Re: Packets dropped to Access layer switch???

dhopper82 · ‎05-24-2006

We have a 6509 running in Native IOS that has 2gb port channels connecting to our 7 access layer switches. About a week ago we were working with Remote span vlans and added a remote span from the 6509 to our other core (6513) which is connected via a 20Gbps portchannel. We began to notice that a lot of people were calling in reporting devices as being slow and we noticed that from the 6509 (Which was the root bridge) we were disgarding millions of packets on the transmit side of our access layer switches. We took out the remote span but it appears that we are still disgarding packets. There are no input or output errors on either side. The Remote span VLAN does not exist on the access layer switch's VLAN database. Does anybody have any idea what we should be looking for?

carenas123 · ‎05-30-2006

you can use an acl to match the number of packets that come into / out of each of the devices. Simply use two lines in each acl where on the first line you match the packet in question and on the second line you have "permit ip any any" so you don't block any packets. Then simply apply the acl either inbound or outbound on the interface in question. If you want more than one acl on a given device, such as inbound one interfaceand outbound another, be sure to use two different acl numbers.

create the acl's and apply them

ensure there isn't an active call

clear access-list counters on all devices where you configured the acl's so we ensure all of them are set to 0

jbrunner007 · ‎05-31-2006

show top

get to the bottom of high utilization ports, start from the core and work down to the access layer switches...

i suspect that somewhere a span session is nuking a trunk!