Guest

Preview Tool

Cisco Bug: CSCuo28747 - N5K/6K: FWM core during ISSU

Last Modified

Jun 02, 2020

Products (12)

  • Cisco Nexus 6000 Series Switches
  • Cisco Nexus 5548P Switch
  • Cisco Nexus 5596UP Switch
  • Cisco Nexus 5624Q Switch
  • Cisco Nexus 6004 Switch
  • Cisco Nexus 5672UP Switch
  • Cisco Nexus 6001 Switch
  • Cisco Nexus 56128P Switch
  • Cisco Nexus 5548UP Switch
  • Cisco Nexus 5696Q Switch
View all products in Bug Search Tool Login Required

Known Affected Releases

7.0(1)N1(1) 7.1(0)N1(1) 7.1(1)N1(1) 7.2(0)N1(0.2) 7.2(0)N1(0.231)

Description (partial)

Symptom:A Nexus 5K/6K switch may experience FWM crash upon ND-ISSU in NX-OS 7.x.
This crash may be seen when we already have a 7.x image which is upgraded from either 5.x/6.x and are now trying to perform a Non-Disruptive ISSU to any post 7.0(0)N1(1) image.

Further Problem Description:
Point of crash - During pss restore - fwm pss: ip multicast sg entry exists.
This bug gets triggered due to duplicate multicast entries in PSS during first ISSU to 7.x release.
Origin of issue - Iluka. The issue was introduced in 7.0(0)N1(1)


Conditions:FWM crash may be seen when a double step ISSU is performed on Nexus 5K/6K switches from a 5.x/6.x release to a 7.x and then another ISSU to a subsequent 7.0/7.1/7.2 release. This crash is seen only when multicast traffic/groups is present in the setup. This crash is not applicable to those customers who are running only unicast/broadcast traffic.

Possible upgrade scenarios 
Following is a detailed list of scenarios in which this bug may/maynot be seen:
Scenario 1: Customer is currently using 5.x/6.x release and upgrading to 5.x+/6.x+ 
No issue.

Scenario 2: Customer is currently using 5.x/6.x release and upgrading to 7.0(x)/7.1(x)  
The issue will not affect customers topology until and unless they upgrade to 7.0(x)/7.1(x). After the upgrade, Check whether the Switch has the issue from the CLI mentioned below [Section More-Info]. If the issue exists, Refer to Workaround or upgrade options [Section Workaround] mentioned below, based on customers agreement. 

Scenario 3: Customer is currently using 5.x/6.x release and upgrading to 7.2(0)N1(1)-
In this case ND-ISSU is not supported. So this issue will not be seen.
But due to a limitation with Disruptive upgrade between 5.x/6.x to 7.2(0)N1(1) (Limitation - A direct upgrade between these images will lead to loss/mismatch of breakout configs), the customer should perform the upgrade by doing a fresh installation of 7.2(0)N1(1) - Write erase and reload freshly with 7.2(0)N1(1) image. Once the switch is up, reconfigure the switch with previous configs.

Scenario 4: Customer is currently using 7.0(2)N1(1) - 7.0(5)N1(1), has already performed Step1 ISSU(from 5.x/6.x to 7.x) and is now upgrading to higher 7.0(x)+/7.1(x)+ 
Check whether the Switch has the issue from the CLI mentioned below [Section More-Info]. If the issue exists, then ND ISSU will lead to crash. Refer to Workaround or upgrade options [Section Workaround] mentioned below, based on customers agreement.

Scenario 5: Customer is currently using 7.0(2)N1(1) - 7.0(5)N1(1),  has already performed Step1 ISSU(from 5.x/6.x to 7.x) and is now upgrading to 7.2(0)N1(1) 
In this case ND-ISSU is not supported. So this issue will not be seen.
But due to a limitation with Disruptive upgrade between 5.x/6.x to 7.2(0)N1(1) (A direct upgrade between these images will lead to loss/mismatch of breakout configs), the customer should perform the upgrade by doing a fresh installation of 7.2(0)N1(1) - Write erase and reload freshly with 7.2(0)N1(1) image. Once the switch is up, reconfigure the switch with previous configs.

Scenario 6: Customer is currently using 7.0(6)N1(1) or 7.1(0)N1(1), has already performed Step1 ISSU(from 5.x/6.x to 7.x) and is now upgrading to higher 7.x+:
Check whether the Switch has the issue from the CLI mentioned below [Section More-Info]. If the issue exists, then ND-ISSU will lead to crash. Refer to Workaround or upgrade options[Section Workaround] mentioned below.

Scenario 7: Customer has started from 7.x release and upgrading to 7.x+ (7.1.x +)
The issue will not be seen on the switch, if the customer has been using 7.x from the beginning and was not using 5.x/6.x before.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.