• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 641
  • Last Modified:

Switch port errors

Can anyone tell me what this means when I do a show interface:

 0 packets input, 0 bytes, 0 no buffer
     Received 0 broadcasts (0 multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 4294967295 frame, 0 overrun, 0 ignored
     0 watchdog, 0 multicast, 0 pause input
     0 input packets with dribble condition detected
     0 packets output, 0 bytes, 0 underruns
     0 output errors, 0 collisions, 3 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 PAUSE output

Particularly the number before the frame, and the interface resets.
0
Free3454
Asked:
Free3454
  • 8
  • 7
1 Solution
 
Garry GlendownConsulting and Network/Security SpecialistCommented:
well, something is fishy ;) Seeing absolutely no intact frames, I'd say you may be getting VLAN-tagged frames from the remote side on an access port ... or, if it's a WAN link, the link itself is misconfigured ... or a speed mismatch, caused e.g. by auto setting on one side and fixed setting on the other ...
First confirm that the speed settings are right (hint: if you see 100/half on your end, the remote side is most likely configured for gigE or something ...). If that's right, try setting the port to trunk-mode and see whether the packet counters increase ... interface reset is probably just caused by link up/down events ...
0
 
eeRootCommented:
Here is Cisco's definition - "The number of packets received incorrectly that has a CRC error and a non-integer number of octets (alignment error). Common Causes: This is usually the result of collisions or a physical problem (such as cabling, bad port or NIC) but can also indicate a duplex mismatch."
Source - http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a008015bfd6.shtml

Basically, the port is getting a lot of errors and further troubleshooting is needed to determinie if the issue is the switchport, cable, or config.
0
 
Free3454Author Commented:
It is an inside firewall connection, I changed to trunk mode but tried to clear the interface it still shows the same number?  The speed and duplex are the same on both sides.
0
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
Garry GlendownConsulting and Network/Security SpecialistCommented:
So the number isn't changing at all? That would mean there is currently no traffic on the interface ... do a "clear counter" on the port and see what happens ... what do the counters on the other side of the link say? Is it a direct patch connection between switch and firewall? If so, try changing the cable ... also, try using a different port on the switch ...
0
 
Free3454Author Commented:
Now it shows the following:

 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 0 multicast, 0 pause input
     0 input packets with dribble condition detected
     40355 packets output, 13898249 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 PAUSE output
     0 output buffer failures, 0 output buffers swapped out

Other side:

 4501 input errors, 4451 CRC, 0 frame, 50 overrun, 0 ignored, 0 abort
        10 L2 decode drops
        3467123393 packets output, 2031612830218 bytes, 1057 underruns
        0 pause output, 0 resume output
        0 output errors, 0 collisions, 7 interface resets
        0 late collisions, 0 deferred
        0 input reset drops, 49 output reset drops, 3 tx hangs
        input queue (blocks free curr/low): hardware (255/230)
        output queue (blocks free curr/low): hardware (255/191)
0
 
Garry GlendownConsulting and Network/Security SpecialistCommented:
Clear the counters on the firewall and see if it is even sending anything ... from the current switch output, you're not getting anything at all, the outgoing packets are most likely just broadcasts (ARP requests etc.)
0
 
Free3454Author Commented:
Here is after clearing:

 190228 packets input, 118475620 bytes, 0 no buffer
        Received 5794 broadcasts, 0 runts, 0 giants
        0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
        8 L2 decode drops
        152676 packets output, 100583312 bytes, 0 underruns
        0 pause output, 0 resume output
        0 output errors, 0 collisions, 0 interface resets
        0 late collisions, 0 deferred
        0 input reset drops, 0 output reset drops, 0 tx hangs
        input queue (blocks free curr/low): hardware (255/230)
        output queue (blocks free curr/low): hardware (255/191)
  Traffic Statistics for "inside":
        190230 packets input, 114786551 bytes
        152676 packets output, 97615405 bytes
        1133 packets dropped
      1 minute input rate 557 pkts/sec,  347315 bytes/sec
      1 minute output rate 410 pkts/sec,  181747 bytes/sec
      1 minute drop rate, 6 pkts/sec
      5 minute input rate 466 pkts/sec,  358948 bytes/sec
      5 minute output rate 341 pkts/sec,  197271 bytes/sec
      5 minute drop rate, 3 pkts/sec
0
 
Garry GlendownConsulting and Network/Security SpecialistCommented:
At that point, I'd definitely go for the cabling ... as the firewall is sending frames onto that port, and absolutely nothing is getting through (assuming all the incoming counters on the switch are still at 0), either a cabling problem exists, or either of the two ports is defective ... try switching patch cables, if that doesn't change anything, try hooking up a notebook/pc to the same switch port and see if you get the counters to increase. Put a PC/notebook on the firewall output (will need a crossover cable) and check with wireshark or similar whether you get anything.
0
 
Free3454Author Commented:
So what should I be looking for as far as incoming counters, which should be going up?
0
 
Garry GlendownConsulting and Network/Security SpecialistCommented:
Currently, any :)
0
 
Free3454Author Commented:
Here is the current switch port statistics:

 5 minute input rate 3900000 bits/sec, 830 packets/sec
  5 minute output rate 5683000 bits/sec, 989 packets/sec
     1527069 packets input, 972123275 bytes, 0 no buffer
     Received 485 broadcasts (0 multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 0 multicast, 0 pause input
     0 input packets with dribble condition detected
     1778161 packets output, 1043143933 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 PAUSE output
     0 output buffer failures, 0 output buffers swapped out

Current Firewall port statistics:

 1487700 packets input, 926860416 bytes, 0 no buffer
        Received 49682 broadcasts, 0 runts, 0 giants
        0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
        79 L2 decode drops
        1274666 packets output, 789053327 bytes, 0 underruns
        0 pause output, 0 resume output
        0 output errors, 0 collisions, 0 interface resets
        0 late collisions, 0 deferred
        0 input reset drops, 0 output reset drops, 0 tx hangs
        input queue (blocks free curr/low): hardware (255/230)
        output queue (blocks free curr/low): hardware (255/125)
  Traffic Statistics for "inside":
        1487693 packets input, 897994517 bytes
        1274666 packets output, 763944182 bytes
        9461 packets dropped
      1 minute input rate 900 pkts/sec,  482353 bytes/sec
      1 minute output rate 760 pkts/sec,  437966 bytes/sec
      1 minute drop rate, 6 pkts/sec
      5 minute input rate 1054 pkts/sec,  704310 bytes/sec
      5 minute output rate 906 pkts/sec,  518279 bytes/sec
      5 minute drop rate, 5 pkts/sec
0
 
Garry GlendownConsulting and Network/Security SpecialistCommented:
OK, that looks good to me ... are you having any problems now anymore? According to the interface outputs, everything should be fine (not too sure what that L2 decode drops from the firewall is, though)
0
 
Free3454Author Commented:
No, it seems that the link is working properly.  I will try to find out what the L2 decode drops are from.  Thanks so much for your help!
0
 
Garry GlendownConsulting and Network/Security SpecialistCommented:
So what did you actually change from the initial setup? Did you touch cables, reset ports, ...? Just wondering, because there has to be a reason why first no traffic at all gets through, and now everything is working ;)
0
 
Free3454Author Commented:
I configured the port as a trunk and it seemed to fix the issues.
0
 
Garry GlendownConsulting and Network/Security SpecialistCommented:
Ah, so the firewall must be configured to use a VLAN with tagging ... my initial idea was dead on ;)
You may also want to add a "switchport trunk allowed vlan ..." (add the appropriate VLAN your firewall is using) on the port to keep it from transporting unwanted traffic ... (mainly outgoing broadcasts on other VLANs, but also preventing misconfigurations on the firewall to mess up your LAN)
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

  • 8
  • 7
Tackle projects and never again get stuck behind a technical roadblock.
Join Now