[c-nsp] Nexus 7018 - native Vlan 4095 on some VPC/port-channel interfaces

Fri Mar 4 16:10:50 EST 2011

Hi,

For the first part you described, I'm suspecting software defect
CSCtg92465 which affects 5.0(2) and fixed in 5.0(3). You might try
upgrading to 5.0(3) during a maintenance window.

CSCtg92465 - Missing gwmacs for a few SVIs after root bridge reload

Symptom:

SVI is up but the SVI mac is missing from lcs in 5.0.2 images only.

Condition:

During SVI flaps if the SVI mac of the own switch happens to be learnt
due to some transit loop/BFD config then the SVI mac can get learnt as
dynamic entry during SVi down. When the new learn notification is sent
from hardware to SUP, if SVI happens to insert the SVI Gateway mac
then software sends insert notifcation to lcs. On seeing the same mac
as dynamic new learn entry a delete notification is sent to lcs which
ends up in deleting the static SVI gateway mac.

Workaround.
Since it is a race condition, flapping only SVIs should fix the issue.
The fix is in 5.0.3 images

Best regards,
Andras

On Fri, Mar 4, 2011 at 12:20 PM, Matthew Melbourne
<matt at melbourne.org.uk> wrote:
> Hi,
>
> We are seeing very odd L2 connectivity on some vPCs between a pair of
> Nexus 7018 (NX-OS 5.0(2a)) and a ToR switches. For example on an ASR
> connecting to Nexus, trying to connect to a host plugged into a
> downstream switch (with a vPC to the Nexus pair), connectivity will be
> lost, but a refresh of ARP traffic, e.g. 'clear ip arp <IP address>'
> restores connectivity momentarily, even though the MAC address on the
> ASR hasn't changed.
>
> On the affected vPCs, we noticed that the native VLAN appears to be
> set to 4095 (which isn't a valid VLAN on the switch) on one of the
> Nexus in the pair (nx02), e.g.
>
> nx02# show interface switchport | i 4095 prev 5
> Name: port-channel80
>  Switchport: Enabled
>  Switchport Monitor: Not enabled
>  Operational Mode: trunk
>  Access Mode VLAN: 1 (default)
>  Trunking Native Mode VLAN: 4095 (Vlan not created)
> --
> Name: port-channel101
>  Switchport: Enabled
>  Switchport Monitor: Not enabled
>  Operational Mode: trunk
>  Access Mode VLAN: 1 (default)
>  Trunking Native Mode VLAN: 4095 (Vlan not created)
> --
> Name: port-channel102
>  Switchport: Enabled
>  Switchport Monitor: Not enabled
>  Operational Mode: trunk
>  Access Mode VLAN: 1 (default)
>  Trunking Native Mode VLAN: 4095 (Vlan not created)
>
> Additionally, if the ‘show interface switchport’ command is issued
> against any of these vPCs the following message is generated:
>
> 2011 Feb 21 10:12:01 nx02 %VLAN_MGR-2-INFO_MSG:  pid 11274, vdcID 0,
> local vdcID 1
>
> When looking at ‘show interface switchport’ on the member interfaces
> of the relevant port-channel the native VLAN is VLAN 1 as expected.
>
> If any L2 switchport commands are entered under these port-channel
> interface on the problematic Nexus (nx02), the command is rejected:
>
> nx02(config-if)# switchport trunk native vlan 1
> Warning: command rejected, Po102 not a switching port
>
> It is possible to apply the command to the member interface, but the
> member interface was correctly displaying a native VLAN of 1 anyway –
> the problem only affects the port-channel interface.  After applying
> the command to the member interface the port-channel interface still
> shows a native Vlan of 4095.
>
> This is only affecting one Nexus (nx02). The native VLAN on the
> affected port-channels on nx01 is correct. Shutting down the member
> port on nx02 fixes the strange connectivity issue for the affected
> port-channels - and given that this native VLAN issue is affecting the
> same vPCs, we're fairly sure these issues are related.
>
> Has anyone seen anything similar; the code on the units is 5.0(2a),
> and the issue only appears to be affects some vPCs on one of the
> Nexus?
>
> Cheers,
>
> Matt
>
> --
> Matthew Melbourne
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>