Guest

Preview Tool

Cisco Bug: CSCvh99414 - NFE failure causes Snort to constantly restart

Last Modified

Jul 25, 2019

Products (32)

  • Cisco Firepower Management Center
  • Cisco FirePOWER Appliance 8120
  • Cisco Firepower Management Center 2500
  • Cisco FirePOWER Appliance 8260
  • Cisco FirePOWER Appliance 7050
  • Cisco FirePOWER Appliance 8360
  • Cisco FirePOWER Appliance 8350
  • Cisco FirePOWER Appliance 8130
  • Cisco FirePOWER Appliance 8140
  • Cisco AMP 7150
View all products in Bug Search Tool Login Required

Known Affected Releases

5.4.0 6.0.1 6.1.0 6.2.0 6.2.2

Description (partial)

Symptom:
NFE errors occur (see below) and Snort constantly restarts (NFE firmware is in a bad state causing Snort registration with NFE to always fail)

Dec 7 02:38:43 EPB-SLP-CRSLPOTOSI-IPS-7020-1 kernel: nfemsg: _register_host_id():555:ERROR: Host ID[0, 1,0] not available
Dec 7 02:38:43 EPB-SLP-CRSLPOTOSI-IPS-7020-1 kernel: nfemsg: _unlocked_ioctl():1671:ERROR: Registration of IA[1,0] failed
Dec 7 02:38:43 EPB-SLP-CRSLPOTOSI-IPS-7020-1 snort[7412]: FATAL ERROR: Can't start DAQ (-1) - NFM: NFD Error!

Conditions:
Have only seen this failure on Firepower 7010, Firepower 7020, Firepower 7030 sensor platforms.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.