The 3850 switches at that site are running code v3.6.1.

The XE code has been very problematic, there is a chance that you are running into a bug. If there isn't a particular feature that you are after in v3.6.1 then I would recommend that you go to v3.3.5 and see if that resolves your issue. 

Thank you for rating helpful posts!

very buggy indeed Neno... we are switching to another vendor after getting our a-- handed to us with issues with the 3850 last month

Sorry to hear that you had major issues Joe. Do you mind sharing with us:

- The issue that you had

- Bug ID (If applicable)

- The vendor that you are planning on switching to

the 3850 runs ip device tracking by default, even on a layer2 switch and no matter what we did (tac had us do alot) our windows 7 machines had IP CONFLICTS upon plugging in - even though nothing else had those ip's for sure. 

so the 3850 ip device tracking feature causes more harm that its worth.

we are going with HP Procurve or Arista

Ugh, I think you might have hit the same issue that I did with a deployment that I have done in the past, except in my case I was dealing with Cisco 4500-X that also runs the XE code. The "IP Device Tracking" is disabled by default on Catalyst IOS but enabled by default on IOS XE. The command is needed (even for layer 2 switches) if you plan on deploying dot1x with DACLs. 

I have worked with both Arista and HP (Actually 3com) in the past. Arista had some very nice and fast switches while HP had nothing that really impressed me. To be fair, I have ran into issues/bugs with both manufacturers :) So just keep in mind that nobody will be perfect out there :)

Btw, I still believe that Cisco's TAC and communities, such as this is what sets Cisco apart from the rest of the competition. 

Best regards, 

Neno