Re: [c-nsp] blackholed traffic on ether-channel
On Fri, Apr 8, 2016 at 2:26 AM, Phil Mayerswrote: > (It's not proving a great platform for us TBH - I still can't get good > Netflow performance out of a 68xx in exactly the same environments a sup720 > thrived... oh the irony) I like the platform, I really do, but I could do without the absolutely debilitating, service interrupting bugs. Can't we get some bugs that, e.g., crash the standby supervisor, or something. A higher quality of bug, if you will. -- Hunter Fuller Network Engineer VBRH Annex B-1 +1 256 824 5331 Office of Information Technology The University of Alabama in Huntsville Systems and Infrastructure ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] blackholed traffic on ether-channel
On Thu, Apr 7, 2016 at 4:14 AM, Holemans Wimwrote: > https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuy25743 > C6880-X-LE: Contiguous 4 10G ports goes down and cannot be brought up > > As an solution the page points to 3 new software releases : > Known Fixed Releases: (3) > 15.2(1)SY1.118 > 15.3(1)IE101.312 > 15.4(1)IA1.22 > Of these 3 releases none is available for download ? There is even no > 15.3 of 15.4 train available in the download software page... > Anyone has an idea where I can find a software release in which this > problem is fixed so I can install this before activating these switches on > our network ? > As of Thursday, April 7, 15.2.1-SY2(ED) was posted. Though the bug isn't listed in the rel notes I checked with Cisco and at this point they have stated CSCuy25743 is fixed in this version, and are (hopefully) updating the document. We haven't tested it yet though, if anyone has please share findings. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] blackholed traffic on ether-channel
On 07/04/16 22:15, Hunter Fuller wrote: Look out for SY2!! We were on that release when we rolled out our Cat6807s in 2014 but there was a gross bug where a malformed mDNS packet could crash the sup! We had a quad-sup VSS at this time and it crashed all four within a minute! I'm unsure if this was VSS specific but I did get confirmation that it wasn't quad-sup specific. We are now on 15.1(2)SY4 and life is good... for now.. Note there's a 4a - the "a" release generally indicate pretty serious bugs in the plain release, IME, but I haven't pored over the release notes in a while. Just to continue the comedy train for the 68xx IOS discussions, watch out for CSCut83493 on anything prior to SY5 ;o) There's a slightly-larger-than-normal number of resolved caveats in SY5/6, be aware. Basically, Cat6k IOS is the same it's always been - find a release where the known bugs don't affect *you* and stick on it until otherwise. (It's not proving a great platform for us TBH - I still can't get good Netflow performance out of a 68xx in exactly the same environments a sup720 thrived... oh the irony) ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] blackholed traffic on ether-channel
and keep in mind that most releases for the 6800 are deferred, so it would be hard to get support from TAC on those. Only the last 1 or 2 rebuilt in each trains are not deferred. On Thu, Apr 7, 2016 at 11:15 PM, Hunter Fullerwrote: > Look out for SY2!! We were on that release when we rolled out our > Cat6807s in 2014 but there was a gross bug where a malformed mDNS > packet could crash the sup! We had a quad-sup VSS at this time and it > crashed all four within a minute! I'm unsure if this was VSS specific > but I did get confirmation that it wasn't quad-sup specific. > > We are now on 15.1(2)SY4 and life is good... for now... > > -- > Hunter Fuller > Network Engineer > VBRH Annex B-1 > +1 256 824 5331 > > Office of Information Technology > The University of Alabama in Huntsville > Systems and Infrastructure > > > On Thu, Apr 7, 2016 at 3:29 AM, Mark Tinka wrote: > > > > > > On 7/Apr/16 10:14, Holemans Wim wrote: > > > >> > >> As an solution the page points to 3 new software releases : > >> Known Fixed Releases: (3) > >> 15.2(1)SY1.118 > >> 15.3(1)IE101.312 > >> 15.4(1)IA1.22 > >> Of these 3 releases none is available for download ? There is even > no 15.3 of 15.4 train available in the download software page... > > > > Cisco normally publish future releases as being fixed before the > > releases become physically available. It is just a commitment from the > > BU to say in which release a bug is going to get fixed. When the release > > actually becomes available is orthogonal to the bug details. > > > >> Anyone has an idea where I can find a software release in which this > problem is fixed so I can install this before activating these switches on > our network ? > > > > We started using this platform back in 2014. > > > > We are using the code that was the only one available back then - > > 15.1(2)SY2 - without any issue. > > > > We were actually just about to start a round of upgrades to the latest > > stable release, but after seeing this thread, best to wait. > > > > In all fairness, we are running the switches as pure Layer 2 core > > devices, but with lots of 10Gbps LACP links. No issues with that since > 2014. > > > > If you don't have any features that require anything beyond 15.1(2)SY2, > > I'd suggest trying this if there aren't any defects in it worth noting > > for your environment. > > > > Mark. > > ___ > > cisco-nsp mailing list cisco-nsp@puck.nether.net > > https://puck.nether.net/mailman/listinfo/cisco-nsp > > archive at http://puck.nether.net/pipermail/cisco-nsp/ > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] blackholed traffic on ether-channel
Look out for SY2!! We were on that release when we rolled out our Cat6807s in 2014 but there was a gross bug where a malformed mDNS packet could crash the sup! We had a quad-sup VSS at this time and it crashed all four within a minute! I'm unsure if this was VSS specific but I did get confirmation that it wasn't quad-sup specific. We are now on 15.1(2)SY4 and life is good... for now... -- Hunter Fuller Network Engineer VBRH Annex B-1 +1 256 824 5331 Office of Information Technology The University of Alabama in Huntsville Systems and Infrastructure On Thu, Apr 7, 2016 at 3:29 AM, Mark Tinkawrote: > > > On 7/Apr/16 10:14, Holemans Wim wrote: > >> >> As an solution the page points to 3 new software releases : >> Known Fixed Releases: (3) >> 15.2(1)SY1.118 >> 15.3(1)IE101.312 >> 15.4(1)IA1.22 >> Of these 3 releases none is available for download ? There is even no >> 15.3 of 15.4 train available in the download software page... > > Cisco normally publish future releases as being fixed before the > releases become physically available. It is just a commitment from the > BU to say in which release a bug is going to get fixed. When the release > actually becomes available is orthogonal to the bug details. > >> Anyone has an idea where I can find a software release in which this problem >> is fixed so I can install this before activating these switches on our >> network ? > > We started using this platform back in 2014. > > We are using the code that was the only one available back then - > 15.1(2)SY2 - without any issue. > > We were actually just about to start a round of upgrades to the latest > stable release, but after seeing this thread, best to wait. > > In all fairness, we are running the switches as pure Layer 2 core > devices, but with lots of 10Gbps LACP links. No issues with that since 2014. > > If you don't have any features that require anything beyond 15.1(2)SY2, > I'd suggest trying this if there aren't any defects in it worth noting > for your environment. > > Mark. > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] blackholed traffic on ether-channel
On 7/Apr/16 10:14, Holemans Wim wrote: > > As an solution the page points to 3 new software releases : > Known Fixed Releases: (3) > 15.2(1)SY1.118 > 15.3(1)IE101.312 > 15.4(1)IA1.22 > Of these 3 releases none is available for download ? There is even no > 15.3 of 15.4 train available in the download software page... Cisco normally publish future releases as being fixed before the releases become physically available. It is just a commitment from the BU to say in which release a bug is going to get fixed. When the release actually becomes available is orthogonal to the bug details. > Anyone has an idea where I can find a software release in which this problem > is fixed so I can install this before activating these switches on our > network ? We started using this platform back in 2014. We are using the code that was the only one available back then - 15.1(2)SY2 - without any issue. We were actually just about to start a round of upgrades to the latest stable release, but after seeing this thread, best to wait. In all fairness, we are running the switches as pure Layer 2 core devices, but with lots of 10Gbps LACP links. No issues with that since 2014. If you don't have any features that require anything beyond 15.1(2)SY2, I'd suggest trying this if there aren't any defects in it worth noting for your environment. Mark. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] blackholed traffic on ether-channel
Just bought several C6880-X to replace some 6500 with Sup32. They will have a lot of LACP channels... Tried to search for the bug numbers mentioned below, the first one came back as not cisco inside only, the second one comes with an information page with the title : https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuy25743 C6880-X-LE: Contiguous 4 10G ports goes down and cannot be brought up As an solution the page points to 3 new software releases : Known Fixed Releases: (3) 15.2(1)SY1.118 15.3(1)IE101.312 15.4(1)IA1.22 Of these 3 releases none is available for download ? There is even no 15.3 of 15.4 train available in the download software page... Anyone has an idea where I can find a software release in which this problem is fixed so I can install this before activating these switches on our network ? Wim Holemans Netwerkdienst Universiteit Antwerpen Network Services University of Antwerp -Oorspronkelijk bericht- Van: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] Namens Aaron DuShey Verzonden: woensdag 6 april 2016 20:40 Aan: selamat pagi <keti...@gmail.com> CC: cisco-nsp <cisco-nsp@puck.nether.net> Onderwerp: Re: [c-nsp] blackholed traffic on ether-channel Sorry for the earlier misfire. On Wed, Apr 6, 2016 at 10:55 AM, selamat pagi <keti...@gmail.com> wrote: > Setup: > 4 port LACP channel, C6880 <-> Nexus 7k > > Recently we had the issue that most (not all) traffic was black-holed > on a C6880. > No interface counters, nor the port-channel status, nor an NMS pointed > to any abnormal behavior. > > Finally, the problem was resolved by shutting down a specific > interface on C6880. > It seems that one defect port affected the function of the entire > port-channel !! > FWIW We recently ran into a somewhat similar port-channel issue on 6880 15.2(1)SY1a. BU told us symptoms were possibly related to CSCuw08272/CSCuy25743. That issue is slated to be fixed in 15.2(1)SY2. -Aaron ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] blackholed traffic on ether-channel
Sorry for the earlier misfire. On Wed, Apr 6, 2016 at 10:55 AM, selamat pagiwrote: > Setup: > 4 port LACP channel, C6880 <-> Nexus 7k > > Recently we had the issue that most (not all) traffic was black-holed on a > C6880. > No interface counters, nor the port-channel status, nor an NMS pointed to > any abnormal behavior. > > Finally, the problem was resolved by shutting down a specific interface on > C6880. > It seems that one defect port affected the function of the entire > port-channel !! > FWIW We recently ran into a somewhat similar port-channel issue on 6880 15.2(1)SY1a. BU told us symptoms were possibly related to CSCuw08272/CSCuy25743. That issue is slated to be fixed in 15.2(1)SY2. -Aaron ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] blackholed traffic on ether-channel
Aaron > On Apr 6, 2016, at 10:55 AM, selamat pagiwrote: > > Setup: > 4 port LACP channel, C6880 <-> Nexus 7k > > Recently we had the issue that most (not all) traffic was black-holed on a > C6880. > No interface counters, nor the port-channel status, nor an NMS pointed to > any abnormal behavior. > > Finally, the problem was resolved by shutting down a specific interface on > C6880. > It seems that one defect port affected the function of the entire > port-channel !! > > Have you ever encountered a similar issue ? > > How could these be monitored ? > Would a ping across each link be a recommended approach (load-balance > hashing would need to be considered)? > > cheers, keti > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] blackholed traffic on ether-channel
> > Setup: > 4 port LACP channel, C6880 <-> Nexus 7k > > Recently we had the issue that most (not all) traffic was black-holed on a > C6880. > No interface counters, nor the port-channel status, nor an NMS pointed to > any abnormal behavior. > > Finally, the problem was resolved by shutting down a specific interface on > C6880. > It seems that one defect port affected the function of the entire > port-channel !! > > Have you ever encountered a similar issue ? We encountered a similar issue as part of bug ID CSCut40421 specific to 10G links. There was a somewhat complex workaround, but we upgraded to resolve it. I think the bug was a regression in 15.1(2)SY5 from a prior fix to resolve the same issue with 1G links. We went to 15.2(1)SY1a, which fixed it for us. Nathan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] blackholed traffic on ether-channel
Hi, On Wed, Apr 06, 2016 at 04:55:09PM +0200, selamat pagi wrote: > 4 port LACP channel, C6880 <-> Nexus 7k > > Recently we had the issue [..] I'm sure that this can be solved by upgrading to a different un-named OS version on either side and rebooting. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de signature.asc Description: PGP signature ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] blackholed traffic on ether-channel
Setup: 4 port LACP channel, C6880 <-> Nexus 7k Recently we had the issue that most (not all) traffic was black-holed on a C6880. No interface counters, nor the port-channel status, nor an NMS pointed to any abnormal behavior. Finally, the problem was resolved by shutting down a specific interface on C6880. It seems that one defect port affected the function of the entire port-channel !! Have you ever encountered a similar issue ? How could these be monitored ? Would a ping across each link be a recommended approach (load-balance hashing would need to be considered)? cheers, keti ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/