[Knowledge sharing]Switch reporting many CPCAR alarms for BPDU-tunnel packets

Latest reply: Sep 28, 2018 22:32:03 399 1 1 0

Hello all,

Please check out a new post where you can find a possible cause for receiving many BDPU-tunnel packets.


Fault symptom:


Receiving a lot of CPCAR alarms reported for BPDU-tunnel packets. Even if we increased the allowed ammount of this traffic using user defined policy all the packets were still dropped.


Log message :


May 17 2018 16:59:25+02:00 DST SYS %DEFD/4/CPCAR_DROP_LPU(l)[123]:Rate of packets to cpu exceeded the CPCAR limit on the LPU in slot 0. (Protocol=bpdu-tunnel, CIR/CBS=1024/192512, ExceededPacketCount=9563)

 

Method to increase allowed ammount of this traffic  using user defined policy :

 

[SYS]display current-configuration configuration cpu-defend-policy bpdu

#

cpu-defend policy bpdu

description BPDU-Tunel

car packet-type bpdu-tunnel cir 1024 cbs 192512

auto-defend trace-type source-mac source-portvlan

 

---------

 

[SYS]display cpu-defend configuration all

Car configurations on mainboard.

----------------------------------------------------------------------

Packet Name         Status     Cir(Kbps)   Cbs(Byte)

----------------------------------------------------------------------

output ommited

----------------------------------------------------------------------

Car configurations on slot 0.

----------------------------------------------------------------------

Packet Name         Status     Cir(Kbps)   Cbs(Byte)  Queue  Port-Type

----------------------------------------------------------------------

bpdu-tunnel         Enabled         1024      192512      5         NA

 

other values ommited

 

 

This increase was not helpfull - there are dropped frames still present and grows:

 

[SYS]display cpu-defend statistics packet-type bpdu-tunnel

Statistics on slot 0:

--------------------------------------------------------------------------------

Packet Type          Pass(Packet/Byte)   Drop(Packet/Byte)  Last-dropping-time

--------------------------------------------------------------------------------

bpdu-tunnel                          0             4087481  2018-05-17 14:09

                                             0           357700321

--------------------------------------------------------------------------------


transparent.gifRoot Cause:

We found that the l2protocol-tunnel group-mac command has been enabled on the system view, but it

wasn’t enabled  on any interfaces.

So if the switch receive the packets with the destination MAC 0100-0ccd-cdd0 it will be sent to the CPU and then dropped:

#

l2protocol-tunnel lacp group-mac 0100-0ccd-cdd0

l2protocol-tunnel vtp group-mac 0100-0ccd-cdd0

l2protocol-tunnel cdp group-mac 0100-0ccd-cdd0

l2protocol-tunnel udld group-mac 0100-0ccd-cdd0

l2protocol-tunnel pagp group-mac 0100-0ccd-cdd0

l2protocol-tunnel pvst+ group-mac 0100-0ccd-cdd0

#

   If you don’t need configure Layer 2 protocol transparent transmission, please undo all the commands above;

   If you need this function, please also enable the l2protocol-tunnel on the interfaces.

   Then the logs about bpdu-tunnel packets lost will be disappeared.

transparent.gif
Solution:

In order to stop receiving the CPCAR alarms and pass the bpdu packets according to the user defined policy it is required to configure the l2protocol-tunnel command also on any interfaces.

  • x
  • convention:

Mysterious.color
MVE Created Sep 28, 2018 22:32:03 Helpful(0) Helpful(0)

totally helpful
  • x
  • convention:

Core%20Engineer%2C%20Technical%20Department.%20High%20experience%20in%20Networking

Reply

Reply
You need to log in to reply to the post Login | Register

Notice Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Login and enjoy all the member benefits

Login and enjoy all the member benefits

Login