Cisco Bug: CSCuo90746 - BGP optimizes outbound policy run even if policy contains rd match
Jul 20, 2018
- Cisco Carrier Routing System
Known Affected Releases
Symptom: Outbound policy may not correctly apply to the right set of VPN prefixes producing incorrect set of paths or attributes being advertised. Conditions: 1. There are remote RD VPN prefixes with different RDs, but identical set of attributes (except the nexthop). 2. The outbound policy matches on RD and takes different decisions (drop or set attributes) based on the RD match. 3. The remote RD routes are advertised to peers (e.g., inter-AS option B case). A remote RD route is a VPN route that was received, but not imported into a VRF. If multiple such routes exist and they have the same attributes, when advertising them out, the neighbor outbound policy is evaluated for only the first route. Subsequent routes use the same policy result. Now, if the result of the policy may be different, because the policy depends upon the RD, then those routes will be sent with the wrong attributes (as set by the previous policy result instead).
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases