Preview Tool

Cisco Bug: CSCvh99414 - NFE failure causes Snort to constantly restart

Last Modified

Oct 03, 2019

Products (32)

  • Cisco Firepower Management Center
  • Cisco FirePOWER Appliance 8120
  • Cisco Firepower Management Center 2500
  • Cisco FirePOWER Appliance 8260
  • Cisco FirePOWER Appliance 7050
  • Cisco FirePOWER Appliance 8360
  • Cisco FirePOWER Appliance 8350
  • Cisco FirePOWER Appliance 8130
  • Cisco FirePOWER Appliance 8140
  • Cisco AMP 7150
View all products in Bug Search Tool Login Required

Known Affected Releases

5.4.0 6.0.1 6.1.0 6.2.0 6.2.2

Description (partial)

NFE errors occur (see below) and Snort constantly restarts (NFE firmware is in a bad state causing Snort registration with NFE to always fail)

Dec 7 02:38:43 EPB-SLP-CRSLPOTOSI-IPS-7020-1 kernel: nfemsg: _register_host_id():555:ERROR: Host ID[0, 1,0] not available
Dec 7 02:38:43 EPB-SLP-CRSLPOTOSI-IPS-7020-1 kernel: nfemsg: _unlocked_ioctl():1671:ERROR: Registration of IA[1,0] failed
Dec 7 02:38:43 EPB-SLP-CRSLPOTOSI-IPS-7020-1 snort[7412]: FATAL ERROR: Can't start DAQ (-1) - NFM: NFD Error!

Have only seen this failure on Firepower 7010, Firepower 7020, Firepower 7030 sensor platforms.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.