Guest

Preview Tool

Cisco Bug: CSCuw44751 - [ATT 532] IPv6 LI intercept sending more than requested IP range

Last Modified

Aug 06, 2018

Products (8)

  • Cisco ASR 9000 Series Aggregation Services Routers
  • Cisco IOS XR Software
  • Cisco ASR 9922 Router
  • Cisco ASR 9010 Router
  • Cisco ASR 9904 Router
  • Cisco ASR 9006 Router
  • Cisco ASR 9001 Router
  • Cisco ASR 9912 Router

Known Affected Releases

5.3.2.BASE

Description (partial)

Symptom:
LI Functionality is Broken for /126 Prefix
Issue is Lawful Intercept Functionality, its taping more prefixes which it supposed to tap. It is like a security breach. 

With the /126 we should would expect to capture only packets with the
following addresses:
café:1890:8a9d:9800:0:0:11b7:8
café:1890:8a9d:9800:0:0:11b7:9
café:1890:8a9d:9800:0:0:11b7:a
café:1890:8a9d:9800:0:0:11b7:b

But it is tap all the addresses 

café:1890:8a9d:9800:0:0:11b7:4
café:1890:8a9d:9800:0:0:11b7:9
café:1890:8a9d:9800:0:0:11b7:a
café:1890:8a9d:9800:0:0:11b7:b
café:1890:8a9d:9800:0:0:11b7:8
café:1890:8a9d:9800:0:0:11b7:9
café:1890:8a9d:9800:0:0:11b7:a
:
:
:
café:1890:8a9d:9800:0:0:11b7:f

Conditions:
every time
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.