Guest

Preview Tool

Cisco Bug: CSCuq25060 - Object-group and ACL modify in one commit failed

Last Modified

May 12, 2018

Products (1)

  • Cisco Carrier Routing System

Known Affected Releases

4.3.4.BASE 5.3.0.BASE

Description (partial)

Symptom:

User attempts to do the following:

Create an object-group and its members, and create an ACE
for an ACL already applied on an interface, such that this
ACE references the being-created obj-group. Do all these
operations in one commit. The commit failed, with an error
indicating the just-to-be-created object-group cannot be
found. Checking the running-config after the failure, user
finds that neither the new ACE nor the object-group is
created. 

This only happens with IPv6 ACL. The same situation with
IPv4 ACL does not lead to the above error


Conditions:

(1) The object-group does not exist on the system before hand
(2) The ACL is already applied on one or more interfaces
(3) The ACL is an IPv6 ACL
(4) One or more ACEs are added to/edited in the IPv6 ACL
(5) These ACEs references object-group as described in (1)
(6) The ACL-related and object group-related configs are
    being attempted in one single commit
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.