| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv06101 | Title: | Traffic loss seen with Multi-path for prefix with more than 4 paths |
|
Status: | Fixed |
|
Severity: | 1 Catastrophic |
Description: | Symptom:
Traffic loss seen with Multi-path for prefix with more than 4 paths
Conditions:
1.5.3.0
2. Tomahawk
3. BGP Multipath feature with more than 4 iBGP paths, where each BGP nexthop was reachable only through tunnels with no LDP configured.
Workaround:
No loss seen when path is less than 4
Further Problem Description:
Traffic loss seen with Multi-path for prefix with more than 4 paths
IXIA---LER---LSR---LSER--IXIA
IBGP neighbors across IXIA-LER - 200 Neighbors
prefix is advertised through 10 different neighbors with multi-path enabled.
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.0.FWDG |
|
Known Fixed Releases: * | 5.3.2.16i.BASE, 5.3.3.3i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv17023 | Title: | Upgrade to 6.0 fails as sysmgr dumps Kernel core due to syncctrl process |
|
Status: | Fixed |
|
Severity: | 1 Catastrophic |
Description: | Symptom:
Upgrade to 6.0 from 532 fails consistently due to syncctrl process.
Conditions:
This is sbeing observed with upgrade process.
Workaround:
None
Further Problem Description:
stopper.
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 6.0.0.BASE |
|
Known Fixed Releases: * | 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCun71928 | Title: | NP lockup causes ASR9000 Ethernet Line Card restart |
|
Status: | Fixed |
|
Severity: | 1 Catastrophic |
Description: * | Summary
A vulnerability in the parsing of malformed Internet Protocol version 6 (IPv6) packets in Cisco IOS XR Software for ASR 9000 Series Aggregation
Services Routers could allow an unauthenticated, remote attacker to cause a lockup and eventual reload of a Network Processor (NP) chip and a line
card processing traffic. Only Trident-based line cards on Cisco ASR 9000 Series Aggregation Services Routers are affected by this vulnerability.
The vulnerability is due to insufficient logic in parsing malformed IPv6 packets. An attacker could exploit this vulnerability by sending a stream of
malformed IPv6 packets to the affected device. An exploit could allow the attacker to cause a lockup and eventual reload of a NP chip and a line card,
leading to a denial of service (DoS) condition.
Cisco has released free software updates that address this vulnerability.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140611-ipv6
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are
7.1/5.9:
http://tools.cisco.com/security/center/cvssCalculator.x?vector=AV:N/AC:M/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C&version=2.0
CVE ID CVE-2014-2176 has been assigned to document this issue.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
When the box experiences NP lockup, it can sometimes be recovered by NP fast reset, but sometimes the system may have to reload the line card to
recover. Such reload action can be done by
system automatically.
The following logs may be present:
P/0/RSP0/CPU0:Feb 28 19:50:56.808 : ncd[308]: %OS-NCD-3-PAK_CSUM_ERR : Checksum failed on received packet; Pak:0xddc6f4f8
Length:1480 Offset:44 Computed Checksum:10782
RP/0/RSP1/CPU0:Feb 28 19:50:56.808 : ncd[308]: %OS-NCD-3-PAK_CSUM_ERR : Checksum failed on received packet; Pak:0xddc5a15c
Length:1480 Offset:44 Computed Checksum:40801
RP/0/RSP1/CPU0:Feb 28 19:50:56.860 : netio[310]: %OS-LPTS-3-ERR_BAD_LISTENER_TAG : bad listner tag detected on the packet, dropping
packet
LC/0/0/CPU0:Feb 28 19:50:59.661 : pfm_node_lc[267]: %PLATFORM-NP-0-TOP_INACTIVITY_WATCHDOG : Set|prm_server[159819]|Network
Processor Unit(0x1007004)| NP4 has locked up. This is a
fatal error, the only way to recover is to reboot the linecard.
Symptom:line card crash for NP lock up
P/0/RSP0/CPU0:Feb 28 19:50:56.808 : ncd[308]: %OS-NCD-3-PAK_CSUM_ERR : Checksum failed on received packet; Pak:0xddc6f4f8 Length:1480 Offset:44 Computed Checksum:10782
RP/0/RSP1/CPU0:Feb 28 19:50:56.808 : ncd[308]: %OS-NCD-3-PAK_CSUM_ERR : Checksum failed on received packet; Pak:0xddc5a15c Length:1480 Offset:44 Computed Checksum:40801
RP/0/RSP1/CPU0:Feb 28 19:50:56.860 : netio[310]: %OS-LPTS-3-ERR_BAD_LISTENER_TAG : bad listner tag detected on the packet, dropping packet
LC/0/0/CPU0:Feb 28 19:50:59.661 : pfm_node_lc[267]: %PLATFORM-NP-0-TOP_INACTIVITY_WATCHDOG : Set|prm_server[159819]|Network Processor Unit(0x1007004)| NP4 has locked up. This is a fatal error, the only way to recover is to reboot the linecard.
Conditions:found in normal use.
Workaround:None
More Info:When the box experiences NP lockup, it can sometimes be recovered by NP fast reset, but sometimes the system may have to reload the line card to
recover. Such reload action can be done by
system automa
|
|
Last Modified: | 11-AUG-2015 |
|
Known Affected Releases: | 4.1.1.LC, 4.3.1.LC, 4.3.4.LC |
|
Known Fixed Releases: | 4.3.2.SP3, 4.3.2.SP5, 4.3.2.SP6, 4.3.2.SP7, 4.3.2.SP8, 5.1.2.22i.BASE, 5.2.0.23i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCum26074 | Title: | for RPs, voltage, power & on-board temp sensors values are not available |
|
Status: | Fixed |
|
Severity: | 1 Catastrophic |
Description: | Symptom:
On IOS-XR These messages appear in the logs:
RP/0/RSP0/CPU0:Feb 16 03:47:45.287 : envmon[207]: %PLATFORM-ENVMON-2-FANTRAY_COMM_FAIL : Fan tray communication failure on slot 0/FT0/SP
RP/0/RSP0/CPU0:Feb 16 03:47:46.305 : envmon[207]: %PLATFORM-ENVMON-2-ENV_CONDITION : Outstanding environmental condition exists in the chassis
RP/0/RSP0/CPU0:Feb 16 03:47:57.287 : envmon[207]: %PLATFORM-ENVMON-2-FANTRAY_COMM_FAIL : Fan tray communication failure on slot 0/FT1/SP
RP/0/RSP0/CPU0:asr9k# show environment leds detail
Mon Feb 17 17:59:03.475 UTC
R/S/I Modules LED Status Alarm Reason
0/RSP0/*
host Critical-Alarm On FT comm. failure; < -------
host Major-Alarm Off ----
host Minor-Alarm Off ----
host ACO Off ----
host Fail Off ----
0/RSP1/*
host Critical-Alarm Off ----
host Major-Alarm Off ----
host Minor-Alarm Off ----
host ACO Off ----
host Fail Off ----
Conditions:
Running 4.3.x on any ASR9K router
Presence of any of these cards in the chassis could trigger this issue.
A9K-8T-B
A9K-8T-E
A9K-8T-L
A9K-16T/8-B
A9K-16T/8-E
A9K-16T/8-L
Workaround:
None
Further Problem Description:
|
|
Last Modified: | 19-AUG-2015 |
|
Known Affected Releases: | 4.3.4.ADMIN, 4.3.4.BASE, 5.2.0.BASE |
|
Known Fixed Releases: * | 4.3.4.SP1, 4.3.4.SP4, 4.3.4.SP5, 4.3.4.SP6, 4.3.4.SP7, 4.3.4.SP8, 5.1.1.20i.BASE, 5.1.11.16i.BASE, 5.1.2, 5.1.2.12i.BASE |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv77083 | Title: | [ci-msl] Continuous icpe_satmgr on active RSP duirng image boot |
|
Status: | Fixed |
|
Severity: | 1 Catastrophic |
Description: | Symptom:
icpe_satmgr process crashing on active rsp/rp
Conditions:
During image boot
Workaround:
None
Further Problem Description:
None
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 6.0.0.BASE |
|
Known Fixed Releases: | 6.0.0.11i.FWDG |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuw01521 | Title: | ASR9k : 5.3.1 : Bundle-ethernet flaps causes CEF corruption |
|
Status: | Open |
|
Severity: | 1 Catastrophic |
Description: | Symptom:
Customer is seeing packet loss in their core network between back to back ASR9k and packets are dropped in this NP counter RSV_DROP_IPV4_TXADJ_NO_MATCH.
Conditions:
If there is a link flap
Workaround:
if possible shut one of the member links in bundle ethernet to restore the traffic
Further Problem Description:
|
|
Last Modified: | 29-AUG-2015 |
|
Known Affected Releases: | 5.3.1.FWDG |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCun78145 | Title: | mlpp member links are not added proper for 35 ML Bundles |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
mlpp member links are not properly added
Conditions:
adding mlpp member links 1 to 9 to each bundle
Workaround:
NONE
Further Problem Description:
|
|
Last Modified: | 31-AUG-2015 |
|
Known Affected Releases: | 4.3.3.BASE, 5.2.0.BASE |
|
Known Fixed Releases: * | 5.1.2.SP3, 5.1.2.SP4, 5.1.3, 5.1.3.8i.FWDG, 5.1.4, 5.2.0, 5.2.0.25i.FWDG, 5.2.1, 5.2.2, 5.2.21 |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuw02428 | Title: | ASR9K: 5.3.2.22I BNG Bundle Interface Flap |
|
Status: | Open |
|
Severity: | 2 Severe |
Description: | Symptom:
ASR9006 is having 64K BNG sessions. As part of link failure testing BE2 is shutdown. It is noticed that BE1 interface is also flapping.
Conditions:
Hardware:
RP/0/RSP1/CPU0:AG2-1#sh platform
Mon Aug 31 11:55:29.888 IST
Node Type State Config State
-----------------------------------------------------------------------------
0/RSP0/CPU0 A9K-RSP440-SE(Standby) IOS XR RUN PWR,NSHUT,MON
0/RSP1/CPU0 A9K-RSP440-SE(Active) IOS XR RUN PWR,NSHUT,MON
0/0/CPU0 A9K-24x10GE-SE IOS XR RUN PWR,NSHUT,MON
Software: 5.3.2.22I
Environment: BFD, 64K BNG sessions
Trigger: shutdown bundle interface
Workaround:
None.
Further Problem Description:
|
|
Last Modified: | 31-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCue88528 | Title: | snmpd process hang every couple hours - Cisco IOS |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
snmpd process hangs and no response to mibs polling
Conditions:
It happens in normal condition when customer NMS keeps on polling in production network
Workaround:
To restart process snmpd
|
|
Last Modified: | 04-AUG-2015 |
|
Known Affected Releases: | 4.2.3.BASE, 4.3.0.BASE |
|
Known Fixed Releases: * | 4.3.1, 4.3.1.29i.BASE, 4.3.2, 4.3.2.14i.BASE, 4.3.3, 4.3.31, 4.3.4, 5.1.0, 5.1.0.8i.BASE, 5.1.1 |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv59698 | Title: | [nVSSU] 9000v traffic move to rack 1 takes more than 10 seconds |
|
Status: | Other |
|
Severity: | 2 Severe |
Description: | Symptom:
nVSSU switch phase's TCP move might take more than 10 seconds on atleast 1 satellite.
Conditions:
nVSSU switch script run on 5.3.2.18I
Workaround:
none
Further Problem Description:
|
|
Last Modified: | 04-AUG-2015 |
|
Known Affected Releases: | 5.3(2) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCun69806 | Title: | ISIS Hello is not sent out of Bundle Interface on Trident LC |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
ISIS Hello packets are not sent out of Bundle after neighbor router reload. In preroute inject code path, ISIS packets are dropped due to RESOLVE_EGR_LAG_NOT_LOCAL_DROP_CNT, due to which ISIS neighbors are not coming up.
Conditions:
ISIS over Bundle-ether interface.
Workaround:
Split the bundle out to separate interfaces and use ECMP.
Further Problem Description:
|
|
Last Modified: | 06-AUG-2015 |
|
Known Affected Releases: * | 5.2.0.BASE |
|
Known Fixed Releases: | 5.1.3.9i.BASE, 5.2.0.24i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCtr70936 | Title: | BFD label session flap when receive large mount of BFD label packets |
|
Status: | Terminated |
|
Severity: | 2 Severe |
Description: * | Symptoms:
BFD label session may flab upon receiving large amount of BFD labels at high rate
Conditions:
this happens only if the interface is mpls enabled
Workaround:
if possible disable mpls on the interface
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 3.3/3.1:
http://tools.cisco.com/security/center/cvssCalculator.x?vector=AV:A/AC:L/Au:N/C:N/I:N/A:P/E:F/RL:U/RC:C&version=2.0
No CVE ID has been assigned to this issue.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
|
|
Last Modified: | 06-AUG-2015 |
|
Known Affected Releases: | 4.2.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCtq56564 | Title: | PPP LCP negotiation fails as PPP is not receiving LCP frames from peers |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: * | <B>Symptom:</B>
After a bad packet is received, PPP starts dropping all packets - causing all PPP sessions to go down permanently.
<B>Conditions:</B>
This issue can be hit in release 3.9.x, 4.0.0, 4.0.1, 4.1.0 and 4.1.1.
It is fixed in 4.0.2,
4.1.2, 4.2.0 and all later releases.
The issue is triggered by PPP receiving a malformed packet. Once this packet is received, all subsequent packets are dropped by PPP - which will
cause PPP keepalives to time-out and all PPP sessions to be brought down permanently.
<B>Workaround:</B>
This issue should only be hit when badly formed PPP packets are received
- which could be due
to a HW issue; but could also be caused by the peer device sending bad packets. There is no way to prevent PPP from hitting the issue once the
bad packet has been received.
To recover from the issue, ppp_ma needs to be restarted by issuing the
command:
process restart ppp_ma location X
<B>Further Problem Description:</B>
To determine if this problem has been hit, look at 'show ppp trace unique location X'. If either of the following tracepoints appear
more recently than one saying 'PPP MA process is starting up', then the issue has been hit:
Oct 12 17:39:55.123 ppp/pkt/unq 0/1/CPU0 1# t2 Failed to read packet through SPIO:
'ctx' detected the 'fatal' condition 'Invalid offset argument specified'
Oct 19 00:18:32.323 ppp/pkt/unq 0/3/CPU0 1# t2 Packet from SPIO is too short
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 5/4.1:
http://tools.cisco.com/security/center/cvssCalculator.x?vector=AV:N/AC:L/Au:N/C:N/I:N/A:P/E:F/RL:OF/RC:C&version=2.0
CVE ID CVE-2012-5434 has been assigned to document this issue.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
|
|
Last Modified: | 06-AUG-2015 |
|
Known Affected Releases: | 3.9.0.BASE, 4.0.0.BASE, 4.1.0.BASE, 4.2.0.BASE |
|
Known Fixed Releases: * | 4.0.11.3i.FWDG, 4.0.4, 4.0.4.16i.FWDG, 4.1.2, 4.1.2.15i.FWDG, 4.2.0, 4.2.0.11i.FWDG, 4.2.1, 4.2.2, 4.2.3 |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu82092 | Title: | IPv6 ingress acl hits are ignored if there is a qos policy at ingress |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
IPv6 acl does not match traffic.
Conditions:
Scaled NP and
Interface has both qos and acl at ingress.
Workaround:
Remove the qos policy from interface.
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE, 6.0.0.BASE |
|
Known Fixed Releases: * | 5.3.2.14i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCug23739 | Title: | g_spa process crashed twice on SPA-1XCHOC48_DS3 |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | It was previously not reproducible.
Symptom:g_spa_ process sometimes restarts after a crash.
Conditions:Wrong config commit as below:
controller SONET0/0/0/0
description PROV IWEC 999999 ATI
sts 1
width 3
mode pos scramble
clock source internal
interface POS0/0/0/0
description PROV SVT Testing
ipv4 address 192.168.23.69 255.255.255.252
no shutdown
commit
Workaround:Problem is recoverable by itself, the same config commit should not be tried again.
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 4.3.0.BASE |
|
Known Fixed Releases: * | 5.3.1, 5.3.1.26i.BASE, 5.3.2.3i.BASE, 6.0.0.5i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv14560 | Title: | I/f shut down due to DIAG test failure, continued to be down after FO |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
Interfaces stay down after the switchover
Conditions:
All below conditions should match in same sequence.
1. Configure "admin fabric data-path toggle" to shutdown the ports when diagnostic test fails and to bring up the ports once test failure cleared.
2. Interfaces shutdown due to diagnostic test fail
3. Before test failure clears, switchover is performed (manually or automatically)
4. Interfaces continue to stay down
Workaround:
unshut the interfaces manually after switchover or reset the cards.
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 4.3.4.BASE |
|
Known Fixed Releases: * | 5.3.2.17i.BASE, 5.3.3.3i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCus96852 | Title: | Geo 531-17i: Accounting start/stop not sent after proc rst accting_ma |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
Some or All Accounting Records not sent after Geo-Redundancy Switchover.
Conditions:
1. Geo Redundancy Enabled subscriber session.
2. Geo Redundancy Switchover And
3. Restart of accounting_ma process after a Switchover (During the time in which the new master sends START records and the new slave sends STOP records).
Workaround:
Avoid Restart of accounting_ma during / immediately after a Geo-Redundancy switchover, until when all accounting records are sent
Avoid events leading to such restarts; for example addition of a new BNG smu with Geo-Redundancy subscriber sessions existing on the box (A Switchover can happen at any moment, for example if the access interface on master goes down).
Further Problem Description:
This scenario needs enhancement in BNG.
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.1.BASE, 5.3.2.BASE |
|
Known Fixed Releases: * | 5.3.2.12i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu60853 | Title: | NR-TE-NHID: pkt drop for ipv4 pref on TE tun with RSV_DROP_NHINDEX |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
Complete traffic loss after removing and adding mpls -traff-eng config for non-recursive ipv4 prefixes over TE tunnel
Conditions:
no mpls traff/ rollback
Workaround:
none
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: * | 5.3.2.12i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu76322 | Title: | %ROUTING-LDP-3-NSR_SYNC_PEER_OP_FAILED : Peer 0:0; operation='Peer |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: |
Symptom:LDP peer info fails to be synced to standby LDP process. The following log will come up repeatedly.
mpls_ldp[1053]: %ROUTING-LDP-3-NSR_SYNC_PEER_OP_FAILED : Peer 202.202.22.2:0; operation='Peer'; Failed to sync Peer, Peer already exists
Conditions:LDP NSR sync of peer fails after disabling and re-enabling of AFI. Impacts XR 5.3.0 and 5.3.1 releases.
Workaround:Restart standby LDP process
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: * | 5.3.2.13i.MPLS, 6.0.0.10i.MPLS |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu40272 | Title: | qos_ma process crash on all LC with Satellite interfaces - on RPFO |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
qos_ma process crash on all LC with Satellite interfaces - on RPFO
Conditions:
RPFO
Workaround:
Not needed
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: * | 5.3.2.12i.FWDG, 6.0.0.10i.FWDG |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu64342 | Title: | Tigershark CRC error seen with L2VPN xconnect line rate traffic |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
Following PFM log reporting CRC error on Fabric interface ASIC resulting some packet drops.
FABRIC-FIA-1-SUSTAINED_CRC_ERR : Set|fialc[159810]|0x1071001|Fabric interface ASIC-1 has sustained CRC errors
Conditions:
This issue is seen only in following condition so far.
Two ports in an xconnect group sending line rate traffic at 180byte.
Setup:
Ixia ????????? Port 0 [ ASR9K] Port 1 ????????? Ixia
Port0 and Port1 are in xconnect group
Traffic :
-180 byte unicast traffic
Steps:
- Continuously run bidirectional traffic between two ports and every one minute do a start and stop of traffic .
Workaround:
Issue is seen only at 100% of line rate, workaround would be operate < 100% of line rate.
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.1.BASE |
|
Known Fixed Releases: * | 5.3.2.13i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu74580 | Title: | Geo 532-9I:seeing dual partial-up on SLAVE with RPFOs |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | IPoE sessions are clearing after an RSP failover and all sessions must be re-established. This is due to missing data within the checkpoint database.
Symptom:RSP failover may trigger this issue.
Conditions:Workaround:None
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: * | 5.2.5.2i.FWDG, 5.3.2.14i.FWDG, 6.0.0.10i.FWDG |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv45919 | Title: | pfilter_ea process crash after applyin capture keyword to ACL |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
crash observed after applying capture key word in ipv6 access list.
Conditions:
1. Create 2 classic ACLs with the same acl-name, one v4 and another is v6.
2. Attach them to interface/s.
3. Edit the latter acl which was attached.
Workaround:
Do not have the same name for both v4 & v6 acl.
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 6.0.0.BASE |
|
Known Fixed Releases: * | 5.3.3.4i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCut12758 | Title: | SSTE: Observing prm_server_ty process crash after MPA oir |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
wdsysmon detects and reports a deadlock within the prm_server_ty process and
as a result it restarts the prm_server_ty process. An example of the deadlock report
that appears in the syslog is:
LC/0/2/CPU0:Mar 24 14:53:45 EST: wdsysmon[391]: DEADLOCK
LC/0/2/CPU0:Mar 24 14:53:45 EST: wdsysmon[391]: =============================
LC/0/2/CPU0:Mar 24 14:53:45 EST: wdsysmon[391]: node pid tid name STATE node pid tid name
LC/0/2/CPU0:Mar 24 14:53:45 EST: wdsysmon[391]: deadlock 1 num_entries 2-----------
LC/0/2/CPU0:Mar 24 14:53:45 EST: wdsysmon[391]: node0_2_CPU0 172114 1 prm_server_ty MUTEXnode0_2_CPU0 172114 23 prm_server_ty
LC/0/2/CPU0:Mar 24 14:53:45 EST: wdsysmon[391]: node0_2_CPU0 172114 23 prm_server_ty MUTEXnode0_2_CPU0 172114 1 prm_server_ty
LC/0/2/CPU0:Mar 24 14:53:45 EST: wdsysmon[391]: ============================
The process id (pid) and thread id (tid) values may vary.
Conditions:
A Modular Port Adapter (MPA) in a modular linecard on the ASR9000 has been
reloaded with either a physical online insertion and removal (OIR) or with by
way of the "hw-module subslot reload" command.
Workaround:
There is no workaround. The process recovers after it is restarted by wdsysmon.
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.1.BASE |
|
Known Fixed Releases: * | 5.3.2.12i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu93156 | Title: | ipv6 static routes over tunnel-te interfaces not installed |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
ASR9k running 5.3.0 code will experience some Ipv6 over Ipv4 packet drop
Conditions:
IPv6 static routes over Ipv4 TE tunnel forwarding chain corruption
Workaround:
no work around
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.1.0.BASE |
|
Known Fixed Releases: * | 5.3.2.15i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu81906 | Title: | WANPHY BER SD/SF is not working - Build 532 10i |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
Discrepency in the behaviour of WANPHY SD/SF - Build 532 10i
Conditions:
configured wanphy sd-ber to 8 and wanphy sf-ber to 4 on a Tomakawk Octane LC[with SR10 optics]. I have BIP B2 error from JDSU with a rate 1e-9. In ideal situation none of the alarms should appear as this is a out of boundary condition but I am observing both sf_ber and sd_ber errors on router.
Workaround:
None
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: * | 5.3.2.17i.BASE, 5.3.3.3i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv52132 | Title: | snmp may report wrong used/free address counter after modify daps config |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
after remove some address range command from one pool to another one.
snmp report wrong used/free address counter.
RP/1/RSP1/CPU0:BNG2#show pool ipv4
Mon Jul 20 15:58:05.436 HKT
Allocation Summary
---------------------------------------------------
Used: 10941
Excl: 0
Free: 3023
Total: 13964
Utilization: 78%
Pool Name Pool ID VRF Used Excl Free Total
----------- --------- --------- ------ ------ ------ -------
Tier2 2 default 350 0 282 632
pppoe-pool 3 default 10591 0 2741 13332 < --- here
Tonys-MacBook-Air:~ tony18mo$ snmpwalk -v 2c -c xxxx 202.175.100.16 1.3.6.1.4.1.9.9.748.1.2.2.1.10
SNMPv2-SMI::enterprises.9.9.748.1.2.2.1.10.0 = Gauge32: 0
SNMPv2-SMI::enterprises.9.9.748.1.2.2.1.10.1 = Gauge32: 1
SNMPv2-SMI::enterprises.9.9.748.1.2.2.1.10.2 = Gauge32: 350
SNMPv2-SMI::enterprises.9.9.748.1.2.2.1.10.3 = Gauge32: 14255 < --- here
Tonys-MacBook-Air:~ tony18mo$ snmpwalk -v 2c -c xxxxx 202.175.100.16 1.3.6.1.4.1.9.9.748.1.2.2.1.11
SNMPv2-SMI::enterprises.9.9.748.1.2.2.1.11.0 = Gauge32: 254
SNMPv2-SMI::enterprises.9.9.748.1.2.2.1.11.1 = Gauge32: 65533
SNMPv2-SMI::enterprises.9.9.748.1.2.2.1.11.2 = Gauge32: 282
SNMPv2-SMI::enterprises.9.9.748.1.2.2.1.11.3 = Gauge32: 4294966370 < -- here
Conditions:
Workaround:
restart daps process on active engine
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: * | 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCut14345 | Title: | prm_server_ty process restarted due to high CPU usage |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
The prm_server_ty process may be restarted due to a signal 30 or due to being declared a CPU hog. Here are examples:
wdsysmon[387]: Process prm_server_ty pid 176209 prio 12 using 26 percent is the top user of CPU
wdsysmon[387]: Process prm_server_ty pid 176209 tid 26 prio 12 using 26 percent is a CPU Hog and terminated
dumper[56]: %OS-DUMPER-7-DUMP_REQUEST : Dump request for process pkg/bin/prm_server_ty
Crashed pid:172114 (pkg/bin/prm_server_ty) Time:Tue Apr 21 12:50:30 2015
Thread:28 received signal:30 - SIGXCPU. Exceeded CPU limit. Sender:pkg/bin/wdsysmon pid:131122
The prm process should restart successfully, but there may be secondary issues such as interfaces not getting created.
Conditions:
This is a rare condition and is normally only seen immediately after the linecard boots up.
Workaround:
If the problem is seen and there are secondary issues such as interfaces not being created, reload the linecard.
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.1.BASE |
|
Known Fixed Releases: * | 5.3.2.16i.BASE, 5.3.3.3i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu67727 | Title: | Some PPPoE fragmented packets are dropped at bundle access interface |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
Fragmented packet towards PPPoE subscribers are dropped at bundle access interface.
Conditions:
Packet needs fragment towards PPPoE subscribers.
IPoE or non-BNG flows are not impacted.
Workaround:
None
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.0.BASE |
|
Known Fixed Releases: * | 5.3.2.14i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu84164 | Title: | SSTE: Observing mpls_ldp process crash with typhoon lc oir |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: |
Symptom:LDP crashed after IM server went down. IM server could go down due to IF mgr crash/restart.
Conditions:Issue impact XR 5.3.1 and 5.3.0 releases and only occurs if ipv6 interfaces are configured.
Workaround:None
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: * | 5.3.2.13i.MPLS, 6.0.0.10i.MPLS |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu62902 | Title: | DHCP relay fails after RSP switchover |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
DHCP relay and proxy with access interface as LC and server facing interface as bundle [RP based] drops server packets after redundancy switchover.
Conditions:
Access interface should be LC and server facing interface should be bundle
Workaround:
DHCP process restart will resolve the issue.
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.1.3.BASE |
|
Known Fixed Releases: * | 5.3.2.14i.FWDG, 6.0.0.10i.FWDG |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv17312 | Title: | [600]-L2fib_mgr process continuously restarts on Typhoon LC |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
L2fib_mgr process continuously restarts on Typhoon LC
Conditions:
In 600.5I Image, could see L2fib_mgr process continuously restarts on Typhoon LC after loaded image.
Workaround:
NA
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE, 6.0.0.BASE |
|
Known Fixed Releases: * | 5.3.2.17i.BASE, 5.3.3.3i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu82001 | Title: | FLEXR: xr vm on RSP is not spawned after fpd upgr reload - sdr_mgr recvr |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
xr vm on RSP is not spawned after fpd upgrade reload - sdr_mgr should have recovered from this error.
Conditions:
Executed "upgrade hw-module loc 0/RSP1 fpd IPU\ FPGA force" and "hw loc 0/RSP1 reload"
commands to do fpd upgrade on RSP.
Workaround:
Unknown
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 6.1.0.BASE |
|
Known Fixed Releases: * | 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu70915 | Title: | LER: ipv4 pkts drop on remote PE with RSV_DROP_MPLS_LEAF_NO_MATCH on FRR |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
ipv4 pkts drop on remote PE node on node FRR
Conditions:
Happens only if there are BGP recursive routes (global BGP only) going over an IGP route which has 64 ECMP tunnels, where all the 64 tunnels are going out of the same bundle interface. Node FRR was triggered by shutting down the bundle interface from the remote side. The issue is scale related and is likely to be seen with 64 tunnels going out of the same bundle interface.
Workaround:
Reducing the number of tunnels going out of the same bundle interface may help.
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: * | 5.3.2.15i.BASE, 5.3.3.3i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCts40811 | Title: | Input drops on Interfaces for DMAC not local |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
ASR9000 Ethernet and MgmtEth interfaces count input drops on the interface when a packet is received that has a Destination MAC (DMAC) that is not local to the router interface.
This causes unnecessary alarm for customer that see the packet as input drops on the interfaces.
This is a feature request to not count the drops as interface input drops.
If the interface is a L3 interface on a linecard the show controller np counters will count up L3_NOT_MYMAC.
If the interface is the MgmtEth interface there is not a similar counter and the drop is simply counted as as Input drop other (Not Input drop invalid DMAC) in the show controller output.
sh controller MgmtEth0/RSP0/CPU0/0 stats
Input drop overrun = 0
Input drop abort = 0
Input drop invalid VLAN = 0
Input drop invalid DMAC = 0
Input drop invalid encap = 0
Input drop other = 1949359
MgmtEth0/RSP0/CPU0/0 is up, line protocol is up
Interface state transitions: 1
Hardware is Management Ethernet, address is 0026.982f.2150 (bia 0026.982f.2150)
Internet address is omitted
MTU 1514 bytes, BW 100000 Kbit (Max: 100000 Kbit)
reliability 201/255, txload 0/255, rxload 3/255
Encapsulation ARPA,
Full-duplex, 100Mb/s, THD, link type is autonegotiation
output flow control is off, input flow control is off
loopback not set,
ARP type ARPA, ARP timeout 04:00:00
Last input 00:00:00, output 00:00:00
Last clearing of "show interface" counters never
5 minute input rate 1228000 bits/sec, 1303 packets/sec
5 minute output rate 1000 bits/sec, 1 packets/sec
1962580 packets input, 231110936 bytes, 1948839 total input drops
3508 drops for unrecognized upper-level protocol
Received 186 broadcast packets, 8226 multicast packets
0 runts, 0 giants, 0 throttles, 0 parity
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
4103 packets output, 438296 bytes, 0 total output drops
Output 30 broadcast packets, 0 multicast packets
0 output errors, 0 underruns, 0 applique, 0 resets
0 output buffer failures, 0 output buffers swapped out
1 carrier transitions
Conditions:
This is seen on ASR9000 router running all versions of IOS-XR
Workaround:
None
Further Problem Description:
|
|
Last Modified: | 10-AUG-2015 |
|
Known Affected Releases: | 4.1.0.BASE, 4.3.2.BASE |
|
Known Fixed Releases: * | 5.1.2, 5.1.2.18i.BASE, 5.1.3, 5.1.3.1i.BASE, 5.1.4, 5.2.0, 5.2.0.15i.BASE, 5.2.1, 5.2.2, 5.2.21 |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuo59052 | Title: | Cisco IOS XR Software DHCPv6 Denial Of Service Vulnerability |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: * | Symptoms:
Vulnerability in DHCPv6 code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a crash of the DHCPv6
server process on an affected device.
The vulnerability is due to incorrect handling of malformed DHCPv6 packets. An attacker could exploit this vulnerability by sending a malformed
DHCPv6 packet to an affected device configured with DHCPv6 server functionality. An exploit could allow the attacker to cause a crash of the
DHCPv6 process on an affected device.
Conditions:
Device configured as DHCPv6 server.
Workaround:
Further Problem Description:
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are
4.3/4.1:
http://tools.cisco.com/security/center/cvssCalculator.x?vector=AV:N/AC:M/Au:N/C:N/I:N/A:P/E:F/RL:U/RC:C&version=2.0
CVE ID CVE-2014-3343 has been assigned to document this issue.
Additional details about the vulnerability described here can be found at:
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3343
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
|
|
Last Modified: | 11-AUG-2015 |
|
Known Affected Releases: | 5.2.0.BASE |
|
Known Fixed Releases: | 5.1.2.SP3, 5.1.2.SP4, 5.2.2.17i.FWDG, 5.2.3.6i.FWDG, 5.3.0.1i.FWDG |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCur62957 | Title: | Cisco IOS XR Software BVI Routed Packet Denial of Service Vulnerability |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: * | Symptom:
A vulnerability in the packet-processing code of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers (ASR) could allow an unauthenticated, remote attacker to cause a lockup and eventual reload of a network processor chip and the line card that is processing traffic. Only Typhoon-based line cards on Cisco ASR 9000 Series Aggregation Services Routers are affected by this vulnerability.
The vulnerability is due to improper processing of packets that are routed via the bridge-group virtual interface (BVI) when any of the following features are configured: Unicast Reverse Path Forwarding (uRPF), policy-based routing (PBR), quality of service (QoS), or access control lists (ACLs). An attacker could exploit this vulnerability by sending IPv4 packets through an affected device that is configured to route them via the BVI interface. A successful exploit could allow the attacker to cause a lockup and eventual reload of a network processor chip and the line card that is processing traffic, leading to a denial of service (DoS) condition.
Cisco has released free software updates that address this vulnerability. There are no workarounds to address this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-iosxr
Conditions:
Please see the published Cisco Security Advisory.
Workaround:
Please see the published Cisco Security Advisory.
Further Problem Description:
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 7.1/5.9:
http://tools.cisco.com/security/center/cvssCalculator.x?vector=AV:N/AC:M/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C&version=2.0
CVE ID CVE-2015-0695 has been assigned to document this issue.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
|
|
Last Modified: | 11-AUG-2015 |
|
Known Affected Releases: | 4.3.1.BASE, 4.3.2.BASE, 4.3.4.BASE, 5.1.2.BASE, 5.1.3.BASE, 5.2.2.BASE, 5.3.2.BASE |
|
Known Fixed Releases: | 4.3.2.SP8, 4.3.4.SP7, 4.3.4.SP8, 5.1.3.SP4, 5.2.4.7i.BASE, 5.2.5.4i.BASE, 5.3.1.15i.BASE, 6.0.0.5i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuo68417 | Title: | Invalid IPv4/IPv6 packet punted for netflow processing causes NP lockup |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: * | Disable Netflow.
The following logs may be present on a device:
LC/0/4/CPU0:May 1 02:42:04.501 CET: prm_server_ty[300]: %PLATFORM-NP-4-FAULT : Fast Reset NP1 - successful auto-recovery of NP
LC/0/4/CPU0:May 1 02:42:04.501 CET: pfm_node_lc[290]: %PLATFORM-NP-2-NP_DIAG : Clear|prm_server_ty[168018]|Network Processor Unit(0x1008001)| NP
diagnostics warning on NP1.
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 6.1/5:
http://tools.cisco.com/security/center/cvssCalculator.x?vector=AV:A/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C&version=2.0
CVE ID CVE-2014-3322 has been assigned to document this issue.
Additional details about the vulnerability described here can be found at:
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3322
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
Symptom:
A vulnerability in the Netflow processing in Cisco IOS XR Software for ASR 9000 Series Aggregation Services Routers could allow an
unauthenticated, adjacent attacker to cause a lockup and eventual reload of a Network Processor (NP) chip and a line card processing traffic.
The vulnerability is due to improper Netflow sampling of malformed IPv4/IPv6 packets. An attacker could exploit this vulnerability by sending a
stream of malformed IPv4/IPv6 packets to be processed through an affected device. An exploit could allow the attacker to cause a lockup and
eventual reload of an NP chip and a line card, leading to a denial of service (DoS) condition.
Conditions:
Only Typhoon-based line cards on Cisco ASR 9000 Series Aggregation Services Routers are affected by this vulnerability.
Netflow sampling has be configured for this vulnerability to be exploited.
Workaround:
Disable Netflow.
The following logs may be present on a device:
LC/0/4/CPU0:May 1 02:42:04.501 CET: prm_server_ty[300]: %PLATFORM-NP-4-FAULT : Fast Reset NP1 - successful auto-recovery of NP
LC/0/4/CPU0:May 1 02:42:04.501 CET: pfm_node_lc[290]: %PLATFORM-NP-2-NP_DIAG : Clear|prm_server_ty[168018]|Network Processor Unit(0x1008001)| NP
diagnostics warning on NP1.
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 6.1/5:
http://tools.cisco.com/security/center/cvssCalculator.x?vector=AV:A/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C&version=2.0
CVE ID CVE-2014-3322 has been assigned to document this issue.
Additional details about the vulnerability described here can be found at:
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3322
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
Further Problem Description:
|
|
Last Modified: | 11-AUG-2015 |
|
Known Affected Releases: | 4.3.1.BASE, 4.3.4.BASE, 5.1.0.BASE |
|
Known Fixed Releases: | 4.3.4.SP3, 4.3.4.SP4, 4.3.4.SP5, 4.3.4.SP6, 4.3.4.SP7, 4.3.4.SP8, 5.1.3.13i.BASE, 5.2.0.29i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCup35657 | Title: | Object-group modification not being recognized by ACL |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: * | Symptom:
An ACL applied on interface is using object-group. The object-group is changed.
The change could be add new member, delete existing member.
The change was accepted by the system (no error). However, traffic filtering
does not behave correctly. It is as if the accepted change has never occurred.
Conditions:
The ACL has undergone multiple changes. There are multiple edits of object-group
that leads to one single most important trigger of this problem - the edit has
previously failed. In this customer's case, the object-group edit failed because
the resulting ACL requires more TCAM that the system could afford.
After the error, another object-group edit is accepted, and the problem occurs.
It must be noted that without any prior obj-group edit failure, this issue
cannot occur.
Workaround:
There's no reliable workaround. As stated in ''Conditions'' section, a prior
object-group edit failure is the primary trigger. There is not foolproof
way to guarantee obj-group edit will always succeed. The most common
error is TCAM resource exhausted, since a change in object-group members,
depending on how the object-group is used in ACL, could result in the
ACL to grow so significantly it no longer fits the TCAM.
Further Problem Description:
An object-group edit failure causes obj-mgr, processes handling object-group change,
to send roll-back request to all object-group users. The rollback is necessary
because multiple processes may be using object-group, while the edit fails in
one process, the same change may not fail in others. Thus rollback is an indication
for all processes to change what they have done, in order to restore system back
to original state (prior to the edit). There is a bug in the rollback processing
logic, that the rollback may not be handled. A fail-to-handle rollback means
stale info will be stuck in obj-group user processes (such as pfilter-ea, netio).
When next obj-group edit arrives, they conflict with the stale info left over
by previous failed roll-back, and the current edit would fail, too. Albeit
they failed at a location where the error wasn't properly propagated to
obj-mgr, thereby causing the system to believe the current edit is a success.
In reality, the current one also fails, but the change is not reflected in
the hardware.
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 1.5/1.2:
http://tools.cisco.com/security/center/cvssCalculator.x?vector=AV:L/AC:M/Au:S/C:P/I:N/A:N/E:F/RL:OF/RC:C&version=2.0
No CVE ID has been assigned to this issue.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
|
|
Last Modified: | 11-AUG-2015 |
|
Known Affected Releases: | 4.3.4.BASE |
|
Known Fixed Releases: | 5.1.3.18i.BASE, 5.1.3.18i.FWDG, 5.2.2.18i.BASE, 5.2.2.18i.FWDG, 5.2.3.6i.BASE, 5.2.3.6i.FWDG, 5.3.0.5i.BASE, 5.3.0.5i.FWDG |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCus53764 | Title: | ingress/egress stats not allocated for phy sub-interface |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
Ingress interface counters may not work intermittently.Ingress NP counters also may not increment for such interfaces.
Conditions:
This symptom is observed on asr9k subinterface where the interface itself is created
successfully but stats pointers are not allocated.
Workaround:
No workaround.
Further Problem Description:
|
|
Last Modified: | 13-AUG-2015 |
|
Known Affected Releases: * | 5.3.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv25714 | Title: | [SecGW] Segmentation fault during ikesa rekeying |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
Segmentation fault at ipsecmgr (ikev2_e_init_ikesa_rekey_migrate)
Conditions:
Segmentation fault at ipsecmgr during ikesa rekey processing of site to site tunnel.
Workaround:
No workaround
Further Problem Description:
|
|
Last Modified: | 14-AUG-2015 |
|
Known Affected Releases: | 18.2.M0.60312 |
|
Known Fixed Releases: * | 18.2.T0.60617, 18.3.0, 18.3.0.60819, 18.3.M0.60616, 19.0.M0.60623, 19.0.v0.60625, 19.1.A0.60626, 19.2.A0.60676, 20.0.M0.60661 |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv15306 | Title: | P2MP S2L branch BE OIF stop forwarding after MPA reload |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
When MPA (hosting more than 2 P2MP OIF BE interfaces) is reloaded
(or OIRed), some S2L OIFs stop to forward P2MP traffic.
This issue is common to vpls-lsm , static p2mp-te based mvpn, and
native IPv4 multicast over p2mp-te.
Conditions:
- Equal or More than 3 Bundle-Ether OIFs in FRR Ready State
- Each BE interface is hosted on 2 MOD LCs
- MPA is reloaded (physical OIR, module reload, or config shut / no shut)
- Version 5.3.1, 5.2.4, 5.2.2
Workaround:
Removing and adding "backup-path tunnel-te" (or "auto-tunnel backup") under
the affected BE interface (in mpls traffic-eng).
Further Problem Description:
During the P2MP traffic outage on the affected OIF BE(s), there is no NP drop counter increase.
|
|
Last Modified: | 16-AUG-2015 |
|
Known Affected Releases: | 5.3.1.FWDG |
|
Known Fixed Releases: * | 6.0.0.11i.MCAST |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu59848 | Title: | Should not attempt repairs for NP soft errors with invalid addresses |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: * | Symptom:
A Tomahawk class linecard may be unnecessarily reloaded due to a NP memory repair failure.
Conditions:
This problem will only occur when the address of the soft error is 0xffffffff and the action code is 0 (Fix). Here is an example:
LC/0/0/CPU0:May 28 17:11:00.185 : prm_server_ty[304]: %PLATFORM-NP-3-ECC : prm_ser_check: Unable to repair Parity error on NP 0, block 0x26 (TM_SC_L01), offset 3, memid 180, name PORT_CONFIG, addr 0xffffffff, bit 2147483648, ext info 0xffffffff 0xffffffff 0xffffffff 0xffffffff, action 0 (Fix)
LC/0/0/CPU0:May 28 17:11:00.191 : pfm_node_lc[293]: %PLATFORM-NP-0-NON_RECOVERABLE_SOFT_ERROR : Set|prm_server_ty[176209]|0x1008000| A non-recov
Workaround:
There is no workaround.
Further Problem Description:
This problem is specific to Tomahawk linecards.
|
|
Last Modified: | 17-AUG-2015 |
|
Known Affected Releases: * | 4.2.0.BASE, 4.3.0.BASE, 5.2.0.BASE, 5.3.0.BASE, 5.3.2.BASE |
|
Known Fixed Releases: | 5.3.2.11i.BASE, 6.0.0.5i.BASE |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv74321 | Title: | 9000v SAT - Memory Leak Observed |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
9000v SAT - Memory Leak Observed
Conditions:
Steady state ..
Workaround:
Not known
Further Problem Description:
|
|
Last Modified: | 17-AUG-2015 |
|
Known Affected Releases: | 5.3(2) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuh04823 | Title: | RSP redundency stuck at : Not NSR-Ready on cluster |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
BGP and IGP are down after a reload. Plus fiarsp process is stuck in exiting state.
Conditions:
Workaround:
None.
Only recovery. Please try one or the other.
1) process restart of fiarsp on active RSP
2) RSP switchover
Further Problem Description:
|
|
Last Modified: | 18-AUG-2015 |
|
Known Affected Releases: | 5.1.0.BASE, 5.1.0.ROUT |
|
Known Fixed Releases: | 5.1.0, 5.1.0.11i.BASE, 5.1.1, 5.1.11, 5.1.12, 5.1.2, 5.1.3, 5.1.4, 5.2.0, 5.2.1 |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv68388 | Title: | Ifo_ea crash & ICL Intf struck 'Discovery Stalled' after remove/add ICL |
|
Status: | Open |
|
Severity: | 2 Severe |
Description: | Symptom:
Ifo_ea crash & ICL Intf struck 'Discovery Stalled' after remove/add ICL
Conditions:
Could see Ifo_ea crash seen after add ICL bundle Member and Tengig ICL struck with 'Discovery Stalled'.
Workaround:
NA
Further Problem Description:
|
|
Last Modified: | 18-AUG-2015 |
|
Known Affected Releases: | 6.0.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv58464 | Title: | Process li_ea dumps core on SIP-700 Card non-stop with 6.0.0 9I |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: * | Symptom:
The symptom of the issue is continuous core dumps by li_ea process on the SIP 700 line card
Conditions:
The issue is seen after upgrading the node ti 600.9i image
Workaround:
shut down the process on the SIP 700 Linecard
process shutdown li_ea location
Can also optionally run
process mandatory off li_ea location
Further Problem Description:
none
|
|
Last Modified: | 19-AUG-2015 |
|
Known Affected Releases: | 6.0.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCun16919 | Title: | SSTE: Observing locald blocked on radiusd when testing radius client |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: |
Symptom:Users will not be able to log into the router if the router is stuck with locald blocked on radiusd/tacacs.
- Locald in blocked state.
- radius/tacacs will not be in locked state.
(if any of radius/tacacs is also in blocked state its is issue with radius/tacacsd)
Conditions:external AAA authentication/authorization/accounting is configured on box using radius/tacacs.
Workaround:
- Restart of locald.
- or restart radiusd/tacacsd (on which locald is blocked to release lwm connection)
More Info:
|
|
Last Modified: | 19-AUG-2015 |
|
Known Affected Releases: | 5.2.0.BASE |
|
Known Fixed Releases: * | 5.1.3, 5.1.4, 5.2.0, 5.2.0.15i.BASE, 5.2.1, 5.2.2, 5.2.21, 5.3.0, 5.3.1 |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv56865 | Title: | Native EVPN routes still advertised with "advertise l2vpn evpn disable" |
|
Status: | Open |
|
Severity: | 2 Severe |
Description: | Symptom:
BGP Native L2VPN EVPN routes are still being advertised even configure "advertise l2vpn evpn disable"
Conditions:
5.3.2
Workaround:
process restart bgp
Further Problem Description:
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 5.3.2.ROUT |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv56019 | Title: | bgp ipv6 nieghborship flap |
|
Status: | Terminated |
|
Severity: | 2 Severe |
Description: | Symptom:
IPv6 bgp peering flapping between neighbors.
H/W: ASR 9912
S/W: 5.3.2 EFT
This issue seen after upgrading image from 4.3.4 to 5.3.2 EFT.
Conditions:
H/W: ASR 9912
S/W: 5.3.2 EFT
IPv6 BGP flapping issue seen after upgrading image from 4.3.4 to 5.3.2 EFT.
Workaround:
None
Further Problem Description:
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 5.3.2.K9SEC |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv79831 | Title: | statsd_manager_g crash continuously |
|
Status: | Open |
|
Severity: | 2 Severe |
Description: | Symptom:
statsd_manager_g crash continuously
Conditions:
after upgrade to 4.3.1
Workaround:
n/a
Further Problem Description:
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 5.3.1.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv71945 | Title: | Lag over Lag Scale - Bundle Update leads to Ping / Data Plane Issue |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
Bundle Update leads to Ping / Data Plane Issue
Conditions:
Add of the Member to Bundle ICL , which triggers more than 64 Satellite interface updates
Workaround:
Shut / No shut of impacted interfaces
Further Problem Description:
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: | 5.3.2.21i.BASE, 5.3.3.6i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCug90300 | Title: | Handle VoQ build up towards severly congested fabric destination |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptoms: Traffic to uncogested destination/NP might suffer when FIA (Octopus) is also sending traffic to congested destination. (The congestion has be extermely severe and for prolonged time... transient congestions will not create this problem)
Condition : Ingress Octopus FIA pumps in traffic close to 30G towards congested destination (example: 30G towards a single 10G destination port). Another flow through same FIA is directed towards uncongested port. This flow can get impacted
workaround : none
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 4.2.3.BASE, 4.3.1.BASE, 4.3.2.BASE |
|
Known Fixed Releases: * | 4.3.2, 4.3.2.17i.BASE, 4.3.3, 4.3.31, 4.3.4, 5.1.0, 5.1.0.9i.BASE, 5.1.1, 5.1.11, 5.1.12 |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv35695 | Title: | PBB-EVPN ucode: egress false reflection filter possible for AApF |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:On ASR9K, PBB-EVPN AApF setup, edge to edge flooding traffic is dropped at egress core interface wrongly as "reflection filtered".
Conditions:Starting from release 4.3.4, PBB-EVPN AApF setup, if multiple
edge ports on the same NP, edge to edge flooding traffic may be dropped if the ESI number happens to be the same as the Dest XID.
Workaround:Moving the bundle for AApF to a different bundle id (for example, from bundle id 100 to 200).
More Info:The chance of this issue is very very small.
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 4.3.4.BASE, 5.3.2.BASE, 6.0.0.BASE |
|
Known Fixed Releases: | 5.3.2.18i.BASE, 5.3.3.3i.BASE, 6.0.0.9i.BASE |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuu37646 | Title: | LoL: Mcast IPv6 route not installed on one of the two LCs |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
Mcast IPv6 ingress/egress traffic drop on interface.
Conditions:
Its being observed for ipv6 mast traffic when some interface address configs triggers are done.
Workaround:
ipv6_mfwd_partner restart should recover the issue
Further Problem Description:
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 5.3.2.MCAST |
|
Known Fixed Releases: | 5.3.2.12i.MCAST, 6.0.0.10i.MCAST |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv70838 | Title: | SPAUI, CRC and PROT errors on asr9k 2x100G and 1x100G line card |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
SPAUI, CRC and PROT errors on fabric interface ASIC (FIA), reported on ingress direction (i.e. from network interfaces).
"show controllers fabric fia drops ingress location " shows the following drops:
From Spaui Drop-0 7954358
sp0 crc err 22561049
sp0 prot err 9336083
"sh controllers fabric fia instance stats location " show significantly more traffic on one interface:
From Line Interface[0] 0
From Line Interface[1] 46864767
Ingress drop: 55409586
Egress drop: 0
Total drop: 55409586k
If the over-subscription continues, MUX between the FIA and network processor NP may get stuck. In that case all packets received from the NP are dropped due to CRC and PROT errors.
Conditions:
Observed only on 2x100G and 1x100G ASR9000 linecards when a small number of high bandwidth flows is forwarded through the line card.
Workaround:
Workaround to prevent over-subscription: configure policer on upstream router to lower the ingress traffic below 100% of the line rate.
If the MUX gets stuck: reload the line card.
Further Problem Description:
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 5.1.3.BASE, 5.2.4.BASE, 5.3.1.BASE |
|
Known Fixed Releases: * | 5.3.2.21i.BASE, 5.3.3.6i.BASE |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCun93500 | Title: | PKI infra support for certificate retrieving/updating via HTTP URL |
|
Status: | Open |
|
Severity: | 2 Severe |
Description: | Symptom:
call-home requires to support 2 APIs for certificate retrieving/updating upon certificate expiration. Here are 2 APIs defined in pki_api.h:
cerrno PKI_trustpool_policy_bundle_set(char* url);
cerrno PKI_trustpool_import_bundle(uchar* url_in);
The second API requires to import the certificate via a given http url. It is currently implemented using SCEP, similar to authenticate ca. However it's found not working. Therefore we need other ways to support certificate updating from PKI infra.
Conditions:
When trying to connect to a server via call-home and https, and the call-home http destination does not contain tools.cisco.com, the connection fails because there are no certificates available. The attempt to download certificates fails.
Workaround:
N/A
Further Problem Description:
N/A
|
|
Last Modified: | 21-AUG-2015 |
|
Known Affected Releases: | 5.2.0.BASE, 5.4.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuu25888 | Title: | BGP sessions flapping during RSP FO due to stale nbr-reset post-it |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
BGP flaps are seen up on RSP FO
Conditions:
The Standby RP BGP has an extra NSR post-it that gets applied after the RPFO as part of BGP Go-Active
operation. Since, the post-it is for BGP Neighbor Reset as part of Address-family Activation, the neighbor
session flaps after RPFO. Show bgp neighbor nsr standby - will show any pending post-its.
Workaround:
After the neighbor session flaps, wait for at least 5mins before issuing RPFO. Make sure ?show bgp neighbor nsr standby? shows no pending post-its before RPFO.
Further Problem Description:
|
|
Last Modified: | 22-AUG-2015 |
|
Known Affected Releases: | 5.3.1.BASE, 5.3.2.BASE |
|
Known Fixed Releases: | 5.2.5.22i.ROUT, 5.3.2.8i.ROUT, 6.0.0.5i.ROUT |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv91009 | Title: | [600] ISIS crash seen, While executing "show isis neighbor" |
|
Status: | Other |
|
Severity: | 2 Severe |
Description: | Symptom:
ISIS Crash seen
Conditions:
While Checking show isis neighbor
Workaround:
NA
Further Problem Description:
|
|
Last Modified: | 24-AUG-2015 |
|
Known Affected Releases: | 6.0.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv29422 | Title: | ASR 5.2.4 HSRP standby sending wrong packet |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: * | Symptom:
The message on active HSRP can be seen received from standby running 5.2.4
hsrp[1085]: %IP-STANDBY-4-WARN_TRAFFIC_SLAVE : HSRP control packet received from on MGO slave group: TenGigE0_0_2_0.201 group 201
Actually the hsrp standby slave group would send continuous refresh with the source hsrp vmac, causing continuous mac move in L2 switch network, breaking connectivity for hosts.
Conditions:
Router running 5.2.4 configured with HSRP slave group:
router hsrp
interface TenGigE0/0/2/0.2
hsrp bfd minimum-interval 100
hsrp bfd multiplier 8
hsrp delay minimum 5 reload 90
address-family ipv4
hsrp 2 version 2
name HSRP-Te0-2-1
preempt
priority 80
address 1.1.1.1
track TenGigE0/0/2/0.101 25
bfd fast-detect
!
!
!
interface TenGigE0/0/2/0.200
address-family ipv4
hsrp 200 slave
follow HSRP-Te0-2-1
address 2.2.2.2
Workaround:
none
Further Problem Description:
|
|
Last Modified: | 27-AUG-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | 6.0.0.11i.FWDG |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv54174 | Title: | Better handling of shmwin_open_win_v1 failure needed |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
Continuous process restart of PTP MA process.
Conditions:
Is a consequence of shared memory corruption following CSCuu03588.
Workaround:
Reload location (RP/linecard) on which MA is running.
|
|
Last Modified: | 27-AUG-2015 |
|
Known Affected Releases: | 4.3.4.BASE, 6.0.0.BASE |
|
Known Fixed Releases: | 5.3.2.20i.BASE, 5.3.3.6i.BASE, 6.0.0.11i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv40170 | Title: | [533]-Ipv4 BFD Sessions are not coming Up on Satellite Sub-Intf with Vrf |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
Ipv4 BFD Sessions are not coming Up on Satellite Sub-Intf with Vrf
Conditions:
Could see Ipv4 BFD Sessions are not coming Up on Satellite Sub-Intf with Vrf. Issue is not able to reproduce manually, But it seems to be reproducible with sequential triggers with BFD which almost takes 2 hours. And the workaround seems to be a reload after which the BFD came up fine.
Workaround:
After LC(Bfd multipath LC) Reload BFD Sessions came up fine.
Further Problem Description:
|
|
Last Modified: | 27-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE, 5.3.3.BASE |
|
Known Fixed Releases: * | 5.3.2.18i.BASE, 5.3.3.3i.BASE, 6.0.0.12i.BASE |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv90670 | Title: | show_logging process crash upon "show log" command |
|
Status: | Open |
|
Severity: | 2 Severe |
Description: | Symptom:
show log hangs without any output and generates coredump.
The dynamic process show_logging is seen as "stopped" when "show process " is executed.
Conditions:
Workaround:
NA
Further Problem Description:
|
|
Last Modified: | 28-AUG-2015 |
|
Known Affected Releases: | 5.3.1.ROUT |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv27439 | Title: | Cluster - unequal load balancing in IRLs |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
In some scenarios the IRLs in a cluster will not balance the traffic evenly between the members.
Conditions:
We have seen the issue when the number of IRLs is greater than or equal to 8 links.
Workaround:
The command "cef load-balancing algorithm adjust" does not influence IRLs balancing algorithm. The only workaround is to reduce traffic using the IRLs by activating locality in bundles or locality for ECMP enabled in version 5.2.2 and later versions.
Further Problem Description:
|
|
Last Modified: | 28-AUG-2015 |
|
Known Affected Releases: | 5.1.3.BASE |
|
Known Fixed Releases: * | 5.3.3.7i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCud73451 | Title: | Single bit ECC errors in NP instruction memory not repaired correctly |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: * | Symptom:
A single bit ECC error in NP instruction memory may not be repaired properly.
Conditions:
Single bit ECC errors are reported rarely. To determine whether an error has been detected, the 'show controller np soft-errors' CLI command may be used or the PRM NP error log may be checked using the 'show prm server trace error' command.
Workaround:
To ensure the error is fixed properly, the linecard should be reset after a single bit ECC error is reported in NP instruction memory.
|
|
Last Modified: | 28-AUG-2015 |
|
Known Affected Releases: | 4.3.0.BASE |
|
Known Fixed Releases: | 4.3.1, 4.3.1.19i.BASE, 4.3.2, 4.3.2.3i.BASE, 4.3.3, 4.3.31, 4.3.4, 5.1.0, 5.1.0.3i.BASE, 5.1.1 |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv68407 | Title: | [600]-Commit failed while configuring VRRP Config on Satellite Intf |
|
Status: | Other |
|
Severity: | 2 Severe |
Description: | Symptom:
Commit failed while configuring VRRP Config on Satellite Intf
Conditions:
Could see commit failed after configuring VRRP Config on Satellite Intf. And could notice that vrrp process continuously restarts on RSP.
Workaround:
NA
Further Problem Description:
|
|
Last Modified: | 28-AUG-2015 |
|
Known Affected Releases: | 6.0.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv80034 | Title: | FIB_FEATURE_IF_TYPE_IPV4_ALL_INTF_INFO - NP resource exhausted. |
|
Status: | Open |
|
Severity: | 2 Severe |
Description: | Symptom:
line card hit NP resource leaking, finally prm_server can detect NP Resouce exhausted.
LC/0/3/CPU0:Mar 20 01:11:50.809 : ipv4_io[236]: %IP-IP_EA-3-PLATFORM_UPDATE_BULK : Platform update failed for 36 interface: FIB_FEATURE_IF_TYPE_IPV4_ALL_INTF_INFO - 'prm_server' detected the 'warning' condition 'NP resource exhausted.'
On NP counter we can see the folloing exceptional counter.
70 INTR_FRAME_TYPE_0 1 0
245 PARSE_UNKNOWN_INTERRUPT_RCVD 1 0
Conditions:
TBD
Workaround:
TBD, but line card reload can recover this problem.
Further Problem Description:
n/a
|
|
Last Modified: | 28-AUG-2015 |
|
Known Affected Releases: | 5.1.3.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv99997 | Title: | 600 Continuous fib_mgr traceback seen in thor LC, After SR_TE config. |
|
Status: | Open |
|
Severity: | 2 Severe |
Description: | Symptom:
fib_mgr traceback seen
Conditions:
After configure the segment routing TE.
Workaround:
NA
Further Problem Description:
|
|
Last Modified: | 30-AUG-2015 |
|
Known Affected Releases: | 6.0.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv74257 | Title: | SSTE: pifibm_server_lc crash @ pifibm_pifib_init on Tomhawk LC |
|
Status: | Terminated |
|
Severity: | 2 Severe |
Description: | Observing pifibm_server_lc crash @ pifibm_pifib_init on Tomhawk LC
Symptom:
pifibm_server_lc crash was seen while running an automation script on 532.19I. The automation script involved reloading the process on A9K-8X100GE-L-SE ( Tomhawk )
Conditions:
NA
Workaround:
Further Problem Description:
|
|
Last Modified: | 31-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuw01943 | Title: | MCast Condition causes intf structure to be programmed with null data |
|
Status: | Open |
|
Severity: | 2 Severe |
Description: | Symptom:
Multicast channels freezing on the receiver
Conditions:
Needs BVI, Multicast and a probe.
Workaround:
Clear mfib database location x/x/x
Further Problem Description:
|
|
Last Modified: | 31-AUG-2015 |
|
Known Affected Releases: | 5.1.3.MCAST |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuo10444 | Title: | sysdb_mc process memory leaking |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
sysdb_mc process memory leaking, which cause memory fragmentation in sysdb_mc process memory space.
Big buffer allocation will fail due to memory fragmentation.
RP/0/RSP0/CPU0:Apr 3 10:41:20.194 : sysdb_mc[416]: %SYSDB-SYSDB-3-MEMORY : malloc of 34329876 bytes failed : pkg/bin/sysdb_mc : (PID=200799) : -Traceback= 422200a 8212abe 8212a66 820fd15 4221edc 8279010
Conditions:
When a configuration commit contains error, the commit is aborted and leave some sysdb internal memory buffer not freed.
Workaround:
"process restart sysdb_mc" can recover this problem.
Further Problem Description:
|
|
Last Modified: | 31-AUG-2015 |
|
Known Affected Releases: | 4.2.3.BASE |
|
Known Fixed Releases: * | 5.1.3, 5.1.3.5i.BASE, 5.1.4, 5.2.0, 5.2.0.22i.BASE, 5.2.1, 5.2.2, 5.2.21, 5.3.0, 5.3.1 |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv99543 | Title: | 600 Nsr not ready due to te_control central-services Standby not connect |
|
Status: | Open |
|
Severity: | 2 Severe |
Description: * | Symptom:
Nsr not ready
Conditions:
While removing the SR_TE config, central-services group went to ?Not NSR-Ready
Workaround:
NA
Further Problem Description:
|
|
Last Modified: | 31-AUG-2015 |
|
Known Affected Releases: | 6.0.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu76647 | Title: | FD leak in sysmgr for placed |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
sysmgr process retarted by wdsysmon due to a high file descriptor usage:
Jun 4 22:08:35.067 10.74.245.41 1314323: RP/0/RSP0/CPU0:Jun 4 22:08:35.060 : wdsysmon[450]: %HA-HA_WD-3-FD_CRIT_LIM : Process sysmgr, pid 1005330497 is using 952 file descriptors out of a max of 1000. Critical limit (95%) crossed.
Conditions:
ASR9k running 5.1.3 with OSPF instability, to the point of causing:
Jun 4 22:07:44.995 10.74.245.41 1314264: RP/0/RSP1/CPU0:Jun 4 22:07:44.910 : ospf[1018]: %ROUTING-OSPF-5-HA_NOTICE_START : Starting OSPF
Jun 4 22:07:45.007 10.74.245.41 1314265: RP/0/RSP0/CPU0:Jun 4 22:07:44.910 : ospf[1018]: %ROUTING-OSPF-5-HA_NOTICE_START : Starting OSPF
Workaround:
None, process restart has no impact on traffic forwarding
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.1.3.BASE |
|
Known Fixed Releases: * | 5.2.5.3i.BASE, 5.3.2.17i.BASE, 5.3.3.3i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu32537 | Title: | NG ISSU(525): ARP replay issue with clients during NG ISSU |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Active HSRP doesn't send GARP during RPSO
Conditions:
RPSO (RP switchover)
Workaround:
NA
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: * | 5.2.5.10i.FWDG, 5.3.2.17i.FWDG, 5.3.3.3i.FWDG, 6.0.0.10i.FWDG |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu49731 | Title: | SSTE: bfd_agent duplicate register to sysdb_svr_local at sysdb restart |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Error message may show when sysdb_sver_local process restarted on LC.
sysdb_svr_local[354]: %SYSDB-SYSDB-7-INFO : client 'bfd_agent' attempted duplicate registration for 'oper/ip_bfd/node/801/bfd-hw-offload/' from active node: rc 0x0 (No error)
Conditions:
Workaround:
process restart bfd_agent
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.1.BASE |
|
Known Fixed Releases: * | 5.3.2.12i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu87403 | Title: | %DIAG-DIAG-3-GOLDXR_FAIL : EOBC heartbeat test: bad nodeid in msg |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
online diag test eobc heartbeat test msg on console
Conditions:
asr9k router running 532 interim image
Workaround:
none
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE, 6.0.0.BASE |
|
Known Fixed Releases: * | 5.3.2.14i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv20767 | Title: | v6LER Need support for delayed bckwalk for v6 thread & FRR cleanup delay |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
v6LER Need support for delayed bckwalk for v6 thread & FRR cleanup delay. Seeing large pkt loss on head node when bundle FRR
Conditions:
TE FRR with V6 LER
Workaround:
NOne
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: * | 5.3.2.17i.FWDG, 5.3.3.3i.FWDG, 6.0.0.10i.FWDG |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu59231 | Title: | 5.3.2_Sureshot with MPA_Traps Issue:Improper trap message sequence |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Improper traps for MPA is received after shut/no shut of the Linecard.
Conditions:
Configuring admin shut or admin no shut for the linecard. MPA removal.
Workaround:
None.
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: * | 5.3.2.17i.BASE, 5.3.3.3i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCut88291 | Title: | MACL:stats read error seen while executing ACL show command |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
The following error may be reported when running a ''show access-list" CLI command:
LC/0/5/CPU0:Apr 7 08:40:02.652 : pfilter_ea[285]: %PKT_INFRA-FEA_DLL-3-STATS_ERR : STATS stats read error: 'prm_server' detected the 'resource not available' condition 'NP api return error'
Conditions:
This is only seen intermittently on Tomahawk linecards with a heavy traffic load.
Workaround:
Retry the command. There are no functional side effects.
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: * | 5.3.2.12i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu68189 | Title: | SSTE: invmgr PLATFORM-INV-7-SYSDB_ERR : sysdb_bind failed sysdb restart |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:Following message may be printed in syslog after sysdb_mc restart
invmgr[255]: %PLATFORM-INV-7-SYSDB_ERR : sysdb_bind failed, reason: 'sysdb' detected the 'try again' condition 'Couldn't create connection to SysDB or an EDM'
The sysdb_bind did success after multiple retry and there's no functional impact.
Conditions:
Workaround:No functional impact. Sysdb bind successfully after retry.
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.1.BASE |
|
Known Fixed Releases: * | 5.3.2.12i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu31813 | Title: | Cliffjumper: OTN mode alarm polling needs to be optimized |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
lda_server take more CPU time when ports in OTN mode
Conditions:
All 20 ports in OTN mode
Workaround:
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: * | 5.3.2.17i.BASE, 5.3.3.3i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu80612 | Title: | [532]-Line protocol not down after configuring capabilities-conflict efd |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Line protocols is not going to down after configuring action capabilities-conflict efd
Conditions:
After configuring action capabilities-conflict efd, intf needs to down but its still in UP state.
Workaround:
NA
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.2.CE |
|
Known Fixed Releases: * | 5.3.2.13i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv18400 | Title: | A9K-2x100GE link stay down due to PCS Lane Mapping invalid in LR4 V2 CFP |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
When link down occurs due to invalid "PCS Lane Mapping", sometimes link does not go up
Conditions:
The issue is seen when port receives two wave length signals of upto 50 msec during optical layer switchover from active to backup path.
IOS XR 5.1.2, 5.2.2
Workaround:
The issue is seen when port receives two wave length signals of upto 50 msec during optical layer switchover from active to backup path.
IOS XR 5.1.2, 5.2.2
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: * | 5.3.2.17i.BASE, 5.3.3.3i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu97228 | Title: | Cluster:IF-MIB:ifOperStatus incorrect after reload with SMU CSCut11994 |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
On ASR9k cluster, ifOperStatus can be report link down after reload although nv edge control port is up
Conditions:
Workaround:
process restart mibd_interface
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.1.3.BASE |
|
Known Fixed Releases: * | 5.3.2.15i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu74903 | Title: | show bundle status returns error when BE are perfectly sane |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Error is seen in show bundle status
RP/1/RSP0/CPU0:BNG2#show bundle status
Mon Jun 8 11:46:04.973 HKT
Checking configuration...
Cross checking configuration with bundle database..........................OK
Checking configuration setup...............................................OK
Checking configuration result................................................OK
-------------------------------------------------------------------------------
Checking operational state...
Checking local system operation............................................OK
Checking for mLACP inconsistencies.........................................OK
Checking mLACP operation...................................................OK
Checking protect database..................................................OK
INFO: 1 bundle shutdown, 5 up
Process Node Result
------------------- ---------- --------------------------------------------
bundlemgr_distrib 1/RSP0/CPU 1 info
Checking operational state result............................................OK
-------------------------------------------------------------------------------
Checking secondary processes...
Checking BMA processes.....................................................OK
Checking BME processes.....................................................OK
Checking BML processes.....................................................OK
Checking secondary processes result..........................................OK
-------------------------------------------------------------------------------
Checking for unfinished operations...
Checking for BMD operations...
1 operation in progress for > 10 mins
(longest: 2 days 18 hrs)
Checking for BMD operations result......................................ERROR
Checking for BME operations................................................OK
Checking for BML operations................................................OK
Process Node Result
------------------- ---------- --------------------------------------------
bundlemgr_distrib 0/RSP1/CPU 1 error
Checking for unfinished operations result.................................ERROR
-------------------------------------------------------------------------------
Checking for unexpected events...
Checking for LACP events...................................................OK
Checking for mLACP events..................................................OK
Checking for unexpected events result........................................OK
-------------------------------------------------------------------------------
Overall result............................................................ERROR
Conditions:
At the time of the process started on standby card
Workaround:
This error message is seen at all times, but it only indicates there is a pending process on the standby RP, no functionality impact.
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: * | 5.3.2.13i.FWDG, 6.0.0.10i.FWDG |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu50733 | Title: | Typhoon P2MP FRR unnecessary traffic drop on existing p2mp S2L |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
When P2MP-TE FRR kicks in by link down, P2MP traffic on the
existing S2L Sub-LSP branches (with no topology change) suffers
from traffic drop.
Typically traffic drop of the existing S2L Sub-LSPs is order of milliseconds.
When P2MP FRR Ready state is first created for existing S2L Sup-LSPs,
the p2mp traffic going through these Sub-LSPs is affected with packet drop
(smaller relative to link down case).
Conditions:
P2MP-TE FRR is used on typhoon based line cards.
The issue occurs on ASR9K which is acting as:
- Head-End
- Mid-Point
- Bud
The problem is common to features which uses P2MP-TE,
i.e. VPLS-LSM, P2MP-TE based MVPN, Native Multicast over P2MP-TE.
Workaround:
None
Further Problem Description:
When frr is not enabled for P2MP, link down of one S2L Sub-LSP
does not affect the traffic being switched on other S2L Sub-LSPs .
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.1.FWDG |
|
Known Fixed Releases: * | 5.3.2.15i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu50503 | Title: | firmware_manager process aborts/respwans |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
firware_manager process aborts/respawns on upgrade/LC reload
Conditions:
asr9k router running 532 interim image
Workaround:
none
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: * | 5.3.2.12i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu27847 | Title: | CDP Process Crash on LC seen while removing / adding CDP on the Node |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
CDP Process Crash on LC seen while removing / adding CDP on the Node
Conditions:
Removing the CDP Config globally on the Router
Workaround:
Not Needed , the Process recovers on its own.
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.1.BASE |
|
Known Fixed Releases: * | 5.3.2.12i.FWDG, 6.0.0.10i.FWDG |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCut56161 | Title: | VSM OVA package is failing to install due to TFTP communication failure |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
VSM .OVA package is failing to install. Every time VM is generating error that failed to install due to TFTP failure.
Conditions:
Problem is observed with control-plane => Management Plane configuration enabled.
Workaround:
Disable control plane configuration is helping to resolve the issue.
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.0.BASE |
|
Known Fixed Releases: * | 5.3.2.13i.FWDG, 6.0.0.10i.FWDG |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu64661 | Title: | I/F doesn't become UP after no-shut, in not receiving RFI |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Interface remains down after a series of interface shut/no shut on both ends of a link.
Conditions:
1. far end 3 vendor doesnt send RFI when receiving LOS;
2. shutdown far end interface and ASR9k port; no shut far end first, then no shut asr9k; asr9k interface remains down.
Workaround:
shut down and then no shut on the far end.
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.1.LC |
|
Known Fixed Releases: * | 5.3.2.13i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv08481 | Title: | Mismatch b/w the traces & alarm reporting on doing optics[sr10] oir |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Mismatch b/w the traces & alarm reporting on optics[sr10] oir - 532 11i
Conditions:
Did a SR10 optics OIR on 8x100 OTN LC[ARR9K router] with 532 11i build with port having sd/sf error condition.
Workaround:
None
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: * | 5.3.2.17i.BASE, 5.3.3.3i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu66618 | Title: | 100GB LC - Bridge "NP Err1 Cnt" stat shows incorrect value |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
A cosmetic error is seen in the output of "show controller fabric fia bridge stats location" for the counter "NP Err1 Cnt". The counter is not accurate and shows incorrect number of packets dropped.
Conditions:
This affects LCs A9K-1X100GB and A9K-2X100GB LCs.
Workaround:
None
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.1.3.BASE |
|
Known Fixed Releases: * | 5.3.2.12i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu64368 | Title: | "show tech-support lpts" crashes Tomahawk LC. |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
"show tech-support lpts" CLI leads to crahses NP on Tomahawkas.
Conditions:
Tomahawk Linecard has some traffic. and execute "show tech lpts"
Workaround:
Don't execute "show tech-support lpts"
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.1.BASE |
|
Known Fixed Releases: * | 5.3.2.12i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu43048 | Title: | udld_daemon process crash @ udldd_db_port_set_name |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
The udld_daemon process may abnormally terminate when the user performs the following sequence:
- Breakout an interface configured for UDLD
- Remove breakout config
- Re-apply breakout config
Conditions:
This issue affects the 5.3.1 ASR9K release if the user is running UDLD on an interface on which they:
1. Add breakout config
2. Remove the breakout config
3. Re-add the breakout config.
The abnormal termination happens at step 3. After abnormal termination the system recovers without any traffic impact.
Workaround:
The system recovers automatically following the re-addition of breakout config. The user could work around this problem by removing UDLD configuration before removing breakout configuration at step 2.
Further Problem Description:
This issue has only been seen at large scale, where the configuration delete on breakout removal takes long enough to result in the interface being removed by G-Ether before the UDLD process has had its configuration removed. This may indicate a wider problem with configuration deletes being too slow that should be taken up with the config manager team.
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.1.CE, 5.3.2.CE |
|
Known Fixed Releases: * | 5.3.2.12i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu76967 | Title: | CoS value isn't copied into the dot1q header when packet is fragmented |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
CoS in the dot1q header is incorrectly setted in fragmented packets
Conditions:
Packets need to be fragmented at the egress LC
The output interface requires a dot1q encap.
Workaround:
Avoid fragmentation
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 4.3.4.LC |
|
Known Fixed Releases: * | 5.3.2.14i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu76866 | Title: | debug subscriber manager session with filter-id does not work |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Debug command 'debug subscriber manager session next-subscriber filter-id mac-address xxxx.xxxx.xxxx' does not generate any logs
Conditions:
None. All the time the command does not generate any log
Workaround:
debug command without filter id can be used:
"debug subscriber manager session all"
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.1.3.TOOLS |
|
Known Fixed Releases: * | 5.3.2.14i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv02562 | Title: | DICL:Do shut on Bundle, potential ICLs should go admin up on SAT. |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Dynamic ICL:: In Dual Home topology which is having 2 ICL bundles, the corresponding access ports are not moving to Admin Up, if shutting one bundle ICL.
Conditions:
1) Configure Dual home with 2 bundle interfaces on each host with one member port in each bundle.
2) Check whether all access ports are in Admin down state.
3) Shut one bundle interface in Active host and observe the access ports state corresponding to the bundle.
Workaround:
none
Further Problem Description:
|
|
Last Modified: | 08-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE, 6.0.0.BASE |
|
Known Fixed Releases: * | 5.3.2.20i.FWDG, 6.0.0.10i.FWDG |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv54038 | Title: | [513] Some sessions are stuck in disconnecting even after CSCul82895 |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
sessions are stuck with "SvcAcct-Final>StatsD" in Pending Callbacks (sh subs sess all det inter)
Conditions:
generally seen with high churn of sessions with large number of services enabled with interim accountin
Workaround:
not available
Further Problem Description:
|
|
Last Modified: | 08-AUG-2015 |
|
Known Affected Releases: | 5.3.2.ROUT |
|
Known Fixed Releases: * | 5.3.2.20i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuj51517 | Title: | envmon:Voltage Alarm:sensor VP1P0_SAC0_VDDD_VDDACM msg seen on reload |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
PLATFORM-ENVMON voltage alarm may be triggered and subsequently cleared. Messages similar to those shown below may appear in syslog:
RP/0/RSP0/CPU0:Nov 3 21:19:45.038 : envmon[206]: %PLATFORM-ENVMON-4-CARD_VOLTAGE_ALARM : Voltage sensor alarm slot 0/RSP1/CPU0, sensor VP1P8_10GPHY_LDO measured 1199 mV and out of operational range 1747 - 1853 mV
RP/0/RSP0/CPU0:Nov 3 21:19:45.039 : eem_ed_hardware[189]: Messge received content : Event 4 NodeId: 0x51 Threshold CARD_VOLTAGE_ALARM Info Sensor: VP1P8_10GPHY_LDO Val: Severity 0x8 Frutype 0x8 Alarm_raised 1 Alarm_type 2
RP/0/RSP0/CPU0:Nov 3 21:19:45.764 : envmon[206]: %PLATFORM-ENVMON-2-ENV_CONDITION : Outstanding environmental condition exists in the chassis
RP/0/RSP0/CPU0:Nov 3 21:30:41.053 : envmon[206]: %PLATFORM-ENVMON-4-CARD_VOLTAGE_ALARM_CLEAR : Voltage sensor alarm cleared slot 0/RSP1/CPU0, sensor VP1P8_10GPHY_LDO measured 1800 mV and returned to operational range
RP/0/RSP0/CPU0:Nov 3 21:30:41.053 : eem_ed_hardware[189]: Messge received content : Event 4 NodeId: 0x51 Threshold CARD_VOLTAGE_ALARM Info Sensor: VP1P8_10GPHY_LDO Val: Severity 0x8 Frutype 0x8 Alarm_raised 0 Alarm_type 2
RP/0/RSP0/CPU0:Nov 3 21:30:41.768 : envmon[206]: %PLATFORM-ENVMON-2-ENV_CONDITION : Outstanding environmental condition cleared in the chassis
Conditions:
This issue was seen on an ASR9k running IOS XR 4.3.1. However, other XR platforms and versions may also be affected.
Workaround:
Not needed. It is a cosmetic issue and it appears to have no operational impact.
Further Problem Description:
|
|
Last Modified: | 10-AUG-2015 |
|
Known Affected Releases: | 4.3.4.BASE |
|
Known Fixed Releases: * | 4.3.4, 4.3.4.10i.BASE, 5.1.1, 5.1.1.15i.BASE, 5.1.11, 5.1.12, 5.1.2, 5.1.2.7i.BASE, 5.1.3, 5.1.4 |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu95938 | Title: | Filtered Netflow records captured during mis configuration case |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: * | Symptom:
Flow Filter Records are captured during Misconfiguration case
Conditions:
Apply sample netflow after normal netflow
Workaround:
fresh apply of filtered netflow
Further Problem Description:
|
|
Last Modified: | 12-AUG-2015 |
|
Known Affected Releases: | 6.0.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCut93205 | Title: | edm path unregistration failure on LC admin shut |
|
Status: * | Other |
|
Severity: | 3 Moderate |
Description: | Symptom:
edm path underegistration message seen upon lc reload but admin shut
Conditions:
asr9k router running 531 interim image
Workaround:
none
Further Problem Description:
|
|
Last Modified: | 12-AUG-2015 |
|
Known Affected Releases: | 5.3.1.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCus93246 | Title: | MPP checks to be skipped for Auto IP image download for nV Satellites |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
This is an enhancement request to automatically create an IFIB entry allowing TFTP over the satellite ICL interface.
Conditions:
Without any MPP configuration on the nV Host, the functionality works without issues
Only when user configured MPP is applied, extra configuration is needed to allow tftp over satellite ICL
Workaround:
If MPP is in use, user needs to additional configuration to allow tftp explicitly over satellite ICL interfaces
Further Problem Description:
|
|
Last Modified: | 13-AUG-2015 |
|
Known Affected Releases: | 5.1.3.BASE |
|
Known Fixed Releases: * | 5.3.2.19i.BASE, 5.3.3.5i.FWDG |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv27376 | Title: | Add a malloc_opts API to control malloc arena truncation behavior |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
This ddts is to introduce malloc_opt MALLOC_SHRINK_OPTION to control this behavior - thus, applications not using the MALLOC_SHRINK_OPTION will see the previous behavior of shrinking to a minimal size, applications using MALLOC_SHRINK_OPTION will see the new behavior of only shrinking to the size set by MALLOC_ARENA_SIZE
Conditions:
Workaround:
Further Problem Description:
|
|
Last Modified: | 13-AUG-2015 |
|
Known Affected Releases: | 6.0.0.BASE |
|
Known Fixed Releases: * | 5.3.2.19i.BASE, 5.3.3.5i.BASE, 6.0.0.8i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu88250 | Title: | igmpsn process crashes upon receiving some igmp packets |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
ASR9K 5.1.3 observing igmpsn process crash at random interval
while in igmpv3 version, there are v3 report include/exclude and v2 join/leave packets for same group/ source. igmp snooping process might crash when sending proxy reports.
Conditions:
in igmp snooping v3 mode.
received v3 report include/exclude mode report and v2 join/leave packets in same group/source.
Workaround:
None
Further Problem Description:
None
|
|
Last Modified: | 13-AUG-2015 |
|
Known Affected Releases: | 5.1.3.BASE |
|
Known Fixed Releases: * | 5.3.2.18i.FWDG, 5.3.2.18i.MCAST, 5.3.3.3i.FWDG, 5.3.3.3i.MCAST, 6.0.0.11i.FWDG, 6.0.0.11i.MCAST |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv70539 | Title: | Smaller packets are getting dropped at Line rate in tomahawk otn card |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
Smaller packets are getting dropped before NP on forty gig interfaces in PCS mode in Tomahawk 8 port octane OTN cards
Conditions:
Smaller packets are getting dropped before NP on forty gig interfaces in PCS mode in Tomahawk 8 port octane OTN cards with line rate traffic
Workaround:
Nil
Further Problem Description:
|
|
Last Modified: | 17-AUG-2015 |
|
Known Affected Releases: | 6.0.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCtw59002 | Title: | te_control process fail to allocate memory for 'Pulse handler' |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
The ROUTING-IGPTE_LIB-4-CLIENT_ERR_MEM_ALLOC message below has kept being generated after the ASR9K run for 3 days.
te_control[1045]: %ROUTING-IGPTE_LIB-4-CLIENT_ERR_MEM_ALLOC : Failed to allocate 524288 bytes for 'Pulse handler'
After the message above stopped being generated, the ROUTING-IGPTE_LIB-4-ERR_MEM_ALLOC below started being generated.
ospf[1011]: %ROUTING-IGPTE_LIB-4-ERR_MEM_ALLOC : Failed to allocate 524312 bytes for 'IGPTE buff'
Then, the following messages showed up and tunnel-te intarfaces went down.
ospf[1011]: %ROUTING-OSPF-3-ERR_RESOURCE_ALLOC : No memory could be allocated for the resource, allocating RIB batching buffer
ospf[1011]: %ROUTING-OSPF-2-ERR_MEM_ALLOC : No memory, RIB batch buffer, process terminated
We have traffic impact,
Conditions:
With configuration to disable the backup promotion (mpls traffic-eng fast-reroute promotion 0), a mgd_timer leak is triggered by IGP LSA updates. The customer (due to a RT issue ?) testbed was seeing LSA updates every 5 seconds. Processing the LSA updates causes a large buffer (for IPC) to be allocated/freed. When let run for a couple days, the frequent alloc/free of large IPC buffer, intermixed with timer leak, caused the heap to become fragmented, such that the alloc of the IPC buffer started to fail.
Workaround:
Remove the configuration to disable backup promototion.
eg. (conf) no mpls traffic-eng fast-reroute promotion 0
|
|
Last Modified: | 17-AUG-2015 |
|
Known Affected Releases: | 4.1.1.BASE, 4.1.1.MPLS |
|
Known Fixed Releases: * | 4.2.1, 4.2.1.12i.MPLS, 4.2.2, 4.2.3, 4.2.4, 4.3.0, 4.3.0.1i.MPLS, 4.3.1, 4.3.2, 4.3.3 |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv72923 | Title: | CISCO-CLASS-BASED-QOS-MIB::cbQosTSCfgRate Fails with SNMP polling |
|
Status: | Other |
|
Severity: | 3 Moderate |
Description: | Symptom:
The symptom of the issue is few oid's are returning values outside the acceptable value.
Conditions:
The issue is seen under normal traffic conditions with snmp poll
Workaround:
none
Further Problem Description:
none
|
|
Last Modified: | 19-AUG-2015 |
|
Known Affected Releases: | 6.0.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv61876 | Title: | iedged is not responding to sysdb |
|
Status: | Other |
|
Severity: | 3 Moderate |
Description: | Symptom:
the error messages:
RP/0/RSP1/CPU0:Jul 29 07:38:15.758 : sysdb_svr_local[429]: %SYSDB-SYSDB-6-TIMEOUT_EDM : EDM request for 'oper/iedge/session/node/11/session/session' from 'show_iedge_subscriber' (jid 65901, node 0/RSP1/CPU0). No response from 'iedged' (jid 251, node 0/RSP1/CPU0) within the timeout period (100 seconds)
RP/0/RSP1/CPU0:Jul 29 07:38:39.168 : sysdb_svr_local[429]: %SYSDB-SYSDB-6-TIMEOUT_EDM : EDM request for 'oper/iedge/session/node/11/session/session-summary' from 'show_iedge_subscriber' (jid 65901, node 0/RSP1/CPU0). No response from 'iedged' (jid 251, node 0/RSP1/CPU0) within the timeout period (100 seconds)
Conditions:
this happens in IPoE setup
Workaround:
n/a
Further Problem Description:
To recover this is by RSP switchover
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 5.1.1.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv58250 | Title: | S2S Tunnel : IPSEC SA Rekey-ed after Previous SA Expiry |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
WHen this happens, the S2S tunnel line protocol goes down and also brings down the connectivity through that tunnel. The Tunnel, however, comes up in a few seconds.
Conditions:
This behavior was observed when the ISAKMP peers had different lifetimes configured. One of the peers had a very low lifetime compared to the other peer. However, the problem was not reproducible consistently with the same different life time configurations.
Workaround:
The work around is to configure matching life times on both the ISAKMP peers and the problem goes away.
Further Problem Description:
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 5.3.2.K9SEC |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCur69220 | Title: | [531.4I]:UI run for SAT-scripts caused "show nv satellite stat" to stuck |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: |
Symptom:
The process icpe_satmgr does not answer EDM requests (for example when running the nv satellite show commands)
Conditions:
Version: 5.3.0
If the user has configured more than one redundancy group to nV satellite. (Note that this is an unsupported scenario in 5.3.0)
Workaround:
Only have one set of redundancy group configuration associated with nV Satellite.
Further Problem Description:
Recovery is to process restart icpe_satmgr.
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 5.3.1.BASE |
|
Known Fixed Releases: | 5.2.4.2i.FWDG, 5.3.1.7i.FWDG, 6.0.0.5i.FWDG |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv55551 | Title: | FLEXR: DIE_FIA minor alarm is seen when RSP is booting up |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
DIE_FIA minor alarm is seen
Conditions:
RSP is booting up.
Workaround:
Unknown.
Further Problem Description:
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 6.1.0.BASE |
|
Known Fixed Releases: | 6.0.0.11i.BASE |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuh92766 | Title: | CFMD process shutdown for some time and restart keeps MEP state as down |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
On a Cisco IOS XR router with Ethernet CFM configuration, a local MEP which is configured on a (sub-)interface may incorrectly show the interface state as down. This can be seen when querying CFM local MEP operational state, either by the CLI (e.g. show ethernet cfm local meps) or XML.
Conditions:
The symptom is only seen when there is Ethernet CFM configuration, with at least one local MEP configured on a (sub-)interface, on which the following sequence of events occurs:
- The state of the interface is down
- The CFM-D process is forcefully shut down (e.g. process shutdown cfmd)
- While CFM-D is shut down, the interface state transitions to Up
- The CFM-D process is started again (e.g. process start cfmd)
Workaround:
A workaround is not usually required, as the CFM-D process should not need to be forcefully shutdown, and so the conditions won't have been fulfilled.
Otherwise the interface state can be resynchronized by bringing the interface down, and back up.
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 5.1.1.CE |
|
Known Fixed Releases: | 5.1.1, 5.1.11, 5.1.11.4i.BASE, 5.1.12, 5.1.2, 5.1.2.1i.BASE, 5.1.3, 5.1.4, 5.2.0, 5.2.0.7i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv55587 | Title: | Log message is not showing serial number after CPAK removal |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
100GE CPACK OIR
Logs messages are not showing CPAK serial number after removing the CPAK.
RP/0/RSP1/CPU0:PHLASR2#LC/0/7/CPU0:Jul 29 15:35:11.403 : inv_agent[217]: %PLATFORM-INV_AGENT-6-CPAK_OIROUT : CPAK OIR: 0/7/CPU0/0 Sn: is removed, state: 0
LC/0/7/CPU0:Jul 29 15:35:11.504 : ifmgr[209]: %PKT_INFRA-LINK-3-UPDOWN : Interface HundredGigE0/7/0/0, changed state to Down
LC/0/7/CPU0:Jul 29 15:35:11.504 : ifmgr[209]: %PKT_INFRA-LINEPROTO-5-UPDOWN : Line protocol on Interface HundredGigE0/7/0/0, changed state to Down
Conditions:
every time
Workaround:
None
Further Problem Description:
RP/0/RSP1/CPU0:PHLASR2#LC/0/7/CPU0:Jul 29 15:35:11.403 : inv_agent[217]: %PLATFORM-INV_AGENT-6-CPAK_OIROUT : CPAK OIR: 0/7/CPU0/0 Sn: is removed, state: 0
LC/0/7/CPU0:Jul 29 15:35:11.504 : ifmgr[209]: %PKT_INFRA-LINK-3-UPDOWN : Interface HundredGigE0/7/0/0, changed state to Down
LC/0/7/CPU0:Jul 29 15:35:11.504 : ifmgr[209]: %PKT_INFRA-LINEPROTO-5-UPDOWN : Line protocol on Interface HundredGigE0/7/0/0, changed state to Down
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 5.3.2.MGBL |
|
Known Fixed Releases: * | 5.3.2.20i.BASE, 5.3.3.6i.BASE |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv64094 | Title: | eXR: Need to disable "CBC upgrade in progress" trace msgs in syslog |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
"CBC upgrade in progress" trace msgs are seen in syslog.
Conditions:
Do CBC fpd upgrade from Cal VM CLI.
Workaround:
Unknown.
Further Problem Description:
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 6.1.0.BASE |
|
Known Fixed Releases: | 6.0.0.11i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCut59078 | Title: | parser_server crash when using tab-key or help ? in "interface-range" |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
parser_server crash seen when using tab key or help ? in interface-range CLI
Conditions:
parser_server crash seen when using tab key or help ? in interface-range CLI
Workaround:
N/A
Further Problem Description:
N/A
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE, 6.0.0.BASE |
|
Known Fixed Releases: * | 5.3.2.21i.BASE, 5.3.3.6i.BASE |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuu65667 | Title: | eem-server crash at object_hash_unlock after LC OIR |
|
Status: | Other |
|
Severity: | 3 Moderate |
Description: | Symptom:
eem-server crashed after LC OIR and router reload
Conditions:
hit this issue after LC OIR and router reload. 100%. Reproducible
Workaround:
no
Further Problem Description:
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 6.0.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv33855 | Title: | FLEXR: "ERROR: Failed to get location info" is seen in show tech envmon |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
"ERROR: Failed to get location info" is seen in executing "show tech envmon".
Conditions:
Execute "show tech envmon" command on an ASR9K router running 6.0.0.X13 / EFR-00000308492 image.
Workaround:
Unknown.
Further Problem Description:
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 6.1.0.BASE |
|
Known Fixed Releases: | 6.0.0.9i.BASE |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv63121 | Title: | P2MP traffic drop 30 seconds @RSV_DROP_MPLS_NRLDI_NO_MATCH after RPFO |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
P2MP outgoing traffic drop 30 seconds @RSV_DROP_MPLS_NRLDI_NO_MATCH on egress LC after RPFO
Conditions:
This problem happens when two neighbor routers has no LDP NSR, only has LDP GR.
Workaround:
Enable LDP NSR on two neighbor routers
Further Problem Description:
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 5.3.2.FWDG |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuu95618 | Title: | 532: Tunnel still exists on slave after it got cleared on master. |
|
Status: | Terminated |
|
Severity: | 3 Moderate |
Description: | Symptom:
Configure timeout no-user never under l2tp-class on both master and slave.After SRG SW, on new master tried to remove tunnel on new master but Tunnel exists on new slave even after it got cleared on master.
Conditions:
timeout no-user never under l2tp-class
SRG Switchover
Workaround:
none
Further Problem Description:
none
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE, 5.3.3.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv48938 | Title: | FLEXR: Debug messages are seen when executing "sh tech alarm_mgr" |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Debug messages are seen when executing "sh tech alarm_mgr"
Conditions:
Execute "sh tech alarm_mgr" command.
Workaround:
Unknown.
Further Problem Description:
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 6.1.0.BASE |
|
Known Fixed Releases: | 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv68401 | Title: | Admin show environment table missing RSI of 9000v satellites |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Show environment table doesn't display entry for all the Satellite
Conditions:
Show environment table doesn't display entry for all the Satellite
Workaround:
None
Further Problem Description:
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: * | 5.3.2.21i.BASE, 5.3.3.6i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuj38996 | Title: | Slow memory leak on mibd_infra while polling ciscoRttMonMIB |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:Slow memory leak is observed while polling ciscoRttMonMIB
Conditions:ASR9000 platform running 4.2.3 release
Workaround:Try restarting mibd_infra as a temporary workaround if mibd_infra is holding too much memory causing timeouts for ciscoRttMonMIB.
|
|
Last Modified: | 21-AUG-2015 |
|
Known Affected Releases: | 4.2.3.BASE |
|
Known Fixed Releases: * | 5.1.1, 5.1.1.13i.MGBL, 5.1.11, 5.1.11.8i.MGBL, 5.1.12, 5.1.2, 5.1.2.5i.MGBL, 5.1.3, 5.1.4, 5.2.0 |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv12271 | Title: | ASR-9K A9K-8X100GE-L-SE TOMAHAWK IPv6 packets cant have MTU above 1518 |
|
Status: * | Terminated |
|
Severity: | 3 Moderate |
Description: | Symptom:
ASR-9K A9K-8X100GE-L-SE TOMAHAWK IPv6 packets cant have MTU above 1518
Conditions:
IPv6 Packets with MTU > 1518
Workaround:
Use MTU <= 1518
Further Problem Description:
|
|
Last Modified: | 21-AUG-2015 |
|
Known Affected Releases: | 5.3.2.MPLS |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv88552 | Title: | vic - OS-DATACORRUPTION-1-DATAINCONSISTENCY : copy error |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
You may see below traceback while configuring a OTN/FEC on an wanphy interface for the first time.
Conditions:
WANPHY configuration for first time.
Workaround:
Once configured and "copy error" with traceback generated, can configure successfully on subsequent config attempts.
Further Problem Description:
Reproducibility (%): we do every time on fresh wanphy controller never configured before.
|
|
Last Modified: | 21-AUG-2015 |
|
Known Affected Releases: | 5.1.3.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv58704 | Title: | fib_mgr traceback |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
LC/0/0/CPU0:Jun 18 12:57:32.746 : fib_mgr[181]: %ROUTING-FIB-3-PD_FAIL : FIB platform error: fib_leaf_ldi_lw_platform_update 587: PD action MODIFY failed for lw_ldi 0x883af578 flags 0x2000. Shared LDI 0x8825d7a8 num_slots 1 num_buckets 1 depth 1 ldi type 3 ldi protocol ipv4 flags 0x2010101 pfx 199.30.187.156/32 : 0x16 Invalid argument : pkg/bin/fib_mgr : (PID=450664) : -Traceback= 40050e40 4006089c 400620c4 4003d76c 40129c40 4012cf0c 4012ed90 4008ec48 40091ffc 400a05d8 400a1cb8 4d4d3624 4b2970dc 4b295010 400005ac 40014164
Conditions:
running 5.1.3
Workaround:
n/a
Further Problem Description:
n/a
|
|
Last Modified: | 23-AUG-2015 |
|
Known Affected Releases: | 5.1.3.ROUT |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu31580 | Title: | Typhoon parity errors in TM_SC_L01 PORT_CONFIG mem should be correctable |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: * | Symptom:
A Typhoon linecard is reloaded due to a non-recoverable error in TM_SC_L01 PORT_CONFIG memory. Here is an example of the error message:
prm_server_ty[303]: %PLATFORM-NP-3-ECC : prm_ser_check: Parity error detected: NP 4, block 0x26 (TM_SC_L01), offset 3, memid 180, name PORT_CONFIG, addr 0x00000011, bit 2147483648, ext info 0xffffffff 0xffffffff 0xffffffff 0xffffffff, action 2 (Reset)
pfm_node_lc[292]: %PLATFORM-NP-0-NON_RECOVERABLE_SOFT_ERROR : Set|prm_server_ty[172114]|0x1008004| A non-recoverable soft error has been detected on NP4. The linecard will be rebooted.
Conditions:
There is no particular trigger for this problem, but it is extremely rare. This problem is specific to Typhoon series linecards and the asr9001 chassis since it also uses Typhoon NPs.
Workaround:
There is no workaround, the linecard will be automatically reloaded after the problem occurs.
Further Problem Description:
This type of error should be correctable. If this type of error occurs when running an image with the fix for this bug, the memory will be corrected and the linecard will not be reloaded.
|
|
Last Modified: | 24-AUG-2015 |
|
Known Affected Releases: | 4.2.0.BASE, 4.3.0.BASE, 5.1.1.BASE, 5.2.2.BASE, 5.3.0.BASE, 5.3.1.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv68252 | Title: | eXR: "show context" picks up old crash info - 6.0.0.X13 image |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
"show context" picks up old crash info
Conditions:
Execute "reload admin loc 0/0" command to trigger a process crash.
Workaround:
Unknown.
Further Problem Description:
|
|
Last Modified: | 24-AUG-2015 |
|
Known Affected Releases: | 6.1.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv80364 | Title: | ASR9k nV Edge Cluster, long convergence times with primary DSC failure |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: * | Symptom:
Long convergence times with primary DSC failure
Conditions:
Power off chassis which has primary DSC, will result in convergence times around ~8 mins
Workaround:
None
Further Problem Description:
From attached topology issue seen is for the traffic stream that originates from the IXIA port connected to Gig0/2 on CE26, then takes Gig0/1.400 comes out on Gig200/0/0/1.400 on cluster PE2 (PE53-54). Before the chassis(PE53) failure, this stream then takes Ten0/0/0/0.22 to CE23 where it comes in on Gig0/1.22. The stream then exits CE23 through Gig0/0 back to the IXIA.
After the chassis (PE53 which has primary DSC) failure, the link between CE26 and PE1's satellite 9000V stays up because the satellite is connected to both chassis in the cluster but Ten0/0/0/0, which would have been the egress interface from PE2 (PE53) to CE23, is now down. PE2 should still have a route to CE23 (the .12 sub interface on cluster 1 PE51-52) which is learned from EIGRP and redistributed into BGP, but PE2 isn't learning this route as quickly as we would expect after its EIGRP route is lost and so the stream gets black holed until it does.
Cluster PE2 (PE53-54) as the more specific route 10.100.4.0/24 (CE23 to IXIA) is lost which is connected to Te0/0/0/0.22, it then holds onto EIGRP summary NULL route and takes around ~8mins to with draw the route from route-table and update with more specific BGP route coming from cluster 1.
|
|
Last Modified: | 24-AUG-2015 |
|
Known Affected Releases: | 5.2.4.ROUT |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv66096 | Title: | eXR: calvados_login_shell_ crash in is_valid_tty - 6.0.0.10I image |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
calvados_login_shell_ crash in is_valid_tty
Conditions:
Upgrading fpd versions followed by executing "reload rack 0".
Workaround:
Unknown.
Further Problem Description:
|
|
Last Modified: | 25-AUG-2015 |
|
Known Affected Releases: | 6.1.0.BASE |
|
Known Fixed Releases: * | 6.0.0.12i.BASE |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv94150 | Title: | eXR: No warning / log messages for interrupion in fpd upgrade |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
No warning / log messages for interrupion in fpd upgrade
Conditions:
When fpd upgrade is in progress, trigger reload on the board / power cycle on the router.
Workaround:
Unknown.
Further Problem Description:
|
|
Last Modified: | 26-AUG-2015 |
|
Known Affected Releases: | 6.1.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu06295 | Title: | Console log "PLATFORM-AHCI-2-DEV_HD0_NOT_RESPONDING" happens |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:Appears to be memory access issue for the VSM card.
Conditions:Logs will keep appearing on console continuously
Workaround:1. Try restarting process "process restart devb-ahci location "
2. OIR VSM card and re-insert properly,
3. if error still persists, move VSM card to different slots.
More Info:
|
|
Last Modified: | 26-AUG-2015 |
|
Known Affected Releases: | 5.3.1.BASE |
|
Known Fixed Releases: * | 5.3.2.18i.BASE, 5.3.3.3i.BASE, 6.0.0.12i.BASE |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv55794 | Title: | FLEXR: spp core file is not saved after the process crashes |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
spp core file is not saved.
Conditions:
Trigger a spp process crash.
Workaround:
Unknown.
Further Problem Description:
|
|
Last Modified: | 27-AUG-2015 |
|
Known Affected Releases: | 6.1.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv94847 | Title: | Output interface is showing as zero at ingress direction |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
Output interface showing zero.
Conditions:
at ingress direction in mpls setup
Workaround:
Further Problem Description:
|
|
Last Modified: | 27-AUG-2015 |
|
Known Affected Releases: | 6.0.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuu85841 | Title: | remove edit-config on ip-pfilter-cfg failed |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptoms:
configuration in ip-pfilter component cannot be removed using Netconf
Conditions:
Configuration
ipv6 access-list IPv6-Traffic-To-EHD
10 remark
20 permit pcp any any
!
ipv6 access-list IPv6-Traffic-to-DMZ
10 permit ipv6 any any
!
ipv4 access-list IPv4-Traffic-To-EHD
1 deny udp any any
!
interface Bundle-Ether61
ipv6 access-group IPv6-Traffic-to-DMZ egress
!
interface Bundle-Ether62
ipv4 access-group IPv4-Traffic-To-EHD egress
ipv6 access-group IPv6-Traffic-To-EHD egress
!
interface Bundle-Ether71
ipv6 access-group IPv6-Traffic-to-DMZ egress
!
interface Bundle-Ether72
ipv4 access-group IPv4-Traffic-To-EHD egress
ipv6 access-group IPv6-Traffic-To-EHD egress
!
Problem Frequency
Always
Workaround:
Use CLI to delete the configuration
|
|
Last Modified: | 27-AUG-2015 |
|
Known Affected Releases: | 5.3.2.MGBL |
|
Known Fixed Releases: | 6.0.0.12i.MGBL |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv82913 | Title: * | [533 BNG] Stale Framed Routes post session torn-down |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
State routes in BNG after session removal
Conditions:
Added route by Framed-Route Radius attribute
Workaround:
Remove Framed-Route from user profile.
Further Problem Description:
Some of static routes added by Framed-Route RADIUS attribute fails to remove even after session gone down in subscriber churn.
|
|
Last Modified: | 27-AUG-2015 |
|
Known Affected Releases: | 5.3.3.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv58672 | Title: | IPv6 ACL Crash, process is not configured or running. |
|
Status: | Other |
|
Severity: | 3 Moderate |
Description: | Symptom:
IPv6 ACL Process crash
Conditions:
IPv6 ACLs are not configured.
Workaround:
None.
Further Problem Description:
|
|
Last Modified: | 27-AUG-2015 |
|
Known Affected Releases: | 4.3.1.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv31080 | Title: | Enabling "mac-accounting egress" deteriorates PPS |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Enabling "mac-accounting egress" deteriorates PPS
Conditions:
Enabling "mac-accounting egress" on New 100 Gigabit Ethernet High-Density Line cards
Workaround:
None
Further Problem Description:
|
|
Last Modified: | 27-AUG-2015 |
|
Known Affected Releases: | 5.3.1.BASE |
|
Known Fixed Releases: * | 5.3.2.19i.BASE, 5.3.3.5i.BASE, 6.0.0.12i.BASE |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv63169 | Title: | Laserbeak: WAN mode is disabled on a set of 10G ports |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Issue found during development.
Symptom:
Unable to configure wan mode on either ports 0-9 or ports 10-19.
Conditions:
Issue is on Laserbeak
Workaround:
None
Further Problem Description:
|
|
Last Modified: | 27-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: | 5.3.3.7i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCul55506 | Title: | Memory leak in lldp_agent process on IOS XR platforms |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | The memory allocated by the lldp_agent process on the LC is slowly increasing. Eventually this can lead to a restart of the process. Example logs:
LC/0/0/CPU0:Nov 20 03:34:03.939 : sysmgr[91]: lldp_agent(1) (jid 251) (pid 3387559) (fail_count 2) abnormally terminated, restart scheduled
This message is typically followed by %OS-DUMPER messages
The restart of lldp_agent does not have an impact on the service.
To monitor the memory utilization of lldp_agent on a specific LC you can use the following commands:
1. show process lldp_agent location X/Y/Z
-> Locate the Job ID (JID)
2. show process memory #JID# location X/Y/Z
Symptom:The memory allocated by the lldp_agent process on the LC is slowly increasing. Eventually this can lead to a restart of the process. Example logs:
LC/0/0/CPU0:Nov 20 03:34:03.939 : sysmgr[91]: lldp_agent(1) (jid 251) (pid 3387559) (fail_count 2) abnormally terminated, restart scheduled
This message is typically followed by %OS-DUMPER messages
The restart of lldp_agent does not have an impact on the service.
To monitor the memory utilization of lldp_agent on a specific LC you can use the following commands:
1. show process lldp_agent location X/Y/Z
-> Locate the Job ID (JID)
2. show process memory #JID# location X/Y/Z
Conditions:ASR9K running IOS-XR 4.x software, or an NCS running IOS XR 5.0.x software
Workaround:Disable LLDP
More Info:
|
|
Last Modified: | 28-AUG-2015 |
|
Known Affected Releases: | 4.2.3.BASE, 4.3.2.BASE |
|
Known Fixed Releases: * | 5.1.1, 5.1.1.18i.FWDG, 5.1.11, 5.1.11.13i.FWDG, 5.1.12, 5.1.2, 5.1.2.9i.FWDG, 5.1.3, 5.1.4, 5.2.0 |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv96065 | Title: | show commit changes diff doesnt work for class-map changes |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
After the configuration changes to class-map, show commit changes diff doesn't work for class-map
Conditions:
Hierarchical Class-map / Qos
Workaround:
None
Further Problem Description:
NONE
|
|
Last Modified: | 28-AUG-2015 |
|
Known Affected Releases: * | 5.3.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv06372 | Title: | 1.3.6.1.2.1.31.1.2.1.3 oid is populated with incorrect value |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: * | Symptom:1.Some interfaces returned as bundle members even though they do not belong to particular bundle.
2 (notInService) returned even though interfaces are valid bundle members. Prior to restarting snmp and mibd_interface, valid members returned 1 (active).
Conditions:When polling for ifStackStatus for specific bundle, interfaces not being bundle members returned along with legitimate bundle members.
Workaround:reload the router will solve the problem 1 and restarted 'mibd_interface' processes fixed problem 2.
More Info:
|
|
Last Modified: | 28-AUG-2015 |
|
Known Affected Releases: | 5.1.11.LC |
|
Known Fixed Releases: | 5.3.2.18i.BASE, 5.3.3.3i.BASE, 6.0.0.11i.BASE |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv97476 | Title: | cpwVcMIB.2.1 is not generated whenever VPLS PW is down |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
cpwVcMIB.2.1 is not generated whenever VPLS PW is down
Conditions:
VPLS PW is down
Workaround:
n/a
Further Problem Description:
|
|
Last Modified: | 28-AUG-2015 |
|
Known Affected Releases: | 5.3.1.MPLS |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv94124 | Title: | tacacsd process crash during breakout or bundle remove on Tomahawk 5.3.0 |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
tacacsd crash
Conditions:
Breakout config or bundle config removal.
Tomahawk LC running 5.3.0
Workaround:
None
Further Problem Description:
None
|
|
Last Modified: | 28-AUG-2015 |
|
Known Affected Releases: * | 5.3.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuw01290 | Title: | A9K-8x100GE-TR PCIE Uncorrectable Non-Fatal Error: Completion Timeout |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
A9K-8x100GE-TR under normal operation periodically sees the errors:
LC/0/4/CPU0:Aug 21 09:40:15.383 : pciesvr[75]: %PLATFORM-PCIE-3-ERROR : B/D/F 0/1/0 dev name:IB 1a & 1b: AER| UES: 0x00004000 CES: 0x00000000 RES: 0x00000024 IDS: 0x00080a00| HDRS: 0x00000000 0x00000000 0x00000000 0x00000000
LC/0/4/CPU0:Aug 21 09:40:15.383 : pciesvr[75]: %PLATFORM-PCIE-3-ERROR : B/D/F 0/1/0 dev name:IB 1a & 1b: PCIE| DevCap 0x00008001, DevCntl 0x00000007, DevStat 0x00000002| LinkCap 0x017a7043, LinkCntl 0x00000000, LinkStat 0x00003042| SlotCap 0x00000040, SlotCntl 0x000007c0, SlotStat 0x00000148
LC/0/4/CPU0:Aug 21 09:40:15.387 : pciesvr[75]: %PLATFORM-PCIE-6-ROOT_DEVICE_BUS_INFO : PCI/PCIe Device: bus/device/function 0/1/0 - Uncorrectable Non-Fatal Error: Completion Timeout
LC/0/4/CPU0:Aug 21 09:40:16.727 : ifmgr[211]: %PKT_INFRA-LINK-3-UPDOWN : Interface HundredGigE0/4/0/2, changed state to Down
RP/0/RP0/CPU0:Aug 21 09:40:17.873 : BM-DISTRIB[1173]: %L2-BM-6-ACTIVE : HundredGigE0/4/0/2 is no longer Active as part of Bundle-Ether12488 (Link is down)
LC/0/4/CPU0:Aug 21 09:40:16.727 : ifmgr[211]: %PKT_INFRA-LINEPROTO-5-UPDOWN : Line protocol on Interface HundredGigE0/4/0/2, changed state to Down
LC/0/4/CPU0:Aug 21 09:40:16.728 : inv_agent[219]: %PLATFORM-INV_AGENT-6-CPAK_OIROUT : CPAK OIR: 0/4/CPU0/2 Sn: FBN19072286 is removed, state: 0
LC/0/4/CPU0:Aug 21 09:40:17.984 : vic_0_2[375]: %PLATFORM-VIC-4-SIGNAL : Interface HundredGigE0/4/0/2, Detected Signal failure
Conditions:
normal operation
Workaround:
reload or reseat the card
Further Problem Description:
|
|
Last Modified: | 29-AUG-2015 |
|
Known Affected Releases: | 5.3.1.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuq67002 | Title: * | Standby RSP failed to sync up when upgrade from 4.X.X to 5.1.X |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: * | Symptom:
Active RSP is successfully upgraded to 5.1.2. Standby RSP was inserted in with 4.0.3 and attempted to sync with the active. Standby RSP was throwing error since it was not able to find the file /disk0/iosxr-infra-5.1.2/remote/0x100305/lib/install_debug_remote.
Conditions:
Seen when upgrading from p only release to > 5.1.X
Workaround:
RP/0/RSP0/CPU0:ASR9k1-1#run
# ls /disk0/iosxr-infra-5.1.2/remote/0x100305
ls: No such file or directory (/disk0/iosxr-infra-5.1.2/remote/0x100305)
# mkdir -p /disk0/iosxr-infra-5.1.2/remote/0x100305/lib/
# cp /disk0/iosxr-infra-5.1.2/remote/rp-lc/0x100305/lib/install_debug_remote /disk0/iosxr-infra-5.1.2/remote/0x100305/lib/
Further Problem Description:
|
|
Last Modified: | 29-AUG-2015 |
|
Known Affected Releases: * | 5.1.2.BASE, 5.1.3.BASE |
|
Known Fixed Releases: | 5.2.2.25i.BASE, 5.2.3.12i.BASE, 5.2.4.1i.BASE, 5.3.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv95212 | Title: | IP to MPLS fragmentation corrupts label |
|
Status: | Other |
|
Severity: | 3 Moderate |
Description: | Symptom:
IP to MPLS fragmentation results in corrupted MPLS labels, causing packets to be dropped by the next hop.
Conditions:
PE router with larger MTU on CE-facing side than P-facing side.
Workaround:
Reduce MTU on CE-facing side to remove the need for fragmentation
Further Problem Description:
|
|
Last Modified: | 29-AUG-2015 |
|
Known Affected Releases: | 5.2.4.MPLS |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCut08813 | Title: | Inhibit interrupts after large numbers of ignorable ECC errors |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
In rare cases, NP soft error will continue to detected repeatedly. If this condition occurs, the error counter displayed in the 'show contr np soft-errors' CLI output will continue to increase:
# show controller np soft-errors 98 np0 loc 0/0/cpu0
NP Blk Name Ignored Fixed Sticky Reset Spurious
-- --- ---------- --------- ---------- ---------- ---------- ----------
3 98 PSTAT1 1263214 0 0 0 0
# show controller np soft-errors 98 np0 loc 0/0/cpu0
NP Blk Name Ignored Fixed Sticky Reset Spurious
-- --- ---------- --------- ---------- ---------- ---------- ----------
3 98 PSTAT1 1263400 0 0 0 0
When this issue occurs, it can also cause a small amount of CPU time to be consumed indefinitely by the kernel and prm_server processes:
#show processes cpu location 0/0/CPU0
CPU utilization for one minute: 21%; five minutes: 21%; fifteen minutes: 21%
PID 1Min 5Min 15Min Process
1 9% 9% 9% kernel
61473 3% 3% 3% eth_server
155714 1% 1% 1% fialc
155728 8% 8% 8% prm_server_to
Conditions:
There is no specific trigger for the underlying soft error. It only occurs on a small percentage of NP soft errors which are themselves a rare occurrence. It can occur on both Typhoon and Tomahawk linecards.
Workaround:
Generally there are no functional side effects seen with this issue. If there is concern about the CPU usage, a linecard reload may be scheduled during a maintenance window.
Further Problem Description:
|
|
Last Modified: | 29-AUG-2015 |
|
Known Affected Releases: | 5.3.0.BASE, 5.3.1.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv94862 | Title: | Packet count field is lesser than expected in flow at ingress direction |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
packet count lesser than expected
Conditions:
with mpls on flexr
Workaround:
Further Problem Description:
|
|
Last Modified: | 29-AUG-2015 |
|
Known Affected Releases: | 6.0.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuw01045 | Title: | PUNT_FABRIC_DATA_PATH_FAILED during Breakout on Tomahawk |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
PUNT_FABRIC_DATA_PATH_FAILED showing up on logs
Conditions:
Seen during breakout on Tomahawk LC
Workaround:
NONE
Further Problem Description:
NONE
|
|
Last Modified: | 29-AUG-2015 |
|
Known Affected Releases: | 5.3.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCut19399 | Title: | Bundle , ICPE , IGMP Process crash seen due to ICCP |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Bundle , ICPE , IGMP Process crash seen due to ICCP
Conditions:
RP Failover
Workaround:
Not required , as all the process recovers
Further Problem Description:
|
|
Last Modified: | 30-AUG-2015 |
|
Known Affected Releases: | 5.3.1.BASE, 5.3.2.BASE |
|
Known Fixed Releases: * | 5.3.2.20i.BASE, 5.3.3.6i.BASE, 6.0.0.12i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv71801 | Title: | [r53x] - Satellite interfaces fails to come up after Node Reload |
|
Status: | Other |
|
Severity: | 3 Moderate |
Description: * | Symptom:
Satellite interfaces fails to come up after Router Reload
Conditions:
Router Reload
Workaround:
None - Not Known
Further Problem Description:
|
|
Last Modified: | 30-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv79281 | Title: * | SecGW coverity issues |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: * | Symptom:
Internal co verity bugs, not to be exposed to customer.
Conditions:
NULL
Workaround:
NULL
Further Problem Description:
|
|
Last Modified: | 31-AUG-2015 |
|
Known Affected Releases: | 19.1.0 |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuo54575 | Title: | mibd_interface: Wrong number of items returned from get items request |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: * | Symptom:
Values not returned for CISCO-IETF-IPMROUTE-MIB. Traceback also observed from mibd_interface process
Conditions:
The issue happens because the source address mask is not set correctly when the MIB queries information for the (*,G) routes. As a result of this, the snmp walk errors out. The issue will happen only when there are (*,G) routes present in the box (other than the (*,224.0.1.40) route)
Workaround:
None
Further Problem Description:
|
|
Last Modified: | 31-AUG-2015 |
|
Known Affected Releases: | 5.2.0.BASE |
|
Known Fixed Releases: | 5.1.3, 5.1.3.11i.MCAST, 5.1.4, 5.2.0.24i.MCAST, 5.2.2, 5.2.21, 5.3.0, 5.3.1 |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv51465 | Title: | BNG: Accounting bytes reset to zero at when "clear counter" is executed |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Accounting bytes send from the asr9000 are reset to 0 when
"clear counter" is executed on the platform
Conditions:
executing clear counter
Workaround:
Do not executed "clear counter"
(deny it via aaa authorization if possible)
Further Problem Description:
|
|
Last Modified: | 31-AUG-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: * | 5.3.2.20i.BASE, 6.0.0.12i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv52688 | Title: | 9000v - High CPU , due to Remote Port Config , ICL type change on HOST |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
9000v - High CPU , due to Remote Port Config , ICL type change on HOST
Conditions:
Remote Port Config , ICL type change on HOST
Workaround:
Satellite Reload
Further Problem Description:
|
|
Last Modified: | 31-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: * | 5.3.2.21i.FWDG, 5.3.3.6i.FWDG, 6.0.0.12i.FWDG |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv85650 | Title: * | Sequence Error in CFM packets received on Host |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
When we configure CFM on bundle ICL of host. "Show ethernet cfm peer meps" CLI says that there is sequence number error in the received CFM packet from host.
Conditions:
When host is connected to Asr9000v satellite with bundle ICL and CFM is configured on Bundle ICL.
Workaround:
No Workaround.
Further Problem Description:
|
|
Last Modified: | 31-AUG-2015 |
|
Known Affected Releases: | 5.3.2.CE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv51675 | Title: | Fan failure and RPM warning detection needs algo change |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
FANTRAY_ALARM observed for a small time window.
Conditions:
One or more fans are running at above/below of actual speed will trigger alarms.
Workaround:
none
Further Problem Description:
|
|
Last Modified: | 31-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: * | 5.3.2.21i.BASE, 5.3.3.6i.BASE, 6.0.0.12i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCut93517 | Title: | ASR9K: 5.2.2 MSDP Crash for invalid timer access by standby process |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
MSDP process flaps continuously followed by constant process crashes
Conditions:
This crash is hit when 'shutdown' or 'nsr-down' is configured under an MSDP peer.
Workaround:
Remove the shutdown and nsr-down config. Instead of shutdown, the peer submode can be removed.
Further Problem Description:
|
|
Last Modified: | 31-AUG-2015 |
|
Known Affected Releases: | 5.2.2.MCAST |
|
Known Fixed Releases: * | 5.2.4.14i.MCAST, 5.3.2.7i.MCAST, 6.0.0.5i.MCAST |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv51909 | Title: | get-config on bgp returns partial message and closes session |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptoms:
BGP operational data cannot be retrieved via NETCONF 1.1 (YANG) agent. The NETCONF the client receives no response and the server closes the session.
Conditions:
This symptom is observed on router with BGP enabled.
Workaround:
Use 'show' commands or NETCONF 1.0 (XML agent) to retrieve the operational state of BGP.
|
|
Last Modified: | 31-AUG-2015 |
|
Known Affected Releases: | 5.3.2.MGBL |
|
Known Fixed Releases: * | 6.0.0.12i.MGBL |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCur68362 | Title: | need show command to show NPU ICU discards/drops |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
usability improvement to display packet drops happening in the ICU (control unit/pre-parse stage) of the NPU
Conditions:
NA
Workaround:
no usable workaround exist today, but using the kshell commands:
run attach: np_perf -e1 -R
Further Problem Description:
|
|
Last Modified: | 31-AUG-2015 |
|
Known Affected Releases: | 5.3.0.BASE |
|
Known Fixed Releases: * | 5.3.2.20i.BASE, 5.3.3.5i.BASE, 5.3.3.6i.BASE, 6.0.0.12i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv18872 | Title: | Limit : glacial not req for L2-MKA-4-VLAN_TAGS_IN_CLEAR_MISMATCH msgs |
|
Status: * | Fixed |
|
Severity: | 4 Minor |
Description: | Symptom:
Limit : glacial not req for L2-MKA-4-VLAN_TAGS_IN_CLEAR_MISMATCH msgs
Conditions:
Seems like limit: glacial was used for L2-MKA-4-VLAN_TAGS_IN_CLEAR_MISMATCH Error messages.
So if I have 10 sub interfaces getting committed with mismatched vlan tags count, i'll get only one message for first interface and rest of them will not have an error message printed. Could you please revert it to normal limit. That will helpful in user perspective.
Workaround:
Nil
Further Problem Description:
|
|
Last Modified: | 05-AUG-2015 |
|
Known Affected Releases: | 6.0.0.K9SEC |
|
Known Fixed Releases: | 6.0.0.9i.BASE |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv78242 | Title: | Umbrella DDTS to address junk value for Netflow records |
|
Status: | Fixed |
|
Severity: | 4 Minor |
Description: | Symptom:
Netflow records show junk value under certain scenarios
Conditions:
CSCuv06078 Neflow v9 records report Junk value for egress interface
CSCuv71173 Neflow v9 records report Junk value for output int - MPLS2MPLS with FRR
Workaround:
none
Further Problem Description:
|
|
Last Modified: | 30-AUG-2015 |
|
Known Affected Releases: | 5.3.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv94776 | Title: | 100GE : netflow on bundle subinterface - np policer rate value wrong |
|
Status: | Open |
|
Severity: | 4 Minor |
Description: | Symptom:
RP/0/RSP0/CPU0:PE2(config-if)#show running-config interface hundredGigE 0/1/0/0*
Tue Aug 25 10:27:39.610 UTC
interface HundredGigE0/1/0/0
bundle id 500 mode active
!
RP/0/RSP0/CPU0:PE2(config-if)#show running-config interface hundredGigE 0/1/0/1
Tue Aug 25 10:27:42.995 UTC
interface HundredGigE0/1/0/1
bundle id 500 mode active
!
RP/0/RSP0/CPU0:PE2(config)#interface bundle-ether 500
RP/0/RSP0/CPU0:PE2(config-if)#flow ipv4 monitor fmm-ipv4 sampler fsm ingress
RP/0/RSP0/CPU0:PE2(config-if)#flow ipv4 monitor fmm-ipv4 sampler fsm egress
RP/0/RSP0/CPU0:PE2(config-if)#commi
Tue Aug 25 10:28:11.616 UTC
RP/0/RSP0/CPU0:PE2(config)#interface bundle-ether 500.1
RP/0/RSP0/CPU0:PE2(config-subif)#flow ipv4 monitor fmm-ipv4 sampler fsm egress
RP/0/RSP0/CPU0:PE2(config-subif)#flow ipv4 monitor fmm-ipv4 sampler fsm ingress
RP/0/RSP0/CPU0:PE2(config-subif)#commi
Tue Aug 25 10:29:44.912 UTC
RP/0/RSP0/CPU0:PE2(config)#interface bundle-ether 500
RP/0/RSP0/CPU0:PE2(config-if)#no flow ipv4 monitor fmm-ipv4 sampler fsm ingress
RP/0/RSP0/CPU0:PE2(config-if)#
RP/0/RSP0/CPU0:PE2(config-if)#commi
Tue Aug 25 10:31:01.887 UTC
RP/0/RSP0/CPU0:PE2(config)#interface hundredGigE 0/1/0/0
RP/0/RSP0/CPU0:PE2(config-if)#no bundle id
RP/0/RSP0/CPU0:PE2(config-if)#commi
Tue Aug 25 10:32:00.334 UTC
RP/0/RSP0/CPU0:PE2#show flow platform nfea policer np all location 0/1/CPU0
Tue Aug 25 10:39:28.159 UTC
NP 0 :
#ing_lnks #egr_lnks cur_rate policer_id root_hdl node_hdl chkpt_id
=================================================================
0 2 66666 14876948 0xe91560 0x114 12088
NP 1 :
#ing_lnks #egr_lnks cur_rate policer_id root_hdl node_hdl chkpt_id
=================================================================
1 0 66666 14876948 0xe91560 0x114 12120
NP 2 :
#ing_lnks #egr_lnks cur_rate policer_id root_hdl node_hdl chkpt_id
=================================================================
0 0 0 14876948 0xe91560 0x114 0
NP 3 :
#ing_lnks #egr_lnks cur_rate policer_id root_hdl node_hdl chkpt_id
=================================================================
1 0 66666 14876948 0xe91560 0x114 12248
NP 4 :
#ing_lnks #egr_lnks cur_rate policer_id root_hdl node_hdl chkpt_id
=================================================================
0 0 0 0 0x0 0x0 0
NP 5 :
#ing_lnks #egr_lnks cur_rate policer_id root_hdl node_hdl chkpt_id
=================================================================
0 0 0 0 0x0 0x0 0
NP 6 :
#ing_lnks #egr_lnks cur_rate policer_id root_hdl node_hdl chkpt_id
=================================================================
0 0 0 0 0x0 0x0 0
NP 7 :
#ing_lnks #egr_lnks cur_rate policer_id root_hdl node_hdl chkpt_id
=================================================================
0 0 0 0 0x0 0x0 0
After Fix :
RP/0/RSP0/CPU0:PE2#show flow platform nfea policer np all location 0/1/CPU0
Tue Aug 25 15:55:01.912 UTC
NP 0 :
#ing_lnks #egr_lnks cur_rate policer_id root_hdl node_hdl chkpt_id
=================================================================
0 2 100000 14876948 0xe91560 0x114 12216
NP 1 :
#ing_lnks #egr_lnks cur_rate policer_id root_hdl node_h
|
|
Last Modified: | 29-AUG-2015 |
|
Known Affected Releases: | 5.3.3.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu78610 | Title: | PLATFORM-DIAGS-3-SRSP_ACTIVE_EOBC_FAILED messages with VSM in nvCuster |
|
Status: * | Open |
|
Severity: * | 4 Minor |
Description: | ASR9K when configured as nvCluster and with VSM installed continually generates syslog messages relating to EOBC timeout
Symptom:
error messages seen in console/syslog
%PLATFORM-DIAGS-3-SRSP_STANDBY_EOBC_FAILED : Set|online_diag_rsp[204915]|SRSP standby EOBC Test(0x2000001)|failure threshold is 3, rack slot(s) failed: (0/3)
Conditions:
ASR9K installed as nvCluster and VSM modules installed in the chassis running CGN
Workaround:
none
Further Problem Description:
|
|
Last Modified: | 28-AUG-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv36843 | Title: | 5.3.2.16I: Framing Error Encountered on Aux port |
|
Status: | Open |
|
Severity: | 4 Minor |
Description: | Symptom:
In a topology having ASR9006 chassis, Aux framing error messages are observed on console.
Conditions:
The error messages are observed on the console at random intervals, however without any functional impact on the node.
Workaround:
The console error messages seen here are not affecting the usability of the node in any way.
Further Problem Description:
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCua72097 | Title: | 10G/40G: proactive revert threashold range is not correct |
|
Status: | Open |
|
Severity: | 4 Minor |
Description: * | Symptom:
The following configurations are not functional with A9K-MPA-2X40GE when G.709 OTN is enabled on ASR9000 routers:
g709 otu threshold sd-ber
g709 otu threshold sf-ber
proactive revert threshold
Conditions:
No error message or alarm is generated when an error condition occurs that BER is above any of the above thresholds.
Workaround:
There is no workaround avaiable. For proactive revert threshold, the valid range is <4-7> instead of <4-10> given in the Help.
|
|
Last Modified: | 19-AUG-2015 |
|
Known Affected Releases: | 4.2.3.LC |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv77898 | Title: | VSM CGN NAT44 i2o packet counters for PPTP always zero |
|
Status: | Open |
|
Severity: | 4 Minor |
Description: | Symptom:
VSM CGN NAT44 i2o packet counters for PPTP GRE connection always showing zero
Conditions:
VSM running CGN NAT44 with ALG enabled to handle PPTP connections and the show commands for these connections always lists there being zero packets for inside-to-outside packets. The actual PPtP connection is working OK and passing traffic, just the counters which looks broken.
Workaround:
none
Further Problem Description:
|
|
Last Modified: | 19-AUG-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu49626 | Title: | Traffic Loss seen on PowerCycle of PE for PBB eVPN |
|
Status: | Open |
|
Severity: * | 4 Minor |
Description: | Symptom:
Traffic loss is seen during power cycle of PE for PBB eVPN. The traffic loss does not occur until the PEs try to converge. Once they do, the traffic on the PE is lost for about 4.5 mins and then it recovers.
Conditions:
A faulty linecard must be in the chassis. When the router reloads, this line card does not come up.
Workaround:
In the chassis, make sure that all linecards are functioning properly and that they come up properly after reload.
Further Problem Description:
|
|
Last Modified: | 17-AUG-2015 |
|
Known Affected Releases: | 6.0.0.ROUT |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu47172 | Title: | Duplicate traffic seen on Failures A/C restoration for PBB eVPN |
|
Status: | Open |
|
Severity: * | 4 Minor |
Description: | Symptom:
After Failure A or C occurs and the link is brought backup, once traffic starts flowing through that link again there can be some duplicate traffic. The duplicate traffic lasts for a very short amount of time ( < 1 sec)
Conditions:
Occurs after the link has been brought and the PEs attempt to converge
Workaround:
None. However the duplicate traffic shows only for a short amount of time ( < 1 sec)
Further Problem Description:
|
|
Last Modified: | 17-AUG-2015 |
|
Known Affected Releases: | 6.0.0.ROUT |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv36730 | Title: | show qos summary queue location shows up to 10 QueueIDs. |
|
Status: | Fixed |
|
Severity: | 4 Minor |
Description: | Symptom:
TR card can be configured to create 10 queues even though it should allow up to 8 queues per port per direction.
Conditions:
Using TR card.
Workaround:
Create the queues up to 8 queues per port per direction on TR card.
Further Problem Description:
|
|
Last Modified: | 13-AUG-2015 |
|
Known Affected Releases: | 4.2.3.BASE, 5.3.2.BASE |
|
Known Fixed Releases: * | 6.0.0.11i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCur29146 | Title: | [530]-Avsm_agent process thread in "Dead" state on ISM LC |
|
Status: | Fixed |
|
Severity: | 4 Minor |
Description: | Symptom:
Avsm_agent process thread in "Dead" state
Avsm_agent process thread in "Dead" state without any config on ISM LC
Conditions:
NA
Workaround:
NA
Further Problem Description:
NA
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.0.BASE, 5.3.1.BASE |
|
Known Fixed Releases: * | 5.3.2.12i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCut97560 | Title: | Add Error Message when Full /harddisk partition Causes FPD Upgrade Fail |
|
Status: | Fixed |
|
Severity: | 4 Minor |
Description: | Symptom:
Fpd upgrade for Tomahawk LC is failing
Conditions:
fpd auto-upgrade is configured.
Workaround:
No known workarounds.
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.0.BASE, 5.3.1.BASE |
|
Known Fixed Releases: * | 5.3.2.14i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCua09815 | Title: | Shouldn't show PFM error for PLL_T0_STATE_FREE when no timing configured |
|
Status: | Fixed |
|
Severity: | 4 Minor |
Description: | Symptom:
You can see a PFM error stating PLL_T0_STATE_FREE.
Conditions:
This alarm is simply informational and indicates that the DS3100 T0 PLL(used for timing synchronization) is currently in Free-run state.
However, it was designed to only pop up if global 'freqsync' is configured(check for 'sh run freq sync') and PLL has no active valid inputs.
This bug is to fix it so it doesn't pop up without a frequency synch config.
In this state it can be safely ignored.
Workaround:
None
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 4.2.0.BASE |
|
Known Fixed Releases: * | 5.3.2.12i.FWDG, 6.0.0.10i.FWDG |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCty06696 | Title: | Add CLI option to handle out-of-subnet ARP requests |
|
Status: | Fixed |
|
Severity: | 4 Minor |
Description: * |
Symptom:
Enhancement to interfaces to block out-of-subnet ARP learning by introducing a new CLI command:
Example:
configure
interface g0/0/0/0
arp learning local < ----
Conditions:
None
Workaround:
None
Further Problem Description:
None
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 2.9/2.8:
http://tools.cisco.com/security/center/cvssCalculator.x?vector=AV:A/AC:M/Au:N/C:N/I:N/A:P/E:F/RL:U/RC:C&version=2.0
No CVE ID has been assigned to this issue.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
|
|
Last Modified: | 06-AUG-2015 |
|
Known Affected Releases: | 4.2.0.BASE, 4.3.0.BASE, 4.3.1.BASE |
|
Known Fixed Releases: | 4.3.4.15i.FWDG, 5.0.1.99i.BASE, 5.1.1.9i.FWDG, 5.1.11.4i.FWDG, 5.1.2.1i.FWDG, 5.2.0.2i.FWDG |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu68287 | Title: | SSTE: MGBL-LIBPARSER-3-ERR_SYSDB_SET: sysdb_item_set err sysdb restart |
|
Status: * | Other |
|
Severity: * | 4 Minor |
Description: | Symptom:Following message may show up in syslog during sysdb process restart:
exec[65944]: %MGBL-LIBPARSER-3-ERR_SYSDB_SET : sysdb_item_set of ________/________/vty/1/ctrl/general/timeout-idle failed: 'sysdb' detected the 'fatal' condition 'SysDB encountered an unexpected internal error: A mismatch was detected between the connection id and the client'
Conditions:Workaround:N/A . There's no functional impact with this error message.
|
|
Last Modified: | 31-AUG-2015 |
|
Known Affected Releases: | 5.3.1.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv56778 | Title: | ASR9K "show inventory" does not show optics of a line cards on port 5 |
|
Status: | Open |
|
Severity: | 5 Cosmetic |
Description: | Symptom:
FP/GCL in port 5 on some LCs doesn't appear in 'show inventory' output
At the same time we know the same SFP/GLC works OK in other ports and even for the affected port we have proper controller information showing the Optic is supported and traffic is not affected on the port 5 on all affected LC
Conditions:
ASR9000, XR release 5.3.1
Workaround:
Restart inv_agent process on the affected LC
Further Problem Description:
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 5.3.1.LC |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu18626 | Title: | Update prompt in monitor np counter to indicate that NP is always reset |
|
Status: | Fixed |
|
Severity: | 5 Cosmetic |
Description: | Symptom:
NP is reset at the end of the "monitor np counter".
Conditions:
This is the expected behavior but the prompt in the command could be clearer:
Cleanup: Confirm NP reset now (~150ms traffic outage).
Ready? [y] >
This seems to indicate that entering "n" or "no" would skip the reset. But the NP is always reset regardless of what the user enters.
This DDS will be used to indicate that NP will be reset in any case.
Workaround:
To avoid the automatic reset, the user can use the "noreset" keyword in the "monitor np counter noreset" command. But then the NP will have to be reset manually later on.
Note that this is dangerous to run with an NP which has not been reset following the "monitor np counter" command as some RFD buffers might have been leaded during the command.
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.0.LC |
|
Known Fixed Releases: * | 5.3.2.12i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu81217 | Title: | "show controllers interface phy" not showing Serial number for satellite |
|
Status: | Fixed |
|
Severity: | 5 Cosmetic |
Description: | Symptom:
"show controllers phy" does not show Serial number for Sat interfaces
Conditions:"show controllers phy" does not show Serial number for Sat interfaces causing usability concern.
Workaround:Serial number can be viewed by running "show controllers "
More Info:This is a usability concern for customer as this affects their scripting. They request full parity with PHY so script can perform same function no matter the interface type.
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.1.3.BASE |
|
Known Fixed Releases: * | 5.3.2.15i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv99743 | Title: | ASR9k: PPP IPCP keeps on sending CONFREQ after a PROTOCOL-REJECT |
|
Status: | Open |
|
Severity: | 6 Enhancement |
Description: | Symptom:
The Cisco ASR9000 used as BNG may continue to send Configuration Request packet after having received the Protocol-Reject. This behaviour is not inline with the RFC1661 that states that:
--- snippet of the RFC ---
Upon reception of a Protocol-Reject, the implementation MUST stop
sending packets of the indicated protocol at the earliest
opportunity.
--- snippet of the RFC ---
Conditions:
In PPP deployment with the ASR9k BNG solution. Noticed in 5.2.4.
Workaround:
The command "ppp ipcp passive? will prevent BNG to pro-actively generate IPCP. BNG will wait for client to initiate IPCP.
Further Problem Description:
|
|
Last Modified: | 30-AUG-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv97861 | Title: | Global LLDP knob to enable LLDP config per interface |
|
Status: | Open |
|
Severity: | 6 Enhancement |
Description: | Symptom:
In global config mode, lldp will enable LLDP on all Ethernet interfaces. No global config mode lldp command to enable lldp per interface
Conditions:
When configuring LLDP
Workaround:
Must disable LLDP on a per bundle-ether interface member basis using the tx/rx commands at the interface level, but this workaround adds a fair amount of config manipulation and tooling per interface, per box.
Further Problem Description:
Today Google is using lacp discovery tool that is fairly complex to determine link topology info and they are in the process of modifying this tool for managing swinging of cables or new cable turn ups and using lldp discovery to check if all links are properly connected
|
|
Last Modified: | 28-AUG-2015 |
|
Known Affected Releases: | 5.1.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCut40761 | Title: | ability to send icmp unreach/df-bit set in BNG |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
with BNG framentation ICMP 3/4 codes are not sent for packets exceeding the MTU of the subscriber interface and having DF-bit set
Conditions:
asr9k, bng code with fragmentation support (CSCup20681)
Workaround:
df-bit clear - avail from 5.1.0
caveat: might still break PMTUD and increases load on sw-path
baby jumbos in aggregation/access and RFC4638 support in CPE
caveat: provider may not have full control over aggregation/access and/or CPE migh not support RFC4638
Further Problem Description:
BNG subscribers are using the SINT (not NETIO) for fragmentation support. SINT checks for the DF bit and drops the packets silently if it is set.
DF bit can be ignored via a PBR map, but this is not ideal either.
request is to sent ICMP unreach for those packets requiring frag but have the DF bit set to save PMTUD.
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 4.3.4.BASE |
|
Known Fixed Releases: * | 5.3.2.14i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCut76494 | Title: | IOS-XR Tacacs+ single-connect slow/failed AAA transactions. |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
An IOS-XR Client Router has AAA services configured as Tacacas+ with single-connect flag on. The client expects a single packet per each AAA transaction. If the server replies in various packets or the reply packets gets misordered, then the Tacacs+ timeout is hit by the client, resulting in:
1. missing AAA Authentication
2. slow AAA Authorization (Author requires the timeout expiration)
Conditions:
An IOS-XR Client connected to one or more AAA Tacacs+ Servers
Workaround:
Disable the single-connect flag at the "NAS" (Client) side.
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 4.3.4.BASE |
|
Known Fixed Releases: * | 5.3.2.15i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv96168 | Title: | eXR: Need enhancements to read info of Golden version of FPDs |
|
Status: | Open |
|
Severity: | 6 Enhancement |
Description: | Symptom:
Need enhancements to read info of Golden version of FPDs.
Conditions:
We need enhancements to read info of Golden version of FPDs for checking if FPD falls back to Golden version on a board.
Workaround:
Unknown.
Further Problem Description:
|
|
Last Modified: | 27-AUG-2015 |
|
Known Affected Releases: | 6.1.0.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu37101 | Title: | provide show command to display list of wdsysmon OOR aware processes |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
No show command to display list of wdsysmon OOR processes
OOR processes get notifications from wdsysmon when system memory reaches low/severe/critical level threshold. This allows these processes to take action and shutdown the process gracefully.
Conditions:
Workaround:
first issue command "show watchdog trace single notif verbose | in register | in Heap" which will provide all OOR processes pid.
Once above command is run, execute below command which will map pid to processes
show processes pidin | in
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.1.3.BASE |
|
Known Fixed Releases: * | 5.3.2.15i.BASE, 5.3.3.3i.BASE, 6.0.0.10i.BASE |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv57739 | Title: | ASR9K: SATA Disk Enhancement |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
There are two cases of SATA SSD failures the SATA Disk Monitoring service Monitors (ahci_mon) for:
1) Driver Errors
2) Driver Hangs
Driver Errors will reload the impacted card. No change here.
Prior to this DDTS, Driver Hangs will only log a PFM error.
For the least service disruption, taking advantage of ASR9K H/A capability, this DDTS will reload the impacted card for Hang conditions also.
Conditions:
When disk driver hang occurs.
Workaround:
Reload RSP.
Further Problem Description:
|
|
Last Modified: | 23-AUG-2015 |
|
Known Affected Releases: | 5.3.2.BASE |
|
Known Fixed Releases: | 5.3.2.19i.BASE, 5.3.3.5i.BASE |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCup62004 | Title: * | Add sh controller np counters interface option |
|
Status: | Open |
|
Severity: | 6 Enhancement |
Description: | Symptom:
We need to make our CLI easier for customers and support engineers to use.
Need an option to specify the output of the np counters associated with a specific interface without the users having to run other commands to determine the np to interface mapping manually.
show controller np counters ten0/0/0/0 or show controller np counters int ten0/0/0/0.
The router should be able to resolve what np or nps (for virtual interfaces) are associated with the interface and provide that output. The location keyword also should not be required since the CLI should be intelligent enough to know what linecard the interface is located on.
Conditions:
Workaround:
Further Problem Description:
|
|
Last Modified: | 21-AUG-2015 |
|
Known Affected Releases: | 5.1.3.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCut09987 | Title: | Simplify CLI to access to satellites |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
This is a request to simplify the access to satellites. Current telnet command is cumbersome.
Conditions:
Workaround:
Further Problem Description:
|
|
Last Modified: | 07-AUG-2015 |
|
Known Affected Releases: | 5.3.0.BASE |
|
Known Fixed Releases: * | 5.3.2.17i.FWDG, 5.3.3.3i.FWDG, 6.0.0.10i.FWDG |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv83010 | Title: | 0.0.0.0/1 prefix is not installed in RIB |
|
Status: | Other |
|
Severity: | 6 Enhancement |
Description: | Symptom:
0.0.0.0/1 is not installed in RIB
Conditions:
learned via OSPF E2
Workaround:
use static routes
Further Problem Description:
|
|
Last Modified: | 30-AUG-2015 |
|
Known Affected Releases: | 5.2.4.ROUT |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv72455 | Title: | Junos style 'orlonger' qualifier for calling prefix-sets in route-policy |
|
Status: | Open |
|
Severity: | 6 Enhancement |
Description: | Symptom:
Router must be able to reuse single prefix-list for exact matches and for matches up-to host length
Conditions:
Workaround:
Further Problem Description:
|
|
Last Modified: | 20-AUG-2015 |
|
Known Affected Releases: | 5.3.0.ROUT |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuv97712 | Title: | (S,G) and pim topology flush when RP or group mapping changed |
|
Status: | Open |
|
Severity: | 6 Enhancement |
Description: | Symptom:
ASR9K will flush (*,G) and (S,G)
Conditions:
* Group range changes (e.g. From /32 to summarized /30) and vice versa
* RP changes
Workaround:
none
Further Problem Description:
|
|
Last Modified: | 28-AUG-2015 |
|
Known Affected Releases: | 4.3.4.MCAST |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCut63242 | Title: | embed packet decode for spp packet capture in XR with a utility |
|
Status: * | Other |
|
Severity: | 6 Enhancement |
Description: | Symptom:
Ability to decode SPP packet captures locally within the IOS XR system (ASR9k).
Conditions:
SPP packet capture facility, example use:
packet-trace spp platform protocol arp start-capture count 5 location 0/0/cpu0???
Wed Mar 12 16:28:30.176 EDT
???Sending command: trace filter set 40 1 0x20???Trace filter set for protocol: ARP???
Sending command: trace start 5???
Started capture for 5 packets??? ??? ???Wrote ASCII trace to /tmp/spp_packet_trace_ascii???
Sending command: trace print???
Packet serial 3???client/inject:??? length 110 phys_int_index -1 next_ctx 0xdeadbeef time 16:28:30.512???
00: 00 65 7a 00 00 00 00 70 72 00 00 02 00 5e 00 00??? 10: 80 00 00 00 00 00 0f 8c 40 c1 0c c8 50 00 00 00???
20: 00 00 0d 34 3f ff f2 90 20 04 fe 03 01 04 00 05???
30: 00 00 00 00 5e 00 00 00 00 00 00 00 00 04 00 02???
40: 40 00 10 34 ff ff ff ff ff ff 66 66 44 44 22 22
Workaround:
use a manual decoding after uploading the file to a decoder facility.
Further Problem Description:
|
|
Last Modified: | 03-AUG-2015 |
|
Known Affected Releases: | 5.2.4.BASE |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuw01204 | Title: | "show mfib hardware route" do not show interface information. |
|
Status: | Open |
|
Severity: | 6 Enhancement |
Description: | Symptom:
"show mfib hardware route statistics" miss interface information.
(*,x.x.x.x) RPF nbr: y.y.y.yFlags: C
Up: 1d01h
Incoming Interface List
HundredGigE0/0/0/1 Flags: A NS, Up: 1d01h
Outgoing Interface List
BVI271 Flags: F NS LI, Up: 1d01h
RP/0/RSP1/CPU0:ASR9k-2-1BF# show mfib hardware route statistics x.x.x.x loc 0/0/cpu0
Fri Aug 28 15:27:39.078 UTC
LC Type: Typhoon A9K-2x100GE-TR
--------------------------------------------------------------------------
Legend:
N: NP ID R: Received
F: Forwarded P: Punted to CPU
ID: Ingress Drop ED: Egress Drop
Source: * Group: x.x.x.x Mask:32
-------------------------------------------------------------------------
NP R(packets:bytes)/F(packets:bytes)/P(packets)/ID(packets)/ED(packets)
-------------------------------------------------------------------------
0 0:0 / 0:0 / 0 / 0 / 0
1 0:0 / 0:0 / 0 / 0 / 0
-------------------------------------------------------------------------
Interface Statistics:
-------------------------------------------------------------------------
C Interface F/P/D (packets:bytes)
-------------------------------------------------------------------------
1 None 0:0 / 0:0 / 0:0
-------------------------------------------------------------------------
Conditions:
tbd
Workaround:
n/a
Further Problem Description:
n/a
|
|
Last Modified: | 31-AUG-2015 |
|
Known Affected Releases: | 5.1.3.MCAST |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu26462 | Title: | SSTE: Enhance Netconf Memory utilization |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
1. Higher memory usage to process netconf queries
3. If user performs large number of queries process may hit max memory and get restarted. Which will also exit running netconf sessions.
Enhance Netconf Memory Utilization in the following areas:
1. Check process memory availability before processing NETCONF request
2. Offload NETCONF response memory to a per session process
3. Enhance the memory allocation algorithm
Enhancement should improve Netconf process performance and increase scalability to handle larger size of requests.
Conditions:
Multiple simultaneous netconf requests which will results in large netconf responses.
Workaround:
1. Request netconf unformatted (netconf) requests.
2. Unformatted ("netconf format") requests consume only 1/5th of netconf process memory compared to formatted requests. This will allow system to accommodate more simultaneous requests.
In general this is not an issue unless system polling XR device health, has very slow internet connection which can lead to XR device holding netconf response for longer time.
Further Problem Description:
|
|
Last Modified: | 31-AUG-2015 |
|
Known Affected Releases: * | 5.1.3.BASE, 5.3.0.BASE, 5.3.2.BASE |
|
Known Fixed Releases: | 5.3.2.20i.BASE, 5.3.2.20i.MGBL, 5.3.3.6i.BASE, 5.3.3.6i.MGBL, 6.0.0.12i.BASE, 6.0.0.12i.MGBL |
|
|
| |
2013 Cisco and/or its affiliates. All rights reserved. 
没有评论:
发表评论