解决的问题For 8360 Switches in AOS-CX 10.09.1040

类别	Bug ID	Description
Classifier	223756	Symptom：日志充斥着关于空的DB写入的不必要的错误。 Scenario:这个问题发生在AOS-CX写空值s defined in the schema to the DB.
DCBx	226608	Symptom: Event logs are flooded withPFC TLV状态在接口上无效messages. Scenario：当对等设备在本地交换机上连续发送DCBX数据包和LLDP时，消息时PFC TLV状态在接口上无效在事件日志中被淹没。 Workaround: Either disable the DCBX on the peer device or enable the DCBX on the local device to match the configuration with the peer device.
loopprotect	228549	Symptom: An unexpected loop is detected by the loop protect feature resulting in ports getting improperly blocked. A similar problem has been experienced in a square topology, while VSX members are still coming up and It has also been experienced when the ISL link between VSX members is toggled. Scenario: In a square topology, reboot the primary/secondary VSX peers. or toggle the ISL link and observe that the loop protect feature has blocked ports even though the network topology itself has not changed. Workaround: Disable loop-protect temporarily, ensure all VSX peers are in a stableestablishedstate. and then enable loop-protect. Running two protocols (RPVST and loop-protect) for the same purpose (l2 loop detection) is not recomended. Loop detection via RPVST is the recommended choice as it detects and mitigates loops per VLAN. Note, however, if loop-protect detects any loop even for one VLAN it will bring down the full link. This will block traffic for all VLANs.
NAE Scripts	231637	Symptom：在NAE代理操作回调中发生了罕见的间歇性错误，无法创建用于执行回调的容器。 Scenario: This issue can occur intermittently when running NAE agent action callbacks. Workaround: NAE and the agent will continue to function as expected without any intervention. This single action callback that the error occurred in will be lost, but all of the other ones will persist and be executed as expected.
半径端口	229739	Symptom: RADIUS disconnect requests failed with the error CONTEXT_NOT_REMOVABLE. Scenario：此问题与定时有关，配置并发启用启用入门并启用了默认优先级。如果用户在Macauth成功后，用户向客户端发出断开请求，则会发生这种情况，但是DOT1X身份验证仍在进行内部。 Workaround: Avoid issuing a disconnect request until the highest priority authentication method is completed. Check theoutpt of theshow aaa authentication port-access interface all client-statuscommand to verify the both the auth-methods are complete. Disconnect the request once higher priority methods are complete.
L3 addressing	225356	Symptom: In some rare cases the switch will reboot or crash when a user issues the清除ARP VRF IPcommand. Scenario: When the清除ARP VRF IP发出命令的内存可能会错误地访问。
ARP	214423	Symptom:从VTEP到远程主机（DHCP-CLIENT）的ping在主机重新启动后不起作用。Ping从VTEP到直接连接的主机工作。设想：ITHIS问题发生在具有2个VTEPS（VTEP1和VTEP2）的VXLAN设置中，而DHCP-CLIENT则直接连接到VTEP1。通过DHCP-CLIENT的VM重新启动，可以看到该问题，邻居状态更改为VTEP1和VTEP2中的内核失败。邻居进入仍存在于show arp命令和在两个VTEP的ASIC中。从VTEP1到VM的ping是成功的，而来自VTEP2的ping总是失败。 Workaround: Clear ARP on the local VTEP (vtep1).
IGMP	220620 228024 230762	Symptom: An IPTV channel change causes momentary freeze or pixelization. Scenario: This issue occurs when two IPTVs watch the same channel. If one IPTV changes the channel, other IPTV experience pixelization issue.
PVST	225336	Symptom：Spanning-Tree无法阻止循环，当访问端口连接到Cisco Switch时，网络会充满拥堵。 Scenario: When A Cisco switch running PVST+ is mistakenly looped to an Aruba switch running RPVST, the Aruba switch will fail to recognize the proprietary PVST+ BPDUs and will not put the port in a blocked state. This allows the loop to persist which spikes switch CPU and reduces performance of the network. This is due to Aruba switch expecting IEEE standard BPDUs rather than the Cisco proprietary ones. Workaround: Apply an ACL to block looped traffic.
OSPFv2	225988	Symptom：在输出中显示的正常运行时间之间发生不匹配show ospf命令和BGP状态反映了事件日志。 Scenario: This issue occurs if no OSPF show commands are executed for 49 days or more Workaround：每48天或更少一次运行任何OSPF Show命令。
bgp	226220	Symptom: A mismatch between uptime shown by显示BGP命令和BGP状态反映在事件日志中。 Scenario: This issue occurs if no BGP show commands were run for 49 days Workaround: Run any BGP show command once every 48 days or fewer.
Config Mgmt	229562	Symptom: Performing any copy operations for configurations/checkpoints including issuing the commandcopy running-config startup-config或者write memory，花费很长时间，然后由于超时而失败。 Scenario: This issue is caused by a race condition, and although it is not trigged by any specific configuration, it has been known to occur on VSX deployments more frequently . Workaround：执行HPE-Config服务的重新加载SystemCtl重新启动HPE-Config.
SNMP	229583	Symptom：对于在AOS-CX 10.8（或之前）配置的SNMP V3用户，如果交换机迁移到AOS-CX 10.9（或更高版本），网络管理员将无法将已配置的SNMP V3用于WR操作。 Scenario：此问题发生在开关迁移到AOS-CX 10.9（或更高版本）之后的SNMP V3用户的部署中 Workaround: To resolve this issue: 使用SNMP V2进行10.9（或之后）中所需的任何SNMP WR操作。添加配置行以启用给定SNMP V3用户的RW。 Execute the CMF scriptsnmp_access_level.py将在先前的权限下迁移SNMP V3用户。验证CMF脚本迁移的FT是test_ft_CMF_snmp_access_level.py.
DHCP Snooping	230480	Symptom：VXLAN隧道，DHCP客户端在访问交换机上启用DHCP-SNOPS时未获得IP地址。 Scenario:This issue occurs when the access switch is connected to the core switch via a VXLAN tunnel and the DHCP-Relay is configured on CORE (VSX). IF DHCP Snooping is disabled on the access platform, the client is getting an IP address. if DHCP Snooping is enabled on the ACCESS platform, the client client is not getting an IP address.This happens only when a DHCP packet lands on the VSX secondary (core). Workaround：配置拓扑结构，以使访问开关中的所有DHCP数据包仅落在VSX Primary（Core）上。
凭证管理器	231199	Symptom: A password is not applied after after a json config import if the user config contains a user password and an authorized key. Scenario: This issue occurs when a configuration containing a user account with both a password and an authorized key is applied and the running-config contains a different password for the same user.
	232658	Symptom: Some devices that attempt to link at 100Mbps with SmartRate ports will fail to link over long cable lengths. Scenario: A combination of small transmit power by the link partner and long cable will cause this issue. The affected switch SKUs are JL659A, JL660A, JL720A and JL720C. The affected removable linecards are R0X41A and R0X42A. Only ports with PHY firmware later than 5.4.C will have this issue.

Classifier

223756

Symptom：日志充斥着关于空的DB写入的不必要的错误。

Scenario:这个问题发生在AOS-CX写空值s defined in the schema to the DB.

DCBx

226608

Symptom: Event logs are flooded withPFC TLV状态在接口上无效messages.

Scenario：当对等设备在本地交换机上连续发送DCBX数据包和LLDP时，消息时PFC TLV状态在接口上无效在事件日志中被淹没。

Workaround: Either disable the DCBX on the peer device or enable the DCBX on the local device to match the configuration with the peer device.

loopprotect

228549

Symptom: An unexpected loop is detected by the loop protect feature resulting in ports getting improperly blocked. A similar problem has been experienced in a square topology, while VSX members are still coming up and It has also been experienced when the ISL link between VSX members is toggled.

Scenario: In a square topology, reboot the primary/secondary VSX peers. or toggle the ISL link and observe that the loop protect feature has blocked ports even though the network topology itself has not changed.

Workaround: Disable loop-protect temporarily, ensure all VSX peers are in a stableestablishedstate. and then enable loop-protect. Running two protocols (RPVST and loop-protect) for the same purpose (l2 loop detection) is not recomended. Loop detection via RPVST is the recommended choice as it detects and mitigates loops per VLAN. Note, however, if loop-protect detects any loop even for one VLAN it will bring down the full link. This will block traffic for all VLANs.

NAE Scripts

231637

Symptom：在NAE代理操作回调中发生了罕见的间歇性错误，无法创建用于执行回调的容器。

Scenario: This issue can occur intermittently when running NAE agent action callbacks.

Workaround: NAE and the agent will continue to function as expected without any intervention. This single action callback that the error occurred in will be lost, but all of the other ones will persist and be executed as expected.

半径端口

229739

Symptom: RADIUS disconnect requests failed with the error CONTEXT_NOT_REMOVABLE.

Scenario：此问题与定时有关，配置并发启用启用入门并启用了默认优先级。如果用户在Macauth成功后，用户向客户端发出断开请求，则会发生这种情况，但是DOT1X身份验证仍在进行内部。

Workaround: Avoid issuing a disconnect request until the highest priority authentication method is completed. Check theoutpt of theshow aaa authentication port-access interface all client-statuscommand to verify the both the auth-methods are complete. Disconnect the request once higher priority methods are complete.

L3 addressing

225356

Symptom: In some rare cases the switch will reboot or crash when a user issues the清除ARP VRF IPcommand.

Scenario: When the清除ARP VRF IP发出命令的内存可能会错误地访问。

ARP

214423

Symptom:从VTEP到远程主机（DHCP-CLIENT）的ping在主机重新启动后不起作用。Ping从VTEP到直接连接的主机工作。

设想：ITHIS问题发生在具有2个VTEPS（VTEP1和VTEP2）的VXLAN设置中，而DHCP-CLIENT则直接连接到VTEP1。通过DHCP-CLIENT的VM重新启动，可以看到该问题，邻居状态更改为VTEP1和VTEP2中的内核失败。邻居进入仍存在于show arp命令和在两个VTEP的ASIC中。从VTEP1到VM的ping是成功的，而来自VTEP2的ping总是失败。

Workaround: Clear ARP on the local VTEP (vtep1).

IGMP

220620

228024

230762

Symptom: An IPTV channel change causes momentary freeze or pixelization.

Scenario: This issue occurs when two IPTVs watch the same channel. If one IPTV changes the channel, other IPTV experience pixelization issue.

PVST

225336

Symptom：Spanning-Tree无法阻止循环，当访问端口连接到Cisco Switch时，网络会充满拥堵。

Scenario: When A Cisco switch running PVST+ is mistakenly looped to an Aruba switch running RPVST, the Aruba switch will fail to recognize the proprietary PVST+ BPDUs and will not put the port in a blocked state. This allows the loop to persist which spikes switch CPU and reduces performance of the network. This is due to Aruba switch expecting IEEE standard BPDUs rather than the Cisco proprietary ones.

Workaround: Apply an ACL to block looped traffic.

OSPFv2

225988

Symptom：在输出中显示的正常运行时间之间发生不匹配show ospf命令和BGP状态反映了事件日志。

Scenario: This issue occurs if no OSPF show commands are executed for 49 days or more

Workaround：每48天或更少一次运行任何OSPF Show命令。

bgp

226220

Symptom: A mismatch between uptime shown by显示BGP命令和BGP状态反映在事件日志中。

Scenario: This issue occurs if no BGP show commands were run for 49 days

Workaround: Run any BGP show command once every 48 days or fewer.

Config Mgmt

229562

Symptom: Performing any copy operations for configurations/checkpoints including issuing the commandcopy running-config startup-config或者write memory，花费很长时间，然后由于超时而失败。

Scenario: This issue is caused by a race condition, and although it is not trigged by any specific configuration, it has been known to occur on VSX deployments more frequently .

Workaround：执行HPE-Config服务的重新加载SystemCtl重新启动HPE-Config.

SNMP

229583

Symptom：对于在AOS-CX 10.8（或之前）配置的SNMP V3用户，如果交换机迁移到AOS-CX 10.9（或更高版本），网络管理员将无法将已配置的SNMP V3用于WR操作。

Scenario：此问题发生在开关迁移到AOS-CX 10.9（或更高版本）之后的SNMP V3用户的部署中

Workaround: To resolve this issue:

使用SNMP V2进行10.9（或之后）中所需的任何SNMP WR操作。
添加配置行以启用给定SNMP V3用户的RW。
Execute the CMF scriptsnmp_access_level.py将在先前的权限下迁移SNMP V3用户。验证CMF脚本迁移的FT是test_ft_CMF_snmp_access_level.py.

DHCP Snooping

230480

Symptom：VXLAN隧道，DHCP客户端在访问交换机上启用DHCP-SNOPS时未获得IP地址。

Scenario:This issue occurs when the access switch is connected to the core switch via a VXLAN tunnel and the DHCP-Relay is configured on CORE (VSX). IF DHCP Snooping is disabled on the access platform, the client is getting an IP address. if DHCP Snooping is enabled on the ACCESS platform, the client client is not getting an IP address.This happens only when a DHCP packet lands on the VSX secondary (core).

Workaround：配置拓扑结构，以使访问开关中的所有DHCP数据包仅落在VSX Primary（Core）上。

凭证管理器

231199

Symptom: A password is not applied after after a json config import if the user config contains a user password and an authorized key.

Scenario: This issue occurs when a configuration containing a user account with both a password and an authorized key is applied and the running-config contains a different password for the same user.

232658

Symptom: Some devices that attempt to link at 100Mbps with SmartRate ports will fail to link over long cable lengths.

Scenario: A combination of small transmit power by the link partner and long cable will cause this issue. The affected switch SKUs are JL659A, JL660A, JL720A and JL720C. The affected removable linecards are R0X41A and R0X42A. Only ports with PHY firmware later than 5.4.C will have this issue.

解决的问题For 8360 Switchesin AOS-CX 10.09.1040