01-01-2009 03:13 AM - edited 03-06-2019 03:13 AM
Hello all,
Since I do not have access to the TAC, I figured the best place to tell Cisco about this problem is on here, please let me know if there is a better way to report bugs if you do not have TAC access.
I searched the bug db but couldn't find any bug that looked like this one.
I have a Cisco 877W with Advanced IP services/K9 IOS 12.4(11)XJ4, as far as I know the latest available software for this box.
The bug is in the syntax of IPv6 access-lists, when you enter an IPv6 access-list you have the following possible keywords:
Cisco877W(config)#ipv6 access-list IP6-OUTSIDE-IN
Cisco877W(config-ipv6-acl)#?
IPv6 Access List configuration commands:
default Set a command to its defaults
deny Specify packets to reject
evaluate Evaluate an access list
exit Exit from access-list configuration mode
no Negate a command or set its defaults
permit Specify packets to forward
remark Access list entry comment
sequence Sequence number for this entry
<cr>
However, after entering a sequence number, the number of keywords is much more limited:
Cisco877W(config-ipv6-acl)#sequence 10 ?
deny Specify packets to reject
permit Specify packets to forward
remark Access list entry comment
Especially 'evaluate' is missing.
Not really a problem as you can also enter the sequence number at the end of the line, or even just enter the lines in the right sequence without a sequence number.
But...
After entering the commands in one of the ways above, they end up in the running config like this:
ipv6 access-list IP6-OUTSIDE-IN
sequence 5 permit icmp any any
sequence 10 evaluate IP6-OUTSIDE-OUT-REFLECT
sequence 15 deny ipv6 any any log
thus, after a write, this will also be in startup-config... and after a reload, the following is displayed:
sequence 10 evaluate IP6-OUTSIDE-OUT-REFLECT
^
% Invalid input detected at '^' marker.
and the line is no longer in my running, effectively disabling my IPv6 access...
I would appreciate it if one of the Cisco-employees here could report this as a bug (or tell me in what way I am horribly wrong ;-) )
Thanks,
Jeroen
01-01-2009 07:11 PM
Hi Jeron,
This Error "% Invalid input detected at "^" marker." state you entered the command incorrectly. The caret (^) marks the point of the error.
Enter a question mark (?) to display all the commands that are available in this command mode. The keywords that you are allowed to enter for the command appear.
01-03-2009 04:02 AM
Sureh,
Please read my message again, it is not me who enters the command wrong, it's the router itself that enters a command into startup config that it after a subsequent reload does not understand.
Jeroen
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: