Guest

Preview Tool

Cisco Bug: CSCvv37188 - Port profile refresh does not remove DHCP relay address from interface

Last Modified

Oct 08, 2020

Products (1)

  • Cisco Nexus 9000 Series Switches

Known Affected Releases

9.3(5)

Description (partial)

Symptom:
A Cisco Nexus 9000 Series switch configured with port profiles will not correctly remove old DHCP relay server addresses from an interface when the interface's applied port profile is refreshed with the "refresh profile" command. 

For example, consider a Nexus 9000 device where the SVI for VLAN 10 is configured with DHCP relay servers 198.51.100.10 and 198.51.100.20.

N9K# show running-config | section VLAN10
<snip>
configure profile VLAN10
  interface Vlan10
    vrf member example-1
    no ip redirects
    no ipv6 redirects
    ip address 192.0.2.1/24 tag 12345
    ip dhcp relay address 198.51.100.10 use-vrf example-1
    ip dhcp relay address 198.51.100.20 use-vrf example-1
    mtu 9216
    fabric forwarding mode anycast-gateway
    no shutdown
apply profile VLAN10

N9K# show running-config interface vlan 10 expand-port-profile 
<snip>
interface Vlan10
  no shutdown
  mtu 9216
  vrf member example-1
  no ip redirects
  ip address 192.0.2.1/24 tag 12345
  no ipv6 redirects
  fabric forwarding mode anycast-gateway
  ip dhcp relay address 198.51.100.10
  ip dhcp relay address 198.51.100.20

A new port profile is created that updates the DHCP relay server 198.51.100.20 to be 198.51.100.30 instead.

N9K# show running-config | section VLAN10_new
configure profile VLAN10_new
  interface Vlan10
    vrf member example-1
    no ip redirects
    no ipv6 redirects
    ip address 192.0.2.1/24 tag 12345
    ip dhcp relay address 198.51.100.10 use-vrf example-1
    ip dhcp relay address 198.51.100.30 use-vrf example-1
    mtu 9216
    fabric forwarding mode anycast-gateway
    no shutdown

Finally, the existing VLAN10 port profile is refreshed with the contents of the VLAN10_new port profile using the "profile refresh" command.

N9K# configure terminal
N9K(config)# refresh profile VLAN10 VLAN10_new overwrite

The old "ip dhcp relay address 198.51.100.20" configuration will still appear in the VLAN10 SVI's configuration.

N9K# show running-config interface vlan 10 expand-port-profile 
<snip>
interface Vlan10
  no shutdown
  mtu 9216
  vrf member example-1
  no ip redirects
  ip address 192.0.2.1/24 tag 12345
  no ipv6 redirects
  fabric forwarding mode anycast-gateway
  ip dhcp relay address 198.51.100.10
  ip dhcp relay address 198.51.100.20
  ip dhcp relay address 198.51.100.30

Conditions:
This issue can be observed on any Nexus 9000 switch with port profiles containing DHCP relay server address configuration.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.