I did a search out there for VLAN Input Queue Drops and came up with a few threads but none that really seemed to answer the problem. I have a Vlan on my 6509 that is experiencing a high number of Input Queue drops. The big problem is that I can't catch it while it's happening. It always seems to happen of course when I'm not looking at the interface. That's making it next to impossible to find the cause for the issue. I'm debating increasing the input queue max above 75 but, I'm leary of causing any sort of performance degredation. I've seen a load of these issues out there where guys have increased the queue up to 2000 and it didn't seem to help. I'll take any suggestions, see my snapshot below, this is after I cleared the couters earlier this morning, seems like my input counters are rather high for having ip cef and fast switching enabled globally, the only change I can think of that's happened is we turned on port-security on all the distributed switches which sit in the closets amongst our high-rise but, they arn't a part of this VLAN.:
Vlan44 is up, line protocol is up Hardware is EtherSVI, address is 0019.07d4.7400 (bia 0019.07d4.7400) Description: Example Data VLAN Internet address is 184.108.40.206/22 MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 5/255 Encapsulation ARPA, loopback not set ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:00, output hang never Last clearing of "show interface" counters 3d02h Input queue: 0/75/9662/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 19648000 bits/sec, 8919 packets/sec 5 minute output rate 7143000 bits/sec, 2406 packets/sec L2 Switched: ucast: 12985585921 pkt, 11068830624049 bytes - mcast: 4524727 pkt , 487897744 bytes L3 in Switched: ucast: 2517029817 pkt, 316096903865 bytes - mcast: 0 pkt, 0 by tes mcast L3 out Switched: ucast: 226054288 pkt, 152701807644 bytes mcast: 0 pkt, 0 byte s 2533488572 packets input, 318996427575 bytes, 0 no buffer Received 4132914 broadcasts (286009 IP multicast) 0 runts, 0 giants, 58 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 242790991 packets output, 157082286957 bytes, 0 underruns 0 output errors, 0 interface resets 0 output buffer failures, 0 output buffers swapped out CSW1_6509E#
The output strongly suggests that your traffic received on input is being processed switched thus causing congestion simply because there is simply no route-cache entry to determine the forwarding decision thus has to be queued before it can be processed.
There are two options for trying determine the traffic or protocol in question, either debug ip packet which would be very cpu intensive and therefore caution is warranted when doing this and preferably should be logged to the buffer. Under the circumstances I can appreciate that this is difficult to determine and any debugging should be done out of hours which could not actually capture the traffic in question.
A 'show process cpu' should also help identify which input process is hogging the CPU at time the drops occur, and may help given an indication as to what type of traffic is attributed to the drops.
Alternatively if you run a 'show buffers input-interface ' This should indicate what specific ip protocol is prevalent in the buffers at any given time, for example at the end of the output you should be able to identify they keyworrd prot:, such as prot: 1.
I'll see what I can catch with show buff input-int vlan 44... Right now it of course shows nothing because nothing is happening at the moment. I'll have to work on my scripting skills, maybe I can come up with something that constantly runs the command and reports back with anything different... Right now all I see is nothing.... HAHA
CSW1_6509E#show buffers input-interface vlan 44
Header DataArea Pool Rcnt Size Link Enc Flags Input Output
Thanks for the additional non-intrusive suggestion however!
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.