Cisco Bug: CSCvi96849 - Configuring neighbor with inactive global AFI/SAFI leads to BGP crash
Aug 14, 2018
- Cisco ASR 9000 Series Aggregation Services Routers
Known Affected Releases
Symptom: BGP process crash when neighbor with IPv4 Flowspec (or any other non-unicast SAFI) and IPv4 & IPv6 Unicast AF is going up. This combination of Address Families is for example used for BGP peering with Arbor Peakflow SP vDDoS, however issue is not specific to Arbor but will be seen with any BGP speaker configured in this way. Conditions: BGP neighbor in VRF has IPv4 Flowspec (or any other non-unicast SAFI) address-family configured under BGP, but *not* under global VRF configuration (outside of BGP). Sample of invalid configuration causing issue: !<BGP process configuration:> router bgp 1 address-family ipv4 unicast address-family ipv6 unicast address-family ipv4 flowspec vrf VRF1 neighbor 10.1.1.1 address-family ipv4 unicast address-family ipv6 unicast address-family ipv4 flowspec !<Global VRF cofniguration:> vrf VRF1 address-family ipv4 unicast address-family ipv6 unicast !<IPv4 flowspec address family not configured here>!
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases