[nsp] Serious bug in 12.1(20)EA1a 3550 EMI code

Craig Spiers craig at concept.net.nz
Fri Apr 30 18:58:41 EDT 2004 

Mine's fine.. hasnt been up all that long so far.. i'll keep checking on it.

stp packets : 618209 retrieved, 0 dropped
ram access packets : 4115028 retrieved, 0 dropped
routing protocol packets : 1695723 retrieved, 0 dropped
forwarding packets : 0 retrieved, 0 dropped
routing packets : 275819 retrieved, 0 dropped
L2 protocol packets : 41278 retrieved, 0 dropped
igmp snooping protocol packets : 0 retrieved, 0 dropped
queue7 : 0 retrieved, 0 dropped
icmp redirect packets : 0 retrieved, 0 dropped
icmp unreachable packets : 0 retrieved, 0 dropped
logging packets : 0 retrieved, 0 dropped
addr learning packets : 0 retrieved, 0 dropped
rpffail packets : 0 retrieved, 0 dropped
queue13 : 50 retrieved, 0 dropped
queue14 : 0 retrieved, 0 dropped
queue15 : 0 retrieved, 0 dropped

cr1.akl1 uptime is 4 days, 18 hours, 42 minutes
System returned to ROM by power-on
System restarted at 16:14:50 +1200 Mon Apr 26 2004
System image file is
"flash:/c3550-i5q3l2-mz.121-20.EA1a/c3550-i5q3l2-mz.121-20.EA1a.bin"

cisco WS-C3550-24 (PowerPC) processor (revision G0) with 65526K/8192K bytes
of memory.
Processor board ID CAT0639X0ER
Last reset from warm-reset
Bridging software.
Running Layer2/3 Switching Image


----- Original Message ----- 
From: "Mark Boolootian" <booloo at ucsc.edu>
To: <cisco-nsp at puck.nether.net>
Sent: Saturday, May 01, 2004 9:18 AM
Subject: [nsp] Serious bug in 12.1(20)EA1a 3550 EMI code


>
> We've run into a rather ugly bug in the 12.1(20)EA1a EMI image Cisco
released
> for the 3550 to fix the SNMP vulnerability.  The symptoms are packet loss
> (varying from 1% to 25%+) for traffic that hits the router processor.  The
> router CPU, memory, and interface stats show no indication of trouble
while
> packet loss is occurring.  The command 'show controllers cpu' provides the
> only clear sign that something is amiss:
>
> router#show controllers cpu-interface
>
>   stp packets : 87 retrieved, 0 dropped
>   ram access packets : 5703192 retrieved, 0 dropped
>   routing protocol packets : 504326 retrieved, 0 dropped
>   forwarding packets : 0 retrieved, 0 dropped
>   routing packets : 5306728 retrieved, 345665 dropped
>
> Note the drops on the 'routing packets' line.
>
> It appears to take several days for the symptoms to appear.  The first
> two routers to fail here were the busiest 3550s on campus, and that took
> about four days from boot.  Six days after boot, every 3550 we had
> was showing this problem (about 15 of them).
>
> I had Cisco engineers in the console of a failing box on Wednesday
morning,
> and they looked at as much as they could.  I *think* they were convinced
> there is a bug, but it's now Friday afternoon and I've yet to hear
anything
> back.  It is hard to imagine this problem is unique to us, but this is
Santa
> Cruz, so who knows...
>
> Anyone out there rev to 12.1(20)EA1a?  Got problems?  The packet loss can
> be low and hard to notice (load dependent, I think).  The easiest external
> test is a fast pinger directed at the box.  From inside, 'show control
cpu'.
>
> thanks,
> mb
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>

More information about the cisco-nsp mailing list