Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1923
Views
0
Helpful
2
Replies

Unknown protocol drops

bruce.thornton
Level 1
Level 1

‎12-15-2015 02:27 PM - edited ‎03-08-2019 03:07 AM

I have a 4451(int gi0/0/0) that is directly connected to a 6509(int gi2/36) and I'm receiving unknown protocol drops on the 4451 interface. All that i've read says that it could be CPD not being enabled on one side, however i have CDP enabled on both sides, The interfaces are configured as routed interfaces.  Any ideas as to the source of this. Configuration realy simple. See below:

4451-config

######

interface GigabitEthernet0/0/0
 description LAN interface to BRGH network
 ip address 10.11.253.34 255.255.255.240
 negotiation auto

6509-config

########

interface GigabitEthernet2/36
 description Conn to SIP CUBE
 ip address 10.11.253.33 255.255.255.240

1 person had this problem
Labels:
0 Helpful
2 Replies 2

Rajeshkumar Gatti
Cisco Employee
Cisco Employee

‎12-15-2015 06:57 PM

I can recommend the following if it is possible for you to try in your envirnment.

Part 1 : Identify if the counter increments at a regular rate

1. Clear the counters

2. Wait for a minute and see how many unknown protocol drops you count.

3. See if the number increment by the same value each minute.

4. If it does that you most likely have a particualr type of traffic coming in at a fixed interval ( most likely a standard protocol.

Part 2: Capture the traffic for analysis

5. Span the 6500 end, since the 4451 may not have span capabilities.

6. Clear interface counters and start the span capture.

7. Wait for 2 minutes and then stop the capture. Also note down the protocol drops

8. Open pcap in wireshark and eliminate standard traffic like IP, ARP and see what is left. If you see specific type of traffic and the count is close to the number of unknown protocol drops then that could be your traffic which could be causing it.

Hope that helps.

-Raj

0 Helpful

Rolf Fischer
Level 9
Level 9
In response to Rajeshkumar Gatti

‎12-15-2015 11:04 PM

Hello Bruce,

just an addition to Raj's step-by-step guide:

All that i've read says that it could be CDP not being enabled on one side

Unknown protocol drops mean that a device receives control packets and recognises that they are control packets but does not understand or support (generally or due to configuration) the protocol they belong to.

CDP is one example, but it could be almost any type of layer-2 (STP, VTP, UDLD, DTP, etc.) or layer-3 (routing protocols, IPv6 protocols, FHRPs, Tunnel protocols, etc.) control traffic. On your 6500 you've configured a routed port, so we can exclude many of the layer-2 protocols in this case (UDLD may be worth to check).

Normally unknown protocol drops are nothing to worry about but I can understand that you want to get rid of them.

HTH
Rolf

0 Helpful
Customers Also Viewed These Support Documents