Guest

Preview Tool

Cisco Bug: CSCun89683 - F2 IPv4 Adjacency mis-programmed

Last Modified

Nov 27, 2020

Products (5)

  • CiscoPro Workgroup EtherSwitch Software
  • Cisco Nexus 7000 10-Slot Switch
  • Cisco Nexus 7000 4-Slot Switch
  • Cisco Nexus 7000 18-Slot Switch
  • Cisco Nexus 7000 9-Slot Switch

Known Affected Releases

6.1(2)

Description (partial)

Symptom:
Routed traffic on an F2/F2E module is sent to a drop index.  This may occur on a subset of modules or subset of forwarding engines (FE's).  While in the broken condition, the adjacency table will be programmed with an invalid logical interface (LIF).  For example:

n7k# show system internal forwarding ipv4 route 10.1.1.100 module 3
Routes for table default/base

----+---------------------+----------+----------+-----------
Dev | Prefix              | PfxIndex | AdjIndex | LIF       
----+---------------------+----------+----------+-----------
  0   10.1.1.100/32           0xcc6       0x5a    0xfca   <-- hw adj 0x5a, LIF 0xfca (invalid)
 ...
 10   10.1.1.100/32           0xcc6       0x5b    0x1b   
 11   10.1.1.100/32           0xcc6       0x5b    0xfca 


Any LIF between 0xfc8 and 0xfde would be considered invalid for an adjacency index.  This can be further verified by dumping the adjacency entry (note the 'Drop' value beside the LIF)

n7k# show system internal forwarding adjacency entry 0x5a module 3 instance 0 detail 
Device: 0   Index: 0x5a      DMAC: 0050.01af.00aa SMAC: 8478.ac0c.7b46 
            LIF: 0xfca (Drop) DI: 0x0     ccc: 4   L2_FWD: NO  RDT: NO  
            packets: 0   bytes: 0   zone enforce: 0

Conditions:
This is specific to Nexus7000 F2 modules with Private VLANs.  A primary PVLAN is susceptible to this issue if a secondary VLAN is associated while the secondary is in a forwarding status.  Once susceptible, a link flap carrying the primary or secondary VLAN can trigger the issue.

A module reload may also trigger the issue on the PVLAN.

This issue will not affect normal VLANs
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.