Re: Catalyst 9300 Excesive broadcast drops

yurii.chornyi · ‎03-29-2021

Hello to everyone!

Some time ago we replaced our stack of 3850 with two 9300. It had been working fine for a while but recently we noticed huge broadcast drops (especially DHCP) with low-to-moderate utilization. Both client and DHCP server are directly connected to same switch. When capturing traffic I see that about 90% of DHCP Discovery packets in some specific time frame are being drop by switch. Interface load is very low (up to 10Mbps).

Here is output

Stack9300-8#show controllers cpu-interface
queue retrieved dropped invalid hol-block
-------------------------------------------------------------------------
Routing Protocol 104556267 0 0 0
L2 Protocol 793799606 0 0 0
sw forwarding 104618376 33082001 0 0
broadcast 144435817 33652699 0 0
icmp gen 0 0 0 0
icmp redirect 671994797 0 0 0
logging 50895 0 0 0
rpf-fail 0 0 0 0
DOT1X authentication 0 0 0 0
Forus Traffic 78237539 0 0 0
Forus Resolution 266176270 0 0 0
Inter FED 0 0 0 0
L2 LVX control 0 0 0 0
EWLC control 0 0 0 0
EWLC data 0 0 0 0
L2 LVX data 0 0 0 0
Openflow 0 0 0 0
Topology control 16718231 0 0 0
Proto snooping 0 0 0 0
DHCP snooping 0 0 0 0
Transit Traffic 0 0 0 0
Multi End station 27641757 0 0 0
Webauth 0 0 0 0
High rate app 0 0 0 0
Exception 0 0 0 0
System Critical 0 0 0 0
NFL sampled data 0 0 0 0
Low latency 0 0 0 0
EGR exception 15079 0 0 0
Stackwise Virtual OOB 0 0 0 0
Multicast data 0 0 0 0
Gold packet 0 0 0 0

Stack9300-8#sh clo
Stack9300-8#sh clock
14:25:40.066 EET Fri Mar 12 2021
Stack9300-8#
Stack9300-8#
Stack9300-8#
Stack9300-8#
Stack9300-8#sh clock
14:33:35.268 EET Fri Mar 12 2021
Stack9300-8#sh clock ow controllers cpu-interface
queue retrieved dropped invalid hol-block
-------------------------------------------------------------------------
Routing Protocol 104557874 0 0 0
L2 Protocol 793811484 0 0 0
sw forwarding 104620296 33082666 0 0
broadcast 144437541 33653005 0 0
icmp gen 0 0 0 0
icmp redirect 672252888 0 0 0
logging 50895 0 0 0
rpf-fail 0 0 0 0
DOT1X authentication 0 0 0 0
Forus Traffic 78238993 0 0 0
Forus Resolution 266181377 0 0 0
Inter FED 0 0 0 0
L2 LVX control 0 0 0 0
EWLC control 0 0 0 0
EWLC data 0 0 0 0
L2 LVX data 0 0 0 0
Openflow 0 0 0 0
Topology control 16718479 0 0 0
Proto snooping 0 0 0 0
DHCP snooping 0 0 0 0
Transit Traffic 0 0 0 0
Multi End station 27643233 0 0 0
Webauth 0 0 0 0
High rate app 0 0 0 0
Exception 0 0 0 0
System Critical 0 0 0 0
NFL sampled data 0 0 0 0
Low latency 0 0 0 0
EGR exception 15079 0 0 0
Stackwise Virtual OOB 0 0 0 0
Multicast data 0 0 0 0
Gold packet 0 0 0 0

Stack9300-8#

_____________________________

Switch Ports Model SW Version SW Image Mode
------ ----- ----- ---------- ---------- ----
* 1 64 C9300-48UXM 16.9.2 CAT9K_IOSXE INSTALL
2 64 C9300-48UXM 16.9.2 CAT9K_IOSXE INSTALL

Any clue what can go wrong?

Reza Sharifi · ‎03-29-2021

Hi,

broadcast 144435817 33652699 0 0

Do you have any broadcast/multicast storm control configured under the interfaces?

33652699 out of144435817 is less than 25% drop.

Is DHCP working fine for the clients?

HTH

yurii.chornyi · ‎03-29-2021

Hi!

Yes, we have storm-control. Here is typical interface config

interface Port-channel45
description ####
switchport mode trunk
storm-control broadcast level 50.00
spanning-tree bpduguard enable
!

And yes DHCP suffers a lot

Reza Sharifi · ‎03-29-2021

Hi.

50% is a lot.

Try a lower number something like this and test:

storm-control broadcast include multicast
storm-control broadcast level 1.00

HTH

yurii.chornyi · ‎03-30-2021

Hi!

Could it really affect DHCP performance or it is just your suggestion for config optimization?

yurii.chornyi · ‎04-08-2021

Applied on all interfaces but no luck