05-24-2006 12:05 PM
We have a 6509 running in Native IOS that has 2gb port channels connecting to our 7 access layer switches. About a week ago we were working with Remote span vlans and added a remote span from the 6509 to our other core (6513) which is connected via a 20Gbps portchannel. We began to notice that a lot of people were calling in reporting devices as being slow and we noticed that from the 6509 (Which was the root bridge) we were disgarding millions of packets on the transmit side of our access layer switches. We took out the remote span but it appears that we are still disgarding packets. There are no input or output errors on either side. The Remote span VLAN does not exist on the access layer switch's VLAN database. Does anybody have any idea what we should be looking for?
05-30-2006 11:47 AM
you can use an acl to match the number of packets that come into / out of each of the devices. Simply use two lines in each acl where on the first line you match the packet in question and on the second line you have "permit ip any any" so you don't block any packets. Then simply apply the acl either inbound or outbound on the interface in question. If you want more than one acl on a given device, such as inbound one interfaceand outbound another, be sure to use two different acl numbers.
create the acl's and apply them
ensure there isn't an active call
clear access-list counters on all devices where you configured the acl's so we ensure all of them are set to 0
05-31-2006 08:42 AM
show top
get to the bottom of high utilization ports, start from the core and work down to the access layer switches...
i suspect that somewhere a span session is nuking a trunk!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide