Guest

Preview Tool

Cisco Bug: CSCvi22670 - With VXLAN and VPC - IPV6 RA that is leaving the Nexus CPU is not making it out of the egress port.

Last Modified

Oct 09, 2019

Products (48)

  • Cisco Nexus 9000 Series Switches
  • Cisco Nexus 9516 Switch
  • Cisco Nexus 3548 Switch
  • Cisco Nexus 3548-X Switch
  • Cisco Nexus 9396PX Switch
  • Cisco Nexus 31108TC-V Switch
  • Cisco Nexus 92304QC Switch
  • Cisco Nexus 92160YC-X Switch
  • Cisco Nexus 93108TC-FX Switch
  • Cisco Nexus 9396TX Switch
View all products in Bug Search Tool Login Required

Known Affected Releases

7.0(3)I7(2)

Description (partial)

Symptom:
IVP6 with VPC and VXLAN is involved - IPV6 RA that is leaving the Nexus CPU ( seen in ethanalyzer) is not making it out of the egress port.

SWA#
interface Vlan100
  no shutdown
  vrf member externals
  no ip redirects
  ip address 192.158.67.193/26
  ipv6 address xx00:cb00:36:1030::1/64———————>Same on both peers: anycast gateway.
  ipv6 nd prefix xx00:cb00:36:1030::/64 2592000 0
  no ipv6 redirects
  fabric forwarding mode anycast-gateway
  ip dhcp relay address 192.158.65.252 use-vrf default
  ip dhcp relay source-interface loopback0



SWA# sh ipv6 nd interf vl 100
ICMPv6 ND Interfaces for VRF "externals"
Vlan100, Interface status: protocol-up/link-up/admin-up
  IPv6 address:
    xx00:cb00:36:1030::1/64 [VALID]
  IPv6 link-local address: fe80::2cf:5cff:fea1:ab1e [VALID]
  ND mac-extract : Disabled
  ICMPv6 active timers:
      Last Neighbor-Solicitation sent: 00:00:51
      Last Neighbor-Advertisement sent: 00:00:01
      Last Router-Advertisement sent: 00:00:46
      Next Router-Advertisement sent in: 00:04:19
  Router-Advertisement parameters:
      Periodic interval: 200 to 600 seconds
      Send "Managed Address Configuration" flag: false
      Send "Other Stateful Configuration" flag: false
      Send "Default Router Preference" value: Medium
      Send "Current Hop Limit" field: 64
      Send "MTU" option value: 1500
      Send "Router Lifetime" field: 1800 secs
      Send "Reachable Time" field: 0 ms
      Send "Retrans Timer" field: 0 ms
      Suppress RA: Disabled
      Suppress MTU in RA: Disabled
      Suppress Route Information Option in RA: Disabled
  Neighbor-Solicitation parameters:
      NS retransmit interval: 1000 ms
      ND NUD retry base: 1
      ND NUD retry interval: 1000
      ND NUD retry attempts: 3
  ICMPv6 error message parameters:
      Send redirects: false (1)
      Send unreachables: false
  ICMPv6 DAD parameters:
      Maximum DAD attempts: 1


L3VNI :


interface Vlan1100
  no shutdown
  vrf member externals
  no ip redirects
  ip forward
  ipv6 forward
  no ipv6 redirects



Ethanalyzer captures which shows the IPV6 RA leaving the switch CPU :

SWA#  ethanalyzer  local  interface  inband display-filter "icmpv6.type == 134 and eth.addr ==  33:33:00:00:00:01" limit-captured-frames 0

Capturing on inband

2018-01-25 20:35:45.212953 fe80::2cf:5cff:fea1:ab1e -> ff02::1      ICMPv6 Router advertisement
2018-01-25 20:41:40.219564 fe80::2cf:5cff:fea1:ab1e -> ff02::1      ICMPv6 Router advertisement


Detailed packet :


SWA# ethanalyzer  local  interface  inband display-filter "icmpv6.type == 134 and eth.addr ==  33:33:00:00:00:01" limit-captured-frames 0 de



Frame 28995 (118 bytes on wire, 118 bytes captured)
    Arrival Time: Jan 25, 2018 20:00:52.183181000
    [Time delta from previous captured frame: 0.002482000 seconds]
    [Time delta from previous displayed frame: 161.550372000 seconds]
    [Time since reference or first frame: 237.311918000 seconds]
    Frame Number: 28995
    Frame Length: 118 bytes
    Capture Length: 118 bytes
    [Frame is marked: False]
    [Protocols in frame: eth:ipv6:icmpv6]
Ethernet II, Src: 00:cf:5c:a1:ab:1e (00:cf:5c:a1:ab:1e), Dst: 33:33:00:00:00:01 (33:33:00:00:00:01)
    Destination: 33:33:00:00:00:01 (33:33:00:00:00:01)
        Address: 33:33:00:00:00:01 (33:33:00:00:00:01)
        .... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast)
        .... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
    Source: 00:cf:5c:a1:ab:1e (00:cf:5c:a1:ab:1e)
        Address: 00:cf:5c:a1:ab:1e (00:cf:5c:a1:ab:1e)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
    Type: IPv6 (0x86dd)
Internet Protocol Version 6
    0110 .... = Version: 6
        [0110 .... = This field makes the filter "ip.version == 6" possible: 6]
    .... 1110 0000 .... .... .... .... .... = Traffic class: 0x000000e0
    .... .... .... 0000 0000 0000 0000 0000 = Flowlabel: 0x00000000
    Payload length: 64
    Next header: ICMPv6 (0x3a)
    Hop limit: 255
    Source: fe80::2cf:5cff:fea1:ab1e (fe80::2cf:5cff:fea1:ab1e)
    Destination: ff02::1 (ff02::1)
Internet Control Message Protocol v6
    Type: 134 (Router advertisement)
    Code: 0
    Checksum: 0x46a9 [correct]
    Cur hop limit: 64
    Flags: 0x00
        0... .... = Not managed
        .0.. .... = Not other
        ..0. .... = Not Home Agent
        ...0 0... = Router preference: Medium
    Router lifetime: 1800
    Reachable time: 0
    Retrans timer: 0
    ICMPv6 Option (Source link-layer address)
        Type: Source link-layer address (1)
        Length: 8
        Link-layer address: 00:cf:5c:a1:ab:1e
    ICMPv6 Option (Prefix information)
        Type: Prefix information (3)
        Length: 32
        Prefix length: 64
        Flags: 0xc0
            1... .... = Onlink
            .1.. .... = Auto
            ..0. .... = Not router address
            ...0 .... = Not site prefix
        Valid lifetime: 2592000
        Preferred lifetime: 0
        Prefix: 2400:cb00:36:1030::
    ICMPv6 Option (MTU)
        Type: MTU (5)
        Length: 8
        MTU: 1500



</Snip>



This packet does not reach the connected host. Could not see this packet in the span captures taken on the egress port which implies that this packet is not leaving the switch.

Conditions:
IVP6 with VPC and VXLAN is involved
Issue seen on :
Platform : N9K-C93180YC-EX
Version : 7.0(3)I7(2)
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.