Preview Tool

Cisco Bug: CSCuq29824 - Python PSS: L3 ACL prefix_len should be 32/128 when not set explicitly

Last Modified

Feb 06, 2017

Products (1)

  • Cisco Support Tools

Known Affected Releases


Description (partial)

While configuring an L3 ACL on a Network Element using a Python onePK app, when the wildcard mask is not specified (i.e. prefix_len is not set explicitly) then it currently gets set to 0. 

Which as a mask means that we do not care about any bits in the src/dst IP address. And what gets configured on the network element is "any"

The correct behavior is for prefix_len to get set to 32 for IPv4 addresses & 128 for IPv6 address, when it is not set explicitly.

From the IOS config guide at this link:


If you do not supply a wildcard mask with a source or destination address in an access list statement, the software assumes an implicit wildcard mask of, meaning all values must match.


onePK Python SDK version:  onePK-sdk-python-rel-
N7K image:  n7000-s2-dk9.7.1.0.D1.0.213.gbin
IOS image:  c3900-universalk9-mz.SSA.155-0.8.T
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.