Guest

Preview Tool

Cisco Bug: CSCvs73574 - On 16.6.x , 'system-cpp-police-forus' class-info is incorrect

Last Modified

Sep 01, 2020

Products (1)

  • Cisco Catalyst 9300 Series Switches

Known Affected Releases

16.6.7

Description (partial)

Symptom:
Host packets like ICMP/SSH  go to system-cpp-police-forus class.
However in the qos copp class-info, there is no matching access list. Need correct the class-info output.

KLANSW-9348T-1#sh platform software qos copp class-info | b system-cpp-police-forus
 class-map match-any system-cpp-police-forus
   description Forus Address resolution and Forus traffic
   match access-group name system-cpp-ipv6-match-forus
   match access-group name system-cpp-ipv4-match-forus-mpls
   match access-group name system-cpp-mac-match-forus-addr
    ipv6 access-list system-cpp-ipv6-match-forus
      permit icmp any FE80::/10 nd-na
      permit icmp any any nd-na
      permit icmp any FE80::/10 nd-ns
      permit icmp any any nd-ns
    ip access-list extended system-cpp-ipv4-match-forus-mpls
      permit udp any 127.0.0.0 0.0.0.255 eq 3503
    mac access-list extended system-cpp-mac-match-forus-addr
      permit any FFFF.FFFF.FFFF 0.0.0 2054 0

Conditions:
checking show platform software qos copp class-info output to understand what traffic type is matched by which COPP class-map
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.