Launching soon: The world's first vendor agnostic bug scrubLearn more & join waitlist
OPERATIONAL DEFECT DATABASE
...
...
When performing a secondary IP configuration, the switch indicates that 'ip redirects' will be disabled for the interface. This is reflected on the show run, but it is not reflected on the ELTM outputs. If the change in ip redirects config is not applied correctly, it might cause suboptimal hardware forwarding of packets in the network.
+Issue identified on N9Ks running on 9.3X, 10.1.X, 10.2.X, 10.3.X and 10.4.X +Configuring secondary IP on interface, without prior configuration of 'no ip redirects' +Order of operations matters. Issue is not seen when 'no ip redirects' is configured before the secondary IP is configured
Perform the following workaround: 1. Remove the secondary IP from the relevant interface. 2. Manually configure 'no ip redirects' 3. Add the secondary IP to the interface
+Configuring 'no ip redirects' while the issue is already present does not fix the issue +Unable to toggle 'ip redirects'/'no ip redirects' as secondary IP prevents enabling 'ip redirects' +Identifying the issue: switch# sh run int vlan 10 !Command: show running-config interface Vlan10 !Running configuration last done at: Fri Dec 1 11:04:12 2023 !Time: Fri Dec 1 11:04:31 2023 version 10.3(4a) Bios:version 01.08 interface Vlan10 no shutdown ip address 10.1.1.1/24 switch# show system internal eltm info interface vlan 10 | i icmp_redirect per_pkt_ls_en = 0, icmp_redirect = 1, v4_same_if_check = 0 <<< Flag shows enabled, by default switch# conf Enter configuration commands, one per line. End with CNTL/Z. switch(config)# int vlan 10 switch(config-if)# ip add 10.2.1.1/24 secondary Disabling IP Redirects on vlan10 :secondary address configured. switch(config-if)# sh run int vlan 10 !Command: show running-config interface Vlan10 !Running configuration last done at: Fri Dec 1 11:07:54 2023 !Time: Fri Dec 1 11:07:58 2023 version 10.3(4a) Bios:version 01.08 interface Vlan10 no shutdown no ip redirects <<<< automatically added by the secondary IP configuration ip address 10.1.1.1/24 ip address 10.2.1.1/24 secondary switch(config-if)# switch(config-if)# show system internal eltm info interface vlan 10 | i icmp_redirect per_pkt_ls_en = 0, icmp_redirect = 1, v4_same_if_check = 0 <<<< Flag should be 0, when 'no ip redirects' is configured +Workaround example: switch(config-if)# no ip add 10.2.1.1/24 secon Enabling IP Redirects on vlan10 switch(config-if)# show system internal eltm info interface vlan 10 | i icmp_redirect per_pkt_ls_en = 0, icmp_redirect = 1, v4_same_if_check = 0 switch(config-if)# no ip redirects <<<< Manual configuration switch(config-if)# show system internal eltm info interface vlan 10 | i icmp_redirect per_pkt_ls_en = 0, icmp_redirect = 0, v4_same_if_check = 0 <<<< Flag disabled switch(config-if)# ip add 10.2.1.1/24 secon switch(config-if)# show system internal eltm info interface vlan 10 | i icmp_redirect per_pkt_ls_en = 0, icmp_redirect = 0, v4_same_if_check = 0 switch(config-if)# sh run int vlan 10 !Command: show running-config interface Vlan10 !Running configuration last done at: Fri Dec 1 11:06:25 2023 !Time: Fri Dec 1 11:06:37 2023 version 10.3(4a) Bios:version 01.08 interface Vlan10 no shutdown no ip redirects <<< ip address 10.1.1.1/24 ip address 10.2.1.1/24 secondary <<< If the change in ip redirects config is not applied correctly, it might cause suboptimal hardware forwarding of packets in the network. Where the packet should have been punted to the Supervisor for generation of ICMP redirects.