[c-nsp] Strange tcam mask
Sergey Nikitin
oldnick at oldnick.ru
Thu Sep 23 10:19:37 EDT 2010
Hi all,
Introduction:
1) Catalyst 6500 (SUP-720, 12.2(33)SXI1) is ok:
Cat6500#show run int vl2222
!
interface Vlan2222
ip address 192.168.77.1 255.255.255.252
ip access-group 2222 in
end
Cat6500#show access-lists 2222
Extended IP access list 2222
10 permit udp any host 192.168.77.2 eq domain
Cat6500#show tcam interface vlan 2222 acl in ip
* Global Defaults not shared
Entries from Bank 0
## permit udp any host 192.168.77.2 fragments
permit udp any host 192.168.77.2 eq domain
deny ip any any
Entries from Bank 1
2) Cisco 7600 (RSP-720, 12.2(33)SRE) is not ok:
C7600#show run int vl2222
!
interface Vlan2222
ip address 192.168.77.1 255.255.255.252
ip access-group 2222 in
end
C7600#show access-lists 2222
Extended IP access list 2222
10 permit udp any host 192.168.77.2 eq domain
C7600#show tcam interface vlan 2222 acl in ip
* Global Defaults not shared
Entries from Bank 0
## permit udp any any fragments
permit udp any host 192.168.77.2 eq domain
deny ip any any
Entries from Bank 1
The C7600 make a wrong mask in tcam (line with ##). I couldn't find any
bug related. Does anybody seen the same acl mask behavior on 7600?
--
Thanks
Sergey
More information about the cisco-nsp
mailing list