cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
463
Views
3
Helpful
14
Replies

Taildrop avoidance for critical traffic

qsosan20
Level 1
Level 1

Hello Experts ,

I have a critical application traffic which passing though my Cisco ISR 4321 and i noticed that some packets being dropped as Taildrop ,

Please find below output from packet-trace debug : 

 

sh platform packet-trace summary | i Gi0/0/1
6 Gi0/0/0.20 Gi0/0/1 DROP 23 (TailDrop)
7 Gi0/0/0.20 Gi0/0/1 DROP 23 (TailDrop)
16 Gi0/0/0.20 Gi0/0/1 DROP 23 (TailDrop)

I need a way to avoid such drop for that specific critical traffic , please advise on which QOS policy config i need to apply ?

2 Accepted Solutions

Accepted Solutions

Joseph W. Doherty
Hall of Fame
Hall of Fame

A CBWFQ policy map, used for egress on the problematic interface(s).

Multiple configuration options might be chosen to remediate your drops.  For example, using a default class with FQ might be sufficient, although you might need to increase flow or class queue depths.  Or, you identify the critical traffic, and assign it its own class, with sufficient bandwidth and/or queue limit to avoid drops.

View solution in original post

Hello Joseph, 

Thanks for your reply, 

Based on your suggestion, i have checked and applied LLQ for that traffic and will monitor for couple of days, 

View solution in original post

14 Replies 14

Joseph W. Doherty
Hall of Fame
Hall of Fame

A CBWFQ policy map, used for egress on the problematic interface(s).

Multiple configuration options might be chosen to remediate your drops.  For example, using a default class with FQ might be sufficient, although you might need to increase flow or class queue depths.  Or, you identify the critical traffic, and assign it its own class, with sufficient bandwidth and/or queue limit to avoid drops.

BTW, as I don't know how familiar you're with QoS, if you need actual configuration examples, please ask further.  Some of the approaches I suggested requires identification of your critical application traffic so it can be treated differently, but as I also noted, that might not be needed, for something like:

Policy-map example

Class class-default

Fair-queue

Int g0/0/1

Service-policy output example

Hello Joseph, 

Thanks for your reply, 

Based on your suggestion, i have checked and applied LLQ for that traffic and will monitor for couple of days, 

Unless traffic really, really warrants using LLQ (like VoIP), I generally recommend against using LLQ, although it often will correct the immediate issue.

So why not?

In general, possibly the most important issue is you can have a problem in the future when you really do need LLQ kind of SLAs.

Second, LLQ has an implied policer which only is a active when there's congestion.  I.e. sometimes your LLQ traffic can obtain 100% of bandwidth and sometimes only the allocated percentage.

For the above issue, some might allocate a very high bandwidth allocation to LLQ, but since it has absolute priority, such an allocation can be very adverse to other traffic.

In your OP, you only mentioned wanting to avoid drops, which is fine, but LLQ also is designed to minimize latency and jitter, which your criteria traffic may, or may not, need.

For example, given an equal bandwidth video stream vs. a VidConf stream, both don't want drops, but only the latter has major latency and jitter requirements.

Possible, just increasing the egress interface's FIFO queue depth might solve the drops issue, but I didn't suggest it as it can easily create its own issues and I know nothing about your traffic.  Because I don't know, I cannot make a really good recommendation, but, in general, my prior reply example often works, really, really well.

BTW, another issue with LLQ, it uses a FIFO queue, so even just one bandwidth hog flow in that class is adverse to all the other LLQ class flows.

Off the top of my head, one of the few applications that, somewhat, might be used in LLQ, is a screen scraping, remote desktop, kind of app, but beyond the considerations, above, for why LLQ shouldn't be used for it either, if the app supports disk file copying and/or printing, those can consume much bandwidth.  (Citrix [at least it used to] supportd internal traffic kind codes so you could treat disk and printer traffic differently.)

To recap, I don't doubt your critical traffic is now working fine using LLQ, but likely the same results can be obtained otherwise yet avoiding potential issues, both now and in the future.

Can I know how you use packet trace 

MHM

Am using debug platform packet-trace drop command to filter dropped traffic

Try use one command 

Queue-softmax-multi

This increase queue 

BTW, I don't believe that command is supported on the ISR 4K routed ports.

the command he use for see drop not use for router ISR4k 
he have Core SW 9k 
that why I ask about command he use to see drop 

MHM

the command he use for see drop not use for router ISR4k 

he have Core SW 9k 

that why I ask about command he use to see drop

OP states "my Cisco ISR 4321", shows interfaces g0/0/0.20 (subinterface) and g0/0/1, and Cisco, at least back in 2/23, describes the Datapath Packet Trace feature (only) supported on platforms using a QFP, such as the ISR4000 series, wouldn't seem to imply OP posted results are necessarily from a 9K switch.  Further a later OP reply noted he fixed problem using LLQ (a router only feature, I believe; switch "equivalent" is PQ), so that too would seem to exclude, results are from a Catalyst 9K.

It's certainly possible OP network is using 9K switches, maybe even one as core.

I dont have time to answer you

Dont mention me again 

MHM

Dont mention me again

Like as in the Harry Potter series "He-Who-Must-Not-Be-Named"?

Does He-Who-Must-Not-Be-Named also desire that I should not continue to provide helpful or even solution votes for He-Who-Must-Not-Be-Named?

If the latter, sorry no, because I provide such votes so the community can easily recognize the value of such replies (which were well deserved by He-Who-Must-Not-Be-Named).

I'll also continue to comment on anyone's replies, likewise anyone are welcome to do same on mine.

As you've made similar requests before, the forgoing is pretty much as I wrote earlier, but I can now, if He-Who-Must-Not-Be-Named truly desires, use He-Who-Must-Not-Be-Named rather than He-Who-Must-Not-Be-Named's name.

Also, as I wrote earlier to these requests, He-Who-Must-Not-Be-Named can resume sending private messages to OP, rather than making public reply and, there by, subject to peer review.

Taking He-Who-Must-Not-Be-Named's a possible request reason into account, rereadimg my prior reply might be taken too negatively, presenting the facts, so I'll amend it.

I like lord of the rings

So I may be like sauron lol..

Sauron-2.jpg

Dont stop post but please dont mention me' my notifications is full and I cannot read reply all.

Let me work by my way

Goodluck 

Sauron 

Laugh.

Ah, you only want exclusion of your name at symbol references?

Okay, I have no problem doing that.

Meanwhile the ring, the ring; it's mine!  ; )