Symptom
After a reload of the Nexus 7700 switch access-lists might not be programmed for specific features in hardware for some vlans.
interface Vlan2080
ip access-group test-RACL in
ip flow monitor Flow1 input sampler Flow1
no ip redirects
ip address x.x.x.x/x
ip ospf bfd disable
ip policy route-map PBR-RM <--------------
hsrp version 2
hsrp 2080
ip x.x.x.x
N7k-1-AGG# sh system internal access-list module 1 | b 2080
VLAN 2080 :
=========
Policies in ingress direction:
Policy type Policy Id Policy name
------------------------------------------------------------
RACL 9 test-RACL
PBR e PBR-RM
Netflow Sampler (SVI) 80000401
N7k-1-AGG# copy r s
[########################################] 100%
Copy complete.
N7k-1-AGG# switchback
N7k-1# reload
This command will reboot the system. (y/n)? [n] y
+ After reload of the switch verify configuration on SVI still includes the PBR policy
N7k-1-AGG# sh run int vlan 2080
interface Vlan2080
ip access-group test-RACL in
ip flow monitor Flow1 input sampler Flow1
no ip redirects
ip address x.x.x.x/x
ip ospf bfd disable
ip policy route-map PBR-RM <--------------
hsrp version 2
hsrp 2080
ip x.x.x.x
+ Verify ACL programming after the reload. This step shows PBR is no longer programmed
N7k-1-AGG#
N7k-1-AGG#
N7k-1-AGG#
N7k-1-AGG# sh system internal access-list module 1 | b 2080
VLAN 2080 :
=========
Policies in ingress direction:
Policy type Policy Id Policy name
------------------------------------------------------------
RACL a test-RACLl
Netflow Sampler (SVI) 80000401
Conditions
Nexus 7700 with N77-F348XP-23 modules running RACL, PBR, Netflow, DHCP relay etc on the same SVI and then reloading/power-cycle. This has been tested on NXOS versions 6.2(18) and 8.4(4)
Workaround
Remove/re-add the configuration for the specific feature that is showing not programmed in hardware
Further Problem Description
