Content translations are temporarily unavailable due to site maintenance. We apologize for any inconvenience. Visit our blog to learn more.
11-02-2018 01:11 PM
Logical interface counters read from CPU:
--------------------------------------------------------------------------------
bytes received 21513660
bytes transmitted 2835
packets received 358561
packets transmitted 21
receive errors 0
packets dropped 358539
is oit normal to have packets dropped?
11-02-2018 02:27 PM - edited 11-02-2018 02:30 PM
Sure. There are so many reasons packet might be dropped.
First clear any possible filters.
> debug dataplane packet-diag set filter off
> debug dataplane packet-diag clear filter all
Set filter to interface you are interested at.
> debug dataplane packet-diag set filter match ingress-interface ae1.30
Turn on filter
> debug dataplane packet-diag set filter on
And review global counter. Every time you run command below it will show packets that were dropped between times you ran the command.
> show counter global filter delta yes packet-filter yes severity drop
Remove filter
> debug dataplane packet-diag set filter off
> debug dataplane packet-diag clear filter all
11-03-2018 04:42 AM
@MP18 wrote:So do you mean these drops is for traffic that is not allowed.
Most of them, I would say yes. For more details @Raido_Rattameister already wrote all the commands you need.
11-02-2018 02:27 PM - edited 11-02-2018 02:30 PM
Sure. There are so many reasons packet might be dropped.
First clear any possible filters.
> debug dataplane packet-diag set filter off
> debug dataplane packet-diag clear filter all
Set filter to interface you are interested at.
> debug dataplane packet-diag set filter match ingress-interface ae1.30
Turn on filter
> debug dataplane packet-diag set filter on
And review global counter. Every time you run command below it will show packets that were dropped between times you ran the command.
> show counter global filter delta yes packet-filter yes severity drop
Remove filter
> debug dataplane packet-diag set filter off
> debug dataplane packet-diag clear filter all
11-02-2018 07:07 PM
If you aren't allowing anything, a drop all rule at the end of your policy is possibly the maim reason for this counter to increase.
11-02-2018 08:07 PM
we have rules that allow specfic traffic
then at end we have deny any any rule.
So do you mean these drops is for traffic that is not allowed.
always good to read reply from you.
Best Regards
Mike
11-03-2018 04:42 AM
@MP18 wrote:So do you mean these drops is for traffic that is not allowed.
Most of them, I would say yes. For more details @Raido_Rattameister already wrote all the commands you need.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
