[c-nsp] ASR920: egress ACL on BDIs

Nathan Lannine nathan.lannine at gmail.com
Sun Jan 19 08:14:04 EST 2020

> This bug not only affects ACLs but other commands as well. Unsure if it is
> fixed in newest XE versions. Could this also affect you?
Aside from this behavior, XE in the enterprise access layer is full of bugs
related to ACLs.  We've recently begun a practice of maintaining two
distinct versions of every ACL so we can swap them on interfaces after
modifying the unused one.  Modifying a used one in-place results in some
degree of data plane failure on affected interfaces, i.e. they stop passing
all or some subset of traffic.  Even on "fixed" code, the problem persists,
though less frequently.

More information about the cisco-nsp mailing list