Optical signal issues after C9300 reboot.

inb · ‎01-15-2024

Hi.

We are using model C9300-24S-A and 17.9.3 OS version.
HSRP is configured with 2 switch, and the firewall on the upper uplink is operating as Active-Passvie.
If switch 1 is rebooted due to a failure scenario, switch 2 becomes the HSRP Act.

Firewall 2 will also be converted to Act.

And when switch 1 completes rebooting, it sends out a signal before the status of the fiber (SFP) port becomes "up",

so firewall 1 receives this signal and fails-back occurs.

20 to 30 seconds after the firewall fail-back, the status of the ports on switch 1 becomes "up" and communication is established, causing a problem.

This problem can be resolved by using EEM, but I am curious as to whether this is the correct action.

Our site uses the switches below with the same configuration, but the same symptom is not occurring.
C9500-16/24/40X-A, N9K-C9504/9508, N9K-C93180YC-FX3

Only the C9300-24S model is causing a problem by sending an optical signal after rebooting and before the port status is up (the Port Led is also off).

I also tried downgrading the OS to 16.x.x or upgrading it to 17.12.x, but it is the same.

Please help.

balaji.bandi · ‎01-16-2024

Post the diagram, if you using sync link via these switches and Monitoring that is expected behavior (as you mentioned)

if you have sync/state link back to back you only Monitor that link the Firewall should work as expected technically.

https://www.cisco.com/c/en/us/support/docs/security/firepower-management-center/212699-configure-ftd-high-availability-on-firep.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help