01-01-2009 03:13 AM - edited 03-06-2019 03:13 AM
Hello all,
Since I do not have access to the TAC, I figured the best place to tell Cisco about this problem is on here, please let me know if there is a better way to report bugs if you do not have TAC access.
I searched the bug db but couldn't find any bug that looked like this one.
I have a Cisco 877W with Advanced IP services/K9 IOS 12.4(11)XJ4, as far as I know the latest available software for this box.
The bug is in the syntax of IPv6 access-lists, when you enter an IPv6 access-list you have the following possible keywords:
Cisco877W(config)#ipv6 access-list IP6-OUTSIDE-IN
Cisco877W(config-ipv6-acl)#?
IPv6 Access List configuration commands:
default Set a command to its defaults
deny Specify packets to reject
evaluate Evaluate an access list
exit Exit from access-list configuration mode
no Negate a command or set its defaults
permit Specify packets to forward
remark Access list entry comment
sequence Sequence number for this entry
<cr>
However, after entering a sequence number, the number of keywords is much more limited:
Cisco877W(config-ipv6-acl)#sequence 10 ?
deny Specify packets to reject
permit Specify packets to forward
remark Access list entry comment
Especially 'evaluate' is missing.
Not really a problem as you can also enter the sequence number at the end of the line, or even just enter the lines in the right sequence without a sequence number.
But...
After entering the commands in one of the ways above, they end up in the running config like this:
ipv6 access-list IP6-OUTSIDE-IN
sequence 5 permit icmp any any
sequence 10 evaluate IP6-OUTSIDE-OUT-REFLECT
sequence 15 deny ipv6 any any log
thus, after a write, this will also be in startup-config... and after a reload, the following is displayed:
sequence 10 evaluate IP6-OUTSIDE-OUT-REFLECT
^
% Invalid input detected at '^' marker.
and the line is no longer in my running, effectively disabling my IPv6 access...
I would appreciate it if one of the Cisco-employees here could report this as a bug (or tell me in what way I am horribly wrong ;-) )
Thanks,
Jeroen
01-01-2009 07:11 PM
Hi Jeron,
This Error "% Invalid input detected at "^" marker." state you entered the command incorrectly. The caret (^) marks the point of the error.
Enter a question mark (?) to display all the commands that are available in this command mode. The keywords that you are allowed to enter for the command appear.
01-03-2009 04:02 AM
Sureh,
Please read my message again, it is not me who enters the command wrong, it's the router itself that enters a command into startup config that it after a subsequent reload does not understand.
Jeroen
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide