Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
587
Views
0
Helpful
3
Replies

sg300 ip source-guard inactive records, ResourceProblem

Go to solution
sla0nru
Level 1
Level 1

‎02-13-2019 04:47 AM - edited ‎03-08-2019 05:19 PM

Hello,

Last time I've notice inactive source-guard records with ResourceProblem on my sg300-52. Meanwhile, TCAM usage under 25%. What other source could be for ResourceProblem?

 

sw10#sh ip source-guard inactive
TCAM resources search frequency: 0 minutes 10 seconds


Interface Filter IP address MAC address VLAN Type Reason
--------- ------ --------------- ----------------- ---- ------ ---------------
gi31 IP 10.11.3.189 e0:3f:49:44:ef:75 10 DHCP ResourceProblem
gi32 IP 10.11.3.205 00:e0:4c:36:21:b9 10 DHCP ResourceProblem
gi48 IP 10.11.3.194 f8:32:e4:11:c4:31 10 DHCP ResourceProblem

 

sw10#sh system tcam utilization
TCAM utilization: 23%

 

sw10#sh ver
SW version 1.4.9.4 ( date 04-Jun-2018 time 00:07:58 )
Boot version 1.3.5.06 ( date 21-Jul-2013 time 15:12:10 )
HW version V04

 

sw10#sh system
System Description: SG300-52 52-Port Gigabit Managed Switch
System Up Time (days,hour:min:sec): 01,15:17:21
System Contact:
System Name: sw10
System Location:
System MAC Address:
System Object ID: 1.3.6.1.4.1.9.6.1.83.52.1

Fans Status: OK

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
sla0nru
Level 1
Level 1

‎02-15-2019 02:33 AM

Most likely there is a bug in TCAM utilization report. A day monitoring showed that TCAM utilization vary between 64% and 99% while source-guard records count vary in the range from 200 to 400. At the problem reporting moment there were 418 source-guard records, what should correspond to 100% TCAM usage. 23% so far from reality, so I believe there is bug in TCAM utilization report.

 

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Jaderson Pessoa
VIP Alumni
VIP Alumni

‎02-13-2019 06:15 AM - edited ‎02-13-2019 06:15 AM

I believe that is a register about unauthorized devices access with wrong ip configuration in your network.

Jaderson Pessoa
*** Rate All Helpful Responses ***
0 Helpful

Go to solution
sla0nru
Level 1
Level 1
In response to Jaderson Pessoa

‎02-13-2019 06:33 AM

Documentation didn't notice any reason for inactive records other then lack of TCAM resources (from Cisco 300 Series Stackable Managed Switches Command Line Interface Reference Guide, Release 1.4):

 

 

13.18 show ip source-guard inactive
[skip]
User Guidelines
Since the IP Source Guard uses the Ternary Content Addressable Memory
(TCAM) resources, there may be situations when IP Source Guard addresses are
inactive because of a lack of TCAM resources.
By default, once every minute the software conducts a search for available space
in the TCAM for the inactive IP Source Guard addresses.
Use the ip source-guard tcam retries-freq command to change the retry
frequency or to disable automatic retries for TCAM space.
Use the ip source-guard tcam locate command to manually retry locating TCAM
resources for the inactive IP Source Guard addresses.
This command displays the inactive IP source guard addresses.

 

0 Helpful

Go to solution
sla0nru
Level 1
Level 1

‎02-15-2019 02:33 AM

Most likely there is a bug in TCAM utilization report. A day monitoring showed that TCAM utilization vary between 64% and 99% while source-guard records count vary in the range from 200 to 400. At the problem reporting moment there were 418 source-guard records, what should correspond to 100% TCAM usage. 23% so far from reality, so I believe there is bug in TCAM utilization report.

 

0 Helpful
Customers Also Viewed These Support Documents