BugZero | Cisco BugID CSCwa53777 - Missing AIB update when ARP table entry MAC-Addres...

Cisco - Defect ID: CSCwa53777

Missing AIB update when ARP table entry MAC-Address changes

Cisco - Defect ID: CSCwa53777

Missing AIB update when ARP table entry MAC-Address changes

Last updated on 12/15/2024

Overall: 6.16.1

Severity: 6.46.4

Lifecycle: 9.19.1

Popularity: 4.64.6

What is the BugZero Risk Score?

Vendor details

No defect details.

Overall: 6.16.1

Severity: 6.46.4

Lifecycle: 9.19.1

Popularity: 4.64.6

What is the BugZero Risk Score?

Vendor details

No defect details.

Symptom

On eXR release 7.4.1 in the scenario where DHCP updates ARP entry (SAME IP ; DISTINCT MAC-Address) CEF Adjacency is not updated accordingly. RP/0/RSP0/CPU0:ASR9K#show arp BVI 12 Thu Dec 16 16:28:43.183 WET ------------------------------------------------------------------------------- 0/1/CPU0 ------------------------------------------------------------------------------- Address Age Hardware Addr State Type Interface 10.150.76.129 00:00:17 0000.9ab7.cd66 Dynamic ARPA BVI12 <<<<<<<< HERE: MAC-Address has been updated thorugh DHCP. RP/0/RSP0/CPU0:ASR9K#show cef adjacency bvi12 10.150.76.129 detail location 0/1/CPU0 Thu Dec 16 16:28:52.805 WET Display protocol is ipv4 Interface Address Type Refcount BV12 Prefix: 10.150.76.129/32 local 2 Adjacency: PT:0x77356588 10.150.76.129/32 Interface: BV12 NHID: 0x0 MAC: 00.00.9a.b7.cd.65.d0.d0.d0.d0.00.d1.08.00 <<<<<<<< HERE: Previous MAC-Address 0000.9ab7.cd65 still seen on CEF Adjacency entry. Interface Type: 0x4e, Base Flags: 0x8000001 Nhinfo PT: 0x833110e0, Idb PT: 0x7cba03d0, If Handle: 0x800be20 Dependent adj type: remote (0x7d0447b0) Dependent adj intf: BV12 Ancestor If Handle: 0x0 Update time Dec 16 16:09:35.212

Conditions

Discrepancy is observed in the following scenario: 1. CPE1 has disconnected releasing its IP but associated ARP entry at router (DHCP relay) ARP table has not yet expired. 2. CPE2 connects and via DHCP requests an IP receiving IP previously assigned to CPE1. 3. While CPE2 is exchanging DHCP messages with router (DHCP relay) the ARP table entry associated with IP is updated with CPE2 MAC-Address. 4. Because IP ARP entry did not expire then it happens that CEF adjacency entry is not updated. 5. From this point forward problematic state is triggered with CPE2 services are impacted. In summary, when DHCP triggers an existent ARP entry update (SAME IP ; DISTINCT MAC-Address).

Workaround

Setting DHCP lease guard timer to a value higher than ARP entry timeout. May be temporarily cleared by admin shut /no shut BVI/L3 interface or by manually clearing ARP table entry. But recommendable action would be to set DHCP lease guard timer value > ARP entry timeout value.

Further Problem Description

Original Vendor Announcement

9.65Defect ID: CSCwd45843
Auth Step latency for policy evaluation due to Garbage Collection activity.
9.65Defect ID: CSCwa92734
CUBE DTMF interworking fails from rtp-nte to OOB SIP methods
9.65Defect ID: CSCwj45822
Cisco ASA and FTD Software Remote Access VPN Brute Force Denial of Service Vulnerability
9.65Defect ID: CSCvo03458
PKI "revocation check crl none" does not fallback if CRL not reachable
9.65Defect ID: CSCvq05584
Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability

Ready to prevent the next vendor outage?

Get a demo

OPERATIONAL DEFECT DATABASE

Cisco - Defect ID: CSCwa53777

Missing AIB update when ARP table entry MAC-Address changes

Cisco - Defect ID: CSCwa53777

Missing AIB update when ARP table entry MAC-Address changes

Last updated on 12/15/2024

Vendor details

Vendor details

Description

Symptom

Conditions

Workaround

Further Problem Description

Links

Top Cisco defects by risk score

Ready to prevent the next vendor outage?