6.5.4.9-93n - NSM without NSM, wait what?
BWC
Cybersecurity Overlord ✭✭✭
Hi,
today I saw some log messages, which does not make much sense, because they are NSM related, but I don't have any NSM licensed (CSC-MA a year ago, but completly wiped) and even ZeroTouch is disabled.
NSM:BW Changed for X0 -- old: 125000000.000000 new: 0.000000 NSM:ifWalkCb(1) - calling nsm_if_down for X0 NSM:UPDATE: Interface X0 down NSM:ifWalkCb(2) - calling nsm_if_up for X0 NSM:BW Changed for X0 -- old: 0.000000 new: 125000000.000000
Any idea what could cause this? I'am not amused if some behind the scenes magic is tinkering with my settings.
--Michael@BWC
Category: Entry Level Firewalls
Tagged:
0
Answers
@BWC - Michael, I did a quick Google search of the string "ifWalkCb" and the first page that came up was this:
Notice the name in the first bullet.
Do you have ARS enabled on this device? If so, these messages are - more than likely - associated with that service (not the other one).
Hi @Larry yes indeed I have ARS enabled on that device, I don't really need it (maybe was playing with it a while back) so I disabled it and see if it changes anything.
Weirdly that ARS is tinkering with BWM settings, but who I'am to judge.
While searching for ifWalkCb it's a bit odd that the article came up, because ifWalkCb is not mentioned in the article or the code.
--Michael@BWC
@BWC - Michael, thanks for this post. I got an early morning "device down" alert from an Aruba cloud-based switch at a client site.
A careful look of the Gen 7 log showed X0 and X4 going down - followed by those cryptic NSM messages. A few minutes later they came back - along with some more cryptic NSM messages.
Going to turn off ARS off-hours.
Still no telling why the device suddenly decided to take out the LAN and the Wi-Fi like that. So, off to build a support case I go...