cisco ios bug...?
Payam chiachi
payam at bhsecurity.com
Wed May 2 23:38:46 UTC 2007
Hey Guys,
A bit off topic here but I was wondering if anyone else out there has
experienced the same thing as I have in regards to a layer3 gig switches
from cisco.
Ive enabled unicast filtering on all access ports to protect against any
mass outbound floods that could possibly saturate the trunks or even
worst take down the network.
Breakdown of what happens: Without warning the port goes into blocking
mode...no snmp traps are generated, executing a 'showstorm-control
unicast' shows the port to be in blocking mode and moving 4.6G pps
Here is what ive tried:
1) removing the adjacent device from the ge3 switch
- the port goes out of blocking mode and enters 'disconnected'
2) plugging the rj45 cable back in
- the port immediately enters blocking mode and shows 4.6G pps <--
at this point there is no actual traffic being generated from the
adjacent device connected to the ge3 (0 pps/ 0 bps)
3) manually shutdown the affected switch port and re-enable it
- same results as #2
I have had the same issue come up a few times on both 12.1 and 12.2 IOS.
When the issue first came up in my testbed, I was only sending udp and
tcp syn traffic... no malformed packets or anything along those lines.
The only way I have been able to clear this error is by performing a
hard reload on the switch.
Here is the switch / ios info...
TestSwitch#show version
Cisco IOS Software, C3550 Software (C3550-IPSERVICESK9-M), Version
12.2(25)SEE1, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Mon 22-May-06 08:08 by yenanh
Image text-base: 0x00003000, data-base: 0x00DC0370
ROM: Bootstrap program is C3550 boot loader
TestSwitch uptime is 6 days, 5 hours, 43 minutes
System returned to ROM by power-on
System restarted at 10:29:43 PDT Thu Apr 26 2007
System image file is "flash:c3550-ipservicesk9-mz.122-25.SEE1.bin"
Any input on this issue would be greatly appreciated
Much Thanks,
Payam
More information about the NANOG
mailing list