Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4778
Views
0
Helpful
3
Replies

Unknown protocol drops

the-lebowski
Level 4
Level 4

‎02-13-2015 02:37 PM - edited ‎03-07-2019 10:39 PM

Seeing an issue with this on a DMZ switch on our internet uplink. We have a shared space with a dedicated bandwidth but users are complaining about download speeds and limiting which we don't do.  Could these drops be due to throttling on the hosts side?  I dont see any drops on the LAN side or anything in the logs.

Our uplink:

interface FastEthernet0/1
 description ###uplink###
 switchport access vlan 99
 switchport mode access

  Full-duplex, 100Mb/s, media type is 10/100BaseTX
  input flow-control is off, output flow-control is unsupported 
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:01, output 00:00:05, output hang never
  Last clearing of "show interface" counters 00:06:58
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 17000 bits/sec, 7 packets/sec
  5 minute output rate 42000 bits/sec, 18 packets/sec
     3264 packets input, 1100460 bytes, 0 no buffer
     Received 300 broadcasts (300 multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 300 multicast, 0 pause input
     0 input packets with dribble condition detected
     8552 packets output, 2309081 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     84 unknown protocol drops


Host side (I dont have any more information than this):

interface FastEthernet0/18
description downlink
switchport access vlan 176
switchport mode access
no snmp trap link-status
spanning-tree portfast
Labels:
0 Helpful
3 Replies 3

Jose Solano
Level 4
Level 4

‎02-13-2015 05:45 PM

Hi,

 

 Unknown protocol drops reports the packets with unknown or un-configured protocol on a per interface basis. you may want to use a sniffer to identify the unknown protocol. However I do not think that that will cause slowness issues at all.

 

 

Regards,

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Jose Solano

‎02-16-2015 02:35 PM

I believe that it is very unlikely that the unknown protocol drops are due to throttling on the host side. If the output were from a router interface my first guess would be that it was frames for DTP from a connected switch that was causing the unknown protocol drops (this is a fairly common issue). But it looks like both sides are switches, so they should recognize DTP.

 

In looking at the output shown in the original post I notice that one side identifies it as vlan 99 while the other side identifies it as vlan 176. I wonder if this relates to the problem? And it leads me to wonder if there are other things that do not match up between the peers that might contribute to the problem.

 

Can you provide any specifics about which platforms these are? And whether there might be some global configuration of a feature that is different on the two peer devices?

 

HTH

 

Rick

HTH

Rick
0 Helpful

the-lebowski
Level 4
Level 4
In response to Richard Burts

‎02-24-2015 10:22 AM

Hi Richard

Peers can only match so much as I own the DMZ switch but everything infront of it is owned by the hosting facility.  In the end I think you are correct and that this isn't an issue.  Therefore we can just forget about this. 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card