Guest

Preview Tool

Cisco Bug: CSCut44057 - Raise faults when packets dropped by ACI reached a specific threshold

Last Modified

May 05, 2016

Products (1)

  • Cisco LAN Switch Software

Known Affected Releases

11.0(2)

Description (partial)

Symptom:
1. The destination endpoint is not known by source leaf, then the packet is sent to spine for proxy lookup, since spine does not know that destination (silent host for example), the packet would get dropped by the spine.
2. The source leaf sends the packet to spine for proxy lookup, when the packet arrived at destination leaf, due to policy failing to be programmed (eg: TCAM full or ACLQOS abort during the verification phase), the destination leaf is not able to apply the relevant policy either. Therefore the packet get dropped by the destination leaf.

For the scenarios given above, the symptom could be intermittent packet drops like the issue we saw at Symantec, however the underlying problem was not easily determined until the assistance of Engineering. If we could trigger some fault from the destination leaf, we could speed up the troubleshooting process and providing quicker resolution to the customer. This would provide benefit to both the customer and Cisco TAC.

Example faults that should be raised after crossing a configurable threshold:

* Fault XXXX (for scenario 1), there are 100 packets dropped for destination IP x.x.x.x by spine XXX due to no endpoint info available from COOP/EndPoint Database.
* Fault XXXX (for scenario 2), there are 16 packets dropped for destination IP x.x.x.x by leaf XXX due to no policy applied by source leaf XXX and destination leaf XXX

Conditions:
Hardware Proxy = Enabled
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.