[c-nsp] SXF15/SXF15a experiences?

Charles Spurgeon c.spurgeon at mail.utexas.edu
Mon Nov 3 10:54:22 EST 2008


As noted on NSP recently, SXF15 appears to share some bugs with
SXH3. We've found that the set of shared bugs includes the "crashes
when route-map is removed" bug (CSCsk21935, which will be fixed via
CSCsm75286 according to the TAC).

We first encountered the SXH3 route-map issue when a core router
crashed during a route-map removal that is performed by a script twice
a day. We downgraded to SXF6, which we have been running for nearly
two years on our core routers with no issues (including one BGP
peering box with a full route table).

A little while later we upgraded the core box that had crashed on SXH3
to SXF15 to deal with the multicast vulnerability
(cisco-sa-20080924-multicast). Two weeks after the upgrade that core
router crashed on the route-map bug, which is the first time we had
seen that in SXF code.

>From which we deduce that SXF15 picked up some bugs from the SXH
branch which are not present in SXF6. Not sure where along the path
that happened, although from Phil's report it sounds like SXF10 is
running stably as well.

We modified our route-map script, and are continuing to run on SXF15
on that core box (which is not a BGP peering box) with no other issues
found (we don't use scp, so we have avoided that particular SXH and
presumably SXF15 bug as well).

Since Cisco appears to be spreading the buggy code around in later
releases of SXF code, it's getting difficult to find a stable release
that *stays* stable.

-Charles

Charles E. Spurgeon / UTnet
UT Austin ITS / Networking
c.spurgeon at its.utexas.edu / 512.475.9265

On Mon, Nov 03, 2008 at 06:52:05AM -0800, Janet Sullivan wrote:
> Phil Mayers wrote:
> >Janet Sullivan wrote:
> >>I'm interested in hearing about people's experiences with SXF15/15a, 
> >>especially in an internet edge/full BGP route table type environment. 
> >>So far I've run into one oddity with SXF15 (BGP wasn't updating the 
> >>local routing table until a clear ip route *), and I'm debating 
> >>whether to downgrade.
> >
> >That bug was discussed on the list recently. Search for the thread "SXH3 
> >ghost bugs".
> >
> >It's present in SXH15 & SXH3, but fixed in SXH3a (however SXH3a still 
> >has all the *other* bugs that SXH3 has, including the SCP-crasher)
> 
> I thought the ghost bug was fixed in SXF15?  Wasn't there a discussion 
> about how it had been both found and fixed in that version?
> 
> In my SXF15 experience, I actually shut down a BGP peer (good 'ol nei 
> xxx.xxx.xxx.xxx shut), and while BGP saw the routes go away, the local 
> routing table on the box did not.  That seems slightly different than 
> the ghost bug as I understood it, but I'd be happy to be proven wrong.
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list