S5700LI device lost packets
Issue Description
Customer find there are many packets lost on S5700LI device , if they replaced a new device in the same network , there is no packets loss.
Alarm Information
Handling Process
Please make a traffic statistics . Acl 3333 Rule 5 permit icmp source PC_IP 0 destination Gateway_IP 0 Rule 10 permit icmp source Gateway_IP 0 destination PC_IP 0 Traffic classifier icmp If-match acl 3333 Traffic behavior icmp Statistics enable Traffic policy icmp C icmp b icmp Interface eth-trunk 0 ----connect to gateway Traffic-policy icmp inbound Traffic-policy icmp outbound Interface gx/x/x -----------connect to test PC Traffic-policy icmp inbound Traffic-policy icmp outbound Then ping form PC to Gateway number 1000 ICMP packets . after finish ping feedback below information . Display traffic policy statistics interface eth-trunk 0 inbound v r Display traffic policy statistics interface eth-trunk 0 outbound v r Display traffic policy statistics interface gx/x/x inbound v r Display traffic policy statistics interface gx/x/x outbound v r
Customer feedback if the client ping 10000 packets , will lost 78 packets , but when checked the traffic statistics , connected to client interface only received 9922 packets .
So we need to prove the physical interface can receive all packets . we arrange customer make capture via wireshark .
Until now , physical interface received 164 packets , but the traffic only statistics 162 packets, so I think there are two packets lost on device.
After checked the configuration and aaa offline reason again , we found the client will be re-authentication again , so at that time packets will be lost.
Root Cause
Solution
1. shutdown the arp detect function , use command undo authentication handshake .
2. We can configure the arp detect packet source IP address . access-user arp-detect vlan 110 ip-address 172.16.110.x mac-address e89a-8f6d-966a