input / output drops

Antonio_1_2 · ‎02-08-2011

Hello,

I have this topology in part of my networ:k

Cisco7200---Cisco6500---Cisco3560---LAN1

|

Cisco3560

|

LAN2

All devices are interconected via optical 1Gb/s links. There is no QoS implemented on any device and all VLANs are allowed on all interfaces.

Also all links are trunks (with many VLANs)

In LAN1 there was a layer 2 broadcast-storm and 4000packets/s was comming to rest of the network (in one particular VLAN).

all devices in this part od network are L2 except 7200.

This is output show Interface on Cisco7200(VXR with G1) (link 6500-7200):

Input queue: 0/75/2427672/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 47382000 bits/sec, 11056 packets/sec
5 minute output rate 42153000 bits/sec, 6186 packets/sec

This is output show interface on Cisco6500(sup720BXL) ) (link 7200-6500):

Input queue: 0/2000/250/0 (size/max/drops/flushes); Total output drops: 691080
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 38749000 bits/sec, 5638 packets/sec
5 minute output rate 157368000 bits/sec, 33736 packets/sec

CPU usage was normal on all devices, and only problem was that there was problem with normal traffic on Cisco7200 (some TCP connections was droped from time to time and some ping packets was lost etc.)

I have few questions:

1) 7200 with G1 should be able to handle traffic up to 500Mb/s, but a lot of users experienced drops on traffic via 7200.

(CPU load was around 10%).

2) Why do I have input drops on 7200 on link toward 6500 if CPU was normal. Broadcast comming to this interfaces were cca 4kpps. But since it's destination is not on router these packets should be rejected on interface controller. Is that right? (7200 doesn't even has dot1q subinterface in that VLAN but since 6500 allow all VLANs on its trunk these packets reach 7200)

3) Why do I have output drops on Cisco 6500 (it is here as layer 2 device only)? It is max 160Mb/s in output direction. It has WS6724 card with DFC (there is no oversubscription).. Shouln't 6500 send traffic as fast as interface allows (up to 1Gb/s). Am I righ't?

4) After all how coul'd 6500 now if 7200 can't handle these traffic?Output drops should be only seen if QoS is enabled (i.e. shaping), or if there is oversubscription on the linecard?

thanks in advance,

A.

sakella · ‎02-11-2011

Input drops could be due to the router not able to process the packets or due to bursty traffic.

out drops are normal in WAN links where the incoming traffic is from Gig and fast ethernet( bigger pipe) outgoing interface is small like atm and serial.

(smaller pipe) It is recommended to increase hold-queue on the outbound direction.

But there could be latency issue as side effect

here is a good document on input output drops

http://www.ciscosystems.lt/en/US/products/hw/routers/ps133/products_tech_note09186a0080094791.shtml

Antonio_1_2 · ‎02-14-2011

Hi,

thank you for the answer,

But let me put more generic questions.

1) in my case incoming and outgoing interface on router (Cisco 6500) is 1 Gb/s(they are the same) and ther is no service policy applied to any of them.

So there shouldn't be output drops if traffic is comming to 1Gb/s interface and is forwarded to 1Gb/s interface(and there is no L3 QoS applied on them)?

2) Can flow-control enabled on inerface produce output drops? In a way that far-end router has input drops and sends PAUSE to sending router, which makes sending routers to buffer packets, and if traffic is bursty, queue are filling to fast and consequently drops occurs. Is this possible?

(I have "output flow-control is on" on interface that has output drops, but on other side of link on C7200 I have

"input flow-control is unsupported").

here is situation:

c7200(input drops, flowcontrol unsupported)----1Gb/sLINK--------(output drops, output flow-contro on)lC6500

But c7200 can't send PAUSE via flow-controll if it is unsupported on that inetrface?

3) Traffic is coming to an Gigabit Ehernet interface on Cisco7200. Interface has subinterfaces, but 90% of incomming traffic are packets/frames with VLAN-id that is not configured on that interface.

(i.e ethernet frames has VLAN id 10, and on Cisco 7200 there is no subinterface with "enacapsulation dot1q 10", only with VLAN id's 20, 30 and 40)

Will the interface controller drop these frames immediately (cause there are no matching VLAN-id on interface), or there is still some processing involved (Which could make input drops of regular traffic) ?

i.e. If there is 150Mb/s traffic comming to the interface. 100Mb/s is only VLAN 10 frames and 50Mb/s of regular traffic (VLAN 20 30 and 40). Cisco7200 should handle these ammount of traffic easaly. If Cisco 7200 drops immediately VLAN10 frames there should'n be input drops (unles it has to process VLAN 10 frames)?

4) Or could it be that there si burst of traffic that input buffers can't handle, and these bursts can't be seen on graphs (or interface counters)?

regards,

A

sakella · ‎02-14-2011

In some case we do see drops if input and output traffic is same. The situation could be traffic is bursty in that case hold-queue can help to certain extent.

But if traffic burst's above then its normal to see drops. so the avaerage traffic is well below the bandwidth requirements but on given nth of second if traffic burst then we see drops.

Antonio_1_2 · ‎02-15-2011

Thank you.

A.