07-12-2022 08:01 AM
Hi everyone,
recently upgraded my SG350 to 2.5.9.13 firmware, and have a L3 interface functionality disrupted.
previous config was (simple L3 interface):
interface GigabitEthernet27
description "MidRange-IP-L3 "
ip address 10.1.2.3 255.255.255.248
no switchport
!
and ip was available from any other vlan on network. (running with every firmware up to 2.5.8.15).
Upgrading to latest firmware I had to change the configuration to
interface GigabitEthernet27
description "MidRange-IP-L3 - breaked"
switchport mode trunk
switchport trunk native vlan 202
switchport trunk allowed vlan 202
interface vlan 202
name MidRange
ip address 10.1.2.3 255.255.255.248
!
...
Has this happened to anyone else? does anyone have any information about it?
how can i report the problem if it is not possible to open tac?
thank you in advance.
Loris
07-13-2022 12:56 AM
CSCva97603
Symptom
: If the last physical interface in a VLAN is set to L3 mode and then back
to L2 mode, the VLAN status stays down.
Workaround
Perform a shutdown/no shutdown on the physical interface.
Note This bug is resolved in software version 2.4.0.91.
07-13-2022 05:39 AM
hi, this workaround does not work on 2.5.9.13.
now, i downgraded and running on 2.5.8.15.
(i tried on first step to shut/no shut interface)
When switch boot with 2.5.9.13, ther's no way to turn on L3 interface.
shut/noshut does not work.
Cleaning up interface (delete from gui also) and reconfigured-it simply as:
interface GigabitEthernet27
description "MidRange-IP-L3 PfSense igb3 LAN"
ip address 192.168.2.3 255.255.255.248
no switchport
does not work as well, even using shut/no shut task, with some second of delay.
Everything i do , with "no switchport" option enabled, interface L£ does not change from status
UP/Down to UP/UP , as showed running
" sh ip int " command.
while, running on previous version, "sh ip int " show, correctly, L3 interface as UP/UP
(I/F Status admin/oper column)
(image attached)
thank you for your suggestion ... but cannot work as expected.
Loris
07-13-2022 10:16 PM
Can you please check with the below command to change the switch to router mode?
set system mode router
07-13-2022 11:27 PM
thank you for suggestion.
sure, i will try between today and tomorrow and give you feedback, but since switch was born router mode was always activated.
L3 neighbor is a firewall (asa 5505 until eol ) since network is born.
07-14-2022 09:42 AM - edited 07-14-2022 05:12 PM
i'm sorry but your command did not work on SG350.
issue follow interface.
configure another port (supposing issue is caused by SFP port ). it was the same:
network is unreacheable using "no switchport" feature. put in shut/no shut interface did not solve problem.
running release 2.5.9.13 is not possible with L3 interface active.
07-14-2022 10:45 PM
You should have to add this interface to the VLANs. Add and check
07-14-2022 11:50 PM
that is the workaround found to have a L3 interface work ... but is not a L3 interface.
putting no switchport into a new vlan and assigning ip address, used as default gateway work like a charm.
but ...why? what's happened in 2.5.9.13 that this simple config does not work anymore:
interface GigabitEthernet27
description "MidRange-IP-L3 "
ip address 10.1.2.3 255.255.255.248
no switchport
no mention in release note, nope in documentation ... that's absolutely a strange thing and a side effect very very bad.
Btw i can confirm that this solution works (the first post say that already :'( ), but, for me ... is not a solution, not a workaround ... it's a porkaround
interface GigabitEthernet27
description "MidRange-IP-L3 - breaked"
switchport mode trunk
switchport trunk native vlan 202
switchport trunk allowed vlan 202
interface vlan 202
name MidRange
ip address 10.1.2.3 255.255.255.248
!
i wish Cisco write few note on this behavior on a release note, if it is not a bug. thank you.
PS:
"no switchport" does not apply (and cannot be used) when is in use a "switch porte mode" .(to work with a vlan , L2)
so add a vlan cannot be the solution. Las L3 feature disrupted?
08-02-2022 11:22 AM
i've also encountered this issue on an SG350X attempting an upgrade to 2.5.9.13. the L3 interface never comes up following reload.
core#sh running-config interface TenGigabitEthernet1/0/1
interface TenGigabitEthernet1/0/1
description edge.transit
ip address 192.168.255.253 255.255.255.252
ipv6 address fc00::2/126
no switchport
!
as expected, no L2 parameters are configurable from the GUI when an interface is set to L3 'Switchport Mode':
rolling back to 2.5.8.15 without any configuration change restores expected functionality.
08-02-2022 01:18 PM
Hi, currently ther's a TAC opened for this issue. in the last update (saturday) i was asked to perform a traffic dump, after reload. I'm waiting for news.I typically get news on the weekend. I hope they can identify the anomaly and fix the behavior in a new release.
Solution, atthe moment, are these two:
- rollback to previous version (as you have already identified)
- migrate L3 interface to a svi in a new vlan (!!)
Loris
09-28-2022 07:35 AM
Bug was confirmed by eng team in opened TAC: CSCwc68418 SG350/550 - ARP issue in Rapid PVST mode
avoid to install 2.5.9.13 if you are using L3 native feature.
The next release will solve this bug.
10-19-2022 02:42 AM
issue fixed in new available release downloadable here:
https://software.cisco.com/download/home/286282333/type/282463181/release/2.5.9.15
bug CSCwa68418 solve issue described in this thread.
thank you Cisco.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: