Performance Management Data for VLANs | Performance and Fault Management: A Practical Guide to Effectively Managing Cisco Network Devices (Cisco Press Core Series)

For performance management of VLANs, we'll look at two major components:

Logical ports versus physical ports
Measuring VLAN utilization

Logical Versus Physical Ports

As discussed in the VLAN overview, a logical port is a summation of all physical ports installed on a switch plus the amount of VLANs configured on all trunk ports, assuming spanning tree is active for all those VLANs. We will refer often to the logical port formula (see Equation 15-1) as reference for this section.

NOTE

The ATM trunks are broken out separately in Equation 15-1. The product of the ATM trunks multiplied by the number of VLANs over that trunk needs to be doubled. The ATM trunks are the LANE ports as seen on the ATM LANE modules.

MIBs to Monitor for Logical Ports Versus Physical Ports

From CISCO-STACK MIB, the following two variables pertain to physical versus logical ports:

ModuleNumPorts: How many physical ports are assigned to each module
ModuleIndex: How many modules are installed in the switch

To use these MIBs, sum up all of the module ports by adding all moduleNumPorts for each instance of moduleIndex associated with each switch. Then, subtract the trunk ports from this number by referencing the VLANPortOperStatus MIB where it equals "trunking." The resulting value gives you a total physical ports portion of the logical ports formula (see Equation 15-1).

The following MIBs from CISCO-STACK MIB can be used together to obtain the number of VLANs associated with trunk ports based on the MIB VLANOperStatus:

VLANPortVLAN
VLANPortModule
VLANPort
VLANSpantreeEnable
VLANPortIslOperStatus
VLANPortIslAdminStatus

Get the total number of VLANs associated with each trunk port by summing up all unique instances of VLANPortVLAN for each VLANPortModule and VLANPort where VLANSpantreeEnable equals "enabled" and VLANPortIslOperStatus equals "trunking." The VLANIslAdminStatus MIB object is used when 802.1q or 802.10 trunks are utilized, instead of ISL based trunk ports. You'll look for a value of "on" when 802.1q or 802.10 trunking is used.

By calculating the number of VLANs associated with each trunk port, based on the previous algorithm you can determine the rest of logical ports formula by taking the calculated value multiplied by the number of VLANPort where VLANPortIslOperStatus equals "trunking."

Related MIB objects from the CISCO-STACK MIB are

VLANPortModule
VLANPort

Related MIB objects from the RFC1213 are

portIndex
portModuleIndex
ifIndex

CLI Commands Relating to the Calculation Of Logical Ports

Because VLANs should be fairly constant and static in networks, the idea of polling the preceding MIB objects and making formulas based on them may seem a little extreme. A better approach is to write a script (for example, in PERL) that gathers output from Telnet data, as described in this portion of the logical ports calculation, to parse out the necessary parts to calculate logical ports.

Using the show port Command

From the show port command, you can identify how many physical ports are installed in the switch as well as which ports are trunks and which ones are VLAN ports. The total number of ports for the switch can also be gathered from the command show module, but it does not break down the VLANs over the trunk ports.

Summing up the VLAN ports minus the trunk ports gives you the number of nontrunking ports on the switch for use in the logical port formula, stated earlier. The rest of the formula components (see Equation 15-1) can be gathered from the show trunk command, which is explained in the next section.

Example 15-1 shows sample output from show port.

Example 15-1 Using show port to determine the number of nontrunking ports.

 SWITCH# (enable) show port Port   Name               Status      Vlan       Level   Duplex Speed Type ----- ------------------ ----------  ---------- ------  ------  ----- ------------  2/1^A                     notconnect  1 ^B         normal   half    100 100BaseTX  2/2                      notconnect  1          normal   half    100 100BaseTX  5/1                      connected   Trunk      normal a-full  a-100 10/100BaseTX  5/2                      inactive    2          normal   auto   auto 10/100BaseTX  5/3                      notconnect  1          normal   auto   auto 10/100BaseTX  5/4                      notconnect  1          normal   auto   auto 10/100BaseTX  5/5                      notconnect  1          normal   auto   auto 10/100BaseTX  5/6                      notconnect  1          normal   auto   auto 10/100BaseTX  5/7                      notconnect  1          normal   auto   auto 10/100BaseTX  5/8                      notconnect  1          normal   auto   auto 10/100BaseTX  5/9                      notconnect  1          normal   auto   auto 10/100BaseTX  5/10                     notconnect  1          normal   auto   auto 10/100BaseTX  5/11                     notconnect  1          normal   auto   auto 10/100BaseTX

The highlighted information from Example 15-1 is as follows:

A Summing up all unique instances of the ports from this command minus the trunk ports, as reported as Trunk in the Vlan column, gives you the number of non-trunking ports.

B The Vlan column shows what VLAN is assigned to what port. The trunk ports are identified as well.

Using the show trunk Command

The show trunk command reports which ports are trunk ports, what VLANs are allowed on the each trunk port, and which VLANs are active on each trunk port.

You can get the rest of the components for the logical ports formula through this command:

Number of non-ATM trunks on the switch
Number of active VLANs on that trunk
Number of ATM trunks on the switch
Number of active VLANS on ATM trunks

Example 15-2 shows sample output from show trunk.

Example 15-2 Using show trunk to obtain values for components of the logical port formula.

 SWITCH#  (enable) show trunk Port      Mode        Encapsulation  Status       Native vlan --------  ----------- -------------  ------------ ----------- 2/1^A      auto        dot1q          trunking     1 4/9^A      auto        isl            trunking     1 4/10^A     desirable   isl            trunking     1 Port      Vlans allowed on trunk --------  --------------------------------------------------------------------- 2/1       1-1005^B 4/9       1-1005^B 4/10      1-1005^B Port      Vlans allowed and active in management domain --------  --------------------------------------------------------------------- 2/1       1-5,10,50,152,500,521-524,570 4/9       1,4-5,1003,1005 4/10      1,4-5,1003,1005 Port      Vlans in spanning tree forwarding state and not pruned --------  --------------------------------------------------------------------- 2/1       1-5,10,50,152,500,521-524,570 4/9       1005 4/10      1005

The highlighted information from Example 15-2 is as follows:

A This output is the physical port that is defined as a trunk port. If the port is an ATM trunk you'd see a port like the following: 5/1-2 (this is why the ATM trunks are doubled in Equation 15-1).

B The VLANs "allowed and active" show what actively configured VLANs are coming across the trunk port. By summing up all unique instances of the VLANs active, you'll define the "number of active VLANs on that trunk" per Equation 15-1. In this example, there are 10 VLANS active on port 5/1.

VLAN Utilization

Due to the nature of switched environments, it is not necessary to measure traffic utilization based on total unicast frames for ports belonging to a particular VLAN. For example, suppose two servers in the same VLAN are exchanging information. This traffic does not affect the performance of two users on different ports and on the same VLAN because switching architecture sends unicast traffic directly to a source or destination port where the MAC address resides. Simply put, the unicast traffic is hidden from the rest of the ports associated with the same VLAN. It may be important, however, to monitor the bandwidth utilization over the trunk ports or critical ports, such as file server ports. Refer to Chapters 12 and 4 for details on monitoring system interfaces and bandwidth utilization, respectively.

A better measurement of VLAN traffic utilization is the measurement of broadcast and/or multicast traffic for a particular VLAN. But how do you get an accurate representation of the broadcast traffic on a VLAN when ports are going up and down due to users turning on and off their host machines, such as PCs. Well, here are a few ways to alleviate that problem:

Monitor the transmitted broadcast or multicast traffic on file server or application server ports because they are up most of the time.
In the case of VLANs without file servers, monitor critical ports attached to that VLAN such as ports attaching directly to routers.
If you don't have router ports, actively poll ports to find the port with the highest transmitted broadcast or multicast traffic for a VLAN, which would indicate that the port has been up the longest in that VLAN on that switch. From that information, you can calculate a broadcast or multicast utilization for the VLAN using the following formula (which uses Broadcasts as an example):

Maximum XmitBroadcast/((Sum XmitFrames Sum XmitBroadcast) + Maximum XmitBroadcast) 100%

where XmitBroadcast and XmitFrames are the transmitted broadcasts and frames for the VLAN based on all the ports associated with that VLAN.

Here's an example:

 Switch>  show mac Port     Xmit-Unicast         Xmit-Multicast       Xmit-Broadcast -------- -------------------- -------------------- --------------------  2/1                   100000                    0                                        20000  2/2                        0                    0                          0  5/1                  3000000               551828                     310853

From this output, you can see that Port 5/1 has the most broadcasts. We'll assume that both of these ports are on the same VLAN for this example. Plugging the numbers into the formula, we get the following results:

Simplified:

For more information on switch traffic characteristics and monitoring best practices, refer to the White Paper on CCO regarding "Cisco Network Monitoring and Event Correlation Guidelines."

MIBs to Monitor for Determining VLAN Utilization

From RFC 1213 (MIB II), the following variables are relevant to VLAN usage:

ifOutNUcastPkts
ifOutUcastPkts

The ifOutNUcastPkts MIB combines multicast packets with broadcast packets. This value added to the value of ifOutUcastPkts can allow you to get a percentage of broadcast/multicast traffic per port (interface) relative to total traffic.

NOTE

RFC 2233 supercedes RFC 1213 especially with regards to the "**NucastPkts" objects. Broadcasts and Multicasts are broken out into two different MIB objects: ifOutBroadcastPkts and ifOutMulticastPkts.

By isolating all the ports per VLAN on a switch, you can sum up all traffic, both unicast and non-unicast packets for the whole VLAN, and use the highest ifOutNUcastPkts to calculate the formula denoted in Equation 15-2.

Equation 15-2

You can also compare the VLAN you calculated the utilization on to the VLAN assigned to the sc0 interface on the switch, which is the supervisor card (NMP). Having high broadcasts and multicasts on the NMP or the supervisor can impact switch performance. Please refer to Chapter 11, "Monitoring Network Systems Processes and Resources," for more details on system resources.

The recommended baseline threshold for broadcast and multicast traffic on the VLAN is greater than 50 percent, especially if the VLAN is the same as the sc0 interface.

CLI Commands Relating to the Determination Of VLAN Utilization

The show mac command displays the number of packets transmitted:

unicast
multicast
broadcast

This command, in conjunction with the show port command and the VLAN assignment displayed there, can allow you to calculate the broadcast or multicast traffic utilization for each VLAN. Determine which ports are associated with each VLAN, based on show port output (see Example 15-1 for more details on this output) and use the show mac command to get the transmitted packets per VLAN.

Example 15-3 shows sample output for show mac.

Example 15-3 Using show mac to obtain the number of transmitted packets per VLAN.

 Switch>show mac Port     Rcv-Unicast          Rcv-Multicast        Rcv-Broadcast -------- -------------------- -------------------- -------------------- 2/1                         0                    0                    0 2/2                         0                    0                    0 5/1                         0               551828               310853 5/2                         0                    0                    0 5/3                         0                    0                    0 5/4                         0               633399                    0 5/5                         0                    0                    0 5/6                         0                    0                    0 5/7                         0                    0                    0 5/8                         0                    0                    0 5/9                         0                    0                    0 5/10                        0                    0                    0 5/11                        0                    0                    0 5/12                        0                    0                    0 Port     Xmit-Unicast         Xmit-Multicast       Xmit-Broadcast -------- -------------------- -------------------- -------------------- 2/1                         0               32000^A                  50000^B 2/2                         0                   0                    0 5/1                         0                   0                    0 5/2                         0                   0                    0 5/3                         0                   0                    0 5/4                         0               95431^A                   0 5/5                         0                   0                    0 5/6                         0                   0                    0 5/7                         0                   0                    0 5/8                         0                   0                    0 5/9                         0                   0                    0 5/10                        0                   0                    0 5/11                        0                   0                    0 5/12                        0                   0                    0 Port     Rcv-Octet            Xmit-Octet -------- -------------------- -------------------- 2/1                         0              8000000 2/2                         0                    0 5/1                  58178441                    0 5/2                         0                    0 5/3                         0                    0 5/4                  46271071              9926256 5/5                         0                    0 5/6                         0                    0 5/7                         0                    0 5/8                         0                    0 5/9                         0                    0 5/10                        0                    0 5/11                        0                    0 5/12                        0                    0 MAC      Dely-Exced  MTU-Exced In-Discard Lrn-Discrd In-Lost    Out-Lost -------- ---------- ---------- ---------- ---------- ---------- ---------- 2/1               0          0          0          0          0          0 2/2               0          0          0          0          0          0 5/1               0          0          0          0          0          0 5/2               0          0          0          0          0          0 5/3               0          0          0          0          0          0 5/4               0          0        107          0          1          0 5/5               0          0          0          0          0          0 5/6               0          0          0          0          0          0 5/7               0          0          0          0          0          0 5/8               0          0          0          0          0          0 5/9               0          0          0          0          0          0 5/10              0          0          0          0          0          0 5/11              0          0          0          0          0          0 5/12              0          0          0          0          0          0

Highlighted information from Example 15-3 is as follows:

A The Xmit-multicast column shows the number of multicast packets per port. Identify the port with the highest number of transmitted multicast traffic for each VLAN, and divide that number by the total number of (Xmit-unicast + the total number of Xmit-Broadcast) minus the total number of Xmit-Multicast plus the HIGHEST number of Xmit-Multicast. See Equation 15-2 for further clarification of its components.

B The Xmit-Broadcast column shows the number of broadcast packets per port. Identify the port with the highest broadcast traffic for each VLAN, and divide that number by the total number of (Xmit-unicast + the total number of Xmit-Multicast) minus the total number of Xmit-Broadcast plus the HIGHEST number of Xmit-Broadcast. See Equation 15-2 for further clarification.