Unsolved
This post is more than 5 years old
21 Posts
0
3499
Oversized packets between N2048 and N4064F
I've set up a link between a N2048 (Tengigabitethernet 1/0/2) and a N4064F (Tengigabitethernet 1/0/48) with a DELL DAC. These two switch are configured with MTU set to 9216 on each switch.
But on the 2 ports involved in this link I get a lot of :
On the N2048
# show interfaces counters tengigabitethernet 1/0/2
Received packets dropped > MTU: ............... 303283
Transmitted packets dropped > MTU: ............ 155494
On the N4064F:
#show interfaces counters Tengigabitethernet 1/0/48
Received packets dropped > MTU: ............... 147596
Transmitted packets dropped > MTU: ............ 221817
I do not understand why this occure as MTU is the same for the 2 switchs. Any idea ?
Thanks
Patrick
DELL-Josh Cr
Moderator
Moderator
•
8.4K Posts
0
February 7th, 2017 09:00
Hi,
What types of devices are connected to the switches? If it is connected to a vswitch those packets could be coming in at the wrong size. You may also want to make sure that the switch firmware is up to date on both switches.
begou
21 Posts
0
February 8th, 2017 05:00
Thanks for your reply
These 2 switchs are connected to cluster nodes and servers with a MTU set to 9000.
There are also IDRAC et unix nodes on the N2024 with MTU set to 1500.
That I do not understand is why this error message occure only on the uplink as the MTU is the same on the 2 switchs and set to 9216 (lager than on the connnected hosts) ?
If a packet has wrong MTU from a server, the error should be reported on the switch port it is connected to. And I've only errors on the uplink between the 2 switchs. Or I'm wrong with this behavior (I'm not a networking gourou) ?
I've changed the DAC cable, the error is the same.
Patrick
DELL-Josh Cr
Moderator
Moderator
•
8.4K Posts
0
February 8th, 2017 09:00
What version is the firmware at?
begou
21 Posts
0
February 9th, 2017 03:00
Hi Josh
These 2 switch N2048 and N4064F have 6.2.0.5 firmware level (I've updated the firmwares before puting them in prod).
Patrick
DELL-Josh Cr
Moderator
Moderator
•
8.4K Posts
0
February 9th, 2017 06:00
Here are the current firmware versions, you may want to try updating.
N2000 http://www.dell.com/support/home/us/en/19/Drivers/DriversDetails?driverId=9824X&fileId=3594872080&osCode=NAA&productCode=networking-n2000-series&languageCode=en&categoryId=NI
N4000 http://www.dell.com/support/home/us/en/19/Drivers/DriversDetails?driverId=P3F19&fileId=3594871950&osCode=NAA&productCode=networking-n4000-series&languageCode=en&categoryId=NI
begou
21 Posts
0
February 9th, 2017 07:00
Hi Josh,
I think your suggestion is a very good idea. Looking in details to the release notes I found a corrected bug about "Receive and transmit packets dropped > MTU counters increasing" in Release 6.2.1.6!
So, may be it is just a "counter bug!"
I'm not very familar with firmware update but it is obviously the first step to do when problems arise.
I'll proceed to the updates now.
Patrick
begou
21 Posts
0
February 10th, 2017 01:00
I've updated the first switch to 6.3.1.13. All run fine but now I'm unable to use a browser to connect to the switch. I get a SSL_ERROR_NO_CYPHER_OVERLAP with firefox or seamonkey (latest centos6 or redHat6 version). I saw some changes in the release notes since my old firmware version:
"Disable SSL Version 2 and 3 Protocols and user TLS1.0 or higher " in release 6.2.6.6 and they suggest that "ip http secure-protocol" allows to configure the desired protocol.
This command is not documented in the latest CLI reference guide (january 2006 version). With the online command documentation I try to execute:
ip http secure-protocol TLS1 SSL3
But it does not help. Any suggestion is welcome before I try to update the other switch.
Patrick
DELL-Josh Cr
Moderator
Moderator
•
8.4K Posts
0
February 10th, 2017 09:00
Try setting about:config into the firefox address bar (confirm the info message in case it shows up) & search for bold preferences starting with security. - right-click and reset those entries to their default values.
It has to do with the changes to TLS.
begou
21 Posts
0
February 13th, 2017 09:00
Hi Josh
I've reset to original values all bolds security tags (no security* tag in bold now) on Firefox. Connecting to the switch provides an information page saying the connection is unsecure, an "advanced" button and the message: "SSL_ERROR_NO_CYPHER_OVERLAP".
If I click on this button i can accept to use lower security but connection fails with:
SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT
and
security.tls.incsecure_fallback_hosts becomes bold and is set to my switch IP.
The only way to connect is http with a browser after the firmware update
security.tls.version.min is set to 1 and security.tls.version.max to 3 (defaults values)