Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Ask the Expert- configuration and troubleshoot WSA and https proxy

Coming this summer: Cisco Support Community and Cisco Communities are merging. Learn more

Network Infrastructure Blogs

159 Views
0 Comments

With Ansible playbooks for networking platforms, historically most of the networking modules require a provider argument per task (which supplied the connection type, username, password, etc).

 

With Ansible 2.5 (which you can install now, via the latest dev release) allows connection: network_cli as a top level connection which is supported by all the major Cisco platforms now (ios, nxos, iosxr). Also connection: netconf is supported on iosxr. The deprecation for provider won't begin with Ansible 2.5, and will take considerable time, so there will not be any rush to update playbooks.

The network_cli and netconf connection plugins will allow playbooks to look, feel and operate just like they do on Linux hosts. Also the error reporting is significantly improved, which will help a lot of people who were frustrated with changes to Ansible in 2.3.

 

Here is a quick example, the follow example will provide a 1-task playbook that performs a backup of the configuration for the host rtr1:

---
- hosts: rtr1
  connection: network_cli
  remote_user: admin
  become: yes
  become_method: enable

  tasks:
    - name: Backup configuration
      ios_config:
        backup: yes

For more examples and details visit my blog post here: https://www.ansible.com/blog/coming-soon-networking-features-in-ansible-2.5

1074 Views
0 Comments

We are pleased to announce availability of Beta software for 16.3.6. This release is targeted towards ASR1K and ISR4K routing platforms.  We are looking for early feedback from customers before 16.3.6 software release is posted on CCO for General Availability (GA). This beta software addresses critical customer found defects which are mentioned below, along with the open caveats.  

 

Obtaining Pre-Release Software

  1. Please sign-up for the beta @ Sign-up
  2. Once above step is completed and NDA is signed, access to pre-released software will be made available to Cisco Beta Customers within 24 hours @ our share site

[NOTE: Please make sure to use Aspera Client to download files. If downloading for the first time from shares.cisco.com you will be prompted to install Aspera Client on top of Website]

 

Issues and questions:
For any issues and questions, please send email to routing-beta@cisco.com

 

Feedback and support:
Please provide detailed feedback via feedback form. In case of any issue, someone from the beta support team will work directly with you.

 

Non-Disclosure Agreement: 

This software and accompanied documentation is being provided to you under the non-disclosure agreement between you, your organization and Cisco. Please do not discuss this project and its features outside of the Beta related mailing lists.

 

16.3.6 Beta

Resolved Caveats

 

Defect

Headline

CSCvf02397

GETVPN: crash due to unexpected exception to CPU during Reg/Rekey policies from KS in latest tbase6

CSCvf54314

Crash due to a null pointer dereference on htsp structure

CSCvf73881

Vulnerability in QoS (but no QoS config needed)

CSCvf95077

Stale Mac entry in MLRIB

CSCvg01221

Crash at ikev2_osal_sa_req_failed after longevity testcase

CSCvg28395

Crash when doing snmp walk for ipAddressEntry

CSCvg56727

3850/3650 with 16.3.5/16.6.1 crashes with 'server-key' command using key of 128 characters or more

CSCvg62418

Backout of \"CSCve92404 - DF bit verification is failed in CSR\"

CSCva92216

BGP session is reset when unrecognized capability received in OPEN message

CSCvb49522

16.4.1 throttle: Traceback@mfib_ppr_ioitem_release_or_discard during traffic

CSCvb58606

IGMP receivers stops receiving traffic after Flapping of SVI after switchover

CSCvc18534

Incorrect Radius Server Status when locally defined user called in tester command

CSCvc61653

Polaris: polaris memory leak in btrace thread deletion

CSCvd00265

Standby hw_interface_ha_up wrong status causes LDP traffic completely loss after SSO

CSCvd11419

Configuring Packet tracer on IOS-XE triggers a crash intermittently

CSCvd27271

Crash during after IPSLA/IPPM frees packet store information

CSCvd64670

SCEP enrollment failing with HTTP/1.1 500 Internal Error

CSCvd80733

ISR4K: Hung Inactive SCCP session in transcoder/MTP required call flow

CSCvd90496

Crash: Runs out of memory because of SISF switcher is consuming memory

CSCve09104

Command \"segment-routing mpls\" under router isis 1 not getting NVGEN'd

CSCve31287

mac is learnt statically on both configured and ise downloaded vlan for voice client

CSCve53362

ASR1k: Unable to get RP_0(diag) prompt by Send + Break

CSCve54486

Crash when attempting to assign nonexistent/shutdown VLAN to 802.1x port

CSCve55089

BGP crashes at bgp_ha_sso_enable_ssomode

CSCve74432

Privilege Escalation from level 15 to root using the test vrf command

CSCve91324

MQC under GRE over ATM is not working

CSCvf16448

No all IPv6 GRE crypto tunnels may come up or recover from flapping at scale

CSCvf17849

16.7: Ipv6 Extended ping scenarios affected in latest polaris_dev

CSCvf19479

Few FRA fields related for 3800/2800 AP Monitoring are not defined

CSCvf31368

router crash after EEM-wanfailover script triggered

CSCvf33653

Controller port error, Power given, but State Machine Power Good wait timer timed out

CSCvf39474

GETVPN: TBAR sync \"timer is not running\" after KS upgrade causing anti-reply drops and GM outages

CSCvf40126

SEC-RUN-OSC: Enable OSC in IOSd Client code of Polaris

CSCvf43271

Traceback: Stack master crash at dot1x authentication

CSCvf51242

ISRv: hot removal of virtio interface in netmap mode is failing with polaris_dev based images

CSCvf59683

16.3.5 WebUI: Member switch reloaded (Peer reload reason: configuration mismatch)

CSCvf61628

Crash on 16.6 branch

CSCvf63269

After on the vnic edit on the fly changes - LAN-SRIOV sub interface ping fails after Reboot of ISRv

CSCvf63541

BGP w/global import/export crashes when several nbrs deleted simultaneously

CSCvf65088

SMD:EAP: Traceback in EAP-FAST while performing CTS PAC download

CSCvf65423

eCA AP SSO - IOSD crash @gold_bipc_bd_handler after SSO on new active and member

CSCvf65462

Crash @ cent_sm_dp_ap_eligible() on 3900e 15.6.3.M3

CSCvf65522

ESP crashed - double_exception_has_occured - malformed PIM packet over GRE tunnel & ERR_DTL_INV_ADDR

CSCvf68602

e1r2-Cas is not working when adding \"invert-abcd 1 0 0 0\"

CSCvf69272

SNMP ENGINE high CPU usage observed with 1.3.6.1.2.1.185.1.1.1(mgmdHostInterfaceEntry)

CSCvf69409

Tracebacks seen and session fails on trying to send traffic from host behind dataconnect device.

CSCvf70022

2800/3800 DCA is bringing down the XOR radios instead of moving them to Monitor mode

CSCvf73320

[UniScale]isr4431 crashes while finding NDR with max oif number per multicast grp at scale

CSCvf76535

B2B NAT HA: Stale NAT translations stuck on primary router after communication loss with standby

CSCvf80163

ASR1K crashes due to crypto microcode with no corefile/crashinfo

CSCvf80495

IPv6 BGP network advertized not seen in the peer

CSCvf81695

ASR1K encryption processor trace file is not valid

CSCvf84892

ASR1002HX experiencing crash

CSCvf85334

Fix crypto/ikev2 issues found during Alpha testing

CSCvf86462

Recommitx2: ASR1006-X memory leak fman_rp after sending 100,000,0 ARP entries

CSCvf88590

After disabling http server/https server on netconf, IP-Adm-V4-Int-ACL-global delete

CSCvf89396

ISRv/CSR: preserve config if VIRTIO interface hot added with same mac

CSCvf92460

show gtp parameters causes RP to crash

CSCvf94857

Cat6K-PnP:  PnP Server discovery is not happening with DNS lookup method.

CSCvf94948

Input policy-map classify traffic incorrectly - ISR4331

CSCvf96466

GLC-TE 100M link shows notconnect after SFP reseat or reload 3850

CSCvf97328

16.3.5prd1: 1G SFP does not come up after SFP OIR on Orsted/Euclid with speed noneg config

CSCvf98863

MMA crash (invalid pointer 0xdeadbee0) observed on border router in IWAN setup

CSCvg01445

MKA session can't up when Ethtype 876F and EAPoL Broadcast configured

CSCvg03498

\"copy run start all\" makes the router stuck

CSCvg05896

IWAN EIGRP SAF - seq number mismatch after branch reload

CSCvg06768

REST API management container hardcoded certificate

CSCvg14336

Commit of CSCvf59240 breaks CSCvf67024

CSCvg15158

DMVPN session get stuck in NHRP and UP-NO-IKE state without active IKEv2 session until rekey

CSCvg17971

ASR1k ESP may crash after a switchover if IPsec configured

CSCvg19300

SEC-RUN-OSC: Enable OSC for ICC compiler in IOSd Client code of Polaris 16.3.5

CSCvg24145

NGIO FC broken after module OIR

CSCvg25493

VLANs are not programmed correctly when configuration pushed using scripting tool.

CSCvg26879

Inconsistent behaviour while changing remote-number under tunnel

CSCvg29183

ISR4K - XE 16.3.4 - SIP-TDM GW - FLEXDSPRM-3-TDM_CONNECT errors and crash

CSCvg29820

ip cef load-sharing original does not work in 16.3.2 image

CSCvg31373

ISR4k Error Msg (SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ASR1000 SPA TDL)

CSCvg32105

Memory Leak in fman_fp_image when NBAR is configured

CSCvg35332

Incorrect and multiple  border reachable on auto tunnel in dual router branch

CSCvg37755

3850 does NOT answer arp request for some specific mac addresses

CSCvg43372

incorrect CDP/UDLD neighbors, duplicate entries seen in Denali-16.3.5

CSCvg45247

Site-prefix learning: Crash in 'IP RIB Update' Process after 'no domain default' on B1BR2

CSCvg45885

FNF CPU Utilization optimization on 16.3.x - Part 1

CSCvg46973

ASR1K -LNS  ESP crash after failing/flapping TeGig interfaces

CSCvg48647

Useless unlimited SMD logs with \"Direct use of printf is unsupported, use btrace\"

CSCvg52500

cpp_cp_svr 100% CPU due to dumping 'TX idle timer expire (channel 111055)\"

CSCvg54149

TCP socket flap due to keepalive timeout with message stuck in queue for Multi-VRF dual BR setup

CSCvg58932

16.3.3 : 3850 : Qos classification issue with NBAR

CSCvg60135

Yoda based platform : Crash on cpp_qm_obj_destroy with reason as LocalSoft on Polaris Release

CSCvg60156

3850 CTS fails to enforce RBACLs on known mappings

CSCvg60288

Device IP address AV pair replaced with 192.168.1.5

CSCvg60721

4451 crashes when MobileIP receives SNMP Trap

CSCvg62298

Cat6K-PnP:  Cisco Cloud Discovery is not working on Cat6K vrf management interface

CSCvg63492

ISR4k Polaris: disable CWS CLI

CSCvg64317

clean up of FED error logs for FNF in 16.3

CSCvg65489

Device cant call home any more after switch-over to a bad certificate

CSCvg65844

DataConnect: need to rename CLIs to not have 'dataconnect'

CSCvg70506

EzVPN: Network Extension Mode scenario is not working as expected.

CSCvg74751

Cat3k - Memory Leak in pvp.sh Process

CSCvg74894

Infinite certificate-install looping when HTTPS switch over takes too long over VRF

CSCvg76912

CFD: pnp config upgrade failed when IFS returns size 0 for all TFTP files

CSCvg77410

qos/cce AOM pending batch ack due to BQS pending config

CSCvg78317

Temporarily Disable HW acceleration for MIPS64

CSCvg82093

16.3.5: Trustsec enforcment doesnt work when ports picked up fromAsic0 Core0 (see 16.6.1 CSCve60518)

CSCvg82661

RG: Lack of debug support when startup config cant be loaded on any platform

CSCvg82969

Restore Ingress SGT caching on tunnel interface

CSCvg89036

uCode crash observed when processing return packet in SIP ALG

CSCvg89354

Crash@cent_channel_state_notify_do_policing with Pfrv3 enabeld due to cache line alignment issue

CSCvg89791

Configuring \"qos queue-softmax-multiplier\" causes stackwise-virtual members to split or crash.

CSCvg89855

ESP crashed - cpp_cp failed in cpp_qm_event_proc_defer_parent_event

CSCvg93380

RG: pnp certificate-install failed to switch over to non-443 port for HTTPS reconnect

CSCvg93554

Amur-MR8 : Active slot crash after no ipv6 pim bsr candidate

CSCvg95142

running multicast traffic 3850  crashed by fed process

CSCvh00038

Device IP address AV pair replaced with 192.168.1.5

CSCuy12896

ESON: DMVPN status is wrongly shown if IKE is NOT present (or) cleared

CSCuz12602

Cleanup polaris autoinstall logging

CSCuz53975

odd number MTU is not supported on NIM-ES2 ports

CSCuz54635

Crypto co-proc stats broken for traffic on high priority crypto queue

CSCuz78192

IOS SSH server is unresponsive when failed to fetch the OSCP response

CSCva29714

[ T_BASE_6 ROMMON NIGHTLY FAILED ] NIGHTLY Build FAILED for 15.6T

CSCva69742

netflow export flow with negative duration

CSCva93876

ASR1K PD code dropping 2nd Multicast packet in IPv6 Anycast-RP

CSCva99330

crash when tcp transactions debugs are turned on

CSCvb44035

System accounting message are not seen after new radius cli update

CSCvc06957

IOS-XE ZBF should not require \"pass\" action configuration for GRE, for traffic to self zone

CSCvc18884

ISR4321 LSMPI-4-INJECT_FEATURE_ESCAPE: Egress IP packet delivered via legacy inject path

CSCvc26759

ASR1k: ISG sends in Accounting-Response Message-Authenticator[80]

CSCvc38538

IPSLA Y1731 start time is much greater than sysUpTime while doing snmpwalk

CSCvc61593

Memory leak @LDP_nsr_in_lbl_wd_create on standby sup

CSCvc64017

IOS/IOS-XE logging \"sym_xapp_calleg_setup_req:codec not passthru do_rtcp == TRUE\" messages

CSCvc69534

Crash seen after show crypto gdoi group gdoigroup1

CSCvc72602

3.16.4 : Prepaid feature not installed if applied on service-stop evt

CSCvd05274

show int status not dispalying SFP type of 2x10G ,After multiple SSO

CSCvd12100

NGWC guest accounts aren't deleted after lifetime expires

CSCvd43539

NTP crash with empty peer list

CSCvd45388

ENH: IOS to send 0x7408 IKEV2_MODECFG_RESOLVE_DNS

CSCvd50052

Interface alignment/ordering for fortygig uplink interfaces is incorrect on WS-C3850-*X*U  switches

CSCvd79423

AToM forwards l2cp with \"no l2protocol forward\" enabled

CSCvd97229

Framed-IPv6-Route attribute is not working for IPv6 full route with leading zeros

CSCve06505

OSPF: NSSA route not installed in OSPF RIB and GRIB after deleting summary address

CSCve08700

Disable FIPS Module (FOM) runtime integrity check for arm64le during petra development

CSCve20499

OSPF SRTE: Once we disable and enable traffic-engineering, ospf route comes up with out RIB flag.

CSCve20813

Corrupt event trace output in AToM with CEM AC

CSCve23563

IF-MIB:Snmp output not matching CliOutput for few OID

CSCve23715

Remove RADSEC patch from ciscossl in binos

CSCve30867

OSPF SR TE: with multicast-intact option,handling of inter area prefixes incorrect in some scenerios

CSCve45461

After disabling NTP device drops all mode 6 NTP packets due to 'MODE_CONTROL ratecontrol'

CSCve59997

Open ssl library cause application crash in some cases

CSCve60917

OSPF GIR BASE: When 1 of NSSA ABR router goes to GIR mode, other nodes do not calculate repair paths

CSCve62870

Memory Free counters are wrong when system Used memory counters are = >100%

CSCve63821

OSPF SR: OSPF External Routes with non zero FWD Address - LRIB original (native) Paths/route missing

CSCve65442

sys_leap variable(used for ntp status) is not updating properly when leap bit set

CSCve68213

Network monitoring tool is reporting a duplicate IPv6 HSRP virtual address.

CSCve69144

Need add dscp and source option for ipv6 trace command

CSCve75579

CUBE crashed on executing \"show sip-ua calls called-number''

CSCve78038

IKE_INIT is sent before PPPoE dialer obtains its IP address

CSCve83420

ASR1000-2T+20X1GE/ASR1000-6TGE : Counters mismatch

CSCve92404

DF bit verification is failed in CSR

CSCvf03089

dscp input is not consistent in ipv4/ipv6 normal/extended ping and traceroute

CSCvf05474

Observed multiple Traceback messages on16.3.5 build

CSCvf06760

OSPF SIDRedist: In ABR when area summary range is configured, sids are not withdrawn from the range.

CSCvf12746

ISR4331 packet drop when shut/no shut interface that not transport traffic

CSCvf14004

OSPF SRTE/TI-LFA: When we have autoroute configured, TILFA repair path not computed for native paths

CSCvf14200

OSPF SRTE: Traceback seen when we change the prefix for the explicit tunnel first hop is changed.

CSCvf20785

emake build failed due to the dependency missing

CSCvf38837

Stateless IPsec is running at HSRP standby router

CSCvf44501

ISR4K slow responsiveness when interface state goes from UP to DOWN compared to Cat6880X

CSCvf47121

4500: CTS pac provisioning fails on reboot if automate tester is configured

CSCvf50937

stargazer: HA, RF progression is taking time due CWAN(1501) client

CSCvf52390

OSPF SRTE: When TE is unconfigured on area , RI LSA is not sent without TE attribute in opaque LSA.

CSCvf53760

EPA : Need to port fix of CSCsu38830  to EPA code

CSCvf55306

Static route of which next-hop intf is GRE tunnel remains even if the tunnel is down

CSCvf56274

BGP VRF route redistribution into global routing table fails after a VRF route flap

CSCvf58295

Cat3850 uplink interfaces experience link flap when SFP is inserted but no cables

CSCvf59231

iWAN router crashes @ dllobj_remove

CSCvf67269

IS-IS  support for mult-instance redistribution for IPv6.

CSCvf68956

cli should reject either dad or svl configuration on port if already configured as svl or dad

CSCvf70670

oplink GLC-GE100-FX fails to ping after OIR or shut/no shut

CSCvf71701

show ip lisp database keeps reachable although threre are no routes to EID Prefix

CSCvf72841

FlexVPN Client not starting immediately after router is reloaded

CSCvf73086

Unsupported Radio Type 3 for 3702 AP with HALO module

CSCvf76101

First drop error cause Tracebacks observed with IWAN stress

CSCvf77206

SLA doesn't recover after removing tunnel interface

CSCvf77213

3850 CTS manual encrypted sap pmk causes stack to reload due to config parsing error

CSCvf77761

After reload mp-ibgp routes incorrectly point to original vrf insted of \"global\"

CSCvf78439

Observed SISF traceback on 16.3.5 while booting the image

CSCvf78767

add-route not working for dynamic outside NAT pool

CSCvf80385

Intermittent Errors when Hot Adding VNIC

CSCvf81650

ASR1K encryption processor cores written to tracelogs

CSCvf83068

OSPF SR: %SR-3-SR_INTERNAL_ERR due to stale srgb handle used after changing the SRGB range

CSCvf85386

Incorrect counters in output of \"show macsec statistics\"

CSCvf88445

When handling CUCM's CS_OFFHOOK, need to set ccb its proper role

CSCvf91777

Intelligent Sync: exit-address-family does not return PRC_CONFIG_CHANGE

CSCvf93336

bgp aggregate summary Null0 route learned as site-prefix and published to remote site

CSCvf94001

domain is deleted, but the prefixes in pfrv3 route-import are not deleted

CSCvf97924

datacconnect configuration stuck while script configure / unconfigure/ reconfigure the datacoonect

CSCvf98783

PFR Crash on 4431 observed with Dual Router Branch with BR reload

CSCvf99697

WS-C3650-48FQM-E running 16.3.3 keeps generating FRU alarms

CSCvg01599

ASR1K display configuration when bootup with huge config and netconf-yang cli

CSCvg01681

Support SNMP DCA sensitivity and interval

CSCvg01760

Traceback-CPUHog seen on the device

CSCvg02922

cisco pd 7960 link getting down while configured power inline  port perpetual-poe-ha

CSCvg03185

ASR1001X - Print Error Code when license reg/req/rel fails

CSCvg03542

[RIB route watch] detect stale pointer from client to avoid system crash with corrupted memory

CSCvg03981

IOS-XE NAT: IP header of tunneled traffic is translated twice (in inner and outer header)

CSCvg04653

site-prefix withdraw also remove enterprise prefix entry from site-prefix DB unexpectedly

CSCvg04797

able to modify dataconnect temp-destination even when dataconnect session are active

CSCvg04830

cman_fp: Repeated btrace error \"Unable to mark Goldeneye ready via CPLD\" seen in 1002-HX/1001-HX

CSCvg05599

Router does not recalculate UDP checksum after NAT

CSCvg05643

sh pla ha qfp act da infra sw-nic not showing correct info after interface hot removed

CSCvg05772

Switch couldn't grant power to static int while adding back standalone switch to stack-power stack

CSCvg07622

GBIC_SECURITY_CRYPT-4-VN_DATA_CRC_ERROR on G48 FortyGig(QSFP-H40G-CU3M)

CSCvg07820

rel20: backout CSCur95875 due to dp_check failure

CSCvg08357

Build issue seen on c2960-lanlitek9-mz, c2960l-th-mz after ipv6_ulp component uprev on flo_dsgs7

CSCvg08705

PnP Agent : Config upgrade service not able to save the config

CSCvg10514

rttMonNotificationV2 trap does NOT be sent during interface shut down

CSCvg12880

16.6.1A: TSN Traceback seen while clearing PPP session with service policy attached in dialer

CSCvg13638

Traffic drop seen after \"%ACL_ERRMSG-6-RELOADED\" message when verify max ACE entries for IPV4 VACL

CSCvg18971

Ignore unknown MKA paramset, instead of dropping MKPDU

CSCvg22150

Dataconnect CLI under tunnel interface accepts bandwidth values as a sting.

CSCvg22944

Edison: Transceiver monitoring support for 16.3.6/166.6

CSCvg24259

Make sure OCTEON_OPENSSL is defined for MIPS platforms

CSCvg25863

Handling IGMP V1 and V2 Reports, Leave message and Group Specific Queries in QinQ tunnels

CSCvg26012

[Polaris 16.3.5] Crash due to high memory holding while IPV4/IPV6 clients fast roaming

CSCvg26044

[Polaris 16.3.5] SISF traceback while clients roaming

CSCvg28350

Upon successful login, the network device must notify the administrator.

CSCvg34012

TSN: Looping for snmp walk ipAddressEntry for IP-MIB.

CSCvg34039

WS-C3650-12X48UR : no traffic over tex/1/7 ports

CSCvg36246

SM-X-ES3's port connected to Ethernet-Internal x/0/0 always become block port.

CSCvg37883

DOM query nonstop run in fed process

CSCvg41285

missing DB unlock in SANET

CSCvg43022

CPU >99% on fed-ots-nfl with >180k flows due to unused monitor timeout config

CSCvg45680

Channel not deleted in time after smart probe denied

CSCvg46297

\"n\" is printing at the show power inline priority CLI header

CSCvg46331

Polaris : 16.3.6 Barbados XOR - Client Network Preference SNMP support

CSCvg48154

UDLD error disables the 10G interface when enabling \"udld aggresive\" on peer

CSCvg49155

Memory buildup with ip sla enable reaction-alert command

CSCvg49753

Received EVPN route type 2 ignored by ASR1K RR

CSCvg50525

FMFP-3-OBJ_DWNLD_TO_DP_FAILED error messages are shown while adding new prefixes.

CSCvg50595

IPV6 needs to be enabled under interface in order to configure ipv6 dhcp relay Polaris releases.

CSCvg55316

Multiple crashes on ASR1k at iWAG GTP PDP director event dispatcher

CSCvg57715

TC cannot be learnt when the traffic ingress interface is changed from auto-tunnel to physical intf

CSCvg58479

v16.3 throttle baseline to 16.3.5 CCO image

CSCvg58755

16.8.1 : 3850 : Fix kernel logs on the switch

CSCvg61589

MON-Ingress-per-DSCP cannot be created correctly if policy is deleted and created in short time

CSCvg62441

Recommitting 'CSCve92404 - DF bit verification is failed in CSR'

CSCvg72960

ASR1K - LNS node de-aggregation  w/ POLARIS image

CSCvg76611

3850: SW version is still showing 16.3.5 on latest V163_MR_THROTTLE_LATEST

CSCvg77132

3850 IPv6 esp not permitted even though \"permit esp\" is configured

CSCvg91169

3850 standby switch reloads due to configuration-mismatch after use \"exception crashinfo\" command

CSCvg93175

binos changes to enable hw watchdog on isr4k

CSCsb32774

CRYPTO-4-PKT_REPLAY_ERR syslog messages appear in three lines

CSCvg06072

Prepare polaris_dev for CEL7

CSCvg08103

IPv6 ULP Trace Options Control

CSCvb27822

Address #include_next behavior difference with clang

CSCvc92583

CRimson Bi-endian: add attributes for unions of pointers and integers

CSCvc94243

CRimson Bi-endian: define attributes for unions of pointers and integers

CSCve12879

Add support for TLS1.1 and TLS1.2 in crypto engine.

CSCve44657

Feature: DataConnect code changes

CSCvf31011

Clean up SA .command file generation in IOS

CSCvg01555

NG3K: Show Forward/Data Path tracing summary with Multicast forwarding and punt to CPUQ summary

 

16.3.6 Beta

Resolved Caveats

 

Defect Headline
CSCvg40430 4431 QFP crashes by a LLC packet received in a Serial Interface
CSCuz33560 IOS crashed unexpectedly during CA certificate authentication.
CSCvb99922 16.3.2: Process= \"XEP_pnp-zero-touch\" trace back on Euclid stack with config upgrade
CSCvc26134 self-generated packets sent fail over PMIP-MUDP tunnel in LMA
CSCvc47165 SFP port detect link-flap error and it's in error-disabled state on 3650
CSCve57506 IPv6 ESP traffic incorrectly dropped after decryption by IPv6 interface access-list
CSCvf24928 QFP exmem memory leak in cpp_fm_sce_result_chunk
CSCvf30163 With OSPFV3 authentication, OSPFV3 neighborship not coming up
CSCvf30703 Watchdog crash at sla_resp_config_command when executing the \"show run\" command
CSCvf30772 4331 - ATM - T1 CAS - One Way Audio: Dropping Packets due to Tail Drop
CSCvf36888 IOS-XE DMVPN Per-tunnel QoS not working on CSR1k without AX license
CSCvf56063 16.6.2_0802: Standby removed  after \"configure replace flash:0712_BaseFinal_cfg force \"
CSCvf60862 Cisco IOS and IOS XE Software IOS daemon Cross-Site Scripting Vulnerability
CSCvf62958 Memory leak seen @ CRYPTO_malloc when certificated is imported using tftp or http
CSCvf68261 Crash when printing IPSEC anti-replay error
CSCvf74829 CRL download fails due to \"failed to create getcacert message\"
CSCvf84295 Memory leak in IPSEC key engine process
CSCvf84340 IOS crash when logging rx dsp ctrl message out_of_sequence count syslog
CSCvf89608 Missing ip route to cellular interface after router reload or modem power cycle
CSCvf96035 ISIS redistribute connected not working for IPV6 routes
CSCvg02533 router crashed after triggers with debug
CSCvg20200 Polaris: Crash observed while client association with key-wrap enabled in controller.
CSCvg21440 Memory leak with  DMVPN tunnel protection ipsec
CSCvg33403 Incoming call fails with 'Lower layer disconnected call  cause=47' error
CSCvg47106 Listname of pki Session is set to NULL
CSCvg70033 Fast poe/Perpectual-poe is not working while executing \"reload slot < switch number >\"
CSCvg75380 Polaris 16.3.5: Crash at auth_mgr_show_dc_details
CSCvg92437 AToM: MSPW VC Down with Reason as No VC Remote Label Binding Received on RP SSO
CSCvd80158 ISR G3/POTS to POTS FAX/Modem can't reach SG3 speeds
CSCvd91120 Hung sccp and rtp session when media failure reported for transcoding call
CSCve32391 Ports are not freed for non-EDM mapping when EDM mapping also exists
CSCve54793 Last reload reason: Not correct in for ASR1k consolidated platfroms
CSCve57830 SUBALTNAME DECODE fails for APIC_EM self-signed cert when validating server identity
CSCve75007 Crash on sstrncpy with null pointer
CSCve78802 Overlord: GLC-TE SFP module cannot up after OIR during traffic
CSCve92631 ASR1000-6TGE/2T+20X1GE: High CPU Usage in MCPELC-ISR Process
CSCvf13238 Some of the PDs dont show class values for the CLI show power inline
CSCvf19240 Incomplete remote id info seen in ICRQ message at LAC
CSCvf38253 ASR1K - %IDMGR-3-INVALID_ID: bad id in id_get (Out of IDs!) (id: 0x0)
CSCvf40118 Sh idprom shows Diag monitoring as not implemented
CSCvf51884 QoS ingress cos classification failed on trust cos dot1q-tunnel port
CSCvf77644 ASR1000 Interface may be unusable due to an error deleting previous configs
CSCvf79008 Voice-port shut down but PRI is still UP.
CSCvf82376 Crash when removing \"crypto map ipv6\" and then related IPv6 ACL
CSCvf83926 Fast memory depletion on GETVPN KS in ipsec_db_add_gdoi_sa_req
CSCvf90225 FlexVPN over MPLS with direct iBGP spoke-spoke peering does not add label in CEF
CSCvf95066 Renew timer starts without authentication of trustpoint
CSCvg01774 OSPF SSPF:  when seg area is disabled and enabled, mapping server EPL entries not re-generated.
CSCvg02898 cisco 7960 PD connection getting down while configuring power inline never/no power inline never
CSCvg04055 Re-calculate PKI SHADOW timer after NTP synchronization
CSCvg20799 PPPoE MTU issue after removing the max payload cli under physical interfcae
CSCvg21196 ISR4K SW MTP configured as TRP does not relay PLI/RTCP messages.
CSCvg21867 OSPF SSPF: With ECMP combination of MPLS TE and SRTE tunnels, all RTP tunnel paths marked as SRTE
CSCvg26073 QFP Memory leak in 'cpp_cp_svr' with 'CPP List Hdr Chunk'
CSCvg26721 OSPF SSPF: Too many intra-area SPFs for every SID change when remote-lfa is configured
CSCvg28013 OSPF SSPF: CstrPath flag not removed when RSVP TE tunnel config changed to SRTE
CSCvg31708 OSPF SSPF: With ECMP of SRTE and RSVP-TE auto-announce tunnels, RSVP-TE is not installed as MFI path
CSCvg34790 Device crashes due to crypto pki functions
CSCvg35532 OSPF SSPF: with Non-ECMP SRTE+RSVPTE, Native paths installed for RSVP TE tunnel with metric option
CSCvg40006 OSPF SSPF: both RSVP TE tunnel paths and its native IGP paths are installed in GRIB
CSCvg40688 usb console can not be recognized and usb LED not light on C3850
CSCvg43199 OSPF SSPF: Not all igp paths are installed as SID0 MPLS2MPLS constrained path, since not in GRIB
CSCvg43685 OSPF SSPF: ECMP of RSVPTE+SRTE incorrect SID0 MPLS2MPLS cstr path with multicast-intact option
CSCvg53898 OSPF SSPF: IP bind of SID0 label to MPLS2MPLS forwarding path may not happen in certain scenarios.
CSCvg61564 Block SVL CLIs on unsupported platforms/ SKUs
CSCvg61586 IPSLA ICMP-jitter operations skipped
CSCvg62050 Authenticating a Trustpoint that references an enrolment profile FAILS
CSCvg73882 clean up of FED error logs for PVLAN
CSCvg82807 REVA: Upgrade reva nim to support 4G DDR
CSCvg85135 Idle TImeout Direction (inbound)  is ignored when it is sent before timeout value
CSCvg91431 missing profile on Octeon tstool

 

6.3.6 Beta

Open Caveats

 

Defect Headline
CSCva12253 Trustpool: add vrf support for trustpool api's on IOS

 

 

95 Views
0 Comments

If you want to trap all the commands entered on cisco routers and switches, you can install this tcl script on the router. when cisco technical support login to your device for troubleshooting, you can record all the commands the tech has been entered.

Read more...

413 Views
0 Comments

A blog that details the basic configuration required to connect to BT Fibre / Infinity ADSL Without Using the Business Hub; the ADSL line can connect directly to the ISR.

Read more...

79 Views
0 Comments

i have two cisco catalyst 6807 xl switch how can i confiure it on glbp protocol ,need to be configuration

both switches will be running as active active mode

Read more...

226 Views
0 Comments

This video introduces the layout, navigation, and tools available on new wireless site maps in Prime Infrastructure 3.2.

To review the layout, navigation, and tools in the application, watch the video.

For more information, refer to the Wireless Site Maps Overview job aid.

To access other Prime Infrastructure training, open our training page.

108 Views
0 Comments

This job aid introduces you to the layout, features,and tools available on wireless site maps in Prime Infrastructure 3.2.

To review the process, open the job aid.

To review the layout, features, and tools in the application, watch the Navigating Wireless Site Maps video.

To access other Prime Infrastructure training, open our training page.

179 Views
0 Comments

This job aid introduces you to the types of information that you can see when using the Network Health dashboard and performance graphs to monitor overall network health.

To review the process, open the job aid.

To access other Prime Infrastructure training, open our training page.

1717 Views
0 Comments

We are pleased to announce availability of Beta software for 16.3.5. 16.3.5 will be the fourth rebuild on the 16.3 release train targeted towards Catalyst 3650/3850 switching platforms.  We are looking for early feedback from customers before 16.3.5 software release is posted on CCO for General Availability (GA). This beta software addresses critical customer found defects which are mentioned below, along with the open caveats


Obtaining Pre-Release Software

  1. Please sign-up for the beta @ Sign-up
  2. Once above step is completed and NDA is signed, access to pre-released software will be made available to Cisco Beta Customers within 24 hours @ our share site

[NOTE: Please make sure to use Aspera Client to download files. If downloading for the first time from shares.cisco.com you will be prompted to install Aspera Client on top of Website]

Issues and questions:
For any issues and questions, please send email to ecsg-beta@external.cisco.com

Feedback and support:
Please provide detailed feedback via feedback form. In case of any issue, someone from the beta support team will work directly with you

 

Non-Disclosure Agreement: 

This software and accompanied documentation is being provided to you under the non-disclosure agreement between you, your organization and Cisco. Please do not discuss this project and its features outside of the Beta related mailing lists

 

16.3.5 Beta_2

Resolved Caveats

Defect IDHeadline
CSCvf64859Stackwise Virtual domain changed to default upon entering and exiting stackwise-virtual config
CSCvf4111716.3.3 ES: Second SVL member could not be added due to SVL speed mismatch after re-adding SV config
CSCve445633850 || VLANs are not programmed correctly when configuration pushed using scripting tool.
CSCvc147783850 processes untagged packets in trunks when the vlan dot1q tag native command is enabled
CSCvf59240PID shown in "sh inventory/version" should be based on CFG_MODEL_NUM
CSCve78157Stack member ports may transition to "shutdown" after SSO
CSCvd191923850: LED amber blinking, link up/down, or link up without down happen on unconnected SFP port
CSCvf58092SV:G48: fail to route pkts when data port and SVL are on same asic and core
CSCve26782L3VPN: Stale bgp vpn label programmed/used  for forwarding mpls traffic for specific prefix
CSCvf50522HW Forwarding fails with MPLS MACSEC
CSCve99435keepalive packets don't check  loop when use C3850 IOS-XE16.X
CSCve99435keepalive packets don't check  loop when use C3850 IOS-XE16.X
CSCvf39197Mac not learn for vlan 325 with port security enabled
CSCve52842C3650 No syslog generate when AC power is replaced with RPS
CSCve573903850 10G port in err-disable state due to link-flap error after peer reload
CSCvd38417qos queue-softmax-multiplier 1200 not work unless reload
CSCvd09012queueing CoS 5 QnQ
CSCvd93866Cat3850 - ECN bit is removed when the "auto qos trust dscp" input policy is applied.
CSCvf45112[AVC]context with name longer than 15 chars assignment fails
CSCvb14640Cisco IOS and Cisco IOS XE Software IPv6 SNMP Message Handling Denial of Service Vulnerability
CSCvc07577Crash in BGP due to regular expressions
CSCva44291OCSP SHA2 signature algorithms verification fails
CSCvd66543access-session commands can never be removed from port
CSCvb44320switch crashes continuously after booting up with autosmartport
CSCvd76728[dot1x timeout tx-period] cannot be applied to interface template
CSCuy68013Switch crashed after add "ip wccp 61 global" command during traf

 

16.3.5 Beta_1
Resolved Caveats

 
Defect IdHeadline
CSCve46875Cisco Smart Install Remote Code Execution and Denial of Service Vulnerability
CSCve5902716.3.3 SV stack sometimes results in unpredictable switchover after a few days of operation
CSCur31055Ten gig links gets err-disable after \"UDLD enable\" on 3850
CSCvb60511SSH doesn't work with MACSEC configured between 3850 and 4500
CSCvb81266If a port is configured SVL and DAD, switch reloads
CSCvc79444Edison does not send out the ICMP redirect msg back to source
CSCvc83353x86:OIR or Hotswap of QSFP-40G-LR4 , detection fails
CSCvd03683PAGP switch crashes after \"no channel-group 1 mode active\" is issued
CSCvd21642SIT [FED2.0 2/16 image]: MKA-128: 3850CR-CSR traffic failing  after rekey
CSCvd36799Smart Install client being enabled must be visible in running-config
CSCvd36810Smart Install client must alert to console periodically
CSCvd36820Smart Install client feature should auto-disable when not in use
CSCvd56652Sometimes G48 10G ports can never come up once they go down (regression from CSCvc32612)
CSCvd68540Denali: MAC address not cleared from some port after port-sec aging
CSCvd69092on port mode change, Controller port error, State Machine Power Good wait timer timed out
CSCvd69806Smart Install Memory Leak/Information Disclosure
CSCvd69919Power inline static got rejected on reloading a stack
CSCvd71604Smart Install Memory Leak/Information Disclosure
CSCvd71836User configured values should be retained when same type of SFP adapter is inserted /OIR
CSCvd76241PoE is not working as expected in 16.3.4
CSCve02686Catalyst 3850 crash after polling entSensorValueEntry.
CSCve03476DHCP relayed packets not forwarded when DHCP snooping is enabled on the switch.
CSCve04880Incorrect power budget calculated causing allocated + unused power to be more than the total power
CSCve07266Cat9300: Powered up IEEE PDs are reported off upon switch reload
CSCve26921physical interface base mac address changes to 0000.0000.000xx
CSCve28864stack-power is budgeted wrong upon stack-power cable OIR, SSO and slot reload
CSCve29061Port Te 1/0/13&14 on WS-C3850-48XS might not work after an upgrade from 3.7.5 to 16.3.3 denali
CSCve32078Auto-upgrade does not work when switch with 3.6.6 is added to 16.5.1a stack
CSCve38995Cat3850 packet drop when shut/no shut  interafce that not transfer traffic
CSCve40787C3850 stops forwarding multicast traffic after reload.
CSCve42843Polaris: Sanity: Traceback@INJECT_FEATURE_ESCAPE: Egress IP packet delivered via legacy inject path
CSCve47742Auto-upgrade does not work when switch with 16.3.3 is added to 16.5.1a
CSCve573903850 10G port in err-disable state due to link-flap error after peer reload
CSCve60390PING failed via routed l3 port on directly connected interface
CSCve697953850 incorrect group-mask when configure 7 member-ports in a port-channel
CSCve73808PLATFORM_PM-6-DIFFERENT_MODULE_INSERTED appears in bootup logs for same SFPs previously inserted
CSCve74710Ping from SV to access switch on L3 port failed after multiple switchport conversions
CSCve76912With SPAN config L2 to L3 port conversion fails
CSCve85179\"speed nonegotiate\" cannot be reflected on port which has no SFP inserted
CSCve88714Stack member crash on disconnecting one stack cable
CSCve94496Polaris: I/O pool memory leak with igmpsn_mrd_handle_igmp_pak.
CSCve99176Nyquist and NyquistCR: When USB console cable is connected switch continuously reboots
CSCvf06251Polaris16.3.5 : Mac address is not cleared properly
CSCuw98441DOM support for 40G SFP
CSCva42010RPS bkup support to Theon for 750W AC input power
CSCva762633850-48P switch stack rebooted with a Abort on Chasfs
CSCvc52030DAD configuration not in the running configuration
CSCvc63926Netflow exporter - In case of IPFIX, the stats keep incrementing endlessly
CSCvc96706Denali 16.3.2 not providing PoE after bouncing the port.
CSCvd15960Edison/Nyquist : show hardware led and line console 0 displays rj45 when booted with usb cable
CSCvd191923850: LED amber blinking, link up/down, or link up without down happen on unconnected SFP port
CSCvd30141unconnected GLC-GE-100FX link up down once when 3850 stack boot up after reload
CSCvd31425Nyquist: On enabling debug ilpower controller, debugs also seen for admin down ports.
CSCvd42791Stackwise-virtual missing from 'show tech-support'
CSCvd49407SID2- Backup/backoff status
CSCvd53780Line Protocol on 10G interfaces (on NM modules) may flap on 3850 mGig models
CSCvd62828Invalid traces and lack of supportability for PoE on 3650/3850 running Polaris image
CSCvd65435WDAVC:FNF & WDAVC not functional on Archimedes[C3650-48PS] platform (platform api returns incorrect)
CSCvd75681Report all Faults in IOS.
CSCvd77724Cat3650 error counter on not use uplink interface
CSCvd77906IPv6 neighbor discovery packet processing behavior
CSCvd84636Polaris - Impacting stack-mgr events should be printed as a syslog
CSCvd89348%PLATFORM_PM-6-MODULE_ERRDISABLE when remove and insert SFP on admin down port
CSCvd9035916.3.3 Native VLAN does not FWD when interface template is applied via dot1x
CSCve08303Dedicated show tech-support poe
CSCve09044Operational priority values are still reflecting after fixing CSCvd98474
CSCve13960Edison : usb console not detected when booted the switch with usb cable
CSCve19198\"sh tech-support\" is missing stack-power detail, load-shedding and neighbors information
CSCve232953850XS Series running Denali shows UDLD/CDP issues when native vlan is not in the database
CSCve274203850 MKA PSK:Ping failure seen after un-config of policy on an interface with Secured MKA session
CSCve35686Entropy part of FIPS and SESA  code hardening to handle the exception cases
CSCve40391GLC-GE-100FX link up as half for some time even with duplex full configuration after 3850 reload
CSCve42647Vstack backup to tftp corrupts filenames
CSCve45135OBFL : show logging onboard does not show logs when power supply removed
CSCve47264Generate system report as part of \"show-tech\"
CSCve488883650 switch Getting Noicy afyer few weeks
CSCve4930816.3.5 Debuggability: Enhance show controller ethernet-controller < interface > Phy  for 82780 driver
CSCve49310Debuggability: Enhance show controller ethernet-controller < interface > Phy  for AQ405 driver
CSCve581523850 Stacked 16.3.3 BGP w/NSF & BFD Standby to Active Convergence Time
CSCve60789Power supply status shows UP when Power cord is disconnected or PS is OIRd'
CSCve83172Debuggability enhancement for BCM82780 PHY Driver - 16.3.5
CSCve85583Molex and CREE get classified as IP Phone on Polaris
CSCvf02756power inline configuration not retained after Port L2/L3 mode change
CSCvf04625if \"facility-alarm critical exceed-action shutdown\" config can be removed or not
CSCvf07049Bonjour/mDNS Traffic Routed Without Presence of Bonjour Gateway
CSCvf09104L2PT doesn't work for LLDP unless LLDP is enabled on the switch and fix typrographical error
CSCvf09238Switch running 16.3.3 will reload when running platform QoS commands
CSCvf1109216.3.5:C3850-12X48U: %ILPOWER-3-ILPOWER_INTERNAL_IF_ERROR: Inline Power internal error,
CSCvf40403DC OUI database update for v163_mr_throttle
CSCuq53880Mingla2: EC with native vlan
CSCuz99593Intermittent packet loss to HSRP virtual IP address
CSCva05226\"dot1x pae authenticator\" lost from interface once port moved to trunk
CSCvc267873850 mgig: Interface may flapping unexpectedly or go to err-disabled
CSCvc35065Enh: need CLI to tune buffers on Egress port without service policy
CSCvc65312FEW: FMAN_FM crash @fman_cef_doppler_gtrie_prefix_modify_a during longevity
CSCvc73079\"Speed nonegotiate\" disappeared after ORI'ing SFP on back-to-back switch
CSCvc83011WDAVC: cisco-jabber-audio & ms-lync  protocol becomes unknown  on WS-C3850
CSCvc86727Switch crash on show lacp internal detail
CSCvc89735Crash on process SMI CDP due to memory exhaustion
CSCvc90617CPU destined traffic is dopped in software when default sgacl confgured as deny
CSCvc98704\"ciscoFlashDeviceChangeTrap\" output when power off C3850
CSCvd02101QSFP-40G-SR-BD shows speed as 1000Mb/s
CSCvd03465Switch prevents updating MAC address in multi-host mode
CSCvd15847IPv6 Mcast over L2 switch failed to get the ( *,G ) joins at client
CSCvd23343Adding FSS related commands as part of \"Show Tech Support\" CLI
CSCvd3172416.3.3 REP: one second lsl-age-timer causes high cpu, REP flap on link down/link
CSCvd33197Denali: 3850 Uplink port goes down after reload due to udld err-Disable on remote end
CSCvd36024SGACL enforcement under VRF unexpectedly blocking traffic
CSCvd41836AP unable to join WLC if SPAN is configured on fabric edge
CSCvd45973Catalyst 3850/3650 - memory leak in platform_mgr process
CSCvd77215IPv4 ping failure between directly connected interfaces with WS-C3850-24P-E and WS-C3850-48P-E
CSCvd80714High CPU Usage on 3850 running Polaris when it received ipv4 packets with options
CSCvd85770StackWise Virtual 3850-48X MEC switchover traffic black holing
CSCvb38405Hw route programmed does not display fully with the show command for given VRF
CSCvb53858Power Supply SN incomplete (only 10 characters)
CSCvc57779Leap Second was added twice(total 2 seconds) on C3850
CSCvc59844Switch May Incorrectly Transition non Root ports to Root on SSO Failover
CSCvc63975Ping fails with RSPAN configured when SRC and DEST(remote-span) vlans are allowed on the same trunk
CSCvc74700LED for speed is black/off for QSFP-40G-ER4
CSCvc75023LED turns amber upon setting the interface to \"no switchport\"
CSCvc88679SCHED-3-THRASHING: Process thrashing on watched queue 'sep rxQ'. -Process= \"SEP_webui_wsma
CSCvc96378with SVI down,Vlan dose not get pruned when interface are flapped
CSCvc99866inconsistent index mapping between cpeExtPsePortEntPhyIndex and entPhysicalName
CSCvd08866Switch crashed after dot1x session stuck in pending deletion
CSCvd19383Flow monitor does not work on L3 Port-Channel members
CSCvd58540Adding debugs for CGM Traceback
CSCvd64127Remove unsupported CLIs, replace with supported CLIs from \"show tech\"
CSCvd64943\"Show idprom interface\" cli doesnt display enough information
CSCvd671133850 stack startup config sometimes disappear after power cycle
CSCvd83412Porting CSCuy73381 to Fed 1.0
CSCve07496Polaris: 16.3.4: Show version output is showing 'SW version' as 16.3.3

 

Open Caveats

CSCve31341Unicast DHCP ACK is not forwarded when DHCP snooping is enabled
CSCve99435keepalive packets don't check loop when use C3850 IOS-XE16.X
CSCve26782L3VPN: Stale bgp vpn label programmed/used for forwarding mpls traffic for specific prefix
CSCve78157 Stack member ports may transition to "shutdown" after SSO
CSCvc52139X86 - ciscoPD 7960 failed to be detected when change port between L2 and L3
CSCvf45130apply QoS with APIC-EM trigger FED to crash in 3850 switch stack

764 Views
0 Comments

 

We are pleased to announce availability of Beta software for 16.3.5. 16.3.5 will be the fourth rebuild on the 16.3 release train targeted towards Catalyst 3650/3850 switching platforms.  We are looking for early feedback from customers before 16.3.5 software release is posted on CCO for General Availability (GA). This beta software addresses critical customer found defects which are mentioned below, along with the open caveats


Obtaining Pre-Release Software

  1. Please sign-up for the beta @ Sign-up
  2. Once above step is completed and NDA is signed, access to pre-released software will be made available to Cisco Beta Customers within 24 hours @ our share site

[NOTE: Please make sure to use Aspera Client to download files. If downloading for the first time from shares.cisco.com you will be prompted to install Aspera Client on top of Website]

 

Issues and questions:
For any issues and questions, please send email to ecsg-beta@external.cisco.com

 

Feedback and support:
Please provide detailed feedback via feedback form. In case of any issue, someone from the beta support team will work directly with you

 

Non-Disclosure Agreement: 

This software and accompanied documentation is being provided to you under the non-disclosure agreement between you, your organization and Cisco. Please do not discuss this project and its features outside of the Beta related mailing lists

 

16.3.5 Beta_2

Resolved Caveats

Defect IDHeadline
CSCvf64859Stackwise Virtual domain changed to default upon entering and exiting stackwise-virtual config
CSCvf4111716.3.3 ES: Second SVL member could not be added due to SVL speed mismatch after re-adding SV config
CSCve445633850 || VLANs are not programmed correctly when configuration pushed using scripting tool.
CSCvc147783850 processes untagged packets in trunks when the vlan dot1q tag native command is enabled
CSCvf59240PID shown in "sh inventory/version" should be based on CFG_MODEL_NUM
CSCve78157Stack member ports may transition to "shutdown" after SSO
CSCvd191923850: LED amber blinking, link up/down, or link up without down happen on unconnected SFP port
CSCvf58092SV:G48: fail to route pkts when data port and SVL are on same asic and core
CSCve26782L3VPN: Stale bgp vpn label programmed/used  for forwarding mpls traffic for specific prefix
CSCvf50522HW Forwarding fails with MPLS MACSEC
CSCve99435keepalive packets don't check  loop when use C3850 IOS-XE16.X
CSCve99435keepalive packets don't check  loop when use C3850 IOS-XE16.X
CSCvf39197Mac not learn for vlan 325 with port security enabled
CSCve52842C3650 No syslog generate when AC power is replaced with RPS
CSCve573903850 10G port in err-disable state due to link-flap error after peer reload
CSCvd38417qos queue-softmax-multiplier 1200 not work unless reload
CSCvd09012queueing CoS 5 QnQ
CSCvd93866Cat3850 - ECN bit is removed when the "auto qos trust dscp" input policy is applied.
CSCvf45112[AVC]context with name longer than 15 chars assignment fails
CSCvb14640Cisco IOS and Cisco IOS XE Software IPv6 SNMP Message Handling Denial of Service Vulnerability
CSCvc07577Crash in BGP due to regular expressions
CSCva44291OCSP SHA2 signature algorithms verification fails
CSCvd66543access-session commands can never be removed from port
CSCvb44320switch crashes continuously after booting up with autosmartport
CSCvd76728[dot1x timeout tx-period] cannot be applied to interface template
CSCuy68013Switch crashed after add "ip wccp 61 global" command during traffic

 

16.3.5 Beta_1
Resolved Caveats

 
Defect IdHeadline
CSCve46875Cisco Smart Install Remote Code Execution and Denial of Service Vulnerability
CSCve5902716.3.3 SV stack sometimes results in unpredictable switchover after a few days of operation
CSCur31055Ten gig links gets err-disable after \"UDLD enable\" on 3850
CSCvb60511SSH doesn't work with MACSEC configured between 3850 and 4500
CSCvb81266If a port is configured SVL and DAD, switch reloads
CSCvc79444Edison does not send out the ICMP redirect msg back to source
CSCvc83353x86:OIR or Hotswap of QSFP-40G-LR4 , detection fails
CSCvd03683PAGP switch crashes after \"no channel-group 1 mode active\" is issued
CSCvd21642SIT [FED2.0 2/16 image]: MKA-128: 3850CR-CSR traffic failing  after rekey
CSCvd36799Smart Install client being enabled must be visible in running-config
CSCvd36810Smart Install client must alert to console periodically
CSCvd36820Smart Install client feature should auto-disable when not in use
CSCvd56652Sometimes G48 10G ports can never come up once they go down (regression from CSCvc32612)
CSCvd68540Denali: MAC address not cleared from some port after port-sec aging
CSCvd69092on port mode change, Controller port error, State Machine Power Good wait timer timed out
CSCvd69806Smart Install Memory Leak/Information Disclosure
CSCvd69919Power inline static got rejected on reloading a stack
CSCvd71604Smart Install Memory Leak/Information Disclosure
CSCvd71836User configured values should be retained when same type of SFP adapter is inserted /OIR
CSCvd76241PoE is not working as expected in 16.3.4
CSCve02686Catalyst 3850 crash after polling entSensorValueEntry.
CSCve03476DHCP relayed packets not forwarded when DHCP snooping is enabled on the switch.
CSCve04880Incorrect power budget calculated causing allocated + unused power to be more than the total power
CSCve07266Cat9300: Powered up IEEE PDs are reported off upon switch reload
CSCve26921physical interface base mac address changes to 0000.0000.000xx
CSCve28864stack-power is budgeted wrong upon stack-power cable OIR, SSO and slot reload
CSCve29061Port Te 1/0/13&14 on WS-C3850-48XS might not work after an upgrade from 3.7.5 to 16.3.3 denali
CSCve32078Auto-upgrade does not work when switch with 3.6.6 is added to 16.5.1a stack
CSCve38995Cat3850 packet drop when shut/no shut  interafce that not transfer traffic
CSCve40787C3850 stops forwarding multicast traffic after reload.
CSCve42843Polaris: Sanity: Traceback@INJECT_FEATURE_ESCAPE: Egress IP packet delivered via legacy inject path
CSCve47742Auto-upgrade does not work when switch with 16.3.3 is added to 16.5.1a
CSCve573903850 10G port in err-disable state due to link-flap error after peer reload
CSCve60390PING failed via routed l3 port on directly connected interface
CSCve697953850 incorrect group-mask when configure 7 member-ports in a port-channel
CSCve73808PLATFORM_PM-6-DIFFERENT_MODULE_INSERTED appears in bootup logs for same SFPs previously inserted
CSCve74710Ping from SV to access switch on L3 port failed after multiple switchport conversions
CSCve76912With SPAN config L2 to L3 port conversion fails
CSCve85179\"speed nonegotiate\" cannot be reflected on port which has no SFP inserted
CSCve88714Stack member crash on disconnecting one stack cable
CSCve94496Polaris: I/O pool memory leak with igmpsn_mrd_handle_igmp_pak.
CSCve99176Nyquist and NyquistCR: When USB console cable is connected switch continuously reboots
CSCvf06251Polaris16.3.5 : Mac address is not cleared properly
CSCuw98441DOM support for 40G SFP
CSCva42010RPS bkup support to Theon for 750W AC input power
CSCva762633850-48P switch stack rebooted with a Abort on Chasfs
CSCvc52030DAD configuration not in the running configuration
CSCvc63926Netflow exporter - In case of IPFIX, the stats keep incrementing endlessly
CSCvc96706Denali 16.3.2 not providing PoE after bouncing the port.
CSCvd15960Edison/Nyquist : show hardware led and line console 0 displays rj45 when booted with usb cable
CSCvd191923850: LED amber blinking, link up/down, or link up without down happen on unconnected SFP port
CSCvd30141unconnected GLC-GE-100FX link up down once when 3850 stack boot up after reload
CSCvd31425Nyquist: On enabling debug ilpower controller, debugs also seen for admin down ports.
CSCvd42791Stackwise-virtual missing from 'show tech-support'
CSCvd49407SID2- Backup/backoff status
CSCvd53780Line Protocol on 10G interfaces (on NM modules) may flap on 3850 mGig models
CSCvd62828Invalid traces and lack of supportability for PoE on 3650/3850 running Polaris image
CSCvd65435WDAVC:FNF & WDAVC not functional on Archimedes[C3650-48PS] platform (platform api returns incorrect)
CSCvd75681Report all Faults in IOS.
CSCvd77724Cat3650 error counter on not use uplink interface
CSCvd77906IPv6 neighbor discovery packet processing behavior
CSCvd84636Polaris - Impacting stack-mgr events should be printed as a syslog
CSCvd89348%PLATFORM_PM-6-MODULE_ERRDISABLE when remove and insert SFP on admin down port
CSCvd9035916.3.3 Native VLAN does not FWD when interface template is applied via dot1x
CSCve08303Dedicated show tech-support poe
CSCve09044Operational priority values are still reflecting after fixing CSCvd98474
CSCve13960Edison : usb console not detected when booted the switch with usb cable
CSCve19198\"sh tech-support\" is missing stack-power detail, load-shedding and neighbors information
CSCve232953850XS Series running Denali shows UDLD/CDP issues when native vlan is not in the database
CSCve274203850 MKA PSK:Ping failure seen after un-config of policy on an interface with Secured MKA session
CSCve35686Entropy part of FIPS and SESA  code hardening to handle the exception cases
CSCve40391GLC-GE-100FX link up as half for some time even with duplex full configuration after 3850 reload
CSCve42647Vstack backup to tftp corrupts filenames
CSCve45135OBFL : show logging onboard does not show logs when power supply removed
CSCve47264Generate system report as part of \"show-tech\"
CSCve488883650 switch Getting Noicy afyer few weeks
CSCve4930816.3.5 Debuggability: Enhance show controller ethernet-controller < interface > Phy  for 82780 driver
CSCve49310Debuggability: Enhance show controller ethernet-controller < interface > Phy  for AQ405 driver
CSCve581523850 Stacked 16.3.3 BGP w/NSF & BFD Standby to Active Convergence Time
CSCve60789Power supply status shows UP when Power cord is disconnected or PS is OIRd'
CSCve83172Debuggability enhancement for BCM82780 PHY Driver - 16.3.5
CSCve85583Molex and CREE get classified as IP Phone on Polaris
CSCvf02756power inline configuration not retained after Port L2/L3 mode change
CSCvf04625if \"facility-alarm critical exceed-action shutdown\" config can be removed or not
CSCvf07049Bonjour/mDNS Traffic Routed Without Presence of Bonjour Gateway
CSCvf09104L2PT doesn't work for LLDP unless LLDP is enabled on the switch and fix typrographical error
CSCvf09238Switch running 16.3.3 will reload when running platform QoS commands
CSCvf1109216.3.5:C3850-12X48U: %ILPOWER-3-ILPOWER_INTERNAL_IF_ERROR: Inline Power internal error,
CSCvf40403DC OUI database update for v163_mr_throttle
CSCuq53880Mingla2: EC with native vlan
CSCuz99593Intermittent packet loss to HSRP virtual IP address
CSCva05226\"dot1x pae authenticator\" lost from interface once port moved to trunk
CSCvc267873850 mgig: Interface may flapping unexpectedly or go to err-disabled
CSCvc35065Enh: need CLI to tune buffers on Egress port without service policy
CSCvc65312FEW: FMAN_FM crash @fman_cef_doppler_gtrie_prefix_modify_a during longevity
CSCvc73079\"Speed nonegotiate\" disappeared after ORI'ing SFP on back-to-back switch
CSCvc83011WDAVC: cisco-jabber-audio & ms-lync  protocol becomes unknown  on WS-C3850
CSCvc86727Switch crash on show lacp internal detail
CSCvc89735Crash on process SMI CDP due to memory exhaustion
CSCvc90617CPU destined traffic is dopped in software when default sgacl confgured as deny
CSCvc98704\"ciscoFlashDeviceChangeTrap\" output when power off C3850
CSCvd02101QSFP-40G-SR-BD shows speed as 1000Mb/s
CSCvd03465Switch prevents updating MAC address in multi-host mode
CSCvd15847IPv6 Mcast over L2 switch failed to get the ( *,G ) joins at client
CSCvd23343Adding FSS related commands as part of \"Show Tech Support\" CLI
CSCvd3172416.3.3 REP: one second lsl-age-timer causes high cpu, REP flap on link down/link
CSCvd33197Denali: 3850 Uplink port goes down after reload due to udld err-Disable on remote end
CSCvd36024SGACL enforcement under VRF unexpectedly blocking traffic
CSCvd41836AP unable to join WLC if SPAN is configured on fabric edge
CSCvd45973Catalyst 3850/3650 - memory leak in platform_mgr process
CSCvd77215IPv4 ping failure between directly connected interfaces with WS-C3850-24P-E and WS-C3850-48P-E
CSCvd80714High CPU Usage on 3850 running Polaris when it received ipv4 packets with options
CSCvd85770StackWise Virtual 3850-48X MEC switchover traffic black holing
CSCvb38405Hw route programmed does not display fully with the show command for given VRF
CSCvb53858Power Supply SN incomplete (only 10 characters)
CSCvc57779Leap Second was added twice(total 2 seconds) on C3850
CSCvc59844Switch May Incorrectly Transition non Root ports to Root on SSO Failover
CSCvc63975Ping fails with RSPAN configured when SRC and DEST(remote-span) vlans are allowed on the same trunk
CSCvc74700LED for speed is black/off for QSFP-40G-ER4
CSCvc75023LED turns amber upon setting the interface to \"no switchport\"
CSCvc88679SCHED-3-THRASHING: Process thrashing on watched queue 'sep rxQ'. -Process= \"SEP_webui_wsma
CSCvc96378with SVI down,Vlan dose not get pruned when interface are flapped
CSCvc99866inconsistent index mapping between cpeExtPsePortEntPhyIndex and entPhysicalName
CSCvd08866Switch crashed after dot1x session stuck in pending deletion
CSCvd19383Flow monitor does not work on L3 Port-Channel members
CSCvd58540Adding debugs for CGM Traceback
CSCvd64127Remove unsupported CLIs, replace with supported CLIs from \"show tech\"
CSCvd64943\"Show idprom interface\" cli doesnt display enough information
CSCvd671133850 stack startup config sometimes disappear after power cycle
CSCvd83412Porting CSCuy73381 to Fed 1.0
CSCve07496Polaris: 16.3.4: Show version output is showing 'SW version' as 16.3.3

 

Open Caveats

CSCve31341Unicast DHCP ACK is not forwarded when DHCP snooping is enabled
CSCvc52139X86 - ciscoPD 7960 failed to be detected when change port between L2 and L3
CSCvf45130apply QoS with APIC-EM trigger FED to crash in 3850 switch stack

63 Views
0 Comments

This job aid introduces you to the data and statistics that Prime Infrastructure reports on itself and where to find that data in the application, and answers commonly asked questions about monitoring system health.

To review the process, open the job aid.

To recognize how to correlate dashlet data for health information, watch the Correlating System Performance Data video.

To access other Prime Infrastructure training, open our training page.

380 Views
0 Comments

The Auditing Device Configurations for Compliance job aid introduces you to the process to audit device configurations for compliance in Cisco Prime Infrastructure, including how to configure compliance policies, configure profiles, run audits, evaluate audit results, and run fix jobs to correct compliance violations.

To review the process, open the job aid.

To review the process to complete a use case in the application, watch the Auditing Device Configurations video.

To access other Prime Infrastructure training, open our training page.

683 Views
1 Comment

This blog aims to explain what do if you see SNMP-3-INPUT_QFULL_ERR or SNMP-3-RESPONSE_DELAYED errors.  There is a TL;DR toward the bottom.

Working in TAC for over 10 years now, I have grown tired of seeing so many cases with this error message:

%SNMP-3-INPUT_QFULL_ERR: Packet dropped due to input

Very often, I saw TAC engineers giving the wrong info about what these errors are and how to deal with them.  For example, the common recommendations:

1) Remove and then reconfigure SNMP configs

- Problem: While this is likely to get rid of the problem in the short term, it does nothing to solve the problem for good.  That's not really what Cisco is aiming for.

2) Use the "snmp queue-length" command

- Problem: This is actually guaranteed NOT to work, since the queue being increased is the one used for snmp traps leaving the box, not the processing of SNMP requests received by the box.

3) Don't poll the device so often or with as many SNMP servers

- Problem:  It's natural to think that a queue filling up (as the error describes) could be due to congestion of too much polling.  Maybe this was the root cause when CPUs were slower, but in my lab testing, I showed that modern Cisco platforms (those 5 years old or newer) do NOT suffer from having up to 3 (what I tested) servers continuously polling.

4) Find the guilty OID (which only TAC can do) then block it in an snmp-view

- Problem: First, this requires customers to open a case with TAC, so there's no hope of solving the issue with a simple search in this or other support communities.  As a user myself, I love it when a problem I'm seeing is already documented online, with the final fix given to me. Second, blocking the OID will have an impact on network management stations that may have good reason to fetch the OID.

I took a closer look at as many cases as I could find to figure out how to make this class of problem easier to solve for all of us users.  My research showed that there are a fairly small set of software bugs that address these issues, usually when an OID takes multiple seconds to process, rather than just milliseconds in the routine case.  Generally each bug is uniquely identified by platform and OID.   For example, if you see INPUT_QFULL_ERR messages on a 3850 running 3.2 code you are probably hitting, CSCuo12316.  That's still not very user friendly.  I wanted something easier and more reliable.  I reasoned that if the error itself could tell us what the slow OID was, then a simple string matching search could identify the bug that fixes the issue  (I don't think I found any cases where the root cause was hardware failure).

The new feature to do this, added by CSCuz93302, is called SNMP monitoring, and will print an error similar to the following in cases where an SNMP request takes an IOS/IOS-XE device more than 2 seconds (by default) to process:

%SNMP-3-RESPONSE_DELAYED: processing GetNext of ciscoFlashFileEntry.5.1.1.80

We tested this monitoring feature in a VERY high scale lab without seeing any of the above, which gives us confidence that the errors should not be seen in a standard setup.  If you see an error like this, and can't find an existing bug from your own searching, then please open a TAC case so that Cisco can investigate the root cause and fix.  Some additional useful information would be:

- is the problem seen if you do a manual "snmpwalk" on the same OID from a server with snmpwalk installed.

- is there high cpu at the same time the logs are seen.  If the CPU is high for the SNMP ENGINE process, then that will be great for TAC to know.  But, if the CPU is high, without the SNMP ENGINE process being high, then the slow snmp response is probably just a symptom of the system being oversubscribed (in the case of interrupt cpu) or non-optimized (in the case of another process showing high cpu).  If CPU isn't high at all, that's still probably a software bug, perhaps on a linecard.  If you see a lot of different OIDs in your messages, then the root cause is likely not with any specific OID, but rather with the the device being busy doing other, non-snmp work.

This is my first post in a series I'm planning about IOS/IOS-XE serviceability improvements that I or others in TAC have been working on to make common problems easier to solve.  Please feel free to leave feedback about this post, and ideas for improvements to Cisco Software that would save you lots of  time.  If anyone can help push those fixes into reality, it's your friendly, helpful TAC engineers.

TL;DR, if you see an error starting with "SNMP-3-RESPONSE_DELAYED" then search the internet for Cisco bugs where the name of the OID in the bug matches the one in your error message.  If none found, or the bug you found is unfixed, then open a TAC case and have them investigate.  These problems are usually software bugs that can be fixed permanently.

67 Views
0 Comments

Description:

In a day-to-day operation NOC engineers are receiving requests that high latency causing slowness issue and later engineer need to troubleshoot through IP accounting or any tool like Netflow Analyzer. Cannot kill the traffic until knowing whether valid or invalid and in such cases engineers need to identify and ask user to stop this traffic. The whole process would take long time and it’s very tough in Network Operation.

 

Current situation:

Currently we are identifying top talkers after slowness has been reported and we are requesting the respective user to stop this traffic, during the time network has been chocked and it impact all users and BAU.

Solution:

To achieve this we can set the threshold limit for individual user traffic. If the traffic reaches threshold level then automatically limits particular interface utilization into normal.

Need to achive this with automation