Guest

Preview Tool

Cisco Bug: CSCvs04363 - VPN label is changing upon vEdge reboot

Last Modified

Apr 22, 2020

Products (2)

  • Cisco vEdge Router
  • Cisco vEdge Router Model

Known Affected Releases

18.3.3

Description (partial)

Symptom:
When the box is rebooting after the ZTP, the VPN in the box is coming up with different omp label than it previously had. It had omp label-db as 1003 before reboot, after reboot omp label changed to 1002.
Before reboot:
TESTBR1# show internal omp label-db
================================
            LABEL DB
===============================
Originator: 200.2.104.3, vpn-id: 2, label: 1003, ref-count: 3TESTBR1#  
 
After reboot:
TESTBR1# show internal omp label-db
================================
            LABEL DB
================================
Originator: 200.2.104.3, vpn-id: 2, label: 1002, ref-count: 3TESTBR1#

Conditions:
During both the times we noticed that there are cflowd flows having egress interface as CPU under vpn 512. We counted the number of packets that are in those flows and we were able to match it with ?ip_fwd_null_nhop:?. The traffic that is coming over the tunnel is dropped due to null hop. We suspect it is because of new omp label that is being updated across vSmarts and vedges.This counter stops as soon as issue is resolved.
TESTBR1# show app cflowd flows  | tab
 
                                                            TCP                                                                             TIME    EGRESS    INGRESS      
                                   SRC   DEST        IP     CNTRL  ICMP                   TOTAL  TOTAL  MIN  MAX                            TO      INTF      INTF     APP 
VPN  SRC IP          DEST IP       PORT  PORT  DSCP  PROTO  BITS   OPCODE  NHOP IP        PKTS   BYTES  LEN  LEN  START TIME                EXPIRE  NAME      NAME     ID  
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
2    20.2.104.3      20.23.41.1    123   123   46    17     0      0       121.253.242.2  1      94     94   94   Fri Nov  8 10:15:20 2019  38      ge0/5.15  cpu      0   
2    20.2.104.3      20.23.42.1    123   123   46    17     0      0       121.253.242.6  1      94     94   94   Fri Nov  8 10:15:26 2019  44      ge0/5.15  cpu      0   
2    112.107.220.15  20.2.104.100  0     0     0     1      0      0       20.2.104.100   37     2220   60   60   Fri Nov  8 10:14:59 2019  59      ge0/7     ge0/0    0   
512  8.8.8.8         20.2.104.100  0     0     0     1      0      0       0.0.0.0        36     2160   60   60   Fri Nov  8 10:12:39 2019  56      cpu       ge0/1    0   
512  20.23.41.1      20.2.104.3    123   123   48    17     0      0       0.0.0.0        1      76     76   76   Fri Nov  8 10:15:20 2019  38      cpu       ge0/1    0   
512  20.23.42.1      20.2.104.3    123   123   48    17     0      0       0.0.0.0        1      76     76   76   Fri Nov  8 10:15:26 2019  44      cpu       ge0/1    0   
512  112.107.220.15  20.2.104.100  0     0     0     1      0      0       0.0.0.0        28     1680   60   60   Fri Nov  8 10:12:39 2019  13      cpu       ge0/0    0   
512  182.195.85.11   20.2.104.1    0     0     0     1      0      2048    0.0.0.0        12     720    60   60   Fri Nov  8 10:13:08 2019  36      cpu       ge0/1    0   
 
TESTBR1#  
TESTBR1# tools internal fp-dump options -G | i nhop
                ip_fwd_null_nhop:               90
TESTBR1#
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.