FEI_1.3.6.1.4.1.2011.5.25.165.1.11.7 hwBaseSecApplicationApperceiveDropRateRising

Trap Buffer Description

Security Application-apperceive drop packets alarmed. (ChassisID=[ChassisID], SlotID=[SlotID], Protocol=[Protocol], CurrentRateLow=[CurrentRateLow], CurrentRateHigh=[CurrentRateHigh], NotifyEnabled=[NotifyEnabled], RateThreshold=[RateThreshold], RateInterval=[RateInterval], ProtocolDescription=[ProtocolDescription], Reason=[Reason])

The number of discarded packets on an LPU exceeded the configured alarm threshold.

In VS mode, this trap is supported only by the admin VS.

Trap Attributes

Trap Attribute Description

Alarm or Event

Alarm

Trap Severity

 Warning

Mnemonic Code

hwBaseSecApplicationApperceiveDropRateRising

Trap OID

1.3.6.1.4.1.2011.5.25.165.1.11.7

MIB

HUAWEI-SECURITY-MIB

Alarm ID

0x0c15000b

Alarm Name

 hwBaseSecApplicationApperceiveDropRateRising

Alarm Type

processingErrorAlarm

Raise or Clear

Raise

Match trap

FEI_1.3.6.1.4.1.2011.5.25.165.1.11.8 hwBaseSecApplicationApperceiveDropRateResume

Trap Buffer Parameters

Parameter Description

ChassisID

Indicates the chassis ID.

SlotID

Indicates the slot number.

Protocol

Indicates the protocol number of a discarded packet. The corresponding protocol numbers are as follows:

  • ftpServer(1)
  • sshServer(2)
  • snmp(3)
  • telnetServer(4)
  • tftp(5)
  • bgp(6)
  • ldp(7)
  • rsvp(8)
  • ospf(9)
  • rip(10)
  • isis(11)
  • sftpSever(12)
  • icmp(13)
  • msdp(14)
  • pim(15)
  • ipv4Arp(16)
  • bpdu(17)
  • dhcp(18)
  • lacp(19)
  • ntp(20)
  • radius(21)
  • hwTacacs(22)
  • lspPing(23)
  • igmp(24)
  • rrpp(26)
  • vrrp(27)
  • bfd(28)
  • mplsOam(29)
  • eth8021ag(30)
  • ftpClient(31)
  • telnetClient(32)
  • sshClient(33)
  • sftpClient(34)
  • dnsClient(35)
  • telnetv6Server(64)
  • telnetv6Client(65)
  • icmpv6(67)
  • pimv6(69)
  • sshv6Server(70)
  • ospfv3(71)
  • bgpv6(72)
  • ftpv6Client(73)
  • ftpv6Server(74)

CurrentRateLow

Indicates the low 32 bits of traffic statistics.

CurrentRateHigh

Indicates the high 32 bits of traffic statistics.

NotifyEnabled

Indicates whether the trap function is enabled.

1: Enabled

2: Disabled

RateThreshold

Indicates the current alarm threshold.

RateInterval

Indicates the current alarm interval.

ProtocolDescription

Indicates the description of protocol.

Reason

Indicates the cause of the alarm.

VB Parameters

VB OID VB Name VB Index

1.3.6.1.4.1.2011.5.25.165.1.5.1.1.11

hwAppliApperCurrentRateLow

hwAppliApperChassisId

hwAppliApperSlotId

hwAppliApperProtocol

1.3.6.1.4.1.2011.5.25.165.1.5.1.1.12

hwAppliApperCurrentRateHigh

hwAppliApperChassisId

hwAppliApperSlotId

hwAppliApperProtocol

1.3.6.1.4.1.2011.5.25.165.1.5.1.1.14

hwAppliApperRateThreshold

hwAppliApperChassisId

hwAppliApperSlotId

hwAppliApperProtocol

1.3.6.1.4.1.2011.5.25.165.1.5.1.1.15

hwAppliApperRateInterval

hwAppliApperChassisId

hwAppliApperSlotId

hwAppliApperProtocol

1.3.6.1.4.1.2011.5.25.165.1.5.1.1.1

hwAppliApperChassisId

hwAppliApperChassisId

hwAppliApperSlotId

hwAppliApperProtocol

1.3.6.1.4.1.2011.5.25.165.1.5.1.1.2

hwAppliApperSlotId

hwAppliApperChassisId

hwAppliApperSlotId

hwAppliApperProtocol

1.3.6.1.4.1.2011.5.25.165.1.5.1.1.3

hwAppliApperProtocol

hwAppliApperChassisId

hwAppliApperSlotId

hwAppliApperProtocol

1.3.6.1.4.1.2011.5.25.165.1.5.1.1.16

hwAppliApperProtocolDescirption

hwAppliApperChassisId

hwAppliApperSlotId

hwAppliApperProtocol

Impact on the System

The bandwidth for protocol packet sending may be preempted, which may cause protocol interruption or packet loss.

Possible Causes

Application related traffic's discarded rate exceeded alarm threshold.

Procedure

1. Run the display cpu-defend car protocol protocol statistics slot slot-id command to check the information about the board protocol CIR and CBS. Check the values of Actual CIR in NP (unit: kbit/s) and Actual CBS in NP (unit: bytes).

  • If the configured protocol rate is too low to meet the requirements for service operation, run the car command to increase the rate. After 60 seconds, check whether the alarm is cleared. If the alarm is not cleared, go to Step 2.
  • If the configured protocol rate meets the requirements for service operation but the alarm is still not cleared, go to Step 2.

2. Run the display cpu-defend policy policy-number command to check the alarm configuration of Application apperceive Configuration. Check whether the protocol configurations of alarm threshold or alarm interval are reasonable.

  • If the alarm threshold is too low, run the alarm drop-rate command to increase the threshold value according to the traffic volume. Check whether the alarm is cleared. If the alarm is not cleared, go to Step 3.
  • If the alarm interval is too short, run the alarm drop-rate command to increase the interval. Check whether the alarm is cleared. If the alarm is not cleared, go to Step 3.

3. Run the display attack-source-trace slot slot-id original-information command to check the Attack Source Data. Check the header information cached in the attack source tracing module.

  • If the source IP address or the target IP address of the packet does not fall within the service scope, configure attack defense policies to filter the traffic. For specific configurations, see "Configuration of Local Attack Defense". Check whether the alarm is cleared. If the alarm is not cleared, go to Step 4.
  • If the source IP address and the target IP address of the packet meet the service requirements but the alarm is still not cleared, go to Step 4.

4. Collect the alarm information, log information, and configuration information, and then contact technical support personnel.

5. End.

Parent Topic: FEI
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >