11-21-2016 06:39 AM - edited 03-08-2019 08:14 AM
Hi everyone. I am monitoring a 3064 Nexus chassis with SNMP, and I am always getting "interface discards in" on one of the port channels. However this is normal due to an ACL in place. When I look at PO1 it shows the discards:
RX
37188296587 unicast packets 15658390 multicast packets 4135451 broadcast packets
37208090428 input packets 198650275947699 bytes
22814881037 jumbo packets 0 storm suppression packets
0 giants 0 input error 0 short frame 0 overrun 0 underrun
0 watchdog 0 if down drop
0 input with dribble 50955 input discard(includes ACL drops)
0 Rx pause
This is my snmp config:
HOSTNAME# sho run | in snmp
ip access-list copp-system-acl-snmp
10 permit udp any any eq snmp
20 permit udp any any eq snmptrap
class-map type control-plane match-any copp-snmp
match access-group name copp-system-acl-snmp
class copp-snmp
snmp-server contact ESPN Network Support Services 888-290-3776 #4
snmp-server location Building 13 1S
snmp-server source-interface trap loopback0
snmp-server user admin network-admin auth md5 0xea49bc25cfe6833ea510178d650149ec priv 0xea49bc25cfe6833ea510178d650149ec localizedkey
snmp-server user Manager network-admin auth md5 0xea49bc25cfe6833ea510178d650149ec priv 0xea49bc25cfe6833ea510178d650149ec localizedkey
snmp-server user Manager network-operator
snmp-server host 10.78.99.223 traps version 1 ciku#0
snmp-server host 172.22.2.69 traps version 1 ciku#0
snmp-server host 10.76.2.6 traps version 2c ciku#0
snmp-server host 10.76.2.6 use-vrf default
snmp-server host 172.22.2.92 traps version 2c ciku#0
snmp-server host 172.22.2.92 use-vrf default
snmp-server enable traps ospf
snmp-server enable traps bridge topologychange
snmp-server enable traps bridge newroot
snmp-server enable traps callhome event-notify
snmp-server enable traps callhome smtp-send-fail
snmp-server enable traps aaa server-state-change
snmp-server enable traps snmp authentication
snmp-server community Mazu8383 group network-operator
snmp-server community ciku#0 group network-operator
snmp-server community Mazu8383 use-acl 1
snmp-server community ciku#0 use-acl 2
And this is my sho ver
sho ver
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2013, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained herein are owned by
other third parties and are used and distributed under license.
Some parts of this software are covered under the GNU Public
License. A copy of the license is available at
http://www.gnu.org/licenses/gpl.html.
Software
BIOS: version 2.4.0
loader: version N/A
kickstart: version 5.0(3)U5(1f)
system: version 5.0(3)U5(1f)
power-seq: Module 1: version v4.1
BIOS compile time: 08/29/2011
kickstart image file is: bootflash:/n3000-uk9-kickstart.5.0.3.U5.1f.bin
kickstart compile time: 6/9/2013 2:00:00 [06/09/2013 05:53:44]
system image file is: bootflash:/n3000-uk9.5.0.3.U5.1f.bin
system compile time: 6/9/2013 2:00:00 [06/09/2013 06:46:07]
Is there any way I can have snmp not report interface discards whenever an ACL is hit? The amount of alarms are driving me crazy.
Thank you!
Bob
11-21-2016 02:59 PM
Why not configure your monitoring server to ignore that MIB?
11-22-2016 08:50 AM
I have thought of that, but the monitoring server is out of our control, and they refuse to make any changes to it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide