Looks like problem not linked with vlans. I see the same problem at ports in access mode too.

So, any ideas what it could be?

Ok. My resaults so far:

Looks like problem connected with QoS. Seems like Cisco changed queues settings at the newest versions of IOS. As I see the second queue (data traffic) at the port is dropping traffic:

#show platform qos queue stats gi 1/0/26

DATA Port:20 Drop Counters              
-------------------------------              
Queue Drop-TH0    Drop-TH1    Drop-TH2    SBufDrop    QebDrop              
----- ----------- ----------- ----------- ----------- -----------
    0           0           0           0           0           0
    1           0           0    31764522           0           0

As solution I found this lines:

qos queue-softmax-multiplier 1200

ip access-list extended allTraffic
 remark --- ACL for matching all traffic ---
 permit ip any any
exit

class-map match-any cDefQos
 match access-group name allTraffic
exit

policy-map pDesQos
 class class-default
  bandwidth percent 100
 exit
exit

int [name]
 service-policy output pDesQos
exit

But so far first line

qos queue-softmax-multiplier 1200

was anought for me. After this line I don't see errors at the interfaces anymore.

I'm still monitoring ports. But there is no problems so far.

Best Regards.

I solved problem with all interfaces except interfaces Gi1/0/26 and gi2/0/26. Counters rising only at this 2 interfaces. I placed service-policing to this interfaces but it din't changed anything.

Does anyone have any ideas? I'm bad at QoS questions...

Best Regards.

Hi,

seeing output-drops is a known problem of Catalyst 3850 Switches. Cisco published a PDF where the issue is descriped.

http://www.cisco.com/c/en/us/support/docs/switches/catalyst-3850-series-switches/200594-Catalyst-3850-Troubleshooting-Output-dr.html

The drops occur regarding micro-bursts which the switchport cannot buffer (the soft-buffer for queue 1 is too small).

QoS can help to reduce the drops but will not fix the problem at all. Maybe you still see drops, but in another queue.

To increase the soft-buffer of the ports, you can use the "qos queue-soft-multiplier".

Since all ports of the Catalyst 3850 use a shared-buffer on as needed-basis, I thought it could be  a problem to change the soft-buffer value to the maximum of 1200.

Few days ago I got the answer by the TAC, that this woud have no negativ impact. A value if 1200 is OK.

If using releases prior to 3.6.6 or 3.7.5 you have to attach a service-policy to increase the soft-buffer. Since 3.6.6 or 3.7.5 increasing the buffer takes affect without a service-policy.

regards

~chris

Hi, Chris.

Thanks for you reply.

I did saw this document. But it says this:

Output drops are generally a result of interface oversubscription caused by many to one or a 10gig to 1gig transfer.

But in my case I can see 150k packets drop rate at the 50 Mbit speed of traffic (at the 1G ports in full duplex). At such speed buffer shouldn't be used at all.

And as you told I can see drops at the another queue. Before placing service-policy to the interface I saw drops at the queue 1. But after placing policy (with only default class to 100% bandwith) now I'm is seeing drops at the queue 0.

So should I add one more class with "priority level 0 percent ..."?

Best Regards.

Hi,

depending on your service-policy, you will disable queue 1 and all traffic flows into queue 0. That's why you see dropped traffic in that queue now.

Did you also change the soft-buffer to a higher value?

What version of IOS-XE you are running on the box? 3.6.6 / 3.7.5 ?

regards

~chris 

Hi, Cris.

The IOS version is 03.06.06.

Current changes of QoS is:

qos queue-softmax-multiplier 1200

ip access-list extended allTraffic
 remark --- ACL for matching all traffic ---
 permit ip any any

class-map match-any cDefQos
 match access-group name allTraffic

policy-map pDesQos
 class class-default
  bandwidth percent 100

int [name]
 service-policy output pDesQos

Best Regards.

Hi,

yes, looks good.

But if using 3.6.6 I would like to prefer using no service-policy but increasing the soft-buffer to the maximum value of 1200.

Why? So, as I wrote above, when using this service-policy, than queue 1 is disabled and all traffic (control-traffic and normal traffic) is combined in queue 0. There will be no default "classification".

Whatever you use, do you see still drops?

regards

~chris

Hi, c.edel.

Sorry for a long responce. I see drops in both cases: when I'm using service-policy and when I'm not. But when I'm using it I see drops at the queue 0 and when I'm not using it I see drops at queue 1.

Best Regard.

3. If you define only 1 class-default, in order to tweak the buffer, all the traffic falls under the single queue (including control packets). Be advised that when all traffic is put in one queue, there is no classification between control and data traffic and during time of congestion, control traffic could get dropped. So, it is recommended to create at least 1 other class for control traffic. CPU generated control-packets will always go to the first priority queue even if not matched in the class-map. If there is no priority queue configured, it would go to the first queue of the interface, which is queue-0.

Source: https://www.cisco.com/c/en/us/support/docs/switches/catalyst-3850-series-switches/200594-Catalyst-3850-Troubleshooting-Output-dr.html

did you add this to both ends of the etherchannel or just on the 3850 end?

Chuck,

Did you find this information by reading this document:

https://www.cisco.com/c/en/us/support/docs/switches/catalyst-3850-series-switches/200594-Catalyst-3850-Troubleshooting-Output-dr.html

?

Thanks,

Dallas