Re: Intermittent connection time-out between endpoints in the same EPG

tuanquangnguyen · ‎07-13-2022

Hi folks,

A client of mine is experiencing a "connection timed out" between endpoints in the same EPG. The issue happens infrequently.

Upon checking under EP tracker, most of the endpoint pairs reside under different vPCs (on the same Leaf pair).

There is no DPP, intra-EPG isolation nor micro-segmentation in place for this particular EPG. The interfaces (downlinks and in some cases, uplinks) are not oversubscribed according to their netmon tool. No CRC nor errors.

They did a session under "Visibility & Troubleshooting" tab, and under the Drops section they saw "Ingress Drop packets periodic", but under SVI for BD? Other than that, no other drops log is seen for the downlink interfaces. What would be the cause for "Ingress Drop packets periodic"?

ACI 3.2(4e) single-pod

Tarakesh Jetti · ‎07-22-2022

Hi Tuan,

Thanks for the question. Ingress drop packets may be due to QoS issues. I would like to know three things here.

1) Have you enabled QOS Policies in Cisco ACI?

2) Can you give me the output of the "Show interface ethX/X" on the impacted interfaces?

3) Also can you please share the screenshot ,by logging to the APIC GUI -Navigate to Tenant->Application profile->Click on EPG(Your EPG which has the issue)-> Policy->General?

"You can also learn more about ACI through our live Ask the Experts (ATXs) session. Check out Cisco ACI ATXs Resources: [https://community.cisco.com/t5/data-center-and-cloud-knowledge/cisco-aci-ask-the-experts-resources/ta-p/4394491] to view the latest schedule for upcoming sessions, as well as the useful references, e.g. online guides, FAQs."

Feel free to contact me if you have any question.

Thanks,

Tarakesh.

Customer Success Specialist – CXC APJC

Tarakesh Jetti · ‎08-01-2022

Hi Tuan,

Hope you are doing great. Like i said above, the issue seems related to QOS Policy.

If you don't see any abnormal logs on the impacted interfaces output or on the QOS policy defined in EPG. We would request you to open a TAC case, Where the concern team will be able to assist you and deep dive on this issue.

"You can also learn more about ACI through our live Ask the Experts (ATXs) session. Check out Cisco ACI ATXs Resources: [https://community.cisco.com/t5/data-center-and-cloud-knowledge/cisco-aci-ask-the-experts-resources/ta-p/4394491] to view the latest schedule for upcoming sessions, as well as the useful references, e.g. online guides, FAQs."

Feel free to contact me if you have any question.

Thanks,

Tarakesh.

Customer Success Specialist – CXC APJC

tuanquangnguyen · ‎08-09-2022

Hi Tarakesh,

There are no DPP configured (on neither EPG nor interfaces). I've checked with the client and it seems they are operating a really basic designed ACI fabric.

Recently it seems the situation has become more stable, so they're trying to get their APM reports to conclude.

Tarakesh Jetti · ‎08-11-2022

Hi Tuan,

Thanks for the information. Let me know if you need any help after you get the APM reports.

"You can also learn more about ACI through our live Ask the Experts (ATXs) session. Check out Cisco ACI ATXs Resources: [https://community.cisco.com/t5/data-center-and-cloud-knowledge/cisco-aci-ask-the-experts-resources/ta-p/4394491] to view the latest schedule for upcoming sessions, as well as the useful references, e.g. online guides, FAQs."

Feel free to contact me if you have any question.

Thanks,

Tarakesh.

Customer Success Specialist – CXC APJC