Cisco found the bug in NX-OS: ipv6 neighbor entries are written into the neighbor cache of the underlying linux. But they get never deleted. With more then 250k neighbor entries things begin to break.
Workaround is a daily reboot of the switches.


Linux kernel IPv6 neighbour cache entries cause a problem for a big name vendor — and it feels worse than CVE-2018-19299 that fixed earlier this year!

Show thread
Sign in to participate in the conversation

This instance is sponsored by FAELIX, an ISP with an ethical charter. We acknowledge that freedom of speech is a right, and we help those whose voice needs to be heard. However, all rights come with responsibilities; and we stand against prejudice and hatred. The moderators will intervene to ensure that all users of this instance have the right not to tolerate the intolerant.