Preview Tool

Cisco Bug: CSCte71038 - failover is triggered when config with huge acl is being applied

Last Modified

Feb 22, 2014

Products (1)

  • Cisco Catalyst 6500 Series Firewall Services Module

Known Affected Releases


Description (partial)


When compiling very large ACLs, the FWSM may not be able to process failover communication resulting in the units failing over or both becoming active. 
Closing the DDTS, as we donot prefer to meddle with the code stability further for such corner scenarios, as we see that the performance numbers are good enough for the standard sized configurations.

This issue can occur when the ACL compilation time is long enough to cause 3 failover hello misses (thus causing a failover event).
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.