Guest

Preview Tool

Cisco Bug: CSCuo69629 - mac-address can't be removed from port-security port configuration

Last Modified

Aug 18, 2017

Products (8)

  • Cisco Nexus 7000 Series Switches
  • Cisco Nexus 7000 10-Slot Switch
  • Cisco Nexus 7000 4-Slot Switch
  • Cisco Nexus 7700 6-Slot Switch
  • Cisco Nexus 7700 18-Slot Switch
  • Cisco Nexus 7000 18-Slot Switch
  • Cisco Nexus 7700 10-Slot Switch
  • Cisco Nexus 7000 9-Slot Switch

Known Affected Releases

6.2(6)

Description (partial)

Symptom:
NXOS is 6.2(6),

1, the initial configuration is such as :
n7k-3(config-if)# sh run int e4/14

!Command: show running-config interface Ethernet4/14
!Time: Wed May  7 10:14:34 2014

version 6.2(6)

interface Ethernet4/14
  switchport
  switchport port-security mac-address 1111.1111.1111     <<<<<<

2, then I enabled the port-security and put it into a none-existed vlan, an error came out.

n7k-3(config-if)#   switchport access vlan 13

n7k-3(config-if)#   switchport port-security
n7k-3(config-if)#   switchport port-security mac-address 1111.1111.1111
ERROR: ACCESS vlan is not in active state

3, however, the configuration is at there, and can't be removed via 'no ' even create vlan 13.
n7k-3(config-if)# sh run int e4/14

version 6.2(6)

interface Ethernet4/14
  switchport
  switchport access vlan 13
  switchport port-security
  switchport port-security mac-address 1111.1111.1111

n7k-3(config-if)# no switchport port-security mac-address 1111.1111.1111
ERROR: ACCESS vlan is not in active state

n7k-3(config)# vlan 13
n7k-3(config-vlan)# exit
n7k-3(config)# int e4/14
n7k-3(config-if)# 
n7k-3(config-if)# no switchport port-security mac-address 1111.1111.1111
n7k-3(config-if)# 
n7k-3(config-if)# 
n7k-3(config-if)# sh run int e4/14

!Command: show running-config interface Ethernet4/14
version 6.2(6)

interface Ethernet4/14
  switchport
  switchport access vlan 13
  switchport port-security
  switchport port-security mac-address 1111.1111.1111

Conditions:
' switchport port-security mac-address xxxx.xxxx.xxxx ' was in  port configuration before putting the port into an non-existed vlan.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.