OPERATIONAL DEFECT DATABASE
...
...
"show platform hard fed .. forward last summary" does not include CPU as one of the egress ports for the ICMP Unreachable in case of egress ACL Setup C9300(config)#int vlan 10 C9300(config-if)#no ip acc C9300(config-if)#no ip acces C9300(config-if)#no ip access-group 110 in C9300(config-if)#int gig 1/0/3 C9300(config-if)#ip *Sep 10 14:40:26.994: %PIM-5-NBRCHG: neighbor 10.10.10.10 UP on interface Vlan10 *Sep 10 14:40:26.994: %PIM-5-DRCHG: DR change from neighbor 10.10.10.1 to 10.10.10.10 on interface Vlan10 C9300(config-if)#ip access-group 110 out C9300(config-if)#^Z C9300#conf t *Sep 10 14:40:56.886: %SYS-5-CONFIG_I: Configured from console by console Verification C9300#$f8fc.4882 70d3.79be.6cc6 ipv4 10.10.10.10 30.30.30.30 icmp 0 0 Show forward is running in the background. After completion, syslog will be generated. Outputs C9300#show platform hardware fed switch 1 forward last summary Input Packet Details: ###[ Ethernet ]### dst = 70:d3:79:be:6c:c6 src = 2c:36:f8:fc:48:82 type = 0x8100 ###[ 802.1Q ]### prio = 0L id = 0L vlan = 10L type = 0x800 ###[ IP ]### version = 4L ihl = 5L tos = 0x0 len = 28 id = 1 flags = frag = 0L ttl = 64 proto = icmp chksum = 0x2a91 src = 10.10.10.10 dst = 30.30.30.30 options = ###[ ICMP ]### type = echo-reply code = 0 chksum = 0xffff id = 0x0 seq = 0x0 ###[ Padding ]### load = '00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00' Ingress: Port : Global Port Number : 1416 Local Port Number : 0 Asic Port Number : 0 Asic Instance : 1 Vlan : 10 Mapped Vlan ID : 6 STP Instance : 4 BlockForward : 0 BlockLearn : 0 L3 Interface : 41 IPv4 Routing : enabled IPv6 Routing : enabled Vrf Id : 0 Adjacency: Station Index : 177 Destination Index : 21083 Rewrite Index : 24 Replication Bit Map : 0x4 ['localData'] Decision: Destination Index : 21083 Rewrite Index : 24 Dest Mod Index : 0 [IGR_FIXED_DMI_NULL_VALUE] CPU Map Index : 0 [CMI_NULL] Forwarding Mode : 3 [Other or Tunnel] Replication Bit Map : ['localData'] Winner : L3FWDIPV4 LOOKUP Qos Label : 1 SGT : 0 DGTID : 0 Egress: Possible Replication : Port : GigabitEthernet1/0/3 Output Port Data : Port : GigabitEthernet1/0/3 Global Port Number : 3 Local Port Number : 3 Asic Port Number : 2 Asic Instance : 1 Unique RI : 24 Rewrite Type : 9 [L3_UNICAST_IPV4] Mapped Rewrite Type : 9 [L3_UNICAST_IPV4] Vlan : 10 Mapped Vlan ID : 6 ***DROP*** due to denyRoute (suppress CPU) ******************************************************************************** Despite of receiving UUUUUU packets from the switch where the egress ACL is applied - CPU is not on the list of egress ports
Click on a version to see all relevant bugs
Cisco Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
