Cisco APIC 4.2(5n) released

Release 4.2(5n) became available on October 19, 2020.

2 min read
By prox
Cisco APIC 4.2(5n) released

This release consist of open and resolved issues. No new software features have been added.

Resolved issues


After an APIC has finished upgrading and has reloaded, the ifc_reader crashes about 6x times in 7 minutes. Afterward, the ifc_reader service stops, which causes Cisco APIC communication issues. ifc_reader DME issues are not reflected in the AV health values, rvread, nor the Cisco APIC GUI. acidiag avread, rvread, and the Cisco APIC GUI report a fully fit cluster. Cisco APIC GUI alarms raise a "split fabric" alert, and crashes in the NGINX process may be observed.


  • Duplicate DHCP leases are leased out by a Cisco APIC to a Cisco ACI Virtual Edge virtual machine VTEP intfs (kni0/kni2).
  • OpflexODev managed objects are not created due to duplicate opflexIDEp managed objects for these overlapping Cisco ACI Virtual Edge virtual machine VTEP intfs
  • The affected Cisco APIC sets a DHCP Pool to available (usable-recovery) again instead of "recovery". The latter prevents leases from being allocated from the pool.
  • The affected Cisco APIC will keep this until the DHCPD DME is shut down on it manually, which requires root access.
  • This issue is caused by a race condition whereby the Cisco APIC recovers the DHCP managed objects (lease/client) before reading the fabric node vector (FNV) entries.
  • After an firmware upgrade, the Cisco APICs can only recover the DHCP client/lease managed objects by reading the FNV entries first, and therefore this needs to happen in that order.


After logging into the Cisco APIC GUI on release 4.2(4) and later and you open multiple tabs, after several minutes the browser becomes slower and there are high spikes in the client CPU and memory usage. This causes the GUI to slow down.


Cisco APICs diverge and the Cisco APIC cluster doesn't reach the fully-fit state during a Cisco APIC fabric upgrade or Cisco APIC reboot.

The Cisco APIC cluster diverges and does not reach the 'fully-fit' state if both of the following conditions are true:

  1. A Cisco APIC is upgrading or downgrading from 4.2(5l) to another release, or a Cisco APIC is rebooting.
  2. The Attachable Entity Profile (AEP) for the Cisco APIC connected port has Infra VLAN enabled. The Infra VLAN is deployed on the Cisco APIC connected port explicitly by the user configuration.