Core issue

This issue is documented in Cisco bug ID CSCsc90277.

On a Supervisor 720, if you have unicast Reverse Path Forwarding (uRPF) configured on multiple VLANs and one of those VLANs is shut down, Layer 2 traffic to the Supervisor 720 and within a VLAN is dropped for the VLAN that is still up. Layer 3 traffic between the VLANs that is still up also experiences connectivity problems.

interface vlan 1
ip address 10.10.20.1 255.255.255.0
ip verify unicast source reachable-via rx
no ip redirects
no ip unreachables
ip pim sparse-mode
ip route-cache same-interface
ip route-cache flow
ip cgmp

interface vlan2
ip address 10.10.10.1 255.255.255.0
ip verify unicast source reachable-via rx
no ip redirects
no ip unreachables
ip pim sparse-mode
ip route-cache flow
mls rp vtp-domain U2k
mls rp ip

If VLAN 1 is shut down, Layer 2 traffic in VLAN 2 fails an RPF check.

This is an example:

Host A ---- VLAN 2 ----- cat6500------ VLAN 1 --- Host B

If VLAN 1 is shut down, the traffic that comes from Host A in VLAN 2 to the IP address of VLAN 2 on a Catalyst 6500 fails an RPF check. The same is true for any traffic that originates in VLAN 2 and goes to any other VLAN.

If mls rate-limiter for IP errors is configured, traffic is intermittently dropped as well based on the rate configured in the rate limiter.

Resolution

This bug is fixed in Cisco IOS  Software Releases 12.2(18)SXF2 and 12.2(18)SXE5 and later.

Workaround:

• Disable mls rate-limiter. The RPF check still fails but traffic does go through.
  
  
• Disable uRPF.
  
  
• Shut / no shut the VLAN interface.
  
  
• Issue the clear ip route * command.