Re: [c-nsp] blackholed traffic on ether-channel

2016-04-14 Thread Hunter Fuller 
On Fri, Apr 8, 2016 at 2:26 AM, Phil Mayers  wrote:
> (It's not proving a great platform for us TBH - I still can't get good
> Netflow performance out of a 68xx in exactly the same environments a sup720
> thrived... oh the irony)

I like the platform, I really do, but I could do without the
absolutely debilitating, service interrupting bugs. Can't we get some
bugs that, e.g., crash the standby supervisor, or something. A higher
quality of bug, if you will.

--
Hunter Fuller
Network Engineer
VBRH Annex B-1
+1 256 824 5331

Office of Information Technology
The University of Alabama in Huntsville
Systems and Infrastructure
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] blackholed traffic on ether-channel

2016-04-14 Thread Aaron DuShey 
On Thu, Apr 7, 2016 at 4:14 AM, Holemans Wim 
wrote:

> https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuy25743
> C6880-X-LE: Contiguous 4 10G ports goes down and cannot be brought up
>
> As an solution the page points to 3 new software releases :
> Known Fixed Releases:   (3)
> 15.2(1)SY1.118
> 15.3(1)IE101.312
> 15.4(1)IA1.22
> Of these 3 releases none is available for download ? There is even no
> 15.3 of 15.4 train available in the download software page...
> Anyone has an idea where I can find a software release in which this
> problem is fixed so I can install this before activating these switches on
> our network ?
>

As of Thursday, April 7, 15.2.1-SY2(ED) was posted. Though the bug isn't
listed in the rel notes I checked with Cisco and at this point they have
stated CSCuy25743 is fixed in this version, and are (hopefully) updating
the document. We haven't tested it yet though, if anyone has please share
findings.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] blackholed traffic on ether-channel

2016-04-08 Thread Phil Mayers 

On 07/04/16 22:15, Hunter Fuller wrote:

Look out for SY2!! We were on that release when we rolled out our
Cat6807s in 2014 but there was a gross bug where a malformed mDNS
packet could crash the sup! We had a quad-sup VSS at this time and it
crashed all four within a minute! I'm unsure if this was VSS specific
but I did get confirmation that it wasn't quad-sup specific.

We are now on 15.1(2)SY4 and life is good... for now..


Note there's a 4a - the "a" release generally indicate pretty serious 
bugs in the plain release, IME, but I haven't pored over the release 
notes in a while.


Just to continue the comedy train for the 68xx IOS discussions, watch 
out for CSCut83493 on anything prior to SY5 ;o)


There's a slightly-larger-than-normal number of resolved caveats in 
SY5/6, be aware.


Basically, Cat6k IOS is the same it's always been - find a release where 
the known bugs don't affect *you* and stick on it until otherwise.


(It's not proving a great platform for us TBH - I still can't get good 
Netflow performance out of a 68xx in exactly the same environments a 
sup720 thrived... oh the irony)

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] blackholed traffic on ether-channel

2016-04-08 Thread Antoine Monnier 
and keep in mind that most releases for the 6800 are deferred, so it would
be hard to get support from TAC on those. Only the last 1 or 2 rebuilt in
each trains are not deferred.

On Thu, Apr 7, 2016 at 11:15 PM, Hunter Fuller  wrote:

> Look out for SY2!! We were on that release when we rolled out our
> Cat6807s in 2014 but there was a gross bug where a malformed mDNS
> packet could crash the sup! We had a quad-sup VSS at this time and it
> crashed all four within a minute! I'm unsure if this was VSS specific
> but I did get confirmation that it wasn't quad-sup specific.
>
> We are now on 15.1(2)SY4 and life is good... for now...
>
> --
> Hunter Fuller
> Network Engineer
> VBRH Annex B-1
> +1 256 824 5331
>
> Office of Information Technology
> The University of Alabama in Huntsville
> Systems and Infrastructure
>
>
> On Thu, Apr 7, 2016 at 3:29 AM, Mark Tinka  wrote:
> >
> >
> > On 7/Apr/16 10:14, Holemans Wim wrote:
> >
> >>
> >> As an solution the page points to 3 new software releases :
> >> Known Fixed Releases: (3)
> >> 15.2(1)SY1.118
> >> 15.3(1)IE101.312
> >> 15.4(1)IA1.22
> >> Of these 3 releases none is available for download ? There is even
> no 15.3 of 15.4 train available in the download software page...
> >
> > Cisco normally publish future releases as being fixed before the
> > releases become physically available. It is just a commitment from the
> > BU to say in which release a bug is going to get fixed. When the release
> > actually becomes available is orthogonal to the bug details.
> >
> >> Anyone has an idea where I can find a software release in which this
> problem is fixed so I can install this before activating these switches on
> our network ?
> >
> > We started using this platform back in 2014.
> >
> > We are using the code that was the only one available back then -
> > 15.1(2)SY2 - without any issue.
> >
> > We were actually just about to start a round of upgrades to the latest
> > stable release, but after seeing this thread, best to wait.
> >
> > In all fairness, we are running the switches as pure Layer 2 core
> > devices, but with lots of 10Gbps LACP links. No issues with that since
> 2014.
> >
> > If you don't have any features that require anything beyond 15.1(2)SY2,
> > I'd suggest trying this if there aren't any defects in it worth noting
> > for your environment.
> >
> > Mark.
> > ___
> > cisco-nsp mailing list  cisco-nsp@puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] blackholed traffic on ether-channel

2016-04-07 Thread Hunter Fuller 
Look out for SY2!! We were on that release when we rolled out our
Cat6807s in 2014 but there was a gross bug where a malformed mDNS
packet could crash the sup! We had a quad-sup VSS at this time and it
crashed all four within a minute! I'm unsure if this was VSS specific
but I did get confirmation that it wasn't quad-sup specific.

We are now on 15.1(2)SY4 and life is good... for now...

--
Hunter Fuller
Network Engineer
VBRH Annex B-1
+1 256 824 5331

Office of Information Technology
The University of Alabama in Huntsville
Systems and Infrastructure


On Thu, Apr 7, 2016 at 3:29 AM, Mark Tinka  wrote:
>
>
> On 7/Apr/16 10:14, Holemans Wim wrote:
>
>>
>> As an solution the page points to 3 new software releases :
>> Known Fixed Releases: (3)
>> 15.2(1)SY1.118
>> 15.3(1)IE101.312
>> 15.4(1)IA1.22
>> Of these 3 releases none is available for download ? There is even no 
>> 15.3 of 15.4 train available in the download software page...
>
> Cisco normally publish future releases as being fixed before the
> releases become physically available. It is just a commitment from the
> BU to say in which release a bug is going to get fixed. When the release
> actually becomes available is orthogonal to the bug details.
>
>> Anyone has an idea where I can find a software release in which this problem 
>> is fixed so I can install this before activating these switches on our 
>> network ?
>
> We started using this platform back in 2014.
>
> We are using the code that was the only one available back then -
> 15.1(2)SY2 - without any issue.
>
> We were actually just about to start a round of upgrades to the latest
> stable release, but after seeing this thread, best to wait.
>
> In all fairness, we are running the switches as pure Layer 2 core
> devices, but with lots of 10Gbps LACP links. No issues with that since 2014.
>
> If you don't have any features that require anything beyond 15.1(2)SY2,
> I'd suggest trying this if there aren't any defects in it worth noting
> for your environment.
>
> Mark.
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] blackholed traffic on ether-channel

2016-04-07 Thread Mark Tinka 


On 7/Apr/16 10:14, Holemans Wim wrote:

>
> As an solution the page points to 3 new software releases :
> Known Fixed Releases: (3)
> 15.2(1)SY1.118
> 15.3(1)IE101.312
> 15.4(1)IA1.22
> Of these 3 releases none is available for download ? There is even no 
> 15.3 of 15.4 train available in the download software page...

Cisco normally publish future releases as being fixed before the
releases become physically available. It is just a commitment from the
BU to say in which release a bug is going to get fixed. When the release
actually becomes available is orthogonal to the bug details.

> Anyone has an idea where I can find a software release in which this problem 
> is fixed so I can install this before activating these switches on our 
> network ?

We started using this platform back in 2014.

We are using the code that was the only one available back then -
15.1(2)SY2 - without any issue.

We were actually just about to start a round of upgrades to the latest
stable release, but after seeing this thread, best to wait.

In all fairness, we are running the switches as pure Layer 2 core
devices, but with lots of 10Gbps LACP links. No issues with that since 2014.

If you don't have any features that require anything beyond 15.1(2)SY2,
I'd suggest trying this if there aren't any defects in it worth noting
for your environment.

Mark.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] blackholed traffic on ether-channel

2016-04-07 Thread Holemans Wim 
Just bought several C6880-X to replace some 6500 with Sup32. They will have a 
lot of LACP channels...
Tried to search for the bug numbers mentioned below, the first one came back as 
not cisco inside only, the second one comes with an information page with the 
title :
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuy25743
C6880-X-LE: Contiguous 4 10G ports goes down and cannot be brought up

As an solution the page points to 3 new software releases :
Known Fixed Releases:   (3)
15.2(1)SY1.118
15.3(1)IE101.312
15.4(1)IA1.22
Of these 3 releases none is available for download ? There is even no 15.3 
of 15.4 train available in the download software page...
Anyone has an idea where I can find a software release in which this problem is 
fixed so I can install this before activating these switches on our network ?

Wim Holemans
Netwerkdienst Universiteit Antwerpen
Network Services University of Antwerp


-Oorspronkelijk bericht-
Van: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] Namens Aaron DuShey
Verzonden: woensdag 6 april 2016 20:40
Aan: selamat pagi <keti...@gmail.com>
CC: cisco-nsp <cisco-nsp@puck.nether.net>
Onderwerp: Re: [c-nsp] blackholed traffic on ether-channel

Sorry for the earlier misfire.

On Wed, Apr 6, 2016 at 10:55 AM, selamat pagi <keti...@gmail.com> wrote:

> Setup:
> 4 port LACP channel, C6880 <->  Nexus 7k
>
> Recently we had the issue that most (not all) traffic was black-holed 
> on a C6880.
> No interface counters, nor the port-channel status, nor an NMS pointed 
> to any abnormal behavior.
>
> Finally, the problem was resolved by shutting down a specific  
> interface on C6880.
> It seems that one defect port affected the function of the entire 
> port-channel !!
>

FWIW We recently ran into a somewhat similar port-channel issue on 6880 
15.2(1)SY1a. BU told us symptoms were possibly related to CSCuw08272/CSCuy25743.
That issue is slated to be fixed in 15.2(1)SY2.
-Aaron
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] blackholed traffic on ether-channel

2016-04-06 Thread Aaron DuShey 
Sorry for the earlier misfire.

On Wed, Apr 6, 2016 at 10:55 AM, selamat pagi  wrote:

> Setup:
> 4 port LACP channel, C6880 <->  Nexus 7k
>
> Recently we had the issue that most (not all) traffic was black-holed on a
> C6880.
> No interface counters, nor the port-channel status, nor an NMS pointed to
> any abnormal behavior.
>
> Finally, the problem was resolved by shutting down a specific  interface on
> C6880.
> It seems that one defect port affected the function of the entire
> port-channel !!
>

FWIW We recently ran into a somewhat similar port-channel issue on 6880
15.2(1)SY1a. BU told us symptoms were possibly related to
CSCuw08272/CSCuy25743.
That issue is slated to be fixed in 15.2(1)SY2.
-Aaron
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] blackholed traffic on ether-channel

2016-04-06 Thread Aaron DuShey 


Aaron

> On Apr 6, 2016, at 10:55 AM, selamat pagi  wrote:
> 
> Setup:
> 4 port LACP channel, C6880 <->  Nexus 7k
> 
> Recently we had the issue that most (not all) traffic was black-holed on a
> C6880.
> No interface counters, nor the port-channel status, nor an NMS pointed to
> any abnormal behavior.
> 
> Finally, the problem was resolved by shutting down a specific  interface on
> C6880.
> It seems that one defect port affected the function of the entire
> port-channel !!
> 
> Have you ever encountered a similar issue ?
> 
> How could these be monitored ?
> Would a ping across each link  be a recommended  approach (load-balance
> hashing would need to be considered)?
> 
> cheers, keti
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] blackholed traffic on ether-channel

2016-04-06 Thread Nathan Lannine 
>
> Setup:
> 4 port LACP channel, C6880 <->  Nexus 7k
>
> Recently we had the issue that most (not all) traffic was black-holed on a
> C6880.
> No interface counters, nor the port-channel status, nor an NMS pointed to
> any abnormal behavior.
>
> Finally, the problem was resolved by shutting down a specific  interface on
> C6880.
> It seems that one defect port affected the function of the entire
> port-channel !!
>
> Have you ever encountered a similar issue ?

We encountered a similar issue as part of bug ID CSCut40421 specific
to 10G links.  There was a somewhat complex workaround, but we
upgraded to resolve it.  I think the bug was a regression in
15.1(2)SY5 from a prior fix to resolve the same issue with 1G links.
We went to 15.2(1)SY1a, which fixed it for us.

Nathan
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] blackholed traffic on ether-channel

2016-04-06 Thread Gert Doering 
Hi,

On Wed, Apr 06, 2016 at 04:55:09PM +0200, selamat pagi wrote:
> 4 port LACP channel, C6880 <->  Nexus 7k
> 
> Recently we had the issue [..]

I'm sure that this can be solved by upgrading to a different un-named
OS version on either side and rebooting.

gert
-- 
USENET is *not* the non-clickable part of WWW!
   //www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025g...@net.informatik.tu-muenchen.de


signature.asc
Description: PGP signature
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] blackholed traffic on ether-channel

2016-04-06 Thread selamat pagi 
Setup:
4 port LACP channel, C6880 <->  Nexus 7k

Recently we had the issue that most (not all) traffic was black-holed on a
C6880.
No interface counters, nor the port-channel status, nor an NMS pointed to
any abnormal behavior.

Finally, the problem was resolved by shutting down a specific  interface on
C6880.
It seems that one defect port affected the function of the entire
port-channel !!

Have you ever encountered a similar issue ?

How could these be monitored ?
Would a ping across each link  be a recommended  approach (load-balance
hashing would need to be considered)?

cheers, keti
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/