Guest

Preview Tool

Cisco Bug: CSCvt72401 - MACSEC protected link no longer passes traffic.

Last Modified

Sep 10, 2020

Products (32)

  • Cisco Catalyst 9500 Series Switches
  • Cisco Catalyst 9300-48T-A Switch
  • Cisco Catalyst 9400 Supervisor Engine-1XL-Y
  • Cisco Catalyst C9500-16X-E Switch
  • Cisco Catalyst 9300-48P-A Switch
  • Cisco Catalyst 9300-48U-A Switch
  • Cisco Catalyst 9300-48UXM-A Switch
  • Cisco Catalyst 9300-48UN-A Switch
  • Cisco Catalyst 9300-48P-E Switch
  • Cisco Catalyst C9500-24Q-A Switch
View all products in Bug Search Tool Login Required

Known Affected Releases

16.12.3

Description (partial)

Symptom:
A MACSEC protected link that was up and passing traffic will stop passing traffic after a period of time. The MKA session will remain up but no traffic including LLDP/CDP/ARP will pass across the link.

Additionally the MACSEC protected link was configured to use replay protection and the configured value of the replay-protection window-size was larger than 2^30-1

Conditions:
MACSEC protected link utilizing XPN (extended packet numbering) ciphers and having a replay-protection window-size value larger than 2^30-1 configured.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.