Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1095
Views
13
Helpful
6
Replies

DFM Notification - High queue drop rate on Tunnel interface

santipongv
Level 1
Level 1

‎06-10-2008 09:45 AM

CiscoWorks DFM 2.0.10 generates high queue drop rate on Tunnel interface. Is this a bogus notification? There are no errors on the physical interface.

ROUTER#sh int tu0

Tunnel0 is up, line protocol is up

Hardware is Tunnel

Internet address is 192.168.61.2/30

MTU 1514 bytes, BW 9 Kbit, DLY 500000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation TUNNEL, loopback not set

Keepalive not set

Tunnel source 192.168.59.1 (Loopback0), destination 192.168.60.1

Tunnel protocol/transport GRE/IP, key disabled, sequencing disabled

Checksumming of packets disabled, fast tunneling enabled

Last input 3w3d, output 4w5d, output hang never

Last clearing of "show interface" counters 1d03h

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 12 <==

Queueing strategy: fifo

Output queue: 0/0 (size/max)

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

85 packets input, 21672 bytes, 0 no buffer

Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

84 packets output, 21019 bytes, 0 underruns

0 output errors, 0 collisions, 0 interface resets

0 output buffer failures, 0 output buffers swapped out

Labels:
0 Helpful
6 Replies 6

Joe Clarke
Cisco Employee
Cisco Employee

‎06-10-2008 09:55 AM

This is not bogus. Given the low amount of traffic on this interface, 12 output drops is significant. The queue drop rate is ~ 15%. If this is acceptable, then you can increase the default threshold under DFM > Configuration > Polling and Thresholds > Managing Thresholds.

santipongv
Level 1
Level 1
In response to Joe Clarke

‎06-10-2008 10:10 AM

Tunnel interface is logical and there is no real buffer, isn't it?

0 Helpful

Joe Clarke
Cisco Employee
Cisco Employee
In response to santipongv

‎06-10-2008 10:50 AM

Certainly no hardware buffer, but there is buffer memory carved out. Typically, output drops on tunnel interfaces occur when a packet is queued with the DF bit set, but the packet is larger than the tunnel's IP MTU, so they are dropped. Additionally, if the packet plus the GRE header is larger than the tunnel can handle (and the DF bit is set) the packet will be dropped.

santipongv
Level 1
Level 1
In response to Joe Clarke

‎06-10-2008 11:11 AM

So, can I adjust MTU on the Tunnel interface?

0 Helpful

Joe Clarke
Cisco Employee
Cisco Employee
In response to santipongv

‎06-10-2008 11:12 AM

You might try:

ip mtu 1400

ip tcp adjust-mss 1380

As a start. But this might be a better question for the VPN or one of the routing forums.

santipongv
Level 1
Level 1
In response to Joe Clarke

‎06-10-2008 11:15 AM

Unfortunately, I have 12.2(24a) on the router. "ip tcp adjust-mss 1380" is not supported.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents