Lots of output drops - 3750 Stack

rakem

Got a bit of an isssue that i thought i would share....

We have a stack of 4 x 3750G-48PS-S which we use as an access layer switch in our network.

These are new switches, currently only about 10 ports are active as we have not migrated everyone accross yet.

I have noticed that on all active interfaces there are alot of out drops being reccorded. All interfaces have a VoIP phone connected to the PC. QoS is enabled globally but there is no specifc QoS config on each interface.

The switchports are all configured the same, as shown below:



interface GigabitEthernet1/0/1
switchport access vlan 401
switchport mode access
switchport voice vlan 301
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security aging type inactivity
spanning-tree portfast
spanning-tree bpduguard enable
spanning-tree guard root


These are the only errors showing up, there are no colisions, input or output errors, all interfaces are at 100Mb full duplex.

Also, when i disable QoS globally (no mls qos) the output drops totally stop. Running IOS 122-53.SE1.

Thoughs?

Turgon

rakem wrote: »

Got a bit of an isssue that i thought i would share....

We have a stack of 4 x 3750G-48PS-S which we use as an access layer switch in our network.

These are new switches, currently only about 10 ports are active as we have not migrated everyone accross yet.

I have noticed that on all active interfaces there are alot of out drops being reccorded. All interfaces have a VoIP phone connected to the PC. QoS is enabled globally but there is no specifc QoS config on each interface.

The switchports are all configured the same, as shown below:



interface GigabitEthernet1/0/1
switchport access vlan 401
switchport mode access
switchport voice vlan 301
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security aging type inactivity
spanning-tree portfast
spanning-tree bpduguard enable
spanning-tree guard root


These are the only errors showing up, there are no colisions, input or output errors, all interfaces are at 100Mb full duplex.

Also, when i disable QoS globally (no mls qos) the output drops totally stop. Running IOS 122-53.SE1.

Thoughs?

Post some output of the drops. With QoS enabled globally you may want to look at tuning configurations of the QoS hardware queues and the 3750 interfaces with policies.

APA

verify the queuing on the interface....

If I remember correctly 'mls qos' pushes the default DSCP-COS mutation maps to each interfaces and also applies a default queuing\mapping configuration...

Just out of curiosity why do you have 'spanning-tree guard root' configured on a port connected to a client?

The client port is already denied the ability to receive BPDU's from attached hosts via 'spanning-tree bpduguard enable'

'guard root' is typically used to protect your root-bridge from sub-optimal switches in the domain from becoming root bridge, therefore it is only typically configured between switches...(when protecting an upstream switch from a downstream switch... following natural switch hierarchy)

APA

you should be able to verify queuing on an interface via 'show queuing interface x/x' or 'show interface x/x queuing'

Also the 'show qos' and 'show mls qos' commands should have extensions for a per interface view....