Guest

Preview Tool

Cisco Bug: CSCvh99329 - N7k-GOLF -8.1.1 Encaped traffic from unknown peer not getting decapsulated

Last Modified

Sep 14, 2019

Products (1)

  • Cisco MDS 9000 NX-OS and SAN-OS Software

Known Affected Releases

8.1(1)

Description (partial)

Symptom:
N7k acting as a GOLF router is unable to decap traffic from unknown peer.

Elam show the received encap packet from unknown peer are hitting drop adjacency as the redirect ACL is mis programmed to deny packet from unknown peer instead of redirecting it.

INSTANCE 0x3
---------------

  Tcam 0 resource usage:
  ----------------------
  Label_a = 0x200
   Bank 0
   ------
     IPv4 Class
       Policies: SPM NVE() 
       Netflow profile: 0
       Netflow deny profile: 0
       Entries: 
         [Index] Entry [Stats]
         ---------------------
  [0014:000a:000a] prec 2 redirect(0x76) udp 10.91.0.34/32 0.0.0.0/0 eq 48879 flow-label 48879   [0]
  [0015:000b:000b] prec 2 redirect(0x72) udp 10.90.0.34/32 0.0.0.0/0 eq 48879 flow-label 48879   [0]
  [0016:000c:000c] prec 2 deny udp 10.48.254.201/32 224.0.0.0/4 eq 48879 flow-label 48879   [0]
  [001b:0011:0011] prec 2 deny udp 0.0.0.0/0 0.0.0.0/0 eq 48879 flow-label 48879   [326263]<<<<<<<<<<<< should be redirect instead of deny
  [001c:0012:0012] prec 2 permit ip 0.0.0.0/0 0.0.0.0/0   [7717]

Nve event history trace show that fwd_mode is disable.

324) Event:E_DEBUG, length:102, at 230799 usecs after Tue Feb 13 23:54:51 2018
    [110] [17374]: nve_pd_n7k_acl_add_default_mapairs(264): TRACE:i/f: nve1 fwd_mode: disable i/f type: CP <<<<  should be enable.

Conditions:
N7k running 8.1.1

Configure NVE in following sequence

nterface nve1
  no shutdown
  source-interface loopback0

Wait for few seconds and quickly configure below CLI's 

  host-reachability protocol bgp
  unknown-peer-forwarding enable
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.