Troubleshooting Switch Discovery Issues
The ACI-mode switch software includes a comprehensive leaf and spine switch discovery validation program. The validation program is launched with a switch CLI command when a switch is stuck in the discovery mode.
The validation program performs the following tests:
-
System state—Checks the state of the
topSystem
managed object (MO).-
If the state is "out-of-service," checks for any scheduled upgrades.
-
If the state is "downloading bootscript," a failure has occurred in the downloading bootscript. The failure is reported. If the switch is an L3out spine, the program additionally checks the bootstrap download state and reports any failure.
-
-
DHCP status—Checks for DHCP status and information, such as the TEP IP, node Id, and name assigned from the
dhcpResp
MO. -
AV details—Checks whether the APICs are registered and whether they have valid IP addresses.
-
IP reachability—Uses the iping command to verify IP reachability to the address assigner APIC. To retest this condition, use the show discoveryissues apic ipaddress command.
-
infra VLAN received—Checks for the presence of the infra VLAN details in the
lldpInst
MO. If this switch belongs to a pod that has no APIC, no infra VLAN details are present, and this section of the test result can be ignored. -
LLDP adjacency—Checks for the presence of LLDP adjacencies and for any wiring mismatch issues. LLDP issues can generate fault reports such as infra VLAN mismatch, chassis ID mismatch, or no connection to the front end ports.
-
Switch version—Reports the running firmware version of the switch. Also reports the version of the APIC, if available.
-
FPGA/BIOS—Checks for any FPGA/BIOS version mismatch on the switch.
-
SSL validation—Checks for validity of the SSL certificate details using the acidiag verifyssl -s serialNumber command.
-
Policy downloads—Checks the
pconsBootStrap
MO to see whether registration to APIC (PM shards) is complete and whether all policies were downloaded successfully. -
Time—Reports the current time on the switch.
-
Hardware status—Checks the module, power, and fan status from the
eqptCh, eqptFan, eqptPsu, eqptFt
andeqptLC
MOs.
Running the Test Manually
To run the switch discovery validation program, log in to the spine or leaf switch CLI console and execute the following command:
show discoveryissues [apic ipaddress ]Example of a Successful Test
The following example shows the switch discovery validation program output for a successful test.
spine1# show discoveryissues
Checking the platform type................SPINE!
Check01 - System state - in-service [ok]
Check02 - DHCP status [ok]
TEP IP: 10.0.40.65 Node Id: 106 Name: spine1
Check03 - AV details check [ok]
Check04 - IP rechability to apic [ok]
Ping from switch to 10.0.0.1 passed
Check05 - infra VLAN received [ok]
infra vLAN:1093
Check06 - LLDP Adjacency [ok]
Found adjacency with LEAF
Check07 - Switch version [ok]
version: n9000-14.2(0.167) and apic version: 5.0(0.25)
Check08 - FPGA/BIOS out of sync test [ok]
Check09 - SSL check [check]
SSL certificate details are valid
Check10 - Downloading policies [ok]
Check11 - Checking time [ok]
2019-08-21 17:15:45
Check12 - Checking modules, power and fans [ok]
Example of a Failed Test
The following example shows the switch discovery validation program output for a switch with discovery issues.
spine1# show discoveryissues
Checking the platform type................SPINE!
Check01 - System state - out-of-service [FAIL]
Upgrade status is notscheduled
Node upgrade is notscheduled state
Check02 - DHCP status [FAIL]
ERROR: discover not being sent by switch
Ignore this, if the IP is already known by switch
ERROR: node Id not configured
ERROR: Ip not assigned by dhcp server
ERROR: Address assigner's IP not populated
TEP IP: unknown Node Id: unknown Name: unknown
Check03 - AV details check [ok]
Check04 - IP reachability to apic [FAIL]
please rerun the CLI with argument apic Ip
(show discoveryissues apic <ip>) to check its reachability from switch
Check05 - infra VLAN received [FAIL]
Please ignore if this switch is part of a pod with no apic
Check06 - LLDP Adjacency [FAIL]
Error: spine not connected to any leaf
Check07 - Switch version [ok]
version: n9000-14.2(0.146) and apic version: unknown
Check08 - FPGA/BIOS out of sync test [ok]
Check09 - SSL check [ok]
SSL certificate details are valid
Check10 - Downloading policies [FAIL]
Registration to all PM shards is not complete
Policy download is not complete
Pcons booststrap is in triggered state
Check11 - Checking time [ok]
2019-07-17 19:26:29
Check12 - Checking modules, power and fans [FAIL]
Line card state is testing