Thursday, August 16, 2018

3850

We have two 3850 stacks each with two WS-C3850-24P-E switches. A couple of weeks ago we upgraded the firmware from 3.7.4E to 3.6.8E, as specifically advised by Cisco TAC, to resolve a bug with interface output counters (https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvb65304).

After reloading we noticed a couple of problems:

  1. sap pmk mode-list only allowed "no-encap" and not "gcm-encrypt" (MACSec).
  2. The SFP interfaces were down and couldn't be brought back up. Saw below errors in the logs:%PLATFORM_PM-6-MODULE_ERRDISABLE: The inserted SFP module with interface name Te1/1/4 is not supported%PM-4-ERR_DISABLE: gbic-invalid error detected on Te1/1/4, putting Te1/1/4 in err-disable state

The Cisco TAC engineer on WebEx at the time suggested the below, which didn't make any difference:

  1. 3850(config)# no errdisable detect cause gbic-invalid
  2. 3850(config)# service unsupported-transceiver
  3. Remove SFP module, shutdown/no shutdown the port, insert back the SFP module.

Despite explaining at the time and in many emails since that these errors were occurring AFTER reloading (to the same engineer that was on the WebEx), they keep referring to a bug (https://bst.cloudapps.cisco.com/bugsearch/bug/CSCud82475) which is specifically about seeing errors DURING the switch reload. After two weeks I've just asked for the SR to be escalated to another TAC engineer.

This upgrade was at the end of two 18-hour days and two days of network issues so we didn't have the time to read any release notes etc (which I'm struggling to find for the specific version anyway). The actual issue ended up being a bug with offloading on our PA-3220s, but we still want to update to a 3850 firmware that doesn't have the output errors bug and something more recent.

Questions for r/networking:

  1. Has anyone had any experience with the invalid/unsupported SFP issue on 3850s on 3.6.4? (I couldn't find anything online specific to that version that didn't look like a different issue).
  2. What is everybody's thoughts on the Denali 16.x train? Should we be looking at upgrading to it? I've read somewhere that the future is 16.x.
  3. Have I just been unlucky with Cisco TAC support on this case or is this a usual occurrence? We raised another TAC case and got really good, immediate support.

Edit: Posting from work while everyone wants to talk to me, please excuse poor title and any lack of details/poor questions :)



No comments:

Post a Comment