Cisco Bug: CSCvv12127 - Series 3 policy deploy can fail when adding a large number of IPV4 source and destination AC rules.
Oct 13, 2020
- Cisco Firepower Management Center Virtual Appliance
Known Affected Releases
5.4.0 6.0.0 6.1.0 6.2.0 6.2.1 6.2.2 6.2.3 6.3.0 6.4.0
Symptom: Policy deploy is failing with the following logs: SF-IMS:  pm:blkbirdconfig [ERROR] Could not add NFM rule # 'fwrule-1-8894-26680' (Pri 26680) to the rules database: (993281) Failure nl-asmr-hmr-idps-ss01 SF-IMS:  pm:blkbirdconfig [ERROR] Validation failed to repopulate NFM rules for NFE0!: Invalid Argument rulesd0: too many unique ipv4_da values rulesd0: Device #0: could not add rule 'fwrule-1-9573-28732' SF-IMS:  pm:blkbirdconfig [ERROR] Could not add NFM rule # Conditions: Large number 5120+ of ipv4 destination and source AC rules. Series 3 device ex 8350
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases