SHAPING-POLICY-10Mbps
ip nhrp map group Group-15Mbps service-policy output SHAPING-POLICY-15Mbps
ip nhrp network-id 999
ip nhrp holdtime 600
ip tcp adjust-mss 1360
load-interval 30
tunnel source GigabitEthernet0/0/2
tunnel mode gre multipoint
tunnel key 999000
tunnel vrf BLUE
!
interface GigabitEthernet0/0/2
description REDACTED
vrf forwarding BLUE
ip address 172.31.1.169 255.255.255.252
load-interval 30
negotiation auto
end