Can someone please explain for a Vlan interface would be dropping packets on the input queue? Please refer to the drops/flushes below. This is from a 6500 with a Sup720, there are a number of vlans on it. This 6500 and it's HSRP partner are exhibiting the same symptoms on all the vlans I bothered to check. This particular vlan is quite lightly used, there are only about fifteen user PC's (each with 100 Mb interfaces) on it.
There is a bit of information on input queue drops on Cisco, but this is focussed on physical interfaces where I can understand some packets being dropped. I would think that Vlan interfaces would have different issues.
I note the "no buffer" errors as well, that also concerns me, especially as that counter is quite close to the "flushes".
Vlan123 is up, line protocol is up Hardware is EtherSVI, address is 00d0.04fd.6000 (bia 00d0.04fd.6000) Description: Vlan123 Internet address is 10.123.123.7/24 MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive not supported ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:01, output 00:00:00, output hang never Last clearing of "show interface" counters 1w5d Input queue: 0/75/48016/4665 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 1000 bits/sec, 1 packets/sec 5 minute output rate 172000 bits/sec, 35 packets/sec L2 Switched: ucast: 873 pkt, 96349 bytes - mcast: 5721320 pkt, 5631745097 byte s L3 in Switched: ucast: 12 pkt, 888 bytes - mcast: 0 pkt, 0 bytes mcast L3 out Switched: ucast: 43032751 pkt, 26311968968 bytes mcast: 43650871 pkt, 5 7721556831 bytes 2725081 packets input, 213967275 bytes, 4594 no buffer Received 2706655 broadcasts (1037178 IP multicasts) 0 runts, 0 giants, 6115 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 47543646 packets output, 26462353272 bytes, 0 underruns 0 output errors, 0 interface resets 0 output buffer failures, 0 output buffers swapped out
interface Vlan123 description Vlan123 ip address 10.123.123.7 255.255.255.0 ip helper-address 10.123.120.5 ip helper-address 10.123.120.5 ip directed-broadcast 109 ip pim sparse-dense-mode standby 10.123.123.1 standby priority 90 no mop enabled end
Usually this can be seen when traffic arrving to SVI should be sent for CPU processing. If that traffic dropped by CPU - you will see the drops on VLAN input. Also if queue is full with these packets you will see flushes and no buffers.
You can check "show int vlan 123 switching" to see if you similar RP drops there.
So to mitigate this you need to understand what packets are punted to CPU, why those are punted and then eliminate of these packets.
You can do it with follwoing methods:
- SPAN VLAN 123 or particular VLAN ports on ingreass and watch those packest with wireshark to see what is wrong there
- do NETDR:
-- debug netdr cap rx vlan 123
-- show netdr cap
it will show you wich packets are punted to CPU ingressing VLAN 123 - it is safe to use as it is used for TS of High CPU issues.
Thanks for your reply. I am attaching the output of the "show switching" and refresh of the "show interface" below, I am not sure if anything draws your attention from the output.
About that netdr command, will that really only show the packets sent from the vlan input queue to the CPU? The command just looks like it will show all input packets? I would like to run this command but it is definitely after-hours stuff.
Input queue: 6/75/48267/4692 (size/max/drops/flushes); Total output drops: 0
SO indeed some traffic punted to CPU is dropped there. NETDR command will catch all packets going to cpu - not usually that much as most of the traffic handled in HW. And that is harmless as give output by pages and does not cause any CPU spike.
Please also note you need to do that command when counters are growing as it catchs packets in real time.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...