01-13-2023 09:47 AM - edited 01-13-2023 10:01 AM
I have a Catalyst 9606 with several SVIs in the same vrf (interface vlan 5 and 10). I have a Catalyst 9300 connected to that 9606. There is a layer 2 LACP trunk between the 2, allowing VLAN 5 (VLAN 10 goes to a different switch). The 9300 has 20 or so users/servers on it. They are all in the same VLAN (5). If I source a ping from interface vlan 5 on the 9606, I can ping all of the hosts. If I source a ping from vlan 10 on the 9600 (same vrf as vlan 5), only about half of them respond. It is hit and miss as to what responds and what doesn't. For example .160-174 and .190-205 do not respond. However, .176-185 do respond. It is a x.x.x.128/25 network. I am thinking it is a default gateway or subnet mask misconfiguration on the servers. But am trying to rule anything else out.
Oddly enough, this same 9300 switch was recently migrated off an ASR. When it was connected to that router everything was pingable within the vrf. The L3 part on the ASR was port-channel1.5, with encapsulation dot1q 5. I am not sure if the ASR has some default configuration running in the background that would still allow connectivity, that the 9606 does not have.
01-16-2023 12:25 PM
The mac address table for vlan 5 on the 9600 has all of the MACs in the mac address table for vlan 5 on the 9300.
The 9606 has 4 9300s connected to it. VLAN 5 is trunked to each of those switches. All of the VLAN 5 MAC addresses on the 9300s show up in the vlan 5 mac address table on the 9606.
I don't think this is a L2 issue, or an ARP issue. I think it is a L3 issue.
01-16-2023 12:31 PM - edited 01-16-2023 12:45 PM
show platform hardware fed [switch] active qos queue stats internal cpu policer <<-
show platform hardware fed [switch] active qos queue stats internal cpu policer <<-
can you share both of 9600 ??
01-16-2023 02:45 PM
I can't paste the output here, since the switch is on a segregated network. What are you looking for?
One thing to note is that there are no Policer Dropped Bytes or Frames. There are also no Queue Drop Bytes or Frames. So qos is not blocking/dropping anything. There is not much on this 9606.
01-16-2023 02:47 PM
there is no Queue drop at all in any Queue ?
01-16-2023 03:04 PM
Correct. It only has a 2% CPU utilization rate for the last 5 minutes. Like I said, there is not much going to or through the 9600, yet.
01-18-2023 10:20 AM
I run small lab,
the this that make me think why half ?
the R1 and R2 config with different subnet mask but with same default GW,
the GW IP is within the range subnet of R1
the GW IP is not within the range subnet of R2
the R1 can ping Lo in R3
R2 can not ping Lo in R3
so wait you reply about checking the subnet mask
01-18-2023 12:41 PM
I am waiting to hear back from the sys admins. They have to travel to get to the site with the servers. So, it might be a while before I hear back. I'll let you know what they find.
01-18-2023 12:45 PM
thanks a lot
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide