| |
Bug Id: | CSCuq43430 |
Title: | SSE_Merge:100G interfaces remain down after image load |
|
Description: | Symptom:
100g interfaces stay in down/down state., shut no shut or add remove loopback configuration does not recover, flapping remote interface does not recover the issue.
Conditions:
This issue is seen with first time boot only. Not seen with subsequent reloads or reboots.
Workaround:
process restart npu_driver usually recovers the correct state.
Further Problem Description:
|
|
Status: | Terminated |
|
Severity: | 1 Catastrophic |
Last Modified: | 02-MAY-2015 |
|
Known Affected Releases: | 5.3.0.LC |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCus76458 |
Title: | after 5.2.3 -> 5.0.1 downgrade, next upgrade from 5.0.1 fails |
|
Description: | Symptom:
"INFRA-INSTAGENT-2-SELF_TEST_FAILURE" and Continuous LC reload on performing downgrade to 5.0.1 followed by an upgrade to 5.2.X
Conditions:
Happens when a downgrade from 5.2.x to 5.0.1 is followed by an upgrade from 5.0.1
Workaround:
Detailed workaround documented in https://techzone.cisco.com/t5/NCS-6000/Downgrade-procedure-from-5-2-1-to-5-0-1/ta-p/718877
Remove the following files from all RPs only when you are on 5.0.1 image (after downgrade to 5.0.1 from 5.2.1 image has been completed):
run
cd /install_repo/gl/instdb
rm ?f clos-master-swprofile-active.bin
rm ?f clos-master-swprofile-active.txt
rm ?f clos-master-swprofile-committed.bin
rm ?f clos-master-swprofile-committed.txt
Also, if access to the SysAdmin-VM is not possible from the XR-VM, please apply the following work-around on both RPs (in the XR-VM):
# chmod 700 /opt/cisco/XR/packages/iosxr-os.rp-5.0.1/sbin/admin-cli-proxy-xr_static
# chmod 700 /opt/cisco/XR/packages/iosxr-os.rp-5.0.1/sbin/confd_cli
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 04-MAY-2015 |
|
Known Affected Releases: | 5.2.3.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuu06731 |
Title: | High Convergence Time after FRR |
|
Description: | Symptom:
Bundle Ether 202 shutdown on ORCWST31 is causing very high FRR convergence time ranging from 300-1900 ms.
Conditions:
Interface shutdown.
Workaround:
None
Further Problem Description:
Bundle Ether 202 shutdown on ORCWST31 is causing very high FRR convergence time ranging from 300-1900 ms.
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 04-MAY-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCus57414 |
Title: | Kernel SMU installation fails due to install commit handling issue |
|
Description: | Symptom:
The issue is seen during activation/deactivation of any sysadmin SMU after "install commit".
install logging corresponding to the operation will have error message as follows
============================
Jan 19 23:14:08 install prepare and activate operation of encountered errors from 10 node(s)
============================
But this error is seen only when committed profile has any Kernel SMUs
Conditions:
The pre-condition for this issue to occur is:
1. install activate
2. Install commit
3. install activate
If happened to have any Kernel SMU, #3 will fail with above mentioned error.
Presence of Host SMU in has no implications
Workaround:
None
Further Problem Description:
None
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 05-MAY-2015 |
|
Known Affected Releases: | 5.2.3.BASE |
|
Known Fixed Releases: | 5.2.3.BASE, 5.2.5.8i.BASE |
|
|
| |
| |
Bug Id: | CSCus64684 |
Title: | NCS6K FIA drop - ingress interface and egress bundle share same slice |
|
Description: | Symptom:NCS6K FIA drop - ingress interface and egress bundle share same slice
Conditions:Traffic overloading specific interface
Workaround:Readjust bundle config and/or traffic profile
More Info:While generating IXIA traffic flows, we identified packet drops when two flow are on at the same time. These flows are concurrent in the same slice 0 location 0/3/cpu0 (income interfaces hun0/3/0/0 and hun0/3/0/1).
Flow 1 - Ingress hun0/3/0/0 and egress bundle containing hun0/3/0/6 (slice 3)
Flow 2 - Ingress hun0/3/0/1 and egress hun0/3/0/7 (slice 3)
If we start flow-2, 95% line-rate 500 bytes per packet, the packet loss is zero.
When we start flow-1 after flow-2, 95% line-rate 500 bytes per packet, flow-2 is impaired with packet loss.
We also noticed that if we increase packet size to 1500 bytes, the drops do not occur.
On debugging the issue we found out that one of the bundle members is 0/3/0/6 which is on the same asic as the destination port of flow 2 0/3/0/7.
In the working case amba requires 130G of credits to send out 95G of unicast traffic.
However we see that when 0/3/0/6 is a member of the bundle, 0/3/0/7 issues only 112G of credits which leads to the drops in the stream going out of 0/3/0/7.
At this time there was around 9G of traffic egressing out 0/3/0/6.
Looking at the voq state of interface 0/3/0/7 we saw that the queue was predominantly in the off state most of the time the traffic was running.
We tested by removing 0/3/0/6 from the bundle and did not see any drops
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 05-MAY-2015 |
|
Known Affected Releases: | 5.2.1.CE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCus50916 |
Title: | calvados keep-alive timer expired then RP0 was pxe booted during OCU |
|
Description: | Symptom:
During calvados issu, some cards was forced to do internal pse-boot because of
sysadmin-vm:0_RP0# show reboot-history card location 0/RP1
Timestamp "Mon Jan 19 14:36:37 2015"
Reason Code 8
Reason "Booting node has an incompatible base image, forcing internal pxe boot"
Src Location 0/RP0
Src Name inst_mgr
2
Timestamp "Mon Jan 19 14:31:07 2015"
Reason Code 8
Reason "Install BIV version mismatch reload"
Src Location ""
Src Name inst_mgr
Conditions:
the traffic was doing xr issu first then calvados issu. 50% reproducible
Workaround:
No workaround
Recovery: router power-cycle. May need to reimage the chassis if router power cycle cannot recover
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 05-MAY-2015 |
|
Known Affected Releases: | 5.2.3.BASE |
|
Known Fixed Releases: | 5.2.3.BASE, 5.2.4.4i.BASE, 5.2.5.8i.BASE |
|
|
| |
| |
Bug Id: | CSCus49127 |
Title: | RP1 is struck at grub - grub.cfg was modified during the smu activation |
|
Description: | Symptom:
RP1 is struck at grub - grub.cfg was modified during the smu activation.
Grub.cfg file in host boot partition is not right.
search.fs_label ?5].? roo
In above line fs_label is set to some junk.
Conditions:
The trigger was calvados issu. 20% reproducible
Lets say there was a reload after 1st phase in Calvados ISSU, nodes went through 1st phase may face this issue.
Workaround:
No Workaround.
Recovery: need to re-image the chassis.
Further Problem Description:
There was a bug setting Host LV Label while creating backup partition during Host SMU/Host ISO upgrade.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 06-MAY-2015 |
|
Known Affected Releases: | 5.2.3.BASE |
|
Known Fixed Releases: | 5.2.4.9i.BASE, 5.2.5.1i.BASE, 5.2.5.4i.BASE |
|
|
| |
| |
Bug Id: | CSCur40303 |
Title: | cpak-lr10x10: interface flaps multiple times after bulk unshut |
|
Description: | Symptom:
interfaces flap multiple times before coming to steady state
Conditions:
slice must be containing at least 1 lr10x10 optic inserted in one of the ports.
performing unshut / no shut on all 10 breakout interfaces in single commit forces all 10 links to be powered on at the same time. During this phase of bring up, if the incoming signal is not identified corretly it results in certain ports flapping more than once.
Workaround:
perform no shut on each interface in single commits. there fore to unshut all 10 interfaaces using no option to power on all the interfaces
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 07-MAY-2015 |
|
Known Affected Releases: | 5.2.3.LC |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCut94388 |
Title: | TLU entry has invalid TLU_ID drop for 6VPE traffic after RP FO |
|
Description: | Symptom:
l3vpn traffic dropped transiently on egress PSE as TLU entry has invalid TLU_ID
Conditions:
The triggers are proc restart of ipv4_rib or ipv6_rib, RP FO. 100% reproducible from 5.2.4 13I on my testbed
Workaround:
no
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 08-MAY-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCus59734 |
Title: | HSAT-CAL-ISSU: Sysadmin ISSU failed due to Timeout happened during ISSU |
|
Description: | Symptom:
After Calvados ISSU started, it failed with below error:
Apr 20 09:58:29 Timeout happened during ISSU operation. Reload system to recover
Conditions:
Seen after Calvados ISSU is started. Seen once so far
Workaround:
None
Further Problem Description:
|
|
Status: | Other |
|
Severity: | 2 Severe |
Last Modified: | 09-MAY-2015 |
|
Known Affected Releases: | 5.2.3.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuq95161 |
Title: | mLDP Core - Traffic drop on PE routers after XR VM switchover on P |
|
Description: | Symptom:On RP FO on NCS6k, ISIS neigh flapped
Conditions:Switchover from active RP to standby RP
Workaround:no
More Info:After standby RP became active, it tried to connect the old active, which hadn't been cleaned from the DS cache and this synchronous connection didn't fail until 10 seconds later. This fix is to reduce the 10 seconds to .5 second so that isis could complete the connection and move on to other tasks.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 12-MAY-2015 |
|
Known Affected Releases: | 5.2.3.BASE, 5.2.3.MCAST |
|
Known Fixed Releases: | 5.2.4.1i.BASE, 5.3.1.15i.BASE |
|
|
| |
| |
Bug Id: | CSCus64833 |
Title: | please remove 1 minute timer in the PD mcast mrib code |
|
Description: | Symptom:
you may see 1 minute timer in the PD mcast mrib code on release 5.2.3 on platform NCS6K.
Conditions:
ISSU
Workaround:
n/a
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 13-MAY-2015 |
|
Known Affected Releases: | 5.2.3.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuu10990 |
Title: | NGN:lldp subinterfaces enable config rejected on NCS6K 5.2.4.12i |
|
Description: | Symptom:
"lldp subinterfaces enable" config commit fails in global config mode. This cli is supposed to enabled lldp for sub-interfaces in 5.2.4.
Conditions:
"lldp subinterfaces enabled" config tried on NCS6K 5.2.4.12i
Workaround:
None
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 14-MAY-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | 5.2.5.9i.FWDG |
|
|
| |
| |
Bug Id: | CSCus54427 |
Title: | bfd sessions stuck in down state forever after LC OIR following ISSU |
|
Description: | Symptom:
All v4/v6 bfd sessions stay in DOWN state
Conditions:
In one of the following conditions
1. Step by Step ISSU
2. All the LC OIR-one at a time
OR
1. Step by Step ISSU
2. Powercycle
OR
1. Step by Step ISSU
2. router reload
Workaround:
none
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 15-MAY-2015 |
|
Known Affected Releases: | 5.2.3.BASE |
|
Known Fixed Releases: | 5.2.4.6i.BASE |
|
|
| |
| |
Bug Id: | CSCus47583 |
Title: | During OCU rvm_mgr reloaded the standby RP |
|
Description: | Symptom:
During calvados ISSU, standby RP keeps reset
0/RP0/ADMIN0:Jan 12 04:45:55.133 : shelf_mgr[2574]: %INFRA-SHELF_MGR-4-VM_RELOAD : Reloading admin VM on 0/RP1
0/RP0/ADMIN0:Jan 12 04:55:26.393 : shelf_mgr[2574]: %INFRA-SHELF_MGR-6-SW_EVENT : Rcvd SW event SW_EVENT_FAILURE, event_reason_str 'wdog__0 SysAdmin VM Watchdog stage1:0' for card 0/RP1
0/RP0/ADMIN0:Jan 12 05:05:37.026 : shelf_mgr[2574]: %INFRA-SHELF_MGR-6-HW_EVENT : Rcvd HW event HW_EVENT_POWERED_OFF, event_reason_str 'Powered off via CCC WARM RESET' for card 0/RP1
0/RP0/ADMIN0:Jan 12 05:05:40.774 : shelf_mgr[2574]: %INFRA-SHELF_MGR-6-HW_EVENT : Rcvd HW event HW_EVENT_POWERED_ON, event_reason_str 'board primary power-zone on' for card 0/RP1
Conditions:
the trigger was calvados ISSU. 10% reproducible.
Workaround:
none
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 15-MAY-2015 |
|
Known Affected Releases: | 5.2.3.BASE |
|
Known Fixed Releases: | 5.2.4.10i.BASE, 5.2.5.4i.BASE |
|
|
| |
| |
Bug Id: | CSCut72458 |
Title: | Device GN2411 Not_Ready on 60x10gig NCS6000 |
|
Description: | Symptom:
GN2411 on 60x10gig module for NCS6k not loading. Status is "NOT_READY", ports on slice not forwarding.
Conditions:
Operate
Workaround:
Possible restart CCC_Driver
Further Problem Description:
none
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 15-MAY-2015 |
|
Known Affected Releases: | 5.2.1.CE |
|
Known Fixed Releases: | 5.2.4.15i.BASE, 5.2.5.8i.BASE |
|
|
| |
| |
Bug Id: | CSCuu09679 |
Title: | Config restore takes 11 mins to come up on PAT card |
|
Description: | Boot time of Pat LC is increased due to this issue (upto 7 minutes seen in testing). The DDTS fix will restore the Boot time for Pat LC to 5.2.3 numbers.
Symptom:
Boot time was increased for Pat LC. EPM traces and other logs indicate that Config restore on the LC is taking upto 11 minutes.
Conditions:
The issue is seen on reload of the LC and power-cycle of router.
Workaround:
None
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 15-MAY-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCut09462 |
Title: | MC: "error: file `/cache/system_image.iso' not found" after loading img |
|
Description: | Symptom:Whenever SW mismatch happens( No.of SMU installed on Active Vs Local Node or version mismatches), then reimage of node is done install Manager. This is broken now. It will be struck at the grub(boot) menu after automatic reload.
Reason for the break: When ISSU feature was added in 523, symbolic link files are introduced in install repository. Then while synchronising the install repo, symlinks and actual file pointed by symlinks were synchornised separately. This lead to download only symlink instead of actual image file while reimaging.
Conditions:Whenever SW mismatch happens( No.of SMU installed on Active Vs Local Node or version mismatches), then reimage of node is done install Manager.
Conditions of sw mismatch: When install operation is going on if some node is reloaded, then that will not complete install op. When it comes up, sw mismatch happens and reimage itself. Other condition is OIR. If user plug card with different sw version installed, then sw mismatch happens.
Workaround:USB booting the card is only option.
More Info:Actual problem is, during reimage it is downloading only symbolic link. But the image pointed by symbolic link is not getting downloaded. This DDTS/SMU will fix the issue.
|
|
Status: | Fixed |
|
Severity: | 1 Catastrophic |
Last Modified: | 17-MAY-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | 5.2.4.14i.BASE, 5.2.5.5i.BASE, 5.2.5.8i.BASE |
|
|
| |
| |
Bug Id: | CSCus31665 |
Title: | admin config loss after hw-mod loc all reload |
|
Description: | Symptom:
On a Cisco NCS4000 or 6000 series router, after issuing a 'hw-module reload' command from the sysadmin mode, the latest sysadmin configuration commit may be lost. This issue seems to be relatively rare
Conditions:
Conditions to trigger this issue are unknown, but seem to occur relatively rarely.
Workaround:
When this issue is triggered, the correct sysadmin configuration has already been backed up. You will find text files containing previous sysadmin backup files by performing the following commands:
1. Locate the desired sysadmin configuration backup file. They are organized by timestamp. (The desired one will most likely be the second most recent):
sysadmin-vm:0_RP0# run
Thu Jan 8 22:52:27.545 UTC
[sysadmin-vm:0_RP0:~]$cd /misc/config/confd/ascii_backup/
[sysadmin-vm:0_RP0:/misc/config/confd/ascii_backup]$ls *cfg
confd_config_backup_20150108225813.cfg confd_config_backup_20150109002852.cfg
confd_config_backup_20150108225820.cfg confd_config_backup_20150109003646.cfg
2. Load the config file:
[sysadmin-vm:0_RP0:~]$/opt/cisco/calvados/script/confd_manual_restore.sh
Will restore config from ascii config file "confd_config_backup_20150109003646.cfg"
Restored configuration from "confd_config_backup_20150109003646.cfg" successfully
[sysadmin-vm:0_RP0:~]$
3. Exit the shell, and confirm that the proper configuration has been loaded. The 'Commit performed' message displayed in this example may or may not be shown.
[sysadmin-vm:0_RP0:~]$exit
exit
sysadmin-vm:0_RP0#
System message at 2015-01-09 00:41:26...
Commit performed by root via console using noaaa.
sysadmin-vm:0_RP0# show running-config
Fri Jan 9 00:41:33.617 UTC
fpd auto-upgrade disable
aaa authentication users user root
....
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 18-MAY-2015 |
|
Known Affected Releases: | 5.2.3.BASE |
|
Known Fixed Releases: | 5.2.4.BASE |
|
|
| |
| |
Bug Id: | CSCuu22102 |
Title: | PLX-8614 showing not ready |
|
Description: | Symptom:
PLX-8614 showing not ready on SCSW cards
Conditions:
after upgrading to 5.2.4.16I
Workaround:
none
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 18-MAY-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | 5.2.4.BASE |
|
|
| |
| |
Bug Id: | CSCut69566 |
Title: | Panini issu: RSVP crashed at debug_sync_immediate on ISSU cleanup |
|
Description: | Symptom:
RSVP crash seen on RP0.
Conditions:
This symptom is observed on a NCS6K router that is running 525 image in ISSU cleanup phase.
Workaround:
There is no workaround.
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 18-MAY-2015 |
|
Known Affected Releases: | 5.2.5.BASE |
|
Known Fixed Releases: | 5.2.5.9i.FWDG |
|
|
| |
| |
Bug Id: | CSCus95955 |
Title: | VSAT: ospf nbr down in Load Ph- Forwording interface failed to change bk |
|
Description: | Symptom:
ospf neighbors were down during ISSU Load Phase in VSAT ISSU sanity testing.
Conditions:
Executed "install activate issu load" command.
Workaround:
Unknown.
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 19-MAY-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCut76883 |
Title: | Not able to install Calvados and XR Kernel SMU's for changes in libexec |
|
Description: | Symptom:
Not able to install lib-exec kernel smu
Conditions:
Workaround:
Further Problem Description:
|
|
Status: | Terminated |
|
Severity: | 2 Severe |
Last Modified: | 19-MAY-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCut96231 |
Title: | MC: xr vm IP conflict caused by sync issue between sysadmin and hushd |
|
Description: | Symptom:
RP xr vm's had IP conflict caused by synchronization/communication issue between
sysadmin and hushd after loading image with reimage_chassis command.
on a NCS6K 2+2 Multi-chassis system.
Conditions:
Loaded image with reimage_chassis command on a NCS6K 2+2 Multi-chassis system.
Workaround:
Unknown.
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 19-MAY-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCus31214 |
Title: | RP0 went to Failed unexpected CPU down : MERR CAT_ERR" in OCU |
|
Description: | Symptom:
During the RP0 admin vm reload in calvados ISSU, the hardware state of RP0 went to FAILED because of "unexpected CPU down event: failure detected: MERR CAT_ERR". Then RP0 stuck at host in booting.
Conditions:
hit this issue only once during Calvados ISSU.
Workaround:
No Workaround.
Recovery: No router reload to reco
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 19-MAY-2015 |
|
Known Affected Releases: | 5.2.3.BASE, 5.2.5.ADMIN |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuu11986 |
Title: | Some of the nodes missing in the entPhysicalName output on A41 |
|
Description: | Symptom:
Some of the nodes missing in the entPhysicalName output on A41
Conditions:
Workaround:
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 19-MAY-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCus91625 |
Title: | Complete traffic drop with Rx pkt discard drops(IQM) on FIA |
|
Description: | Symptom:
otal traffic drop observed on a FIA with Rx pkt discard drops(IQM) error count. Sum of packets from PSE and switch shown as dropped.
RP/1/RP0/CPU0:cr02.ashburn.va.ibone#sh controllers fia statistics detail instance 3 location 0/7/CPU0
Sun Feb 8 18:21:40.872 UTC
FIA Statistics Rack: 0, Slot: 7, Asic instance: 3
FIA Rx (To Fabric) Statistics.
------------------------------------------------------------------------
Input Pkt counters Pkts Bytes
Rx pkts from pse : 838299 173715291 <<<<
Rx pkts from switch : 125894 31749373 <<<<<
bcast pkts from switch : 0
mcast pkts from switch : 0
ucast pkts from switch : 125894
Rx pkts enqueued(IQM) : 15 1905
Rx pkts dequeued(IQM) : 15 1905
Rx pkts sent to fabric : 15
Cell counters:
Data cells sent to fabric : 15 1905
Control cells sent to fabric : 500757232757
Drop counters:
Rx burst error drops(NBI) : 0
Rx error drops(Switch) : 0
Rx error drops(pse) : 0
Rx pkt discard drops(IQM) : 963726 209341053 <<<<
Pkt crc error drops(FDT) : 0
Unreachable dest cell drops : 0
Conditions:
- FIA encounters a memory partity error
- Currently on 5.2.1 & 5.2.3 there is no mechanism to log this parity error event and initiate a recovery mechanism.
- Hence no errors would be seen in "show asic-erros" output and traffic coming in to the FIA gets completely dropped.
Workaround:
- Perform a manual power on reset of the FIA ASIC ( to be updated)
Further Problem Description:
NIL
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 19-MAY-2015 |
|
Known Affected Releases: | 5.2.1.BASE |
|
Known Fixed Releases: | 5.2.4.8i.BASE, 5.2.5.4i.BASE |
|
|
| |
| |
Bug Id: | CSCuu24205 |
Title: | Inventory information mismatch on ci-525 |
|
Description: | Symptom:
inventory information mismatch between idprom and sh inventory
Conditions:
None
Workaround:
None
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 20-MAY-2015 |
|
Known Affected Releases: | 5.2.5.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCur79587 |
Title: | ncs6k bao_id_size increase to 2**18 |
|
Description: | Symptom:
FIB doesn't support full internet feed bgp attribute
Conditions:
internet feed bgp attributes
Workaround:
none
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 21-MAY-2015 |
|
Known Affected Releases: | 5.2.3.BASE |
|
Known Fixed Releases: | 5.2.3.13i.BASE, 5.2.4.1i.BASE |
|
|
| |
| |
Bug Id: | CSCuu44776 |
Title: | 521 Card insertion into 524/523 chassis fails to come up with 524/523 |
|
Description: | Symptom:
Card OIR into 5.2.3/5.2.4 chassis. Card fails to come up with 524/523
Conditions:
Chassis is running 5.2.3/5.2.4 version.
Card running 5.2.1 is inserted into chassis running 5.2.3/5.2.4
Workaround:
Chassis where 5.2.1 card is inserted has one card with 5.2.3/5.2.4.
Attach to the card (same chassis as that of 5.2.1 card is inserted).
1. sysadmin$ attach location
Run this command.
2. chvrf 0 /opt/cisco/calvados/sbin/reimage_chassis -s
Further Problem Description:
|
|
Status: | Terminated |
|
Severity: | 2 Severe |
Last Modified: | 21-MAY-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuu11319 |
Title: | ncs6k nVOptical: Controller ODU cli fails |
|
Description: | Symptom:
show controller ODU command not working....
RP/0/RP0/CPU0:nv-panini#show controllers ODU4 100/7/0/2
Tue Apr 28 05:29:49.615 UTC
intf_otn_odu_recovered: error while loading shared libraries: libcontroller_resource_bag_desc.so: cannot open shared object file: No such file or directory
Conditions:
Router running 5.2.4 image and execution of this command
Workaround:
NA
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 22-MAY-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuu22548 |
Title: | npu_driver should abort int creation if asic init fails on unshut slice |
|
Description: | Symptom:
The npu_driver process fails to abort interface creation when asic init fails on a newly unshut slice.
Conditions:
This issue is seen on a NCS6K router booted with Cisco IOS XR version 5.2.5-08i.
Workaround:
Unknown
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 22-MAY-2015 |
|
Known Affected Releases: | 5.2.5.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCus77973 |
Title: | NCS6K HA Fabric Lost Packets with 5 planes |
|
Description: | ---Start of Note Titled: Release-note---
Symptom:
In a multi-chassis router with one of the fabric planes shut down, line-rate
traffic with small packets (256Bytes) suffers packet loss to the tune of 5%
when one or more FIA devices have a reachability of less than 5 planes (30
links).
Conditions:
When all the links in the fabric are up and all planes are up, this setting
will not have any adverse impact. But when a plane is down (bringing the
total number of links from/to FIAs to 30) and one or more FIA devices have
fewer than 30 links up towards them, the all-reachability vector on all FIAs
are reduced to less than 30. In this scenario, all FIAs
end up using a number of links less than 30 to arrive at the total credits.
Depending on how many links are down to the affected FIA, the total credits
could be much less than that needed for doing line-rate traffic.
Workaround:
The problem only shows up when one or more FIA devices are not reachable on
all fabric links. Such links must be identified and fixed (by replacing the
failing FRUs).
If, for some reason that is not possible, then the incorrect option that is
causing the problem can be manually removed from /pkg/bin/cisco_ng.bcm
on the XR VMs of all linecards in the system.
The procedure is : (For each linecard in the system)
1) Attach to the linecard from the XR VM's command prompt.
attach location 0/0/CPU0
2) Open /pkg/bin/cisco_ng.bcm in vi and search for the following line and
remove it.
scheduler_fabric_links_adaptation_enable=1
3) Save the file and sync.
4) Reload the router after modifying all the linecards' cisco_ng.bcm
Further Problem Description:
---End of Note Titled: Release-note---
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 24-MAY-2015 |
|
Known Affected Releases: | 5.2.4.FWDG |
|
Known Fixed Releases: | 5.2.4.9i.BASE, 5.2.5.4i.BASE |
|
|
| |
| |
Bug Id: | CSCut77471 |
Title: | APRIL 2015 NTPd Vulnerabilities |
|
Description: | Symptom:
This product includes a version of ntpd that is affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs:
CVE-2015-1798 and CVE-2015-1799
This bug has been opened to address the potential impact on this product.
Conditions:
Device has NTP authentication enabled and/or has NTP authentication enabled with peers:
ntp authenticate
ntp authentication-key 1234 md5 104D000A0618 7
ntp trusted-key 1234
ntp peer 192.168.0.1 key 1
Workaround:
There are no workarounds.
Further Problem Description:
ETA - The fix will be committed to code base by 4/20/2015. Then SMU release request can be raised to start SMU release
procedure.
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 5.0/4.3
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:U/RC:C
The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 24-MAY-2015 |
|
Known Affected Releases: | 5.2.3.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCus27229 |
Title: | December 2014 - NTPd.org Vulnerabilities |
|
Description: | Symptom:
IOS-XR for Cisco Network Convergence System (NCS) 6000 includes a version of NTPd that is affected by the vulnerabilities identified by the Common Vulnerability and Exposures (CVE) IDs:
CVE-2014-9293, CVE-2014-9294, CVE-2014-9295 and CVE-2014-9296
This bug has been opened to address the potential impact on this product.
Please consult http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd for further information.
Conditions:
ntp enabled on the device.
Workaround:
Use NTP access-groups
Further Problem Description:
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 7.5/7.5:
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:U/RC:C
The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 24-MAY-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | 5.2.4.6i.BASE |
|
|
| |
| |
Bug Id: | CSCus69517 |
Title: | Evaluation of glibc GHOST vulnerability - CVE-2015-0235 |
|
Description: | Symptom:
IOS-XR for Cisco Network Convergence System (NCS) 6000 includes a version of the GU C library that is affected by the following vulnerability.
On January 27, 2015, a buffer overflow vulnerability in the GNU C library (glibc) was publicly announced. This vulnerability is related to the various gethostbyname functions included in glibc and affect applications that call these functions. This vulnerability may allow an attacker to obtain sensitive information from an exploited system or, in some instances, perform remote code execution with the privileges of the application being exploited. This vulnerability is documented in CVE-2015-0235.
A Cisco Security Advisory has been published to document this vulnerability at:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost
This bug has been opened to address the potential impact on this product.
Conditions:
Exposure is not configuration dependent.
Workaround:
Not available.
Further Problem Description:
No specific exploitation vector for NCS6K is known.
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are: 10/7.8
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C/CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND
The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 24-MAY-2015 |
|
Known Affected Releases: | 5.2.4.BASE, 5.4.0.BASE |
|
Known Fixed Releases: | 5.2.4.1i.MCAST |
|
|
| |
| |
Bug Id: | CSCup74814 |
Title: | MRU/MTU config not replayed upon NPU reset |
|
Description: | Symptom:Programmed interface MRU/MTU is different from the configured value.
Conditions:Post NPU reset
Workaround:The configuration may be re-applied for recovery.
LC reload is another possible workaround
More Info:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 25-MAY-2015 |
|
Known Affected Releases: | 5.0.1.LC |
|
Known Fixed Releases: | 5.2.3.6i.BASE |
|
|
| |
| |
Bug Id: | CSCuu25641 |
Title: | R53x - process config_helper missing HA-role of RP0 |
|
Description: | Symptom:
After Restarting the confd_helper process HA-role of RP0 is not seen on cli "show processes services confd_helper location all"
Conditions:
confd_helper process restart
Workaround:
None
Further Problem Description:
|
|
Status: | Terminated |
|
Severity: | 2 Severe |
Last Modified: | 25-MAY-2015 |
|
Known Affected Releases: | 5.3.1.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuu44451 |
Title: | fabric bundle links flap or stay down upon CXP OIR |
|
Description: | Symptom:
on 4+2 system with 5.2.4.16I, observed fabric bundle links flap or stay down upon CXP OIR.
Conditions:
cxp OIR
Workaround:
n/a
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 25-MAY-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCut07852 |
Title: | [N6K] Active RP OIR is causing missing LC0 on XR-VM |
|
Description: | Symptom:
LC0/0 OIR notification when physical OIR'ing an RP.
Conditions:
Physical OIR of an RP
Workaround:
NA
Further Problem Description:
??? When RP is being removed, we had enough time to process RP's own BOARD_REMOVAL interrupt (this is generated when short pin is disconnected from backplane):
??? When a ev_removal event is injected to the CCC state machine, it will call the following routine:
/*
* Called when the card is physically removed from chassis
*/
void
ccc_csm_ev_removed_handler (struct ccc_card_fsm_dm *this)
{
struct ccc_card_info *card_info = this->data->card_info;
ccc_handle_card_removal(card_info->presence_bit, TRUE);
}
??? Because the local card presence_bit value is never initialized, it has default value of '0', which is LC0 presence bit. So basically RP removal is being wrongly reported as LC0 removal.
Card removal was never meant to be handle for local card as there is no representation of presence bit for local RP. The fix for this is to skip the call of ccc_handle_card_removal() event for local card or just don't inject removal event of local card.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 25-MAY-2015 |
|
Known Affected Releases: | 5.2.3.BASE |
|
Known Fixed Releases: | 5.2.4.13i.BASE, 5.2.5.8i.BASE |
|
|
| |
| |
Bug Id: | CSCut77956 |
Title: | ISSU-AD: MGBL-AAAD-3-ERROR : Failed to setup ConfD subscriptions, err=-1 |
|
Description: | Symptom:
During ISSU upgrade (or) AAAD process restart, the following error-trace is displayed,
%MGBL-AAAD-3-ERROR : Failed to setup ConfD subscriptions, err=-1
Conditions:
On NCS6K/NCS4K, ISSU upgrade (or) process restart of AAAD.
Workaround:
NONE
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 26-MAY-2015 |
|
Known Affected Releases: | 5.2.4.ADMIN, 5.2.4.BASE |
|
Known Fixed Releases: | 5.2.4.15i.BASE, 5.2.5.8i.BASE |
|
|
| |
| |
Bug Id: | CSCuq95241 |
Title: | IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability |
|
Description: | <b>Symptom:</b>
A vulnerability in the parsing of malformed IP version 6 (IPv6) packets in Cisco IOS XR Software for Cisco Network Convergence System 6000 (NCS 6000) and Cisco Carrier Routing System (CRS-X) could allow an unauthenticated, remote attacker to cause a reload of a line card that is processing traffic.
The vulnerability is due to improper processing of malformed IPv6 packets carrying extension headers. An attacker could exploit this vulnerability by sending a malformed IPv6 packet, carrying extension headers, through an affected Cisco IOS XR device line card. An exploit could allow the attacker to cause a reload of the line card on the affected Cisco IOS XR device.
Cisco has released free software updates that address this vulnerability.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6
<b>Conditions:</b>
Refer to the published Cisco Security Advisory
<B>Workaround:</B>
Refer to the published Cisco Security Advisory
<B>Further Problem Description:</B>
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 7.1/5.9:
http://tools.cisco.com/security/center/cvssCalculator.x?version=2.0&vector=AV:N/AC:M/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C
CVE ID CVE-2015-0618 has been assigned to document this issue.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 26-MAY-2015 |
|
Known Affected Releases: | 5.2.1.BASE |
|
Known Fixed Releases: | 5.2.3.9i.BASE, 5.3.1.4i.BASE |
|
|
| |
| |
Bug Id: | CSCur37330 |
Title: | After 208.5 days uptime the kernel TSC 64bit counter overruns |
|
Description: | Symptom:
RP or LC reloads due to hardware wdog timeout.
Conditions:
Uptime of 208.5+ days
Workaround:
Reload RPs/LCs before the uptime of 208.5 days has been reached.
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 1 Catastrophic |
Last Modified: | 26-MAY-2015 |
|
Known Affected Releases: | 5.0.1.BASE, 5.2.1.BASE |
|
Known Fixed Releases: | 5.2.3.99i.BASE |
|
|
| |
| |
Bug Id: | CSCur02177 |
Title: | Bash Vulnerability - (CVE-2014-6271) |
|
Description: | Symptom:
The following Cisco products
NCS6k
include a version of Bash that is affected by the vulnerabilities identified by the Common Vulnerability and Exposures (CVE) IDs:
CVE-2014-6271
CVE-2014-6277
CVE-2014-6278
CVE-2014-7169
CVE-2014-7186
CVE-2014-7187
This bug has been opened to address the potential impact on this product.
Conditions:
Exposure is not configuration dependent.
Authentication is required to exploit this vulnerability.
Workaround:
Not available.
Further Problem Description:
Product is vulnerable in 5.0.0, 5.0.1, 5.2.1.
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 7.5/7.5:
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:U/RC:C
The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 26-MAY-2015 |
|
Known Affected Releases: | 5.2.3.BASE |
|
Known Fixed Releases: | 5.2.3.17i.BASE |
|
|
| |
| |
Bug Id: | CSCuh73563 |
Title: | NG-XR: STACK both writable & executable for /pkg/lib/libclib.so library |
|
Description: | Symptom:
NG-XR stack may be both writable and executable.
Conditions:
Happens with /pkg/lib/libclib.so library introduced while adding ELOG support for easier debugging in IOS-XR images.
Workaround:
None
Additional Information:
No exploit present - an attacker would first have to exploit some other vulnerability on the system.
This defect is filed as security hardening defect.
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 1 Catastrophic |
Last Modified: | 26-MAY-2015 |
|
Known Affected Releases: | 5.2.1.BASE |
|
Known Fixed Releases: | 5.2.1.32i.BASE, 5.2.2.24i.BASE, 5.2.3.8i.BASE, 5.3.0.8i.BASE |
|
|
| |
| |
Bug Id: | CSCur18075 |
Title: | panini issu: should not see "Bundle being replicated to this location" |
|
Description: | Symptom:
you may see bundle member in "Bundle being replicated to this location" state on release 5.2.3 on platform NCS6K.
Conditions:
ISSU load/Run phase
Workaround:
None
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 26-MAY-2015 |
|
Known Affected Releases: | 5.2.3.BASE, 5.2.4.BASE |
|
Known Fixed Releases: | 5.2.3.17i.BASE, 5.2.4.1i.BASE, 5.2.4.3i.BASE |
|
|
| |
| |
Bug Id: | CSCuq10466 |
Title: | IOS XR Software Malformed MPLS Packet Denial of Service Vulnerability |
|
Description: | Symptom:
A vulnerability in parsing of malformed Multiprotocol Label Switching (MPLS) packets in Cisco IOS XR Software for Cisco Network Convergence System 6000 Series Routers could allow an unauthenticated,
adjacent attacker to cause a lockup and eventual reload of a network processor unit (NPU) and a line card processing traffic.
The vulnerability is due to insufficient logic in parsing MPLS packets. An attacker could exploit this vulnerability by sending a malformed MPLS packet to be processed by the affected device. An exploit could allow
the attacker to cause a lockup and eventual reload of a network processor unit and a line card, leading to a denial of service (DoS) condition.
Conditions:
Device configured to process MPLS packets.
Workaround:
None.
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 6.1/5:
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:A/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C
CVE ID CVE-2014-3379 has been assigned to document this issue.
Additional details about the vulnerability described here can be found at:
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3379
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 26-MAY-2015 |
|
Known Affected Releases: | 5.0.1.BASE, 5.0.1.LC |
|
Known Fixed Releases: | 5.1.4.6i.BASE, 5.2.1.31i.BASE, 5.2.2.24i.BASE, 5.2.3.8i.BASE, 5.3.0.8i.BASE |
|
|
| |
| |
Bug Id: | CSCuu24128 |
Title: | Critical failover elapsed time not seen in Show logging output in CI-525 |
|
Description: | Symptom:
Critical failover elapsed time not found in show logging output
Conditions:
Trigger RPFO
Workaround:
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 27-MAY-2015 |
|
Known Affected Releases: | 5.2.5.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuu33822 |
Title: | NPU-1: Failed to get pla drops stats in npu_platform_stats_get_plim |
|
Description: | Symptom:
An NPU may fail to get pla drops stats in npu_platform_stats_get_plim after a line card is reloaded as shown by the following error messages:
LC/0/5/CPU0:May 13 22:01:36.832 : npu_driver[270]: %L2-NPU-6-INFO_MSG : NPU-1: Failed to get pla drops stats in npu_platform
_stats_get_plim
LC/0/5/CPU0:May 13 22:02:41.730 : sysdb_svr_local[214]: %SYSDB-SYSDB-6-TIMEOUT_EDM : EDM request for 'oper/plim-asic-drv/node/500/summary' from 'plim_ether_show' (jid 67901, node 0/5/CPU0). No response from 'npu_driver' (jid 270, node 0/5/CPU0) wit
hin the timeout period (100 seconds)
Conditions:
This issue is seen on a NCS6K router booted with Cisco IOS XR version 5.2.5-08i.
Workaround:
Unknown
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 28-MAY-2015 |
|
Known Affected Releases: | 5.2.5.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCur69040 |
Title: | Unable to Activate Kernel SMU |
|
Description: | Symptom:
Unable to Activate Kernel SMU
Conditions:
Activate CSCur02177 SMU
Workaround:
None
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 28-MAY-2015 |
|
Known Affected Releases: | 5.0.1.BASE |
|
Known Fixed Releases: | 5.2.4.10i.BASE, 5.2.5.4i.BASE |
|
|
| |
| |
Bug Id: | CSCuu23846 |
Title: | XR-Active RP OIR causing %IP-TCP_NSR-3-OUT_OF_SYNC |
|
Description: | Symptom:
NCS6K 5.2.3
Upon active XR RP OIR, below syslog appears continuously until TCP is restarted on the new XR-Active RP.
tcp[332]: %IP-TCP_NSR-3-OUT_OF_SYNC : One or more NSR control messages could not be delivered to partner TCP.
Conditions:
When the NCS6K RP card is slowly removed from the slot, there is a window where the card is still powered on but the standby RP detects this as CARD REMOVAL and hence tells the software on PEER RP that the Active RP is removed. This is a conflict of information and caused software issues.
Workaround:
Do only graceful RP OIR. Shutdown the card in sysadmin config mode and then remove the RP card from the slot.
Further Problem Description:
None.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 28-MAY-2015 |
|
Known Affected Releases: | 5.2.3.BASE |
|
Known Fixed Releases: | 5.2.5.10i.BASE |
|
|
| |
| |
Bug Id: | CSCuu31827 |
Title: | packet corruption w/PHP when L2 trailer eixists in packet |
|
Description: | Symptoms:
Packets dropped on ultimate hop pop (UHP) node on ingress with ''IPV4 checksum errors'',
where NCS6k is acting as PHP node and running 5.2.3 version image.
Packet captures on UHP ingress show corrupted UDP header.
Conditions:
Problem is seen in an inter-op scenario when all the the below conditions meet:
- incoming MPLS packet is trailed with extra bytes on an NCS6k node
- that is running 5.2.3 or a newer version image and
- acting as PHP node for the stream.
These specific packets are not handled gracefully on NCS6k and get corrupted while processing.
First condition is a very specific case and should not exist for ServiceProvider network.
Any other data/control traffic streams, flowing through NCS6k at the same time which don't
have trailing bytes...are not impacted.
Problem is not seen for an IP only network.
Workaround:
Configure explicit-null on UHP node.
Further Problem Description:
When MPLS packets with trailing bytes reached NCS6k, it was not handled gracefully on 5.2.3
release which supports NHID based forwarding. In earlier release that didn't have NHID based
forwarding , this case is handled gracefully.
Problem is seen when all the below conditions meet:
a. incoming MPLS packet is trailed with extra bytes on an NCS6k Ingress linecard
b. that is running 5.2.3 or a newer version image and
c. acting as PHP node for the stream.
Problem Impact:
a. These specific packets are not handled gracefully on NCS6k and get corrupted while processing
and were dropped on the next node (UHP node).
b. All other data/control streams that didn't have trailing bytes, were flowing fine.
Condition a. is not likely for a production ServiceProvide network. In this case we hit upon
the issue as upstream 7600 was adding extra trailing bytes to the packet.
Here are some workarounds which were tried and found to be working:
a. Replaced 7600 node (doing MPLS encapsulation) with ASR9K.
b. Add static route on 7600 such that outgoing packet from 7600 node is unlabeled.
c. Configure explicit null on UHP node such that NCS just does label swapping and will not do PHP processing.
d. When image was downgraded to 5.0.1 issue was not seen as it didn't have NHID forwarding.
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 2.9/2.4:
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:A/AC:M/Au:N/C:N/I:N/A:P/E:F/RL:OF/RC:C
No CVE ID has been assigned to this issue.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 28-MAY-2015 |
|
Known Affected Releases: | 5.2.3.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCut83406 |
Title: | Continuous PPE exception dump due to num_entries=0 in XR ISSU run phase |
|
Description: | Symptom:
Continuous ppe exception dumps will occur during the ISSU run phase, the ISSU process may be aborted.
Conditions:
Configure and schedule an ipsla operation. While the operation is active do ISSU.
Workaround:
Remove the ipsla config before doing ISSU. After ISSU the user can reconfigure ipsla.
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 28-MAY-2015 |
|
Known Affected Releases: | 6.0.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuu33363 |
Title: | Observe frequent ccc_driver crashes on SC OIR |
|
Description: | Symptom:
CCC Driver process crash
Conditions:
hw-mod reload not working
Will not be able to collect ctraces for CCC driver
Workaround:
None
Further Problem Description:
With Scale on FCC chassis (i.e populating all 12 FC and all CXP in the all ports), the number of FD allocated for CCC Driver process is maxed out resulting in CAPI failures/incoming client connection failures
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 28-MAY-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | 5.2.5.10i.BASE |
|
|
| |
| |
Bug Id: | CSCuu29868 |
Title: | RP sync fails due to broken symlinks. |
|
Description: | Symptom:
RP sync fails to happen. System will in inconsistent state.
Conditions:
Symlinks in install repository are broken.
Workaround:
None
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 28-MAY-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | 5.2.5.10i.BASE |
|
|
| |
| |
Bug Id: | CSCuu57969 |
Title: | GMPLS-TE src not set - OLM reg. failure as olm_api has LWM problem |
|
Description: | Symptom:
when enabling GMPLS-TE, we require LMP on the interface to be UP.
When LMP is configured on the DWDM interface, the client on Active-RP is trying to connect with server on Stand-BY-RP. This client-server registration is failing, resulting in LMP being down, further GMPLS-TE is down as a result.
Conditions:
this issue only occurs in Panini platform.
does not occur on ASR.
CRS is not tested for this.
Occurs only if there are Both Active and stand-by RP.
Workaround:
shut-down te_control and ucp_olm processes on Stand-BY RP.
This will impact redundancy.
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 29-MAY-2015 |
|
Known Affected Releases: | 5.2.5.BASE, 5.3.1.CE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuu35818 |
Title: | Slice in Oper DOWN state after restart slicemgr and changing framer-mode |
|
Description: | Symptom:
A slice may be put in FAULT state after restarting the slice_manager process causing the slice to be stuck in Operation DOWN state.
Conditions:
This issue is seen on a NCS6k router booted with Cisco IOS XR version 5.2.5-08i.
Workaround:
None
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 29-MAY-2015 |
|
Known Affected Releases: | 5.2.5.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuu41932 |
Title: | 525 NCS6K:BLB sessions on non-bundle LC stuck in INIT. Label not pgmed. |
|
Description: | Symptom:
All BLB sessions hosted on one of the LCs ; which has no members part of the bundle; are stuck in INIT state. On debugging by BFD PD DE team & L3FIB DE team; it is learnt that MPLS label programming for the sessions is not correctly done. This is confirmed by looking at the mpls label forwarding output of an affected BLB session.
Conditions:
Hosting LC shouldn't have any members of the bundle
Workaround:
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 29-MAY-2015 |
|
Known Affected Releases: | 5.2.5.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuq99260 |
Title: | NCS6K: MPP/LPTS Erroneously Allows SNMP Queries on Inband Interfaces |
|
Description: | Symptom:
NCS6K MPP/LPTS is allowing snmp queries on inband interfaces without associated MPP
configuration to allow such queries (from any IP, on any inband interface).
Conditions:
No known trigger.
Workaround:
Unknown
If inband SNMP polling is required, apply MPP SNMP peer configuration for inband interfaces to limit from which source IP's queries will be allowed. Can also configure ACL for snmp-server.
Further Problem Description:
Restart snmpd process to recover from failed state.
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 29-MAY-2015 |
|
Known Affected Releases: | 5.2.1.CE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCus50433 |
Title: | MC: Need a fix that addresses both CSCty02554 and a config loss issue |
|
Description: | Symptom:
MgmtEth intf configs lost after RPFO on a NCS6K 2+2 Multi-chassis system.
Conditions:
Perform RPFO on LCC Rack0 with redundant RPs on a NCS6K 2+2 Multi-chassis system.
Workaround:
Unknown
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 29-MAY-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | 5.3.2.10i.BASE |
|
|
| |
| |
Bug Id: | CSCup27504 |
Title: | TCP crash @ socket_async_evm_id2session |
|
Description: | Symptom:
TCP Crash
Conditions:
Process restart TCP
Workaround:
None
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 29-MAY-2015 |
|
Known Affected Releases: | 5.2.1.BASE, 5.2.1.ROUT |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCus29396 |
Title: | panini issu: v4 mcast failed to recover after issu run due to fgid issue |
|
Description: | Symptom:
you may see ipv4 multicast traffic failed to recover after ISSU run phase due to V4 and V6 use the same FGID on release 5.2.3 on platform NCS6K
Conditions:
ISSU run
Workaround:
n/a
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 29-MAY-2015 |
|
Known Affected Releases: | 5.2.3.BASE |
|
Known Fixed Releases: | 5.2.3.16i.BASE, 5.2.4.1i.BASE, 5.2.4.3i.BASE |
|
|
| |
| |
Bug Id: | CSCur81913 |
Title: | On bundle interface ipv6 NA is sent to multicast mac address |
|
Description: | Symptom:
Host unable to resolve NCS6K ipv6 address through Neighbor Discovery.
Conditions:
Host is a FreeBSD server running version 7.1 and it is connected to NCS6K bundle interface.
Workaround:
Configure static ipv6 arp entry on the FreeBSD server.
Or
Enable promiscuous mode on the FreeBSD server interface.
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 29-MAY-2015 |
|
Known Affected Releases: | 5.0.1.BASE |
|
Known Fixed Releases: | 5.2.3.13i.BASE, 5.2.4.1i.BASE |
|
|
| |
| |
Bug Id: | CSCuu37979 |
Title: | LC reloaded after npu_driver restart while remove/add bgp config |
|
Description: | Symptom:
After reloading the npu_driver process a line card may be reloaded by the npu_driver process due to npu_driver restart while ASIC initialization is incomplete even if the ASIC has not been reset or restarted.
Conditions:
This issue is seen on a NCS6K router booted with Cisco IOS XR version 5.2.5-08i.
Workaround:
Further Problem Description:
|
|
Status: | Other |
|
Severity: | 2 Severe |
Last Modified: | 30-MAY-2015 |
|
Known Affected Releases: | 5.2.5.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuu20902 |
Title: | npu_driver failed to init NPU0 after reset followed by slice_mgr restart |
|
Description: | Symptom:
The npu_driver process failed to initialize ASIC after Power-On reset:
LC/0/5/CPU0:May 5 22:09:03.020 : npu_driver[270]: %L2-NPU-4-COLD_RESET_FAILED : NPU0: Failed to initialize ASIC after Power-On reset : npu_driver : (PID=9239) : -Traceback= 7fdbbfc670a9 7fdbd25129bc
Conditions:
This is seen on a NCS6K router booted with Cisco IOS XR version 5.2.5-08i.
Workaround:
NA
Further Problem Description:
Refer root cause in PRRQ.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 30-MAY-2015 |
|
Known Affected Releases: | 5.2.5.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuu07648 |
Title: | bundlemgr_adj stuck in mutex by rdm_client_write after config applied |
|
Description: | Symptom:
We ran into two slightly different issues (bundlemgr_adj proc blocked)
1. Processes blocked forever on config apply two times successively
2. Processed getting blocked for few mins on config apply, and recovers on their own.
Conditions:
steps to hit this issue:
- Applied the config file. The break-out interfaces are then reated
- Loaded the config file again to add the config for these break-out interfaces
Workaround:
no
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 31-MAY-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | |
|
|
| |
没有评论:
发表评论