Question

Fall routing on X460


today started having problems with routing on the X460-48x
is lost "IP Forwarding Enabled" on interfaces, in consequence of which falls OSPF ...

after the command "enable ipforwarding" - all restored
firmware 15.3.3.5 v1533b5-patch1-9

can anyone know why and what to do?

14 replies

Userlevel 4
This is something new.
Is it ok to contact TAC ? with the below information
1.configs
2.Network topology
3.when was the software upgraded
4.when did this issue occur? [logs ,list of activities carried out in network]
Userlevel 4
Open case with TAC.
Userlevel 4
IP forwarding would not disable by default. There could be possibility that trigger could come from SNMP.

Is it possible for you to disable the SNMP access and monitor the switches?
Userlevel 4
You can use snmp acces profile and allow only valuable request.
We had this issue also. We removed the default SNMP communities from all switches (not knowing if that was the actual problem, but we discovered that some switches did not have their default communities removed while investigating).

Unfortunately, this does not show up in the configuration one way or the other. You can "show management", but I'm not sure at the moment to see what the actual community strings are that are defined.

configure snmp delete community readonly all configure snmp delete community readwrite all configure snmp add community readonly yourcommunitystring[/code]We have not had the problem so far, since doing this.

We are a bit annoyed that the switches ship with these enabled, and they DON"T show up in the configuration.
Userlevel 4
To see what default configuration present on switch regarding the SNMP, execute the command: "show configuration snmp detail"

To see all the SNMP community on switch: "show snmpv3 community"
Userlevel 4
Dave this issue looks new. Recent study has revealed issue occurs with latest patch version in flavours of 15.x versions.might be code behaviour with snmp has. Changed which needs to be corrected.
Thank you very much, snmp really was thrown into default and removed access list
after the ban on access to SNMP - the problem stopped
Userlevel 4
Nice to hear that the issue got resolved.
I forgot to mention, enable ipforwarding on loopback vlan didn't seem to work, (it worked on the other vlans) and in any case, we didn't trust the configuration and rebooted without saving changes. Everything was fine after reboot. I did a showtech before rebooting, but I haven't gone through it yet to see what else may have been altered.
Userlevel 4
It changes the ttl value to the switch internally. Reboot will fix it.bgp neighbour may not come up due to change in ttl value of the switch.
Userlevel 5
We had the same problem today with Code version 15.4.2.8
We will try and disable the default SNMP community string
I will provide more feedback once we have tested this.

Thank you
Userlevel 4
There was an Official document released in extreme website For snmp best practices . 3 months back this issue was hot but now it's a known issue. I would recommend to follow snmp best practises as per extreme to avoid this issue reoccurring .
Userlevel 4
Below is the link for the document,

https://www.extremenetworks.com/wp-content/uploads/2014/06/BP001-SNMP-Best-Practice-Recomendations-rev-01.pdf

Reply