Guest

Preview Tool

Cisco Bug: CSCvv66920 - Inner flow: U-turn GRE flows trigger incorrect connection flow creation

Last Modified

Oct 13, 2020

Products (1)

  • Cisco Adaptive Security Appliance (ASA) Software

Known Affected Releases

9.12(2.33)

Description (partial)

Symptom:
Traffic outage due to incorrect packet forwarding of GRE tunnel packets

"bad" GRE tunnel connections observed with ingress and egress interfaces the same:
UDP gre_outside 10.1.2.1:5001 gre_outside 11.1.2.1:44845, idle 0:00:01, bytes 1, flags -pN1 ====> Corrupt
UDP gre_outside 10.1.2.1:5001 gre_inside 11.1.2.1:37283, idle 0:01:54, bytes 1, flags -pN1
GRE gre_outside 10.1.1.2:0 gre_outside 11.1.1.2:0, idle 0:00:01, bytes 0, flags LN ==============> Corrupt
GRE gre_outside 10.1.1.2:0 gre_inside 11.1.1.2:0, idle 0:01:54, bytes 0, flags LN

Conditions:
FTD 6.4.0.9, with GRE inner flow processing enabled and GRE tunnels traversing FTD data interfaces
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.