I ran the Cisco CLI Analyzer tool on one of our switches and it recommended running the following commands. This also matches monitoring tools indicating errors/drops on the switch. My question is, is there anything I can do about this to reduce drops or is this expected behavior? This is a C9300-48P on IOS-XE 16.8.1a
#show platform software fed switch active cpu-interface
queue retrieved dropped invalid hol-block
-------------------------------------------------------------------------
Routing Protocol 283656849 0 0 0
L2 Protocol 533674587 0 0 0
sw forwarding 1123 0 0 0
broadcast 987212131 53991979 0 0
icmp gen 0 0 0 0
icmp redirect 0 0 0 0
logging 0 0 0 0
rpf-fail 0 0 0 0
DOT1X authentication 796526 0 0 0
Forus Traffic 698219629 0 0 0
Forus Resolution 55125575 0 0 0
Inter FED 0 0 0 0
L2 LVX control 0 0 0 0
EWLC control 0 0 0 0
EWLC data 0 0 0 0
L2 LVX data 0 0 0 0
Learning cache 0 0 0 0
Topology control 92 0 0 0
Proto snooping 4231584 0 0 0
DHCP snooping 0 0 0 0
Transit Traffic 0 0 0 0
Multi End station 13825021 0 0 0
Webauth 3466696 0 0 0
Crypto control 0 0 0 0
Exception 0 0 0 0
General Punt 0 0 0 0
NFL sampled data 0 0 0 0
Low latency 0 0 0 0
EGR exception 0 0 0 0
FSS 0 0 0 0
Multicast data 0 0 0 0
Gold packet 0 0 0 0
#show platform hardware fed sw active fwd-asic drop exception
****EXCEPTION STATS ASIC INSTANCE 0 (asic/core 0/0)****
=================================================================================
Asic/core | NAME | prev | current | delta
=================================================================================
0 0 NO_EXCEPTION 29039141765 29056108835 16967070
0 0 IPV4_CHECKSUM_ERROR 0 0 0
0 0 ROUTED_AND_IP_OPTIONS_EXCEPTION 2638368 2642184 3816
0 0 CTS_FILTERED_EXCEPTION 0 0 0
0 0 SIA_TTL_ZERO 0 0 0
0 0 ALLOW_NATIVE_EXCEPTION_COUNT 0 0 0
0 0 ALLOW_DOT1Q_EXCEPTION_COUNT 0 0 0
0 0 ALLOW_PRIORITY_TAGGED_EXCEPTION_COUNT 0 0 0
0 0 ALLOW_UNKNOWN_ETHER_TYPE_EXCEPTION 0 0 0
0 0 IP_SOURCE_GUARD_VIOLATION 0 0 0
0 0 SECURE_L3IF_LEARNING_VIOLATION 0 0 0
0 0 AUTH_DRIVEN_DROP 139807 139831 24
0 0 VLAN_LOADBALANCE_GROUP_DENY 0 0 0
0 0 RPF_UNICAST_FAIL 0 0 0
0 0 RPF_UNICAST_FAIL_SUPPRESS 0 0 0
0 0 RPF_UNICAST_CHECK_INCOMPLETE 0 0 0
0 0 RPF_MULTICAST_FAIL 0 0 0
0 0 PKT_DROP_COUNT 149973 150002 29
0 0 SOURCE_ROUTE_EXCEPTION 23 23 0
0 0 IGR_MISC_FATAL_ERROR 1290 1290 0
0 0 BLOCK_FORWARD 148652 148681 29
0 0 POLICER_DROP 0 0 0
0 0 DENY_ROUTE 0 0 0
0 0 DENY_BRIDGE 0 0 0
0 0 STATIC_MAC_VIOLATION 0 0 0
0 0 STATIC_IP_VIOLATION 0 0 0
0 0 FPM_DROP_PACKET 0 0 0
0 0 IGR_EXCEPTION_L4_ERROR 3223830107 3224161936 331829
0 0 IGR_EXCEPTION_L5_ERROR 6727 6728 1
0 0 IGR_EXCEPTION_HARDWARE_PARSE_EXCEPTION 0 0 0
0 0 IGR_EXCEPTION_INVALID_VLAN_DROP 0 0 0
0 0 IGR_EXCEPTION_31 0 0 0
0 0 FRAGMENTING_IPV4_WITH_OPTIONS 0 0 0
0 0 FRAGMENTING_IPV6_WITH_EXTENSIONS 0 0 0
0 0 ICMP_REDIRECT 0 0 0
0 0 MTU_FAIL_PUNT_TO_CPU_NO_IP_UNREACHABLE 0 0 0
0 0 LINK_LOCAL_CHECK_FAIL_NO_IP_UNREACHABLE 0 0 0
0 0 IP_UNICAST_TTL_REACHED_ZERO 0 0 0
0 0 MISC_FATAL_ERROR 0 0 0
0 0 STP_OR_FLEXLINK_DROP 29 29 0
0 0 PROTECTED_PORT_DROP 0 0 0
0 0 PVLAN_ISOLATED_CHECK_FAILED 0 0 0
0 0 PVLAN_COMMUNITY_CHECK_FAILED 0 0 0
0 0 DEJA_VU_CHECK_FAILED 334462 336782 2320
0 0 NOT_VLAN_LOAD_BALANCE_GROUP_ALLOWED 0 0 0
0 0 RSPAN_DROP 0 0 0
0 0 SPLIT_HORIZON_DROP 0 0 0
0 0 SYSTEM_TTL_DROP 0 0 0
0 0 PRUNED 0 0 0
0 0 DENY_NO_IP_UNREACHABLE 0 0 0
0 0 IP_MULTICAST_TTL_REACHED_ZERO 0 0 0
0 0 MTU_FAIL_DROP_BRIDGED 0 0 0
0 0 MTU_FAIL_DROP_BRIDGED_IP_ROUTED 0 0 0
0 0 MTU_FAIL_ERSPAN 0 0 0
0 0 LINK_LOCAL_CHECK_FAIL_L3M_VALID 0 0 0
0 0 MTU_FAIL_PUNT_TO_CPU_NOT_NO_IP_UNREACHABLE 0 0 0
0 0 LINK_LOCAL_CHECK_FAIL_NOT_NO_IP_UNREACHABLE 0 0 0
0 0 COPY_TO_CPU 0 0 0
0 0 EGR_L3_ERROR 0 0 0
0 0 EGR_L4_ERROR 191779062 192044325 265263
0 0 EGR_L5_ERROR 41312 41312 0
0 0 EGR_HARDWARE_PARSE_EXCEPTION 0 0 0
0 0 EGR_SHOW_FORWARD_DROP 0 0 0
0 0 SGT_CACHING_NEEDED 0 0 0
