A number of Cisco change fashions are out of the blue experiencing reboot loops after logging deadly DNS shopper errors, in keeping with stories seen by BleepingComputer.
Beginning at roughly 2 AM, what seems to be a firmware bug within the switches’ inside DNS shopper service started treating DNS lookup failures as deadly errors, inflicting affected gadgets to reboot repeatedly.
Switches impacted by the bug are logging deadly errors much like the next earlier than rebooting:
DNS_CLIENT - SRCADDRFAIL - Result's 2. Did not determine deal with for specified identify 'www.cisco.com.', requested addr kind 2. ***** FATAL ERROR ***** Reporting Activity: DNSC. [debug data] ***** END OF FATAL ERROR *****
Primarily based on stories from directors who contacted BleepingComputer, Reddit discussions, and Cisco Group discussion board [1, 2] posts, the deadly errors originate from the DNSC (DNS Consumer) activity and happen when the switches try and resolve “www.cisco.com” and NTP time servers.
Directors report that the reboot cycle repeats each jiffy, severely disrupting community operations.
“The cycle repeats each jiffy. That is clearly fairly disruptive and I am not going to have the ability to maintain operations like this for very lengthy,” a Cisco buyer wrote on Reddit.
Primarily based on stories, the bug seems to influence a variety of Cisco change fashions, together with:
- Cisco CBS250 collection
- Cisco CBS350 collection (together with the CBS350-24P-4G)
- Cisco Catalyst C1200 collection
- Cisco SG350
- Cisco SG350X
- Cisco SG550X collection
A number of directors report that the failures started across the identical time throughout separate networks, suggesting the difficulty was globally triggered or tied to a time-based situation.
Whereas Cisco has not but publicly disclosed the basis trigger, BleepingComputer was informed that Cisco assist acknowledged the difficulty to at the least one buyer, stating it impacts CBS, SG, and Catalyst 1200/1300 switches.
For now, directors have found momentary workarounds that cease the reboot loops, together with disabling DNS decision, disabling SNTP or time synchronization, and blocking outbound web entry from change administration interfaces.
A number of customers report that disabling DNS configurations stopped the reboot loops, even when DNS servers had been reachable and functioning usually. In Cisco Group discussion board posts, customers additionally confirmed that eradicating DNS decision resolved the reboot loops.
BleepingComputer has contacted Cisco for remark and can replace this text as extra data turns into obtainable.
As MCP (Mannequin Context Protocol) turns into the usual for connecting LLMs to instruments and information, safety groups are shifting quick to maintain these new providers protected.
This free cheat sheet outlines 7 finest practices you can begin utilizing at present.
