Symptom

TFTP downloads to Nexus timeout and fail when using Inband Management like Vlan SVI. Downloads via TFTP not supported.

Conditions

TFTP file to Nexus 9k via default VRF

Workaround

Possible Workarounds: - Use Mgmt port for TFTP as the management vrf does not participate in CoPP - Use FTP or some other file transfer protocol to transfer files (this will be sorted into the management class of CoPP and not the Default class) - Edit the CoPP policy to accommodate the TFTP traffic from the TFTP server to be grouped into another CoPP class (example below): Step 1: Create Access List permitting only TFTP Server address switch# show ip access-lists copp_udp IP access list copp_udp 10 permit udp x.x.x.x/32 any <-- TFTP server address Step 2: Copy the CoPP Policy and apply the ACL in the management class switch(config)# copp copy profile strict suffix udp-customized switch(config)# class-map type control-plane match-any copp-class-management-udp-customized switch(config-cmap)# match access-group name copp_udp Step 3: Apply the new CoPP Policy to the Nexus switch(config)# control-plane switch(config-cp)# service-policy input copp-policy-strict-udp-customized Verify your applied CoPP Policy contains the ACL in the management class: switch(config-cp)# show policy-map interface control-plane | b tftp prev 10

Further Problem Description