| |
|
Alert Type: | Updated * |
Bug Id: | CSCuj69596 | Title: | fman crash at cpp_l2mcast_lib with VPLS on CSR |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: * | Symptom:
fman and ucode crash on CSR
Conditions:
Configuration and use of VPLS
Workaround:
None
|
|
Last Modified: | 11-DEC-2015 |
|
Known Affected Releases: * | 15.3(3)S, 15.4(1)S |
|
Known Fixed Releases: | 15.3(3)S2, 15.3(3)S2a, 15.3(3)S2t, 15.4(1)S |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuw02238 | Title: | CSR1KV, AVC: csr1kv crash when "show run | format" is run |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
router crash
Conditions:
AVC is configured.
AVC related config:
performance monitor context APIC-EM profile application-experience
traffic-monitor application-response-time
traffic-monitor media
Workaround:
N/A
Further Problem Description:
|
|
Last Modified: | 23-DEC-2015 |
|
Known Affected Releases: | 15.5(3)S0.5 |
|
Known Fixed Releases: * | 15.5(3)S1.1, 15.6(0.22)S0.9, 15.6(1.10)T, 15.6(1.10)T0.1 |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuq12347 | Title: | CSR1000v/ASR1001-x - Memory leak in CPP HA due to Throughput Monitor |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: * | Symptom:
A CSR1000v router may experience a memory leak. This will generally first manifest itself as syslog warnings:
Jan 01 02:34:56.789: %PLATFORM-4-ELEMENT_WARNING: F0: smand: RP/0: Committed Memory value 97% exceeds warning level 95%
The cpp_ha_top_level_server process is found to be consuming a slowly incrementing quantity of memory.
CSR1000v#show platform software process list RP active sort memory
Name Pid PPid Group Id Status Priority Size
------------------------------------------------------------------------------
linux_iosd-imag 15401 15105 15401 S 20 2352599040
fman_fp_image 20166 19684 20166 S 20 1558065152
cpp_cp_svr 18962 18243 18962 S 20 1271418880
cpp_ha_top_leve 19612 19071 19612 S 20 1180131328 <-----------
fman_rp 14687 13973 14687 S 20 876077056
qfp-ucode-csr 20659 20224 20659 S 20 764862464
"CPP HA", which is a subset of the cpp_ha_top_level_server process, shows a large difference between "Allocations" and "Frees" which increases over time.
CSR1000v#show platform software memory qfp-ha-server qfp active | begin CPP HA
Module: CPP HA
allocated: 507327220, requested: 501167108, overhead: 6160112 <-------------- "Allocated" slowly increases over time
Allocations: 781851, failed: 0, frees: 396844 <-------------- Note large delta between "Allocations" and "frees"
Conditions:
Platform throughput monitor is enabled.
CSR1000v#show platform hardware throughput-monitor parameters
Throughput monitor parameters
Throughput monitor threshold: 95 percent
Throughput monitor interval: 300 seconds
Throughput monitor status: enabled <---------------
Workaround:
Once memory is leaked, the device must be reloaded to recover it. In order to stop any additional memory from leaking, disable platform throughput monitor. This is not service impacting, but the device will no longer produce a syslog alert should the aggregate device throughput approach the licensed limit.
CSR1000V#set platform hardware throughput-monitor disable
CSR1000v#show platform hardware throughput-monitor parameters
Throughput monitor parameters
Throughput monitor threshold: 95 percent
Throughput monitor interval: 300 seconds
Throughput monitor status: disabled <---------------
Note that this command will not persist across a reload, so it will be necessary to re-apply the command each time the device is rebooted.
Further Problem Description:
|
|
Last Modified: | 29-DEC-2015 |
|
Known Affected Releases: | 15.4(3)S |
|
Known Fixed Releases: | 15.4(3)S1, 15.5(1)S |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuh49807 | Title: | Ipsec tunnel does not pass traffic with MD5 hashing |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: * | Symptom:
IPsec transform set with esp-md5-hmac is not supported in this release.
When esp-md5-hmac is used, though the IPsec tunnel is established, traffic
can not pass through the tunnel. Inbound traffic will be dropped with HMAC
error. Outbound traffic will reach to the peer, but will be dropped by the peer
with HMAC error.
Error message : %IOSXE-3-PLATFORM: F0: cpp_cp: QFP:0.0 Thread:000 TS:00000002356612773534 %IPSEC-3-HMAC_ERROR: IPSec SA receives HMAC error, DP Handle 5, src_addr 60.0.0.2, dest_addr 60.0.0.1, SPI 0xb98e9ee1
Conditions:
Whenever esp-md5-hmac is used in an IPsec transform set.
Workaround:
Use esp-sha-hmac, not use esp-md5-hmac.
More Info:
|
|
Last Modified: | 11-DEC-2015 |
|
Known Affected Releases: | 15.3(3)S |
|
Known Fixed Releases: | 15.3(3)S1, 15.4(1)S |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCui61450 | Title: | Ucode crash on CSR with NAT64 config |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: * | Symptom:
CSR crashes on configuring nat64 under vrf with ipsec tunnel protection
Conditions:
Crash on configuring nat64 under vrf with ipsec tunnel protection
Workaround:
do not configure nat64 under vrf with ipsec tunnel protection
Further Problem Description:
|
|
Last Modified: | 11-DEC-2015 |
|
Known Affected Releases: | 15.4(1)S |
|
Known Fixed Releases: | 15.4(1)S |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux36807 | Title: | csr_mgmt container outgoing traffic evaluated by incorrect ACL |
|
Status: | Open |
|
Severity: | 4 Minor |
Description: * | Symptom:
Outgoing traffic from csr_mgmt container is not leaving the CSR
Conditions:
There is an inbound ACL applied on the Gigabitethernet interface used to route the outgoing traffic.
Workaround:
- allow the traffic on the inbound ACL also
Further Problem Description:
The outgoing traffic is evaluated by both inbound and outbound ACL on the Gigabitethernet interface instead of only outbound ACL.
|
|
Last Modified: | 10-DEC-2015 |
|
Known Affected Releases: | 15.5(2)S |
|
Known Fixed Releases: | |
|
|
| |
:
2015 Cisco and/or its affiliates. All rights reserved. 
没有评论:
发表评论