Guest

Preview Tool

Cisco Bug: CSCvs94924 - Time that is taken for the port channel to come up causes the Radius server to time out

Last Modified

Apr 28, 2020

Products (1)

  • Cisco IOS

Known Affected Releases

16.9.4

Description (partial)

Symptom:
After reload of switch, LACP port channel takes much more time to come up than the normal links, which cause the radius server to time out and has to be brought up manually.

#show platform software trace level smd switch active r0 | inc Debug
auth-mgr                        Debug
auth-mgr-all                    Debug
auth-mgr-sync                   Debug
dot1x                           Debug
dot1x-all                       Debug
dot1x-redun                     Debug
dot1x-registry                  Debug
epm                             Debug
epm-all                         Debug
epm-ha                          Debug
pre-all                         Debug
radius                          Debug
radius-acct                     Debug
radius-authen                   Debug
radius-brief                    Debug
radius-dbg-acco                 Debug
radius-dbg-auth                 Debug
radius-elog                     Debug
radius-failover                 Debug
radius-init                     Debug
radius-retran                   Debug
radius-tbl                      Debug
radius-verbose                  Debug

From debugs the following errors can be observed ?[0000.0000.0000:unknown] Error clearing method priority list on interface [GigabitEthernet1/0/23]?
[0000.0000.0000:unknown] Configuration setup failed for Interface [24]

Conditions:
IOS-XE Polaris 16.9.4

Configure a LACP ether-channel between access and core switches.
Enabled dot1x on user ports on access switch and connect clients.
Reboot switch. Switch will start the dot1x process before the Radius server is available via the uplink channel.
This causes the Radius servers to get marked as dead and when the uplink finally gets active, all users already failed authentication.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.