Re: ACL on Nexus 9000 - behavior difference

M.Fly · ‎04-13-2022

Good morning,

i have strange behavior on two Nexus 9000
same identical configuration also compared with diff
same identical ACLs
scanning with nmap on specific ports returns different results

For the first Nexus for example, the 161udp port result filtered, on the second Nexus with the same ACL and CoPP configuration result open.

No difference in CoPP config or ACL config, the ACL match in same way.

Any idea?

And also, same NXOS on Nexus.

Very curious, any idea on some show command to find the difference?

Many thanks to all.

Georg Pauwen · ‎04-13-2022

Hello,

could just be an NMAP false positive. Which parameters are you using for the scan ?

M.Fly · ‎04-13-2022

For the scan i use the same parameter:

nmap -A -Pn -sU -sT -p 161 10.10.10.1

The same server used for scan, same network.

Georg Pauwen · ‎04-13-2022

Hello,

are both Nexus using the same SNMP version ?

M.Fly · ‎04-13-2022

Same SNMP version, same configuration of SNMP, same NXOS and same hardware:

Software
BIOS: version 05.38
NXOS: version 7.0(3)I7(9)

Hardware
cisco Nexus9000 C93180YC-FX Chassis

M.Fly · ‎04-15-2022

Anyone have an idea???

M.Fly · ‎05-07-2022

Is possible that the CoPP is the issue?

The IP of SNMP polling is owned by the NX9K, the CoPP is operational only on IP on owned by the NX9K, right?

There is a possibility that the configuration of CoPP is different for different hardware revision?

The software is the same...