Guest

Preview Tool

Cisco Bug: CSCvu71744 - LPTS Policing rate changes are not getting applied for domain policing

Last Modified

Sep 16, 2020

Products (1)

  • Cisco ASR 9000 Series Aggregation Services Routers

Known Affected Releases

7.3.1.BASE

Description (partial)

If user is updating LPTS domain flow policer rate (like below config),  then user can be impacted by this issue. I have shared the steps below for the user to confirm whether they are impacted by this issue or not. 

+++++ config for LPTS domain flow policer rate ++++++

lpts pifib hardware police
 domain D1
  flow bgp known rate 3000     <<< here its for BGP known flow. it can be for any flow
 !
!

So to confirm whether user impacted, user needs to verify whether the updated rate value is getting applied/programmed or not in platform. So the following steps can help to verify - 

Pre-requisite -
there is already domain flow policer config configured for any flow like below - 

lpts pifib hardware police
 domain D1   <<< domain name is D1 here.
  flow bgp known rate 3000   <<< here its for BGP known flow. it can be for any flow
 !
!

RP/0/RP0/CPU0:ios#show lpts pifib hardware police location <LC node> | i BGP-

BGP-known              32216   Global  3000      3584      0         1-D1    <<< 3000 rate is applied correctly for D1 in the platform


Step 1 -
Now user wants to update the rate to a new value - say 4000 from 3000, so the updated config post commit will be as follow - 
lpts pifib hardware police
 domain D1
  flow bgp known rate 4000   <<< user has changed the rate to a new value (4000)   
 !
!

Step 2 - now user can verify whether the new rate applied in platform by checking this show command, so user can confirm that whether user is hit by this issue or not.

RP/0/RP0/CPU0:ios#show lpts pifib hardware police location <LC node> | i BGP-

BGP-known              32216   Global  3000      3584      0         1-D1    <<< its still showing old value (3000) and the new value (4000) has not applied in platform. then user is hit by this issue.

Symptom:
So to confirm whether user impacted, user needs to verify whether the updated rate value is getting applied/programmed or not in platform. So the following steps can help to verify - 

Pre-requisite -
there is already domain flow policer config configured for any flow like below - 

lpts pifib hardware police
 domain D1   <<< domain name is D1 here.
  flow bgp known rate 3000   <<< here its for BGP known flow. it can be for any flow
 !
!

RP/0/RP0/CPU0:ios#show lpts pifib hardware police location <LC node> | i BGP-

BGP-known              32216   Global  3000      3584      0         1-D1    <<< 3000 rate is applied correctly for D1 in the platform


Step 1 -
Now user wants to update the rate to a new value - say 4000 from 3000, so the updated config post commit will be as follow - 
lpts pifib hardware police
 domain D1
  flow bgp known rate 4000   <<< user has changed the rate to a new value (4000)   
 !
!

Step 2 - now user can verify whether the new rate applied in platform by checking this show command, so user can confirm that whether user is hit by this issue or not.

RP/0/RP0/CPU0:ios#show lpts pifib hardware police location <LC node> | i BGP-

BGP-known              32216   Global  3000      3584      0         1-D1    <<< its still showing old value (3000) and the new value (4000) has not applied in platform. then user is hit by this issue.

Conditions:
This issue is related to LPTS domain flow policer rate update
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.