cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4677
Views
2
Helpful
19
Replies

Slow switch management when configured more than 6 VLANs

remon.braamse
Level 1
Level 1

In short, when I configure more than 6 vlans on my Cisco C1000 switch, communication to the switch on the management VLAN becomes realy slow. Configuration via SSH is realy slow and ping to the switch has a delay of around 700ms.

 

For the network here I have an stack of 2 Cisco C9300-24UX switches with IOSXE version 16.11.1. For 2 cameras in a sepperate building I got an Cisco C1000-16PS-2G switch with IOS version 15.2.7.E5. The switches are connected with an optical fiber.

 

I configured the C1000 switch and manual added 2 VLAN's for the trunk and management. After that I connected the switch to the C9300 and everything worked well. After that I configured VTP so all our VLAN's came availeble on the C1000. Directly after that SSH to the switch went realy slow and ping times where going up to 700-750ms.

After this I removed the VTP config and removed all VLANs exept the 2 for trunk and management. After reloading the switch SSH management en ping times are back to normal.
Next I manualy added the VLAN's to the switch. With the first 6 VLANs all works well. When added the 7th VLAN de pingtimes go up en SSH become slow. The more VLANs after this the higer the ping times become and the slower SSH will respond.
I tested adding the VLANs in a different order, but it is always at the 7th VLAN. Also I tested with an new Cisco C1000 switch without config, only the trunk config and the managment VLAN + managment IP and I got the same results.

 

I could use some help with this problem.

 

(I'm sorry for my writing, it is not realy good in english

19 Replies 19

Daviid Kumer
Level 1
Level 1

Hi, i am experiencing the same exact issue, did you ever get a solution for your problem?

Br,

David

Daviid Kumer
Level 1
Level 1

Hi, we have solved the issue on our side, when checking CPU buffers with the command "show platform cpu rx-tx counters", we saw a large number of IPv6 RX packets, and assumed that the CPU buffers were full. When applying a IPv6 ACL to the uplink interfaces (physical) to block all IPv6 traffic, the issue was resolved. 

Hope it helps.

Br,

David Kumer

Hi.

This solved our issues, had exactly the same problem and ACL solved it.
This should not have happened in the first place.

Thank you

Hi, I have this same issue but on C1000 8 port Switch. We don't use ipv6 so happy to disable/block it.

Did you apply the ACL to the physical L2 uplink interface and would the below output work? If not could you share your ACL?

Conf t
ipv6 access-list IPV6_BLOCK_in log
10 deny ipv6 any any in
(Implicit deny will follow anyway)
exit

Interface range gi1/0/9 - 10
ipv6 traffic-filter IPV6_BLOCK_in in
exit

 

 

 

 

 

remon.braamse
Level 1
Level 1

We have never find out what the exact origin of the issue was, but after upgrading the C9300 stack to newer firmware we did not have the problem anymore.

Best regards,
Rémon Braamse

Review Cisco Networking for a $25 gift card