78-4926-02
January 19, 1998
These release notes discuss the new features and significant software components for the Cisco AS5300 access server for Cisco IOS Release 11.2 P, up to and including 11.2(11)P.
For more detailed information about the features and caveats in these release notes, refer to the Release Notes for Cisco IOS Release 11.2, which contains features and caveats for all 11.2 platforms. The electronic documentation can be found on Cisco Connection Online (CC) and on the Documentation DC-ROM. (Refer to the "Online Navigation" section for more details.)
The following topics are discussed:
- Determining Your Cisco IOS Software Release, page 2
- New Features in Release 11.2(11)P, page 3
- New Features in Release 11.2(10)P, page 3
- Interfaces Supported on Cisco AS5300 Access Servers, page 4
- Related Documentation, page 4
- Online Navigation, page 7
- Cisco IOS Feature Sets for the Cisco AS5300 Access Servers, page 8
- Upgrading to a New Software Release, page 13
- Memory Requirements, page 13
- Caveats for Release 11.2(1)P Through 11.2(11)P, page 13
- Caveats for Release 11.2(1)P Through 11.2(10)P, page 27
- Cisco Connection Online, page 32
- Documentation CD-ROM, page 33
To determine which version of Cisco IOS software is running on your access server, log on to the server and enter the show version User EXEC command:
router> show version
Cisco Internetwork Operating System Software
IOS (tm) 5300 Software (C5300-JS-M), Version 11.2(10)P, CISCO DEVELOPMENT TEST VERSION
Copyright (c) 1986-1998 by cisco Systems, Inc.
Compiled Thu 11-Sep-97 08:23 by jng
Image text-base: 0x600088F0, data-base: 0x60792000
ROM: System Bootstrap, Version 11.2(19970311:165032) [rmeadows-easy 116], INTERIM SOFTWARE
BOOTFLASH: 5300 Software (C5300-BOOT-M), Version 11.2(10) P, CISCO DEVELOPMENT TEST VERSION
crashsite-t5 uptime is 2 minutes
System restarted by reload
System image file is "flash:c5300-js-mz.0.12.0", booted via flash
cisco AS5300 (R4K) processor (revision A.14) with 32768K/8192K bytes of memory.
Processor board ID 05433580
R4700 processor, Implementation 33, Revision 1.0 (512KB Level 2 Cache)
Bridging software.
SuperLAT software copyright 1990 by Meridian Technology Corp).
X.25 software, Version 2.0, NET2, BFE and GOSIP compliant.
TN3270 Emulation software.
Primary Rate ISDN software, Version 1.0.
Backplane revision 2
Manufacture Cookie Info:
EEPROM Type 0x0001, EEPROM Version 0x01, Board ID 0x30,
Board Hardware Version 1.0, Item Number 73-2414-2,
Board Revision ^@3, Serial Number 05433580,
PLD/ISP Version 255.255, Invalid Date code.
1 Ethernet/IEEE 802.3 interface(s)
1 FastEthernet/IEEE 802.3 interface(s)
96 Serial network interface(s)
96 terminal line(s)
4 Channelized T1/PRI port(s)
128K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash partition 1 (Read/Write)
8192K bytes of processor board System flash partition 2 (Read/Write)
4096K bytes of processor board Boot flash (Read/Write)
Configuration register is 0x2102
There are no new features in this release.
This section describes the new features for Cicso AS5300 access servers in Release 11.2(10)P.
Modem pooling allows service providers to define, select, and use separate pools of modems within a single access server or router to provide different dial-in services. Modem allocation is based on the dialed number identification service (DNIS) and a predetermined number of modem ports based on DNIS.
There are a number of applications for using the call set up information, including DNIS/ANI, processing incoming call requests with CallerID, and selecting services to setup "automatically" for specified calls. These uses generally fall into two categories, those requiring allocation of a specific number of modems for a specific service, and those requiring allocation of specific physical modems.
There are 3 types of E1 R2 signalling that you can configure with the cas-group command: compelled, semi-compelled, and non-compelled. However, each country has its own E1 R2 specifications, which might follow the ITU-T Q.400-Q.490 recommendation for R2 signalling. Unique E1 R2 signaling parameters for specific countries are set by issuing the cas-custom channel command followed by the country name command.
The Cisco AS5300 access server now supports channel-associated signaling for channelized E1 lines, which are commonly deployed in networks in Latin America, Asia, and Europe.
After this feature is configured on a single E1 controller, up to 30 remote users can simultaneously dial in to the Cisco AS5300 through networks running the R2 protocol. Typically, all channels of a channelized E1 line are used for analog calls. Because the Cisco AS5300 has four physical E1 ports on its quad E1 Primary Rate Interface (PRI) board, up to 120 simultaneous connections can be made through the quad E1/PRI board.
New types of signaling provided for a channelized T1 include ground start and loop start support. This new signaling is set using the cas-group controller configuration command.
This new E1 PRI card has four E1 controllers, which provide physical termination for four E1 PRI lines. The Cisco AS5300's E1 PRI controllers require a clock source, which is set with the clock source command.
In addition, the quad E1 card can be software-configured for channelized or PRI operation. An additional hardware selecter switch is provided for configuration for balanced 75-ohm or unbalanced 120-ohm operation.
For Microcom modems, Cisco IOS Release 11.2(10)P includes bundled modem code version 3.1.30. The modem code filename is: mcom-modem-code-3.1.30.bin
For MICA modems, Cisco IOS 11.2(10)P is bundled with MICA portware version 2.0.1.7
The following LAN and WAN interfaces are supported on Cisco AS5300 access servers:
- Ethernet RJ-45
- Ethernet/Fast Ethernet (RJ-45)
- ISDN PRI
- E1-G.703/G.704
- Channelized T1
- Channelized E1
The following modem cards are supported on the Cisco AS5300 access server:
For details about the features introduced in these release notes, refer to Feature Guide for Cisco IOS Release 11.2 P and New Features for the Cisco AS5300. The printed version of the Feature Guide for Cisco IOS Release 11.2 P contains features up to Release 11.2(7)P. Features added after Release 11.2(7)P are available in the electronic (online) version of the feature guide only. To access New Features for the Cisco AS5300 online, go to Cisco Connection Online and follow the path:
- Products & Ordering
- Documentation
- Cisco Product Documentation
- Cisco IOS Software Configuration
- Cisco IOS Release 11.2
- Feature Guide for Cisco IOS Release 11.2P
- About this Feature Guide
- Cisco IOS Release 11.2(10)P Features
- Cisco AS5300
- New Features for the Cisco AS5300
The electronic documentation can be found on the Documentation CD-ROM and on Cisco Connection Online (CCO). On the Documentation CD, the path is as follows:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 11.2:
- Feature Guide for Cisco IOS Release 11.2 P
- Product-Specific Release Notes
- Cisco IOS Software Release 11.2 P Caveats
On CCO, http://www.cisco.com/, the path is as follows:
Cisco Connection Online: Products and Ordering: Documentation: Cisco Documentation: Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 11.2:
- Feature Guide for Cisco IOS Release 11.2 P
- Product-Specific Release Notes
- Cisco IOS Software Release 11.2 P Caveats
For more information about related documentation, refer to the "Cisco IOS Documentation" and "Cisco IOS Documentation" sections later in this document.
For Cisco IOS Release 11.2, the Cisco IOS documentation set consists of eight modules, each module consisting of a configuration guide and a command reference. The documentation set also includes six supporting documents.
Note The most up-to-date Cisco IOS documentation can be found on the latest Documentation CD-ROM and on the Web. These electronic documents contain updates and modifications made after the paper documents were printed.
The books and chapter topics are as follows:
| Books
| Chapter Topics
|
|---|
| Module 1
· Configuration Fundamentals Configuration Guide
· Configuration Fundamentals Command Reference
|
Access Server and Router Product Overview
User Interface
System Images and Configuration Files
Using ClickStart, AutoInstall, and Setup
Interfaces
System Management
|
| Module 2
· Security Configuration Guide
· Security Command Reference
|
Network Access Security
Terminal Access Security
Accounting and Billing
Traffic Filters
Controlling Router Access
Network Data Encryption with Router Authentication
|
| Module 3
· Access Services Configuration Guide
· Access Services Command Reference
|
Terminal Lines and Modem Support
Network Connections
AppleTalk Remote Access
SLIP and PPP
XRemote
LAT
Telnet
TN3270
Protocol Translation
Configuring Modem Support and Chat Scripts
X.3 PAD
Regular Expressions
|
| Module 4
· Wide-Area Networking Configuration Guide
· Wide-Area Networking Command Reference
|
ATM
Dial-on-Demand Routing (DDR)
Frame Relay
ISDN
LANE
PPP for Wide-Area Networking
SMDS
X.25 and LAPB
|
| Module 5
· Network Protocols Configuration Guide, Part 1
· Network Protocols Command Reference, Part 1
|
IP
IP Routing
|
| Module 6
· Network Protocols Configuration Guide, Part 2
· Network Protocols Command Reference, Part 2
|
AppleTalk
Novell IPX
|
| Module 7
· Network Protocols Configuration Guide, Part 3
· Network Protocols Command Reference, Part 3
|
Apollo Domain
Banyan VINES
DECnet
ISO CLNS
XNS
|
| Module 8
· Bridging and IBM Networking Configuration Guide
· Bridging and IBM Networking Command Reference
|
Transparent Bridging
Source-Route Bridging
Remote Source-Route Bridging
DLSw+
STUN and BSTUN
LLC2 and SDLC
IBM Network Media Translation
DSPU and SNA Service Point Support
SNA Frame Relay Access Support
APPN
NCIA Client/Server Topologies
IBM Channel Attach
|
| Supporting Documentation
· Cisco IOS Software Command Summary
· Access Services Quick Configuration Guide
· System Error Messages
· Debug Command Reference
· Cisco Management Information Base (MIB) User Quick Reference
· New and Changed IOS Commands for Cisco AS5300 Access Servers
|
|
Note The
Cisco Management Information Base (MIB) User Quick Reference publication is no longer being published. For the latest list of MIBs supported by Cisco, see the
Cisco Network Management Toolkit on Cisco Connection Online. On CCO, go to
Software and Support, select
Software Center, and click on
Network Management Products. Next, select
Cisco Network Management Toolkit and click on
Cisco MIBs.
The Cisco IOS software documentation set is available as printed manuals or electronic documents.
You can access the electronic documents either on the Cisco Documentation CD-ROM or at Cisco Connection Online (CCO) on the World Wide Web.
On the Documentation CD-ROM, go to Cisco Product Documentation, select Cisco IOS Software Configuration, and then select Cisco IOS Release 11.2.
On CCO, go to Software & Support, scroll down and select Documentation. Next, select Documentation, click on Cisco IOS Software Configuration and then click on Cisco IOS Release 11.2.
Online documentation for Release 11.2 includes:
- Release Notes
- Feature Guides
- Configuration Guides and Command References
- Command Summary
- System Error Messages
- MIB User Quick Reference
- Debug Command Reference
- Access Services Quick Configuration Guide
- Cisco IOS Software Release 11.2 Caveats
Additional information about CCO and the Documentation CD-ROM is in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of these release notes.
This section lists Cisco IOS software feature sets available in Cisco IOS Release 11.2 P.
These features are available in specific features sets on specific platforms.
Table 1 uses these feature set matrix symbols to identify features:
Feature Set
Matrix Symbol
| Description
|
|---|
| Basic
| This feature is offered in the basic feature set.
|
| --
| This feature is not offered in the feature set.
|
| Plus
| This feature is offered in the Plus feature set, not in the basic feature set.
|
Table 1 lists the standard feature sets supported in Release 11.2 P.
Table 1: Cisco AS5300 Access Server Software Feature Sets
| Feature Set
|
|---|
| Features Contained in Features Sets
| IP Routing
| Desktop
(IP/IPX/AppleTalk/DEC)
| Enterprise1
|
|---|
| LAN Support
|
|
|
|
Apollo Domain
| --
| --
| Basic
|
| AppleTalk 1 and 22
| --
| Basic
| Basic
|
Banyan VINES
| --
| --
| Basic
|
Concurrent routing and bridging (CRB)
| Basic
| Basic
| Basic
|
DECnet IV
| --
| Basic
| Basic
|
DECnet V
| --
| --
| Basic
|
GRE
| Basic
| Basic
| Basic
|
| Integrated routing and bridging (IRB)3
| Basic
| Basic
| Basic
|
IP
| Basic
| Basic
| Basic
|
LAN extension host
| Basic
| Basic
| Basic
|
Multiring
| Basic
| Basic
| Basic
|
| Novell IPX4
| --
| Basic
| Basic
|
Open System Interconnect (OSI)
| --
| --
| Basic
|
Source-route bridging (SRB)
| --
| --
| Basic
|
Transparent and translational bridging
| Basic
| Basic
| Basic
|
XNS
| --
| --
| Basic
|
| WAN Services
|
|
|
|
Combinet Packet Protocol (CPP)
| Basic
| Basic
| Basic
|
Dialer profiles
| Basic
| Basic
| Basic
|
Half bridge/half router for CPP and PPP
| Basic
| Basic
| Basic
|
HDLC
| Basic
| Basic
| Basic
|
IPXWAN 2.0
| --
| Basic
| Basic
|
| ISDN5
| Basic
| Basic
| Basic
|
| Multichassis Multilink PPP (MMP)6
| Plus
| Plus
| Plus
|
| PPP7
| Basic
| Basic
| Basic
|
Virtual Private Dial-up Network (VPDN)
| Plus
| Plus
| Plus
|
| WAN Optimization
|
|
|
|
Bandwidth-on-demand
| Basic
| Basic
| Basic
|
Custom and priority queuing
| Basic
| Basic
| Basic
|
Dial backup
| Basic
| Basic
| Basic
|
Dial-on-demand
| Basic
| Basic
| Basic
|
Header, link and payload compression
| Basic
| Basic
| Basic
|
Snapshot routing
| Basic
| Basic
| Basic
|
Weighted fair queuing
| Basic
| Basic
| Basic
|
| IP Routing
|
|
|
|
BGP
| Basic
| Basic
| Basic
|
| BGP48
| Basic
| Basic
| Basic
|
EGP
| Basic
| Basic
| Basic
|
Enhanced IGRP
| Basic
| Basic
| Basic
|
Enhanced IGRP Optimizations
| Basic
| Basic
| Basic
|
ES-IS
| --
| --
| Basic
|
IGRP
| Basic
| Basic
| Basic
|
IS-IS
| --
| --
| Basic
|
Named IP Access Control List
| Basic
| Basic
| Basic
|
Network Address Translation (NAT)
| Plus
| Plus
| Plus
|
NHRP
| Basic
| Basic
| Basic
|
On Demand Routing (ODR)
| Basic
| Basic
| Basic
|
OSPF
| Basic
| Basic
| Basic
|
OSPF Not-So-Stubby-Areas (NSSA)
| Basic
| Basic
| Basic
|
OSPF On Demand Circuit
(RFC 1793)
| Basic
| Basic
| Basic
|
PIM
| Basic
| Basic
| Basic
|
Policy-based routing
| Basic
| Basic
| Basic
|
RIP
| Basic
| Basic
| Basic
|
RIP Version 2
| Basic
| Basic
| Basic
|
| Other Routing
|
|
|
|
AURP
| --
| Basic
| Basic
|
IPX RIP
| --
| Basic
| Basic
|
NLSP
| --
| Basic
| Basic
|
RTMP
| --
| Basic
| Basic
|
SMRP
| --
| Basic
| Basic
|
SRTP
| --
| --
| Basic
|
| Multimedia and Quality of Service
|
|
|
|
Generic traffic shaping
| Basic
| Basic
| Basic
|
Resource Reservation Protocol (RSVP)
| Basic
| Basic
| Basic
|
| Management
|
|
|
|
HTTP Server
| Basic
| Basic
| Basic
|
Modem Management
| Plus
| Plus
| Plus
|
| RMON events and alarms9
| Basic
| Basic
| Basic
|
RMON full
| Plus
| Plus
| Plus
|
SNMP
| Basic
| Basic
| Basic
|
Telnet
| Basic
| Basic
| Basic
|
| Security
|
|
|
|
Access lists
| Basic
| Basic
| Basic
|
Access security
| Basic
| Basic
| Basic
|
Extended access lists
| Basic
| Basic
| Basic
|
Kerberized login
| --
| --
| Basic
|
Kerberos V client support
| --
| --
| Basic
|
Lock and key
| Basic
| Basic
| Basic
|
MAC security for hubs
| Basic
| Basic
| Basic
|
MD5 routing authentication
| Basic
| Basic
| Basic
|
RADIUS
| Basic
| Basic
| Basic
|
| TACACS+10
| Basic
| Basic
| Basic
|
| IBM Support (Optional)
|
|
|
|
APPN (optional)
| --
| --
| --
|
BAN for SNA Frame Relay support
| Plus
| Plus
| Basic
|
Bisync
| Plus
| Plus
| Basic
|
Caching and filtering
| Plus
| Plus
| Basic
|
| DLSw+ 11
| Plus
| Plus
| Basic
|
Downstream PU concentration (DSPU)
| Plus
| Plus
| Basic
|
Native Client Interface Architecture (NCIA) Server
| Plus
| Plus
| Basic
|
NetView Native Service Point
| Plus
| Plus
| Basic
|
QLLC
| Plus
| Plus
| Basic
|
Response Time Reporter (RTR)
| Plus
| Plus
| Basic
|
SDLC integration
| Plus
| Plus
| Basic
|
DLSw (RFC 1795)
| Plus
| Plus
| Basic
|
SDLC transport (STUN)
| Plus
| Plus
| Basic
|
SDLC-to-LAN conversion (SDLLC)
| Plus
| Plus
| Basic
|
SNA and NetBIOS WAN optimization
via local acknowledgment
| Plus
| Plus
| Basic
|
| SRB/RSRB12
| Plus
| Plus
| Basic
|
SRT
| Plus
| Plus
| Basic
|
TG/COS
| --
| --
| Basic
|
TN3270
| --
| --
| Basic
|
| Protocol Translation
|
|
|
|
LAT
| --
| --
| Basic
|
Rlogin
| --
| --
| Basic
|
| Remote Node13
|
|
|
|
ARAP 1.0/2.0
| --
| Basic
| Basic
|
Asynchronous master interfaces
| Basic
| Basic
| Basic
|
ATCP
| --
| Basic
| Basic
|
CPPP
| Basic
| Basic
| Basic
|
CSLIP
| Basic
| Basic
| Basic
|
DHCP
| Basic
| Basic
| Basic
|
IP pooling
| Basic
| Basic
| Basic
|
IPX and ARAP on virtual async interfaces
| --
| --
| Basic
|
IPXCP
| --
| Basic
| Basic
|
MacIP
| --
| Basic
| Basic
|
NASI
| --
| --
| --
|
NetBEUI over PPP
| --
| --
| --
|
SLIP
| Basic
| Basic
| Basic
|
| Terminal Services13
|
|
|
|
| LAT14
| --
| --
| Basic
|
Rlogin
| Basic
| Basic
| Basic
|
Telnet
| Basic
| Basic
| Basic
|
TN3270
| --
| --
| Basic
|
Xremote
| --
| --
| Basic
|
1
Enterprise is available with APPN in a separate feature set. APPN includes APPN Central Registration (CRR) and APPN over DLSw+.
2
Includes AppleTalk load balancing.
3
IRB supports IP, IPX, and AppleTalk; it is supported for transparent bridging, but not for SRB; it is supported on all media-type interfaces except X.25 and ISDN bridged interfaces; and IRB and concurrent routing and bridging (CRB) cannot operate at the same time.
4
The Novell IPX feature includes display SAP by name, IPX Access Control List violation logging, and plain-English IPX access lists.
5
ISDN support includes calling line identification (ANI), X.25 over the B channel, ISDN subaddressing, and applicable WAN optimization features.
6
In Plus images only
7
PPP includes support for LAN protocols supported by the feature set, address negotiation, PAP and CHAP authentication, and PPP compression, and Multilink PPP.
8
BGP4 includes soft configuration, multipath support, and prefix filtering with inbound route maps.
9
The RMON events and alarms groups are supported on all interfaces. Full RMON support is available with the Plus feature sets.
10
TACACS+ Single Connection and TACACS+ SENDAUTH enhancements are supported.
11
Cisco IOS Release 11.2 introduces several DLSw+ enhancements available in the Plus, Plus 40, and Plus 56 feature sets.
12
SRB/RSRB is fast switched. This enhancement is on by default, but can be disabled.
13
Supported on access servers (with limited support on router auxiliary ports).
14
Use of LAT requires a terminal license (FR-L8-10.X= for an 8-user license or FR-L16-10.X= for a 16-user license).
Table 2 describes the memory requirements for the Cisco AS5300 series access server platform's feature set supported by Cisco IOS Release 11.2 P.
Table 2: Cisco AS5300 Memory Requirements
| Feature Set
| Required
Flash
Memory
| Required
DRAM
Memory
| Release 11.2
Runs from
|
|---|
| IP
| 8 MB Flash
| 32 MB DRAM
| DRAM
|
| IP/Plus
| 8 MB Flash
| 32 MB DRAM
| DRAM
|
| Desktop
| 8 MB Flash
| 32 MB DRAM
| DRAM
|
| Desktop Plus
| 8 MB Flash
| 32 MB DRAM
| DRAM
|
| Enterprise
| 8 MB Flash
| 32 MB DRAM
| DRAM
|
| Enterprise Plus
| 8 MB Flash
| 32 MB DRAM
| DRAM
|
For information on upgrading to a new software release, refer to the Cisco IOS Software Release Upgrade Paths and Packaging Simplification product Bulletin #539. To access this product bulletin on the Web through Cisco Connection Online, at http://www.cisco.com, follow the path:
- Products & Ordering
- More Information
- Product Bulletin
- Software
- Cisco IOS 11.2
- Cisco IOS Software Release 11.2 Changes in Packaging and Upgrade Paths (#539: 10/96)
For more information, refer to the "Cisco Connection Online" section at the end of this document.
This section describes possibly unexpected behavior by Release 11.2(11). Unless otherwise noted, these caveats apply to all 11.2 releases up to and including 11.2(11)P.
- Under rare circumstances, a Cisco AS5200 may crash after displaying either a "%SYS-2-BLOCK" or "%SYS-2-BLOCKHUNG" message. [CSCdj30206]
- Under unknown circumstances, an AS5200 PRI D channel may get stuck in the state "TEI_ASSIGNED" rather than "MULTIPLE FRAME ESTABLISHED" which is the normal operating condition. This state is shown by the show isdn status command.
- The workaround at this time is to reload the router. Issuing the shut and no shut commands on the affected interface does not help. [CSCdj41613]
- Running Cirrus' microcode version less than 0x1F will cause high CPU utilization on the
Cisco AS5200, which can cause existing calls to drop. [CSCdj68729]
- The system may unexpectedly stop sending AARP request packets. Turning on AARP gleaning may help alleviate the problem. [CSCdi41414]
- When using the ARAP client 2.1, the user is not able to dial in to an AS5200 with Cisco IOS Release 11.1 if the AS5200 has autoselect configured.
- To work around this problem, do one of the following:
- - Remove autoselect and use ARAP dedicated.
- - Use the ARAP 2.0.1 client.
- - Turn on MNP10 on the ARAP 2.1 client.
- - Modify the client CCL script to extend the pause to 3 seconds before exiting. [CSCdj09817]
- On RSP interfaces, optimum switching is supposed to be the default. However, depending on the link order of the image, it can default to off. [CSCdi54567]
- If you see the message "%RSP-3-RESTART: interface Serial x/y, output stuck" on an RSP-based platform, you might have problems with the output interfaces. This problem can occur when bursty traffic is optimum-switched to an output interface on which either fair queue or transmit-buffers backing-store is enabled. A possible workaround is to disable optimum switching. [CSCdi56782]
- The router might reload when trying to process the show accounting command. [CSCdi69364]
- In certain cases, the number of packets shown in the IP flow cache packet size distribution does not match the number shown in the cache statistics. [CSCdi71766]
- The show stacks command fails to report the correct version of code running at the time of the last reload. This problem occurs when the Flash version of the Cisco IOS software does not match the running version of code. [CSCdi74380]
- Fast switching and optimum switching counters should be broken out separately in the output of the show interface switching command. [CSCdi87008]
- A timing window within ccp_up could cause the router to crash if a packet gets sent to the hardware or distributed compressor while CCP is coming up. [CSCdj12504]
- Under heavy interrupt load, driver instrumentation gets hit repeatedly while processes are accessing the instrumentation variables (for example, last output time). This causes a number of problems, including stuck output and incorrect user displays. There is no known workaround. [CSCdj15583]
- A router configured with the ip identd and with aaa authentication login default tacacs+ enable commands reloads itself under these conditions:
- - The router is resolving host names via an external DNS server.
- - The TACACS server is down.
- - The user gains access to the router via the backup "enable" method.
- - The user attempts to Telnet from the router to a host on the network.
- After the Telnet is initiated, the router immediately reloads.
- The workaround for this problem is to not configure the ip identd command or to disable the identd process with the global command no ip identd (which is the default). [CSCdj19961]
- A recovery mechanism for misaligned 64-bit accesses has been added. This new functionality is similar to the current misaligned handler for shorter misaligned accesses. [CSCdj20738]
- Currently, Cisco 7200 series routers do not produce a core dump for the I/O memory region in any Cisco IOS release. Sometimes it is necessary to get this information if memory corruption is suspected. [CSCdj25189]
- The tacacs-server directed-request restricted command applies only to authentication, not to accounting or authorization. Therefore, there is no way to restrict a user's authorization or accounting to a given set of servers, which can lead to inconsistencies. For example, authentication for a directed user can be attempted only on the restricted servers, whereas authorization or accounting can be attempted on nonrestricted servers also. This inconsistency can cause authentication to pass while authorization fails for a given user. [CSCdj37496]
- In rare cases, an error may occur in Cisco routers. It may be seen as an error message describing an inconsistent state in allocating or deallocating blocks of memory.
- An error was introduced by CSCdj42505 in Release 11.2 P and CSCdj22736 in Release 11.1CC. It does not exist in other IOS releases. [CSCdj44667]
- A Cisco router reloads with a bus error after adding three to four segments on a Cisco 7206 running Release 11.2(8)P. [CSCdj57506]
- An SNMP trap process can cause high CPU utilization. The workaround is to remove SNMP. [CSCdj63629]
- The patch added in CSCdi37706 and incorporated into Cisco IOS Releases 11.2(8.1), 11.2(8.1)P, 11.3(0.2) and 11.2(8.1)BC was intended to correct a cosmetic problem with command authorization.
- Instead it exposed a bug in older implementations of the developers kit TACACS+ daemon (freeware) and will cause certain command authorizations to fail.
- All freeware daemon versions prior to version 3.0.13 are subject to this problem including the ACE Safeword Security Server daemon. CiscoSecure daemons are not affected. [CSCdj66657]
- When a user dials into a Cisco AS5200/AS5300 using ISDN, the cpmActiveUserID object in the CISCO-POP-MGMT.mib is not updated and is left blank. [CSCdj66942]
- ARAP (ARA 2.1 & 3.0 client) with single line password using TACACS+ does not work.
- To use the single line option, specify username*password in the username field and the word "arap" (lowercase) in the password field.
- The ARA 2.1 client returns the error "The connection attempt has failed. The server you called is not a valid Remote Access."
- The ARA 3.0 client returns the error "User authentication failed. Check your username and password and try again." [CSCdj68015]
- When the encapsulation is changed on an interface from one that supports weighted fair queueing to one that does not, and the change is made from the console or auxiliary port, there may be an 8-kb memory loss each time the encapsulation is changed. To identify this problem, examine the output of the show memory allocating-process command, which shows that the number of memory blocks allocated by the EXEC increases each time you change the encapsulation. If you do not change the encapsulation on an interface often, this problem should not have a significant impact on system performance. [CSCdi89723]
- If the line speed on a Cisco AS5300 is configured for TTY lines that span a Microcom modem followed by a MICA modem, the output of the show running-config and copy running-config startup-config commands is wrong for the speed commands on those lines. [CSCdj41555]
- Low-end platforms cache invalid RIF entries when using any form of the multiring command. This problem can also be seen in the DLSw reachability cache and with possible loops with LNM. [CSCdi50344]
- RSRB does not declare the peer dead until the keepalive times out. In order for RSRB to detect the dead peer so that the ring list can be cleaned up properly, set the keepalive value as small as possible. [CSCdi50513]
- Removing a DLSw configuration by configuring no dlsw local-peer and adding the DLSw configuration back can cause a memory leak in the middle buffer. [CSCdi51479]
- In some mixed-vendor bridge environments, Automatic Spanning Tree (AST) may not become active if the Cisco platform is the root bridge. The message-age-increment option is now available as part of the source-bridge spanning command to assist with the message-age count manipulation. This hidden command may be needed when the existing MAXAGE value is insufficient for the network diameter and the maximum age is not configurable by the vendor bridges. [CSCdi53651]
- The LAN Network Manager (LNM) fails to link to the router's source bridge after the Token Ring interface is shut down on the remote router. The show lnm bridge command continues to display "Active Link" to the LNM. This problem does not occur when bridges are linked locally to the LNM. The workaround is to remove the source-bridge command from the Token Ring interface and configure it back in. [CSCdi53954]
- When the router is configured to use the DSPU feature, it may crash during deactivation of multiple downstream physical units (PUs). [CSCdi54114]
- A router may crash when DSPU debugging is enabled on a Cisco 4500 or Cisco 7500 router. [CSCdi54277]
- The BADLINESTATE message indicates that a frame was received while the router was transmitting. This points to a misconfiguration somewhere in the system because the bisync protocol is supposed to ensure half-duplex operation.
- If the connecting device is configured FULL-DUPLEX or CONSTANT RTS, configure the interface bsc fdx.
- The poll-timeout of the connecting HOST may be too short. To recover, issue the shut command on the interface. [CSCdi54541]
- Some NetBIOS applications that require a UI frame in response to Add Name Query cannot connect using a DLSw peer on demand if the NetBIOS circuit is the initial circuit that triggers the peer-on-demand to connect. [CSCdi54796]
- A sniffer trace shows duplicate ring numbers in the RIF when proxy explorers are in use. New SNA sessions fail to connect to the FEP. The workaround is to issue the clear rif command. [CSCdi55032]
- It is not possible to configure more than one DLSw remote peer using direct encapsulation for the same Frame Relay interface. The following error message is produced when the second peer is defined:
%Must remove the remote-peer to change the lf
- The workaround is to use TCP encapsulation. [CSCdi55075]
- The dlsw remote-peer frame-relay interface serial command does not work on a point-to-point subinterface. The workaround is to use multipoint and to do LLC mapping. [CSCdi55085]
- A connection to a DLU (DSPU or APPN) across RSRB may fail if the remote SAP address is not enabled at the destination router. The workaround is to enable the remote SAP address. [CSCdi56660]
- DLSw FST encapsulation does not work over WAN, Token Ring, or FDDI interfaces. [CSCdi57207]
- An APPN router may unbind an LU6.2 session after receiving an unsolicited IPM with a nonzero next-window size. [CSCdi57730]
- A FRAS BNN-to-SDLC link does not restart when a Frame Relay interface is power-cycled. After the CSU is powered off, the "fras backup rsrb" is engaged to put the SDLLC traffic across the RSRB peers. When the CSU is powered back on and the Frame Relay DLCI comes back up, the FRAS BNN connection to the SDLC nodes does not reactivate, although connections to Token Ring nodes do restart. [CSCdi61156]
- When an IBM midrange department server (such as AS400) is configured as a network management focal point, it will initiate the MDS transaction program. The router does not handle it properly and corrupts memory.
- The workaround is to turn off the focal point feature in the AS400. See the network attribute configuration panel in the AS400. [CSCdi67820]
- A bus error occurred at PC0x169a46. The stack trace indicates a problem in the LNX process. This problem occurs on X.25. [CSCdi73516]
- When the fast source-route translational bridging feature is configured, packets are corrupted. The workaround is to issue the no source-bridge fastswitch ring-group fastswitch command, which disables the fast source-route translational bridging feature. [CSCdi87612]
- A Cisco 7204 router running Cisco IOS Release 11.2(4) and the rsr-bridging feature is intermittently reloaded by itself with a software-forced crash resulting from memory corruption. [CSCdj13017]
- A router configured for DLSw has a buffer leak in the middle and big buffers. Eventually, the router runs out of I/O memory.
- The problem is related to the way DLSw backup peers are configured. This problem occurs only if the local router is configured with backup peer commands and the remote router also has a configured peer and is not promiscuous.
- The workaround is to remove the DLSw backup peer configuration. [CSCdj21664]
- The backup is not invoked until the interface transitions to the down state. [CSCdj22613]
- When testing FRAS BAN for SDLC attached PU 2.1 and PU 2.0 and using RSRB backup over PSTN, the PUs failed to connect after the Frame Relay interface was brought back up after a link failure.
- The output of the show fras command showed ls-reset backup enabled. In order to reconnect the PUs, the fras backup rsrb statement must be removed or the serial interfaces configuration deleted and then readded. [CSCdj39306]
- An APPN router may fail the ACT_ROUTE if using parallel transmission groups (TGs). This problem may occur when an APPN router has two parallel links defined with the adjacent node. If the adjacent node activated a link to the network node (NN) requesting a TG number that had previously been used for a different defined link activation, the NN may fail the ACTIVATE_ROUTE. The APPN router sometimes tries to incorrectly activate the route using the other inactive link that has the same TG number. [CSCdj49814]
- Under certain circumstances, APPN may crash with the following stack trace.
> System was restarted by bus error at PC 0x6C75DC[_Mfree(0x6c75b6)+0x26], address 0xFFFFFFF8[_etext(0x73ab50)+0xff8c54a8]
> Image text-base: 0x00012000[__start(0x12000)+0x0], data-base: 0x0073AB50[__etext(0x73ab50)+0x0]
> FP: 0x872C74[_etext(0x73ab50)+0x138124], RA: 0x6588BC[_session_failure_clean_up(0x658502)+0x3ba]
> FP: 0x872EB8[_etext(0x73ab50)+0x138368], RA: 0x65C6E6[_process_cp_status_sig(0x65c2da)+0x40c]
> FP: 0x8730F0[_etext(0x73ab50)+0x1385a0], RA: 0x64D820[_xxxmss00(0x64d64e)+0x1d2]
> FP: 0x873210[_etext(0x73ab50)+0x1386c0], RA: 0xB720C[_process_hari_kari(0xb720c)+0x0]
- [CSCdj51051]
- Frames may get corrupted while moving from an Ethernet segment to a FRAS-BAN interface. This is because of a problem in transparent bridging with Frame Relay. This caveat is the same as CSCdj47881. [CSCdj58692]
- A Cisco 2500 series router can crash when configuring the x25 map qllc ntn command in a DSPU PU over X.25 configuration. There is no known workaround. [CSCdj61675]
- When source-route translational bridging is used, LLC sessions initiated from the transparent domain results in the source route's largest frame being incorrectly set to 4472 bytes instead of 1500 bytes. The result is that SNA and NetBIOS sessions may fail if the source-route station sends a frame with a payload that exceeds the maximum allowable size of 1500 bytes for Ethernet media.
- The problem typically occurs when NetBIOS is utilized to allow workstations to communicate between Ethernet and Token Ring. It also occurs when SNA is used.
- The workaround is to disable fast-switching by using the no source-bridge transparent fastswitch command or configuring the end stations to use frames with a payload of less than or equal to 1500 bytes. [CSCdj62385]
- The APPN router may have an excessive amount of processor memory allocated to APPN after experiencing several spikes in APPN processing. The APPN memory manager was optimized to release groups of unused pools back to the operating system. [CSCdj62502]
- The router may send a FRMR when the role is primary. The default behavior is changed so that it can only send FRMR as a secondary. If this presents a problem, use the frmr-disable interface configuration option to prevent a FRMR from being sent as a primary or secondary. [CSCdj66967]
- Any DLUR installation with over 800 to 1000 downstream PUs may experience a reload with the following backtrace:
[abort(0x601f2c3c)+0x8]
[crashdump(0x601f0b20)+0x94]
[process_handle_watchdog(0x601c2f08)+0xb4]
[signal_receive(0x601b7d58)+0xa8]
[process_forced_here(0x60169424)+0x68]
[locate_node_index(0x607dbcc0)+0x64]
[etext(0x60849e00)+0xcbee04]
- [CSCdj67966]
- DSPU over RSRB with FST encapsulation reloads with a bus error similar to the following, when an upstream or downstream connection is initializing:
System was restarted by bus error at PC 0xCC6B8, address 0xFC4AFC82 4000 Software (C4000-JS-M), Version 11.2(10.3), MAINTENANCE INTERIM SOFTWARE Compiled Mon 01-Dec-97 19:45 by ckralik (current version) Image text-base: 0x00012000, data-base: 0x0076AE64
- The workaround is to use TCP encapsulation for RSRB or to switch to DLSw. [CSCdj68261]
- The serial interface on a Cisco 2500 series router enters a looped state if it is configured as a backup DTE interface and if the cable is disconnected and reconnected a few times. To fix the problem, enter the clear interface command. [CSCdi32528]
- On an RSP router, the "%CBUS-3-CTRUCHECK" error message is displayed and the Token Ring interface resets. To correct this problem, upgrade to RSP TRIP Microcode Version 20.1. [CSCdi74639]
- OIR removal of a FIP from one slot into another will cause the FDDI to permanently remain in DOWN/DOWN. A reload is needed to get it up. OIR removal and putting it back into the same slot works fine. [CSCdi87221]
- A TRIP interface configured for transparent bridging but not configured for source-route bridging may silently drop some incoming frames. Specifically, if the interface receives a frame with a length less than 120 bytes and the RII bit is set (indicating a source-route bridging frame) it may drop the next frame received. This can cause the interface's keepalive processing to fail and can lead to sporadic resets on the interface. [CSCdi88756]
- A Cisco 7500 series router might resign its active HSRP status when configured on an FEIP, if no other router is on the segment. The workaround is to turn off HSRP. [CSCdi93012]
- The error "%CBUS-3-CTRUCHECK: Unit 0, Microcode Check Error" occurs on Token Ring interfaces, causing the interface to reset. [CSCdj08654]
- The POS interface specific configuration commands pos specify-s1s0 and pos specify-c2 do not work correctly. [CSCdj09646]
- A Cisco AS5200 crashes with a bus error if it is powered on without any modem modules plugged into it. [CSCdj20225]
- Under certain circumstances, rebooting a Cisco 2524 may cause the router to pause indefinitely with a T1 connected to a Fractional T1 module. The workaround is to unplug the T1 prior to the reload. [CSCdj22485]
- The V.110 modules in an AS5200 fails the first time the autoselect ppp command is used after power up or when the modem hold-reset command is used on all 12 ports simultaneously.
- A workaround for this problem is to execute the clear line command on all V.110 lines after the following events:
- Power up initialization.
- Using the modem hold-reset command on all 12 ports.
- [CSCdj23972]
- Setting encapsulation fddi without bridging enabled on a VIP2/FDDI and FIP in RSP causes the interface to bridge transparently. The encapsulation fddi command should only be used with bridging enabled. As a workaround, use the no bridge-group 1 command to disable bridging. [CSCdj24479]
- The pos specify-s1s0 and pos specify-c2 POS-interface-specific configuration commands do not work correctly. [CSCdj25166]
- When a Token Ring interface is configured with a small MTU size, it could crash when it receives a frame larger than the MTU size. [CSCdj27678]
- The router does not respond to ARPs correctly when bridging IP on a channelized T1 interface. Therefore, Telnets to and from the router will fail. [CSCdj31285]
- A Cisco 2520 low-speed port may sometimes ignore group polls. This problem occurs on average once per minute and appears to occur only when the router is configured for half duplex and is using a DTE cable.
- This problem has minimal impact on the performance of the multidrop line because a FEP usually resorts to individual polling. [CSCdj33392]
- Cisco IOS does not correctly return values for Token Ring soft error counters via SNMP. This may cause some SNMP management applications that query the Token Ring MIB to report errors. [CSCdj35713]
- Data corruption has been experienced at high bidirectional traffic rates. Corruption can also occur at high bidirectional traffic rates (when interface is throttling) when issuing the shut command.
- Data corruption is possible if you are using Rev2 Mueslix and an release earlier than Release 11.2(9)P. [CSCdj43672]
- An AS5300 system with Microcom and MICA modems can crash if fast ring is disabled. The problem occurs because the code does not check for a Microcom or Mica carrier card before accessing registers on the board. The current code assumes a Microcom card.
- Mixed Microcom/MICA configurations cannot be supported with this bug present. A similar crash with the same stack trace was also seen with only Microcom modems, but this is much harder to reproduce. [CSCdj44456]
- TTY lines on access servers may hang when control characters are sent in dumb terminal mode (no PPP or SLIP). A show line shows the TTY line in a ready state, but no response or prompt is seen from the access server when the activation character is sent (default is a return). Doing a clear line # does allow for the line to recover and respond to the activation character. [CSCdj46760]
- A "System restarted by bus error at PC 0x4262AA, address 0xFFFFFFFC" message may be received when the frame-relay payload-compression packet-by-packet command is entered under the subinterface. [CSCdj49344]
- On the Cisco AS5200 platform, a group of four ports may stop processing PPP packets on the interface. You can identify this problem by looking for a group of four contiguous ports that have a much higher volume of calls than the other ports on the Cisco AS5200. Currently, the only workaround is to reload the router. The port modems should be busied out until the router can be reloaded. [CSCdj51974]
- With BVI used to route 802.2, the input queue counters might increment to the limit and then the BVI interface wedges until the router is reset. One possible workaround is to set the values high enough that the router stays up until it can be reset. [CSCdj68273]
- When IRB is enabled, the BVI interface may not overwrite the real incoming interface in the ARP response, so an incomplete ARP entry is installed and "wrong cable" is listed in the debug arp output. [CSCdj68785]
- The "%LINK-3-TOOBIG: Interface Lex1, Output packet size of= 1520 bytes too big" error occurred on a Cisco 4500 router after upgrading to Cisco IOS Release 11.2(9). [CSCdj69018]
- On a Cisco AS5100, the "%CIRRUS-3-SETCHAN: Serial3: setchan called in CD2430 interrupt context" error continuously appeared on the console. Users were still able to call into and connect with the router but performance was significantly impacted. [CSCdj69387]
- A spurious memory access can occur when switching from flow switching to process switching using the no ip route-cache command and then back to flow switching using the ip route-cache flow command. [CSCdj08350]
- A routing node is removed from the IP cache Radix tree and then the buffer is freed, but somehow it can still be traversed from the treetop and cause a crash (access after free). [CSCdj17314]
- A crash occurred because of a memory leak. Output from the show memory command shows "IP Input" and "Pool Manager" holding onto memory. [CSCdj23080]
- Currently all packets denied by an access list are sent to the process level to generate an ICMP administratively prohibited message. Some of these packets are dropped because Cisco routers limit ICMP generation to two packets per second. This behavior results in excessive CPU load. [CSCdj35407]
- In some instances, a configured BGP router ID is not used after the router reloads. Instead, the router uses the highest IP interface address as its router ID, until the clear ip bgp command is executed.
- A workaround is to configure a loopback on the interface whose address is greater than any other address on the router. [CSCdj37962]
- If two routing protocols with mutual redistribution cause a routing loop, it is possible that the loop will remain even after updates have been filtered. The problem usually occurs after a clear ip route * command is issued after applying the filters. If the routes are allowed to age out the normal way, the problem does not occur. If OSPF is running, the workaround is to issue the clear ip ospf redistribution command. [CSCdj38397]
- When attempting to set the ipNetToMediaType value with SNMP, the following error is returned and the value is not set:
snmpset: The value given has incorrect type or length. [CSCdj43710]
- In the presence of a large number of subnets, a CPUHOG message similar to the following may be generated:
%SYS-3-CPUHOG: Task ran for 2608 msec (73/65), Process = BGP scanner, PC = 176388
- [CSCdj45966]
- Manual summarization with EIGRP does not work correctly. A summary route does not get advertised but one or more of the more specific routes do. [CSCdj46525]
- A router is crashing in GRE fast-switching routines without any changes in topology or configuration. [CSCdj50361]
- RIP might cause a "SYS-3-CPUHOG" message. [CSCdj51693]
- Remote routers connected to a Cisco 7513 used as hub Frame Relay router cannot see the IPX servers local to the Cisco 7513. The Cisco 7513 reloaded afterwards. [CSCdj54367]
- A Cisco 7000 series router running Cisco IOS Release 11.2(9) crashes in dual_rtupdate. [CSCdj54728]
- Under certain conditions, an LS type 5 is not generated by the ABR in response to a received LS type 7. [CSCdj55301]
- A router may crash when configured with a very large IP accounting threshold. A workaround is to configure a small threshold or to leave it at the default. [CSCdj55512]
- With certain route-map configurations or a soft-reconfiguration, the LOCAL_PREF for a path may be set to zero, resulting in the wrong path being selected. [CSCdj55839]
- A problem occurs when a third EIP6 is added to a Cisco 7000 series already running EIGRP on two EIP6s, a TRIP4 and an FIP in an EIGRP topology. In the EIGRP routing topology, some of the networks that connect to the existing Ethernet interfaces may be lost. The IP routing table still shows the routes but not all connected networks are advertised in EIGRP. A workaround is to issue the redistribute connected command. [CSCdj57362]
- Under rare circumstances, a BGP router sends BGP updates with a duplicate community attribute, which triggers the neighbor reset. [CSCdj64103]
- EIGRP topology entries from the redistribution of connected routes where EIGRP is already running natively may not clear when the interface goes down. [CSCdj68388]
- When an interface is configured to send RIP V1 packets while running RIP V2, the router sends out corrupt packets. V2 packets are not effected. There is no known workaround. [CSCdj69026]
- If secondary addresses are configured on an unnumbered interface, the interface routes corresponding to these addresses are not advertised in IS-IS. A workaround is to number the interface. [CSCdi60673]
- A crash was caused by an AVL node that was freed but was still accessed during tree traversing. This problem is a result of the node being deleted and freed in the middle of tree walk. This is an IS-IS (using AVL tree) specific problem. [CSCdj18685]
- A dynamically discovered CLNS route does not overwrite a static CLNS route pointing to a down interface. As a workaround, remove the static route definition from the configuration and issue the clear clns route command. [CSCdj31228]
- LAT services are not available on the router when IRB is enabled. [CSCdj52841]
- A Cisco 4700 router may report intermittent "SYS-2-LINKED" error messages even though there is no memory shortage. [CSCdi52327]
- When running DLSw+ over Ethernet, the router transmits corrupted frames on retransmission. The retransmission occurs on receipt of a REJ frame from the end station or if an acknowledgement of the frame is not received within the LLC2 T1 timeout. [CSCdi52934]
- Timers are not cleaned up properly in LLC2. This may result in crashes when RSRB local acknowledgment is used under a high load. [CSCdj42474]
- NetView Service Point acquires but does not free VTY lines. The only way to recover the VTY lines is by using the clear line command. [CSCdi51685]
- A memory leak can occur that is related to the traffic rate and the TCP process. This leak is difficult to reproduce, but can be identified by an input queue wedge on a router configured for RSRB with TCP encapsulation. The output of a show buffer command indicates memory errors. Other symptoms include small buffers being created but not trimmed, and explorers being received with a wrong SNAP type value. [CSCdi54739]
- Only the Cisco 7500 series running encryption over VIP interfaces is affected by this problem.
- RSP software based encryption does not work when encrypted traffic is flowing over any Cisco 7500 series VIP interface. Customers with VIP2-40 or higher interfaces need to run VIP distributed encryption. There is no workaround for other VIP2 models other than using an older non-VIP interface. [CSCdi74884]
- Packets may become stuck in the input queue of the destination interface if traffic sent over a GRE tunnel is encrypted. The packets become stuck in the input queue when the encrypted session between the peer routers is not established. The not established condition exists when traffic to be encrypted first begins flowing and also when the encrypted session time duration expires. The impact of this caveat can be lessened by configuring the encrypted session timeout to be substantially longer than the 30 minute default with the crypto key-timeout minutes command. [CSCdi90177]
- When a no shut command is issued on the ISDN interface, and logging and logging trap is configured, the router crashes. [CSCdj05365]
- If a CIP TN3270 PU is configured to connect from the host to the CIP via NCP, the link may fail. The workaround is to configure the CIP TN3270 PUs as connecting at the host. [CSCdj07152]
- Configuring both ISL and Multilink Multichassis PPP can cause a memory consistency check failure. The failure may lead to a software forced crash after a few calls have been received. [CSCdj22189]
- Under rare circumstances, the Cisco AS5200 may issue the "%SYS-3-BADMAGIC: Corrupt block at 20000000 (magic xxxxxxxx)" message and crash with a software forced crash. There is no workaround at this time. [CSCdj22429]
- HSRP can raise the CPU while the peer HSRP router is reloaded. The problem occurs when there is more than one HSRP group and the two peer routers have many HSRP peers. This caveat addresses HSRP scalability. The workaround is to reduce the HSPP groups, and/or increase the HSRP hello and hold time. Another symptom is that the interface resets go up until HSRP is stabilized. [CSCdj29595]
- An AppleTalk packet traveling through RSM from one VLAN to another receives an improper 802.3 packet length. This affects other network devices that use this field. [CSCdj36862]
- A router running encryption may show "%ALIGN-3-SPURIOUS: Spurious memory access made at 0x60825E" messages. This means that the router had to access from memory twice in order to execute an instruction. It does not affect the connectivity operation of the router. At this time, the CPU overhead has been minimal. [CSCdj43491]
- A Cisco 7513 running Cisco IOS Release 11.2(9)P with a channelized E1 card and channel-group configured has a problem when a 40-bit crypto session is configured. When the crypto session from the Cisco 7513 side is started, the session is set up fine. However, the interface link protocol will go up and down. The only way to recover is to remove the channel-group and add it back on without crypto configuration [CSCdj50970]
- A Cisco 3620 router restarts after a software-forced crash at PC 0x60198F78. The decoded stack indicates memory corruption. [CSCdj51896]
- BOOTP/DHCP fails when attempted over an encryption session between routers if the BOOTP/DHCP traffic will be encrypted by matching the access list. This failure also affects any packets that are forwarded by the ip helper address command, such as Windows 95 Netbios over TCP/IP. The workaround is to adjust the access list so that these packets are not encrypted. [CSCdj54355]
- A router crashed after adding a new crypto link. [CSCdj60818]
- RBE from RSP2 to Cisco 4000 over Frame Relay subinterfaces fails. Other combinations do not fail. [CSCdj65337]
- Adding XNS back into a router's configuration after it has been removed may cause a system to restart by bus error. This may only be a one-time event if it occurs at all. [CSCdj16694]
- When using IPX-EIGRP over ISDN with floating static routes, there may be a short delay (about 10 seconds) before the application is able to get through. [CSCdj38031]
- Before a floating static route is installed, a waiting period is observed when the network is down and unreachable. If IPX watchdogs or SPX keepalives arrive during this time, they will be dropped, leading to session timeouts. [CSCdj50629]
- A problem occurs when using a floating static route across an ISDN link and IPX EIGRP is the primary dynamic routing protocol. When the link goes down, the EIGRP route is installed but after the floating static is configured and the line goes down and then back up there is no route to that network. The EIGRP route is received but never fully installed because of what seems to be incomplete removal of the floating static route. [CSCdj52947]
- Under rare circumstances, a router reload may occur while running TCP to X.25 protocol translation. [CSCdj23230]
- The AIP cannot be configured to issue idle cells instead of unassigned cells. [CSCdi48069]
- When traffic prioritization is configured on a Frame Relay interface with the command frame-relay priority-dlci-group, the command no fair-queuing should be also configured on the serial interface to achieve effective traffic prioritization.
- See associated caveat CSCdi52882. [CSCdi52067]
- When configuring PVCs on the AIP, you may observe a failure to create more PVCs when the number of VCCs configured is significantly below the maximum allowed. This failure occurs when the number of VPI values used exceeds a limit. The messages that occur because of this type of failure include the following:
%AIP-3-AIPREJCMD: Interface ATM5/0, AIP driver rejected Setup VC command (error code 0x0008)
%ATM-3-FAILCREATEVC: ATM failed to create VC(VCD=1500, VPI=10, VCI=257) on Interface ATM5/0, (Cause of the failure: Failed to have the driver to accept the VC)
- The limit to the number of VPI values used depends on the configuration of the vc-per-vp configuration parameter. When vc-per-vp is 1024 (the default), 33 VPI values can be used. To work around this limitation, implement the atm vc-per-vp command on the particular ATM interface, which lowers the number of VCs per VP. This results in a corresponding increase in the number of VPI values that can be used. [CSCdi67839]
- ARP replies are not sent over a PPP multilink interface. As a workaround, you can configure a static ARP on the remote device or disable PPP multilink. [CSCdi88185]
- ISDN leased-line does not come up after a reload on a Cisco 3600 series router. [CSCdj03228]
- A problem has been observed on a Cisco 3640 router running Cisco IOS Release11.1(8) with an 8-port MultiBRI with built-in NT-1 module. Upon power up, the user is unable to use the BRI interfaces. These interfaces report not receiving TEI or EID information from the local switch. The local switch is an AT&T 5ESS emulating NI-1.
- A workaround is to disconnect and reconnect every BRI interface once the router is fully operational.
- This problem seems to be related to CSCdj04241. [CSCdj04625]
- Configuring STUN peers on a DLSw network causes the DLSw peers to disconnect.The debug on DLSw shows a "DLSw: keepalive failure for peer on interface Serial" message. The STUN process looks like it is intercepting the DLSw keepalives. [CSCdj08875]
- When using DLCI prioritization on a point-to-point Frame Relay subinterface and one of the DLCIs fails, the subinterface may bounce once or continually during LMI full status reports, depending on whether LMI reports the DLCI as being DELETED or INACTIVE. This behavior is the same for every DLCI defined in the priority-dlci-group.
- During normal behavior, the point-to-point subinterface should go down when the primary DLCI fails. If a secondary DLCI fails, the subinterface stays up, but traffic destined for that DLCI only will fail. [CSCdj11056]
- Dynamic DLCI mappings may inadvertently remain mapped after switched virtual circuit teardown, as can be seen using the command show frame-relay map. [CSCdj11851]
- In some circumstances, the system may reload when using the dialer hold queue.
- As a workaround, configure the no dialer hold-queue command. [CSCdj12397]
- Intermittent ping failure may occur when pinging over a DDR interface using LAPD encapsulation. There is no workaround [CSCdj20072]
- Frame Relay SVC calls may give the following Traceback message:
%SYS-2-LINKED: Bad enqueue of 8F3288 in queue 9570C8
-Process= "LAPF Input", ipl= 6, pid= 36
-Traceback= EBE30 EAA88 4A73B4 4A8E10
- [CSCdj29721]
- Back-to-back branch instructions can cause unpredictable things to happen with the MIPS processor. When one was found in the no_throttling() function, a nop was inserted to avoid possible problems. [CSCdj29854]
- In the ISDN Layer2, Layer3, and management entity tasks, memory pointers become invalid. The problem results from a race condition between tasks when memory is freed in one task and then another task attempts to access this now invalid pointer. This scenario has been seen only on ISDN BRI platforms in which a number of the BRI interfaces experience persistent deactivation causing the management entity to be shut down. Add validmem_complete() checks before accessing or freeing pkt, pkg, or primitive pointers. [CSCdj40403]
- A problem occurs when memory is low and someone executes a show isdn history command. [CSCdj46541]
- When the ip tcp header-compression and ppp multilink commands are configured together on the same interface, the router may crash.
- The workaround is to remove the ip tcp header-compression or ppp multilink commands. [CSCdj53093]
- Multilink will only bring one link when used as backup on a DDR interface although dialer-load threshold is configured. To work around this problem, configure the no ppp multilink command. [CSCdj56109]
- A problem has been identified with traffic shaping on the Cisco 4500 ATM NIMs. [CSCdj56673]
- Under rare conditions, an RSP4 may reload when an FSIP with active HDLC encapsulation interfaces is in use. [CSCdj57591]
- A Cisco 7500 series router with an AIP running Cisco IOS Release 11.2(6) might give out the following error messages:
atm_parse_packet(ATM2/0):Invalid VC(0) received, type=A2D2
atm_parse_packet(ATM2/0):Invalid VC(0) received, type=A2D2
atm_parse_packet(ATM2/0):Invalid VC(0) received, type=A2D2
- In addition, the input errors displayed by the show interface atm command increase.
- This problem seems to occur only with Release 11.2(6). The workaround is to downgrade to Release 11.2(4) [CSCdj57704]
- When configuring map-class frame-relay BC committed-burst-size, the system may encounter a CPU exception with reason = EXEC_ADERR(1200) and restart.
- There is no workaround for this intermittent problem. [CSCdj62139]
- When using Frame Relay SVCs, Cisco IOS Software appears to not include the magnitude parameters for Be and Bc on the SVC CONNECT message. It only includes them in the SETUP message. The SVC circuits are on S4/0 for both routers. Without the magnitude parameters, the biggest value Bc and Be can be is approximately 130 Kb. There is no known workaround. [CSCdj63173]
- Some Windows 95 dial sessions that use script files do not connect to an asynchronous interface on Cisco access servers. [CSCdj63311]
- A Frame Relay interface configured for ANSI LMI will acknowledge a Cisco LMI update when the router should ignore it. [CSCdj64207]
- A Cisco LS1010 may not be able to establish an SVC when acting as an RFC1577 ARP client. Debugs reveal "Quality of Service Unavailable." [CSCdj64327]
- The map-class commands frame-relay bc out and frame-relay be out are accepted by the Enterprise image. These parameters are relevant for SVC setup. However, the traffic shaping code does not use them. As a result, the values appear to be unset. This behavior can be avoided by using the commands frame-relay bc number and frame-relay be number. [CSCdj65624]
- When running LAPB over a DDR interface with dialer hold-queue configured, a traceback error message is generated when dialing out and the call connects. The traceback is not catastrophic but indicates a 20-byte memory leak on every dial attempt. As a workaround, configure the no dialer hold-queue command on the DDR interface. [CSCdj65756]
- The router may reload when booting up an image from a saved X.25 routing configuration. This problem was introduced in Release 11.2(10.1). [CSCdj67115]
- When the system is reducing its rate in response to the receipt of BEcNS, the reduction may not be predictable. Rate adjustments are made once per interval if any number of BECNs were received during that interval. [CSCdj67297]
- Configuring a PVC via the frame-relay interface-dlci command on multipoint subinterfaces causes a system reload if the PVC was previously learned via inverse ARP. [CSCdj67510]
- A BRI interface may lose a TEI after it is reset. The router fails to request a second TEI after the reset. If the BRI is reset a second time, the router regains both of the TEIs. [CSCdj69824]
This section describes possibly unexpected behavior by Cisco IOS Release 11.2(10a)P1. Unless otherwise noted, these caveats apply to Release 11.2 up to and including 11.2(10a)P1. The caveats listed here describe only the serious problems. For the complete list of caveats against Release 11.2, use the Documentation CD-ROM or access CCO as described in the section "Cisco Connection Online" later in this document.
- When using ARAP 2.1 on routers running Cisco IOS Release 11.2, the client connects, the authentication negotiates, and then the connection drops with a message indicating that the server called is not a valid remote access server. As a workaround, use Cisco IOS Release 11.1, which works with both ARAP 2.0.1 and 2.1. [CSCdi91670]
- When using the ARAP client 2.1, the user is not able to dial in to an AS5200 with Cisco IOS Release 11.1 if the AS5200 has autoselect configured.
- To work around this problem, do one of the following:
- - Remove autoselect and use ARAP dedicated.
- - Use the ARAP 2.0.1 client instead.
- - Turn on MNP10 on the ARAP 2.1 client.
- - Modify the client CCL script to extend the pause to 3 seconds before exiting. [CSCdj09817]
- The router might reload when trying to process the show accounting command. [CSCdi69364]
- The show stacks command fails to report the correct version of code running at the time of the last reload. This problem occurs when the Flash version of the Cisco IOS software does not match the running version of code. [CSCdi74380]
- Fast switching and optimum switching counters should be broken out separately in the output of the show interface switching command. [CSCdi87008]
- Traffic shaping is not currently supported over tunnels of any type or switching mode. The feature is currently under development. [CSCdi88997]
- If the map-list command is configured, issuing the show running command may cause the router to crash if the "Last configuration change at..." informational string exceeds a total length of 80 characters. [CSCdj13986]
- When a router is configured with the command ip identd and with aaa authentication login default tacacs+ enable the router will reload itself under these conditions:
- - The router is resolving host names via an external DNS server.
- - The TACACS server is down.
- - The user gains access to the router via the backup "enable" method.
- - The user attempts to Telnet from the router to a host on the network.
- After the Telnet is initiated, the router will immediately reload.
- The workaround for this problem is to not configure the ip identd command or to disable the identd process with the global command no ip identd (which is the default). [CSCdj19961]
-
- Boot Flash devices are not recognized when formatting boot Flash type A7, A6, or AA.
- To run type A7, A6, or AA boot Flash devices and use images prior to this bug fix, format boot Flash with an image containing this bug fix. Then load an older image onto the newly formatted boot Flash SIMM. [CSCdj20651]
- An EXEC prompt does not appear until the TCP connection for accounting EXEC is sent and acknowledged. Accounting EXEC acts like wait-start, although start-stop is configured. [CSCdj27123]
- The tacacs-server directed-request restricted command only applies to authentication, not to accounting or authorization. Therefore, there is no way to restrict a user's authorization or accounting to a given set of servers, which can lead to inconsistencies. For example, authentication for a directed user can be attempted only on the restricted servers, whereas authorization or accounting can be attempted on nonrestricted servers also. This inconsistency can cause authentication to pass while authorization fails for a specific user. [CSCdj37496]
- The dlsw remote-peer frame-relay interface serial command does not work on a point-to-point subinterface. The workaround is to use multipoint and to do LLC mapping. [CSCdi55085]
- A bus error occurred at PC0x169a46. The stack trace indicates a problem in the LNX process. This problem occurs on X.25. [CSCdi73516]
- This caveat fixed an unimplemented trap, cipCardLinkFailure by deprecating it and implementing a new trap cipCardDtrBrdLinkFailure. Use the snmp-server enable traps channel-failures command to enable this new trap. [CSCdj32297]
- An APPN router may crash during an SNMP access to the APPN MIB. This problem only occurs after an unused APPN node is garbage collected. The crash has the following stack trace:
System was restarted by bus error at PC 0x8B5902, address 0x4AFC4AFC PC: process_snmp_trs_tg_inc
0x8B5CAC:_process_ms_data_req_trs(0x8b5aaa)+0x202 0x87E5FE:_xxxtos00(0x87d6b0)+0xf4e 0x180E5C:_process_hari_kari(0x180e5c)+0x0 [CSCdj36824]
- When testing FRAS BAN for SDLC attached PU 2.1 and PU 2.0 and using RSRB backup over PSTN, the PUs failed to connect after the Frame Relay interface was brought back up after a link failure.
- The output of the show fras command showed ls-reset backup enabled. In order to reconnect the PUs, the fras backup rsrb statement had to be removed or the serial interfaces configuration had to be deleted and then readded. [CSCdj39306]
- When RSRB with TCP encapsulation is configured with priority peers and some of the priority peers are closed/dead, an explorer packet may continuously try to open the closed/dead priority peer. After several tries, the router may crash with memory corruption. [CSCdj47493]
- Normal non-extended unbind (0x3201) was extended with corrupted information which caused rejection by the host. As far as the host is concerned, the session is still active. A user cannot clean up this session without bringing down the link. [CSCdj50581]
- On an RSP router, the "%CBUS-3-CTRUCHECK" error message is displayed and the Token Ring interface resets. To correct this problem, upgrade to RSP TRIP Microcode Version 20.1. [CSCdi74639]
- Under certain conditions, a memory leak may cause a router to reset if the bridge-group virtual interfaces for the new integrated routing and bridging (IRB) feature are not configured correctly.
- A workaround is to ensure that there are no bridge-group virtual interfaces configured for logical/physical router interfaces that do not exist. [CSCdj02283]
- When adding or removing a subinterface to a Frame Relay interface, all DLCIs are brought down until the Frame Relay switch sends the PVC information again. The whole interface will be reset when a user tries to add the ip address command. A workaround for part of the problem is to turn off CDP globally or on individual interfaces. In this case, the user can turn off CDP on the serial interface before adding or removing subinterfaces. CSCdj02488 (integrated into Cisco IOS Release 11.1(11) and 11.2(5.1)) fixed the rest of the problem.[CSCdj07291]
- The error "%CBUS-3-CTRUCHECK: Unit 0, Microcode Check Error" occurs on Token Ring interfaces, causing the interface to reset. [CSCdj08654]
- The pos specify-s1s0 and pos specify-c2 POS interface specific configuration commands do not work correctly. [CSCdj25166]
- A "System restarted by bus error at PC 0x4262AA, address 0xFFFFFFFC" message may be received when the frame-relay payload-compression packet-by-packet command is entered under the subinterface. [CSCdj49344]
- Compression for HDLC encapsulated bridging only payload compresses Spanning Protocol packets. Actual bridged packets are forwarded with their payloads uncompressed. Prior to this release, bridged packets may have had their MAC addresses corrupted if STAC compression was enabled with HDLC encapsulation. [CSCdj50894]]
- On the Cisco AS5200 platform, a group of four ports may stop processing PPP packets on the interface. You can identify this problem by looking for a group of four contiguous ports that have a much higher volume of calls than the other ports on the AS5200. Currently, the only workaround is to reload the router. The port modems should be busied out until the router can be reloaded. [CSCdj51974]
- With IRB configured on the router, IPX clients cannot log into services on a bridged interface. Removing the IPX routing from the BVI fixes the bridged interface but you will lose the routing. At this time, this feature is not supported. [CSCdj54050]
- If you are doing IRB with RFC1483 PVCs, you may see certain IP anomalies such as ARP resolution not working or the ARP resolutions take place yet you cannot ping the neighboring device. [CSCdj54558]
- If the summary-address statement is removed on a remote router that advertises summary-address routes on only one path, then the core router sees both equal cost paths. This problem occurs on OSPF with NSSA. [CSCdj38067]
- If two routing protocols with mutual redistribution cause a routing loop, it is possible that the loop will remain even after updates have been filtered. The problem usually occurs after a clear ip route * command is issued after applying the filters. If the routes are allowed to age out the normal way, the problem does not occur. If OSPF is running, the workaround is to issue the clear ip ospf redistribution command. [CSCdj38397]
- When attempting to set the ipNetToMediaType value with SNMP the following error is returned and the value is not set:
snmpset: The value given has incorrect type or length. [CSCdj43710]
- In the presence of a large number of subnets, a CPUHOG message like the following may be generated:
%SYS-3-CPUHOG: Task ran for 2608 msec (73/65), Process = BGP scanner, PC = 176388
- [CSCdj45966]
- Manual summarization with EIGRP does not work correctly. A summary route does not get advertised but one or more of the more specific routes do. [CSCdj46525]
- Under certain conditions, an LS type 5 is not generated by the ABR in response to a received LS type 7. [CSCdj55301]
- The router's internal address is advertised as a host route instead of a network in the router's LSA. A host route is represented as a Type 3 link (Stub Network) whose link ID is the host's IP address and whose link data is the mask of all ones (0xffffffff). This host route is advertised into all OSPF areas. [CSCdj56079]
- A problem will be caused by entering the ipx router command followed at anytime by a no ipx router command. The effects can be anything from to a steady memory leak, to unexpected router behavior to (as in this case) a router crash. This problem affects all routers. As a workaround, cycle power on the router after a no ipx router command is issued. [CSCdj51185]
- If secondary addresses are configured on an unnumbered interface, the interface routes corresponding to these addresses are not advertised in IS-IS. A workaround is to number the interface. [CSCdi60673]
- A crash was caused by an AVL node that was freed but was still accessed during tree traversing. This problem was a result of the node being deleted and freed in the middle of tree walk. This is an IS-IS (using AVL tree) specific problem. [CSCdj18685]
- LAT services are not available on the router when IRB is enabled. [CSCdj52841]
- Adding XNS back into a router's configuration after it has been removed may cause a system to restart by bus error. This may only be a one-time event if it occurs at all. [CSCdj16694]
- When using IPX-EIGRP over ISDN with floating static routes, there may be a short delay (about 10 seconds) before the application is able to get through. 1[CSCdj38031]
- Before a floating static route is installed, a waiting period is observed when the network is down and unreachable. If IPX watchdogs or SPX keepalives arrive during this time, they will be dropped, leading to session timeouts. [CSCdj50629]
- A direct broadcast with a physical-broadcast destination MAC address is not forwarded to helper address over ATM/LANE interfaces. [CSCdj51378]
- TN3270 keymaps with three keystrokes defined for a TN3270 key will append the last character to the screen. The cursor will then move to the next cursor position on the screen. [CSCdj51702]
- The AIP cannot be configured to issue idle cells instead of unassigned cells. [CSCdi48069]
- When traffic prioritization is configured on a Frame Relay interface with the command frame-relay priority-dlci-group, the command no fair-queuing should also be configured on the serial interface to achieve effective traffic prioritization. [CSCdi52067]
- When configuring PVCs on the AIP, you may observe a failure to create more PVCs when the number of VCCs configured is significantly below the maximum allowed. This failure occurs when the number of VPI values used exceeds a limit. The messages that occur because of this type of failure include the following:
%AIP-3-AIPREJCMD: Interface ATM5/0, AIP driver rejected Setup VC command (error code 0x0008)
%ATM-3-FAILCREATEVC: ATM failed to create VC(VCD=1500, VPI=10, VCI=257) on Interface ATM5/0, (Cause of the failure: Failed to have the driver to accept the VC)
- The limit to the number of VPI values used depends on the configuration of the vc-per-vp configuration parameter. When vc-per-vp is 1024 (the default), 33 VPI values can be used. To work around this limitation, implement the atm vc-per-vp command on the particular ATM interface, which lowers the number of VCs per VP. This results in a corresponding increase in the number of VPI values that can be used. [CSCdi67839]
- When using DLCI prioritization on a point-to-point Frame Relay subinterface and one of the DLCIs fail, the subinterface may bounce once or continually bounce during LMI full status reports, depending on whether LMI reports the DLCI as being DELETED or INACTIVE. This behavior is the same for every DLCI defined in the priority-dlci-group.
- During normal behavior, the point-to-point subinterface should go down when the primary DLCI fails. If a secondary DLCI fails, the subinterface stays up, but traffic destined for that DLCI only will fail. [CSCdj11056]
- Types of serial and ISDN B-channels using MPPP over dialer profiles leads to situations where serial joins and leaves bundle ad infinitum. [CSCdj18693]
- When the dialer rotary-group command is entered on an interface that has ongoing calls, a crash may occur.
- As a workaround bring down all ongoing calls by disconnecting or shutting down the interface and then adding the dialer rotary-group command. [CSCdj35360]
-
-
-
-
-
Cisco Connection Online (CCO) is Cisco Systems' primary, real-time support channel. Maintenance customers and partners can self-register on CCO to obtain additional information and services.
Available 24 hours a day, 7 days a week, CCO provides a wealth of standard and value-added services to Cisco's customers and business partners. CCO services include product information, product documentation, software updates, release notes, technical tips, the Bug Navigator, configuration notes, brochures, descriptions of service offerings, and download access to public and authorized files.
CCO serves a wide variety of users through two interfaces that are updated and enhanced simultaneously: a character-based version and a multimedia version that resides on the World Wide Web (WWW). The character-based CCO supports Zmodem, Kermit, Xmodem, FTP, and Internet e-mail, and it is excellent for quick access to information over lower bandwidths. The WWW version of CCO provides richly formatted documents with photographs, figures, graphics, and video, as well as hyperlinks to related information.
You can access CCO in the following ways:
- WWW: http://www.cisco.com
- WWW: http://www-europe.cisco.com
- WWW: http://www-china.cisco.com
- Telnet: cco.cisco.com
- Modem: From North America, 408 526-8070; from Europe, 33 1 64 46 40 82. Use the following terminal settings: VT100 emulation; databits: 8; parity: none; stop bits: 1; and connection rates up to 28.8 kbps.
For a copy of CCO's Frequently Asked Questions (FAQ), contact cco-help@cisco.com. For additional information, contact cco-team@cisco.com.
Note If you are a network administrator and need personal technical assistance with a Cisco product that is under warranty or covered by a maintenance contract, contact Cisco's Technical Assistance Center (TAC) at 800 553-2447, 408 526-7209, or tac@cisco.com. To obtain general information about Cisco Systems, Cisco products, or upgrades, contact 800 553-6387, 408 526-7208, or cs-rep@cisco.com.
Cisco documentation and additional literature are available in a CD-ROM, which ships with your product. The Documentation CD-ROM, a member of the Cisco Connection Family, is updated monthly. Therefore, it might be more up to date than printed documentation. To order additional copies of the Documentation CD-ROM, contact your local sales representative or call customer service. The CD-ROM is available as a single unit or as an annual subscription. You can also access Cisco documentation on the World Wide Web at http://www.cisco.com, http://www-china.cisco.com, or http://www-europe.cisco.com.
