Launching soon: The world's first vendor agnostic bug scrubLearn more & join waitlist
OPERATIONAL DEFECT DATABASE
...
...
A Cisco Nexus 5000 series datacenter switch may experience multiple port-profile service crashes resulting in a HA reset: %$ VDC-1 %$ %SYSMGR-2-SERVICE_CRASHED: Service "port-profile" (PID 3835) hasn't caught signal 6 (core will be saved). %$ VDC-1 %$ %SYSMGR-2-SERVICE_CRASHED: Service "port-profile" (PID 6856) hasn't caught signal 6 (core will be saved). %$ VDC-1 %$ %SYSMGR-2-SERVICE_CRASHED: Service "port-profile" (PID 6892) hasn't caught signal 6 (core will be saved). [ 2621.572212] Shutdown Ports.. [ 2621.606597] writing reset reason 16, port-profile hap reset
This problem is seen when using a port-profile configuration that is configured as a trunk and allowing a large list of VLANs. More specifically, the number of characters within the allowed VLAN list must exceed 4098 characters in order to see this crash. The crash has been exposed in a few ways: - If the port-profile is already active and inherited on a port, a crash will be observed as soon the character limit exceeds 4098 characters: F241.01.22-N5K-5672UP-1(config-port-prof)# switchport trunk allow vlan add 4000, 4001, 4002, 4003, 4005 <---- Adding onto existing list and exceeding char length VDC-1 %$ %SYSMGR-2-SERVICE_CRASHED: Service "port-profile" (PID 3835) hasn't caught signal 6 (core will be saved). - If the port-profile is NOT active/inherited on the port, the crash will not be seen immediately. Rather, any operations to the configurations (show run, copy run start) will expose this crash: F241.01.22-N5K-5672UP-1(config-port-prof)# switchport trunk allow vlan add 4001-4002, 4004-4005, 4007-4008 <---- Exceeding length here F241.01.22-N5K-5672UP-1(config-port-prof)# end F241.01.22-N5K-5672UP-1# F241.01.22-N5K-5672UP-1# show run 2020 Dec 10 21:24:35 F241.01.22-N5K-5672UP-1 %$ VDC-1 %$ %SYSMGR-2-SERVICE_CRASHED: Service "port-profile" (PID 3729) hasn't caught signal 6 (core will be saved).
If in this problematic state where the number of characters have exceeded the 4098 limit, a workaround might be to remove VLANs or reconfigure the allowed VLANs e.g.: F241.01.22-N5K-5672UP-1(config-port-prof)# switchport trunk allow vlan add 4001-4002, 4004-4005, 4007-4008 <---- Over limit F241.01.22-N5K-5672UP-1(config-port-prof)# port-profile test F241.01.22-N5K-5672UP-1(config-port-prof)# switchport trunk allowed vlan 2700-3200 F241.01.22-N5K-5672UP-1(config-port-prof)# end <---- No crash port-profile type ethernet test switchport mode trunk switchport trunk allowed vlan 2700-3200 --- OR ---- F241.01.22-N5K-5672UP-1(config-port-prof)# switchport trunk allowed vlan add 4001-4002, 4004-4005, 4007-4008 <--- Over limit F241.01.22-N5K-5672UP-1(config-port-prof)# switchport trunk allowed vlan remove 3169-3170, 3172, 3174, 3177-3178 <--- Remove VLANs (without viewing the configuration) to trim the list down Removing the profile itself may also potentially avoid the crash as well.
This is also only applicable to Nexus 5000 series switches.