Fall routing on X460

  • 0
  • 1
  • Problem
  • Updated 4 years ago
today started having problems with routing on the X460-48x 
is lost "IP Forwarding Enabled" on interfaces, in consequence of which falls OSPF ... 

after the command "enable ipforwarding" - all restored 
firmware 15.3.3.5 v1533b5-patch1-9 

can anyone know why and what to do?
Photo of Yurij

Yurij

  • 140 Points 100 badge 2x thumb

Posted 4 years ago

  • 0
  • 1
Photo of PARTHIBAN CHINNAYA

PARTHIBAN CHINNAYA, Alum

  • 4,362 Points 4k badge 2x thumb
This is something new.
Is it ok to contact TAC ? with the below information
1.configs
2.Network topology
3.when was the software upgraded
4.when did this issue occur? [logs ,list of activities carried out in network]

Photo of Sumit Tokle

Sumit Tokle, Alum

  • 5,738 Points 5k badge 2x thumb
Open case with TAC.
Photo of Sumit Tokle

Sumit Tokle, Alum

  • 5,738 Points 5k badge 2x thumb
IP forwarding would not disable by default. There could be possibility that trigger could come from SNMP.

Is it possible for you to disable the SNMP access and monitor the switches?

Photo of PARTHIBAN CHINNAYA

PARTHIBAN CHINNAYA, Alum

  • 4,362 Points 4k badge 2x thumb
You can use snmp acces profile and allow only valuable request.
Photo of Dave E Martin

Dave E Martin

  • 272 Points 250 badge 2x thumb
We had this issue also. We removed the default SNMP communities from all switches (not knowing if that was the actual problem, but we discovered that some switches did not have their default communities removed while investigating).

Unfortunately, this does not show up in the configuration one way or the other. You can "show management", but I'm not sure at the moment to see what the actual community strings are that are defined.

configure snmp delete community readonly all
configure snmp delete community readwrite all
configure snmp add community readonly yourcommunitystring
We have not had the problem so far, since doing this.

We are a bit annoyed that the switches ship with these enabled, and they DON"T show up in the configuration.
Photo of Sumit Tokle

Sumit Tokle, Alum

  • 5,738 Points 5k badge 2x thumb
To see what default configuration present on switch regarding the SNMP, execute the command: "show configuration snmp detail"

To see all the SNMP community on switch: "show snmpv3 community"
Photo of PARTHIBAN CHINNAYA

PARTHIBAN CHINNAYA, Alum

  • 4,362 Points 4k badge 2x thumb
Dave this issue looks new. Recent study has revealed issue occurs with latest patch version in flavours of 15.x versions.might be code behaviour with snmp has. Changed which needs to be corrected.
Photo of Yurij

Yurij

  • 140 Points 100 badge 2x thumb
Thank you very much, snmp really was thrown into default and removed access list 
after the ban on access to SNMP - the problem stopped
Photo of Sumit Tokle

Sumit Tokle, Alum

  • 5,738 Points 5k badge 2x thumb
Nice to hear that the issue got resolved.
Photo of Dave E Martin

Dave E Martin

  • 272 Points 250 badge 2x thumb
I forgot to mention, enable ipforwarding on loopback vlan didn't seem to work, (it worked on the other vlans) and in any case, we didn't trust the configuration and rebooted without saving changes. Everything was fine after reboot. I did a showtech before rebooting, but I haven't gone through it yet to see what else may have been altered.
Photo of PARTHIBAN CHINNAYA

PARTHIBAN CHINNAYA, Alum

  • 4,362 Points 4k badge 2x thumb
It changes the ttl value to the switch internally.
Reboot will fix it.bgp neighbour may not come up due to change in ttl value of the switch.
Photo of Andre Brits Kannemeyer

Andre Brits Kannemeyer

  • 4,980 Points 4k badge 2x thumb
We had the same problem today with Code version 15.4.2.8
We will try and disable the default SNMP community string
I will provide more feedback once we have tested this.

Thank you
Photo of PARTHIBAN CHINNAYA

PARTHIBAN CHINNAYA, Alum

  • 4,362 Points 4k badge 2x thumb
There was an
Official document released in extreme website
For snmp best practices . 3 months back this issue was hot but now it's a known issue. I would recommend to follow snmp best practises as per extreme to avoid this issue reoccurring .
Photo of Sumit Tokle

Sumit Tokle, Alum

  • 5,738 Points 5k badge 2x thumb