Cisco Bug: CSCvs81835 - Switch Crash @ sisf_snooping_policy_get_seclvl
Aug 29, 2020
- Cisco Catalyst 3650 Series Switches
Known Affected Releases
Symptom: multiple 3650 Switches in an stack may crash after sometime at the sisf_snooping_policy_get_seclvl function Conditions: The conditions leading to the crash involve: -client mac and IP gets learned because of a snooping policy such as "ip dhcp snooping vlan x" -authentication fails and client entry gets moved to a new vlan because of a configuration such as: interface <if> authentication event fail action authorize vlan y -the snooping policy configuration is deleted on vlan x no ip dhcp snooping vlan x -some time later, the client authentication succeeds then fails. The crash is caused by the client entry having a reference to a policy that was deleted. The problem is specific to client device-tracking entries being move across VLANs (for example as a result of Sanet authentication change, or integrated wireless controller changes.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases