Guest

Preview Tool

Cisco Bug: CSCvu21191 - macsec : TX SA remove failure on 6.6.3

Last Modified

Sep 02, 2020

Products (12)

  • Cisco Network Convergence System 5500 Series
  • Cisco Network Convergence System 55A2-MOD-HD-S
  • Cisco Network Convergence System 5504
  • Cisco Network Convergence System 5516
  • Cisco Network Convergence System 5502-SE
  • Cisco Network Convergence System 55A1-24H
  • Cisco Network Convergence System 5502
  • Cisco Network Convergence System 55A2-MOD-S
  • Cisco Network Convergence System 55A2-MOD-SE-S
  • Cisco Network Convergence System 5501-SE
View all products in Bug Search Tool Login Required

Known Affected Releases

6.6.3.BASE

Description (partial)

Symptom:
Have a Macsec session in should secure mode. 
Secy driver restart followed by no macsec on peer or mismatch of both primary and fallback keys  will cause traffic drop. The expectation is to allow data to flow in clear.

Conditions:
1. Establish Macsec session on an interface with should secure policy
2. Restart secy Driver
3. Do a shut/no macsec on peer interface
4. TX SA fails to get removed
5. Packet drops henceforth
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.