03-09-2020 12:19 AM
Hi
I am testing a new fabric running ACI 4.1(2x), and encounter rollback exception. The steps I took in the test was simple:
1) Take a snapshot
2) Create a dummy tenant
3) Rollback the snapshot
Step 3 failed. Fault dump is attached.
Please help.
03-09-2020 01:55 AM
Hi @clement_cheung ,
Can you please show the following APIC CLI output:
moquery -c fvIPSLAMonitoringPol
03-11-2021 06:26 PM
For what its worth, I am seeing this same issue running 14.2(6d) and here is the output you requested from our apic-
apic01# moquery -c fvIPSLAMonitoringPol
Total Objects shown: 1
# fv.IPSLAMonitoringPol
name : default
annotation :
childAction :
descr :
dn : uni/tn-common/ipslaMonitoringPol-default
extMngdBy :
lcOwn : local
modTs : 2018-01-02T03:40:40.008-05:00
monPolDn : uni/tn-common/monepg-default
nameAlias :
ownerKey :
ownerTag :
rn : ipslaMonitoringPol-default
slaDetectMultiplier : 3
slaFrequency : 60
slaPort : 0
slaType : tcp
status :
uid : 0
03-12-2021 06:03 AM
The behavior seems to have changed in 4.x code. We were able to work around this by changing the default IP SLA policy under the Common tenant, and changed TCP port from 0 to 1. After the change, we can now roll back to any NEW checkpoints (created after the IP SLA workaround), but looks like any created before hand are no longer vlaid.
We dont use IP SLA, so we suspect this setting was set to TCP during a initial XML push when the fabrics were setup with Cisco AS.
Looking at the release notes, this maybe is you are hitting based on your screenshot:
Beginning in Cisco APIC release 4.1(1), the IP SLA monitor policy validates the IP SLA port value. Because of the validation, when TCP is configured as the IP SLA type, Cisco APIC no longer accepts an IP SLA port value of 0, which was allowed in previous releases. An IP SLA monitor policy from a previous release that has an IP SLA port value of 0 becomes invalid if the Cisco APIC is upgraded to release 4.1(1) or later. This results in a failure for the configuration import or snapshot rollback.
The workaround is to configure a non-zero IP SLA port value before upgrading the Cisco APIC, and use the snapshot and configuration export that was taken after the IP SLA port change.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide