Unknown protocol drops are increasing
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-10-2011 10:24 AM - edited 03-07-2019 02:42 AM
Hello,
What is unknown protocol drops because i have a 7200 series router connected to the 4500 series switch and i am able to see these unknown protocol drops getting increased once every 30 sec.
Router -21>sh int gi0/1
GigabitEthernet0/1 is up, line protocol is up
5 minute input rate 7418000 bits/sec, 6212 packets/sec
5 minute output rate 10991000 bits/sec, 5264 packets/sec
1643435459 packets input, 2165307555 bytes, 0 no buffer
Received 28581 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 330098 multicast, 0 pause input
0 input packets with dribble condition detected
1510539932 packets output, 4224476290 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
19009 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out
- Labels:
-
Other Switching

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-10-2011 10:40 AM
Is the route connected to a switch? Is the switch port configured not to send bpdu's, does the switch port have DTP enbabled??
Unknown protocol drops are exactly just that, the router is receiving stuff it just does not understand, nothing to worry about.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-10-2011 08:28 PM
I agree that unknown protocol drops are usually not a cause for alarm, especially when a layer 3 device like a 7200 is connected to a switch which may be sending various layer 2 protocols which the router does not understand. DTP is a good possibility, as are VTP and some other layer 2 protocols.
HTH
Rick
Rick
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2011 08:00 AM
@Andrew,
Thanks for ur reply.Yes the router is directly connected to the switch and the is port connected to the router is access port and it is configured to the vlan 10.will the switch send BPDU'S on the access port? if it will then how to disable it? Then how to check whether DTP is enabled on the switch. is it autonegotiation for trunk?
Please reply ASAP.
@Richards,
Thanks for ur response.I not sure about DTP and other layer 2 protocol but i am sure that VTp couldnt be an issue since the port is configured as access port.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2011 08:26 AM
A swichport place into "portfast" disables the sending of BPDU's, and enabling BPDU filtering.
DTP is disabled by issuing the command "switchport nonegotiate"
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2011 10:38 AM
So if we enable portfast on any interface then it will automatically enable the BPDU filtering without any separte commads right?Then what is the command to check weather BPDU filter is disabled or enabled apart from running configuration?Is there any interface mode command for this.
Is DTP enabled default?

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2011 10:49 AM
No portfast brings the interface straight up forwarding and stops the switch from sending BPDU's out the interface, it can still rececive - that is why if you connect a switch to another switch with portfast enabled - you will have a spanning tree loop, and kill the network. BPDU Filtering is the next generation if you will, it will stop sending BPDU''s on the interface, bring the interface straight up forwarding BUT if it recevies a BPDU it will shut the interface and then put the interface to listening/learning etc.
DTP is enabled by default on ALL switchports.
HTH>
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2011 11:06 AM
So you mean to say that enabling Port fast stops sending BPDUs on the interface but still it receives BPDU.But BPDU filter is a different term which stops sending the BPDU and makes the port shut down if it recieves the BPDU ion the configured interface.is that right.if that is right thenwhat is BPDU guard.
And please answer my below question too,
Then what is the command to check whether BPDU filter is disabled or enabled apart from running configuration?Is there any interface mode command for this.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2011 12:01 PM
BPDU Guard allows the switch to receive BPDU's but just drops the frame, not disable the port.
"show spanning-tree summary"
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2011 12:09 PM
I think you are explaning about the behaviour of BPDU filter.Because BPDU guard upon the reception of BPDu will shut the port down.
And for my second question apart from this "show spanning-tree summary" command is there any other interface related command is there tocheck the status.Because show spanning-tree summary" command gives the global statistics for BPDU filter not per interface.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2011 12:19 PM
I do not agree with my colleague Andrew about what happens with portfast. According to Cisco documentation it is not true that portfast stops the sending of BPDUs. Here is a quote from one of the docs: "When configured for PortFast, a port is still running the spanning tree protocol." Here is theURL if you want to see more detail:
Here is what a different document says about BPDU guard: "The PortFast BPDU guard feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port. " Here is the URL if you want more detail:
http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/7.4/configuration/guide/stp_enha.html
HTH
Rick
Rick
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2011 12:43 PM
Richard,
I gone through the link you mentioned above but i dont understand the below thing which i read from the site which you gave.
A PortFast enabled port can immediately transition to the blocking state if necessary (this could happen on receipt of a superior BPDU).
can you explain this line
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2011 01:30 PM
I must admit that I am not entirely clear about what it means. This is my understanding of the meaning. It has to do with whether the switch port is still running Spanning Tree when portfast is enabled. If the port stopped running Spanning Tree (and running Spanning Tree is essentially whether it sends and receives BPDUs) then the switch port could never transition to a blocked state. But since the port is still running Spanning Tree (which means that it is sending and receiving BPDU) then if the switch port receives a BPDU which indicates an alternate path to the root bridge (the superior BPDU) then the switch port will transition to the blocked state.
So whether the switch port is portfast or not it will still send BPDU. And perhaps BPDU is one type of frame which would be unknown protocol to the 7200 interface
HTH
Rick
Rick
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2011 01:24 PM
Thank you Rick, for correcting my errors, and reminding me I have been away from the books for to long!
Sent from Cisco Technical Support iPad App

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2011 01:22 PM
Yeah I get them turned around every now and again!
I'm not sure to be honest, I will have a look when I have access to a switch
Sent from Cisco Technical Support iPad App
