Launching soon: The world's first vendor agnostic bug scrubLearn more & join waitlist
OPERATIONAL DEFECT DATABASE
...
...
Symptom 1: Changing from isolated to regular vlan and back to isolated, mac learning is not happening. Have primary vlan 5 and secondary isolated vlan 6 configured on a switch. On sending double tagged traffic with double tag (6,1000) it is observed that on changing the isolated vlan to regular vlan and back to isolated vlan results in the mac no longer getting learnt in primary vlan 5. On doing a shut/no shut of the primary vlan the mac gets learnt Symptom 2: Remove of private-vlan configuration from secondary vlan associated to primary leads to STP failure and such records in log: %STP-2-SET_PORT_STATE_FAIL: Port state change req to PIXM failed, status = 0x58001a [fu cqueue invalid node] vdc 1, tree id 0, num ports 1, ports state BLK, opcode MTS_OPC_PIXM_SET_MULT_CBL_VLAN_BM_FOR_MULT_PORTS, msg id (92191), rr_token 0x1681F %ETHPORT-5-IF_SEQ_ERROR: Error ("fu hashtable key not present") communicating with MTS_SAP_STP for opcode MTS_OPC_ETHPM_PORT_LOGICAL_CLEANUP (RID_PORT: Ethernet1/45)
Condition 1: vlan 6 no private-vlan isolated Condition 2: vlan 12 no private-vlan community
The workaround to recover from symptom 1 is 'doing shut/no shut on the primary vlan' Symptom 2 does not have a clean workaround
Fix addresses the following two different symptoms observed: Issue-1 ****** Reprot-steps: Southlake-1(config)# sh run int e1/9 !Command: show running-config interface Ethernet1/9 !Running configuration last done at: Sat Jan 8 02:21:58 2022 !Time: Sat Jan 8 02:23:10 2022 version 10.2(3) Bios:version 05.45 interface Ethernet1/9 switchport switchport mode private-vlan trunk secondary switchport private-vlan association trunk 5 6 no shutdown Southlake-1(config)# sh mac address-table vlan 5 Legend: * - primary entry, G - Gateway MAC, (R) - Routed MAC, O - Overlay MAC age - seconds since last seen,+ - primary entry using vPC Peer-Link, (T) - True, (F) - False, C - ControlPlane MAC, ~ - vsan, (NA)- Not Applicable VLAN MAC Address Type age Secure NTFY Ports ---------+-----------------+--------+---------+------+----+------------------ * 5 0000.0000.0008 dynamic NA F F Eth1/9 Southlake-1(config)# Southlake-1(config)# sh run vlan 5 !Command: show running-config vlan 5 !Running configuration last done at: Sat Jan 8 02:21:58 2022 !Time: Sat Jan 8 02:23:42 2022 version 10.2(3) Bios:version 05.45 vlan 5 vlan 5 private-vlan primary private-vlan association 6-7 Southlake-1(config)# sh run vlan 6 !Command: show running-config vlan 6 !Running configuration last done at: Sat Jan 8 02:21:58 2022 !Time: Sat Jan 8 02:23:45 2022 version 10.2(3) Bios:version 05.45 vlan 6 vlan 6 private-vlan isolated Southlake-1(config)# vlan 6 Southlake-1(config-vlan)# Southlake-1(config-vlan)# no private-vlan isolated Southlake-1(config-vlan)# exit Southlake-1(config)# 2022 Jan 8 02:23:52 Southlake-1 %$ VDC-1 %$ %ETHPORT-3-IF_ERROR_VLANS_SUSPENDED: VLANs 6 on Interface port-channel1 are being suspended. (Reason: Vlan is not allowed on Peer-link) 2022 Jan 8 02:23:52 Southlake-1 %$ VDC-1 %$ %ETHPORT-3-IF_ERROR_VLANS_REMOVED: VLANs 6 on Interface port-channel1 are removed from suspended state. Southlake-1(config)# sh run vlan 6 !Command: show running-config vlan 6 !Running configuration last done at: Sat Jan 8 02:23:52 2022 !Time: Sat Jan 8 02:23:58 2022 version 10.2(3) Bios:version 05.45 vlan 6 Southlake-1(config)# Southlake-1(config)# Southlake-1(config)# Southlake-1(config)# clear mac address-table dynamic Southlake-1(config)# Southlake-1(config)# Southlake-1(config)# sh mac address-table vlan 5 Legend: * - primary entry, G - Gateway MAC, (R) - Routed MAC, O - Overlay MAC age - seconds since last seen,+ - primary entry using vPC Peer-Link, (T) - True, (F) - False, C - ControlPlane MAC, ~ - vsan, (NA)- Not Applicable VLAN MAC Address Type age Secure NTFY Ports ---------+-----------------+--------+---------+------+----+------------------ Southlake-1(config)# Southlake-1(config)# Issue-2 ****** Repro: Basic config feature private-vlan vlan 10 private-vlan primary vlan 11 private-vlan isolated vlan 12 private-vlan community vlan 10 private-vlan association add 11,12 exit STP is OK N9K-2(config-vlan)# show spanning-tree VLAN0010 Spanning tree enabled protocol rstp Root ID Priority 32778 Address c4b2.3942.3707 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32778 (priority 32768 sys-id-ext 10) Address c4b2.3942.3707 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Eth1/45 Desg FWD 4 128.177 P2p Remove private vlan configuration without disassociation vlan 12 no private-vlan community Logs: 2022 Nov 25 09:30:22 N9K-2 %STP-2-SET_PORT_STATE_FAIL: Port state change req to PIXM failed, status = 0x58001a [fu cqueue invalid node] vdc 1, treeid 0, num ports 1, ports state BLK, opcode MTS_OPC_PIXM_SET_MULT_CBL_VLAN_BM_FOR_MULT_PORTS, msg id (92191), rr_token 0x1681F 2022 Nov 25 09:30:22 N9K-2 %ETHPORT-5-IF_DOWN_NONE: Interface Ethernet1/45 is down (None) 2022 Nov 25 09:30:22 N9K-2 %ETHPORT-5-IF_SEQ_ERROR: Error ("fu hashtable key not present") communicating with MTS_SAP_STP for opcode MTS_OPC_ETHPM_PORT_LOGICAL_CLEANUP (RID_PORT: Ethernet1/45) 2022 Nov 25 09:30:22 N9K-2 %ETHPORT-5-IF_DOWN_ERROR_DISABLED: Interface Ethernet1/45 is down (Error disabled. Reason:STP set port state failure) STP is not ok N9K-2(config)# sh span No spanning tree instance exists. N9K-2(config)#