Guest

Preview Tool

Cisco Bug: CSCsz73125 - TACACS configuration changes may lead to crashing boot loop

Last Modified

May 01, 2015

Products (3)

  • Cisco Nexus 5000 Series Switches
  • Cisco Nexus 5020 Switch
  • Cisco Nexus 5010 Switch

Known Affected Releases

4.0(1a)N2(1) 4.1(3)N1(1)

Description (partial)

Symptom:
When a Nexus5000 boots, it may encounter an error in TACACS+ daemon where it could not recover PSS

Output:
Booting kickstart image: bootflash:/n5000-uk9-kickstart.4.0.1a.N2.1.bin....
..................................................................Image verific
ation OK
Starting kernel...
Usage: init 0123456SsQqAaBbCcUu
INIT: version 2.85 booting
Starting Nexus5010 POST...
  Executing Mod 1 1 SEEPROM Test......done
  Executing Mod 1 1 GigE Port Test......
.done
  Executing Mod 1 1 Inband GigE Test.....done
  Executing Mod 1 1 NVRAM Test....done
  Executing Mod 1 1 PCIE Test..............................done
  Mod 1 1 Post Completed Successfully
  Mod 2 Post Completed Successfully
POST is completed
Creating /callhome..
Mounting /callhome..
Creating /callhome done.
Callhome spool file system init done.
Checking all filesystems..... done.
.
Loading system software
Uncompressing system image: bootflash:/n5000-uk9.4.0.1a.N2.1.bin
Loading plugin 0: core_plugin...
plugin_link_to_exec_path: plugin_path = /isan/plugin/0, tar_log = /isan/plugin_extract_log/0
Loading plugin 1: eth_plugin...
plugin_link_to_exec_path: plugin_path = /isan/plugin/1, tar_log = /isan/plugin_extract_log/1
plugin_file_is_excluded_from_exec_path: /boot/ is excluded from linking
plugin_file_is_excluded_from_exec_path: /boot/etc/ is excluded from linking
plugin_file_is_excluded_from_exec_path: /boot/etc/plugin_exclude.conf is excluded from linking
plugin_file_is_excluded_from_exec_path: /boot/lib/ is excluded from linking
plugin_file_is_excluded_from_exec_path: /boot/lib/libplugin_sysreg.so is excluded from linking
plugin_file_is_excluded_from_exec_path: /boot/lib/libplugin_sysreg.so.0 is excluded from linking
plugin_file_is_excluded_from_exec_path: /boot/lib/libplugin_sysreg.so.0.0.0 is excluded from linking
plugin_file_is_excluded_from_exec_path: /boot/ is excluded from linking
plugin_file_is_excluded_from_exec_path: /boot/etc/ is excluded from linking
plugin_file_is_excluded_from_exec_path: /boot/etc/plugin_exclude.conf is excluded from linking
plugin_file_is_excluded_from_exec_path: /boot/lib/ is excluded from linking
plugin_file_is_excluded_from_exec_path: /boot/lib/libplugin_sysreg.so is excluded from linking
plugin_file_is_excluded_from_exec_path: /boot/lib/libplugin_sysreg.so.0 is excluded from linking
plugin_file_is_excluded_from_exec_path: /boot/lib/libplugin_sysreg.so.0.0.0 is excluded from linking
Loading plugin 2: fc_plugin...
INIT: Entering runlevel: 3plugin_path = /isan/plugin/2, tar_log = /isan/plug
Exporting directories for NFS kernel daemon...done.
Starting NFS kernel daemon:rpc.nfsd.
rpc.mountddone.
Setting envvar: SYSMGR_SERVICE_NAME to muxif_service
Set envvar SYSMGR_SERVICE_NAME to muxif_service
/isan/bin/muxif_config: argc:2
muxif_init....vacl: ret: 0
Set name-type for VLAN subsystem. Should be visible in /proc/net/vlan/config
Added VLAN with VID == 4042 to IF -:muxif:-
pss_store_sys_list: handle 0x831b188 vdc 1 err 0x0
2009 May  4 09:38:51 AMS_Nexus5010 %$ VDC-1 %$ %KERN-2-SYSTEM_MSG: Starting kernel... - kernel
2009 May  4 09:39:08 AMS_Nexus5010 %$ VDC-1 %$  %USER-2-SYSTEM_MSG: <<%TACACS-2-TACACS_PROGRAM_EXIT>> TACACS+ daemon exiting: could not recover pss    - tacacsd
2009 May  4 09:39:08 AMS_Nexus5010 %$ VDC-1 %$ %SYSMGR-2-REDSTATE_SETFAILED: Failed to set redundancy state: ret_val (-1).
2009 May  4 09:39:08 AMS_Nexus5010 %$ VDC-1 %$ %SYSMGR-2-HANDSHAKE_FAILED: Hands writing reset reason 16, Service "Tacacs Daemon" in vdc 1 has had a hap failure
hake with service "rib" in vdc 1 failed since send failed: No route to host (error-id 0x801E0071).

Conditions:
Some amount of configuration changes have been made, and then a reload is issued.  The exact commands are unknown at this time.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.