Guest

Preview Tool

Cisco Bug: CSCvs83567 - NX-OS 8.x IP redirect source check not working

Last Modified

Jul 21, 2020

Products (1)

  • Cisco MDS 9000 NX-OS and SAN-OS Software

Known Affected Releases

8.1(2a)

Description (partial)

The N7718 with M3 LCs are in production and the outage occurred in a maintenance window causing BGP outage.

Symptom:
set up and the issue, the simplified network topology and routing is as below.
All connections shown are L2 in vlan 201, with SVIs on DMZ03, DMZ04 and Core03.
 
                                            CRS
                                          /      |
                                       /         |
                                    /            |
                        DMZ03 ===== DMZ0
                         |
                         |
                      Core03.
 
 
CRS advertises default route to both DMZ03 and DMZ04.
During normal routing traffic from Core03 hits DMZ03 and takes default route to CRS.
During testing, BGP between CRS and DMZ03 is taken down and default route on Core03 still points to DMZ03, but on DMZ03 default route now points to DMZ04.
So, when Core03 sends traffic to DMZ03 it generates IP redirects.
There is routing issue here, but that is a different problem.
Because of excessive IP redirects with 8.2.1a s/w version, DMZ03 control plane became unstable.
AT&T had an outage because of this instability.

Conditions:
IP redirect forwarding (default condition) enabled on DMZ03 interface connection to DMZ04
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.