Cisco Bug: CSCvu22299 - [ESG]:VRF VNID translation is deleted after un-deploying a graph and deleting all ESGs under a VRF
Oct 03, 2020
- Cisco Nexus 9000 Series Switches
Known Affected Releases
Symptom: VRF communication between two EPGs is disrupted when the last endpoint security group (ESG) under this VRF table that is using a different contract (with a service graph) is removed and service-graph contract is un-deployed. One of the EPGs is in the main datacenter (that is, behind a local leaf switch) and other EPG is behind a remote location (that is, behind a remote leaf switch). Conditions: This issue occurs if the following conditions are met: 1. There is intra-VRF communication between two EPGs - one each in a local leaf switch and a remote leaf switch. 2. Use a service graph contract between two different ESGs in the same VRF table. 3. Delete the ESGs in this VRF table one by one. 4. Undeploy the service-graph contract between the ESGs in step (2). Deleting the last ESG results in traffic disruption for the EPGs in step (1).
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases