Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Networking
- Networking Blogs
- Is anything on my switch flagging congestion?
1194
Views
0
Helpful
4
Comments
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
08-25-2020
09:39 AM
So I'm having a weird issue on network where traffic is really slow. Doing packet captures, we've seen the ECN flag being triggered in TCP dumps between servers. We've checked the firewall and it's disabled. We're now looking at our switch as a potential device that could flag the network as congested, which is causing server-to-server traffic to slow down too. In reviewing the config of the switch, I don't see anything that would cause the problem. But would like to post the config to the support forums to see if I don't see it. Any help is appreciated.
this is a Cisco WS-4500X-16 running 03.09.01e152
switch4500#sh run
Building configuration...
Current configuration : 19348 bytes
!
! Last configuration change at 14:54:34 EDT Mon Aug 24 2020 by admin
! NVRAM config last updated at 12:00:02 EDT Fri Aug 21 2020
!
version 15.2
parser config cache interface
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service compress-config
service sequence-numbers
!
hostname switch4500
!
boot-start-marker
boot system flash bootflash:cat4500e-universalk9.SPA.03.09.01.E.152-5.E1.bin
boot-end-marker
!
!
vrf definition mgmtVrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
logging buffered 1024000
logging monitor critical
enable secret 5 asdffd
!
username admin privilege 15 secret 5 adfsdfd
aaa new-model
!
!
aaa group server radius Radius1
server-private 10.x.x.x key 7 081E184B103D2C35333350
ip vrf forwarding mgmtVrf
!
aaa authentication login default local group Radius1 enable
aaa authorization console
aaa authorization exec default local group Radius1
!
!
!
!
!
!
aaa session-id common
clock timezone EDT -5 0
clock summer-time EDT recurring
clock calendar-valid
!
switch virtual domain 1
switch mode virtual
switch 1 priority 110
mac-address use-virtual
!
!
!
!
!
!
!
!
!
!
!
no ip source-route
!
ip domain-name mycompany.org
ip name-server 10.x.x.150
ip name-server 10.x.x.151
!
!
login block-for 120 attempts 5 within 60
login on-failure log
login on-success log
vtp domain mycompany
vtp mode transparent
!
!
crypto pki trustpoint TP-self-signed-2017001
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2017001
revocation-check none
rsakeypair TP-self-signed-2017001
!
!
crypto pki certificate chain TP-self-signed-2017001
certificate self-signed 01
cert
quit
power redundancy-mode redundant
!
mac access-list extended VSL-BPDU
permit any 0180.c200.0000 0000.0000.0003
mac access-list extended VSL-CDP
permit any host 0100.0ccc.cccc
mac access-list extended VSL-DOT1x
permit any any 0x888E
mac access-list extended VSL-GARP
permit any host 0180.c200.0020
mac access-list extended VSL-LLDP
permit any host 0180.c200.000e
mac access-list extended VSL-MGMT
permit any 0022.bdcd.d200 0000.0000.00ff
permit 0022.bdcd.d200 0000.0000.00ff any
mac access-list extended VSL-SSTP
permit any host 0100.0ccc.cccd
archive
log config
logging enable
logging size 1000
notify syslog contenttype plaintext
hidekeys
path scp://netbackups:netbackups@10.x.x.145/NETWORK/switch4500
write-memory
!
spanning-tree mode rapid-pvst
spanning-tree portfast edge bpduguard default
spanning-tree extend system-id
spanning-tree vlan 1-4094 priority 24576
!
redundancy
mode sso
!
!
vlan 3
name vlan3
!
vlan 40
name vlan40
!
vlan 44
name vlan44
!
vlan 46-47
!
vlan 69
name vlan69
!
vlan 73-74
!
vlan 75
name vlan75
!
vlan 76
!
vlan 77
name vlan77
!
vlan 79
!
vlan 80
name vlan80
!
vlan 86,88-89,91
!
vlan 99
name vlan99
!
vlan 104
name vlan104
!
vlan 110-117,128
!
vlan 215
name vlan215
!
vlan 709
name vlan709
!
vlan 1000
name Management
lldp run
!
!
class-map match-any VSL-MGMT-PACKETS
match access-group name VSL-MGMT
class-map match-any VSL-DATA-PACKETS
match any
class-map match-any VSL-L2-CONTROL-PACKETS
match access-group name VSL-DOT1x
match access-group name VSL-BPDU
match access-group name VSL-CDP
match access-group name VSL-LLDP
match access-group name VSL-SSTP
match access-group name VSL-GARP
class-map match-any VSL-L3-CONTROL-PACKETS
match access-group name VSL-IPV4-ROUTING
match access-group name VSL-BFD
match access-group name VSL-DHCP-CLIENT-TO-SERVER
match access-group name VSL-DHCP-SERVER-TO-CLIENT
match access-group name VSL-DHCP-SERVER-TO-SERVER
match access-group name VSL-IPV6-ROUTING
class-map match-any VSL-MULTIMEDIA-TRAFFIC
match dscp af41
match dscp af42
match dscp af43
match dscp af31
match dscp af32
match dscp af33
match dscp af21
match dscp af22
match dscp af23
class-map match-any VSL-VOICE-VIDEO-TRAFFIC
match dscp ef
match dscp cs4
match dscp cs5
class-map match-any VSL-SIGNALING-NETWORK-MGMT
match dscp cs2
match dscp cs3
match dscp cs6
match dscp cs7
!
policy-map VSL-Queuing-Policy
class VSL-MGMT-PACKETS
bandwidth percent 5
class VSL-L2-CONTROL-PACKETS
bandwidth percent 5
class VSL-L3-CONTROL-PACKETS
bandwidth percent 5
class VSL-VOICE-VIDEO-TRAFFIC
bandwidth percent 30
class VSL-SIGNALING-NETWORK-MGMT
bandwidth percent 10
class VSL-MULTIMEDIA-TRAFFIC
bandwidth percent 20
class VSL-DATA-PACKETS
bandwidth percent 20
class class-default
bandwidth percent 5
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Null0
no ip unreachables
!
interface Port-channel1
description Uplink to Nexus 3k (Rack 1-3)
switchport
switchport mode trunk
!
interface Port-channel2
description Uplink to Nexus 3k (Rack 1-5)
switchport
switchport mode trunk
!
interface Port-channel3
description Uplink to Nexus 3k (Rack 2-4)
switchport
switchport mode trunk
!
interface Port-channel15
description Uplink to switch4500-02
switchport
switchport mode trunk
switchport nonegotiate
switch virtual link 2
!
interface Port-channel16
description Uplink to switch4500-02
switchport
switchport mode trunk
switchport nonegotiate
switch virtual link 1
!
interface Port-channel31
description poc31
switchport
switchport trunk allowed vlan 77,215
switchport mode trunk
!
interface Port-channel32
description poc32
switchport
switchport trunk allowed vlan 77,215
switchport mode trunk
!
interface Port-channel33
description poc33
switchport
switchport trunk allowed vlan 77,215
switchport mode trunk
!
interface Port-channel34
description poc34
switchport
switchport trunk allowed vlan 77,215
switchport mode trunk
!
interface Port-channel35
description poc35
switchport
switchport trunk allowed vlan 77,215
switchport mode trunk
!
interface Port-channel36
description poc36
switchport
switchport trunk allowed vlan 77,215
switchport mode trunk
!
interface Port-channel37
description poc37
switchport
switchport trunk allowed vlan 77,215
switchport mode trunk
!
interface Port-channel38
description poc38
switchport
switchport trunk allowed vlan 77,215
switchport mode trunk
!
interface Port-channel39
description poc39
switchport
switchport trunk allowed vlan 77,215
switchport mode trunk
!
interface Port-channel41
description poc41
switchport
switchport access vlan 99
switchport mode access
!
interface Port-channel42
description poc42
no ip address
!
interface Port-channel43
description poc43
no ip address
!
interface Port-channel44
description poc44
no ip address
!
interface Port-channel45
description poc45
no ip address
!
interface Port-channel46
description poc46
no ip address
!
interface FastEthernet1
vrf forwarding mgmtVrf
ip address 10.x.x.121 255.255.255.0
speed auto
duplex auto
!
interface TenGigabitEthernet1/1/1
description Uplink to C3048-3
switchport mode trunk
channel-group 1 mode active
!
interface TenGigabitEthernet1/1/2
description Uplink to C3048-5
switchport mode trunk
channel-group 2 mode active
!
interface TenGigabitEthernet1/1/3
description Uplink to 4948-5
switchport mode trunk
channel-group 3 mode active
!
interface TenGigabitEthernet1/1/4
description Uplink to C3048-0
switchport mode trunk
!
interface TenGigabitEthernet1/1/5
description Uplink to C31108-0
switchport mode trunk
!
interface TenGigabitEthernet1/1/6
description N5P1
switchport access vlan 99
switchport mode access
!
interface TenGigabitEthernet1/1/7
switchport access vlan 99
switchport mode access
!
interface TenGigabitEthernet1/1/8
description N6P1
switchport access vlan 99
switchport mode access
!
interface TenGigabitEthernet1/1/9
description N3P1
switchport access vlan 99
switchport mode access
channel-protocol lacp
!
interface TenGigabitEthernet1/1/10
description Uplink to HP Chassis
switchport trunk allowed vlan 3,40,44,46,47,69,73-77,79,80,86,88,89,91,99,104
switchport trunk allowed vlan add 110-117,128
switchport mode trunk
!
interface TenGigabitEthernet1/1/11
description N4P1
switchport access vlan 99
switchport mode access
!
interface TenGigabitEthernet1/1/12
description N7P1
switchport access vlan 99
switchport mode access
!
interface TenGigabitEthernet1/1/13
description Uplink to Firewall
switchport trunk allowed vlan 3,40,44,46,47,69,73-77,79,80,86,88,89,91,99,104
switchport trunk allowed vlan add 110-117,215,709
switchport mode trunk
!
interface TenGigabitEthernet1/1/14
description --VSL--Dual Active Detection link (Fast-Hello)
dual-active fast-hello
!
interface TenGigabitEthernet1/1/15
description Uplink to switch4500-02
switchport mode trunk
switchport nonegotiate
no lldp transmit
no lldp receive
channel-group 16 mode on
service-policy output VSL-Queuing-Policy
!
interface TenGigabitEthernet1/1/16
description Uplink to switch4500-02
switchport mode trunk
switchport nonegotiate
no lldp transmit
no lldp receive
channel-group 16 mode on
service-policy output VSL-Queuing-Policy
!
interface TenGigabitEthernet1/2/1
description Node 1
switchport trunk allowed vlan 77,215
switchport mode trunk
channel-group 31 mode active
!
interface TenGigabitEthernet1/2/2
description Node 2
switchport trunk allowed vlan 77,215
switchport mode trunk
channel-group 32 mode active
!
interface TenGigabitEthernet1/2/3
description Node 3
switchport trunk allowed vlan 77,215
switchport mode trunk
channel-group 33 mode active
!
interface TenGigabitEthernet1/2/4
description Node 5
switchport trunk allowed vlan 77,215
switchport mode trunk
channel-group 34 mode active
!
interface TenGigabitEthernet1/2/5
description Node 4
switchport trunk allowed vlan 77,215
switchport mode trunk
channel-group 35 mode active
!
interface TenGigabitEthernet1/2/6
description Node 6
switchport trunk allowed vlan 77,215
switchport mode trunk
channel-group 36 mode active
!
interface TenGigabitEthernet1/2/7
description Node 7
switchport trunk allowed vlan 77,215
switchport mode trunk
channel-group 37 mode active
!
interface TenGigabitEthernet1/2/8
description Node 8
switchport trunk allowed vlan 77,215
switchport mode trunk
channel-group 38 mode active
!
interface TenGigabitEthernet2/1/1
description Uplink to C3048-3
switchport mode trunk
channel-group 1 mode active
!
interface TenGigabitEthernet2/1/2
description Uplink to C3048-5
switchport mode trunk
channel-group 2 mode active
!
interface TenGigabitEthernet2/1/3
description Uplink to 4948-5
switchport mode trunk
shutdown
channel-group 3 mode active
!
interface TenGigabitEthernet2/1/4
description C3048-0
switchport mode trunk
shutdown
!
interface TenGigabitEthernet2/1/5
description C31108-3
switchport mode trunk
!
interface TenGigabitEthernet2/1/6
description N5P2
switchport access vlan 99
switchport mode access
!
interface TenGigabitEthernet2/1/7
switchport access vlan 99
switchport mode access
!
interface TenGigabitEthernet2/1/8
description N6P2
switchport access vlan 99
switchport mode access
!
interface TenGigabitEthernet2/1/9
description N3P2
switchport access vlan 99
switchport mode access
channel-protocol lacp
!
interface TenGigabitEthernet2/1/10
description Uplink to HP Chassis
switchport trunk allowed vlan 3,40,44,46,47,69,73-77,79,80,86,88,89,91,99,104
switchport trunk allowed vlan add 110-117,128
switchport mode trunk
!
interface TenGigabitEthernet2/1/11
description N4P2
switchport access vlan 99
switchport mode access
!
interface TenGigabitEthernet2/1/12
description N7P2
switchport access vlan 99
switchport mode access
!
interface TenGigabitEthernet2/1/13
switchport trunk allowed vlan 3,40,44,46,47,73-77,79,86,88,89,91,99,104
switchport trunk allowed vlan add 110-117,128,1000
switchport mode trunk
!
interface TenGigabitEthernet2/1/14
description --VSL--Dual Active Detection link (Fast-Hello)
dual-active fast-hello
!
interface TenGigabitEthernet2/1/15
switchport mode trunk
switchport nonegotiate
no lldp transmit
no lldp receive
channel-group 15 mode on
service-policy output VSL-Queuing-Policy
!
interface TenGigabitEthernet2/1/16
switchport mode trunk
switchport nonegotiate
no lldp transmit
no lldp receive
channel-group 15 mode on
service-policy output VSL-Queuing-Policy
!
interface TenGigabitEthernet2/2/1
description Node 1
switchport trunk allowed vlan 77,215
switchport mode trunk
channel-group 31 mode active
!
interface TenGigabitEthernet2/2/2
description Node 2
switchport trunk allowed vlan 77,215
switchport mode trunk
channel-group 32 mode active
!
interface TenGigabitEthernet2/2/3
description Node 3
switchport trunk allowed vlan 77,215
switchport mode trunk
channel-group 33 mode active
!
interface TenGigabitEthernet2/2/4
description Node 5
switchport trunk allowed vlan 77,215
switchport mode trunk
channel-group 34 mode active
!
interface TenGigabitEthernet2/2/5
description Node 4
switchport trunk allowed vlan 77,215
switchport mode trunk
channel-group 35 mode active
!
interface TenGigabitEthernet2/2/6
description Node 6
switchport trunk allowed vlan 77,215
switchport mode trunk
channel-group 36 mode active
!
interface TenGigabitEthernet2/2/7
description Node 7
switchport trunk allowed vlan 77,215
switchport mode trunk
channel-group 37 mode active
!
interface TenGigabitEthernet2/2/8
description Node 8
switchport trunk allowed vlan 77,215
switchport mode trunk
channel-group 38 mode active
!
interface Vlan1
no ip address
!
ip default-gateway 10.x.x.1
no ip forward-protocol nd
no ip forward-protocol udp tftp
no ip forward-protocol udp domain
no ip forward-protocol udp time
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
no ip forward-protocol udp tacacs
ip tcp synwait-time 5
no ip http server
ip http authentication local
ip http secure-server
ip route vrf mgmtVrf 0.0.0.0 0.0.0.0 10.x.x.1
ip ssh time-out 29
ip ssh authentication-retries 2
ip ssh logging events
ip ssh version 2
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
ip access-list extended VSL-BFD
permit udp any any eq 3784
ip access-list extended VSL-DHCP-CLIENT-TO-SERVER
permit udp any eq bootpc any eq bootps
ip access-list extended VSL-DHCP-SERVER-TO-CLIENT
permit udp any eq bootps any eq bootpc
ip access-list extended VSL-DHCP-SERVER-TO-SERVER
permit udp any eq bootps any eq bootps
ip access-list extended VSL-IPV4-ROUTING
permit ip any 224.0.0.0 0.0.0.255
!
kron occurrence BackupSchedule at 12:00 Fri recurring
policy-list Backups
!
kron policy-list Backups
cli write
!
logging source-interface FastEthernet1 vrf mgmtVrf
logging host 10.11.175.199
arp 10.x.x.147 0050.56aa.0027 ARPA
!
snmp-server community xxx1999 RO
snmp ifmib ifindex persist
radius-server timeout 2
!
!
!
ipv6 access-list VSL-IPV6-ROUTING
permit ipv6 any FF02::/124
!
no vstack
banner exec ^C
**********************************************************************
mycompany
HOST: switch4500-01
Configured for Data and Voice Use
**********************************************************************
^C
banner motd ^C
**********************************************************************
WARNING: This system is for the use of authorized clients only.
Individuals using the computer network system without authorization,
or in excess of their authorization, are subject to having all their
activity on this computer network system monitored and recorded by
system personnel. To protect the computer network system from
unauthorized use and to ensure the computer network systems is
functioning properly, system administrators monitor this system.
Anyone using this computer network system expressly consents to such
monitoring and is advised that if such monitoring reveals possible
conduct of criminal activity, system personnel may provide the
evidence of such activity to law enforcement officers
Access is restricted to authorized users only. Unauthorized access is
a violation of state and federal, civil and criminal laws
**********************************************************************
^C
!
line con 0
exec-timeout 30 0
privilege level 15
logging synchronous
stopbits 1
line vty 0 4
exec-timeout 30 0
privilege level 15
logging synchronous
length 0
transport preferred ssh
transport input ssh
line vty 5 15
exec-timeout 30 0
privilege level 15
logging synchronous
transport preferred ssh
transport input ssh
!
!
module provision switch 1
chassis-type 70 base-mac E00E.DA7B.41C0
slot 1 slot-type 401 base-mac E00E.DA7B.41C0
slot 2 slot-type 400 base-mac 7070.8B56.BB30
!
module provision switch 2
chassis-type 70 base-mac E00E.DA7B.3DC0
slot 1 slot-type 401 base-mac E00E.DA7B.3DC0
slot 2 slot-type 400 base-mac 5C83.8FF5.D3C0
!
ntp master 1
ntp update-calendar
ntp server 199.240.130.1 prefer
ntp server 67.128.71.65
mac address-table static 0017.a477.002e vlan 44 interface TenGigabitEthernet1/1/10
mac address-table static 0050.56aa.0027 vlan 44 interface TenGigabitEthernet1/1/10
!
end
4 Comments
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:
Customers Also Viewed These Support Documents