Preview Tool

Cisco Bug: CSCvs18568 - Cosmetic: Post ND ISSU remove/add NAT on interface, ACLQOS "TCP NAT allocated region index exceeded"

Last Modified

May 14, 2020

Products (1)

  • Cisco Nexus 9000 Series Switches

Known Affected Releases

9.3(1) 9.3(3)IDI9(0.684)

Description (partial)

The following message is appearing after removing and re-adding the NAT configuration under a L3 interface but the TCP NAT TCAM utilization is not full   

   (config)# int X
   (config-if)# no ip nat inside
   (config-if)# ip nat inside

Symptoms:  upon failure of re-enabling 'ip nat inside', each affected platform type raises a platform specific syslog message

   'show logging log'
    %ACLQOS-SLOT1-2-ACLQOS_FAILED: ACLQOS failure: TCP NAT allocated region index exceeded. 

   'show logging log'
    %NAT-2-HW_PROG_FAILED: Hardware programming for NAT failed:Sufficient free entries are not available in TCAM bank

N9K-C9364C or N9K-...-FX2 running NXOS:
  - 9.3(2) or before
  - 9.2(4) or before

A Non Disruptive ISSU has been performed on the switch (and no reload since then)
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.