This post is more than 5 years old
3 Posts
0
81060
March 16th, 2016 10:00
N3048 cannot exit ssh sessions with firmware 6.3.0.3
I recently updated a standalone N3048 switch to the latest 6.3.0.3,A14 firmware (filename=N3000_N2000v6.3.0.3.stk) from 6.2.7.2,A10 and it seems I cannot exit an SSH session to the switch (via the OOB interface). I can log in with multiple configured users and the switch operates just fine otherwise, but upon typing exit the SSH session hangs. It looks like the following on a switch with hostname m1940:
m1940#exit
m1940>exit <-- hangs here, not even a newline after hitting enter
Connecting to the switch via the serial console I see that "show ip ssh" is empty and shows no active sessions. Additionally, the switch generates the "User has logged out" message to syslog. However, the actual SSH session from my management station is still alive, and in fact remains alive permanently it seems. I left one such session open overnight after the *** IDLE TIMEOUT *** had automatically ended it on the switch, and the next morning the SSH session and underlying TCP session were still lingering.
Upon reloading the switch via serial console the SSH session did disconnect correctly with the following on my management station, a generic RHEL 6 box:
Connection to m1940 closed by remote host.
Connection to m1940 closed.
To me that's just an additional indication that the SSH session remains active after the user session exists on the switch.
Has anyone else seen this behavior? Does anyone have a datapoint of SSH sessions behaving normally with this newer firmware?
bealdrid
1 Rookie
•
56 Posts
0
March 16th, 2016 13:00
Yes I'm having the exact same issue on a stack of N4032F switches after updating to 6.3.0.3
bealdrid
1 Rookie
•
56 Posts
0
March 22nd, 2016 07:00
As of at least Sunday March 20th, Firmware 6.3.0.3 was pulled from the download site. I have not received any official word about why, but I can only assume it is not stable enough to run in production. Please advise whether I should roll back to the previous version.
In addition to the SSH session issues, I did see odd behavior where the hashing algorithm of my port channels needed to be changed from "7" - Enhanced to "3" - SourceIP / Source UDP/TCP port in order for things to work properly. This wasn't the case before.
If we could get some sort of official word about why the FW was pulled, that'd be great.
Thanks.
gattebury
3 Posts
0
March 22nd, 2016 08:00
Daniel can probably provide a more official response, but in my case yes, I was able to just boot the backup firmware image. I actually did a few iterations between the broken 6.3.0.3 and the 6.1.x.x I started with before eventually just downgrading the 6.3.0.3 flash image to 6.2.7.2. Had no problems other than a few wasted hours mucking around to verify the SSH thing was actually happening and not my imagination.
If I recall you will see a few warning/error messages upon booting an older image related to some of the newly added 'features' in 6.3.0.3. I think they were support-assist and hive related. Basically it's just two extra lines in the config that the older images don't know about -- so simply warnings.
bealdrid
1 Rookie
•
56 Posts
0
March 22nd, 2016 08:00
Thanks Daniel. We'll schedule a time to roll back, and monitor for the next release.
Should all I have to do is boot into the older image?
gattebury
3 Posts
0
March 22nd, 2016 08:00
Sounds good to me - I'd already rolled back to 6.2.7.2 as it seems fine. Thanks for following up - glad others won't have to deal with the SSH silliness as well now.