Guest

Preview Tool

Cisco Bug: CSCur15716 - GETVPN: GDOI Event Trace issues on KS

Last Modified

Aug 15, 2017

Products (18)

  • Cisco IOS
  • Cisco ASR 901-6CZ-F-D Router
  • Cisco ME 3600X-24TS-M Switch
  • Cisco ASR 901S-4SG-F-D Router
  • Cisco ASR 901-4C-FT-D Router
  • Cisco ASR 901S-2SG-F-AH Router
  • Cisco ASR 901-6CZ-F-A Router
  • Cisco ASR 901S-2SG-F-D Router
  • Cisco ASR 901-6CZ-FT-A Router
  • Cisco ASR 901-12C-FT-D Router
View all products in Bug Search Tool Login Required

Known Affected Releases

15.4(1)S 15.4(1)S2

Description (partial)

Symptom:
This is a bug to address following GDOI event trace issues on GETVPN KS:

1. TEK entries are repetitive (infra events) - each entry is repeated 30-40 times, which looks like its one for every acl entry. We can aggregate this to one entry, since the duplicates does not do any good, and potentially take up buffer space.
2. The infra events entries can be mapped to a getvpn group to make it more relavant
3. KS re-election events refers the elected KS and local KS addresses as 0.0.0.0
4. Following seems garbage, either make it more elaborative or remove it:
KS_POLICY_NOT_FOUND:KS policy from KS node failed
5. Following is an event when one of the KS is elected as a primary, we can add a word in the event like "primary" to clarify that the ip address mentioned in the event is elected as a primary.
Oct  6 12:53:46.284: GDOI_COOP_EVENT: KS_STATUS_CHANGED: KS 172.27.98.134 Group GetvpnGrp2
6. The TEK entries should be in Hex for quick comparisons during troubleshooting. Also it shows singed number, it should be an unsigned integer.

Conditions:
Using GDOI event trace for troubleshooting GETVPN issues
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.