RE: [nsp] Cat6009 w/MFC I periodically not routing monitoring sta tion packe ts to other VLANs - Solved

From: Richard Brackett (rbrackett@DSM.net)
Date: Thu May 31 2001 - 08:11:14 EDT


It looks like an IOS bug with Policy Routing. I use policy routing on a
couple of VLANs and it seemed that there were some instances where the
policy would be applied to some IP's on other VLAN interfaces. If a certain
IP was policy routed on one VLAN interface where the policy was applied then
packets with that same IP would be subject to the policy even though they
were traversing non-policy routed vlan interfaces.

Go figure. I'm going to upgrade to 12.1.7aE1 and see if that stops it.

-----Original Message-----
From: Richard Brackett [mailto:rbrackett@dsm.net]
Sent: Tuesday, May 29, 2001 10:23 AM
To: cisco-nsp@puck.nether.net
Subject: [nsp] Cat6009 w/MFC I periodically not routing monitoring
station packe ts to other VLANs

Hi All,

I've been lurking the list for some time learning from the collective wisdom
of the group. I hope to have some of my own to offer someday ;-).

I have a Cat6009 with the MFC I engine running 12.1(1)E. I use Castle
Rock's SNMPC to monitor it and a number of other devices scattered on
various VLAN's routed by the MFC as well as devices connected through
routers connected to the MFC's VLAN's.

My issue is this, at wildly varying intervals (somtimes hours, sometimes
days) my MFC does not seem to route packets from my monitoring station out
to the various subnets for a short period of time, usually just enough to
set off all my alarms. I say it does not seem to route my packets because
during this period (I was able to be on the console of this host during one)
I can communicate with any IP address that is configured on the MFC and any
IP address on this host's VLAN, but not to any other IP addresses that those
other MFC IP's connect to. For example, VLAN 1 is 192.168.1.0/24 with
192.168.1.1 being assigned to the MFC and this is the default gateway for
VLAN1. My monitoring host is 192.168.1.2/24. VLAN2 is 192.168.2.0/24 with
192.168.2.1 being assigned to the MFC and that also being the default
gateway for that subnet. During these periods I can ping/snmp/telnet to
192.168.2.1, but not to host 192.168.2.2. Host 192.168.2.2 still has good
connectivity to all other VLANs (I'm running six right now). This is
consistent across all VLANs. Again, this only seems to happen for this
particular host. I have over 100 systems attached to VLAN1 and none of the
other seem to experience the problem.

The only difference that I can see about this host is that it does large
bursts of short frames at regular intervals.

For my own troubleshooting I have done the following:

1. Disabled CEF.

2. Directly attached this host to the Cat6009. Formally it was on a 3524
trunked to the Cat6009 on an ISL link.

3. Upgraded NIC drivers on monitoring station (NT4,SP6a,Intel 100S)

My next step is to open a TAC case and I'm at a bit of a loss to explain
this issue.

Any insights anyone may offer would be greatly appreciated.



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:39 EDT