Cisco Bug: CSCvh77310 - Wrong initial number of DPD incrementing error counter.
Aug 23, 2019
- Cisco IOS
Known Affected Releases
Symptom: Wrong initial number of DPD incrementing error counter. ISAKMP-ERROR: (1008):DPD incrementing error counter (6/5) Conditions: It appears the below scenario. ** conn-ids are sample ** a) Recovered DPD error for old ISAKMP SA (1007). Recover timing is veri important !! It is after DPD incrementing error counter over 5/5 and "retransmit phase 2" does not exceeded 5. ** DPD error was caused by link down between L2SW#1 and L2SW#2. So, the below log indicate response packet for QM_IDLE. ISAKMP-PAK: (1007):received packet from <IP_Addr of opposite device> dport 500 sport 500 Global (I) QM_IDLE b) Made new ISAKMP SA (1008) for same peer by rekey. c) Hapned DPD error for new ISAKMP SA (1008). ** DPD error was caused by link down between L2SW#1 and L2SW#2. IOS : 15.5(3)S5 Topology: [ISR4331#1]---[L2SW#1]---[L2SW#2]---[ISR4331#2]
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases