Whether it is normal that the ping packet is occasionally smaller than 10 on the USG6500

42

It is normal that the ping packet is occasionally smaller than 10 on the USG6500. If the delay is large, the following causes are possible:
1. The CPU usage is high.
2. Interface traffic is of a large volume.
3. An intranet fault (such as intranet loop) occurs.

Other related questions:
How to check ping packet loss on S series switches
For S series switches (except the S1700), you can run the ping command to check ping packet loss directly. For example: [HUAWEI] ping -c 100 192.168.2.21 PING 192.168.2.21: 56 data bytes, press CTRL_C to break Reply from 192.168.2.21: bytes=56 Sequence=1 ttl=124 time=1 ms ... --- 192.168.2.21 ping statistics --- 100 packet(s) transmitted //Total number of sent packets 91 packet(s) received //Total number of received packets 9.00% packet loss //Packet loss ratio round-trip min/avg/max = 1/1/19 ms You can also perform the following steps to configure traffic statistics collection to check ping packet loss: Configure traffic statistics collection for packets received by a switch. 1. Configure an ACL rule. [HUAWEI] acl number 3000 [HUAWEI-acl-adv-3000] rule permit icmp source 192.168.2.21 0 destination 192.168.2.20 0 [HUAWEI-acl-adv-3000] quit 2. Configure a traffic classifier. [HUAWEI] traffic classifier 3000 [HUAWEI-classifier-3000] if-match acl 3000 [HUAWEI-classifier-3000] quit3. Configure a traffic behavior. [HUAWEI] traffic behavior 3000 [HUAWEI-behavior-3000] statistic enable [HUAWEI-behavior-3000] quit 4. Configure a traffic policy. [HUAWEI] traffic policy 3000 [HUAWEI-trafficpolicy-3000] classifier 3000 behavior 3000 [HUAWEI-trafficpolicy-3000] quit 5. Apply the traffic policy to an interface. [HUAWEI] interface gigabitethernet 0/0/2 [HUAWEI-GigabitEthernet0/0/2] traffic-policy 3000 inbound [HUAWEI-GigabitEthernet0/0/2] quit 6. Check traffic statistics of packets received by the switch. [HUAWEI] display traffic policy statistics interface gigabitethernet 0/0/2 inbound verbose rule-base //The output is omitted. For more information about ping packet loss, see "Ping Failure Troubleshooting" or "S Series Switches packet Loss Troubleshooting" in "Maintenance Topics" in the Huawei S Series Campus Switches Maintenance Guide.

Question about packet loss when the rate of ping packets is high on S series switches
When another device pings an S series switch (a non-S1700 switch), the device and the switch exchange ICMP packets. To protect the CPU, you can run the icmp rate-limit command to configure a rate threshold for ICMP packets. The undo icmp rate-limit command restores the default rate threshold of ICMP packets.

Why does an S series switch properly transmit small ping packets but discard large ping packets
A small MTU value on an interface of an S series switch may make the switch properly transmit small ping packets and discard large ping packets. You can run the ping -f command to measure the maximum packet length supported by the interface, and then check the MTU value on the interface. Note: The ping command uses ICMP packets. The packet size in the ping command output is the payload length of ICMP packets, excluding the length of the IP and ICMP packet headers. The length of the IP packet header is 20 bytes and that of the ICMP packet header is 8 bytes.

Long ping latency on S series switches
Network latency indicates the round-trip period of time during which a source device sends a packet to the destination device and then the destination device returns a packet to the source device. Possible causes of long network latency are as follows: 1. Multiple hops on the packet forwarding path. The transmission time of packets in the physical medium can be ignored because optical and electrical signals are transmitted at a high speed. However, the time that a switch spends processing packets cannot be ignored. When packets are transmitted through too many hops, the network latency is long. 2. Insufficient network bandwidth. When the network through which packets are transmitted does not have sufficient bandwidth, network congestion occurs and packets need to wait in queues, resulting in long network latency. 3. Insufficient memory space. When a switch receives a large number of packets, the switch does not have sufficient memory space to process these packets, resulting in slow packet processing speed and long network latency. You can run the ping command to test network latency. The test results are only for reference and cannot be used as an absolute value of network latency measurement. No reference value is available for determining whether the ping latency is normal because requirement for network latency varies depending on network status. Other measurement methods such as network quality analysis (NQA) are also required to accurately measure network latency. Pay attention to the following points when analyzing a ping latency: 1. When a switch forwards packets through the hardware at a high speed, network latency is short. For example, ping a PC connected to the switch. When packets need to be processed by the CPU, network latency is long. For example, ping a gateway. Through network latency is long when the switch pings the gateway, packets are normally forwarded because the packets are processed by the underlying chip rather than the CPU. You can run the icmp-reply fast command to enable the fast ICMP reply function on the switch to shorten network latency when the switch pings the gateway. After the function is enabled, the switch quickly responds to received Echo Request packets destined for its own IP address. The CPU of the LPU directly responds to the received ICMP packets, improving the processing speed of ICMP packets and shortening network latency. 2. The processing priority of ICMP packets has been minimized to prevent impacts of common ping attacks on the switch, so that ICMP packets are the last to be transmitted and processed. Therefore, the network latency is long.

Principles of ping packet fragmentation tests
Question: During routine troubleshooting, some customers require that the results of pinging large packets are used to estimate link performance for handling Ethernet service packet loss or bandwidth insufficiency problems. Generally, they require that the packets with a length of 65,500 bytes can be pinged. However, they do not tell the test principles and emphasize that the tests, especially tests for private line VIP customers, must meet this requirement. Test method: ping ip -l 65500 Answer: The following analyzes the test from the four indicators of an Ethernet performance test: 1. Packet loss rate A PC can ping a packet containing a maximum of 65,500 bytes, but the default MTU value of a PC is 1500. Therefore, the large packet needs to be fragmented before the ping operation. The PC can ping a maximum of 1472 bytes without fragmentation. Assume that the large packet is fragmented by 1472 bytes. In this case, at least 45 packets (the result of 65500 divided by 1472 is about 45) need to be sent to the peer end for the ping test. The ping operation is successful only after all the 45 packets are sent to the peer end and the peer end returns an ICMP response. It can be deduced that the possibility of the failure to ping large packets is greater than the possibility of the failure to ping small packets. To perform this test, you need to first ensure that the pinged small packets are not lost, or even each ping packet must contain 1472 bytes, because the default packet length is only 32 bytes. 2. Throughput 65,500 bytes x 8 = 524 kbits. The minimum granularity of an MSTP service is 2 Mbit/s, and the default timeout interval of the ping test is 4 seconds. However, if there is other service traffic during the test, the ping operation may fail. 3. Latency In contrast to the test without fragmentation, the latency of the test requiring fragmentation is larger. The ping test interval, which is 4 seconds by default, is sufficient only if the bandwidth meets requirements. 4. Back to back According to a local mirroring analysis, pinging a packet of 60,000 bytes can be completed in 0.02 seconds after the PC fragments the packet, and the burst traffic reaches 500 kbit/0.01s, equivalent to 50 Mbit/s. According to the analysis of throughput, a packet of 65,500 bytes requires only a bandwidth of 524 kbit/s. Therefore, the test principle is similar to that of the back-to-back system. Suggestion and conclusion: 1. The MSTP service provides a hard pipe, and the service rate is less than 100 Mbit/s or 10 Mbit/s. The minimum granularity is 2 Mbit/s. When the burst traffic exceeds the pipe rate during the large packet ping, the board buffer is required. After the buffer is full, the overflow data will be discarded. Therefore, the test on a board with small buffer cannot meet the requirement. 2. The large packet transmit speed is dependent on the PC processing capability, especially the CPU usage. As a result, sometimes a packet of 65,500 bytes can be used in the ping operation but sometimes a packet of only about 20,000 bytes can be used. That is, the performance is not reliable. 3. The EFGT buffer of EoS boards is small and the EFGS buffer is relatively large. Therefore, a packet of 65,500 bytes can be used in the ping operation on boards with an EFGS buffer.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top