One small observation/conjecture to this thread- looks like if the switch is under heavy load(for example L2 loop) then it might not send out keepalive frames. For example if I connected my laptop GigE port to Cisco 2950 FE port which had to send out keepalive messages with 10s interval, it missed quite a many keepalive frames:
22:13:49.786134 00:09:7c:4c:38:81 > 00:09:7c:4c:38:81, ethertype Loopback (0x9000), length 60: 22:14:19.787212 00:09:7c:4c:38:81 > 00:09:7c:4c:38:81, ethertype Loopback (0x9000), length 60: 22:15:49.807377 00:09:7c:4c:38:81 > 00:09:7c:4c:38:81, ethertype Loopback (0x9000), length 60: 22:15:59.807661 00:09:7c:4c:38:81 > 00:09:7c:4c:38:81, ethertype Loopback (0x9000), length 60: 22:16:09.807976 00:09:7c:4c:38:81 > 00:09:7c:4c:38:81, ethertype Loopback (0x9000), length 60: 22:16:49.820440 00:09:7c:4c:38:81 > 00:09:7c:4c:38:81, ethertype Loopback (0x9000), length 60: According to "ip -s link show dev eth0" there were no dropped/overrun packets during the packet capture. Module in use was e1000e. I tried with different machine using Broadcom 1GigE chipset(tg3 v3.121 module) instead of the Intel one and observed same interesting behavior- some keepalive frames were missing. regards, Martin 2011/8/1 Martin T <[email protected]> > András, > I don't think I'll see such cable at nowadays :) However, thank you > for explaining this! > > > regards, > martin > > 2011/8/1 Tóth András <[email protected]>: > > Hi Martin, > > > > I cannot comment on the 2900 switches, as it's very old and not > > supported anyway by Cisco. On the 2950 switches, when keepalives are > > enabled and looping condition is detected, the interface will be > > err-disabled, this is an expected behavior. For more information, > > please visit the below documentations. > > > > Refer to the "Loopback error" section on the following link: > > > http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00806cd87b.shtml > > > > Refer to the "%ETHCNTR-3-LOOP_BACK_DETECTED : Keepalive packet > > loop-back detected on [chars]" section here: > > > http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a00801b42bf.shtml#prob1b > > > > I guess you can read more about Type 2 cabling on the following link. > > > http://www.cisco.com/en/US/products/hw/gatecont/ps2250/products_tech_note09186a008009452e.shtml#ii > > > > Best regards, > > Andras > > > > > > 2011/7/31 Martin T <[email protected]>: > >> András, > >> under IOS one can configure "keepalive" settings of Fa/Gi/Te > >> interfaces of Cisco 4500 and Fa ports of Cisco 2900 series as well, > >> but as much as I tested with 2900 series, while keepalive frames are > >> actually sent, in case of loop(I made a RJ45 hardware loop), the port > >> is not shut down. > >> > >> On the other hand, in case of Cisco 2950, the keepalive frame indeed > >> forced port to "err-disabled" state when I plugged my RJ45 > >> hardware-loop into the port: > >> > >> 00:06:53: %SYS-5-CONFIG_I: Configured from console by console > >> 00:06:55: %ETHCNTR-3-LOOP_BACK_DETECTED: Keepalive packet loop-back > >> detected on FastEthernet0/2. > >> 00:06:55: %PM-4-ERR_DISABLE: loopback error detected on Fa0/2, putting > >> Fa0/2 in err-disable state > >> 00:06:56: %LINEPROTO-5-UPDOWN: Line protocol on Interface > >> FastEthernet0/2, changed state to down > >> 00:06:57: %LINK-3-UPDOWN: Interface FastEthernet0/2, changed state to > down > >> > >> When I set "no keepalive" to this very same switch port under C2950 > >> and connect the same RJ45 hardware loop, the port stayed up. > >> > >> By "Type 2" cabling you mean so-called "Cat2"(Two shielded twisted > >> pairs + four voice grade twisted pairs) cabling? And the idea is that > >> in case there is a loop on physical layer, the switch port receives a > >> keepalive frame with it's own MAC address as a destination and source > >> address and shuts down the port? > >> In the light of modern cabling standards, the "keepalive" feature > >> isn't very useful, is it? > >> > >> regards, > >> martin > >> > >> 2011/7/31 Tóth András <[email protected]>: > >>> Hi Martin, > >>> > >>> Keepalives are sent on the Catalyst 2940, 2950, 2950-LRE, 2955, 2970, > >>> 3550, 3560 or 3750 switch to prevent loops in the network. The primary > >>> reason for the keepalives is to prevent loops as a result of Type 2 > >>> cabling which does cause a loop in some situations. A loop is detected > >>> when the switch receives back it's own keepalive pakcet. > >>> > >>> Keepalives are sent on ALL interfaces by default in 12.1EA based > >>> software. Starting in 12.2SE based releases, keepalives are NO longer > >>> sent by default on fiber and uplink interfaces. > >>> > >>> Best regards, > >>> Andras > >>> > >>> > >>> On Sun, Jul 31, 2011 at 3:51 AM, Martin T <[email protected]> wrote: > >>>> I have a following connection: > >>>> > >>>> T60[eth0] <-> [Fa0/2]WS-C2950C-24 > >>>> > >>>> ..and port Fa0/2 in the switch in configured like this: > >>>> > >>>> WS-C2950C-24#sh run int Fa0/2 > >>>> Building configuration... > >>>> > >>>> Current configuration : 149 bytes > >>>> ! > >>>> interface FastEthernet0/2 > >>>> description -> T60 > >>>> switchport mode access > >>>> switchport nonegotiate > >>>> no cdp enable > >>>> spanning-tree bpdufilter enable > >>>> end > >>>> > >>>> WS-C2950C-24# > >>>> > >>>> ..and "keepalive" signals are sent after every 10s: > >>>> > >>>> WS-C2950C-24#sh int Fa0/2 | i Keepalive > >>>> Keepalive set (10 sec) > >>>> WS-C2950C-24# > >>>> > >>>> Now if I tcpdump those frames, they look like this: > >>>> > >>>> root@martin-ThinkPad-T60:~# tcpdump -i eth0 -e -XX -c 4 > >>>> tcpdump: WARNING: eth0: no IPv4 address assigned > >>>> tcpdump: verbose output suppressed, use -v or -vv for full protocol > decode > >>>> listening on eth0, link-type EN10MB (Ethernet), capture size 65535 > bytes > >>>> 03:26:35.984629 00:12:7f:13:8f:c2 (oui Unknown) > 00:12:7f:13:8f:c2 > >>>> (oui Unknown), ethertype Loopback (0x9000), length 60: > >>>> 0x0000: 0012 7f13 8fc2 0012 7f13 8fc2 9000 0000 > ................ > >>>> 0x0010: 0100 0000 0000 0000 0000 0000 0000 0000 > ................ > >>>> 0x0020: 0000 0000 0000 0000 0000 0000 0000 0000 > ................ > >>>> 0x0030: 0000 0000 0000 0000 0000 0000 ............ > >>>> 03:26:45.984971 00:12:7f:13:8f:c2 (oui Unknown) > 00:12:7f:13:8f:c2 > >>>> (oui Unknown), ethertype Loopback (0x9000), length 60: > >>>> 0x0000: 0012 7f13 8fc2 0012 7f13 8fc2 9000 0000 > ................ > >>>> 0x0010: 0100 0000 0000 0000 0000 0000 0000 0000 > ................ > >>>> 0x0020: 0000 0000 0000 0000 0000 0000 0000 0000 > ................ > >>>> 0x0030: 0000 0000 0000 0000 0000 0000 ............ > >>>> 03:26:55.984277 00:12:7f:13:8f:c2 (oui Unknown) > 00:12:7f:13:8f:c2 > >>>> (oui Unknown), ethertype Loopback (0x9000), length 60: > >>>> 0x0000: 0012 7f13 8fc2 0012 7f13 8fc2 9000 0000 > ................ > >>>> 0x0010: 0100 0000 0000 0000 0000 0000 0000 0000 > ................ > >>>> 0x0020: 0000 0000 0000 0000 0000 0000 0000 0000 > ................ > >>>> 0x0030: 0000 0000 0000 0000 0000 0000 ............ > >>>> 03:27:05.984651 00:12:7f:13:8f:c2 (oui Unknown) > 00:12:7f:13:8f:c2 > >>>> (oui Unknown), ethertype Loopback (0x9000), length 60: > >>>> 0x0000: 0012 7f13 8fc2 0012 7f13 8fc2 9000 0000 > ................ > >>>> 0x0010: 0100 0000 0000 0000 0000 0000 0000 0000 > ................ > >>>> 0x0020: 0000 0000 0000 0000 0000 0000 0000 0000 > ................ > >>>> 0x0030: 0000 0000 0000 0000 0000 0000 ............ > >>>> 4 packets captured > >>>> 4 packets received by filter > >>>> 0 packets dropped by kernel > >>>> root@martin-ThinkPad-T60:~# > >>>> > >>>> As you can see, they are sent by switch port after every 10s. The > >>>> source and destination MAC address are the same and ethertype is > >>>> 0x9000 and it looks like the frame is just padded with zeros. I can > >>>> change the keepalive messages interval between 1s and 32767s or > >>>> disable keepalive frames by "no keepalive" or "keepalive 0". > >>>> What are those "keepalive" frames used for? Some historical > >>>> configuration setting? What should my T60 NIC do with those frames as > >>>> at the moment it responds nothing? > >>>> > >>>> > >>>> regards, > >>>> martin > >>>> _______________________________________________ > >>>> cisco-nsp mailing list [email protected] > >>>> https://puck.nether.net/mailman/listinfo/cisco-nsp > >>>> archive at http://puck.nether.net/pipermail/cisco-nsp/ > >>>> > >>> > >> > > > _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
