Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Re: 12.3(1a) and "Duplicate remark statement"

Reply
Thread Tools

Re: 12.3(1a) and "Duplicate remark statement"

 
 
John Caruso
Guest
Posts: n/a
 
      07-23-2003
In article <(E-Mail Removed). net>, John Caruso wrote:
> I've just installed 12.3(1a) on several routers as a result of the Cisco
> debacle, and apparently there's a bug in this version which causes IOS to
> reject any "duplicate" remark statements in ACLs.


Believe it or not, Cisco says this is a *feature*, not a bug. Apparently
they're soon going to add a "no remark" command to allow users to remove
remarks from named ACLs. But they were faced with an issue: what do you
do about duplicate remarks? Do you remove all of them, the first one, the
last one, or what? So what they decided to do is to just NEVER ALLOW THEM
IN THE FIRST PLACE. Problem solved. So instead of choosing a design that
would leave all existing ACLs intact, they chose a method that will mangle
ACLs for many of their customers when they upgrade to 12.3(1a) and other
releases in which this "feature" exists.

This means that in the future, when adding remarks, you'll always have to
make sure you phrase them so that identical text never shows up on two
lines. And when adding any clarifying text like (say) dashed boxes around
particularly crucial remarks, you'll have to arbitrarily change the text
each time to make sure it's different.

Wow. This is a showcase example of a poor design decision, and though it's
a minor issue it's still discouraging to see this kind of poor software
design within Cisco and IOS. I requested that they at least mitigate the
damage by adding an option like "service duplicate-remarks-allowed", and
then have "no remark" remove all duplicates...we'll see how that fares.
Based on the feedback so far, I'm not particularly hopeful.

- John
 
Reply With Quote
 
 
 
 
Walter Roberson
Guest
Posts: n/a
 
      07-23-2003
In article <(E-Mail Removed). net>,
John Caruso <(E-Mail Removed)> wrote:
:Believe it or not, Cisco says this is a *feature*, not a bug.

Bizarre.

: Apparently
:they're soon going to add a "no remark" command to allow users to remove
:remarks from named ACLs. But they were faced with an issue: what do you
:do about duplicate remarks? Do you remove all of them, the first one, the
:last one, or what? So what they decided to do is to just NEVER ALLOW THEM
:IN THE FIRST PLACE.

Why didn't they just go for the ACL line numbering as was implimented
in PIX 6.3(1) ?
--
This signature intentionally left... Oh, darn!
 
Reply With Quote
 
 
 
 
John Caruso
Guest
Posts: n/a
 
      07-24-2003
In article <bfn64t$lbc$(E-Mail Removed)>, Walter Roberson wrote:
> In article <(E-Mail Removed). net>,
> John Caruso <(E-Mail Removed)> wrote:
>:Believe it or not, Cisco says this is a *feature*, not a bug.
>
> Bizarre.


I'm glad I'm not the only one who thought so.

>: Apparently
>:they're soon going to add a "no remark" command to allow users to remove
>:remarks from named ACLs. But they were faced with an issue: what do you
>:do about duplicate remarks? Do you remove all of them, the first one, the
>:last one, or what? So what they decided to do is to just NEVER ALLOW THEM
>:IN THE FIRST PLACE.
>
> Why didn't they just go for the ACL line numbering as was implimented
> in PIX 6.3(1) ?


Well, they more or less did. When you show an ACL in 12.3(1a) it's got
line numbers next to each statement. But apparently whoever designed the
"no remark" statement either 1) didn't know about this, or 2) didn't
consider it as a potential basis for a solution to the ambiguity issue.
IMO, software design is clearly not this person's strong suit.

As I wrote to the engineer handling the case: the design decision Cisco
made here will affect many, many people who will NOT be using the feature,
rather than just affecting people who WILL be using the feature. Obviously
the wrong way to go. We'll see if they agree.

BTW, for reference, this "feature" was a response to bugid CSCdz34661.

- John
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
A remark Rainer Weikusat Perl Misc 2 06-11-2012 10:14 PM
if and and vs if and,and titi VHDL 4 03-11-2007 05:23 AM
Complex const initialisation and Intel compiler remark Ryan Mitchley C++ 0 07-19-2004 08:37 AM
Removing ACL remark on a PIX? Paul Hutchings Cisco 5 11-11-2003 06:05 PM



Advertisments