Symptom

Nexus 7000 F3 interface reports output discards. Null0-routed traffic hits CPU and L3 TTL rate-limiter. With large amount of null0-routed traffic this may also lead to ingress drops on interface. This can also be seen in the network as: - MAC flaps - Traffic leaked between VDCs - Looped traffic if multiple static Null0 routes are programmed

Conditions

This issue is seen when all following conditions match: (1) traffic is received on F3 interface, (2) traffic matching Null0 route static route or dynamic (3) Ingress L3 interface has "ip redirects" enabled (ip redirects are enabled by default).

Workaround

1) Disable IP redirects on ingress interface, if ip redirect is configured. 2) Don't send traffic that terminates in the Null0 route. 3) Remove the Null 0 static route and add a route that points to an IP address that is unused on the network. Configure a static ARP entry to a non-existent MAC address, and static the MAC address to a drop index. Something like this: - no ip route 10.10.10.0/24 null 0 - ip route 10.10.10.0/24 vlan x 1.1.1.1 - int vlan x - ip arp 1.1.1.1 0000.0000.0001 - mac address-table static 0000.0000.0001 vlan x drop

Further Problem Description