Re: Ping Drop on ISP link

Menon · ‎06-15-2022

Hello team,

On my network, there is an issue with the ISP link. ISP side IP(31.42.53.225) shows no ping drop but router end(31.42.53.226) IP shows, which is unusual. The ISP did not have any issue on their side.

R2#ping  31.42.53.225
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 31.42.53.225, timeout is 2 seconds:
!!..!
Success rate is 60 percent (3/5), round-trip min/avg/max = 10/11/13 ms

My client uses more than 500 Mbps traffic and the ISP link is 1G, and their servers are connected to switches 1 and 2. So I have limited the bandwidth on the L2 side with the "srr-queue bandwidth limit 50". Still no luck.

SWTCH01#sho run int g1/0/4
Building configuration...

Current configuration : 124 bytes
!
interface GigabitEthernet1/0/4
 description wan1-1
 switchport access vlan 666
 srr-queue bandwidth limit 50
end

SWTCH01#sho run int g1/0/5
Building configuration...

Current configuration : 124 bytes
!
interface GigabitEthernet1/0/5
 description wan1-2
 switchport access vlan 666
 srr-queue bandwidth limit 50
end
-----
SWTCH02#sho run int g1/0/4
Building configuration...

Current configuration : 124 bytes
!
interface GigabitEthernet1/0/4
 description wan2-1
 switchport access vlan 666
 srr-queue bandwidth limit 50
end

SWTCH02#sho run int g1/0/5
Building configuration...

Current configuration : 124 bytes
!
interface GigabitEthernet1/0/5
 description wan2-2
 switchport access vlan 666
 srr-queue bandwidth limit 50
end
-----

QOS Config on the router :

class-map match-all CLAS-VLAN-666
 match access-group name POLICE-VLAN-666

policy-map POLICE-VLAN-666
 class CLAS-VLAN-666
  police cir 500000000
   conform-action transmit 
   exceed-action drop 
   
interface GigabitEthernet3.666
 service-policy input POLICE-VLAN-666
 
ip access-list extended POLICE-VLAN-666
 10 permit ip any 20.63.44.0 0.0.0.255
 20 permit ip 20.63.44.0 0.0.0.255 any

Router WAN interface:

interface GigabitEthernet1
 description WAN2
 ip flow monitor 247MONITOR input
 ip flow monitor 247MONITOR output
 ip address 31.42.53.226 255.255.255.248
 ip access-group WAN_IN in
 speed 1000
 no negotiation auto
 no mop enabled
 no mop sysid
 service-policy input POLICE-VLAN-666
!

Any suggestion will be helpful in resolving the ping drop issue.

Thanks in advance!

MHM Cisco World · ‎06-15-2022

Drop is 60 meaning almost 2/3,

So check

Show ip route do you see two equal path to destiantion you ping ?

If yes then you may have asymmetric routing issue.

Menon · ‎06-15-2022

Hello there,

I didn't see anyother equal path to the destination.

R2#Show ip route | include 31.42.53.225
Gateway of last resort is 31.42.53.225 to network 0.0.0.0
B*    0.0.0.0/0 [20/0] via 31.42.53.225, 2d01h

MHM Cisco World · ‎06-15-2022

please see my below comment.

balaji.bandi · ‎06-15-2022

Any suggestion will be helpful in resolving the ping drop issue.

Is the R2 is the router connected to ISP : ( what Router modeL, what IOS code running ?)

Default the Interface gi1 config, Configuring the only IP address do test pings and post the outcome before we can suggest something :

also post :

show interface GigabitEthernet1

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Menon · ‎06-15-2022

Hello Balaji,

Yes R2 is the router connected to ISP.

Model: Cisco CSR1000v

Cisco IOS XE Software, Version 17.03.05

R2#sho run int G1
Building configuration...

Current configuration : 336 bytes
!
interface GigabitEthernet1
 description WAN2
 ip address 31.42.53.226 255.255.255.248
 ip access-group WAN_IN in
 speed 1000
 no negotiation auto
 no mop enabled
 no mop sysid
 service-policy input POLICE-VLAN-666
! 

This is the int that am pinging from outside and shows the drop.

Ping from another router
#ping 31.42.53.226 repeat 500
Type escape sequence to abort.
Sending 500, 100-byte ICMP Echos to 31.42.53.226, timeout is 2 seconds:
!.!.!.!.!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!
!!!!!!!!!.!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!.!!!.!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!.!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!.!!!!!!!!!!!!!!.!!!!!!!!!!
!!!!!!!!!!
Success rate is 96 percent (481/500), round-trip min/avg/max = 2/5/24 ms

balaji.bandi · ‎06-15-2022

R2#sho int G1

requested above output see how the interface connected.

CSR1000v ? This is virtual how is this connected ?

i see you are running BGP with ISP for peering ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Menon · ‎06-15-2022

Hello Balaji,

Sorry here is the result:

R2#sho int g1
GigabitEthernet1 is up, line protocol is up 
  Hardware is CSR vNIC, address is b2e9.ac2f.f77c (bia b2e9.ac2f.f77c)
  Description: WAN2
  Internet address is 31.42.53.226/29
  MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec, 
     reliability 255/255, txload 117/255, rxload 93/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full Duplex, 1000Mbps, link type is force-up, media type is Virtual
  output flow-control is unsupported, input flow-control is unsupported
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:00, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/375/1678/688 (size/max/drops/flushes); Total output drops: 25433266
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 365959000 bits/sec, 54144 packets/sec
  5 minute output rate 459093000 bits/sec, 55448 packets/sec
     89449735991 packets input, 104017328718113 bytes, 0 no buffer
     Received 0 broadcasts (0 IP multicasts)
     0 runts, 0 giants, 0 throttles 
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 0 multicast, 0 pause input
     94095840349 packets output, 65381523742104 bytes, 0 underruns
     Output 0 broadcasts (0 IP multicasts)
     0 output errors, 0 collisions, 4 interface resets
     61 unknown protocol drops
     0 babbles, 0 late collision, 0 deferred
     1 lost carrier, 0 no carrier, 0 pause output
     0 output buffer failures, 0 output buffers swapped out

Yes we running BGP with ISP!

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
192.168.1.8        4        631   39561   39529       71    0    0 3w3d           13
31.42.53.225   4          175    2988    3285       71    0    0 2d01h           1

balaji.bandi · ‎06-16-2022

#ping 31.42.53.226 repeat 500

Are you poing from outside to CSR router ? or pinging inside CSR router this CSR router IP right ?

 Input queue: 0/375/1678/688 (size/max/drops/flushes); Total output drops: 25433266

Is this a production network? other than ping do you have any other performance issues (sometimes Ping is not the right tool to test, but it's a basic tool just check) - due to new enhancement, the control plan will be applied to some restrictions, because of DDoS attacks.

If you get a quick chance to test, configure a Laptop with same IP address (used in CSR1000V) connect ISP Link to Laptop and see the output to confirm where this is going wrong ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Menon · ‎06-16-2022

Hello Balaji,

Yes, it's a production network. I have marked the IP that I have issue with, pls find it below:

$ Ping test to (31.42.53.226) from:

Outside - Drop there!

inside (R2 and neighbor Router R1) - Drop there!

FYI - I have observed it happening when the traffic is High!

Also, thanks for the troubleshooting advice will check that!.

Question) Is there any change if the Virtual interface G1 has any problem with handling High traffic?

Thanks.

balaji.bandi · ‎06-16-2022

I would also advise to check off peak is this same results as you mentioned traffic.

CSR1000v is License based, check what kind of License throuput you have, also if this VM, that Gig interface in vswitch connected is shared not dedicated.

what kind of throughput you looking to expect or handle this router ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Georg Pauwen · ‎06-15-2022

Hello,

--> ISP side IP(31.42.53.225) shows no ping drop but router end(31.42.53.226) IP shows, which is unusual. The ISP did not have any issue on their side.

31.42.53.225 is the address you are pinging, not really sure what you mean by 'no ping drop'. 31.42.53.225 is the ISP side, so you are having ping drops on the ISP side, right ? Either way, ISPs often throttle ICMP traffic. If there are no other issues (such as users actually experiencing problems), this is probably the reason.

Menon · ‎06-16-2022

Hello georg,

I have problem with Router IP on the ISP link. I have marked the IP that I have issue with, pls find it below:

$ Ping test to (31.42.53.226) from:

Outside - Drop there!

inside (R2 and neighbor Router R1) - Drop there!

Question) Is there any change if the Virtual interface G1 has any problem with handling High traffic?

Thanks.

MHM Cisco World · ‎06-15-2022

CSR1000v is stop me and make me think, I analysis the issue now I need some time.
I must analysis vNIC and interface and if I need other show/debug... I will send to you.

Menon · ‎06-16-2022

Hello there,

I appreciate your time.

thanks.