Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
725
Views
0
Helpful
3
Replies

CSCul34143 - ENH Need to optimise messages printed on upgrade from 8.2- to 8.3

yogesh.suryawanshi
Level 1
Level 1

‎12-02-2013 02:55 AM - edited ‎03-20-2019 08:07 PM

Hi All,

Can someone explain more about this bug. what are the print messages? can this leads to code conversion from 8.2 to 8.4 go on loop. If yes how?

Labels:
0 Helpful
3 Replies 3

David White
Cisco Employee
Cisco Employee

‎12-02-2013 06:59 AM

Hi Yogesh,

Sure, I'd be happy to.

This enhancement bug is filed to see if we can optimize the number of messages printed to the CONSOLE during the upgrade process.  Specifically, during the migration process, all static statements are migrated, but they must also be compared with nat 0 ACL statements - which indicate do NOT NAT.  If there is an overlap with the ACEs (which indicate what not to NAT) and the static statements, then a message like the following will be printed.

WARNING: MIGRATION: ACE converted to real IP/port values based on 
dynamic/static Policy NAT. The new ACE(s) need to be checked for enforcing policy NAT ACL
     permit ip host 10.5.2.1 host 10.7.4.8

Now, if you have thousands of ACEs in your NAT 0 statements - which overlap with static statements, then you will get one of the above warning messages for each overlapping ACE.  This can cause the migration to take  longer, as each message must be printed to the 9600 baud Console port. 

The bug is filed to see if this can be enhanced.

Hope it helps,

David.

0 Helpful

yogesh.suryawanshi
Level 1
Level 1
In response to David White

‎12-02-2013 09:56 PM

Thank you David, Appreciate your quick response. Yes that makes sense to enhance printing at console & in backend you can have those messages logged in flash to engineers can view it for verifications purpose. Hope to get good news on this as we have instances where conversion went for more than 10 hours for 2 mb of 8.2 config. { 2 mb is smallest config size in our environment}

Just have another query, does cisco has any utility which will help customer to analyze 8.2 config & identity NATs or config which could take longer time & convert wrong nat { we had experienced those lot}. If we can identify those then we can go for manual conversion of those however entire nats cannot done manual because we have very huge config..

Thanks & Regards

Yogesh

0 Helpful

David White
Cisco Employee
Cisco Employee
In response to yogesh.suryawanshi

‎12-03-2013 10:25 AM

Hi Yogesh,

Yes - today the message is printed to both the physical console as well as written to flash.  One idea is to not print to the console for these messages (or provide a summary) to speed this up.

Unfortunately, we do not have an external tool available which will perform the migration (or alert you to overlapping NAT statements which could run into this conflict.)  However, we are investigating what it would take to do this, and how many customers would be interested in using this.

Thanks for your feedback!

Sincerely,


David.

0 Helpful
Customers Also Viewed These Support Documents