BugZero | Cisco BugID CSCvv27849 - Cat 9K & 3K: Unexpected reload caused by the FED p...

Cisco - Defect ID: CSCvv27849

Cat 9K & 3K: Unexpected reload caused by the FED process.

Cisco - Defect ID: CSCvv27849

Cat 9K & 3K: Unexpected reload caused by the FED process.

Last updated on December 1st, 2025

BugZero Risk Score
8.0 High

Overall: 8.0

Severity: 8.2

Lifecycle: 9.1

Popularity: 6.9

What is the BugZero Risk Score?

Cisco Integration

Learn more about where this data comes from

Cisco Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Views: 9

Description

Symptom

A Catalyst 9k or Catalyst 3k (3850/3650) switch may crash intermittently on 16.12.5

Conditions

This issue can be seen on cat3k with 16.12.5, and cat9k with 16.12.5 and 17.3.1 releases The trigger for this issue is mac instability/churn. As a result, there are certain activities which cause a large-scale updates to the mac table have an increased chance at triggering this problem. åç Examples include, but are not limited to: 1 User triggered clearing of the mac-address table 2 Physical Port bounce that triggers port associated macs to be deleted and re-learned. 3 Spanning-tree topology changes Topology Changes (TCNs) can trigger a rapid aging of existing mac entries which may be cleared and re-learned, or could cause an L2 reconvergence around a different interface triggering multiple moves/updates for existing mac addresses. 4 Normal MAC entry is getting aged out due to inactivity.

Workaround

This issue is intermittent and will not be seen every time there is a change to the mac table. You can reduce the chances of hitting the issue by reducing the amount of mac churn on the switch. The following may help reduce the frequency that the issue may be seen. 1. Ensure spanning-tree portfast is properly applied and the L2 network is stable to reduce the number of topology changes on the network. - TCNs can be traced using "show span de | in exec|occur|from" to see the last port to receive/trigger them 2. Manually increase the mac aging time on the switch from the default (5 minutes) to a higher value such as 30 minutes or larger. - Silent hosts that are not expected to communicate often can have a mac aging time configured just above the ARP timer so that the gateway will always refresh the ARP entry before it expires, which in turn will update the mac aging time. 3. Do not manually clear the mac-table. 4. Avoid physical link changes where possible which would result in mac add/delete activities. port-channels can be used on redundant interfaces to protect from any one member link triggering a larger change.

Further Problem Description

Change history

2025-06-04 Added: 17.4.1

Relevant Products

Click on a version to see all relevant bugs

Affected versions:17.4.1

Fixed versions: 16.12.10, 16.12.5b, 16.12.6, 16.12.6a, 16.12.7, 16.12.8, 16.12.9, 17.05.01c, 17.10.1, 17.10.1a, 17.10.1b, 17.11.1, 17.11.1a, 17.12.1, 17.3.3, 17.3.3a, 17.3.4, 17.3.4a, 17.3.4b, 17.3.4c, 17.3.5, 17.3.5a, 17.3.5b, 17.3.6, 17.3.7, 17.5.1, 17.5.1a, 17.5.1b, 17.5.1c, 17.6.1, 17.6.1a, 17.6.1w, 17.6.1x, 17.6.1y, 17.6.1z, 17.6.1z1, 17.6.2, 17.6.3, 17.6.3a, 17.6.4, 17.6.5, 17.7.1, 17.7.1a, 17.7.1b, 17.7.2, 17.8.1, 17.8.1a, 17.9.1, 17.9.1a, 17.9.1w, 17.9.1x, 17.9.1x1, 17.9.1y, 17.9.1y1, 17.9.2, 17.9.2a, 17.9.3, 17.9.3a, 17.9.4, Bengaluru-17.5.1, Gibraltar-16.12.6

Relevant Products

Click on a version to see all relevant bugs

Affected versions:17.4.1

Top Cisco Defects

9.7Defect ID: CSCwq79831
Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability
9.7Defect ID: CSCvp36425
Cisco ASA & FTD Software Cryptographic TLS and SSL Driver Denial of Service Vulnerability
9.7Defect ID: CSCwq31287
Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability
9.7Defect ID: CSCwa47133
ISE Evaluation log4j CVE-2021-44228
9.7Defect ID: CSCwj74769
After [non]pairwise key enabling and reboot, bfd ip and port mismatch on device.

Ready to prevent the next vendor outage?

Get a demo

Cisco - Defect ID: CSCvv27849

Cat 9K & 3K: Unexpected reload caused by the FED process.

Cisco - Defect ID: CSCvv27849

Cat 9K & 3K: Unexpected reload caused by the FED process.

Last updated on December 1st, 2025

BugZero Risk Score8.0 High

Bug Details

Symptom

Conditions

Workaround

Further Problem Description

Top Cisco Defects

Ready to prevent the next vendor outage?

Links

BugZero Risk Score
8.0 High