Preview Tool

Cisco Bug: CSCvu22299 - [ESG]:VRF VNID translation is deleted after un-deploying a graph and deleting all ESGs under a VRF

Last Modified

Oct 03, 2020

Products (1)

  • Cisco Nexus 9000 Series Switches

Known Affected Releases


Description (partial)

VRF communication between two EPGs is disrupted when the last endpoint security group (ESG) under this VRF table that is using a different contract (with a service graph) is removed and service-graph contract is un-deployed. One of the EPGs is in the main datacenter (that is, behind a local leaf switch) and other EPG is behind a remote location (that is, behind a remote leaf switch).

This issue occurs if the following conditions are met:

1. There is intra-VRF communication between two EPGs - one each in a local leaf switch and a remote leaf switch.
2. Use a service graph contract between two different ESGs in the same VRF table.
3. Delete the ESGs in this VRF table one by one.
4. Undeploy the service-graph contract between the ESGs in step (2).

Deleting the last ESG results in traffic disruption for the EPGs in step (1).
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.