[nsp] Cat6509 MSFC1 interface stats.

James Kilton kilton9 at yahoo.com
Tue Dec 17 18:18:43 EST 2002 

I see the counters, but they don't all represent
reality.  In the example given below, the majority of
the traffic should be inbound, but the opposite is
true when looking at VLAN 101's counters:

#sh int vlan101
Vlan101 is up, line protocol is up 
  Hardware is Cat6k RP Virtual Ethernet, address is
0030.9633.1ca4 (bia 0030.9633.1ca4)
  Internet address is x.x.x.x/29
  MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, 
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:00, output never, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/6 (size/max/drops/flushes);
Total output drops: 0
  Queueing strategy: fifo
  Output queue :0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 7000 bits/sec, 8 packets/sec
     10713367 packets input, 697925445 bytes, 0 no
buffer
     Received 10178576 broadcasts, 0 runts, 0 giants,
0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0
ignored
     263725465 packets output, 4248369389 bytes, 0
underruns
     0 output errors, 1 interface resets
     0 output buffer failures, 0 output buffers
swapped out

Note how much higher the output counters are, and that
almost all input packets are broadcasts (which makes
even less sense because there shouldn't be any
broadcasts on that segment, unless these are HSRP
packets (the switch has dual MSFCs).

The firewall is indeed using the switch as the next
hop towards the internal network.  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jim:

sh int vlan101 should give you in/out counters no
matter.. If you are not seeing any information then
there is something wrong w/where you are looking. Is
the fw using that address as a next-hop?

==DMT>

- ----SIGNAURE-------
Douglas M. Todd, Jr.
Network Engineering
Partners Health Care
Building 149
149 13 Street
Charlestown, MA 02129-200
Tel: 617.726.1403
Email: dtodd@partners.org
-
--------------------------------------------------------------------
PGP Finger Print: 9429 CAE3 B2D1 C2E1 DFBC  E7A6 E90A
9BE5 C7B6 47BC Key available via email. Verisign S/N:
3ff65cdf58b9dceda004baeed49e16cf
https://digitalid.verisign.com/services/client/index.html

> -----Original Message-----
> From: cisco-nsp-bounces@puck.nether.net 
> [mailto:cisco-nsp-bounces@puck.nether.net]On Behalf
Of James Kilton
> Sent: Monday, December 16, 2002 9:01 PM
> To: cisco-nsp@puck.nether.net
> Subject: [nsp] Cat6509 MSFC1 interface stats.
> 
> 
> I'm trying to collect traffic statistics for some
VLAN interfaces on a 
> C6509.  A lot of the numbers I'm getting seem to be
inaccurate.  For 
> example, there's one interface (VLAN 101) that only
has a firewall
> connected to it -- it's the corporate firewall that
> all employee internet traffic goes though.  When a
do
> a 'show int vlan 101', there's a good deal of output
> traffic, but virtually no input traffic. This is
> counter-intuitive, as most internet traffic should
be
> inbound.
> 
> Is there anything that could cause these counters to
> be inaccurate, other than a buggy IOS release?  I'm
> using CEF on the MSFC, not MLS, so I'm at a loss
here.
> 
> Thanks.
> 
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Mail Plus - Powerful. Affordable. Sign up
now. 
> http://mailplus.yahoo.com 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp@puck.nether.net 
> http://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at
http://puck.nether.net/pipermail/cisco-nsp/

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0

iQA/AwUBPf+RBQgiZycqTvq3EQKN3ACfTbcVA9zKbC3EmUweTHy3bHmj5RQAoL4D
jAXkz3sSSNpyNJOC3UM78IG7
=9dmh
-----END PGP SIGNATURE-----

_______________________________________________
cisco-nsp mailing list  cisco-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

More information about the cisco-nsp mailing list