How to convert SPP into text2pcap readable format

Introduction

There are some internal tools that can decode SPP packets at former, but they are not work now. In some scenario, customer coudln’t do span on our asr9k, so we only need SPP, then will face to how to decode SPP result.

The article disscuss how to covert SPP original data to text2pcap readable format, then decode by text2pcap. You only do the script that can auto work. Btw, before do that, you need have python2.7 and text2pcap (integrate in wireshark). If you have python3.0 or newer, that maybe have some issue, because some function have a bit different, you need adjust them by yourself.

Solution

Original SPP data:

=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2017.12.04 17:12:19 =~=~=~=~=~=~=~=~=~=~=~=
trace p stop
Tracing stopped with 666 outstanding...
spp-ui> trace print
Packet serial 861
port4/classify:
  length 148 phys_int_index 0 next_ctx 0xdeadbeef time 09:10:41.407
  00: 00 70 72 00 00 08 00 65 7a 00 00 00 ff ff 00 07 
  10: 80 30 00 00 00 00 0f 00 00 00 1f 00 00 00 00 00 
  20: 00 70 05 f2 42 fb 00 00 04 00 01 40 07 01 05 27 
  30: 06 03 0e 06 00 00 00 00 4c 00 00 00 00 00 58 00 
  40: 00 00 00 00 00 00 06 01 00 a1 13 41 92 60 00 b2 
  50: 64 41 8a 4c 08 00 45 c0 00 3e 00 00 00 00 fe 11 
  60: c8 25 12 ac 79 0d 34 df d0 01 02 86 02 86 00 2a 
  70: 75 5a 00 01 00 1e 3f da a4 0f 00 00 01 00 00 14 
  80: 00 00 00 00 04 00 00 04 00 5a c0 00 04 01 00 04 
  90: 3f da a4 0f 00 00 00 00 00 00 00 00 00 00 00 00 
  a0: 00 00 00 17 00 08 05 01 00 00 af c8 00 24 14 01 
  b0: 01 08 3f da d0 46 20 00 01 08 3f da d0 42 20 00 
  c0: 01 08 3f da d0 41 20 00 01 08 3f da d0 07 20 00 
  d0: 00 08 13 01 00 00 08 00 00 20 cf 07 00 00 07 16 
  e0: 4d 50 4c 53 2d 54 45 20 74 6f 20 76 61 72 30 31 
  f0: 2e 6b 6c 70 30 32 00 00 00 0c 0b 07 3f df 04 08 
--------------------------

完整阅读

NCS6K: XRVM loses console

Problem

Customer get HostOS when connect to XRVM console after installing ISSU SMU, and confirmed XRVM normal work.

Background

  • SAVM and XRVM on all RPs and LCs, FC only have SAVM, check by “show vm” in admin vm, SAVM and XRVM mapping to console 0 & 1, as follow:
  • Except SAVM and XRVM, have key components that is host system in RPs or LCs, you can check host by follow steps, login by “ssh ” after “chvrf 0 bash”.

完整阅读

Troubleshooting “%FABRIC-INGRESSQ-6-LINK_DOWN” on CRS

Introduction

Customer found 0/4/cpu0 have many ingressq asic error, after checked, that should match a know DDTS: CSCuu86430. The issue maybe was triggered when CRS-3 MSCs(140G) interactive with a CRS-X(400G) fabric. After trigger the issue, will found CRS-X’s fabric link of s1rx flapping. Have reload SMU under 514.

For this article, will show how to troubleshooting the fabric link flapping.

Troubleshooting

1. Customer found follow alarm:

LC/0/4/CPU0:Nov  8 00:30:26.752 : ingressq[235]: %FABRIC-INGRESSQ-6-LINK_DOWN : Ingressq: Link 26 of Asic Instance 0 has been administratively shut down. 
LC/0/1/CPU0:Nov  8 00:37:59.734 : fabricq_mgr[178]: %FABRIC-FABRICQ-3-PCL_PKT : Minor error in PCL of fabricq asic 0. PCL UC Lost Packet: CAOPCI: 0x18 (0/4, UC, LO):Lost Packet count= 1 
LC/0/4/CPU0:Nov  8 00:37:59.734 : ingressq[235]: %FABRIC-INGRESSQ-6-LINK_DOWN : Ingressq: Link 26 of Asic Instance 0 has been administratively shut down. 
LC/0/4/CPU0:Nov  8 10:27:27.265 : ingressq[235]: %FABRIC-INGRESSQ-6-LINK_DOWN : Ingressq: Link 26 of Asic Instance 0 has been administratively shut down. 
LC/0/4/CPU0:Nov  8 11:06:08.181 : ingressq[235]: %FABRIC-INGRESSQ-6-LINK_DOWN : Ingressq: Link 26 of Asic Instance 0 has been administratively shut down. 
LC/0/1/CPU0:Nov  8 11:08:46.132 : fabricq_mgr[178]: %FABRIC-FABRICQ-3-PCL_PKT : Minor error in PCL of fabricq asic 0. PCL UC Partial Packet: CAOPCI: 0x18 (0/4, UC, LO) 
LC/0/4/CPU0:Nov  8 11:18:34.733 : ingressq[235]: %FABRIC-INGRESSQ-6-LINK_DOWN : Ingressq: Link 26 of Asic Instance 0 has been administratively shut down. 
LC/0/4/CPU0:Nov  8 11:28:44.350 : ingressq[235]: %FABRIC-INGRESSQ-6-LINK_DOWN : Ingressq: Link 26 of Asic Instance 0 has been administratively shut down. 

完整阅读

How to get correct Yang configuration on ASR9k

Now some customer test netconf-yang on our XR platform. And frequency to check how to get correct yang config(XML), then they test the yang config by their controller to touch with our devices. Now there are several ways to achieve that, summed up to facilitate review:

 

  • We can ssh 830 to asr9k paltform, then get the configuration, that should correct yang config, you can reference attachment at test-xml-by-ssh.txt
ssh cisco@10.75.49.25 -p 830 -s netconf
  • We can build Netconf NED by pioneer in NSO, then sync-from devices, and “devices device 9001-A compare-config outformat xml”, that should correct yang config
  • After install NSO, we can use follow tools to achieve that function too
netconf-console -u cisco -p cisco --host 10.75.49.53 --port 831 --get-config

 

Btw, please attention “-” and “–” that maybe cause command issue.

Troubleshooting IPoE Session that pending at “ACK-DPM-WAIT”

Introduction

The article will talk about what is “ACK-DPM-WAIT”, and how to troubleshooting the similar scenario. Due to limitation info that couldn’t narrow down, in my CASE, so will update the article if the issue happen again and find RCA.

Problem Description

Version: 5.1.3 + induvial SMU
Platform: 9010 + Mod80 + A9K-MPA-4X10GE
BNG: IPOE, DHCP Proxy, 28k session

My customer found part of BNG session was failure. Trigger is due to customer power supply have issue that cause the asr9k re-power. After 9k reload, found dhcpd and arp have so many alarms, dhcpd was recovery after tried restart process multi times, but arp continue have SPIO alarm even if tried restart process, customer had enabled arp local disable on the BNG port.

The issue sessions got address correct from DHCP, but session would be deleted after 15min. After checked on asr9k, we found issue session pending on ACK_DPM_WAIT status. And the issue was auto recovery at approx.19:00-19:30. And at that timeslot, arp alarm disappear too.
完整阅读