Guest

Preview Tool

Cisco Bug: CSCvu08275 - Flowspec matched traffic dropped

Last Modified

Sep 24, 2020

Products (1)

  • Cisco Network Convergence System 560 Series Routers

Known Affected Releases

7.2.1.BASE

Description (partial)

Flowspec matched traffic dropped.

Symptom:
- BGP flowspec is configured between PE1 and PE3 over RR
- When I have the flowspec policy ( match destination 103.3.100.0/30) on PE1, send traffic from PE1 to PE2 ,  I do not see any stats in flowspec and all traffic is dropped
-  When I have the flowspec policy ( match destination 103.1.1.16/30) on PE1, send traffic from PE3 to PE1, I see the flowspec counters ( matched/transmit/drop). Policer action is working fine. Traffic comes to PE1 and then is dropped here ( nothing goes out to spirent)  
- Drop counters in traps are against ‘RxTrapArpMyIp’
PE1 is N560-RSP4-E and PE3 is N560-4-RSP4E. Also I have ‘hw-module flowspec ‘ CLI enabled on PE1 and not on PE2
-  When I remove ‘service-policy’ from flowspec, all traffic resumes.
- So issue seems to be on PE1 with service-policy configured

Conditions:
- BGP flowspec is configured between PE1 and PE3 over RR
- When I have the flowspec policy ( match destination 103.3.100.0/30) on PE1, send traffic from PE1 to PE2 ,  I do not see any stats in flowspec and all traffic is dropped
-  When I have the flowspec policy ( match destination 103.1.1.16/30) on PE1, send traffic from PE3 to PE1, I see the flowspec counters ( matched/transmit/drop). Policer action is working fine. Traffic comes to PE1 and then is dropped here ( nothing goes out to spirent)  
- Drop counters in traps are against ‘RxTrapArpMyIp’
PE1 is N560-RSP4-E and PE3 is N560-4-RSP4E. Also I have ‘hw-module flowspec ‘ CLI enabled on PE1 and not on PE2
-  When I remove ‘service-policy’ from flowspec, all traffic resumes.
- So issue seems to be on PE1 with service-policy configured
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.