Preview Tool

Cisco Bug: CSCvs53247 - ACI OSP plugin don't support all named IP protocols for Security Group rules

Last Modified

Jan 15, 2020

Products (1)

  • Cisco Application Policy Infrastructure Controller (APIC)

Known Affected Releases


Description (partial)

It seems our plugin supports only some named IP protocols for SG rules:
ip_protocol = {'0': UNSPECIFIED, '1': 'icmp', '2': 'igmp', '6': 'tcp',
               '8': 'egp', '9': 'igp', '17': 'udp', '58': 'icmpv6',
               '88': 'eigrp', '89': 'ospfigp', '103': 'pim', '115': 'l2tp'}
However, OpenStack at the moment allows more named IP protocols:
--protocol <protocol>
IP protocol (ah, dccp, egp, esp, gre, icmp, igmp,
ipv6-encap, ipv6-frag, ipv6-icmp, ipv6-nonxt,
ipv6-opts, ipv6-route, ospf, pgm, rsvp, sctp, tcp,
udp, udplite, vrrp and integer representations [0-255]
or any; default: tcp)

Using named IP protocols for security group rules
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.