0 Replies Latest reply on Jan 17, 2018 10:27 AM by e-monts

    NCM Comparison Criteria - "access-group" Order different in Running and Startup


      Looking to see if anyone else is having this issue, and whether anyone's solved it.


      On my Nexus 7K's I have inbound and outbound ACL's defined and applied to multiple SVI (ignore the confusing naming standard).  They consistently appear in a different order in the running config vs the startup config:



      interface Vlan581

      ip access-group DATA_out in

      ip access-group Data_in out



      interface Vlan581

      ip access-group Data_in out

      ip access-group Data_out in


      I can't imagine why Cisco does this, but they do.  This is flagging the configs for this device as "In Conflict".  Is there any way to work around this with some clever regex in the Comparison Criteria?  I'd rather not ignore the entire block, because that kind of defeats the purpose of the config comparison.