This knowledge base has moved to the documentation site. Please visit the knowledge base here for the most up to date content. This site is no longer maintained.

VLAN 1 Flood Traffic Flooded out from Ports Designated as Access Ports of other VLANs

Follow

Issue

In some configurations, flooded traffic from the primary VLAN ID of a bridge can be transmitted out of ports that are not assigned as a member of that VLAN. This can result in the associated broadcast, multicast and unknown destination traffic for the primary VLAN to be transmitted out from ports that should not receive the traffic.

Environment

  • Cumulus Linux 2.5.4

Resolution

To work around this issue, execute the following commands for the bridge:

cumulus@switch:~$ sudo ifdown [bridge] 
cumulus@switch:~$ sudo ifup [bridge]

The Cumulus Linux http://repo.cumulusnetworks.com repository was updated with the latest security resolution to this issue.

This issue has a CVSS score of 3.4 (Low). We recommend that you upgrade Cumulus Linux and Cumulus RMP. 

For instructions on how to apply the latest security upgrades, please refer to this Help Center article. See also the Cumulus Linux 2.5.4 release notes

We would like to thank Collin Crowell for reporting this issue.

If you have any questions, please contact us.

Comments

This support portal has moved

Cumulus Networks is now part of the NVIDIA Networking Business Unit! The NVIDIA Cumulus Global Support Services (GSS) team has merged its operations with the NVIDIA Mellanox support services team.

You can access NVIDIA Cumulus support content from the Mellanox support portal.

You open and update new cases on the Mellanox support portal. Any previous cases that have been closed have been migrated to the Mellanox support portal.

Cases that are still open on the Cumulus portal will continue to be managed on the Cumulus portal. Once these cases close, they will be moved to the Mellanox support portal.

Powered by Zendesk