Unknown protocol drops is a counter on the Cisco router interface.
It is caused by protocols that are not understood by the router.
The unknown protocol drops counter was first introduced in Cisco IOS 12.4(15)T8 release, but it was buggy; in which there are 2 duplicating lines and the counter increments by 1 whenever the show interfaces [type num] command is issued, even with the interface is administratively shutdown. :-)
Below shows that the counter was not there in Cisco IOS 12.4(15)T7.
Router#sh ver | in IOS|Compiled Cisco IOS Software, 3600 Software (C3660-I-M), Version 12.4(15)T7, RELEASE SOFTWARE (fc3) Compiled Wed 13-Aug-08 20:53 by prod_rel_team Router# Router#sh int fa0/0 FastEthernet0/0 is administratively down, line protocol is down Hardware is AmdFE, address is cc00.0e08.0000 (bia cc00.0e08.0000) MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s, 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output never, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog 0 input packets with dribble condition detected 0 packets output, 0 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Router#
Below shows that the counter was introduced in Cisco IOS 12.4(15)T8 release, and illustrates the bug as mentioned above.
Router#sh ver | in IOS|Compiled Cisco IOS Software, 3600 Software (C3660-I-M), Version 12.4(15)T8, RELEASE SOFTWARE (fc3) Compiled Mon 01-Dec-08 19:10 by prod_rel_team Router#sh int fa0/0 FastEthernet0/0 is administratively down, line protocol is down Hardware is AmdFE, address is cc00.0d20.0000 (bia cc00.0d20.0000) MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s, 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output never, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog 0 input packets with dribble condition detected 16 packets output, 5982 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 1 unknown protocol drops 1 unknown protocol drops 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Router#
The counter seems OK after Cisco IOS 12.4(15)T9 release.
Router#sh ver | in IOS|Compiled Cisco IOS Software, 3600 Software (C3660-I-M), Version 12.4(15)T9, RELEASE SOFTWARE (fc5) Compiled Tue 28-Apr-09 15:18 by prod_rel_team Router# Router#sh int fa0/0 FastEthernet0/0 is administratively down, line protocol is down Hardware is AmdFE, address is cc00.09cc.0000 (bia cc00.09cc.0000) MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s, 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output never, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog 0 input packets with dribble condition detected 37 packets output, 18960 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 unknown protocol drops 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Router#
Root Causes of Unknown Protocol Drops
Unknown protocol drops are normally dropped because the interface where these packets are received is not configured for this type of protocol, or it can be any protocol that the router does not recognize.
The common root causes are DTP, CDP, and LLDP (new in Cisco IOS 15.2T releases).
Below illustrates a problem scenario due to DTP:
Switch#sh ver | in IOS|image|Model number Cisco IOS Software, C2960 Software (C2960-LANLITEK9-M), Version 12.2(58)SE2, RELEASE SOFTWARE (fc1) System image file is "flash:/c2960-lanlitek9-mz.122-58.SE2.bin" Model number : WS-C2960-48TC-S Switch# Switch#sh run int fa0/1 Building configuration... Current configuration : 57 bytes ! interface FastEthernet0/1 spanning-tree portfast end Switch# Switch#sh dtp int fa0/1 DTP information for FastEthernet0/1: TOS/TAS/TNS: ACCESS/AUTO/ACCESS TOT/TAT/TNT: NATIVE/802.1Q/NATIVE Neighbor address 1: 000000000000 Neighbor address 2: 000000000000 Hello timer expiration (sec/state): 23/RUNNING Access timer expiration (sec/state): never/STOPPED Negotiation timer expiration (sec/state): never/STOPPED Multidrop timer expiration (sec/state): never/STOPPED FSM state: S2:ACCESS # times multi & trunk 0 Enabled: yes In STP: no Statistics ---------- 0 packets received (0 good) 0 packets dropped 0 nonegotiate, 0 bad version, 0 domain mismatches, 0 bad TLVs, 0 bad TAS, 0 bad TAT, 0 bad TOT, 0 other 10 packets output (10 good) 5 native, 5 software encap isl, 0 isl hardware native 0 output errors 0 trunk timeouts 1 link ups, last link up on Mon Mar 01 1993, 00:02:22 0 link downs Switch# ================================================================================ Router#sh ver | in IOS|image Cisco IOS Software, C2951 Software (C2951-UNIVERSALK9-M), Version 15.2(3)T1, RELEASE SOFTWARE (fc1) System image file is "flash0:c2951-universalk9-mz.SPA.152-3.T1.bin" Router# Router#sh cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, D - Remote, C - CVTA, M - Two-port Mac Relay Device ID Local Intrfce Holdtme Capability Platform Port ID Switch Gig 0/0 135 S I WS-C2960- Fas 0/1 Router# Router#sh run int gi0/0 Building configuration... Current configuration : 98 bytes ! interface GigabitEthernet0/0 ip address 10.10.10.1 255.255.255.0 duplex auto speed auto end Router# Router#sh int gi0/0 GigabitEthernet0/0 is up, line protocol is up Hardware is PQ3_TSEC, address is f0f7.55ef.a2a0 (bia f0f7.55ef.a2a0) Internet address is 10.10.10.1/24 MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full Duplex, 100Mbps, media type is RJ45 output flow-control is unsupported, input flow-control is unsupported ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:08, output 00:00:07, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 43645 packets input, 62956373 bytes, 0 no buffer Received 137 broadcasts (0 IP multicasts) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 17 multicast, 0 pause input 50454 packets output, 3033488 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 10 unknown protocol drops 0 babbles, 0 late collision, 0 deferred 2 lost carrier, 0 no carrier, 0 pause output 0 output buffer failures, 0 output buffers swapped out Router# ================================================================================ Solution: Switch#conf t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#int fa0/1 Switch(config-if)#switchport mode access Switch(config-if)#end Switch# Switch#sh run int fa0/1 Building configuration... Current configuration : 81 bytes ! interface FastEthernet0/1 switchport mode access spanning-tree portfast end Switch# Switch#sh dtp int fa0/1 DTP information for FastEthernet0/1: TOS/TAS/TNS: ACCESS/OFF/ACCESS TOT/TAT/TNT: NATIVE/802.1Q/NATIVE Neighbor address 1: 000000000000 Neighbor address 2: 000000000000 Hello timer expiration (sec/state): never/STOPPED Access timer expiration (sec/state): never/STOPPED Negotiation timer expiration (sec/state): never/STOPPED Multidrop timer expiration (sec/state): never/STOPPED FSM state: S1:OFF # times multi & trunk 0 Enabled: no In STP: no Statistics ---------- 0 packets received (0 good) 0 packets dropped 0 nonegotiate, 0 bad version, 0 domain mismatches, 0 bad TLVs, 0 bad TAS, 0 bad TAT, 0 bad TOT, 0 other 0 packets output (0 good) 0 native, 0 software encap isl, 0 isl hardware native 0 output errors 0 trunk timeouts 1 link ups, last link up on Mon Mar 01 1993, 00:02:22 1 link downs, last link down on Mon Mar 01 1993, 00:06:46 Switch#
Below illustrates a problem scenario due to CDP:
Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#no cdp run Router(config)#end Router# Router#sh cdp neighbors % CDP is not enabled Router# Router#clear counters gi0/0 Clear "show interface" counters on this interface [confirm] Router# ================================================================================ Switch#debug cdp packets CDP packet info debugging is on Switch# *Mar 1 00:13:06.809: CDP-PA: version 2 packet sent out on FastEthernet0/1 Switch# ================================================================================ Router#sh int gi0/0 GigabitEthernet0/0 is up, line protocol is up Hardware is PQ3_TSEC, address is f0f7.55ef.a2a0 (bia f0f7.55ef.a2a0) Internet address is 10.10.10.1/24 MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full Duplex, 100Mbps, media type is RJ45 output flow-control is unsupported, input flow-control is unsupported ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:07, output 00:00:09, output hang never Last clearing of "show interface" counters 00:03:11 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 4 packets input, 1716 bytes, 0 no buffer Received 4 broadcasts (0 IP multicasts) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 4 multicast, 0 pause input 21 packets output, 1882 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 1 unknown protocol drops 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier, 0 pause output 0 output buffer failures, 0 output buffers swapped out Router# ================================================================================ Solution: Switch#conf t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#int fa0/1 Switch(config-if)#no cdp enable Switch(config-if)#end Switch#
Below illustrates a problem scenario due to LLDP (Cisco IOS 15.2T):
Router#sh ver | in IOS|image Cisco IOS Software, C2951 Software (C2951-UNIVERSALK9-M), Version 15.2(3)T1, RELEASE SOFTWARE (fc1) System image file is "flash0:c2951-universalk9-mz.SPA.152-3.T1.bin" Router# Router#clear counters gi0/0 Clear "show interface" counters on this interface [confirm] Router# Router#sh int gi0/0 GigabitEthernet0/0 is up, line protocol is up Hardware is PQ3_TSEC, address is f0f7.55ef.a2a0 (bia f0f7.55ef.a2a0) Internet address is 10.10.10.1/24 MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full Duplex, 100Mbps, media type is RJ45 output flow-control is unsupported, input flow-control is unsupported ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:52, output 00:00:03, output hang never Last clearing of "show interface" counters 00:00:10 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 1 packets input, 429 bytes, 0 no buffer Received 1 broadcasts (0 IP multicasts) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 1 multicast, 0 pause input 7 packets output, 731 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 unknown protocol drops 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier, 0 pause output 0 output buffer failures, 0 output buffers swapped out Router# ================================================================================ Switch#sh lldp neighbors % LLDP is not enabled Switch# Switch#conf t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#lldp run Switch(config)#end Switch# Switch#debug lldp ? errors LLDP errors events LLDP events packets LLDP packet-related information states LLDP states Switch#debug lldp packets LLDP packet info debugging is on Switch# *Mar 1 01:30:32.286: LLDP advertisement packet TX'd on intf FastEthernet0/1 Switch# ================================================================================ Router#sh int gi0/0 GigabitEthernet0/0 is up, line protocol is up Hardware is PQ3_TSEC, address is f0f7.55ef.a2a0 (bia f0f7.55ef.a2a0) Internet address is 10.10.10.1/24 MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full Duplex, 100Mbps, media type is RJ45 output flow-control is unsupported, input flow-control is unsupported ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:05, output 00:00:01, output hang never Last clearing of "show interface" counters 01:15:47 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 1 packets input, 333 bytes, 0 no buffer Received 1 broadcasts (0 IP multicasts) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 1 multicast, 0 pause input 463 packets output, 27916 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 1 unknown protocol drops 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier, 0 pause output 0 output buffer failures, 0 output buffers swapped out Router# ================================================================================ Solution: Switch#conf t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#int fa0/1 Switch(config-if)#no lldp transmit Switch(config-if)#end Switch#
Note: "unknown protocol drops" does not applicable for LLDP packets on Cisco IOS 15.1T releases.
Router#sh ver | in IOS|image
Cisco IOS Software, C2951 Software (C2951-UNIVERSALK9-M), Version 15.1(3)T4, RELEASE SOFTWARE (fc1)
System image file is "flash0:c2951-universalk9-mz.SPA.151-3.T4.bin"
Router#
No comments:
Post a Comment