Symptom

ASR1000 might experience a reboot of ESP due to a crash in the QFP microcode. The crash occurs 1 minute after removing the static NAT entry from the configuration. %CPPDRV-3-LOCKDOWN: F0: cpp_cp: QFP0.0 CPP Driver LOCKDOWN encountered due to previous fatal error (HW: QFP interrupt). %CPPHA-3-FAULT: F0: cpp_ha: CPP:0.0 desc:INFP_INF_SWASSIST_LEAF_INT_INT_EVENT0 det:DRVR(interrupt) class:OTHER sev:FATAL %CPPHA-3-FAULTCRASH: F0: cpp_ha: CPP 0.0 unresolved fault detected, initiating crash dump. As a result, QFP ucode core file should be stored on the bootflash or harddisk.

Conditions

ASR1000 with NAT configured with an "inside source static" NAT mapping in the config. The crash can be triggered by disabling the NAT gatekeeper and NAT on the interfaces and removing the static NAT config. The crash was observed only after following these exact steps in a given order. #conf t (config)# no ip nat service gatekeeper (config)# interface (config-if)# no ip nat inside (config)# interface (config-if)# no ip nat outside (config)# no ip nat inside source static

Workaround

Disabling NAT gatekeeper should be avoided. Also, as verified in the lab, if the order of operations is different - e.g. static NAT config is removed before disabling NAT from the interfaces - the crash does not occur.

Further Problem Description