| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu44890 | Title: | Health Score 0 with faults raised for Transceiver is invalid |
|
Status: | Fixed |
|
Severity: | 1 Catastrophic |
Description: * | Symptom:
APIC reports "Transceiver is invalid and unable to be brought up in the system" with error code F1815
Conditions:
Version 1.1(2h)
Workaround:
none
Further Problem Description:
|
|
Last Modified: | 02-FEB-2016 |
|
Known Affected Releases: | 11.1(0.220) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuw94458 | Title: | N9K - vPC Suspends Vlan's For Vlan Not Configured On Remote vPC Int |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
Some vlan's are suspended on vPC leg despite remote leg having the vlan's allowed.
Conditions:
N9K
vPC
switchport trunk allowed vlan list defined on the vpc leg
Workaround:
Delete and reconfigure the port-channel as well as default the member ports on each vpc peer and reconfigure.
Further Problem Description:
|
|
Last Modified: | 04-FEB-2016 |
|
Known Affected Releases: | 6.1(2)I3(4b), 7.0(3)I2(1.63) |
|
Known Fixed Releases: * | /bin/sh:, 7.0(3)I3(0.166), 7.0(3)I3(1), 7.0(3)IAB3(0), 7.0(3)IAB3(0.28), 7.0(3)ITI2(1), 7.0(3)ITI2(1.100), command, convert_version.pl:, found |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux81823 | Title: | hwprog-fail for actrlRule after reload the switch |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
After reloading a switch, rules defined in the switch (which can be checked by "show zoning-rule") could get failed.
Conditions:
Total bandwidth (WRR) for QoS level1&2 are larger than 80%.
Workaround:
Configure QoS policy such that total bandwidth (WRR) for QoS level1&2 is not more than 80%.
If rules are disabled state, to execute configuration change above then reload the switch.
Further Problem Description:
This is caused by resetting QoS level3 configuration to the default (WRR bandwidth 20%) after switch is reloaded. If total WRR bandwidth in QoS level1&2&3 is larger than 100%, applying rules on the switch might be failed. Workaround above is to avoid this situation.
|
|
Last Modified: | 13-FEB-2016 |
|
Known Affected Releases: | 11.2(1i) |
|
Known Fixed Releases: * | 1.2(1.158), 1.2(1l), 2.0(0.172) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux61566 | Title: | BZMR1:Policymgr core while upgrading from 1.1(1j) to 1.2(1) |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
Policymgr core after upgrading to 1.2(1)
Conditions:
This can happen when upgrading from 1.1 release, if leaves are upgraded first.
Workaround:
Upgrade APICs first, and only after its complete, then upgrade leaves
Further Problem Description:
|
|
Last Modified: | 13-FEB-2016 |
|
Known Affected Releases: | 1.2(1.97) |
|
Known Fixed Releases: * | 1.2(1.131), 1.2(1.152), 1.2(1l), 2.0(0.172) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv61028 | Title: | memory corruption core in ipfib seen starting about camden 517 image |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
"IPFIB" process may crash due to a signal 6 (abort) caused by high memory use in this process.
VDC-1 %$ %SYSMGR-SLOT1-2-SERVICE_CRASHED: Service "ipfib" (PID XXXX) hasn't caught signal 6 (core will be saved).
Conditions:
This can be triggered by having a mix of T2 (Trident II) and Northstar ASICs within the same layer 3 port channel. An example of a T2 port would be a native port on the N9K chassis itself, and an example of a Northstar port would be an interface on a N9K-M12PQ (or similar) expansion module.
Workaround:
None known
Further Problem Description:
|
|
Last Modified: | 19-FEB-2016 |
|
Known Affected Releases: | 7.0(3)I2(0.518) |
|
Known Fixed Releases: | 7.0(3)I2(0.544), 7.0(3)I2(1), 7.0(3)ITI2(1), 7.0(3)ITI2(1.36), 8.3(0)CV(0.248), 8.3(0)KMS(0.31) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuw96869 | Title: | UI: Aggregate Export subnet control clears after opening in Firefox |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
When expanding the subnet of an External Network Instance Profile in the UI by double-clicking on the subnet entry, the "Aggregate Export' option will show as unset, even if it has been previously configured.
Conditions:
APIC version 1.1(3f)
Workaround:
If the aggregate export option has been set on the subnet, it will remain configured. When expanding the subnet entry do not re-submit window. Since the option shows in the expanded Window as unset - clicking submit will unset this value. Simply closing the window (without saving changes) will leave the Aggregate Export property configured. You can verify this property is indeed set by clicking the "Save As" function in the UI, and saving 'All Configuration' - 'Child Properties' and viewing the XML/JSON file.
This issue doesn't occur in brazos builds. Only Brahamputra seems to be affected.
Further Problem Description:
|
|
Last Modified: | 19-FEB-2016 |
|
Known Affected Releases: | 1.1(3f) |
|
Known Fixed Releases: * | 1.1(4a), 1.1(4e), 1.2(1.149b) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy42951 | Title: | Disk usage for /var/log is 100% |
|
Status: | Open |
|
Severity: * | 2 Severe |
Description: * | Symptom:
Disk usage for /var/log is 100%.
Conditions:
df -h shows:
none 50M 50M 0 100% /var/log
none 50M 50M 0 100% /var/log/messages
ls -lah and du -h show there is no large file in /var/log.
Workaround:
none
Further Problem Description:
none
|
|
Last Modified: | 24-FEB-2016 |
|
Known Affected Releases: | 11.1(2h) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy36553 | Title: | Evaluation of n9k-standalone-sw for glibc_feb_2016 |
|
Status: | Open |
|
Severity: | 2 Severe |
Description: * | Symptom:
Cisco Nexus 9000 Series switches (standalone, running NxOS); Cisco Nexus 3100 series switches; Cisco Nexus 3200 series switches includes a version of glibc that is affected by the vulnerability identified by one or more of the following Common Vulnerability and Exposures (CVE) IDs:
CVE-2015-7547
And disclosed in http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc
This bug has been opened to address the potential impact on this product.
Conditions:
Exposure is not configuration dependent.
Cisco has reviewed and concluded that this product is affected by the following Common Vulnerability and Exposures (CVE) IDs:
CVE-2015-7547
Workaround:
Not available.
Further Problem Description:
Additional details about those vulnerabilities can be found at http://cve.mitre.org/cve/cve.html
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are: 10.0/9.5
http://tools.cisco.com/security/center/cvssCalculator.x?version=2&vector=AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:U/RC:C
The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Last Modified: | 01-MAR-2016 |
|
Known Affected Releases: | 7.0(3)IDP3(1.131) |
|
Known Fixed Releases: | 7.0(3)I2(2b) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux72186 | Title: | User is unable to log onto APIC GUI due to Radius table full |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
customer is unable to access APIC GUI via RADIUS server
Conditions:
nginx says Radiu server session table is full
Workaround:
Restart 'nginx' service: acidiag restart nginx
Further Problem Description:
Cleanup stale entries from sm table according to time stamp that will revive RADIUS connections and all further AUTH requests can be served normally.
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: * | 1.1(1s), 1.1(2h) |
|
Known Fixed Releases: | 1.2(1.143), 1.2(1l), 2.0(0.172) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux94756 | Title: | leaf node crashed by ntp hap reset |
|
Status: | Fixed |
|
Severity: * | 2 Severe |
Description: | Symptom:
leaf node crashed by ntp hap reset
Reason: Reset triggered due to HA policy of Reset
System version: 11.2(1k)
Service: ntp hap reset
Conditions:
Nexus9372
version 11.2(1k)
Workaround:
Further Problem Description:
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: * | 11.2(1k), 11.2(1m) |
|
Known Fixed Releases: | 11.2(1.194) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy00011 | Title: | Deleting External EPG removes EIGRP table-map |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
After deleting an external EPG (l3extInstP) all external routes received via EIGRP on an L3Out in the same context are removed. Additionally, EIGRP neighborship bounces.
Conditions:
Issue is seen on 1.2.1i and 1.2.1k and is specific to EIGRP.
Note, the corresponding route-map is also deleted in OSPF but the impact is not seen (i.e., routes are still seen in OSPF database and successfully installed into the RIB even when route-map is deleted)
Workaround:
Avoid deleting any l3extInstP objects. Once in the broken condition, creating or modifying any external EPG (l3extInstP) object will resolve the issue.
Further Problem Description:
There is a table-map created under the EIGRP process. The corresponding route-map prevents routing loops by denying routes received with the same tag set by the fabric (i.e., route-tag policy l3extRouteTagPol)
fab1-leaf101# show ip eigrp vrf ag:v1 | grep Table
Tablemap: route-map exp-ctx-2818048-deny-external-tag , filter-configured
fab1-leaf101# show route-map exp-ctx-2818048-deny-external-tag
route-map exp-ctx-2818048-deny-external-tag, deny, sequence 1
Match clauses:
tag: 4294967295
Set clauses:
route-map exp-ctx-2818048-deny-external-tag, permit, sequence 2
Match clauses:
Set clauses:
After deleting an l3extInstP object used by an L3Out under the VRF, the deny-external-tag route-map is deleted:
fab1-leaf101# show route-map exp-ctx-2818048-deny-external-tag
% Policy exp-ctx-2818048-deny-external-tag not found
When the route-map is still referenced under the EIGRP process but no longer exists, all external routes received by EIGRP are denied.
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 11.2(1k) |
|
Known Fixed Releases: * | 1.2(1.190), 1.2(1m), 2.0(0.191) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv36614 | Title: | policy manager core on changing port from pc to policy-grp |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
-202 Error when attempting changes in fabric>access policies.
-Policymgr cores
Conditions:
Workaround:
Using Visore on the APIC, query for the object infraHostCfg
This object should have a attribute called accGrpDn
accGrpDn references an access port and infraHostCfg references an override policy group
If any infraHostCfg has an an accGrpDn that is "no object found" when clicking that link in visore, that is where the bug comes from.
Work around:
For all the accGrpDn that do not exist, go to the GUI and recreate using the exact same name found in visore starting after "accportgrp-"
Changes should be possible in the GUI at this point.
Further Problem Description:
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 1.1(1j), 1.2(0.3a) |
|
Known Fixed Releases: * | 1.1(1.119), 1.1(2h), 1.2(0.13), 1.2(0.32), 1.2(1.17), 1.2(1i), 1.2(2.32a), 1.2(2.34), 2.0(0.95) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux72575 | Title: | Maintenance mode profile config lost after reload |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
The configure maintenance profile commands are lost in the startup config.
Conditions:
The following sequence will cause this to happen after the configure maintenance profiles have been set.
1. show startup-config or show startup-config mmode
2. copy running-config startup-config
3. Change any mmode configuration
4. copy running-config startup-config
Workaround:
If configure maintenance profile is empty in show startup-config but exists in show running-config.
Do the following to restore contents to startup-config
1. Show maintenance profile - save maintenance profile contents.
2. no configure maintenance profile
3. configure maintenance profile
4. enter saved profile contents
5. Repeat for all profiles
6. copy running-config startup-config
Further Problem Description:
None
|
|
Last Modified: | 28-FEB-2016 |
|
Known Affected Releases: | 7.0(3)IAB3(0.69), 7.0(3)IAB3(0.71) |
|
Known Fixed Releases: * | 7.0(0)BZ(0.108), 7.0(3)F1(0.188), 7.0(3)I3(0.238), 7.0(3)I3(1), 7.0(3)IAB3(0), 7.0(3)IAB3(0.72), 7.0(3)IAB3(0.73), 7.0(3)IAB3(1), 7.0(3)IDP3(1.78), 7.0(3)IDP3(2) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy39945 | Title: | [Platform] Downgrade Path is broken for Sapporho+ ToR |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: * | Symptom:
Compatibility checks are turned off when you create a switch
firmware group. As a result, when you downgrade to older versions such as
1.1.2m which do not support Sapporo+ switches, the downgrade is not
blocked as incompatible. This leads to Sapporo+ switches not working
correctly.
Conditions:
When Customer tries to downgrade from 2h or 2g of BZMR1 image to Bramahaputra or Amazon release.
Workaround:
You can turn on compatibility checks using API. Example below:
https://ifav40-ifc1.insieme.local/api/node/mo/uni/fabric.xml
After turning on compatibility checks on the firmware group, if you start
a downgrade to 1.1.2m, then the downgrade will fail with reason as
"incompatible".
Further Problem Description:
|
|
Last Modified: | 01-MAR-2016 |
|
Known Affected Releases: | 1.2(1m) |
|
Known Fixed Releases: | 1.2(2.30), 1.2(2h) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy36547 | Title: | Evaluation of fabric-apic for glibc_feb_2016 |
|
Status: | Open |
|
Severity: | 2 Severe |
Description: | Symptom:
Cisco Prime Data Center Network Manager includes a version of glibc that is affected by the vulnerability identified by one or more of the following Common Vulnerability and Exposures (CVE) IDs:
CVE-2015-7547
And disclosed in http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc
This bug has been opened to address the potential impact on this product.
Conditions:
Exposure is not configuration dependent.
Cisco has reviewed and concluded that this product is affected by the following Common Vulnerability and Exposures (CVE) IDs:
CVE-2015-7547
Workaround:
Not available.
Further Problem Description:
Additional details about those vulnerabilities can be found at http://cve.mitre.org/cve/cve.html
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are: 10.0/9.5
http://tools.cisco.com/security/center/cvssCalculator.x?version=2&vector=AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:U/RC:C
The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Last Modified: | 29-FEB-2016 |
|
Known Affected Releases: | 1.2(1.214), 1.2(1m) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCur70425 | Title: | CDP frames tagged with Vlan 1, default native vlan changed on trunk |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: * | Symptom:
When changing the native vlan on a trunk port the peer device does not see the CDP neighbor anymore when configured as L3 port.
The issue can also be seen when configured in port channel between two devices. Issue is also seen on Nexus 7000 switch in 6.2.x based release.
Conditions:
Native vlan changed on a trunk port connecting to a Layer 3 port. The issue can be seen when connecting a Nexus device to another non-Nexus IOS device.
Workaround:
none
Further Problem Description:
Issue is about CDP packets are getting tagged with vlan tag of 1.
|
|
Last Modified: | 02-FEB-2016 |
|
Known Affected Releases: | 6.1(2)I3(1) |
|
Known Fixed Releases: | 7.0(3)I1(0.157), 7.0(3)I1(1) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuw65718 | Title: | fabricktrack service unstable |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
Service 'fabrictrack' could crash and cause hap reset.
leaf1# show system reset-reason
*************** module reset reason (1) *************
0) At 2016-02-25T05:01:25.123+09:00
Reason: reset-triggered-due-to-ha-policy-of-reset
Service:fabrictrack hap reset
Version: 11.2(1k)
Conditions:
This could very occasionally happen if spine/leaf running affected version.
Workaround:
none. Upgrade is recommended.
Further Problem Description:
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 11.2(1k), 12.0(0.1) |
|
Known Fixed Releases: | 1.2(1.48), 11.2(2f), 2.0(0.95) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux56319 | Title: | "ntp authenticate" and related documentation inaccurate on Nexus 9k |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: * | Symptom:
This is a documentation issue ntp authenticate does not enforce authentication, it enables it. There are interdependent commands which
must also be enable to create authenticated NTP sessions.
e.g.
ntp server ip-address key key-id
ntp peer ip-address key key-id
ntp passive
ntp broadcast client
ntp multicast client
Conditions:
Documentation bug
Workaround:
Not applicable or available.
Further Problem Description:
PSIRT Evaluation:
The Cisco PSIRT has evaluated this issue and does not meet the criteria for PSIRT ownership or involvement. This issue will be addressed via
normal resolution channels.
If you believe that there is new information that would cause a change in the severity of this issue, please contact psirt@cisco.com for another
evaluation.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
|
|
Last Modified: | 02-FEB-2016 |
|
Known Affected Releases: | 7.0(3)I2(2.9), 7.0(3)I2(2a) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv04072 | Title: | Pv configuration via int range not getting vlan membership programmed. |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
While having a port channel range command for pv mapping will result in vlan show membership not getting programmed for all the vlans.
Conditions:
Configuration on a single interface will works fine, but range command fails
Workaround:
Configuration should be on single interfaces, one at a time
Further Problem Description:
Same as above
|
|
Last Modified: | 03-FEB-2016 |
|
Known Affected Releases: | 7.0(3)I2(0.418), 7.0(3)I3(0.100) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuu84985 | Title: | [Platform] Bootmgr in APIC crashed during Image upgrade. |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Bootmgr in APIC crashes, and the Download image job gets stuck.
Conditions:
While the APIC image installation is happening, when the users downloads.Ex: switch image.
Workaround:
Dont perform any download while APIC image installation is happening. Start the download once the installation is done.
Further Problem Description:
|
|
Last Modified: | 03-FEB-2016 |
|
Known Affected Releases: | 1.1(1.56a), 1.1(1i) |
|
Known Fixed Releases: | 1.1(2h), 1.2(0.1), 1.2(1.17), 1.2(1i), 2.0(0.95) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux89311 | Title: | ACI: available span sessions decrease after reaching max sessions |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Available egress span sessions decrease after reaching max sessions.
Conditions:
This symptom is observed as below step.
1) configure 8 span source groups (4 span groups are configured direction:incoming and other 4 span groups are configured direction: outgoing) in spine
2) change 1 span group config from direction:outgoing to direction:both
3) this span group will be DOWN due to over max sessions
4) return this span group config from direction:both to direction:outgoing
5) this span group will remains DOWN
6) you cannot use this session even after removing this span group and configuring new span group.
Workaround:
reload the switch
Further Problem Description:
|
|
Last Modified: | 04-FEB-2016 |
|
Known Affected Releases: | 11.1(1j), 11.2(1i) |
|
Known Fixed Releases: * | 11.2(1.187), 11.2(2.187) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux07623 | Title: | SSTE: n9k - password length & behavior changed for md5 needs to be fixed |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
password length & behavior changed for md5 & priv
Conditions:
config
Workaround:
NA
Further Problem Description:
|
|
Last Modified: | 04-FEB-2016 |
|
Known Affected Releases: | 7.0(3)I3(0.62) |
|
Known Fixed Releases: * | 7.0(3)I3(0.144), 7.0(3)I3(1), 7.0(3)IAB3(0), 7.0(3)IAB3(0.10), 7.0(3)IDP3(1.19), 7.0(3)IDP3(2), 7.0(3)ITI2(1), 7.0(3)ITI2(1.100) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux07629 | Title: | SSTE: n9k- Error message & password validation inconsistency |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Error message & password validation inconsistency
Conditions:
config
Workaround:
NA
Further Problem Description:
|
|
Last Modified: | 04-FEB-2016 |
|
Known Affected Releases: | 7.0(3)I3(0.62) |
|
Known Fixed Releases: * | 7.0(3)I3(0.155), 7.0(3)I3(1), 7.0(3)IAB3(0), 7.0(3)IAB3(0.28), 7.0(3)IDP3(1.50), 7.0(3)IDP3(2), 7.0(3)ITI2(1), 7.0(3)ITI2(1.100) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux11108 | Title: | Bidir BSR RP prefix grp change failed to propagate through the network |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
BSR RP to grp-range mappings are out-of sync in network.
Conditions:
change in BSR PR prefix list.
Workaround:
Remove RP config on RP-candidate and re-apply.
Further Problem Description:
|
|
Last Modified: | 04-FEB-2016 |
|
Known Affected Releases: | 7.0(3)I3(0.123) |
|
Known Fixed Releases: * | 7.0(3)I3(0.153), 7.0(3)I3(1), 7.0(3)IAB3(0), 7.0(3)IAB3(0.28), 7.0(3)IDP3(1.24), 7.0(3)IDP3(2), 7.0(3)ITI2(1), 7.0(3)ITI2(1.100) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuw94061 | Title: | snmp should not allow to enable mpls when feature-set is uninstalled |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
SNMP does not block enabling of MPLS features (mpls static, l3vpn,segement-routing) when MPLS feature-set is not installed.
Conditions:
Set cfcFeatureCtrlAction2 to enable(2) for mpls static, l3vpn or segement-routing when MPLS feature-set is not installed.
Workaround:
None.
Further Problem Description:
The issue is fixed in NXOS software release 7.0(3)I3(1) and all the later releases.
|
|
Last Modified: | 04-FEB-2016 |
|
Known Affected Releases: | 7.0(3)I3(0.95) |
|
Known Fixed Releases: * | 7.0(3)I3(0.102), 7.0(3)I3(1), 7.0(3)IDP3(1.12), 7.0(3)IDP3(2), 7.0(3)IMS2(1.2), 7.0(3)ITI2(1), 7.0(3)ITI2(1.100) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuw89357 | Title: | ipinip tunnel with tunnel src with mask donot go down on src intf shut |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
IPIP Tunnel configured with src mask don't go down when the source interface is shut down
Conditions:
IPIP tunnel configured with tunnel source mask
Workaround:
None
Further Problem Description:
|
|
Last Modified: | 04-FEB-2016 |
|
Known Affected Releases: | 7.0(3)I3(0.87) |
|
Known Fixed Releases: * | 7.0(3)I3(0.137), 7.0(3)I3(1), 7.0(3)IAB3(0), 7.0(3)IAB3(0.10), 7.0(3)IDP3(1.19), 7.0(3)IDP3(2), 7.0(3)ITI2(1), 7.0(3)ITI2(1.100) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy00555 | Title: | EIGRP interface delay value modification is not taking effect |
|
Status: | Terminated |
|
Severity: | 3 Moderate |
Description: | Symptom:
Delay value not taking effect.changed from gui.
Conditions:
Delay value not taking effect.changed from gui.
Not reproducible.
Workaround:
no workaround.
Further Problem Description:
|
|
Last Modified: | 05-FEB-2016 |
|
Known Affected Releases: | 11.2(1.184) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux93571 | Title: | eigrp table holds ipv6 secondary add even after it is removed |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: * | Symptom:
Connected route corresponding to ipv6 secondary address on interface is not removed from
eigrp topology table , though ipv6 secondary address is removed from the interface.
Conditions:
When more than one ipv6 address is configured on interface.
Workaround:
remove all the ipv6 addresses from interface and readd only the desired ones.
Further Problem Description:
|
|
Last Modified: | 08-FEB-2016 |
|
Known Affected Releases: | 11.2(1.181) |
|
Known Fixed Releases: | 11.2(1.190) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCup40382 | Title: | implementation for Source-interface for ssh and traceroute6 |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: * | Symptom:
Source interface for ssh when doing ssh for the switch not implemented.
Source interface for traceroute6 is not taking effect for the mentioned source-interface.
Conditions:
NONE
Workaround:
NONE
Further Problem Description:
|
|
Last Modified: | 08-FEB-2016 |
|
Known Affected Releases: | 6.1(2)I3(0.10) |
|
Known Fixed Releases: | 6.1(2)I1(3.104), 6.1(2)I1(4) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux58589 | Title: | F0467 - Invalid VLAN raised after changing interface profile AEP |
|
Status: | Other |
|
Severity: | 3 Moderate |
Description: | Symptom:
An 'Invalid VLAN' fault is raised under the EPG with a static path configured.
Conditions:
This issue occurs under a very specific sequence of events:
1) An Encap Blk is delete and recreated with a slightly different range under the vlan pool for to the physical domain associated to the EPG
2) The AEP applied to the interface selected used for the static path on the EPG is changed to a new AEP referencing the existing physical domain.
The policy element log (svc_ifc_policyelem.log) will contain the following errors for the EPG:
||encap fabEncap 0|| <---- note allocated fabEncap is zero
||Port and EPG are not part of any domain||
||domDn is EMPTY. More than one Dom exist for encap ||
||STP Segment Id not present for Encap ||
Workaround:
Perform a clean reload of the affected leaf. For example:
fab1-leaf101# acidiag touch clean
fab1-leaf101# reload
This command will reload the chassis, Proceed (y/n)? [n]: y
Further Problem Description:
|
|
Last Modified: | 11-FEB-2016 |
|
Known Affected Releases: * | 1.1(3f) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy26902 | Title: | EVPN VxLAN traffic drops or loops in certain conditions |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
EVPN VxLAN traffic through L3 VNI drops or loops in certain conditions
Conditions:
Unrelated interface on the border leaf of two DC is shut down.
Workaround:
None
Further Problem Description:
|
|
Last Modified: | 12-FEB-2016 |
|
Known Affected Releases: | 7.0(3) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux73674 | Title: | stale learned entries in APIC |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
if an EP moves to a different PathEP, the learned path is not updated. The fix in this bug is to forget all learned path when the EP moves and update only with the current learned path. This fix will avoid stale entries.
Conditions:
VM motion
Workaround:
none
Further Problem Description:
|
|
Last Modified: | 13-FEB-2016 |
|
Known Affected Releases: | 1.2(1i) |
|
Known Fixed Releases: * | 1.2(1.140), 1.2(1l), 2.0(0.172) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCux03889 | Title: | Firmware missing from APIC Firmware Repository |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
New firmware has not been added to the Firmware Repository after an hour.
Conditions:
Uploaded new firmware from APIC GUI; Firmware Repository does not reflect that firmware has been uploaded, even though it is present in the /firmware/fwrepos/fwrepo/ folder.
Workaround:
Used "firmware add /firmware/fwrepos/fwrepo/" with the missing APIC image; the command outputs that it fails, but the firmware is now available in the Firmware Repository.
Further Problem Description:
|
|
Last Modified: | 16-FEB-2016 |
|
Known Affected Releases: | 1.1(1o), 1.2(1k) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv12279 | Title: | tiburon fex speed change on port causes flap on remaining ports on asic |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: * | Symptom:
Ports on fex flap when one port is connected, flapped or speed is changed.
Conditions:
Speed change on a tiburon fex port
Workaround:
none, though increasing link debounce time may help for some servers.
Further Problem Description:
|
|
Last Modified: | 18-FEB-2016 |
|
Known Affected Releases: | 7.0(3)N1(1) |
|
Known Fixed Releases: * | 7.0(3)I3(0.289), 7.0(3)I3(0.291), 7.0(3)I3(0.296), 7.0(3)I3(1), 7.0(3)IBL3(1), 7.0(3)IBL3(1.22), 7.0(3)IDP3(1.131), 7.0(3)IDP3(2) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy12234 | Title: | TH B1 chip rev. support |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
This is a development bug to track TH B1 rev support.
Conditions:
-N.A-
Workaround:
-N.A-
Further Problem Description:
-N.A-
|
|
Last Modified: | 18-FEB-2016 |
|
Known Affected Releases: | 7.0(3)I3(0.284) |
|
Known Fixed Releases: * | 7.0(3)I3(0.302), 7.0(3)I3(1), 7.0(3)IBL3(1), 7.0(3)IBL3(1.22), 7.0(3)IDP3(1.131), 7.0(3)IDP3(2) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy32888 | Title: | authenticated user does not have domain access to config MO, |
|
Status: | Other |
|
Severity: | 3 Moderate |
Description: | Symptom:
customer is using tacacs with N9K and applied the following basic configuration.
hen the user logged in and got in enable mode then tried to config anything but it says as below.
============================================
bb1-enable#conf t
Enter configurationi commands, one per line, End with CNTL/Z.
bb1-enable(config)# vlan 992
user backup does not have domain access to config Mo, class stpVlan
bb1-enable(config)#
============================================
Conditions:
version : nxos.7.0.3.I2.2a.bin
feature privilege
feature tacacs+
enable secret 5 XXXXXXXXXXXXXX
tacacs-server key 7 "XXXXXXX"
ip tacacs source-interface Vlan222
tacacs-server host X.X.X.X key 7 "XXXXXXX"
aaa group server tacacs+ AAA
server X.X.X.X
aaa authentication login default group AAA
aaa authentication login console local
aaa accounting default group AAA
tacacs-server directed-request
Workaround:
None
Further Problem Description:
|
|
Last Modified: | 19-FEB-2016 |
|
Known Affected Releases: | 7.0(3)IX1(2a) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux25489 | Title: | pctag not allocated for one of the vrf after fabric recovery |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
pctag not allocated for one of the Ctx after fabric recovery
Conditions:
This can happen if fabric state is lost / corrupted and user initiates fabric recovery.
Based on timing, it's possible for one or more Ctx to not allocate a pcTag
Workaround:
If this problem happens, delete / recreate the Ctx
Further Problem Description:
|
|
Last Modified: | 19-FEB-2016 |
|
Known Affected Releases: | 1.2(0.270b) |
|
Known Fixed Releases: * | 1.2(1.71b), 1.2(1.74) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCut12974 | Title: | JSON REST API requests fail depending on the order of the contents |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
The Cisco APIC may process JSON requests in an inconsistent manner.
Conditions:
The order of the contents of the requests may cause the request to fail. For example if the "children" array comes before an attributes object, the request may fail.
Workaround:
Sort the keys for objects in an alphabetical order so that attributes always come before the children.
Further Problem Description:
The rest api error has been updated to say:
invalid data at line '1'. Attributes are missing, tag 'attributes' must be specified first, before any other tag
This restriction will not be lifted.
|
|
Last Modified: | 19-FEB-2016 |
|
Known Affected Releases: | 1.0(3f) |
|
Known Fixed Releases: * | 1.2(0.1), 1.2(1.17), 1.2(2.24a), 2.0(0.95) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux01748 | Title: | Unable to select Management EPG / aaaRsSecProvToEpg tDn for Radius |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Unable to configure Management EPG
Conditions:
APIC 1.1(2h)
Configuring Radius Server
Workaround:
TAC can manually provision the correct RADIUS Management EPG with a special POSt request.
Further Problem Description:
|
|
Last Modified: | 19-FEB-2016 |
|
Known Affected Releases: | 1.1(2h) |
|
Known Fixed Releases: * | 1.1(4d), 1.2(1.140) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy36574 | Title: | Local SNMP engineID: [Hex] Not Found on APIC |
|
Status: | Other |
|
Severity: | 3 Moderate |
Description: * | Symptom:
-SNMP Walk or Trap with APIC does not work
Conditions:
-ACI Version: 1.2(1k)
Workaround:
None at this time
Further Problem Description:
When in the NX-OS CLI on the APIC, after running "show snmp engineid" the output returned is:
"Local SNMP engineID: [Hex] Not Found"
|
|
Last Modified: | 19-FEB-2016 |
|
Known Affected Releases: | 1.2(1k) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy14765 | Title: | Copy start to run will not recover vrrpv3 after vrrpv3 disable |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
When "feature vrrpv3" is disabled with CLI "no feature vrrpv3", none of the global VRRPV3 configurations like "feature vrrpv3" or "shutdown" is shown as part of "show startup configuration".
Conditions:
"no feature vrrpv3" is done and startup config has some valid entries for vrrpv3.
Workaround:
Before doing "no feature vrrpv3" take a copy of running config to bootflash.
>
Disable vrrpv3 by "no feature vrrpv3".
Enable vrrpv3 again.
Now do ascii replay of the file to running config.
running-config>
Further Problem Description:
|
|
Last Modified: | 21-FEB-2016 |
|
Known Affected Releases: | 7.0(3)I3(0.300) |
|
Known Fixed Releases: * | 7.0(3)IDP3(1.135), 7.0(3)IDP3(2) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy30816 | Title: | VNID allocation issue in shrd service after moving bd to diff ctx & back |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Traffic loss in shared service after following configuration changes:
Toggle shared service provider's BD between consumer's ctx and provider's ctx.
This operation will disable/enable shared service.
Conditions:
Shared service between application EPgs.
Workaround:
Delete and readd relation to contract from one of the consumer epg.
Further Problem Description:
rwEncap on the provider's subnet leaked into consumer's vrf gets set to consumer's vrf vnid rather then provider's vrf vnid.
|
|
Last Modified: | 21-FEB-2016 |
|
Known Affected Releases: | 1.2(2.11a) |
|
Known Fixed Releases: * | 1.2(2.28) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy40276 | Title: | CLI: inherit-profile under route-map match bridge-domain doesn't work |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
Public subnets in a Bridge-domain can be advertised out through a routing protcol using a "match bridge-domain " in the route-map associated with the protcol. Route control properties such as "set tag"or "set metric" can be set for these public subnets through "inherit route-profile " under the "match bridge-domain" command.
If the route-profile name is not equal to "default-export", then the route control properties are not set correctly on the exported BD subnets.
Conditions:
Use of "inherit route-profile " under match bridge-domain, where profile Name is not equal to "default-export"
Workaround:
Workaround is to set required route control in "default-export" route-profile.
|
|
Last Modified: | 22-FEB-2016 |
|
Known Affected Releases: | 1.2(2f) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy12168 | Title: | Provided / Consumed Contract cannot be added by tenant admin local user |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
It is not possible to add a Provided Contract to an ExtEPG with a tenant admin local user.
Conditions:
When using a local user account, which has the following permissions:
*security Domain all - Role admin, readPriv
*security Domain common - Role read-all, readPriv
*security Domain poduser - Role tenant-admin / Role tenant-ext-admin, writePrive
Workaround:
Use the admin local user or provide the local user with writePriv to Security Domain all.
Further Problem Description:
|
|
Last Modified: | 24-FEB-2016 |
|
Known Affected Releases: | 1.2(1i) |
|
Known Fixed Releases: * | 1.2(1.191), 1.2(2g) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux41322 | Title: | Evaluation of fabric-apic for OpenSSL December 2015 vulnerabilities |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Cisco Application Policy Infrastructure Controller (APIC) includes a version of OpenSSL that is affected by the vulnerability identified by one or more of the following Common Vulnerability and Exposures (CVE) IDs:
CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196 and CVE-2015-1794
And disclosed in http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl
This bug has been opened to address the potential impact on this product.
Conditions:
Exposure is not configuration dependent.
Cisco has reviewed and concluded that this product is affected by one or more of these vulnerabilities.
Cisco Application Policy Infrastructure Controller (APIC) is affected by:
CVE-2015-3194 and CVE-2015-3195
Cisco Application Policy Infrastructure Controller (APIC) is not affected by:
CVE-2015-3193, CVE-2015-3196 and CVE-2015-1794
Workaround:
Not available.
Further Problem Description:
Additional details about those vulnerabilities can be found at http://cve.mitre.org/cve/cve.html
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are: 4.3/3.4
http://tools.cisco.com/security/center/cvssCalculator.x?version=2&vector=AV:N/AC:M/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C
The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Last Modified: | 24-FEB-2016 |
|
Known Affected Releases: | 1.2(1i) |
|
Known Fixed Releases: * | 1.2(1.137), 1.2(2g) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux50198 | Title: | switch logs tech support contains db and cli tech support |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
The tech support that contains ACI Switch logs also contains ACI switch database and CLI tech supports.
Conditions:
This occurs on 11.1 version of ACI Switch software when a non-local tech support is collected.
Workaround:
None
Further Problem Description:
None
|
|
Last Modified: | 24-FEB-2016 |
|
Known Affected Releases: | 11.1(3f) |
|
Known Fixed Releases: * | 1.2(1.117), 1.2(2g), 2.0(0.154) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux43024 | Title: | Configure vrf filter for fabrc SPAN source errors out in CLI |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Configuration of VRF or context filter for SPAN-ing fabric ports via CLI is not successful.
Conditions:
None.
Workaround:
Configure either a BD-filter or configure the context filter via GUI or REST API.
Further Problem Description:
|
|
Last Modified: | 24-FEB-2016 |
|
Known Affected Releases: | 1.2(1e) |
|
Known Fixed Releases: * | 1.2(1.109), 1.2(1.84), 1.2(2g), 2.0(0.154) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy40246 | Title: | APIC GUI Does Not Allow Contract Interfaces in 1.2 |
|
Status: | Other |
|
Severity: | 3 Moderate |
Description: | Symptom:
An administrator attempts to configure a consumed contract interface on the in-band EPG via the Cisco APIC GUI, but is not given the option.
Conditions:
The option to add a consumed contract interface is not provided in the APIC GUI for the in-band management EPG.
The consumed contract interface is able to be configured via REST POST.
Workaround:
The following POST makes the same configuration without using the APIC GUI using the default in-band EPG:
URL: https://APIC_IP/api/node/mo/uni/tn-mgmt/mgmtp-default/inb-default.xml
Method: POST
Payload:
Replace APIC_IP, INBAND_ENCAP and EXPORTED_CONTRACT as needed.
Further Problem Description:
|
|
Last Modified: | 24-FEB-2016 |
|
Known Affected Releases: | 1.2(1k) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy05529 | Title: | APIC Citrix SG adds "-Default" to folder name |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
-Default gets added to the folder name; therefore the SG won't be deployed
Conditions:
The hyphen in the folder name is not a valid character.
Workaround:
Change it to an underscore (_) or remove it all together
Further Problem Description:
|
|
Last Modified: | 24-FEB-2016 |
|
Known Affected Releases: | 1.1(4e), 1.2(1i) |
|
Known Fixed Releases: * | 1.2(1.107), 1.2(2g) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux24692 | Title: | RACL cant match on packets with Multicast MAC DA on n9200 |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
Routed ACL's will not match for packets with Multicast Ethernet MAC address as destination.
Conditions:
Routed ACL's will not match only for packets with Multicast Ethernet MAC address as destination.
Workaround:
None
Further Problem Description:
|
|
Last Modified: | 24-FEB-2016 |
|
Known Affected Releases: | 7.0(3)I3(0.140) |
|
Known Fixed Releases: * | 7.0(3)IDP3(1.134), 7.0(3)IDP3(1.140), 7.0(3)IDP3(2) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy11992 | Title: | L4-7 Device subnet doesn't immediately deploy and advertise after submit |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Any subnets added under Device Selection Policy after the service graph is rendered are not pushed to the leaf.
Conditions:
This happens when there is a VRF split in the fabric and operator has to configure subnets to leak between VRF.
Workaround:
Detach and re-attach contract/graph association.
Further Problem Description:
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 1.2(1k) |
|
Known Fixed Releases: * | 1.2(1.200), 1.2(1.210b), 1.2(1.214), 1.2(2.11a), 1.2(2.16), 1.2(2g), 2.0(0.191) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux21853 | Title: | inventory sync fails with vCenter online after other issues |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
VMM policy shows vCenter online but inventory is not sync and DVS disappeared.
Conditions:
- After hitting defect "VMM integration not working with vCenter DNS hostname instead of IP".
- Customer deleted controller profile and re-create it with same name and IP address of vCenter
Workaround:
Delete and re-add vCenter Domain under VM provider VMWare
Further Problem Description:
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 1.1(3f) |
|
Known Fixed Releases: * | 1.2(1.71b), 1.2(1.74), 1.2(2g) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy29818 | Title: | PSU information for APIC-M2 cannot be retrieved |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Can not get PSU information for APIC-M2 from GUI nor CLI.
Conditions:
APIC-M2.
Workaround:
n/a.
Further Problem Description:
This defect is still under investigation.
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 1.2(1k) |
|
Known Fixed Releases: * | 1.2(2.32a), 1.2(2.34), 1.2(2e), 1.2(2g) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy04021 | Title: | "set extcommunity" not working on egress route-map for BGP neighbor |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Set extcommunity command in an outbound route-map is not working.
Conditions:
No conditions.
Workaround:
On the remote box, configure an inbound route-map setting the extcommunity for the selected routes.
Further Problem Description:
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 7.0(3)I2(1) |
|
Known Fixed Releases: * | 7.0(3)IBL3(1), 7.0(3)IBL3(1.47), 7.0(3)IDP3(1.142), 7.0(3)IDP3(2), 7.3(1)PIB(0.23) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy47591 | Title: | ACI processes procProc.name on switch contains special characters |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
Processes list under Fabric > Inventory > Pod 1 > Node could contain special/unprintable characters.
Conditions:
Enlisting processes from the APIC WebUI or by querying procProc class
Workaround:
None
Further Problem Description:
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 11.2(1i) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy20938 | Title: | Opflex in Send functionality for more than 12 minutes |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
AVS opflex hand-shake is delayed for upto 5 mins after VIB upgrade when there is an high-load of VMotions in progress.
Conditions:
AVS VIB upgraded before VMotion events (due to host being put in maintenance mode) get soaked by APIC/fabric.
Workaround:
- opflex communication will recover and state will be 'active' once VMotion events are soaked by APIC/fabric.
- to avoid this delay, wait for 10 minutes between putting the host in maintenance mode and starting the VIB update.
Further Problem Description:
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 1.2(1.192) |
|
Known Fixed Releases: * | 1.2(2.32a), 1.2(2.34) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux92577 | Title: | Individual l3instp route-map fails when default-import configured |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Subnet level policy not applied
Conditions:
When default-import policy is present and incomplete
Workaround:
Remove or fix incomplete default-import policy
Further Problem Description:
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 1.2(1.143) |
|
Known Fixed Releases: * | 1.2(1.194), 1.2(2.3b), 1.2(2.6a), 1.2(2.9), 1.2(2g), 2.0(0.191) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy34239 | Title: | Error seen on trigger of techsupport local |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | "trigger techsupport local" command throws warnings in APIC CLI.Symptom:User will see the following output as part of "trigger techsupport local" command.
# trigger techsupport local
Running bash commands
Completed 1 of 11 commands
Completed 2 of 11 commands
Completed 3 of 11 commands
Completed 4 of 11 commands
Completed 5 of 11 commands
Completed 6 of 11 commands
Completed 7 of 11 commands
Completed 8 of 11 commands
Completed 9 of 11 commands
Completed 10 of 11 commands
Completed 11 of 11 commands
Starting data compression
Writing output to /data/techsupport/local_ifav98-apic2_2016-02-18T18-20.tgz
/bin/tar: Removing leading `/' from member names
/bin/tar: Removing leading `/' from hard link targets
/bin/tar: /var/log/dme/oldlog/lost+found: Warning: Cannot open: Permission denied
/bin/tar: /var/log/external/messages: Warning: Cannot stat: No such file or directory
/bin/tar: /data/devicescript/*/logs: Warning: Cannot stat: No such file or directory
Conditions:tech support local collects and pass the predefined list files to tar command. If the specified file is missing or if it's a link. the tar command throws out the warnings mentioned in the symptom section. No information/logs are lost due to this warnings.
Workaround:Please use GUI to collect techsupport from controller or switch.
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 1.2(2.11a), 1.2(2a) |
|
Known Fixed Releases: * | 1.2(2.32a), 1.2(2.34), 1.2(2d), 1.2(2g) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy26779 | Title: | Traffic loss after downgrade from bzmr1 to Brazos for some tenants |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Traffic loss after downgrade from bzmr1 to Brazos for some tenants
Conditions:
Missing actrlPfxEntry after downgrading to brazos
Workaround:
Unset / reset import-security bit on the affected subnet.
Further Problem Description:
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 1.2(1m) |
|
Known Fixed Releases: * | 1.2(2.29), 1.2(2.32a), 1.2(2.34), 1.2(2f), 1.2(2g) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux96520 | Title: | Taboo rule s-any-d-pctag missing with image 1l |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Taboo rule missing on EPG when multiple taboo contracts under an EPG use the same filter
Conditions:
This can happen when an EPG has multiple taboo contracts using the same filter, and then one of the taboo contracts is deleted.
Workaround:
Touch the configuration (even just descr) of the remaining taboo contract.
Or avoid this configuation by only using a single taboo contract under the EPG.
Further Problem Description:
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 11.2(1.184), 11.2(1.192), 11.2(1k) |
|
Known Fixed Releases: * | 1.2(1.208e), 1.2(1.210b), 1.2(1.214), 1.2(2.19), 1.2(2g), 2.0(0.191) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux56499 | Title: | Same VRF tag gets displayed repeatedly on XML of sh bgp all summary|xml |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Same VRF tag gets displayed repeatedly on XML of "sh bgp all summary | xml"
nxos-pe1(config-evpn-evi)# show bgp all summary | xml
<__readonly__>
default
1.1.1.1
100
1
1
default
1.1.1.1
100
2
1
Conditions:
No conditions.
Workaround:
Take XML for a specific AFI SAFI you are interested, such as "show bgp ipv4 unicast summary | xml "
Further Problem Description:
None
|
|
Last Modified: | 28-FEB-2016 |
|
Known Affected Releases: | 7.0(3)I3(0.180) |
|
Known Fixed Releases: * | 7.0(3)I3(0.195), 7.0(3)I3(1), 7.0(3)IAB3(0), 7.0(3)IAB3(0.53), 7.0(3)ITI2(1), 7.0(3)ITI2(1.100), 7.3(0)D1(0.190), 7.3(0)IZN(0.13), 7.3(0)N1(0.246), 7.3(0)N1(1) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy50223 | Title: | ACI Toolkit Intersite : stale l3extSubnet on remote-site is not deleted |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
When intersite feature for aci toolkit is used, EndPoint in local-site are synced to l3extSubnets on remote-site.
So when EndPoint has been removed from local-site, corresponding l3extSubnet on remote-site should be removed by aci toolkit.
However they are not removed due to bad POST parameter by aci toolkit.
Conditions:
When intersite feature for aci toolkit is used and EndPoint in local-site is removed
Workaround:
remove those l3extSubnet manually
Further Problem Description:
This is the bad POST in this defect
{'l3extSubnet': {'attributes': {'status': 'deleted', 'ip': u'10.143.96.110'}}}
This is a good POST
{'l3extSubnet': {'attributes': {'status': 'deleted', 'ip': u'10.143.96.110/32'}}}
This is the python script for intersite on aci-toolkit.
https://github.com/datacenter/acitoolkit/blob/master/applications/multisite/intersite.py
|
|
Last Modified: | 28-FEB-2016 |
|
Known Affected Releases: | f1c1bd0f4e232d4467c58491138389615d1db1fe |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy49114 | Title: | ACI: Fault F1606 triggered for all EPGs after SCVMM failover |
|
Status: | Other |
|
Severity: | 3 Moderate |
Description: * | Symptom:
Fault F1606 generated for all EPG's after failing over SCVMM
Conditions:
SCVMM failover
Workaround:
Deleting an recreating the EPGs.
Further Problem Description:
|
|
Last Modified: | 29-FEB-2016 |
|
Known Affected Releases: | 1.2(1i) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu66782 | Title: | FEX PS : incorrect ceExtEntityLEDType and ceExtEntityLEDColor |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
The ceExtEntityLEDType and ceExtEntityLEDColor for FEX PS is out of rang and always always returned red.
Problem exists in 6.1.2.I1.1.
Fix had been integrated into 7.0(3)I101
Conditions:
The problem only happen on FEX PS.
Workaround:
Use CLI "show env fex" instead.
Further Problem Description:
|
|
Last Modified: | 29-FEB-2016 |
|
Known Affected Releases: | 7.0(3)I2(0.350) |
|
Known Fixed Releases: * | 7.0(3)I2(0.366), 7.0(3)I2(1), 8.3(0)CV(0.72), 8.3(0)SF(0.2) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy42027 | Title: * | Disable BootFlash diagnostic failure on LC/FM/SC by default |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
BootFlash diagnostic failure on Line card
Test results: (. = Pass, F = Fail, I = Incomplete,
U = Untested, A = Abort, E = Error disabled)
1) ASICRegisterCheck-------------> .
2) PrimaryBootROM----------------> .
3) SecondaryBootROM--------------> .
4) OBFL--------------------------> .
5) ACT2--------------------------> .
6) BootFlash---------------------> E
7) AsicMemory--------------------> .
8) FpgaRegTest-------------------> .
9) Pcie--------------------------> .
Conditions:
Run bash
ssh 127.1.2. -l root
dmesg | grep read-only
Workaround:
Disable the diagnostic bootflash test manually for all the line cards.
no diagnostic monitor module test
Example:
no diagnostic monitor module 5 test 6
Further Problem Description:
The bootflash on the LC is not used by any s/w component. So having a periodic test to monitor is unnecessary.
The bootflash on LCs will be discontinued in future h/w.
|
|
Last Modified: | 01-MAR-2016 |
|
Known Affected Releases: | 6.1(2)I3(5) |
|
Known Fixed Releases: | 7.0(3)I2(2.111), 7.0(3)I2(2b), 7.0(3)I2(3) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy50611 | Title: | N9K: Link goes up when inserting SFP without cables |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
A Link goes up when inserting SFP without cables
Conditions:
This issue is seen with the combination of Nexus9396PX and 10G-SR SFP.
Workaround:
Remove / Insert the SFP
Further Problem Description:
|
|
Last Modified: | 29-FEB-2016 |
|
Known Affected Releases: | 6.1(2)I3(2) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy47950 | Title: | ACI policy upgrade does not upgrade EPLD/FPGA on both supervisors |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: * | Symptom:
After completing the switch firmware upgrade from the APIC GUI, fault F1582 (firmware-version-mismatch) is raised for one of the supervisors of the switch.
This Fault is benign, and it wont impact any Functionality.
Conditions:
After completing the switch firmware upgrade from the APIC GUI, EPLD/FPGA needs to be upgraded on both supervisors on a switch.
Workaround:
1. Power cycle the switch. (or)
2. Downgrade the switch, then put the supervisor that needs the EPLD/FPGA to be upgraded as standby, then upgrade the switch again.
Further Problem Description:
|
|
Last Modified: | 29-FEB-2016 |
|
Known Affected Releases: | 11.2(2g) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux09521 | Title: | serviceGraph delete: all the host entries are not getting flushed on ASA |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: * | Symptom:
Dynamic object group entries are not deleted or added from/to ASA on a service graph delete
Conditions:
When many endpoints are added or deleted from fabric at the same instant, corresponding action is not performed on ASA dynamic object group entries
Workaround:
1. Issue a requery for device validate on the device cluster
2. Manually add or delete the endpoint in the object group on the service device
Please note that 1) is the preferred option
Further Problem Description:
|
|
Last Modified: | 01-MAR-2016 |
|
Known Affected Releases: | 1.1(4e), 1.2(1.208e) |
|
Known Fixed Releases: | 1.1(4h), 1.2(2.26), 1.2(2.32a), 1.2(2.34), 1.2(2f) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy51472 | Title: | ACI:DOC caution about interface counter reset on interface flap |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
need explanation about interface counter reset on interface flap
Conditions:
Workaround:
Further Problem Description:
|
|
Last Modified: | 29-FEB-2016 |
|
Known Affected Releases: | 1.2(1i) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy50375 | Title: | doc: Add Warning for Single APIC Cluster in 1.2 RNE |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Configuration lost after upgrading APIC to a 1.2(x) release.
Conditions:
When upgrading a single APIC fabric and database corruption is detected during the upgrade process.
Workaround:
Factory reset the fabric and re-import the backup configuration.
Further Problem Description:
|
|
Last Modified: | 29-FEB-2016 |
|
Known Affected Releases: | 1.2(1m), 1.2(2g), 1.2(2h) |
|
Known Fixed Releases: | 1.2(1i), 1.2(1k), 1.2(2g), 1.2(2h) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy50191 | Title: | Inband EPG does not allow contract with a - in the name |
|
Status: | Open |
|
Severity: | 4 Minor |
Description: | Symptom:
-missing-target message when configuring a consumed contract under a inband EPG
Conditions:
contract with a "-" in the name
Workaround:
create a new contract without a "-" in the name
Further Problem Description:
|
|
Last Modified: | 27-FEB-2016 |
|
Known Affected Releases: | 1.2(1m) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy49809 | Title: | Admin disable link on leaf has link showing UP on server interfaces |
|
Status: | Open |
|
Severity: | 4 Minor |
Description: | Symptom:
Server interfaces connected to fabric leaf stay UP even if the interfaces on the leaf are admin disable.
Conditions:
Convert leaf from NXOS mode to ACI on version 1.2(1m) or upgrade leaf from 1.2(1k) to 1.2(1m)
Workaround:
Flapping affected interface(s) on the leaf will make the interface(s) on the server report correctly.
Further Problem Description:
|
|
Last Modified: | 27-FEB-2016 |
|
Known Affected Releases: | 11.2(1m) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux66793 | Title: | EPG Static Path for FEX under Create Application Profile wizard |
|
Status: | Fixed |
|
Severity: | 4 Minor |
Description: | Symptom:
No suggestions on how to configure a FEX static path
Conditions:
Creating an EPG from the "Create Application Profile" wizard
Workaround:
Further Problem Description:
|
|
Last Modified: | 24-FEB-2016 |
|
Known Affected Releases: | 1.2(1k) |
|
Known Fixed Releases: * | 1.2(1.118), 1.2(2g), 2.0(0.154) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux80924 | Title: | "F1690 terminal node is missing a terminal" raised after Mo is deleted |
|
Status: | Fixed |
|
Severity: | 4 Minor |
Description: | Symptom:
faults F1690 in service graph with Error "configuration is invalid due to terminal node is missing a terminal" while vns.RsTermToEPg does exist.
Conditions:
none
Workaround:
To Be Updated.
Further Problem Description:
|
|
Last Modified: | 24-FEB-2016 |
|
Known Affected Releases: | 1.1(1r) |
|
Known Fixed Releases: * | 1.2(1.149b), 1.2(1.152), 1.2(2g), 2.0(0.172) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux79217 | Title: | NX-OS Licensing Guide suggest that licenses for ACI are required |
|
Status: | Fixed |
|
Severity: | 4 Minor |
Description: | Symptom:
The NX-OS Licensing Guide documentation says that the following ACI PIDs require licenses:
ACI-N9K-48X(=)
ACI-N9K-96X(=)
ACI-F48G=
ACI-F32X=
ACI-F48X=
Conditions:
When working with Nexus 9000 series devices running in ACI mode.
Workaround:
These devices do not require the customer to install a license. The customer is entitled to configure any and all features on the device(s) after they have purchased the device(s).
Further Problem Description:
|
|
Last Modified: | 04-FEB-2016 |
|
Known Affected Releases: | 1.2(1k) |
|
Known Fixed Releases: * | 7.0(3)I3(1) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux66774 | Title: | EPG show L3ext domain when under AP creation wizard |
|
Status: | Fixed |
|
Severity: | 4 Minor |
Description: | Symptom:
Dropdown has options for L2 and L3 domains when creating an EPG under the "Create Application Profile" wizard
Conditions:
Creating an EPG under the Create Application Profile wizard
Workaround:
Further Problem Description:
|
|
Last Modified: | 24-FEB-2016 |
|
Known Affected Releases: | 1.2(1k) |
|
Known Fixed Releases: * | 1.2(1.118), 1.2(2g), 2.0(0.154) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy45583 | Title: | Stale VLANs programmed on interfaces causes vPC configuration failure |
|
Status: | Open |
|
Severity: | 4 Minor |
Description: | Symptom:
VLANs for VMM domain are deployed on leaf even though the EPG for that VLAN has no VMM domain configuration. This can cause a programming failure when adding those interfaces to a port channel due to a vlan mismatch.
Conditions:
Configuring vPC after previously configuring and removing VMM domain association.
Workaround:
Wipe the leaf and reload or use different interfaces for the vPC
Further Problem Description:
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 1.2(1i) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy20146 | Title: | Block Configuration when attempting to deploy multiple encaps on l3out |
|
Status: | Fixed |
|
Severity: | 4 Minor |
Description: | Symptom:
L3 out not working as expected
Conditions:
Two or more encaps configured on the same SVI based L3out or using Untagged access and Trunk.
Workaround:
Use the same encap on all interfaces when doing an L3 out via an SVI.
Further Problem Description:
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 1.2(1k) |
|
Known Fixed Releases: * | 1.2(2.16), 1.2(2.19), 2.0(0.191) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy42147 | Title: | /dev/root 86% utilization on N9k running 7.0(3)I1(2) |
|
Status: | Open |
|
Severity: | 4 Minor |
Description: | Symptom:
/dev/root at 86% utilization on n9k
F340.12.23-93128-1(config)# sh system internal flash
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/root 1048576 898668 149908 86% /<<<<<<<<<<<<<<<<<<<<<<<<<<< usage
none 1048576 709020 339556 68% /isan
none 40960 1492 39468 4% /nxos/tmp
none 51200 72 51128 1% /var/log
Also following syslog messages are seen:
Local2 information 09 Feb 2016, 10:17:12 : 2016 Feb 9 16:16:24.971 UTC: %FS-DAEMON-6-FSD_ENOSPC_ROOT: System root usage has reached 86%. You may delete some old files from root or /var/log to free up space
With: logging level fs-daemon 7 (still getting syslogs):
Local2 information 09 Feb 2016, 10:36:13 : 2016 Feb 9 16:35:25.703 UTC: %FS-DAEMON-6-FSD_ENOSPC_ROOT: System root usage has reached 86%. You may delete some old files from root or /var/log to free up space
Conditions:
N9k running 7.0(3)I1(2) and 7.0(3)I1(3)
Workaround:
Set logging level fs-daemon to 5 to suppress syslog messages.
Further Problem Description:
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 7.0(3)I1(2), 7.0(3)I1(3) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux78364 | Title: | "Getting Started with the Cisco APIC Python API" AAA Login Syntax |
|
Status: | Fixed |
|
Severity: | 4 Minor |
Description: | Symptom:
The Python SDK documentation doesn't provide the username syntax for AAA Login.
Conditions:
N/A.
Workaround:
AAA Login username syntax is:
apic:domain\\username
See http://cobra.readthedocs.org/en/latest/getting-started.html
Further Problem Description:
|
|
Last Modified: | 13-FEB-2016 |
|
Known Affected Releases: | 1.1(4e) |
|
Known Fixed Releases: * | 1.2(1.169), 2.0(0.172) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy46629 | Title: | ACI - L3 external STATS not visible on GUI |
|
Status: | Fixed |
|
Severity: | 4 Minor |
Description: | Symptom:
Tenants > Tenant_ID > Tenant Tenant_ID > Networking > External Routed Networks > L3 external profile > Stats
L3 external Stats doesn't show any statistics while traffic is passing, it will show "no stats data to display".
Packets are counted by Hardware, stats can be seen for Physical interfaces, and VPCs, as well as broadcom level.
Conditions:
Workaround:
Check Physical/VPC interface stats.
Further Problem Description:
|
|
Last Modified: | 26-FEB-2016 |
|
Known Affected Releases: | 1.2(2g) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux50369 | Title: | Cannot delete policies starting with "__ui_" |
|
Status: | Terminated |
|
Severity: | 4 Minor |
Description: * | Symptom:Unable to delete policies created in Basic Mode GUI or using the naming convention from Basic Mode GUI (starting with __ui_)
Conditions:Hit when looking at something in Advanced Mode GUI that was created by the backend when configuring policy in Basic Mode GUI
Workaround:These policies, having been internally created using the basic GUI, should not be deleted/modified directly since the User wouldn't know the effect of such operations. Recommended to delete these policies from the basic GUI.
Another option is to delete using REST API POST, but make sure you understand the implications of deleting the object before doing so.
More Info:
|
|
Last Modified: | 03-FEB-2016 |
|
Known Affected Releases: | 1.2(1i) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv94475 | Title: | F0469-dhcp-policy-not-present still raised even dhcpRelay labels removed |
|
Status: | Fixed |
|
Severity: | 4 Minor |
Description: | Symptom:
If customer removes the DHCP replay policy from the tenant before removing the DHCP Relay Labels (which refer to the DHCP relay policy) from the BD, the faults F0469 would remain raised even the BD is not referring to that DHCP policy any more.
Conditions:
Remove the DHCP relay policy before removing the DHCP Relay Labels under the BD.
Workaround:
Remove the DHCP Relay Labels from the BD at first.
Further Problem Description:
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 1.1(2h) |
|
Known Fixed Releases: * | 1.1(2.26a), 1.1(2.30), 1.1(3f), 1.2(0.86a), 1.2(0.89), 1.2(1.17), 1.2(1i), 1.2(2.32a), 1.2(2.34), 2.0(0.95) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy39915 | Title: | DropPkts counter in copp stats is not accurate when drops occur on SC |
|
Status: | Terminated |
|
Severity: | 4 Minor |
Description: | Symptom:
SC only gives byte count for dropped packets so when we consolidate the stats in ibash we end up with a pkt count taken from FCs only and a byte count that includes both FC and SC consolidated.
Example:
scale2-spine1# show copp policy stats | egrep 'ifc|COPP'
COPP Class COPP proto COPP Rate COPP Burst AllowPkts AllowBytes DropPkts DropBytes
ifc ifc 5000 5000 3676327 5129833640 81721 277240165
The DropPkts counter above should be 190412 for this example.
Conditions:
SUP bound packets that get rate limited at the System Controller card
Workaround:
None
Further Problem Description:
|
|
Last Modified: | 22-FEB-2016 |
|
Known Affected Releases: | 11.2(2f) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux84468 | Title: | No action for Right Click on Configured Nodes |
|
Status: | Fixed |
|
Severity: | 5 Cosmetic |
Description: | Symptom:
There are no actions listed when right clicking the "Configured Nodes" Folder under Tenant > Networking > External Routed Networks > Logical Node Profiles > Configured Nodes
Conditions:
Navigating the APIC User Interface
Workaround:
There is no workaround for this, but it will not impact prevent the user from making any configurations on the fabric.
Further Problem Description:
|
|
Last Modified: | 24-FEB-2016 |
|
Known Affected Releases: | 1.2(1i) |
|
Known Fixed Releases: * | 1.2(1.152), 1.2(2g), 2.0(0.172) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy10627 | Title: | Wrong figure used to describe the back of C220 M4 (APIC) |
|
Status: | Fixed |
|
Severity: | 5 Cosmetic |
Description: | Symptom:
Wrong figure used to describe the back of APIC controller on the C220 M4 hardware.
Conditions:
In the document below
Application Centric Infrastructure Fabric Hardware Installation Guide
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/hw/aci_hig/guide/b_aci_hardware_install_guide/overview.html
Workaround:
Used figure in the PDF document
Cisco Application Centric Infrastructure Fabric Hardware Installation Guide (PDF)
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/hw/aci_hig/guide/b_aci_hardware_install_guide.pdf
Further Problem Description:
|
|
Last Modified: | 03-FEB-2016 |
|
Known Affected Releases: | 1.2(1k) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy08636 | Title: | Cisco APIC REST API User Guide Typo |
|
Status: | Fixed |
|
Severity: | 5 Cosmetic |
Description: | Symptom:
Typo in user guide
Conditions:
In section "Example: Using the XML API to Authenticate a User" of the Cisco APIC REST API User Guide
Workaround:
change from .json to .xml
Further Problem Description:
|
|
Last Modified: | 09-FEB-2016 |
|
Known Affected Releases: | 1.2(1k) |
|
Known Fixed Releases: * | 1.2(1k) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy25869 | Title: | F0080: fltDhcpProviderAddressAssignmentFailed has wrong recommendation |
|
Status: | Fixed |
|
Severity: | 5 Cosmetic |
Description: | Symptom:
* Receiving the fault F0080 - fltDhcpProviderAddressAssignmentFailed
Conditions:
* This occurs when the APICs are unable to assign a new TEP IP address to a new device being provisioned into the ACI Fabric.
* The APIC is unable to assign a new IP address from the TEP Address range, as it has run out of IP addresses
Workaround:
* It is not possible to extend this TEP Address range pool or modify the address pool - which was configured during the initial setup of the APICs.
* The user must export the configuration of the APICs, wipe clean the APIC and go through the Initial setup script once more. Ensure that a large subnet is selected during initialization. At a minimum, a /23 network must be chosen.
Further Problem Description:
This bug is being used to track the incorrect recommended steps detailed in the Fault F0080. In order to recover, one must perform the steps outlined in the Workaround section
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 1.1(1r), 1.2(1k) |
|
Known Fixed Releases: * | 2.0(0.191) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux94684 | Title: | N9300 show hardware shows wrong Fan information when removing a Fan |
|
Status: | Fixed |
|
Severity: | 5 Cosmetic |
Description: | Symptom:
When removing any Fan on Nexus9300 switch, "show hardware" shows the last Fan is removed. Following is an example for N9372PX:
*** When removing Fan1***
leaf1# show hardware | grep -A 10 Fan
Chassis has 3 Fans
---------------------------------------
Fan1(sys_fan1)(fan_model:N9K-C9300-FAN2) is inserted but info is not available
Fan2(sys_fan2)(fan_model:N9K-C9300-FAN2) is inserted but info is not available
Conditions:
When any Fan removed from the chassis.
Workaround:
none. This is cosmetic issue.
Further Problem Description:
|
|
Last Modified: | 13-FEB-2016 |
|
Known Affected Releases: | 11.2(1k) |
|
Known Fixed Releases: * | 1.2(1.177), 2.0(0.172) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux98070 | Title: | ACI: policy-limit-exceeded fault after creating and deleting L4-L7 dev |
|
Status: | Fixed |
|
Severity: | 5 Cosmetic |
Description: | Symptom:
Getting following fault after creating and F5-BIGIP service-graph and deleting it.
# fault.Inst
code : F1853
ack : no
cause : policy-limit-exceeded
changeSet : curr (Old: 0, New: 4294967294), exceeded (Old: no, New: yes)
childAction :
created : 2016-01-11T11:15:04.913+02:00
delegated : no
descr : Number of vnsCDev exceeds supported fabric-wide limit of 1200
dn : globalPolCounts-[uni/fabric]/count-vnsCDev/fault-F1853
domain : tenant
highestSeverity : warning
lastTransition : 2016-01-11T11:17:21.502+02:00
lc : raised
modTs : never
occur : 1
origSeverity : warning
prevSeverity : warning
rn : fault-F1853
rule : pol-gcount-limit-exceeded
severity : warning
status :
subject : policy-count
type : config
uid :
This issue appears to be cosmetic and has no functional impact.
Conditions:
Workaround:
Further Problem Description:
|
|
Last Modified: | 13-FEB-2016 |
|
Known Affected Releases: | 1.1(3f) |
|
Known Fixed Releases: * | 1.2(1.185), 2.0(0.172) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux52554 | Title: | L4-7 Device Package Supported Protocols not displaying in APIC GUI |
|
Status: | Fixed |
|
Severity: | 5 Cosmetic |
Description: | Symptom:
The correct Rest HTTP get is being sent and the "supportedProtocols" response is correctly received however the browser does not display the contents. Expecting to see "bgp,bgpv6,ospf,ospfv3" in the GUI for the below example as a result of this call.
method: GET
url: https://10.66.80.242/api/node/mo/uni/infra/mDev-CISCO-ASA-1.2/mClusterCfg.json?query-target=children&target-subtree-class=vnsRoutingCfg&subscription=yes
response: {"totalCount":"1","subscriptionId":"72057628415557641","imdata":[{"vnsRoutingCfg":{"attributes":{"childAction":"","dn":"uni/infra/mDev-CISCO-ASA-1.2/mClusterCfg/mRoutingCfg","lcOwn":"local","modTs":"2015-12-12T16:11:48.091+11:00","name":"","status":"","supportedProtocols":"bgp,bgpv6,ospf,ospfv3"}}}]}
Conditions:
Workaround:
Further Problem Description:
|
|
Last Modified: | 24-FEB-2016 |
|
Known Affected Releases: | 1.2(1i) |
|
Known Fixed Releases: * | 1.2(1.91a), 1.2(1.93), 1.2(2g), 2.0(0.154) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy10009 | Title: | LLDP - APIC port ID does not show actual port |
|
Status: | Fixed |
|
Severity: | 5 Cosmetic |
Description: | Symptom:
LLDP Neighbors on APIC GUI under a Leaf does not display the physical Port ID of the connected APIC whereas we do see the physical port of a connected Spine, etc.
Conditions:
this appears to be Day 1 behavior so filing this feature request
Workaround:
Not service impacting and simply a display issue
Further Problem Description:
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 1.1(4e), 1.1(4f) |
|
Known Fixed Releases: * | 1.2(1.194), 1.2(2g), 2.0(0.191) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy43872 | Title: | GUI do not shows correct certificate status after upgrade to 1.2(2g) |
|
Status: | Fixed |
|
Severity: | 5 Cosmetic |
Description: | Symptom:
Gui is not showing certificate status correctly after upgrade to Brazos MR1
Conditions:
Workaround:
Further Problem Description:
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 1.2(2g) |
|
Known Fixed Releases: * | 1.2(2.32a), 1.2(2.34), 1.2(2h) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy22704 | Title: | [Doc] ACI FSM related faults incorrectly documented as critical |
|
Status: | Fixed |
|
Severity: | 5 Cosmetic |
Description: | Symptom:
When reviewing the Cisco APIC documentation for certain faults, such as FSM related faults, the documentation is incorrectly stating the Severity Level at which the fault will be generated.
Most FSM-failures should be of Severity = Major, however these are incorrectly documented as Severity = Critical
Conditions:
Reviewing the Fault Summary via the following URL on your APIC:
https:///doc/html/FAULT-F.html
https://1.2.3.4/doc/html/FAULT-F606871.html
Workaround:
Not applicable, as should one of these Faults be generated by the System, the APIC correctly generates the Fault with the right Severity Level. Most FSM-failures should be of Severity = Major.
Further Problem Description:
This Bug is to correct the incorrect documentation of the Fault Severity code.
|
|
Last Modified: | 20-FEB-2016 |
|
Known Affected Releases: | 1.1(1r), 1.2(1k) |
|
Known Fixed Releases: * | 1.2(2a) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux83770 | Title: | APIC - Initial OOB mgmt address should automatically create an MO |
|
Status: | Open |
|
Severity: | 6 Enhancement |
Description: * | Symptom:
In initial Fabric Bringup, users are prompted to enter an OOB IP address for the APICs.
After Fabric Bringup, Management on this IP Address works fine, however, some services require that the IP Address is defined in APIC GUI (Our tested example is with SNMP).
Conditions:
Workaround:
Manually configure the same IP Address in APIC GUI.
Further Problem Description:
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 1.2(1k) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy16419 | Title: | APIC CLI: Terminal length command missing to control output display |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
APIC CLI available in version 1.2 allows for additional NXOS-like CLI options. However, there is no way in the native output to control the length of the output similar to "terminal length" command in NXOS.
Conditions:
APIC CLI running version 1.2 and attempting to control the output length of show commands.
Workaround:
User can use the following:
- 'show | cat' to dump the output
- 'show | more -' to set the number of lines forwarded.
Further Problem Description:
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 1.2(1m) |
|
Known Fixed Releases: * | 1.2(1.208), 1.2(2.11a), 1.2(2.16), 1.2(2g), 2.0(0.191) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu38404 | Title: | [eft-bputra] Port lockdown feature for open ports on Fabric SVI interfac |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
In the release notes, we clearly document the current list of protocols that are allowed (and cannot be blocked through contracts).
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/release/notes/aci_nxos_rn_1103n.html
Conditions:
In the release notes, we clearly document the current list of protocols that are allowed (and cannot be blocked through contracts).
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/release/notes/aci_nxos_rn_1103n.html
Workaround:
none
Further Problem Description:
Security Vulnerabilities
|
|
Last Modified: | 25-FEB-2016 |
|
Known Affected Releases: | 1.1(0.766m), 1.1(0.766p), 1.1(0.867h), 7.2(0)ZN(99.198) |
|
Known Fixed Releases: * | 12.0(0.81) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCux19283 | Title: | Update UI "Remember Tree Selection" settings to remember open folders |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
Currently the APIC Remember Tree Selection setting only works if you actually select an object under a folder while navigating through the trees in the UI pane. It will save that object location for reference when the same pane in the GUI is reached. If a folder is selected (anything that is not an actual object) the location will not be saved,.
Conditions:
Using the APIC UI and Remember Tree Selection option is configured under APIC settings in the top right menu pull down.
Workaround:
Further Problem Description:
There is an option in the UI under settings to remember the current tree selection. This works as long as a folder is opened and an actual object is clicked on. This enhancement request is being opened to also remember the location based upon only which folders have been opened, if a folder is selected, even if an object is not selected.
|
|
Last Modified: | 24-FEB-2016 |
|
Known Affected Releases: | 1.2(0.239d) |
|
Known Fixed Releases: | 1.2(1.55a), 1.2(1.57a), 1.2(1.65), 1.2(2g) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy41915 | Title: | Enhancement to allow the APIC to be an NTP server for switches |
|
Status: | Open |
|
Severity: | 6 Enhancement |
Description: | Symptom:
The APIC cannot act as an NTP server
Conditions:
You would like the APIC to act as an NTP server so that the switches can sync to it rather then syncing to an NTP server externally.
Workaround:
n/a
Further Problem Description:
|
|
Last Modified: | 24-FEB-2016 |
|
Known Affected Releases: | 1.2(2g) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux61962 | Title: | Adj gets deleted when the host is in a disconnected state |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
VM's lose connectivity through ACI while a Host is disconnected to vCenter
Conditions:
Issue Summary:
1. ESXi host loses connectivity to vCenter
2. If ACI performs an inventory sync during this time, the host adjacency gets deleted
3. As a result, the policy is removed from the corresponding leaves
Workaround:
1) Set the effected EPGs to use Pre-Provision for the VMM_Domain
2) Or, Restore connectivity from ESXi to vCenter
Further Problem Description:
|
|
Last Modified: | 24-FEB-2016 |
|
Known Affected Releases: | 1.1(3f) |
|
Known Fixed Releases: * | 1.2(1.122), 1.2(2g), 2.0(0.154) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux43224 | Title: | GUI "Fault Properties" Window |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
Fault code should show under "Properties"
Conditions:
Workaround:
Expand "Details" and the Fault code shows up there
Further Problem Description:
|
|
Last Modified: | 24-FEB-2016 |
|
Known Affected Releases: | 1.1(3f) |
|
Known Fixed Releases: * | 1.2(1.78), 1.2(2g), 2.0(0.118) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux59727 | Title: | APIC - AVS pool & AVS multicast overlap |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
See Fault F0565 and the EPGs created do not get pushed to Port group.
Conditions:
Under AVS Settings using a Multicast Address from the Multicast Address Pool.
Workaround:
Ensure Multicast Address & Multicast Address Pools do not overlap.
Example: Enter Multicast Address as 225.1.1.1
Enter Multicast Address Pool as 225.1.1.2-225.1.1.254
Further Problem Description:
|
|
Last Modified: | 24-FEB-2016 |
|
Known Affected Releases: | 1.1(3f) |
|
Known Fixed Releases: * | 1.2(1.122), 1.2(2g), 2.0(0.154) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux40946 | Title: | New BDs are not added to 'default' route-map automatically |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
The public subnets of some of the bridge-domains (BDs) are not advertised to external networks, although protocols (BGP, OSPF, EIGRP) are configured with 'default' route-map in direction 'out'.
Conditions:
1. The route-map 'default' has already been created ('default' route-map is created on first usage of it).
2. Either a new BD with one or more public subnets is added to the same tenant and VRF or an existing BD, which didn't have any public subnet earlier, is configured to have one or more public subnets.
Workaround:
The BDs, missing from 'default' route-map can be easily figured out by dumping 'default' route-map using 'show running-config'. These missing BDs i.e. BDs, with public subnets, that were added after creation of 'default' route-map can be added manually to 'default' route-map using the route-map command 'match bridge-domain'.
Further Problem Description:
|
|
Last Modified: | 24-FEB-2016 |
|
Known Affected Releases: | 1.2(1c) |
|
Known Fixed Releases: * | 1.2(1.177), 1.2(2g), 2.0(0.172) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuw40457 | Title: | dhcp relay does not add mod/port to dhcp request |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
The Nexus 9k as dhcp relay only adds the Circuit ID and Vlan sub option in Option 82, not the Port and Slot information.
Conditions:
The Nexus 9k is a configured as a dhcp relay
Workaround:
There is no workaround
Further Problem Description:
|
|
Last Modified: | 23-FEB-2016 |
|
Known Affected Releases: | 7.0(3)I1(1a) |
|
Known Fixed Releases: * | 7.0(3)I3(0.239), 7.0(3)I3(1), 7.0(3)IAB3(0), 7.0(3)IAB3(0.100), 7.0(3)IDP3(1.78), 7.0(3)IDP3(2), 7.0(3)ITI2(1), 7.0(3)ITI2(1.100), 7.0(3)ITM3(0), 7.0(3)ITM3(0.7) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCur73197 | Title: | 'show copp policy stats' is not accurate for spine nodes |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
'show copp policy stats' is inaccurate on spine nodes
Conditions:
command issued on spines. No functionality impact.
Workaround:
use vsh_lc commands.
Further Problem Description:
|
|
Last Modified: | 20-FEB-2016 |
|
Known Affected Releases: | 11.0(2) |
|
Known Fixed Releases: * | 11.2(1.205), 11.2(1.206), 11.2(2e), 11.2(2f) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv94317 | Title: | Add Endpoint Timestamp for Endpoint Learning |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
Endpoints in the GUI do not currently indicate the time when they were learned.
Conditions:
Observing the "Operational" tab of an EPG in the GUI to list learned endpoints.
Workaround:
View /var/log/dme/log/epmc-trace.txt for information on endpoint learning on fabric switches.
Further Problem Description:
|
|
Last Modified: | 19-FEB-2016 |
|
Known Affected Releases: | 1.1(1o) |
|
Known Fixed Releases: * | 1.2(1i), 1.2(2a) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCut84965 | Title: | Vlans are programmed on interfaces unassociated to the pool |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
You are receiving "Invalid Path Configuration faults" pointing to an IP address of a blade switch (fabric interconnect). The access policies for these paths are correct. Vlans are programmed on interfaces that are not associated to a pool that has those vlans. This is because you have a blade switch that has multiple uplinks to the fabric. Some of those uplinks are mapped to the VMM domain AEP, some are mapped to another AEP.
Conditions:
dynamic paths are associated to the wrong interface policy groups. We build and adjacency to the blade switch itself, and since other interfaces are learning CDP from that, but those interfaces are not part of the VMM domain AEP, we throw a fault.
Workaround:
Change the Resolution Immediacy of the VMM domain to "Pre-Provisioning" within the EPG. This bypasses the need for an adjacency and will push the VLAN only to interfaces that are part of the VMM AEP.
If this does not resolve it, it is because there may be some stale objects pointing t the blade switch. The 1.2(1i) code is confirmed to have the fix if you continue to use pre-provisioning.
Further Problem Description:
|
|
Last Modified: | 13-FEB-2016 |
|
Known Affected Releases: | 1.0(3f) |
|
Known Fixed Releases: * | 2.0(0.157), 2.0(0.172) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux57344 | Title: | SCVMM/Hyper-V Agent should not install on non-US Windows Server |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
SCVMM Agent Set-ApicConnInfo fails with error: "The remote server returned an error: (400) Bad Request."
Conditions:
SCVMM Agent is installed on non-ASCII Windows platform
Workaround:
none
Further Problem Description:
The xml payload from the POST request sent from the Set-ApicConnInfo cmdlet to the APIC SCVMM Agent service is malformed. More specifically, it is missing the first two characters ("
................
|
|
Last Modified: | 13-FEB-2016 |
|
Known Affected Releases: | 1.1(4e) |
|
Known Fixed Releases: * | 1.2(1.143), 2.0(0.172) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv36696 | Title: | CDP information is not shown by VCENTER for AVS though it is seen by VEM |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
CDP information is not visible in vCenter for vmnics assigned to an AVS switch. Normal DVS works fine for those vmnics.
Conditions:
AVS is installed.
Workaround:
n/a
Further Problem Description:
|
|
Last Modified: | 13-FEB-2016 |
|
Known Affected Releases: | 1.2(0.92a) |
|
Known Fixed Releases: * | 1.2(1.122), 1.2(1.137), 2.0(0.154), 2.0(0.172) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy03328 | Title: | RADIUS and LOCAL User Accounts with Admin role cannot execute NXOS CMDs |
|
Status: | Open |
|
Severity: | 6 Enhancement |
Description: * | Symptom:
User is trying to execute NXOS CLI commands in ACI using a RADIUS or LOCAL user account
Conditions:
RADIUS Or Local User Account Configured with an Admin Role
Workaround:
Use the default admin user to issue NXOS CLI commands
Further Problem Description:
|
|
Last Modified: | 04-FEB-2016 |
|
Known Affected Releases: | 1.2(1k) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuy38914 | Title: | clear system internal epm endpoint key vrf <x> ip <x> fails in bash |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
Command does not work in iBash
Conditions:
Need to clear a specific endpoint
Workaround:
enter VSH and run the same command
Further Problem Description:
|
|
Last Modified: | 29-FEB-2016 |
|
Known Affected Releases: | 11.2(1m), 11.2(2e) |
|
Known Fixed Releases: * | 1.2(2.40) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuy11135 | Title: | MSFT SCVMM: IPAM does not support multiple SCVMM |
|
Status: | Open |
|
Severity: | 6 Enhancement |
Description: | Symptom:
Currently SCVMM static IP Pool implantation only supports one EPG, one SCVMM, 1:1 mapping.
When multiple SCVMMs are associated with EPG, either by associating one VMM domain with multiple SCVMM controllers, or by associating multiple VMM domains to one EPG, and when static IP pool is configured to the EPG subnet, the same IP pool is pushed to all the SCVMMs. Each SCVMM will have same IP pool in the same EPG network, and each SCVMM will assign IP independently, which cause duplicated IP in the same network.
Conditions:
Multiple SCVMMs are associated to one EPG,
EPG subnet has static IP pool configured.
Workaround:
When static IP pool is to be configured, only associate one SCVMM to the EPG.
Further Problem Description:
|
|
Last Modified: | 03-FEB-2016 |
|
Known Affected Releases: | 1.2(1.181c) |
|
Known Fixed Releases: | |
|
|
| |
:
没有评论:
发表评论