Cisco Switching/Routing :: 3560 And 3750 - Any Way To Check For MLS QoS Input Queue Drops?
Feb 10, 2012
I feel that 3560 and 3750 perform differently with the following two commands:
srr-queue bandwidth shape 5 0 0 0
srr-queue bandwidth limit 50
On 3750, the bandwidth for queue 1 is limited to 100mbps x 50% / 5 = 10mbps
On 3560, the bandwidth for queue 1 is limited to the smaller value of BW / shape weight and BW x limit%.
Does it sound about right? is there a way to check for mls qos input queue drops? The show mls qos interface xxx stat only shows the output queue drops. Maybe for some reason the input queue never drops?
View 6 Replies
ADVERTISEMENT
Nov 6, 2011
i have an 2921 connected to an Catalyst 3560. My router interface shows quite a lot of input queue drops. Load is not too much max 5/255.
View 1 Replies
View Related
Jan 10, 2013
I've been fighting what seems to be an increased number of outqueue drops on our core stack and edge switches for the last 3 or 4 weeks.(The core consists of a stack of 5 3750s in 32-gig stack mode. The wkgrp switches are 3560s. all are at 12.2.52) The wkgrp switches are directly connected to users. We use Nortel IP phones with the phone inline with the user PC. auto-neg to 100/full. [code] However I have tried turning off QOS on a couple of workgroup switches (no mls qos, but left individual port configurations the same) but am still seeing drops.Since I have disabled qos on the switches in question (no mls qos) (not the core tho) I am presuming these commands have no affect on the switch operation and therefore cannot be related to the problem. With QOS turned off one would presume that it is general congestion - especially at the user edge where busy PC issues might contribute. So I wanted to see if I could see any instances of packets in the output queues building up.
I wrote some scripts and macros that essentially did a snapshot of 'show int' every 20 seconds or so, and looked for instances of 'Queue: x/' where x was greater than zero.What I found after several days of watching the core stack, and a few of the workgroup switches that are most often displaying the behavior, was that I NEVER saw ANY packets in output queues. I often saw packets in Input queues for VLAN1, once in a great while I would see packets on input queues for fa or Gi interfaces, but NEVER on output queues. [ code] Additionally, when I look (via snmp) at interface utilization on interfaces showing queue drops (both core and wkgroup), they are occurring at ridiculously low utilization levels (as low as 4 to 8%). I've tried to look for microbursts between the core and a wkgroup switch where the core interface was experiencing drops, but haven't seen any (using observer suite). [code] While the queue-drop counts aren't critically high at this point, they are happening more frequently than in the past and I would like to understand what is going on... In most cases, no error counters are incrementing for these interfaces. Is there some mechanism besides congestion that could cause output queue drops?
View 4 Replies
View Related
Sep 8, 2012
I can see drops on one of our busy L3 vlan in the input queue and are going up very frequently.System image file is "sup-bootflash:s72033-psv-mz.122-18.SXD3.binHardware = 6509
View 1 Replies
View Related
Apr 30, 2013
We currently have a site with a very simple topology that uses a 3750X switch stack for a collapsed core. Everyday, the users have a conference call and experience poor voice quality.Its not bad when users call from several conference phones, but when everyone calls in on individual phones, there is choppy and almost inaudible voice quality experienced. The voice traffic flow would be as follows: Phone <-> 3750 switch <-> Voice GW We have packet captures showing that RTP packet loss is occuring from the phone to the voice gateway, but none from the voice gateway to the phones. We also have drops in the output queues that match drops on the asics. I can reset the counters and they will be clear until the call, and then they increment significantly during the call. The voice gateway and phones are non-Cisco. The switch stack has 6 switches. We are trusting the DSCP settings on the phones. All the queue drops from the phones are usually in queues 0-3, but all drops on the voice gateway is in queue 0. Below are the QoS settings; they are mostly default and we have not changed any queuing, thresholds, or buffers. Should we specify larger buffers and threshold for a designated queue and send EF traffic to that queue?
MySwitch#sh mls qos
QoS is enabled
QoS ip packet dscp rewrite is disabled
Typical Port
GigabitEthernet1/0/4
trust state: trust dscp
[code].....
View 1 Replies
View Related
Dec 6, 2011
Vlan interface would be dropping packets on the input queue? Refer to the drops/flushes below. This is from a 6500 with a Sup720, there are a number of vlans on it. This 6500 and it's HSRP partner are exhibiting the same symptoms on all the vlans I bothered to check. This particular vlan is quite lightly used, there are only about fifteen user PC's (each with 100 Mb interfaces) on it.
There is a bit of information on input queue drops on Cisco, but this is focused on physical interfaces where I can understand some packets being dropped. I would think that Vlan interfaces would have different issues.I note the "no buffer" errors as well, that also concerns me, especially as that counter is quite close to the "flushes".
Vlan123 is up, line protocol is up Hardware is EtherSVI, address is 00d0.04fd.6000 (bia 00d0.04fd.6000) Description: Vlan123 Internet address is 10.123.123.7/24 MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive not supported ARP type: ARPA, ARP Timeout 04:00:00
[Code] .......
View 3 Replies
View Related
Nov 9, 2011
i have issues logging into one of our core switches.its a 6509 switch but i cannot log in remotely.when i try to console in on the console port, i cannot log in instead i get the above error message.I haven't rebooted yet but would it solve the problem as this switch is a production switch.
View 6 Replies
View Related
May 29, 2013
We're having some issues with a 3560 CPE. It's uplink is a GE fiber link, customer port is FE RJ45. We see a lot of TX-frames being dropped at the FE port,but none at the GE port. Even when the customer is only at ~50Mbit/s downstream traffic. When customer sending ~50Mbit/s upstream, there are no TX- drops at the GE link. Is this a normal behaviour? From what I know the physical medium shouldn't have any inpact on this since drops occurs in the port- asic, and not in physical transmission.Do the buffer-sizes between GE and FE differ? What could we do to optimize the flow and reduce drops? QoS is set to off and no modifications on the queues have been made on the interfaces.
View 8 Replies
View Related
Mar 9, 2013
I can see drops on the 6509 Queue for interface gi1/6 , qos is disabled globaly with qos disabled all packets are in one Queue using best effort my question is if I can see drops using the sh queueing int Gi1/6 command why I am not seeing any drops when I run the Sh int (interface number ) command. [code]
View 7 Replies
View Related
Apr 3, 2013
we have two 6509E, as our core switches. Recently I noticed that on some connections I have a high output queue drop rate.
These 4 x 2 interfaces (gigabit) are connected to our blade encolure, consisting of 4 x WS-CBS3120X-S. The utilization of the links is really quite low, when I see the increase of the drops. (~=60Mbps). All the links are fiber (SFP) and the distance between the core switches and the enclosure is about 15-20m.
I am not aware of any service degradation on the part of the servers. No CRCs, collisions etc, on the interfaces, apart from the drops.
The line card is a WS-X6748-SFP, but other interfaces don't seem to be experiencing any problems.
View 2 Replies
View Related
Nov 19, 2012
i have a 3560 connecting to a sp with limited bandwidth. i have one interface on the switch whose traffic i do not want to drop. i want this traffic to go into the high priority queue. i am not sure how this should be configured, but here is my best guess and my current qos configuration on the switch:
qos map cos-dscp 0 8 16 26 32 46 48 56
mls qos srr-queue output cos-map queue 1 threshold 3 5
mls qos srr-queue output cos-map queue 2 threshold 1 4 6 7
mls qos srr-queue output cos-map queue 2 threshold 2 3(code)
since cos 5 is mapped to dscp 46 then this traffic would go into the priority queue. is this correct ?
View 7 Replies
View Related
Jan 14, 2013
We're having kind of a problem with our Catalyst 4507r switches. If we do a "show interface" command we're getting a lot of "Total output drops" on some of our interfaces. It seems to be most of the time on the same vlan.I was wondering if it has got something to do with QOS or queue selection As we don't have any QOS markings configured, is it possible that all traffic is using only one of the four tx queue's?
View 4 Replies
View Related
Jun 17, 2012
What does RP drops entail? We are experiencing 0.23 % drops on an vlan int on one of our 6500. This interface is an L3 to a server-subnet. Doing a sh int vlan 238 switching shows 30935411 RP (Route Processing) drops.It was a bit unclear to me in the thread "Input queue drops on 6500 vlan interface" if RP drops was through the router, or to the router(mgmnt)?I can do a netdr to see what traffic goes to it. It should not generate CPU load, but I think I will wait until after hours before I try that command.
- do NETDR:
-- debug netdr cap rx vlan 238
-- show netdr cap
View 5 Replies
View Related
Mar 8, 2012
I am working on a QoS design which I hope to test at some point, but at this stage its from the books.My question is how to decide which queue and threshold to use for video traffic, then lower priority traffic.I understand the shaping and sharing commands, its the queuing and threshold bit I'm not clear on.The plan is to use the priority-queue for EF marked voice, this will be policed on ingress to provide an upper limit to EF traffic levels, then my second priority traffic will be video. Which queue will get serviced first once the priority queue is empty, and how do I decide which threshold to allocate my video traffic to? The document ion is not at all clear, I want to prioritse my traffic in the following order:
1 voice, use the priority queue
2 video, this to get serviced ahead of data, after voice.
3 interactive data
4 Bulk data
5 Best effort
So Q1 settings are ignored due to priority queue. Q2 gets 70%, Q3 25% etc.Is it as simple as putting video into Q2 T1, then interactive data into Q2 T2, will Q2T1 get a higher priority over Q2 T2 once the PQ is serviced?
View 4 Replies
View Related
Apr 16, 2012
I've been working on breaking down and understanding the default auto qos configuration on a Cisco 3750 in the hopes of putting together a QoS strategy that will fit our environment. I'm having some difficulty understanding how the "mls qos queue-set output" syntax works.
From another post, at [URL], the author offers the following example and explanation;
mls qos queue-set output <1/2> threshold 2 400 400 100 400thresshold 1: 400%
thresshold 2: 400%
thresshold 3: 100% (implicit, not configurable)
reserved: 100%
max: 400%
However, I'm having trouble understanding what is meant. Here, it looks like it's saying, for example;
mls qos queue-set output 1 threshold 2 400 400 100 400
How come there is syntax stating "threshold 2" when in the succeeding part the 400 refers to thresshold 1 and threshold 2 again? The syntax 400 400 is, apparently, already referring to thresshold 1 and 2, no?
View 1 Replies
View Related
Feb 25, 2013
I have a connection that is loosing packets, my show interface output below summarises the interface where i believe the problem is occuring. My Hardware is 6509 running 12.2
View 1 Replies
View Related
Dec 13, 2011
After opening up Solarwinds NPM, I noticed that a few of my interfaces had lots of discards (who knows how long it's been sets the counters were reset)
interface GigabitEthernet1/0/25description Etherchannel to MamaCassswitchport trunk encapsulation dot1qswitchport mode trunkswitchport nonegotiatepriority-queue outchannel-group 4 mode on
interface GigabitEthernet2/0/25description Etherchannel to MamaCassswitchport trunk encapsulation dot1qswitchport mode trunkswitchport nonegotiatepriority-queue outchannel-group 4 mode on
interface Port-channel4switchport trunk encapsulation dot1qswitchport mode trunkswitchport nonegotiate,It looks as if priority-queue was configured outbound on these interfaces, could this be the cause of the transmit discards which are now up to 79,835, I just reset the counters on the interfaces a little while ago.
I'm not the best in the world when it comes to QoS, we do have some VoIP phones, but they are only a specific network, and do not travel outside, since there are used mainly for VoIP training. I do know both interfaces are running the default of FIFO.
View 1 Replies
View Related
Feb 25, 2013
If I have an interface configured as follows (on a Cisco 3750 Switch)
Interface gi 1/0/24
Bandwidth 100000
And then added the following command
srr-queue bandwidth limit 40
Would the result be 40% of the physical 1Gbps interface or 40% of the 100Mbps Bandwidth set under the interface bandwidth command.
View 2 Replies
View Related
Feb 16, 2012
When configuring QoS on 3750s/3560s, we're mapping packets to particular interface output queues with commands such as: [code] The command to see what's actually being enqueued, dropped, etc. is: [code]
Note that these queues are numbered 0 - 3, and not 1 - 4. We've been assuming that the first queue number in the "mls qos" (i.e., 1) command maps to the first queue (i.e., 0) in the "show mls qos" command.
View 1 Replies
View Related
Feb 4, 2013
my 3750-E Core Stack is connected to the Provider Router and is the DG for the internal LAN. I saw that the CPU is very high also in the night, but I found not the problem. I use an SVI to connect the provider due to HA reasons. I sniffered the network but saw no ecessive broadcaststorms. There was a PBR configured but I deleted it wihtout any success..
switch Version
15.0(1)SE1
10#sh proc cpu so
[Code]......
View 6 Replies
View Related
Oct 1, 2011
We added Site02 for redundancy and DR. Also added new SAN and ESX hosts. The CPU on device Site01Server01 is not very happy when files are being transferred between the sites. Since the setup is the same at both sites, why is the problem only at site01?
Site02 is newer and we have two 3750X-24 with IOS 12.2(55)SE3 on ipservices, for site02server01; no problem.
Site01server01 is a stack of two 3750G-24PS with IOS 12.2(58)SE on ipservices.
[Code]....
View 5 Replies
View Related
Jan 17, 2013
Cisco... Have two new 3750X switches (24P-L, and 48PF) trying to stack. Brought them up together a few weeks ago with the 24P using LANBase and the 48 IPBase. The expected happened. They saw each other in the stack ring, and the 24 port was excluded due to license miss match. This was corrected. Now both are IPBase.Now I have the two switches stacked, and boot the 48 and 24 at the same time. Monitoring the 48 I get a check message "FIPS: Flash key check: End, Not found. FIPS: Stacking Not Found". The 48 does confirm the stack cable is connected. This happens early in the boot process, before master election.OK.... Now looking at the 24 Port. After applying the new license, and actually booting successfully and few times. It will no longer load the boot file. Wants an environment variable. Going to have to dig into ancient history for that. Had to deal with that one about 8 years ago. Do not feel that is part of the stack disable issue though.
View 2 Replies
View Related
May 31, 2012
i am not sure if this is something with my DHCP setup or not, but it certainly seems to be the culprit. I am running a 3560G and using it as DHCP and to do V LAN routing (Geiger protocol). I have 10 pools configured with a few static addresses per pool. Now to get down to the problem. I have a computer (and this problem seems to be a gremlin as it changes what computer is affected quite often) that will connect, get its IP, immediately disconnect, then send out a DHCP req again. The computer has a static assignment in the pool, and for the brief second that it connects, it gets the right address. If i move the computer to another v lan, all works right. If i delete the static entry it will get an address in the right v lan no problem. The command i have been using to add static entries is:
address xxx.xxx.xxx.xxx client-id 01xx.xxxx.xxxx.xx
That seems to have been working on all my static routes except for a bank of computers in vlan3. I have went as far as to delete the pool and recreate it, heck i even recreated the v lan and i am still having issues. Below are some snippets of the running config for review.
The DHCP Pool for the affected LAN:
ip dhcp pool Dev3
network 192.168.3.0 255.255.255.0
boot file bootx86wdsnbp.com
next-server 192.168.1.78
dns- server 192.168.1.8 192.168.1.78
[Code] .....
View 4 Replies
View Related
Jul 26, 2011
Yesterday Cisco released IOS 15 code into the wild for the 2960 and 3560/3750 families but the link to the release notes is not working. Because I already have a whole bunch of 4500/Sup7's running IOS 15 I am thinking about taking the plunge with 30 3750-X's I have on order but want to review the release notes first. where they might be hiding?
View 4 Replies
View Related
Apr 6, 2013
does cisco switch 3560 or 3750 supports MC-LAg ? if yes, then on what IOS? if no, then what are the devices which supports MC-lag?
View 1 Replies
View Related
Feb 1, 2012
I am working in an enterprise LAN environment. We have about 100 switches, mostly 3560 and 3750's. This is a typical Cisco network, yet it's flat. No routing on the access layers. The core switch does do the routing. We use an third party vendor network monitoring tool, and we use Secure CRT to remote into devices.
Here's the problem. There was a device we stumbled into that had not been put into our monitoring software. It has the same IOS as our other devices. All I can say is that it's the same version and type. Each device has a management v LAN. And each device has it's own management IP. An ACL exists to prevent unauthorized SSH access into the devices, yet allows the management v LAN scope to get in.
So, here's the problem...we can't SSH into our problem mystery device, let's call it Switch X. Switch X has an IP of 10.10.100.150. Now, I can be logged into it's up link device, let's call it switch B. Switch B has an IP of 10.10.100.130. The ACL allows all devices from 10.10.100.0/24 to SSH. Our PC's at our desk are also in the same management V LAN. SSH version 2 is on the configs, and the domain names are the same on these two devices.
So, let's be clear. From my desktop, I can connect to any device on my network EXCEPT switch X. When I try to connect using SSH, port 22...it just sits there until it times out. I can do the same thing to any other switch, and connect just fine. We are using TACACS+ and RADIUS as well, and they are up and running just fine. The configs on Switch X like I said are the same for switch B, except it's IP address of course. While logged into switch B, I can do a CDP neighbor and see switch X connected via trunk link. Both sides are running dot1q encapsulation, and both are in trunk mode. I can ping switch X from switch B. When I try to SSH from B to X..I get timeout with no connection.
So, I hiked over to the building where switch X is located. I consoled into the switch. I confirmed that the ACL is the same as the ACL for switch B. It is set up to allow the management v lan inbound on the VTY 0 - 15. Yes, it's access-class (name) in on both vty 0 4 and 5 15. It also is set up for transport ssh in and transport ssh out.
I rechecked the domain name on Switch X; it was correct. I also did a crypto key and regenerated the crypto key. SSH v2 came up. Again, while in Switch X, I can do a CDP neighbor and see switch B. But I cannot SSH from switch X to Switch B, or any other devices that I tried. Now, we did find a config error with VTP; the VTP domain name was different. But VTP has nothing to do with SSH. Just to placate my co-workers, I went ahead and renamed the VTP domain name (it's running transparent mode). After I regenerated the crypto key, I saved everything of course. I then reloaded the switch. When all came back up, I still could not SSH
This is a 3560 switch, and it is trunk to a 3750.
View 13 Replies
View Related
Feb 19, 2013
We have a couple of Cisco switches and connected a (Windows 7) laptop to one of them and it gets its IP address from a DHCP server.I can now ping the IP from all of the switches, no problem, also not when I log on to the core switch in the same VLAN as both notebooks. But from my (Windows 7) laptop, which is in the same VLAN as the target laptop, I cannot ping it.
I checked, default gateway is good on both sides, as are DNS servers.
Target notebook ---- Catalyst 3560 V2 switch === Core Catalyst 3750 switch (stack) === Catalyst 3560G switch --- My notebook
View 4 Replies
View Related
Jun 14, 2010
We have ip arp inspection and dhcp snooping enable in couple of 3750 and 3560 switches. Everything works fine, excepted few case that DAI packet rate trigger and errdisable the port. Later on we found out that most of computer that trigger DAI is Windows 7 and especially when they are in sleep mode. Not sure if anyone experiencing it with Windows 7. Also we have it rate limit at 64.
View 2 Replies
View Related
Nov 13, 2012
I have a 3750 as a core and have a series of HP Procurve switches that are daisy chained using one port. I have two vlans on the port now (6 &9) and everything works fine, all switches communicate and end devices on the switches are also talking. There is a requirement to add a device towards the end of the chain which requires it to connect using Vlan1. Once I add Vlan1 to the port onthe 3750 I lose connectivity to all the HP switches.
View 4 Replies
View Related
May 15, 2011
I am seeing Interface output drops that appera to be incorrect. When I do "Show Interface gi1/0/20", I will get interface output drops of "4294961382". But, when I do the same command again it shows "0" drops. Is this a reporting error? I am ruinning c3750-ipservicesk9-mz.122-58.SE.bin on a 3750 stack with 2 switches in the stack. [code]
View 10 Replies
View Related
Mar 13, 2013
One of my Catalyst 3750 switch have many out drops, I execute "sh mls qos int g2/0/3 statist" command, there are many output drops in queue3 threshold3. [code]
View 8 Replies
View Related
Mar 5, 2013
our C3750 like the one described here [URL]
We have the port on the switch set like this:
switchport port-security maximum 25
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
In case a device connected to the port is inactive for more than 2 minues ( aging time ) the first frame/packet the device generates arrives to the port on the switch, but the switch does not forward it to the appropriate port ( discards it or whatever ).
So far I tested on
1 30 WS-C3750E-24PD 15.0(2)SE2 C3750E-IPBASEK9-M
2 30 WS-C3750E-24PD 15.0(2)SE2 C3750E-IPBASEK9-M
3 52 WS-C3750G-48PS 15.0(2)SE2 C3750-IPBASEK9-M
[Code].....
When we remove port security from the port, it works perfectly fine, as expected.
It seems this is not HW or IOS version related. It seems it is not a stack synchronization issue, it does not matter if a device is connected to the first or other stack member. I tested on C3560 too, here there are no problems, so seems it is 3750 related.
View 1 Replies
View Related
Nov 24, 2010
I understand on older IOS codes If the same hsrp group number is assigned to multiple standby groups, it creates a non-unique MAC address. Is this true on newer codes like 12.2(52)SE for 3750 & 3560?
View 4 Replies
View Related
