Guest

Preview Tool

Cisco Bug: CSCvv56871 - Service-policy command added to interface from template following a reload

Last Modified

Oct 22, 2020

Products (1)

  • Cisco 2600 Series Multiservice Platforms

Known Affected Releases

16.12.4

Description (partial)

Symptom:
With the following configuration in place, the service-policy command should not be seen at interface level when a show run interface x/x is executed:

TEST#sh run int gi3/0/1
Building configuration...

Current configuration : 117 bytes
!
interface GigabitEthernet3/0/1
 description UserPort
 source template DATA_VOICE_VLAN
 spanning-tree portfast
end
!
template DATA_VOICE_VLAN
 dot1x pae authenticator
 storm-control broadcast level 5.00
 storm-control action shutdown
 switchport access vlan 203
 switchport mode access
 switchport voice vlan 11
 switchport port-security maximum 10
 switchport port-security
 mab
 access-session control-direction in
 access-session port-control auto
 authentication periodic
 service-policy type control subscriber TEST_DOT1X
 service-policy input mark-traffic
 description User Access Port
!
However, following a reload, the configuration at the interface level shows this:

TEST#sh run int gi3/0/1
Building configuration...

Current configuration : 152 bytes
!
interface GigabitEthernet3/0/1
 description UserPort
 source template DATA_VOICE_VLAN
 spanning-tree portfast
 service-policy input mark-traffic
end
!
template DATA_VOICE_VLAN
 dot1x pae authenticator
 storm-control broadcast level 5.00
 storm-control action shutdown
 switchport access vlan 203
 switchport mode access
 switchport voice vlan 11
 switchport port-security maximum 10
 switchport port-security
 mab
 access-session control-direction in
 access-session port-control auto
 authentication periodic
 service-policy type control subscriber TEST_DOT1X
 service-policy input mark-traffic
 description User Access Port
!
!
The service-policy command is showing at the interface level and on the template. When a user tries to remove the service-policy from the interface level the parser accepts the command but it has no effect:

TEST#sh run int gi3/0/1
Building configuration...

Current configuration : 152 bytes
!
interface GigabitEthernet3/0/1
 description UserPort
 source template DATA_VOICE_VLAN
 spanning-tree portfast
 service-policy input mark-traffic
end

TEST#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
TEST(config)#int gi3/0/1
TEST(config-if)#no  service-policy input mark-traffic
TEST(config-if)#do sh run int gi3/0/1
Building configuration...

Current configuration : 152 bytes
!
interface GigabitEthernet3/0/1
 description UserPort
 source template DATA_VOICE_VLAN
 spanning-tree portfast
 service-policy input mark-traffic
end
!

Conditions:
Service-policy applies through template to different interfaces. Following a reload the configuration is showing directly on the interfaces.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.