[c-nsp] CEF fun in SXF

Gert Doering gert at greenie.muc.de
Thu Dec 8 16:24:16 EST 2005 

Hello colleagues,

we've just had lots of fun with one of our Sup720/12.2(18)SXF boxes, and
I'm curious whether one of you has been hit by it before, and maybe
even has a bug ID (which would save me some time with first-level TAC) 
or case number that I could link to...

The box is running perfectly well since 6 weeks, and has seen quite some
amount of (VLAN-)interface configuration/deconfiguration churn since then 
- new customers are connected, customers move to other VLAN numbers (don't
ask), interfaces are deconfigured.

Today, I did a pretty standard interface deconfiguration ("no int vlan3305"),
and all of a sudden, hell broke loose:

*All* directly connected (!) customers had massive packet loss - about 
50-80% - while packets to non-"connected" targets had no problems at all.

Took me a while to figure out what the problem is (I was looking for
overload, customer worm infections, out-of-memory hickups, etc.) and 
then I decided to reconfigure the interface, as it was before - very basic
configuration: interface, IP address, description, uRPF.  Voila, everything 
normal.

Set interface to "shutdown".  Boom, packet loss.

Set interface to "no shutdown".  Everything normal.

It gets more weird.

Removed IP configuration from vlan3305 - so all that's left is 
"int vlan 3305 / no shutdown".  Everything stays normal.  (There is no
connected route for that interface anymore!!!  How can it affect CEF?)

Remove vlan 3305 from last trunk port -> msfcautostate -> interface goes
to "down" -> packet loss.  Re-add vlan 3305 -> interface up -> everything
fine.


Next thing I tried was "clear ip route *", then setting the interface to
"shutdown", and doing "clear ip route *" again.  Aha!  No more packet loss.

A few seconds later, the box told me:

Dec  8 21:53:32: %FIB-4-AUTOREPAIR: CEF database auto-repair executed

... which seems to confirm my suspicion: somehow the removal of an
interface messed up CEF for lots/all other directly connected networks.

Huh???


Does this sound familiar to anyone?

gert

-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de

More information about the cisco-nsp mailing list