[c-nsp] Catalyst 6500 switchport input drops

Charles Spurgeon c.spurgeon at mail.utexas.edu
Wed Apr 25 17:41:32 EDT 2007 

On Tue, Apr 24, 2007 at 04:30:05PM +0100, Matt Ryan wrote:
> On 24/04/07, Dale W. Carder <dwcarder at doit.wisc.edu> wrote:
> >
> >
> > What's the spanning-tree state of that port (for all vlans
> > on that port), DTP, CDP, etc?
> 
> 
> Spanning tree state for all VLANs is root port and forwarding. CDP is
> disabled. DTP may be the cause but I can't see a specific command on the box
> to look at the status (no 'show dtp interface' on a 6500 running IOS and
> 'show interface trunk' is not helpful)
> 
> input queue drops on L2 ports is poorly documented (if at
> > all).  I have guessed that they indicate bpdu's being
> > thrown away or other such stuff.
> 
> 
> That's what I discovered after an afternoon of trawling Cisco's web site and
> Goole.

I've been down this path before on sup720s and found that in several
cases these were apparently cosmetic counter errors, probably having
to do with DTP packets on ISL trunks being punted to the RP and
counted as drops.

A "show interface summary" on one of our sup720s shows the following
input queue drop (IQD) stats:
++++++++++++++++++++++++++++++
 Interface               IHQ   IQD  OHQ   OQD  RXBS RXPS  TXBS TXPS TRTL
-------------------------------------------------------------------------
* FastEthernet3/41         0 37024476    0  7582  8000   12 41000   69    0
* FastEthernet3/42         0 37024239    0 12536 5111000  429 153000  278    0
* FastEthernet3/45         0 37044974    0 114303 132000   92 1322000  203    0
* FastEthernet3/46         0 37045814    0 21144  5000    8 63000   68    0
++++++++++++++++++++++++++++++

Notice how close the IQD counts are on several of those ints. Repeated
runs of the command will show increments on regular intervals (every
10 seconds if memory serves).

CDP shows that they are connected to old 2924 switches. "show int fas
3/41" etc shows that they are ISL trunking. 

I recall being told that these IQDs could be due to several known
counter errors, but that in this case that they are probably DTP
packets.  Replacing the old switches at one of our sites (and moving
to dot1x trunking) cleared up the IQD errors on their physical ints.

-Charles

Charles E. Spurgeon / UTnet
UT Austin ITS / Networking
c.spurgeon at its.utexas.edu / 512.475.9265

More information about the cisco-nsp mailing list