Guest

Preview Tool

Cisco Bug: CSCvi50709 - KK-MR3: port-security mac added as "PEER_STATIC" on vPC primary and causes traffic failure

Last Modified

Apr 27, 2018

Products (1)

  • Cisco Nexus 6000 Series Switches

Known Affected Releases

7.3(3)N1(0.595)

Description (partial)

Symptom:
On a system with port-security enabled, traffic loss may be observed when static secure mac addresses are configured on vpc pair.

Conditions:
VPC switch reload on both peers sequentially, first on primary followed by secondary switch.

Use below command to check whether mac address is missing on secondary vpc peer and on primary vpc peer, the mac is incorrectly added as  PEER_STATIC (instead of STATIC) :

show port-security address interface <interface name>

Example :
N5K-LEAF3(config)# show vpc role 

vPC Role status
----------------------------------------------------
vPC+ role                       : primary                       
Dual Active Detection Status    : 0
vPC system-mac                  : 00:23:04:ee:c0:26             
vPC system-priority             : 32667
vPC local system-mac            : 00:2a:6a:25:3b:81             
vPC local role-priority         : 32667
N5K-LEAF3(config)# 

N5K-LEAF3(config)# show port-security address interface port-channel 700

----------------------------------------------------------------------
                    Secure Mac Address Table
----------------------------------------------------------------------
Vlan    Mac Address    Type      Remaining  Remotely Remotely Ports
                                 age        learnt   aged
                                 (mins)              out
----    -----------   ------     ------     -------  -----    ----
1114   5802.0100.0001 PEER_STATIC  0          Yes      No     port-channel700  << Should be STATIC instead of PEER_STATIC
----------------------------------------------------------------------
N5K-LEAF3(config)#
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.