Cisco WAN :: Input Queue Drops On 6500 VLan Interface?
Dec 6, 2011
Vlan interface would be dropping packets on the input queue? Refer to the drops/flushes below. This is from a 6500 with a Sup720, there are a number of vlans on it. This 6500 and it's HSRP partner are exhibiting the same symptoms on all the vlans I bothered to check. This particular vlan is quite lightly used, there are only about fifteen user PC's (each with 100 Mb interfaces) on it.
There is a bit of information on input queue drops on Cisco, but this is focused on physical interfaces where I can understand some packets being dropped. I would think that Vlan interfaces would have different issues.I note the "no buffer" errors as well, that also concerns me, especially as that counter is quite close to the "flushes".
Vlan123 is up, line protocol is up Hardware is EtherSVI, address is 00d0.04fd.6000 (bia 00d0.04fd.6000) Description: Vlan123 Internet address is 10.123.123.7/24 MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive not supported ARP type: ARPA, ARP Timeout 04:00:00
[Code] .......
I can see drops on one of our busy L3 vlan in the input queue and are going up very frequently.System image file is "sup-bootflash:s72033-psv-mz.122-18.SXD3.binHardware = 6509
I feel that 3560 and 3750 perform differently with the following two commands:
srr-queue bandwidth shape 5 0 0 0 srr-queue bandwidth limit 50 On 3750, the bandwidth for queue 1 is limited to 100mbps x 50% / 5 = 10mbps On 3560, the bandwidth for queue 1 is limited to the smaller value of BW / shape weight and BW x limit%.
Does it sound about right? is there a way to check for mls qos input queue drops? The show mls qos interface xxx stat only shows the output queue drops. Maybe for some reason the input queue never drops?
All devices are interconected via optical 1Gb/s links. There is no QoS implemented on any device and all VLANs are allowed on all interfaces. Also all links are trunks (with many VLANs)
In LAN1 there was a layer 2 broadcast-storm and 4000packets/s was comming to rest of the network (in one particular VLAN).
1) 7200 with G1 should be able to handle traffic up to 500Mb/s, but a lot of users experienced drops on traffic via 7200. (CPU load was around 10%).
2) Why do I have input drops on 7200 on link toward 6500 if CPU was normal. Broadcast comming to this interfaces were cca 4kpps. But since it's destination is not on router these packets should be rejected on interface controller. Is that right? (7200 doesn't even has dot1q subinterface in that VLAN but since 6500 allow all VLANs on its trunk these packets reach 7200)
3) Why do I have output drops on Cisco 6500 (it is here as layer 2 device only)? It is max 160Mb/s in output direction. It has WS6724 card with DFC (there is no oversubscription).. Shouln't 6500 send traffic as fast as interface allows (up to 1Gb/s). Am I righ't?
4) After all how coul'd 6500 now if 7200 can't handle these traffic?Output drops should be only seen if QoS is enabled (i.e. shaping), or if there is oversubscription on the linecard?
What does RP drops entail? We are experiencing 0.23 % drops on an vlan int on one of our 6500. This interface is an L3 to a server-subnet. Doing a sh int vlan 238 switching shows 30935411 RP (Route Processing) drops.It was a bit unclear to me in the thread "Input queue drops on 6500 vlan interface" if RP drops was through the router, or to the router(mgmnt)?I can do a netdr to see what traffic goes to it. It should not generate CPU load, but I think I will wait until after hours before I try that command.
- do NETDR: -- debug netdr cap rx vlan 238 -- show netdr cap
I have an issue with input errors, overruns, and input reset drops on the inside interface of an 5580-40 (v8.2.5: Transparent mode) The box is not stressed at all according to the 'show' commands in the Cisco troubleshooting performance document for PIX/ASA v8.2.5. Nothing stands out because is pretty much normal, nothing (processes, RAM, blocks, IO...) really being highly utilized. I have replaced the 10Gig card and that seemed to work because the rate of errors has gone down tremedously. The next step is to RMA the whole box.My question is what would be the cause of the inside interface to stop processing traffic (I say that because the syslog server stops receiving messages) for some periods of 30 seconds periodically throughout the day and clients lose their connections (ie Outlook, IBM Sametime, Oracle, MSSQL..etc). Can the issue be somewhere related to the overruns and input errors?
i have issues logging into one of our core switches.its a 6509 switch but i cannot log in remotely.when i try to console in on the console port, i cannot log in instead i get the above error message.I haven't rebooted yet but would it solve the problem as this switch is a production switch.
Is it possible for me to create 2 vlan interfaces on the 6500 and have them both in the same subnet?
For a specific customer requirement I would like to have a vlan interface on the 6500 as default gateway, sat in it's own vrf, and then route all traffic inbound and outbound to this vlan through the FWSM interface, preferably in the same subnet. I don't think this will be possible so just looking for confirmation either way.
As I will be running EIGRP between a pair of central 6500's and 2 remote offices it will make things much easier for me advertise the connected FWSM interfaces in to EIGRP for access in/out of all my VRF'd subnets. If I need another subnet for each VRF FWSM next hop then I'll have to reditribute a list of statics which I don't really want to do.
The reason I am not just using the FWSM as gateway is because I need to run HSRP across 3 different devices (another 6500 in a second suite), and failover FWSM will only give me 1 level of redundancy for those gateways.
we have applied route-map on vlan interface in the form:
ip access-list extended TEST permit ip 172.16.1.128 0.0.0.127 172.16.0.0 0.0.255.255 route-map TEST permit 10 match ip address TEST set ip next-hop 172.16.111.1 interface Vlan11 ip policy route-map TEST
The problem is in the traffic matching by the rule - there is matches not only for 172.16.0.0/16 prefixes but for the whole traffic in that VLAN.
I have a really weired thing happening on 6509 device with one of my customers.The device has a SUP 2 (MSFC2) with version 12.2.18SXF17B.
any VLAN interface once administratively down or simply down shows on "show interface status" output as VLAN.While it supposed to show "Routed". However once the port is up it is shows "routed" like it should.
I have a 3750X-24T in our production environment that is showing very high number of OQD's in the 'show int sum' output for 4 of the Gigabit interfaces; the interfaces are each in a seperate port channel and there are no OQD's for the relevant port channel and there are no output drops showing in the output for the 'sh int' command for each interface.
The following are the OQD's for the relenvant interfaces Gi1/1/1: 0 Gi1/1/2: 0 Gi1/1/3: 0 Gi1/1/4: 0 Gi2/1/1: 4252879251 Gi2/1/2: 4251090833 Gi2/1/3: 4251754140 Gi2/1/4: 4294942102 Po1: 0 Po2: 0 Po3: 0 P04: 0
Gi1/1/1 and Gi2/1/2 assigned to Po1, and so on. IOS version: C3750E-IPBASEK9-M 12.2(58)SE2
We currently have a site with a very simple topology that uses a 3750X switch stack for a collapsed core. Everyday, the users have a conference call and experience poor voice quality.Its not bad when users call from several conference phones, but when everyone calls in on individual phones, there is choppy and almost inaudible voice quality experienced. The voice traffic flow would be as follows: Phone <-> 3750 switch <-> Voice GW We have packet captures showing that RTP packet loss is occuring from the phone to the voice gateway, but none from the voice gateway to the phones. We also have drops in the output queues that match drops on the asics. I can reset the counters and they will be clear until the call, and then they increment significantly during the call. The voice gateway and phones are non-Cisco. The switch stack has 6 switches. We are trusting the DSCP settings on the phones. All the queue drops from the phones are usually in queues 0-3, but all drops on the voice gateway is in queue 0. Below are the QoS settings; they are mostly default and we have not changed any queuing, thresholds, or buffers. Should we specify larger buffers and threshold for a designated queue and send EF traffic to that queue?
MySwitch#sh mls qos QoS is enabled QoS ip packet dscp rewrite is disabled Typical Port GigabitEthernet1/0/4 trust state: trust dscp
We are having Cisco ASA 5540 having Cisco Adaptive Security Appliance Software Version 8.0(5)23 at certain time of moment daily wer are facing latency and packetdrop wherin when I checked for ASA Interface which gives me " Input Errors" on outside interface ,so can any one tell me what are the causes to get input errors on cisco asa outisde interface.
One one of our Cisco 6509s I've globally enabled QoS and set a port to "trust cos". However when I look at the queueing for that interface, I notice that the receive queue thresholds have not changed to the default.
I'm kind of new to QoS so I'm not sure if I'm missing something.
We are using a Cisco 6509 running 12.2(33)SXI3 using the WS-X6724-SFP card. I thought I'd be seeing the default tail-drop thresholds, but instead I still see the defaults as if QoS were not enabled:
Queueing Mode In Rx direction: mode-cos Receive queues [type = 1q8t]: Queue Id Scheduling Num of thresholds
I can see drops on the 6509 Queue for interface gi1/6 , qos is disabled globaly with qos disabled all packets are in one Queue using best effort my question is if I can see drops using the sh queueing int Gi1/6 command why I am not seeing any drops when I run the Sh int (interface number ) command. [code]
we have two 6509E, as our core switches. Recently I noticed that on some connections I have a high output queue drop rate.
These 4 x 2 interfaces (gigabit) are connected to our blade encolure, consisting of 4 x WS-CBS3120X-S. The utilization of the links is really quite low, when I see the increase of the drops. (~=60Mbps). All the links are fiber (SFP) and the distance between the core switches and the enclosure is about 15-20m.
I am not aware of any service degradation on the part of the servers. No CRCs, collisions etc, on the interfaces, apart from the drops.
The line card is a WS-X6748-SFP, but other interfaces don't seem to be experiencing any problems.
We're having kind of a problem with our Catalyst 4507r switches. If we do a "show interface" command we're getting a lot of "Total output drops" on some of our interfaces. It seems to be most of the time on the same vlan.I was wondering if it has got something to do with QOS or queue selection As we don't have any QOS markings configured, is it possible that all traffic is using only one of the four tx queue's?
My router, a Cisco 7204 with NPE 300, is experiencing output drops and input errors on a fastethernet interface. I have a 100Mbps connection with less than 15Mbps utilization at peak times.
FastEthernet1/0 is up, line protocol is up Hardware is DEC21140, address is 0014.a985.1a1c (bia 0014.a985.1a1c) Internet address is 38.102.66.134/30 MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 3/255, rxload 1/255
I found increasing of total output drops and output queue drops even input rate was low and no qos apply on this interface. I plan to increase hold queue out for output queue.
Router 1941, 15.0(1)M4 Serial0/0/0 is up, line protocol is up Hardware is WIC MBRD Serial
I've been fighting what seems to be an increased number of outqueue drops on our core stack and edge switches for the last 3 or 4 weeks.(The core consists of a stack of 5 3750s in 32-gig stack mode. The wkgrp switches are 3560s. all are at 12.2.52) The wkgrp switches are directly connected to users. We use Nortel IP phones with the phone inline with the user PC. auto-neg to 100/full. [code] However I have tried turning off QOS on a couple of workgroup switches (no mls qos, but left individual port configurations the same) but am still seeing drops.Since I have disabled qos on the switches in question (no mls qos) (not the core tho) I am presuming these commands have no affect on the switch operation and therefore cannot be related to the problem. With QOS turned off one would presume that it is general congestion - especially at the user edge where busy PC issues might contribute. So I wanted to see if I could see any instances of packets in the output queues building up.
I wrote some scripts and macros that essentially did a snapshot of 'show int' every 20 seconds or so, and looked for instances of 'Queue: x/' where x was greater than zero.What I found after several days of watching the core stack, and a few of the workgroup switches that are most often displaying the behavior, was that I NEVER saw ANY packets in output queues. I often saw packets in Input queues for VLAN1, once in a great while I would see packets on input queues for fa or Gi interfaces, but NEVER on output queues. [ code] Additionally, when I look (via snmp) at interface utilization on interfaces showing queue drops (both core and wkgroup), they are occurring at ridiculously low utilization levels (as low as 4 to 8%). I've tried to look for microbursts between the core and a wkgroup switch where the core interface was experiencing drops, but haven't seen any (using observer suite). [code] While the queue-drop counts aren't critically high at this point, they are happening more frequently than in the past and I would like to understand what is going on... In most cases, no error counters are incrementing for these interfaces. Is there some mechanism besides congestion that could cause output queue drops?
I have a connection that is loosing packets, my show interface output below summarises the interface where i believe the problem is occuring. My Hardware is 6509 running 12.2
What are recommended commands to get input for network documentation (for disaster recovery)?
I've got 6500 with these modules: WS-SVC-FWM-1, WS-SVC-IDSM-2, VS-S720-10G, WS-X6704-10GE, WS-X6748-SFP and dozens of WS-C3750E-48TD in couple of buildings.
I use an 1841 router as an internet facing firewall with a 10MB MetroE connection. Lately users started reporting slow internet download speeds and web pages timing out. Bandwidth reports do not show the link as being saturated so I looked at the interfaces on the 1841. The interface connected to the provider shows OK as far as errors but the LAN side of the router shows steadily increasing input errors. It doesn't show any other errors, no CRC, frame, runts, giants or overruns, just generic input errors. What type of errors are those? Nothing is being logged on the console.
I moved the connection to another switch ports and the errors continue. I switched it down to 10MB and also changed the switch and the errors slow down but don't stop. Interestingly, the switch side never shows any errors. What can I do here? I guess it can be a bad interface but that is such a rare thing that I am hesitant to replace the router.
(Under the physical interfaces it is ok)However on other SUP-IV I can see the real rate.
My questions are :
- Why the SUP-7E does not reflect the rate, whereas the SUP-IV does ?
- I have heard about the 'counter' command under the vlan interface to activate the rate counters. Is this command application has any side effect on the switch ?
We are facing since one month in our two Cisco WS-C3750G-12S on many interfaces input errors when data transer or ping (ICMP) increase input erros. Not only port 1 but many interface has same issue, i have change new IOS but still same issue, once i have erase startup config but same issue we are facing and finaly i have replace same new switch with the same IOS it's working fine.(c3750-ipservicesk9-mz.122-55.SE4.bin) [code]
My Expertise with Cisco ASA is Very less. I have observed Input errors in a Couple of Interfaces in Cisco ASA 5540 Firewall. [code] I need to Clear the Input errors on this particular Interface.Will Clear interface GigabitEthernet 0/0 will work?
I have a 2911 router connected to two different ISP. Is it posible to route traffic based on what interface the traffic came first?Lets say I have the deault route to use interface gig0/0(ISP1), but a certain ip packet reach the router by interface gig0/1(ISP2). Is there any way (if possible without using source NAT) that I could route traffic back to that ip address using interface gig0/1. The source Ip addresses are not fixed, so I can not use Policy Based Routing.
Why packets overrun are incrementing on the ASA even when I've only 40Mbps of throughput traffic?All interface are 1000- Full Duplex, both on ASA and on Catalyst3750.I've test the ASA5540 generating GET HTTP, about 40Mbit of traffic.When I use one ingress interface and one egress interface, interface input overrun counter is zero.When I use the same traffic with 3 ingress interfaces(slot0) and 3 egress interfaces(slot1), interface input overrun counter increase(60k overrun in only 2 minutes).
Our customer get the problem that the switch count the 5mins input/output rate of connected traffic interface always ZERO.The problem only occur in the module 3,4 and 5 interface, module 2 has no problems.
------------------------------------------------------------------------------------------------- Catayst 4506E 12.2(52)SG Chassis Type : WS-C4506-E Power consumed by backplane : 0 Watts Mod Ports Card Type Model Serial No.---+-----+--------------------------------------+------------------+-----------1 6 Sup 6-E 10GE (X2), 1000BaseX (SFP) WS-X45-SUP6-E 2 48 10/100/1000BaseT (RJ45) WS-X4548-GB-RJ45 3 48 10/100/1000BaseT (RJ45) WS-X4648-RJ45-E 4 48 10/100/1000BaseT (RJ45) WS-X4648-RJ45-E 5 48 10/100/1000BaseT (RJ45) WS-X4648-RJ45-E
I have been making effort to solve frequent input errors of module interface(WS-X4548-GB-RJ45) in our Backbone Switch(Cat4506).Let me show you show interface information.Rx-No-pkt-buff value is increased continuously even though traffic rate of interfaces is lower than 20Mbps.We have two Backbone Switch which is operated by HA via HSRP.What bring buffer shortage to our network ? [code]
