03-23-2022 06:42 AM
In short, when I configure more than 6 vlans on my Cisco C1000 switch, communication to the switch on the management VLAN becomes realy slow. Configuration via SSH is realy slow and ping to the switch has a delay of around 700ms.
For the network here I have an stack of 2 Cisco C9300-24UX switches with IOSXE version 16.11.1. For 2 cameras in a sepperate building I got an Cisco C1000-16PS-2G switch with IOS version 15.2.7.E5. The switches are connected with an optical fiber.
I configured the C1000 switch and manual added 2 VLAN's for the trunk and management. After that I connected the switch to the C9300 and everything worked well. After that I configured VTP so all our VLAN's came availeble on the C1000. Directly after that SSH to the switch went realy slow and ping times where going up to 700-750ms.
After this I removed the VTP config and removed all VLANs exept the 2 for trunk and management. After reloading the switch SSH management en ping times are back to normal.
Next I manualy added the VLAN's to the switch. With the first 6 VLANs all works well. When added the 7th VLAN de pingtimes go up en SSH become slow. The more VLANs after this the higer the ping times become and the slower SSH will respond.
I tested adding the VLANs in a different order, but it is always at the 7th VLAN. Also I tested with an new Cisco C1000 switch without config, only the trunk config and the managment VLAN + managment IP and I got the same results.
I could use some help with this problem.
(I'm sorry for my writing, it is not realy good in english
08-11-2023 06:33 AM
Hi, i am experiencing the same exact issue, did you ever get a solution for your problem?
Br,
David
08-11-2023 08:09 AM - edited 08-11-2023 08:09 AM
Hi, we have solved the issue on our side, when checking CPU buffers with the command "show platform cpu rx-tx counters", we saw a large number of IPv6 RX packets, and assumed that the CPU buffers were full. When applying a IPv6 ACL to the uplink interfaces (physical) to block all IPv6 traffic, the issue was resolved.
Hope it helps.
Br,
David Kumer
02-22-2024 05:54 AM
Hi.
This solved our issues, had exactly the same problem and ACL solved it.
This should not have happened in the first place.
Thank you
07-16-2024 08:07 AM - edited 07-16-2024 08:58 AM
Hi, I have this same issue but on C1000 8 port Switch. We don't use ipv6 so happy to disable/block it.
Did you apply the ACL to the physical L2 uplink interface and would the below output work? If not could you share your ACL?
Conf t
ipv6 access-list IPV6_BLOCK_in log
10 deny ipv6 any any in
(Implicit deny will follow anyway)
exit
Interface range gi1/0/9 - 10
ipv6 traffic-filter IPV6_BLOCK_in in
exit
08-21-2023 01:21 AM
We have never find out what the exact origin of the issue was, but after upgrading the C9300 stack to newer firmware we did not have the problem anymore.
Best regards,
Rémon Braamse
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide