Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1498
Views
0
Helpful
3
Replies

Exception found failing to rollback configuration on ACI 4.1(2x)

clement_cheung
Level 1
Level 1

‎03-09-2020 12:19 AM

Hi

 

I am testing a new fabric running ACI 4.1(2x), and encounter rollback exception.  The steps I took in the test was simple:

1) Take a snapshot

2) Create a dummy tenant

3) Rollback the snapshot

Step 3 failed.  Fault dump is attached.

Please help.

1 person had this problem
Labels:
Preview file
44 KB
Preview file
106 KB
0 Helpful
3 Replies 3

Remi-Astruc
Cisco Employee
Cisco Employee

‎03-09-2020 01:55 AM

Hi @clement_cheung ,

Can you please show the following APIC CLI output:

moquery -c fvIPSLAMonitoringPol

 

Remi Astruc
0 Helpful

davidkosich1
Level 1
Level 1
In response to Remi-Astruc

‎03-11-2021 06:26 PM

For what its worth, I am seeing this same issue running 14.2(6d) and here is the output you requested from our apic-

 

apic01# moquery -c fvIPSLAMonitoringPol
Total Objects shown: 1

# fv.IPSLAMonitoringPol
name : default
annotation :
childAction :
descr :
dn : uni/tn-common/ipslaMonitoringPol-default
extMngdBy :
lcOwn : local
modTs : 2018-01-02T03:40:40.008-05:00
monPolDn : uni/tn-common/monepg-default
nameAlias :
ownerKey :
ownerTag :
rn : ipslaMonitoringPol-default
slaDetectMultiplier : 3
slaFrequency : 60
slaPort : 0
slaType : tcp
status :
uid : 0

 

0 Helpful

davidkosich1
Level 1
Level 1

‎03-12-2021 06:03 AM

The behavior seems to have changed in 4.x code. We were able to work around this by changing the default IP SLA policy under the Common tenant, and changed TCP port from 0 to 1. After the change, we can now roll back to any NEW checkpoints (created after the IP SLA workaround), but looks like any created before hand are no longer vlaid. 

 

We dont use IP SLA, so we suspect this setting was set to TCP during a initial XML push when the fabrics were setup with Cisco AS. 

 

Looking at the release notes, this maybe is you are hitting based on your screenshot:

 

Beginning in Cisco APIC release 4.1(1), the IP SLA monitor policy validates the IP SLA port value. Because of the validation, when TCP is configured as the IP SLA type, Cisco APIC no longer accepts an IP SLA port value of 0, which was allowed in previous releases. An IP SLA monitor policy from a previous release that has an IP SLA port value of 0 becomes invalid if the Cisco APIC is upgraded to release 4.1(1) or later. This results in a failure for the configuration import or snapshot rollback.

The workaround is to configure a non-zero IP SLA port value before upgrading the Cisco APIC, and use the snapshot and configuration export that was taken after the IP SLA port change.

0 Helpful
Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License