Admission Control is a mechanism by which incoming data packets will be dropped when the system is at over capacity. This throttling helps in ensuring that the system has enough resources to process the already buffered packets. The admission control is applied only on data packets.
To check if there are any over capacity drops, use the following commands:
root@spperf-gateway-1:~# dispcnt -s over_capacity_drop over_capacity_drop = 1461980 0 /s
root@gateway-1:~# dispcnt -s over_capacity_drop -d vcgw.com Fri Dec 17 11:12:25 2021 over_capacity_drop = 0 0 /s
root@gateway-1:~# dispcnt -s natd.shmem_oom -s natd.port_assign_fail -d vcgwnat.com Fri Dec 17 11:12:44 2021 natd.port_assign_fail = 0 0 /s natd.shmem_oom = 0 0 /s
root@gateway-1:~# dispcnt -p netif -s tx_drop -s rx_drop -d vcgw.com Fri Dec 17 11:13:04 2021 netif_eth0_rx_dropped = 0 0 /s netif_eth0_tx_dropped = 0 0 /s netif_eth1_rx_dropped = 0 0 /s netif_eth1_tx_dropped = 0 0 /s
To monitor the capacity of flows, run the following command:
root@gateway-1:~# dispcnt -s flow_admisison_limit_hit
root@gateway-1:~# dispcnt -s natd.shmem_oom -s natd.port_assign_fail -d vcgwnat.com Fri Dec 17 11:12:44 2021 natd.port_assign_fail = 0 0 /s natd.shmem_oom = 0 0 /s
The following table lists the threshold values and recommended actions for overcapacity drops.
Threshold State | Threshold Value | Recommended Corrective Action |
---|---|---|
Warning | 500 drops per 30 seconds (absolute count) When the drops remain above threshold value consistently for 5 minutes, warning alert is triggered. |
When the drops cross warning threshold:
|
Critical | 1000 drops per 30 seconds (absolute count) When the drops remain above threshold value consistently for 5 minutes, critical alert is triggered. |
When the drops cross critical threshold:
If the drops do not stabilize:
|