OPERATIONAL DEFECT DATABASE
...
...
After a reload or a power cycle, a Cisco IOS-XR router configured with a Bridge Virtual Interface (BVI) associated with one or more pseudowires in a standby state may see its BVI incorrectly remain in an up/up state. The command line output below demonstrates how the BVI is up/up. RP/0/RP1/CPU0:Router#show interface BVI10000 BVI10000 is up, line protocol is up Interface state transitions: 7 Hardware is Bridge-Group Virtual Interface, address is e80a.b98f.4e0f Description: REDACTED Internet address is Unknown MTU 1514 bytes, BW 10000000 Kbit (Max: 10000000 Kbit) reliability 255/255, txload 0/255, rxload 0/255 Encapsulation ARPA, loopback not set, Last link flapped 1w1d Last input 00:00:00, output 00:00:00 Last clearing of "show interface" counters 6d06h 5 minute input rate 3774000 bits/sec, 1290 packets/sec 5 minute output rate 1970000 bits/sec, 674 packets/sec 700732849 packets input, 256423997298 bytes, 0 total input drops 0 drops for unrecognized upper-level protocol Received 0 broadcast packets, 3136 multicast packets 249157094 packets output, 91176763348 bytes, 0 total output drops Output 0 broadcast packets, 0 multicast packets However, as evidenced by the output below, the associated access pseudowire for this BVI and its bridge group is in a standby state. RP/0/RP1/CPU0:Router#show l2vpn bridge-domain group BRIDGE_GROUP bd-name 10000 Legend: pp = Partially Programmed. Bridge group: BRIDGE_GROUP, bridge-domain: 10000, id: 4, state: up, ShgId: 0, MSTi: 0 Aging: 300 s, MAC limit: 4000, Action: none, Notification: syslog Filter MAC addresses: 0 ACs: 1 (1 up), VFIs: 0, PWs: 1 (0 up), PBBs: 0 (0 up), VNIs: 0 (0 up) List of ACs: BV10000, state: up, BVI MAC addresses: 1 List of Access PWs: Neighbor 192.0.2.10 pw-id 123, state: standby, Static MAC addresses: 0 List of VFIs: List of Access VFIs: You may also experience complete traffic loss (traffic blackhole) if the BVI is up but the pseudowire is down. This occurs for traffic that would normally traverse the pseudowire when it is operationally up.
This issue is most commonly observed in L2VPN architectures leveraging the Pseudowire Redundancy feature as described in the Cisco IOS XR L2VPN Services and Features document for Cisco ASR 9000 Series Aggregation Services Routers. Under this architecture, this issue may be observed under any one of the following scenarios: The router is reloaded through the reload command. The router is powered on after having been powered off. The l2vpn_mgr process is restarted through the process restart l2vpn_mgr command.
A "flap" of the BVI can be performed to correct this issue by bringing the BVI administratively down, then administratively up once more. An example of this workaround is shown below. RP/0/RP0/CPU0:Router#configure terminal Sat Jul 20 21:13:31.324 EDT RP/0/RP0/CPU0:Router(config)#interface BVI10000 RP/0/RP0/CPU0:Router(config-if)#shutdown RP/0/RP0/CPU0:Router(config-if)#commit Sat Jul 20 21:13:41.800 EDT RP/0/RP0/CPU0:Router(config-if)#no shutdown RP/0/RP0/CPU0:Router(config-if)#commit Sat Jul 20 21:13:46.423 EDT RP/0/RP0/CPU0:Router(config-if)#end RP/0/RP0/CPU0:Router# RP/0/RP0/CPU0:Router#show interface BVI10000 BVI10000 is down, line protocol is down Interface state transitions: 8 Hardware is Bridge-Group Virtual Interface, address is e80a.b98f.4e0f Description: REDACTED Internet address is Unknown MTU 1514 bytes, BW 10000000 Kbit (Max: 10000000 Kbit) reliability 255/255, txload 0/255, rxload 0/255 Encapsulation ARPA, loopback not set, Last link flapped 1w3d Last input never, output never Last clearing of "show interface" counters 6d06h 5 minute input rate 3774000 bits/sec, 1290 packets/sec 5 minute output rate 1970000 bits/sec, 674 packets/sec 700732849 packets input, 256423997298 bytes, 0 total input drops 0 drops for unrecognized upper-level protocol Received 0 broadcast packets, 3136 multicast packets 249157094 packets output, 91176763348 bytes, 0 total output drops Output 0 broadcast packets, 0 multicast packets RP/0/RP0/CPU0:Router#show l2vpn bridge-domain group BRIDGE_GROUP bd-name 10000 Legend: pp = Partially Programmed. Bridge group: BRIDGE_GROUP, bridge-domain: 10000, id: 4, state: up, ShgId: 0, MSTi: 0 Aging: 300 s, MAC limit: 4000, Action: none, Notification: syslog Filter MAC addresses: 0 ACs: 1 (0 up), VFIs: 0, PWs: 1 (0 up), PBBs: 0 (0 up), VNIs: 0 (0 up) List of ACs: BV10000, state: down, BVI MAC addresses: 1 List of Access PWs: Neighbor 192.0.2.10 pw-id 123, state: standby, Static MAC addresses: 0 List of VFIs: List of Access VFIs: In some situations, Cisco TAC may issue: To recover, l2vpn_mgr process can be restarted with the command, "process restart l2vpn_mgr"
This issue can be seen as a permanent failure, or a transient failure. This can be seen as a permanent failure if the bridge ports never come up. This can be seen as a transient failure if a bridge port is slow to come up, BVI may unexpectedly come up before it.
Cisco Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
