Known issues For 8360 SwitchesinAOS-CX10.09.1040

Symptom: In a Inter VRF route leak(IVRL) setup, port-access authentication fails with server timeout error. Even thought the server is reachable and the tracking indicates the server as reachable. This happens from 10.08 onwards.

Scenario: In an IVRL setup, when the radius-server configuration VRF is not the same VRF as that of the actual server is placed, then the client authentication fails with server timeout error. This can happen in cases where a customer is running a software version 10.08 or higher. This can happen in upgrade or normal config instances as well. For example in this config:

The radius-server configuration is inVRF ADMINand the IP is reachable onVRF USER. With such configuration the port-access client authentication fails with a server timeout error.

Workaround: Have the radius-server configuration in the same VRF as e the server is connected. In the mentioned example the radius-server configuration should be inVRF USER. Another workaround is to leak the connected route to the radius-server configured VRF, in this case VRF ADMINip route 10.10.100.0/30 1/1/1 vrf ADMIN.

Symptom: The output of theshow boot-historycommand displays an incorrect uptime.

Scenario:这个问题可以发生在与国家结核控制规划的部署d Aruba Central enabled, if the switch fails to connect with Aruba Central and continues to retry.

Workaround: The customer can disable Aruba Central using the following CLI command.

switch (config)# aruba-central

switch (config-aruba-central)# disable

Symptom: A traffic loss issue can impact a network where a provide edge device is connected to two devices in the provider network, if both paths are not equal cost, and one path is active and the other is standby. all the routes were supposed to be redirected to the standby path. However, some of the routes are in unresolved state, causing permanent traffic loss.

Scenario: This issue can occur after to a network event or customer configuration change where the traffic needs to go to standby path. (For example, the port which was connected to active path was shut, or the device connected to active path went down).

Workaround: Toggle the interface connected to the standby device when the traffic loss is observed. This will reconcile the routes and traffic will start flowing without loss.

Symptom: The user session does not timeout.

Scenario: When the switch console is left idle, with a CLI command output in progress, waiting for user input to display the next page, the user session does not timeout when the configured timer expires.

Symptom:The precision time protocol (PTP) offset is not accurate.

Scenario:When configuring transceivers to a non-default forward error correction (FEC) setting, the PTP offset will not be accurate due to inaccuracy in PTP latency.

Workaround:Use the default FEC.

Symptom/Scenario:The configured value for the BGP default local preference is not carried over EVPN routes.

Workaround:Inject the local preference from the non-EVPN fabric neighbor using theroute-mapcommand.

Symptom:An EVPN route is selected as the best route over an eBGP route.

Scenario:When the same prefix is learned from EVPN and eBGP the route learned from EVPN takes precedence over the eBGP route. When selecting a fib route, local preference is taken into consideration over administrative distance.

Workaround:Configure a higher local preference for eBGP routes as compared to EVPN routes.

Symptom:Extended RTs (via ext communities) received from a local side PE are not installed on the remote side PE.

Scenario:In an L3VPN network, the extended RTs that are used as route attributes in the VPNv4 routes will not get installed on the other side PE. If those values are used to influence the route selection or policy, it may not work.

Workaround:使用标准的社区,其他边界网关协议属性代码行ally on the remote side to influence the route selection or policy.