Buy or Renew
Buy or Renew
Join the Catalyst Center Onboarding Ask Me Anything event happening now!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6046
Views
0
Helpful
6
Replies

Layer 3 Switch connected to Home Wireless Router

jeff2412
Level 1
Level 1

‎04-05-2016 04:19 PM - edited ‎03-08-2019 05:14 AM

Hello all,

I have an issue that I have been trying to work on for the past few weeks that I can't seem to get my head around. So I have connected my Cisco 3550 switch to a Wireless Home Router (Netgear R7000). I have setup InterVLAN routing within my 3550 with 3 attached VLANs (VLANs 12, 24, 36) and my R7000 network (VLAN 48). I have assigned my SVI for VLAN 48 an address (172.16.48.3 /24) to communicate with my R7000 home router. Everything in this setup works smoothly from anywhere between 10 minutes to about an hour or so (give or take ping tests) until my 3550 can no longer ping the Gateway IP address setup on the R7000 Home Router (172.16.48.1). The weird part of all of this is that even though I am not able to ping from the console of the 3550 to the 172.16.48.1 address, my Test PC's connected to the switch (VLAN's 12 and 24) can still ping it. They end up having full connection to the internet on top of full ping connectivity throughout the network. Now I've tried testing this in multiple ways such as changing the Connected Port (fa0/1) on the 3550 to a routed port and assigning it the 172.16.48.3 /24 address manually. This does the same thing that the SVI setup does.. Works for a little while then stops communicating. Now I also have static routes on my R7000 router pointing to the 172.16.12.0/22, 172.16.24.0/22, and 172.16.36.0/28 networks through the 172.16.48.3 address. I also have a default route from my 3550 pointing to the 172.16.48.1 (R7000 gateway IP). I have been trying just about everything including access lists that block DHCP traffic, logging through access lists, debugging ip packets, etc. I have found nothing on this issue. I was wondering if there was any sort of communication that might be sent by the 3550 to the R7000 Home Router that may be setting off a firewall rule on the R7000 (which I can't seem to find any sort of firewall settings through the GUI of the R7000) or whether the broadcast traffic is being sent and received in different intervals from the R7000. I am almost at a complete loss on this issue and it's driving me crazy. I just think it's very weird that the test PC's can ping and act like nothing is wrong, but at the same time the Fa0/1 interface IP address cannot ping an IP on its own network. I would also like to mention that I have been gradually checking the show arp output to make sure that the 172.16.48.1 address is still allocated to the correct mac address and the age gradually gets higher and higher until I try to ping it from the switch (when it's working) or ping it from the test PC's when it's not working. I have also tried setting it up on a separate port and that has still not worked out.. same issue. The thing is, the port still stays up up and can route packets, but cannot talk from one port (fa0/1) to the R7000. My R7000 is also doing the NAT on the network and am really hoping that isn't the issue at hand. I have it set to think that the network attached is 172.16.0.0/16 in order to NAT the VLANs connected to the 3550. I also have a Raspberry Pi that is doing the DHCP of the R7000 network with a subnet 172.16.0.0 /16 statement that only assigns addresses in the 172.16.48.0/24 range to that network. That was why I was thinking it was DHCP traffic, thus created an ACL to block this. Still stops pinging after a while. Attached I have my running config of my 3550 and if you have any other questions I am more than willing to give more output as I am losing my mind trying to fix this Lab setup. Thanks in advanced

Topology:

Internet ========> Modem ============> Netgear R7000 =============> Cisco 3550 ==============> Test PC's

Cisco 3550 Running Config

JW-3550#show run
Building configuration...

Current configuration : 13593 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname JW-3550
!
logging count
logging buffered 200000 debugging
logging rate-limit 7500
enable secret 5 $1$6Ljl$Ijq9oeAdI9XeBsk8936ne.
!
username Jeff privilege 15 secret 5 $1$hBZ8$x3bK9yjrtZm3P4TJ4CxRW1
no aaa new-model
ip subnet-zero
ip routing
no ip domain-lookup
ip dhcp excluded-address 172.16.24.1 172.16.24.5
ip dhcp excluded-address 172.16.36.1
!
ip dhcp pool Data
   network 172.16.24.0 255.255.252.0
   dns-server 172.16.48.2 8.8.8.8
   default-router 172.16.24.1
!
ip dhcp pool Guest
   network 172.16.36.0 255.255.255.240
   dns-server 172.16.48.2 8.8.8.8
   default-router 172.16.36.1
!
ip dhcp snooping vlan 24,36,48
ip dhcp snooping
ip ssh authentication-retries 4
vtp mode transparent
!
!
crypto pki trustpoint TP-self-signed-1623001088
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1623001088
 revocation-check none
 rsakeypair TP-self-signed-1623001088
!
!
crypto pki certificate chain TP-self-signed-1623001088
 certificate self-signed 01
  30820293 308201FC A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  55312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 31363233 30303130 38383122 30200609 2A864886 F70D0109
  0216134A 572D3335 35302E65 78616D70 6C652E63 6F6D301E 170D3933 30333031
  30303031 31355A17 0D323030 31303130 30303030 305A3055 312F302D 06035504
  03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31
  36323330 30313038 38312230 2006092A 864886F7 0D010902 16134A57 2D333535
  302E6578 616D706C 652E636F 6D30819F 300D0609 2A864886 F70D0101 01050003
  818D0030 81890281 8100BE9B 887797D7 4F42A057 87735564 E4C3E56A E404ABDD
  ADF60C0D CD1A308B 95DE977E 2C355EE9 8A866994 D7DA730F 7DC77482 C163399B
  CE615851 ABEBA381 B24EC36A 436303FE CAE14B0B 2E91E88F DCDA6E22 39B999D8
  CF27A45B 5A574068 CA24FB82 9939DB89 BAB2E13F 73E08AD9 F054F332 384C47D3
  DC17FBF6 1F4C14F1 DF390203 010001A3 73307130 0F060355 1D130101 FF040530
  030101FF 301E0603 551D1104 17301582 134A572D 33353530 2E657861 6D706C65
  2E636F6D 301F0603 551D2304 18301680 14173E48 7CC2368A F59E5F49 68F8AEBC
  18FE8C63 38301D06 03551D0E 04160414 173E487C C2368AF5 9E5F4968 F8AEBC18
  FE8C6338 300D0609 2A864886 F70D0101 04050003 818100B9 FA1239BF DD019F04
  061FB8BA 71EA5C1B 5BEB1707 999A30C6 66ABFFDA A9952FB6 584E4B09 467D8151
  C1E08F1A 23324BB1 D2FEE0CD 1CF80896 D4554ACD 9BA9315C 5441F21B 439D1E00
  F9FA045C 6F4E2384 6EED200C AA9CE4EE C2666FC2 657A372D FF65ABB0 D192B45C
  4C586786 FC034894 AF45CFCC FC84A02E 809B7566 0AC7F4
  quit
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 12
 name Management
!
vlan 24
 name Data
!
vlan 36
 name Guest
!
vlan 48
 name R7000
!
interface FastEthernet0/1
 description to R7000
 switchport access vlan 48
 switchport mode access
!
interface FastEthernet0/2
 description Management VLAN
 switchport access vlan 12
 switchport mode access
!
interface FastEthernet0/3
 description Management VLAN
 switchport access vlan 12
 switchport mode access
!
interface FastEthernet0/4
 description Management VLAN
 switchport access vlan 12
 switchport mode access
!
interface FastEthernet0/5
 description Management VLAN
 switchport access vlan 12
 switchport mode access
!
interface FastEthernet0/6
 description Management VLAN
 switchport access vlan 12
 switchport mode access
!
interface FastEthernet0/7
 description Management VLAN
 switchport access vlan 12
 switchport mode access
!
interface FastEthernet0/8
 description Management VLAN
 switchport access vlan 12
 switchport mode access
 switchport port-security maximum 2
!
interface FastEthernet0/9
 description Unused
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 shutdown
!
interface FastEthernet0/10
 description Unused
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 shutdown
!
interface FastEthernet0/11
 description Unused
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 shutdown
!
interface FastEthernet0/12
 description Unused
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 shutdown
!
interface FastEthernet0/13
 description Unused
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 shutdown
!
interface FastEthernet0/14
 description Unused
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 shutdown
!
interface FastEthernet0/15
 description Unused
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 shutdown
!
interface FastEthernet0/16
 description Unused
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 shutdown
!
interface FastEthernet0/17
 description Data VLAN
 switchport access vlan 24
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/18
 description Data VLAN
 switchport access vlan 24
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/19
 description Data VLAN
 switchport access vlan 24
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/20
 description Data VLAN
 switchport access vlan 24
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/21
 description Data VLAN
 switchport access vlan 24
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/22
 description Data VLAN
 switchport access vlan 24
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/23
 description Data VLAN
 switchport access vlan 24
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/24
 description Data VLAN
 switchport access vlan 24
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/25
 description Data VLAN
 switchport access vlan 24
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/26
 description Data VLAN
 switchport access vlan 24
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/27
 description Data VLAN
 switchport access vlan 24
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/28
 description Data VLAN
 switchport access vlan 24
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/29
 description Data VLAN
 switchport access vlan 24
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/30
 description Data VLAN
 switchport access vlan 24
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/31
 description Data VLAN
 switchport access vlan 24
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/32
 description Data VLAN
 switchport access vlan 24
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/33
 description Unused
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 shutdown
!
interface FastEthernet0/34
 description Unused
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 shutdown
!
interface FastEthernet0/35
 description Unused
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 shutdown
!
interface FastEthernet0/36
 description Unused
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 shutdown
!
interface FastEthernet0/37
 description Unused
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 shutdown
!
interface FastEthernet0/38
 description Unused
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 shutdown
!
interface FastEthernet0/39
 description Unused
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 shutdown
!
interface FastEthernet0/40
 description Unused
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 shutdown
!
interface FastEthernet0/41
 description Unused
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 shutdown
!
interface FastEthernet0/42
 description Unused
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 shutdown
!
interface FastEthernet0/43
 description Guest VLAN
 switchport access vlan 36
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/44
 description Guest VLAN
 switchport access vlan 36
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/45
 description Guest VLAN
 switchport access vlan 36
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/46
 description Guest VLAN
 switchport access vlan 36
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/47
 description Guest VLAN
 switchport access vlan 36
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface FastEthernet0/48
 description Guest VLAN
 switchport access vlan 36
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 ip dhcp snooping limit rate 10
!
interface GigabitEthernet0/1
 switchport mode dynamic desirable
!
interface GigabitEthernet0/2
 switchport mode dynamic desirable
!
interface Vlan1
 no ip address
!
interface Vlan12
 ip address 172.16.12.1 255.255.252.0
!
interface Vlan24
 ip address 172.16.24.1 255.255.252.0
 ip access-group Data_Access in
!
interface Vlan36
 ip address 172.16.36.1 255.255.255.240
 ip access-group Guest_Access in
!
interface Vlan48
 ip address 172.16.48.3 255.255.255.0
!
ip default-gateway 172.16.48.1
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.48.1
ip http server
ip http secure-server
!
ip access-list extended Data_Access
 permit tcp 172.16.24.0 0.0.3.255 172.16.12.0 0.0.3.255 established
 permit icmp 172.16.24.0 0.0.3.255 172.16.12.0 0.0.3.255 echo-reply
 deny   ip 172.16.24.0 0.0.3.255 172.16.12.0 0.0.3.255
 permit ip any any
ip access-list extended DenyDHCP
 deny   udp any any eq bootps
 deny   udp any any eq bootpc
 permit ip any any
ip access-list extended Guest_Access
 deny   ip 172.16.36.0 0.0.0.15 172.16.0.0 0.0.255.255
 deny   tcp 172.16.36.0 0.0.0.15 host 172.16.36.1 eq 22
 permit ip any any
ip access-list extended R7000_Access
 permit tcp 172.16.48.0 0.0.0.255 172.16.12.0 0.0.3.255 established
 permit icmp 172.16.48.0 0.0.0.255 172.16.12.0 0.0.3.255 echo-reply
 deny   ip 172.16.48.0 0.0.0.255 172.16.12.0 0.0.3.255
 permit tcp host 172.16.48.2 host 172.16.48.3 eq 22
 permit tcp host 172.16.48.1 host 172.16.48.3 eq 22
 deny   tcp 172.16.48.0 0.0.0.255 host 172.16.48.3 eq 22
 deny   udp any any eq bootps
 deny   udp any any eq bootpc
 permit ip any any
 permit ip host 172.16.48.2 172.16.12.0 0.0.3.255
 permit ip host 172.16.48.1 172.16.12.0 0.0.3.255
ip access-list extended test
 permit ip any 172.16.48.0 0.0.0.7 log
 permit ip 172.16.48.0 0.0.0.7 any log
 permit ip any any
!
ip access-list logging interval 10
!
control-plane
!
banner motd ^C***Unauthorized access to this device or any sets of connected devices is prohibited and will adhere to the fullest extent of the law!***^C
!
line con 0
 exec-timeout 20 0
 logging synchronous
 login local
line vty 0 4
 exec-timeout 20 0
 logging synchronous
 login local
 transport input ssh
line vty 5 15
 exec-timeout 20 0
 logging synchronous
 login local
 transport input ssh
!
end

Labels:
0 Helpful
6 Replies 6

acampbell
VIP Alumni
VIP Alumni

‎04-05-2016 06:13 PM

Hi,

I have never configured ip default-gateway & ip route 0.0.0.0 in the same box

ip default-gateway is for a device that not running ip routing like layer 2 only switch

Can you try

!

no ip default-gateway

!

Leave in ip route 0.0.0.0 ......  and re-test

see link:-

http://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/16448-default.html

Regards

Alex

Regards, Alex. Please rate useful posts.
0 Helpful

jeff2412
Level 1
Level 1
In response to acampbell

‎04-06-2016 10:20 AM

Hello Alex,

Thank you for your reply.

I went ahead and issued a no ip default-gateway and reloaded the 3550. This did not fix the issue (still pings then after about 30 minutes stops).

I'm not wondering if it is due to the cable being used? I am using a straight-through from the 3550 to the R7000 home router. Since it is located on a LAN port on the home router would that be considered a switching port? thus switch to switch would be a crossover? This is my next approach as I have equipment to make a crossover cable.

I am also curious to see if it may be a timing issue? Maybe some sort of timer is setup incorrectly between the R7000 and 3550. I just find it weird that it's still in the arp cache and mac-address-table of the 3550 and fails pings. The switches IP address is also showing up in the 'Attached Devices' within the home router, which means that it also has it's MAC address table and ARP correctly defined. I'm really trying to see if it really is an issue with the 3550 or whether or not it would be the R7000 somehow stopping the pings to the 172.16.48.3 address.

Thanks again

0 Helpful

jeff2412
Level 1
Level 1
In response to jeff2412

‎04-06-2016 04:34 PM

I would also like to mention that I have already swapped out the straight-through cable with a cross-over and that did not seem to fix anything.. still pinging then stopping later.

0 Helpful

jeff2412
Level 1
Level 1

‎04-06-2016 04:33 PM

Here is some more output for troubleshooting:

I ran a show interfaces for the vlan 48 SVI and it shows input and output drops

I also ran the show interfaces for the physical port that is connected to the R7000 (fa0/1)

I also ran the show ip traffic and show processes CPU | i ^PID|Input to gain more info as well.


JW-3550#show interfaces vlan 48
Vlan48 is up, line protocol is up
  Hardware is EtherSVI, address is 0013.60bd.0800 (bia 0013.60bd.0800)
  Internet address is 172.16.48.3/24
  MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:19, output 00:11:52, output hang never
  Last clearing of "show interface" counters never
  Input queue: 75/75/6417/0 (size/max/drops/flushes); Total output drops: 20
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     1615 packets input, 215086 bytes, 0 no buffer
     Received 0 broadcasts (0 IP multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     259 packets output, 30225 bytes, 0 underruns
     0 output errors, 1 interface resets
     0 output buffer failures, 0 output buffers swapped out

JW-3550#show interfaces fa0/1
FastEthernet0/1 is up, line protocol is up (connected)
  Hardware is Fast Ethernet, address is 0013.60bd.0801 (bia 0013.60bd.0801)
  Description: to R7000
  MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (5 sec)
  Full-duplex, 100Mb/s, media type is 10/100BaseTX
  input flow-control is off, output flow-control is unsupported
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input never, output 00:00:02, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 1000 bits/sec, 1 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     11654 packets input, 1963150 bytes, 0 no buffer
     Received 11325 broadcasts (0 multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 6081 multicast, 0 pause input
     0 input packets with dribble condition detected
     5996 packets output, 460115 bytes, 0 underruns
     0 output errors, 0 collisions, 3 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 PAUSE output
     0 output buffer failures, 0 output buffers swapped out

========================================================================

JW-3550#sh ip traffic
IP statistics:
  Rcvd:  1698 total, 716 local destination
         0 format errors, 0 checksum errors, 859 bad hop count
         0 unknown protocol, 0 not a gateway
         0 security failures, 0 bad options, 1182 with options
  Opts:  0 end, 0 nop, 0 basic security, 0 loose source route
         0 timestamp, 0 extended security, 0 record route
         0 stream ID, 0 strict source route, 1182 alert, 0 cipso, 0 ump
         0 other
  Frags: 0 reassembled, 0 timeouts, 0 couldn't reassemble
         0 fragmented, 0 couldn't fragment
  Bcast: 628 received, 58 sent
  Mcast: 0 received, 0 sent
  Sent:  149 generated, 254 forwarded
  Drop:  11 encapsulation failed, 0 unresolved, 0 no adjacency
         0 no route, 0 unicast RPF, 0 forced drop
         0 options denied, 0 source IP address zero

ICMP statistics:
  Rcvd: 0 format errors, 0 checksum errors, 2 redirects, 0 unreachable
        0 echo, 72 echo reply, 0 mask requests, 0 mask replies, 0 quench
        0 parameter, 0 timestamp, 0 info request, 0 other
        0 irdp solicitations, 0 irdp advertisements
  Sent: 1 redirects, 0 unreachable, 144 echo, 0 echo reply
        0 mask requests, 0 mask replies, 0 quench, 0 timestamp
        0 info reply, 0 time exceeded, 0 parameter problem
        0 irdp solicitations, 0 irdp advertisements

TCP statistics:
  Rcvd: 12 total, 0 checksum errors, 0 no port
  Sent: 12 total

UDP statistics:
  Rcvd: 629 total, 0 checksum errors, 558 no port
  Sent: 7 total, 0 forwarded broadcasts

ARP statistics:
  Rcvd: 692 requests, 9 replies, 0 reverse, 0 other
  Sent: 19 requests, 84 replies (2 proxy), 0 reverse
  Drop due to input queue full: 0

========================================================================

JW-3550#show processes CPU | i ^PID|Input

 PID Runtime(ms)   Invoked      uSecs   5Sec   1Min      5Min      TTY Process
   8         264              740           356      0.00%  0.00%  0.00%   0 ARP Input
  17           0                1               0         0.00%  0.00%  0.00%   0 Net Input
  74         304             1784         170      0.00%  0.00%  0.00%   0 IP Input
  86           0                1               0         0.00%  0.00%  0.00%   0 RARP Input

This has me suspecting that it is the 3550 that is dropping the packets. I'm not quite sure why the packets are being sent to the CPU but would like to further investigate what type of traffic is being sent there, why it's being dropped and how to stop it from shutting down communications between the two.

Thanks

0 Helpful

jeff2412
Level 1
Level 1
In response to jeff2412

‎04-07-2016 04:38 PM

Finally after searching for weeks on end I found my issue. It looks like since my R7000 supports Gigabit Ethernet (1000/100/10) and my 3550 only supports Megabit (100/10) it was being sent too much traffic (Broadcast, Multicast, etc). The command that solved this issue was the hold input-queue 200 in which was done on interface vlan 48 (SVI). This command lets you configure the maximum size of the input queue in which the interface holds packets in order to not swarm the CPU.

Thanks for your input Alex

0 Helpful

kishrijal1
Level 1
Level 1

‎08-01-2018 10:24 AM

Hi Jeff,

I am planning to add any manageable Cisco switch in my home network like you did. Currently, I have the Verizon Fios and their own modem/router. Could you please assist me what network gears I supposed  to buy? I have Ethernet cable connect from Verizon port to Modem/Router. Don't you need to config anything on R7000 router, if yes what it is and how we do? If you provide me the network topology and basic config template that will be great. Thanks in Advance. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card