I have an active-passive cluster of FG-201Fs running 7.2.5. On each member I have a Aggregate interface composed of two 10G X interfaces, with VLAN interfaces defined on the Aggregat
When I look at SNMP counters for one particular interface, it is not accumulating any counts for any of the parameters. I've manually pulled the SNMP values for this interface and they remain at zero.
If I create a Traffic graph for the interface on a Dashboard, the graph remains at zero over time.
Meanwhile an apparently identically defined VLAN interface on the same aggregate is showing traffic accumulations and generating traffic graphs in a credible way.
I am 99.999% sure traffic is passing across this VLAN, if I do a "di sniff packet any..." it will show packets traversing the VLAN, Aggregate, and physical X interfaces.
I've tried manually changing the snmp-id of the interface, but that hasn't worked.
Any idea what I've done wrong?
Solved! Go to Solution.
So it turns out that turning it off and on again solved the problem. Specifically in this case, rebooting the A member, waiting for it to return and then rebooting the B member enabled counters to work correctly.
Hi,
Please share the below commands output to check traffic counters on the VLAN interface for the working and non-working VLAN
diagnose netlink interface list <name of the interface>
dia sniffer packet <lan_interface_name> 4 0 a
Regards
Priyanka
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
fw-zz-z1-A (ZZ-Z1-PF-1) # di netlink interface list name ZZ-Z1-EINET-520
if=ZZ-Z1-EINET-520 family=00 type=1 index=52 mtu=9216 link=0 master=0
ref=61 state=start present fw_flags=18003800 flags=up broadcast run promsic multicast
Qdisc=noqueue hw_addr=00:09:0f:09:01:1a broadcast_addr=ff:ff:ff:ff:ff:ff
stat: rxp=191002604 txp=125518139 rxb=112878320337 txb=35035491349 rxe=0 txe=0 rxd=0 txd=0 mc=0 collision=0 @ time=1694118613
re: rxl=0 rxo=0 rxc=0 rxf=0 rxfi=0 rxm=0
te: txa=0 txc=0 txfi=0 txh=0 txw=0
misc rxc=0 txc=0
input_type=0 state=3 arp_entry=0 refcnt=61
fw-zz-z1-A (ZZ-Z1-PF-1) # di netlink interface list name ZZ-Z1-EINET-522
if=ZZ-Z1-EINET-522 family=00 type=1 index=72 mtu=9216 link=0 master=0
ref=402 state=start present fw_flags=18000000 flags=up broadcast run promsic multicast
Qdisc=noqueue hw_addr=00:09:0f:09:01:1a broadcast_addr=ff:ff:ff:ff:ff:ff
stat: rxp=0 txp=0 rxb=0 txb=0 rxe=0 txe=0 rxd=0 txd=0 mc=0 collision=0 @ time=1694118618
re: rxl=0 rxo=0 rxc=0 rxf=0 rxfi=0 rxm=0
te: txa=0 txc=0 txfi=0 txh=0 txw=0
misc rxc=0 txc=0
input_type=0 state=3 arp_entry=0 refcnt=402
Running an (adjusted) packet sniff command shows packets traversing both interfaces.
So it turns out that turning it off and on again solved the problem. Specifically in this case, rebooting the A member, waiting for it to return and then rebooting the B member enabled counters to work correctly.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.