Why does an S series switch properly transmit small ping packets but discard large ping packets

8

A small MTU value on an interface of an S series switch may make the switch properly transmit small ping packets and discard large ping packets. You can run the ping -f command to measure the maximum packet length supported by the interface, and then check the MTU value on the interface.
Note:
The ping command uses ICMP packets. The packet size in the ping command output is the payload length of ICMP packets, excluding the length of the IP and ICMP packet headers. The length of the IP packet header is 20 bytes and that of the ICMP packet header is 8 bytes.

Other related questions:
Reason for ping packet loss on S series switch
For S series modular switches: Ping packets sent from other devices to a switch are processed by the switch as fib-hit packets. The switch sends fib-hit packets to the CPU at the default CAR value to protect the CPU from being attacked by these packets. If the rate of ping packets sent to the CPU exceeds the CAR value, the switch discards the excess packets. To resolve the problem, set a larger CAR value for fib-hit packets.

Question about packet loss when the rate of ping packets is high on S series switches
When another device pings an S series switch (a non-S1700 switch), the device and the switch exchange ICMP packets. To protect the CPU, you can run the icmp rate-limit command to configure a rate threshold for ICMP packets. The undo icmp rate-limit command restores the default rate threshold of ICMP packets.

The reason of S series switch Ping packet loss
For S-series chassis switches: The Ping packets of the local switch are processed by the switch as a fib-hit packet. For packets of type fib-hit, the switch sends to CPUs at the default CAR value to prevent this type of packets from impacting the CPU. In the case of the default CAR value, the number of ping packets per second is too large for the CAR value, so the switch will discard some packets. Increase the fib value of fib-hit, you can solve the packet loss problem.

Long ping latency on S series switches
Network latency indicates the round-trip period of time during which a source device sends a packet to the destination device and then the destination device returns a packet to the source device. Possible causes of long network latency are as follows: 1. Multiple hops on the packet forwarding path. The transmission time of packets in the physical medium can be ignored because optical and electrical signals are transmitted at a high speed. However, the time that a switch spends processing packets cannot be ignored. When packets are transmitted through too many hops, the network latency is long. 2. Insufficient network bandwidth. When the network through which packets are transmitted does not have sufficient bandwidth, network congestion occurs and packets need to wait in queues, resulting in long network latency. 3. Insufficient memory space. When a switch receives a large number of packets, the switch does not have sufficient memory space to process these packets, resulting in slow packet processing speed and long network latency. You can run the ping command to test network latency. The test results are only for reference and cannot be used as an absolute value of network latency measurement. No reference value is available for determining whether the ping latency is normal because requirement for network latency varies depending on network status. Other measurement methods such as network quality analysis (NQA) are also required to accurately measure network latency. Pay attention to the following points when analyzing a ping latency: 1. When a switch forwards packets through the hardware at a high speed, network latency is short. For example, ping a PC connected to the switch. When packets need to be processed by the CPU, network latency is long. For example, ping a gateway. Through network latency is long when the switch pings the gateway, packets are normally forwarded because the packets are processed by the underlying chip rather than the CPU. You can run the icmp-reply fast command to enable the fast ICMP reply function on the switch to shorten network latency when the switch pings the gateway. After the function is enabled, the switch quickly responds to received Echo Request packets destined for its own IP address. The CPU of the LPU directly responds to the received ICMP packets, improving the processing speed of ICMP packets and shortening network latency. 2. The processing priority of ICMP packets has been minimized to prevent impacts of common ping attacks on the switch, so that ICMP packets are the last to be transmitted and processed. Therefore, the network latency is long.

Why are a large number of packets discarded on an inbound interface of an S series modular switch
S9300 series switches running V100R001 and V100R002 send protocol packets to the CPU for processing and discard the packets at the hardware layer. The number of these discarded protocol packets is counted on inbound interfaces, which does not comply with RFC 2863. For switches running V100R002, patches in V100R002SPH009 and later versions can be installed to fix this problem. According to RFC 2863 and industry norms, only packets discarded due to buffer overflows is counted as discarded packets.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top