HPE Community
Aruba & ProVision-based
1752270 Members
4815 Online
108786 Solutions
New Discussion

5412zl SNMP anomalities (Reported values are not consistent)

 
HEKnet
Advisor

‎02-18-2015 02:31 PM

‎02-18-2015 02:31 PM

5412zl SNMP anomalities (Reported values are not consistent)

We use SNMP to monitor our 5412zl and for some reason the reported values are not consistent with each other.

 

First, our setup looks as follows:

 

Our uplink to our carrier is a fiber that uses Ethernet natively and is placed in its own transfer IP subnet. This means it is a small /29-IPv4 subnet and a /64-IPv6 subnet that exactly includes 2 IPs. The IP on our side and the IP on the carries side. Moreover the corresponding VLAN (VLAN 2) exactly consists of 1 port. This port (F23) is the GBIC interface that our carrier is connected to. Long story short: Because we only have exactly one port in this VLAN, all IP traffic that is counted through SNMP on this VLAN must come from this single port.

 

I prepared some images at our web-site to illustrate the problems:

 

(1) Counting packets gives different numbers. Because one IP packet is carried in exactly one ethernet packet the numbers of IP packets in VLAN 2 should match the number of ethernet packets on port F23. Figure 1.2 and figure 1.1 support this statement. Strangely, if the ethernet packets are counted grouped by their size (instead of their type) the numbers are higher as shown in figure 1.3. Why?

 

(2) Counting the traffic gives different numbers. Look at the peak in figure 2.1 at 11:40am. Approximatly, 80Mbit/s are flowing into port F23. (This is a sane number.) Figure 2.2 shows shows 190MBit/s of IP traffic for the same point of time. This is totally insane. Generally, the IP traffic shows strange outliers that are much too high. It is not a problem of our monitoring software. A checked the SNMP values manually and they are really junping this way. What is going on here?

 

In summary, I wonder if a made a fundamental, systematic error that stems from some semantic misunderstanding on my side or if it is just another bug in the firmware of the switch. Is there any way so that some "virtual" IP traffic could flow into the VLAN that does not correspond to ethernet traffic from a physical port?

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.