VALIDATED
Flow Control vs Egress Queue Drops
outDiscards ≠ uplink congestion
VALIDATED
OSPF Neighbor Stuck in INIT
INIT = one-way visibility
VALIDATED
TLS Record Size Leakage
TLS encrypts content, not shape
VALIDATED
Retained Message Delay
Retained ≠ instant, depends on session
HYPOTHESIS
Container DNS Resolution Failure
FALSIFIED
Socket Descriptor Leak
Not all spikes are leaks
Flow Control vs Egress Queue Drops
Sustained outDiscards on access ports while uplinks remain clean
MODEL LAYER
MODEL: Microbursts overflow egress queue on access port.
PREDICTION: Specific queue drops under north→south burst while uplink remains clean.
SETUP: 10G upstream server → C9400 → 1G access port endpoint
COMMAND
TRUTH
RESULT
queue_2_drops: +120344 | uplink_drops: 0
CONCLUSION: Local egress queue overflow confirmed.
EDGE: Flow-control can shift congestion upstream.
COUNTER: If uplink queue drops increase under same test, congestion is not localized.
CONFIDENCE
90%
NEXT
Determine whether drops are class-default or classified traffic
▸ show platform hardware fed switch active qos queue config interface GiX/X/X
▸ identify queue-to-class mapping for Queue 2
▸ show policy-map interface GiX/X/X
▸ verify if DSCP/CoS classification is applied
IEEE 802.3x; Catalyst 9400 QoS