ifconfig eth0 RX dropped packets

ifconfig packets

The problem

The ifconfig command shows more and more dropped packets in the RX section. So, there seem to be a problem to some packets arriving from the Internet to my server.

The questions

  1. What kind of packets does this drop counter takes into account? Does it take all packets arriving, before reaching the iptables firewall, or after the packets have been accepted by iptables?

  2. How to solve the situation so that the ipconfig drop packets counter stops to increase?

Useful troubleshooting infos

Since I don't know what my problem really is, feel free to ask me to complete this section if you think some other info would be needed.

ifconfig

eth0      Link encap:Ethernet  HWaddr 00:cc:cc:cc:cc:cc  
          inet adr:90.0.0.2  Bcast:90.0.0.255  Masque:255.255.255.0
          adr inet6: fe80::21c:c0ff:feb9:829c/64 Scope:Lien
          adr inet6: 2001:a100:1:bbbb::1/64 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:113264620 errors:0 dropped:2523 overruns:0 frame:0
          TX packets:168526529 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 lg file transmission:1000 
          RX bytes:59171827564 (55.1 GiB)  TX bytes:223993117711 (208.6 GiB)

Note the "dropped:2523" in the RX section. This is the most important. This number is continuously increasing.

ip -4 route show

default via 90.0.0.254 dev eth0 
90.0.0.0/24 dev eth0  proto kernel  scope link  src 90.0.0.2

ip -6 route show

2001:a100:1:bbbb::1/64 dev eth0  proto kernel  metric 256 
fe80::/64 dev eth0  proto kernel  metric 256 
default via 2001:a100:1:bbff:ff:ff:ff:ff dev eth0  metric 1024

munin graph of plugin if_err_eth0_day

enter image description here


Solution 1:

http://www.novell.com/support/kb/doc.php?id=7007165

Beginning with kernel 2.6.37, it has been changed the meaning of dropped packet count. Before, dropped packets was most likely due to an error. Now, the rx_dropped counter shows statistics for dropped frames because of:

  • Softnet backlog full
  • Bad / Unintended VLAN tags
  • Unknown / Unregistered protocols
  • IPv6 frames when the server is not configured for IPv6

[...]

If the rx_dropped counter stops incrementing while tcpdump is running; then it is more than likely showing drops because of the reasons listed earlier.

Solution 2:

I've been trying to track down this issue too to no avail. I've also noticed RX packet drops at the rate of about one per second on my Ubuntu 12 box. From my searching I've found people with similar issues on various other linux platforms, SUSE, Rpi, and others. Seems like something with the linux kernel. Some more interesting clues that I've noticed make the issue disappear temporarily, but not exactly explanations.

  1. If I change my config from static to DHCP in my /etc/network/interfaces the RX packet drops cease.Maybe the unrecognized packets t have something to do with DHCP and when it's off the box doesn't know what to do with them?

  2. If I run a tcpdump the packet drops cease while the dump is running and come back when I stop it.

Maybe these clues will help get to the bottom of this?

Overall my network performance appears to be just fine, just curious to as why this is happening too.

Related

Should /etc/hosts contain an entry like '127.0.0.1 localhost myhost.example.org myhost'?
What is the default working directory for a scheduled task in Windows 2008 R2?
Published SRV records pointing to CNAME alias in violation of RFC 2782?
10 GB of RAM unaccounted for by top
USABLE multi-master replication for Postgres?
SSH over HTTPS with proxytunnel and nginx
AMI with or without reboot on AWS EC2
Windows Server 2012 Standard - Windows Store?
Run remote powershell as administrator
Failed to connect to memcache host !
Nginx - map single url to file
Domain Key not showing up in DNS query