Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

no access-group xyz out egress hardware-count issue.

                   Hello cisco team,

We faced with an issue on XR 4.2.1.

After we had removed access-group from interface:

interface Bundle-Ether4.89

service-policy output INET89

ipv4 mtu 1500

ipv4 point-to-point

ipv4 address

ipv4 verify unicast source reachable-via any allow-self-ping allow-default

ipv4 unreachables disable

lldp

  transmit disable

!

load-interval 30

flow ipv4 monitor proton sampler proton ingress

flow ipv6 monitor proton-v6 sampler proton ingress

encapsulation dot1q 89

ipv4 access-group mtk-inet-out egress hardware-count

!

:

interface Bundle-Ether4.89
description Mostelekom Internet
service-policy output INET89
ipv4 mtu 1500
ipv4 point-to-point
ipv4 address ipv4 verify unicast source reachable-via any allow-self-ping allow-default
ipv4 unreachables disable
lldp
  transmit disable
!
load-interval 30
flow ipv4 monitor proton sampler proton ingress
flow ipv6 monitor proton-v6 sampler proton ingress
encapsulation dot1q 89
ipv4 access-group mtk-inet-out egress hardware-count
!

*********************************

#show configuration commit changes 1000001011

Tue Nov 19 12:57:36.421 MSK

Building configuration...

!! IOS XR Configuration 4.2.1

interface Bundle-Ether4.89

no ipv4 access-group mtk-inet-out egress

!

end

the cisco router stopped ldp/ospf peering with all neighbors. Also, router didn't answer on ping. The issue resolved only after reboot.

There was no any strange messages in logs.

Does anyone can help us what is wrong?

Regards,

Konstantin

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

no access-group xyz out egress hardware-count issue.

there was a known bug with acl modification in XR421.

from the looks of it, sounds like you're hitting that.

recommend using 423 (which has a load of smu's) or 434 that is coming out any day now.

regards

xander

Xander Thuijs CCIE #6775 Principal Engineer ASR9000, CRS, NCS6000 & IOS-XR
5 REPLIES
New Member

no access-group xyz out egress hardware-count issue.

Hello,

One comment.

The ACL is very big (1500 string).

Regards,

Konstantin

Cisco Employee

no access-group xyz out egress hardware-count issue.

there was a known bug with acl modification in XR421.

from the looks of it, sounds like you're hitting that.

recommend using 423 (which has a load of smu's) or 434 that is coming out any day now.

regards

xander

Xander Thuijs CCIE #6775 Principal Engineer ASR9000, CRS, NCS6000 & IOS-XR
New Member

no access-group xyz out egress hardware-count issue.

Hi Alexander,

Thanks.

Could you provide me a bug detail?

Regards,

Konstantin

New Member

no access-group xyz out egress hardware-count issue.

Do you mean CSCuc94735?

Regards,

Konstantin

Cisco Employee

no access-group xyz out egress hardware-count issue.

hi konstantin,

I am checking the ddts's quickly, but I cant find it that quickly. I verified the contents of smu pack1 for 421 which does not have the fix either.


if there is a possibility I would either verify 423 with all the smu's or wait for XR434 which is coming out any day now.

if I find the relevant ddts I will post it.

the one you have is not the one I had in mind, but nice find either way!

cheers!

xander

Xander Thuijs CCIE #6775 Principal Engineer ASR9000, CRS, NCS6000 & IOS-XR
525
Views
0
Helpful
5
Replies
CreatePlease to create content