Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
870
Views
0
Helpful
5
Replies

CBS350: packets trapped globally due to lack of resources

Go to solution
GoodWeather
Level 1
Level 1

‎05-01-2023 09:10 AM

I'm installing ACLs in my CBS350-24XS (Firmware 3.3.0.16). 

Status and Statistics -> ACL shows:

GoodWeather_0-1682956697252.png

Can somebody please point me to the explanation of what "xxx packets trapped globally due to lack of resources" means? Is this lack of resources something I need to fix?

Hardware resource utilization does not look particularly concerning to me:

GoodWeather_1-1682956777550.png

CPU usage is below 10%.

Thanks.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Flavio Miranda
VIP
VIP
In response to GoodWeather

‎05-01-2023 01:40 PM - edited ‎05-01-2023 01:40 PM

I did not add the whole information:

"

ACL

When the ACL logging feature is enabled, an informational SYSLOG message is generated for packets that match ACL rules. To view the interfaces on which packets are forwarded or rejected based on ACLs, follow these steps:

Procedure

Step 1

Click Status and Statistics > ACL.
Step 2

Select the Refresh Rate (time period in seconds) that passes before the page is refreshed. A new group of interfaces is created for each time period.

The following information is displayed:

  • Global Trapped Packet Counter—Number of packets trapped globally due to lack of resources.

  • Trapped Packets - Port/LAG Based—The interfaces on which packets forwarded or rejected based on ACL rules.

  • Trapped Packets - VLAN Based—The VLANs on which packets forwarded or rejected based on ACL rules.
Step 3

To clear statistics counters, click Clear Counters or click Refresh to refresh the counters.

"

So, based on the above statement from cisco, there´s nothing wrong about the log your are seeing nor any action you should take. The logs you see is related to the fact that the packet matched with the ACL rules.

  Why they put the message like this I dont know and I agree with you that suggest some problem. But it seems the term "Lack of resource" means the packet could not be forwarded because it was dropped but not because the router is running out of resource.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Flavio Miranda
VIP
VIP

‎05-01-2023 12:26 PM

Hi

 It seems to be a normal behavior as it is shown on cisco doc

"When the ACL logging feature is enabled, an informational SYSLOG message is generated for packets that match ACL rules. To view the interfaces on which packets forward or rejected based on ACLs: STEP 1 Click Status and Statistics > ACL. STEP 2 Select the Refresh Rate (time period in seconds) that passes before the page is refreshed. A new group of interfaces is created for each time period. The following information is displayed: • Global Trapped Packet Counter—Number of packets trapped globally due to lack of resources. • Trapped Packets—Port/LAG Based—The interfaces on which packets forwarded or rejected based on ACL rules. • Trapped Packets—VLAN Based—The VLANs on which packets forwarded or rejected based on ACL rules."

 

0 Helpful

Go to solution
GoodWeather
Level 1
Level 1

‎05-01-2023 01:28 PM

Thanks. What I'm wondering about is what is lacking here specifically - and how can I free the lacking resource. And where would these packages go, if they weren't trapped due to lack of resources. Do packets get lost?

I appreciate these may be stupid questions. I really don't understand what the doc is trying to tell me...

0 Helpful

Go to solution
Flavio Miranda
VIP
VIP
In response to GoodWeather

‎05-01-2023 01:40 PM - edited ‎05-01-2023 01:40 PM

I did not add the whole information:

"

ACL

When the ACL logging feature is enabled, an informational SYSLOG message is generated for packets that match ACL rules. To view the interfaces on which packets are forwarded or rejected based on ACLs, follow these steps:

Procedure

Step 1

Click Status and Statistics > ACL.
Step 2

Select the Refresh Rate (time period in seconds) that passes before the page is refreshed. A new group of interfaces is created for each time period.

The following information is displayed:

  • Global Trapped Packet Counter—Number of packets trapped globally due to lack of resources.

  • Trapped Packets - Port/LAG Based—The interfaces on which packets forwarded or rejected based on ACL rules.

  • Trapped Packets - VLAN Based—The VLANs on which packets forwarded or rejected based on ACL rules.
Step 3

To clear statistics counters, click Clear Counters or click Refresh to refresh the counters.

"

So, based on the above statement from cisco, there´s nothing wrong about the log your are seeing nor any action you should take. The logs you see is related to the fact that the packet matched with the ACL rules.

  Why they put the message like this I dont know and I agree with you that suggest some problem. But it seems the term "Lack of resource" means the packet could not be forwarded because it was dropped but not because the router is running out of resource.

0 Helpful

Go to solution
GoodWeather
Level 1
Level 1
In response to Flavio Miranda

‎05-01-2023 01:48 PM

@Flavio Miranda wrote:

But it seems the term "Lack of resource" means the packet could not be forwarded because it was dropped but not because the router is running out of resource.

Ah, ok. If that's the case, great. Didn't get that this is the meaning.

Thanks!

0 Helpful

Go to solution
cyberconsultants
Level 1
Level 1
In response to GoodWeather

‎05-03-2023 09:12 AM

that certainly doesn't make sense to me. the documentation is equally confounding.

only thing i can think of is a lack of logging resources. i.e. the packets are trapped/filtered according to ACL but the packet volume and/or throughput exceeds the device's logging capability, therefore the device fails to track what interface said packets were trapped/filtered on.

0 Helpful
Customers Also Viewed These Support Documents