This section describes possibly unexpected behavior by Release 11.3(1). Unless otherwise noted, these caveats apply to all 11.3 releases up to and including 11.3(1).
Configuring appletalk on a D channel will bring down all B channels. Perform ping operations -- ping itself to bring up the B channels. [CSCdi59892]
When using ARAP 2.1 on routers running Cisco IOS Release 11.2, the client connects, the authentication negotiates, and then the connection drops with a message indicating that the server called is not a valid remote access server. As a workaround, use Cisco IOS Release 11.1, which works with both ARAP 2.0.1 and 2.1. [CSCdi91670]
IPTALK is completely broken in 11.2 due to the fact that llap header is missing in all iptalk packets. There is no work around. [CSCdj50179]
IPTALK interface will not come up after reboot if the order of tunnel interface precedes its physical interface (e.g, ethernet, serial, etc.). The symptom is that the iptalk command from tunnel interface disappears after reboot. There is no work around. [CSCdj58363]
A Catalyst 5000 RSM with only 16 MB of RAM may experience a system reload at initialization if running the -jsv image. The workaround is to add more memory. [CSCdj63501]
If you issue a boot system command to boot a Cisco 7000 router image on a Cisco 7500, the router reboots forever, reporting a "bad file magic number" each time. [CSCdi52921]
This does not affect any operations of the router, only the display of certain buffering information. If a particular buffer is thought to be of interest, the problem can be worked-around by inspecting the particular buffer in more detail, for example, via the show buffer address header command. [CSCdi59394]
The size of a write-protected 20Mb flash card is misreported in the output of show version as 16Mb. The size is reported correctly for flash cards that do not have the write-protect tab set to write-protect the card. [CSCdi61561]
"show cdp neighbor detail" command doesn't show network addresses of ISDN neighbors. [CSCdi63804]
The router might reload when trying to process the show accounting command. [CSCdi69364]
The show stacks command fails to report the correct version of code running at the time of the last reload. This problem occurs when the Flash version of the Cisco IOS software does not match the running version of code. [CSCdi74380]
"show memory " can cause an RSP4 to reload if an invalid address is specified. [CSCdi78714]
Tacacs+ Network accounting packets for SLIP session have some cosmetic issues, the most serious of which is that "protocol=ip" is missing (although this is certainly implied by the fact that it's SLIP!) [CSCdi78663]
Adding an RSRB peer with direct encapsulation on a Cisco 7000 router configured with CSNA causes a "%RSP-3-RESTART: cbus complex restart" message and takes down the CIP interface. [CSCdi82836]
RSP is only fast switching LANE encapsulation instead of optimum switching. [CSCdi85912]
Concurrent pings started via the Cisco Ping MIB were subject to having their messages mixed due to using the same message ID sequence. Although not observed this could also happen with pings started with the ping command. This problem was fixed by using a random number as the base for the message ID in both situations. [CSCdi84475]
Sometimes a memory leak that consumes I/O memory can be triggered in the pool manager. [CSCdi90521]
Enabling weighted fair queueing (WFQ) may cause excessive output drops when explicitly configured on Ethernet interfaces. Note that WFQ defaults to 'ON' only on serial links with visible bandwidths of 2.048Mbps or less. The workaround is to disable WFQ on the Ethernet interfaces. [CSCdj12187]
CSCdj12951:Need better crash information to debug data/stack corruption crashes
SOLUTION: Write crash information to default bootflash:crashinfo in RSP and flash:crashinfo in RP. A series of "test crash" command selections are used to control and change the crashinfo collection mechanism.
The crash information contains: . up to 32 KB in RSP of errmsg log plus command history including config commands that user enters or "copy". In RP, it is 20 KB . contains up to 32 KB on RSP and 20 KB on RP for all the following informatrion . crash stack trace . crash context . stack dump at crash . dump memory for each register containing "valid" RAM address . add errmsg display on invalid length of bcopy . add two commands to "test crash" . "sh stack" will display ("cat" as in UNIX) the bootflash:crashinfo file if there was a crash. User can also do "copy flash tftp" to dump the ASCII file bootflash/flash:crashinfo to server. . the size is 16 KB of errmsg/command plus up to 16 KB of memory dump and other crash information. There is one 16 KB DRAM declared for this crash information collection mechanism. . Only c7000 and RSP are activated with new crashinfo mechanism and the 16 KB. 4500 and others will see no difference. . memory dump on malloc/free trace [CSCdj12951]
IP/IPX ping only partially go through on ATM interface for packet size larger than 4500 bytes on c7000 and gs7 images. [CSCdj13978]
If a 'map list' is configured; the 'show running' command may cause the router to crash if the "Last configuration change at..." informational string exceeds a total length of 80 characters. [CSCdj13986]
Directed-Request user has to use '@' as the delimiter for domain name until this is fixed. [CSCdj14379]
When h/w compression is enabled, packets are normally fastswitched. If the user turns off fastswitching then turns it back on, fastswitching remains disabled.
The workaround is to re-configure compression (ex, "no comp/comp stac"). [CSCdj14601]
Under heavy interrupt load, driver instrumentation gets hit repeatedly while processes are accessing the instrumentation variables (for example, last output time). This causes a number of problems, including stuck output and incorrect user displays. There is no workaround. [CSCdj15583]
Under certain circumstances, the router may experience the following informational messages:
%ALIGN-3-SPURIOUS: Spurious memory access made at 0x602D4280 reading 0x30 %ALIGN-3-SPURIOUS: Spurious memory access made at 0x602D38CC reading 0x16 %ALIGN-3-SPURIOUS: Spurious memory access made at 0x60352800 reading 0x630 %ALIGN-3-SPURIOUS: Spurious memory access made at 0x601779E4 reading 0x648 %ALIGN-3-SPURIOUS: Spurious memory access made at 0x602B3D28 reading 0xC04 [CSCdj18620]
IOS Telnet server pauses when sending data to arbitrary telnet client. [CSCdj19239]
clogHistTableMaxLength, despite being marked by the CISCO-SYSLOG-MIB.my as being a read-write object, is not settable via SNMP. [CSCdj19438]
Changing the privilege level of a command argument also changes the privilege level of the root command. This can have unexpected consequences. The workaround is to always set the root command to the lowest level required as the very last step in configuring privilege levels. [CSCdj19979]
A recovery mechanism for misaligned 64-bit accesses has been added. This new functionality is similar to the current misaligned handler for shorter misaligned accesses. [CSCdj20738]
When telneting into a router, Router may not echo characters back.
Router responds to command fine, but characters are not sent back to telnet source.
No known work-around. [CSCdj22622]
Request is to optimize the MEMD buffer carving on a 7500 with ATM subinterfaces. [CSCdj23678]
The bank number always starts from one in each partition. It should be accumulative and not be relative to each partition. The other incorrect information can't be observed if running from flash. It seems that those information were got when running from network. There is no workaround of the inaccurate bank number. [CSCdj25541]
V.120 calls are being reported as NAS-Port-Type '5' on the 5200 not '3'. [CSCdj27587]
The timeout session command is confusing since the line command session-timeout refers to an idle timeout whereas timeout session refers to an absolute timeout. [CSCdj28770]
None of the syslog messages that IOS issues before the SNMP subsystem is initialized are recorded by the CISCO-SYSLOG-MIB.my. [CSCdj29305]
The following objects in the OLD-CISCO-IP-MIB do not show up when polled via SNMP:
actSrc, actPkts, actViolation, ckactSrc, ckactPkts, and ckactViolation [CSCdj30073]
When the as5200 is confured as a dhcp client proxy, and a broken implementation of dhcp server offers the same ip address for more than on session, we pass it along. We can do a better job at keeping track of what addresses were offered refuse the dupplicate address. This is considered a minor bug since the root of the problem is the implementation of the dhcp server. [CSCdj31231]
The exception address (e.g. parity error address) is not saved by the ROM monitor on some platforms (MIPS and 68360 based). [CSCdj32197]
The write-back view of packet memory is no longer used, and is thus redundant. Additionally the commands test rsp cache memd-optimum-and-flow caching-method and test rsp cache memd-fastswitch caching-method do the same thing. [CSCdj34218]
if an IP fails, the interfaces on it may be removed from the configuration without appropriate notification to protocols running on those interfaces. [CSCdj34427]
eventOwner object in eventTable is allowed to be empty, which forms a wrong event configuration.
Workaraound would be to always explicitly set eventOwner prior to setting row active. [CSCdj34464]
'clear counter' on CLI also clears the SNMP counters in ifTable for the sub-interfaces. [CSCdj35391]
Performing a telnet from the router with TACACS being configured might sometimes cause a router to reload with a bus error. The exact cause is still under investigation.
This problem has only been seen with 11.2 or later IOS releases. [CSCdj36356]
The tacacs-server directed-request restricted command now applies to authentication, authorization, and accounting. When this command is configured and the user tries login with a username, like <username>@<servername> (e.g. john@cisco), the only server tried is the server listed after the '@'. [CSCdj37496]
A prior bug fix in the 11.3 code set broke bridging over ATM. [CSCdj41839]
Configure ntp broadcast with a multicast address will have the system send out ntp packets with ttl 255. [CSCdj42541]
Customer entered:-
no int atm x/x.x int atm x/x.x point-to-point
results in error message:-
% Warning: cannot change link type
Workaround:
int atm x/x.x point-to-point no int atm x/x.x int atm x/x.x point-to-point [CSCdj43221]
If a file is copied to flash via tftp, initiated from a Telnet session and then the Telnet session is terminated before the copy completes, the file can be left in flash as a corrupted file but with no indication that it is bad.
The operator should check that the expected filesize is on the copied file or if the Telnet session was terminated then the file should be assumed to be corrupted and should be copied again. [CSCdj43538]
ifLastChange (defined in IF-MIB.my - rfc1573) must reflect "the value of sysUpTime at the time the interface entered its current operational state". When an E1 interface controller is shutdown, the ifLastChange value is not updated like it should be. [CSCdj44746]
ifLinkUpDownTrapEnable (defined in IF-MIB.my - rfc1573), should have the following behaviour, as documented in the MIB: "Indicates whether linkUp/linkDown traps should be generated for this interface. By default, this object should have the value enabled(1) for interfaces which do not operate on 'top' of any other interface (as defined in the ifStackTable), and disabled(2) otherwise."
Virtual interfaces (and in the case of this bug, interface s0:0) run on 'top' of other interfaces. The expected default behaviour is for this object to be in disabled state. [CSCdj45061]
ifLinkUpDownTrapEnable (defined in IF-MIB.my - rfc1573), should have the following behaviour, as documented in the MIB: "Indicates whether linkUp/linkDown traps should be generated for this interface. By default, this object should have the value enabled(1) for interfaces which do not operate on 'top' of any other interface (as defined in the ifStackTable), and disabled(2) otherwise."
E1 interfaces do not run on 'top' of other interfaces. The expected default behaviour is for this object to be in enabled state. [CSCdj45064]
When a RSP Slave reset occurs, the Slave IPC queue is not reset properly. Symptoms of this issue include IPC Error messages when a user tries to auto sync Master and Slave configurations, issue flash commands, issue the sh stack command, or any other command which uses the IPC system to communicate between the Master and Slave RSP in a dual RSP system.
RSP Slave resets can occur whenever a cbus complex occurs. [CSCdj46324]
router sending out wrong oid for bgp trap (bgpEstablished and bgpBackwardTranstion) this happens on 11.2.x [CSCdj47431]
If there are already active accounting session, when we turn on periodic watchdog accounting (aaa accounting update periodic n), this could result in an error message and a traceback. [CSCdj48480]
When a password is entered with type 7, using username username password 7 password then the password should be check to see if it is a valid encrypted password to prevent regular passwords from being typed. This will avoid confusion. [CSCdj48556]
DHCP packets from Cisco Access Servers do not correctly use the source and giaddr IP addresses as defined in the dialer rotary-group configuration. [CSCdj49380]
CDP will become enabled on PRI B channels after reload even though it has been disabled in saved configuration. Workaround is, after reload, disable CDP on the D channel again, which will be propagated to all B channels. [CSCdj50105]
A bug introduced by CSCdi77395 causes ifPhysAddress to mistakenly return a NoSuchName error for subinterfaces with a NULL ifPhysAddress. The workaround would be to configure :
no snmp-server sparse-tables, so an entry will be returned. [CSCdj50390]
On a 7500 router with HSA, the slave config will not be updated via the first "write mem" or "copy running-config startup-config" command. There is no warning to the user other than the absence of the "[OK]" on the slave console. The slave configuration will be updated on all subsequent "write mem" and "copy run start" commands, so the workaround is to repeat the command. [CSCdj50727]
If a telnet session is originated from a Cisco router and the command is enabled, the IP address of the outgoing interface is used as the source instead of the one from the specified interface. [CSCdj51149]
NTP slave takes a long time so synchronize after the server's clock is manually reset.
Currently the work around (have the clock synchronize in a short time interval) is to deconfigure and reconfigure NTP in the slave system. [CSCdj51376]
Traffic shaping on frame relay will not be enforced unless a session is active at the time traffic shaping is configured.
The only known work-around is to enable shaping during an existing data transfer. [CSCdj52135]
In all versions of IOS, even with aaa authorization commands 1 or 15 on a router, a user can bypass authorization command checks and telnet from a router by simply leaving off the word "telnet" and typing only the IP address of his destination. The router will then use the "preferred" transport method implicitly (which is "telnet" by default) and allow the user to telnet to another device even though this user is explicity denied the ability to issue the "telnet" command on a TACACS+ daemon.
There is a simple workaround and that is to configure "transport preferred none" on any lines (vty or otherwise):
line vty 0 4 transport preferred none line 1 16 transport preferred none [CSCdj54679]
The general problem is the 7500 may not correctly allocate the right number of a packet memory (memd) buffers to some network interfaces. The problem requires a large number of interfaces whose collective bandwidth is high, but their MTU is smaller than another buffer pool.
For example, a problem was found with a 7500 using a large number of fast ethernet and/or ethernet interfaces and one or more FDDI interfaces. The pool of packet memory should have allocated 80% of the memory to the ethernet and fast ethernet interfaces which use an MTU of 1536. The error is it got 20% of the memory, and the lone FDDI interface with MTU 4512 got 80% of packet memory.
The problem occurred with 55 Ethernet, 6 FastEthernet and 1 FDDI network interface. The problem did not occur with fewer interfaces, specifically 36 Ethernet, 5 FastEthernet and 1 FDDI interface.
The problem may show up a high number of input drops on some router interfaces. [CSCdj55428]
If traffic-shaping is configured on some sub-interface and that sub-interface is deleted, traffic-shaping information persists for that sub-interface. [CSCdj56035]
At times, c1000 code will send sntp queries to the next hop along the route, instead of to the address configured in the sntp server statement in the config. [CSCdj56216]
When there is low traffic (less than 1000 bits per second) on an interface, a show interface command may show input and/or output bit rates as 0 bits/sec, even though the packets/sec rate is non-zero. There is no workaround. A display of zero bits/sec implies that an actual transmission rate of less than 1000 bits/second has been truncated. [CSCdj56249]
The input queue may be wedged with ip packets if the exception dump command is configured.
The Known workarounds are: 1)Increase the input queue to 175 ([75]Original Queue amount+[100] per exception dump x.x.x.x cmd) 2)Remove exception dump x.x.x.x command [CSCdj58035]
When frame relay traffic shaping is enabled on a serial interface, disabling and re-enabling weighted fair queuing will cause a system restart. [CSCdj58431]
If a cisco is loaded, radius may miss the last retransmit, due to a timer race condition. [CSCdj58534]
After a user sends a break command to the console, the cont command does not work - it does not restart the running IOS. Instead the system will crash again and drop to the ROMMON prompt. The break command also does not work properly - it may hang, and the ROMMON command stack will report the wrong backtrace.
This bug affects all platforms with MIPS R4700 and R4600 chips, including all RSP-based platforms. [CSCdj58608]
The c36[2,4]0-i-mz.112-9.P images may have problems when they're copied to new (previously unused) intel 4Meg simms the first time. This possible problem is under investigation. Please look at the description for more details. [CSCdj59820]
When OTP is used with CiscoSecure 2.1.X, chap authentication & 'aaa authorization network tacacs+ local', authorization fails with message 'internal info is invalid'. [CSCdj60023]
New cardType assignments need to be made in the OLD-CISCO-CHASSIS-MIB for new cards. [CSCdj61473]
During an abnormal disconnect, The IOS does not pass the DCD information. As a result, the PC application may stay hung.
Below are the suggested methods for clearing the problem if encountered in the field.
i) If a NAS port becomes unavailable due to an abnormal disconnect on a dialout call, a clear line should be issued against the line in question.
ii) To clear the communication application in WIN 95 or WIN 3.11 after an abnormal disconnect, stop the dialout utility and then restart it.
iii) To clear the communication application in WIN NT after an abnormal disconnect, stop the workstation service and then restart it. [CSCdj61765]
If there is heavy traffic going into to a 75XX through VIP2 atm PA, the router might crash or hang if one tried to add/delete elans on the VIP2 card. I have also seen the router crash by itself in a short period of time after the router has booted up even though no elans are added or deleted. The length of time it takes to crash by itself really depends on how many elans are configured on the VIP2 port and how many data vcs through which the router receives the inbound traffic. In the some tests where there are over fifty elans configured on the VIP2 and traffic comes into the VIP2 through sixteen data vcs, I have seen the router crash in less the five minutes by itself. [CSCdj62545]
the console/virtual-terminal exec on 7500 HSA systems may become unresponsive with configurations larger than 128K and service compress-config. the console can lock up on "wr mem" or "copy running" commands, and the configuration nvram can become corrupted and inaccessible. other vtys and packet forwarding and routing operations will continue operating unimpeded while the console or telnet exec is nonresponsive.
a workaround is to store the configuration in flash. for example, "copy running slot0:config" and configure "boot config slot0:config", and "service compress", and "boot buffersize N", where N is at least three times the configuration size in bytes. then the "wr mem" command will work slowly - 10 minutes elapsed time for each 128k block of configuration text.
the method to recover configuration nvram after nvram is corrupted is: send RS232 break to the console of both master and slave. use rommon "confreg" on master and slave to ignore system config. use rommon "reset" command on master & slave and boot a slave-capable image. on the master console, copy good config file from flash or tftp into running-config. turn off the 0x40 bit in the configuration register by using the "sh ver" exec command and the "config-register" configuration command. reload the master. [CSCdj63926]
When router is very highly loaded and traffic-shaping is active on the outgoing interface, it might be possible that LMI control messages get queued in traffic-shaping queues causing LMI protocol to go down. [CSCdj64221]
Symptom:
Customer experienced the following problems with the IOS:
For ISDN we use the username password construct to set up the CHAP PPP passwords.
Now if some one cut's and paste this into a router the encrypted passwords will be followed by spaces (depends on the terminal used and terminal set-ups).
username test password 7 02080B581F031C35
with a space on the end then the password for username test is corrupted and the router will never pass CHAP authentication. This can be tested locally on the router by telnetting to the router's ethernet or loopback and trying the password for test.
Even without encryption if you try test password test With a space at the end then to login as test you have to use "test ". Which means that CHAP authentication won't work because it's expecting the password "test" not "test ".
This fault also effects the enable password
enable password "test " is different from enable password "test"
Workaround:
Advised the customer to input the username password into the config instead of cutting and pasting them into the config. In order to aviod any white spaces in the transfer. [CSCdj64406]
Packets might not be forward correctly and cause problems if fancy queueing (e.g. fair-queue) is enable along with compress service adaptor (CSA). [CSCdj64898]
An unconfigured system may send an inappropriate number of bootp requests after powerup, in an attempt to find a usable ip address for autoconfigure. On boxes with very large numbers of interfaces (ie ISDN PRI or channelized interface) a CPUHOG error may occur. [CSCdj64910]
Sympton: Router crashes when doing a start-chat any vty xx, where vty xx is a line number outside the valid vty line range.
Conditions: No special conditions.
Workaround: Since this command, as stated in the documentation, does not work on vty lines, don't execute the command. [CSCdj66129]
Traffic-shape does not work immediately when queue depth is 64 max. and BECN recieves. To reproduce this, we might need more than 4 queues which means 4 DLCI & sub-interfaces. [CSCdj66480]
When using the virtual-profile feature, no accounting records are sent out for incoming connections, regardless the type of interface the connection is coming in on. [CSCdj66524]
The patch added in CSCdi37706 and incorporated into Cisco IOS Releases 11.2(8.1), 11.2(8.1)P, 11.3(0.2) and 11.2(8.1)BC was intended to correct a cosmetic problem with command authorization.
Instead it exposed a bug in older implementations of the developers kit TACACS+ daemon (freeware) and will cause certain command authorizations to fail.
All freeware daemon versions prior to version 3.0.13 are subject to this problem including the ACE Safeword Security Server daemon. CiscoSecure daemons are not affected. [CSCdj66657]
When a user dials into an AS5200/AS5300 using ISDN, the cpmActiveUserID object in the CISCO-POP-MGMT.mib is not updated and is left blank. [CSCdj66942]
Misusing variables in 'buginf' causes bogus IP address in debugging. [CSCdj67359]
When using radius for authorization only, radius needs to fake an authentication to the radius server in order to get the authorization data. This will fail a sanity check and print an error message.
The workaround is to also do radius authentication. [CSCdj68188]
Software forced crash at PC 0x601CB128 - scheduler called crashdump [CSCdj71624]
telnet tos is saved in hex format instead of decimal. riw [CSCdj73718]
IOS modules calling AAA will not be able to access returned AV-pairs. All but the simplest authentication and authorization will not function properly.
The worst case scenario is that authorization succeeds and some AV-pairs that are normally used to restrict authorization will not be used.
This bug was introduced on 1/8/98 with the fix for CSCdi51915 and was integrated into 11.3(1.2) and 11.2(1.2)T. [CSCdj74723]
The http configurator does not support configuration of submode commands. [CSCdj76992]
atm-lite packets are process switched from ethernet to atm under DECnet. [CSCdj31655]
Using the "show decnet route" command it is not possible to see the next hop interface number if the interface is fast ethernet (not enough width in the "next hop" column). [CSCdj71695]
Config command menu xxxx text X sample-text is not accepted if "X" is an alphabet or string. Parser is only allowing numbers. [CSCdi74863]
When a PPP connection is established between two async peers and VJ header compression has been negotiated as part of the IPCP negotiation, a Telnet connection from one peer to the other could result in a traceback. [CSCdi76186]
The parser allows multiple dialer map snapshot statements per sequence number when configured as the client. Only the first dialer map will be used to dial out. [CSCdi82652]
The maximum length of filenames for the copy rcp and copy tftp is 45 characters. Some users have requested a longer limit, 80 or more characters. [CSCdj02798]
Interface ethernet parser shows incorrect help information. [CSCdj06457]
Debug modem may sometimes display a "funny modem state 400." This is a cosmetic aberration during a transitory state and can be safely ignored. [CSCdj09729]
There is a problem when a configuration file is copied to startup configuration and startup configuration is set to nonvolatile random-access memory (NVRAM). If the configuration file is larger than the startup NVRAM then the system will reload. This situation can be avoided by enabling configuration compression with the command "service compress-config". [CSCdj14322]
Severity levels in logging buffered are listed alphabetically rather than hierarchically. [CSCdj17121]
The IOS contains invalid routing processes options in it's parser. The invalid options are: static, hello, conected, mobile and floating-static.
There is no operational impact due to their presence and/or use. This is a cosmetic problem. [CSCdj18849]
After doing a write core on a 2514 router, the router reloads as soon as logging out or breaking the telnet connection to the exec session. [CSCdj20313]
The parser gives the "%Error: Unknown physical layer" when entering the interface command "physical-layer sync" while the interface is already set as a synchronous iinterface. [CSCdj24380]
The 'any' and 'host' keywords will not appear when using the access-template command with privilege levels less than 15. [CSCdj25093]
If the line speed on an AS5300 is configured for tty lines that span a Microcom modem followed by a Moca modem, the output of the show running-config and copy running-config startup-config commands is wrong for the speed commands on those lines. [CSCdj41555]
Although "ppp negotiate" is a valid aliasable string, if this multi-word string is used in the "alias exec" command, the parser does not treat the spaced string as a whole.
We ran into a situation where, in order to replace Ascend Routers, we need to match Ascend routers' response to the command "ppp" after isdn users open v120 connections. The users have scripts which send just "ppp" at the router prompt. The Ascend routers would then assign an ip address to the users, and start PPP. Cisco routers would ask for host ip address, which is not expected by the script. We would like to alias "ppp" to "ppp negotiate" using the "alias exec" command. However, this then breaks the autocommand that we do for autoselect users. Right now, "autoselect ppp" starts up the autocommand "ppp negotiate" after it has matched on the autoselect mask. If we configure "alias exec ppp ppp negotiate", the parser would read "ppp negotiate" as "ppp negotiate negotiate" and thus breaks the autocommand.
The parser needs to treat multi-word aliase string as a whole. [CSCdj45391]
When removing 'ppp multilink' from a specified interface, the router should also remove the command 'ppp multilink interleave'. The 'ppp multilink interleave' command will remain in the configuration and cannot be removed until you turn on 'ppp multilink' again and then remove 'ppp multilink interleave' implicitly. [CSCdj69530]
If you enter a prompt with doublequotes around the prompt string, and with an embedded space in it, like this:
DEMO2(config)#prompt "space embedded>"
Then this appears to work - you get a prompt of
space embedded>
However, when the configuration is loaded from NVRAM at boot time, the parser refuses to accept this prompt with an embedded space, and the system prompt reverts to the default one.
The correct method is to use the %s construct, as is documented for the prompt command:
The counters for CSNA Virtual Port X/2 do not get cleared when CLEAR COUNT CHANNEL x/2 command is issued. Workaround is to issue Shut/No Shut on the Interface. [CSCdi51387]
User was not able to query CIP LLC stats for memd waits/drops from RP console or SNMP. [CSCdi57533]
The "dspu enable-host sdlc " doesn't get cleaned up properly when the sdlc encapsulation is removed.
A sample configuration would be: interface Serial0 encapsulation sdlc sdlc role secondary sdlc address C1 sdlc address C2 dspu enable-host sdlc C1 dspu enable-host sdlc C2 no shutdown
All sdlc configuration commands would be removed by changing the encapsulation; i.e "no encapsulation sdlc":
int serial 0 no encapsulation sdlc
So the configuration would show:
interface Serial0 no ip address no keepalive no fair-queue no cdp enable no shutdown
If sdlc encapsulation is configured again then the previous "dspu enable" configuration commands re-appear:
interface serial 0 encapsulation sdlc
interface Serial0 no ip address encapsulation sdlc no keepalive dspu enable-host sdlc c1 dspu enable-host sdlc c2 no shutdown
A work around for this problem would be to reload the router inorder to clean up properly. [CSCdi62105]
When dynamic window is enabled, the window size is reduced when BECN is received. The router does not send RNR to the LAN device to slow down the traffic forwarding to the frame relay network. This problem will cause the llc2 layer trasmission queue overflow. [CSCdi65668]
When source-route bridging is configured, the source-bridge largest-frame command does not properly set the largest frame size. [CSCdi65918]
Any router that is configured with DECnet and SRB on more than one Token Ring interface will produce this message at boot time:
The work around is to use th mac-address command to specifically configure the burn-in MAC address on each Token Ring interface. [CSCdi68577]
APPN continues to send data to DLSw even if DLSw's WAN link is congested. [CSCdi76813]
The TDU count kept by the APPN MIB, may not be correct. [CSCdi76866]
When SDLLC is configured and active, removing the source-bridge ring group might cause the router to reload. The workaround is to configure the no sdllc traddr command before configuring the no source-bridge ring-group command. [CSCdi85157]
When the fast source-route translational bridging feature is configured, packets are corrupted. The workaround is to issue the no source-bridge fastswitchring-groupfastswitch command, which disables the fast source-route translational bridging feature. [CSCdi87612]
When running the feature Token Ring Lane and using IP with access lists then it is possible to see a system crash . [CSCdj01054]
The CIP generates explorers without RIFs sending them across the cbus to the route processor. Since the CIP does not support transparent bridging at this time, these packets should be dropped. Instead, they are being queued up to the SRB process and dropped. If you have "debug source-bridge error" turned on, you will see debug messages indicating this error. [CSCdj02768]
When loading the default version of the CIP code for 11.1(9.1) which happens to be cip22-14, the router will not save the microcode load command as part of the configuration. This could cause problems when the IOS is upgraded but not the CIP microc [CSCdj03202]
The errmsg LNMC-C-BADCLSIRET ACTIVATE_SAP_Cfm SAP BUSY is displayed when configuring multiple CIP internal SRB LANs on the CIP virtual interface. [CSCdj08979]
The following error message and traceback can be generated if lnm rps is enabled on the tokenring interface for a 75xx router running 11.1.9, turning off this function will eliminate the error message and traceback. [CSCdj10473]
A router may restart unexpectedly with SegV exception, PC 0x0, when the router is configured for DLSw. [CSCdj16559]
A router configured for DLSw has a buffer leak in the middle and big buffers. Eventually, the router runs out of I/O memory.
The problem is related to the way DLSw backup peers are configured. This problem will only occur if the local router is configured with backup peer commands and the remote router also has a configured peer and is not promiscuous.
The workaround is to remove the DLSw backup peer configuration. [CSCdj21664]
When establishing a DLSw session, the circuit priority field in the SSP header of the CUR_cs, ICR_cs, and/or REACH_ACK SSP frames may be set to a reserved value (5, 6, or 7). While this value will not cause problems when sent to a Cisco router peer, it may cause interoperability problems when peering to another vendor's equipment. This problem may manifest itself as an inability to start the circuit. [CSCdj22482]
When the target DLCI, on an interface with one or more DLCIs, goes down FRAS fails to go into backup mode. The backup will not be invoked until the interface transitions to the down state. [CSCdj22613]
The SHOW INTERFACE ACCOUNTING command would incorrectly show NO traffic sent for RSRB SDLLC configurations,and no transmit packets/frames for STUN. STUN incorrectly shows only the receive side information. [CSCdj23788]
It has been seen that when running srb on a c7200 w/DLUR, downstream cp-cp sessions do not come up. Work around is to use tr/llc, rsrb, or a c4500 or c7500. [CSCdj30284]
While running STUN local-ack on Cisco IOS Release 11.1(12), secondary PU 2.1 SDLC devices may enter FRMR state. The connection is terminated and restarts, sending XID to the device. Since no SDLC DISCONNECT was sent, the endstation remains in stuck FRMR state, and rejects the XID. This fix changes STUN local-ack so that if a FRMR comes in while the STUN state is "disconnected", an SDLC DISC is sent to reset the station. Subsequent XIDs will then succeed. [CSCdj35118]
A dropped frame-relay link can cause the QLLC to not reactivate. Work-around is to reset the routers. [CSCdj38370]
Need a operator command to control activation/deactivation of CP-CP sessions with an adjacent node from the appn router. [CSCdj40911]
Symptom: A downstream LU is unable to get logo screen from the host even though other LUs on the downstream PU can. Router shows dspu state of that LU to be Reset or dsLUStart, while host shows state as active. LU is recovered by deactivation, then reactivation of LU at the host.
Conditions: This state may occur if the downstream LU has previously failed to reply to ACTLU, or if the host has failed to respond to a NOTIFY (available or not available) from DSPU within a timeout period of 20 seconds.
Workaround: Recovery requires the host operator to recycle the LU at the host. [CSCdj45783]
doing a config net while the config file is incomplete, leaves router in tn3270 config mode. [CSCdj46527]
Prior to this fix, DLSw MIB time related variables would be incorrect after approx 49 days. After the fix, they are accurate up to 497 days. Affected variables include:
Also all variables except ciscoDlswUpTime would have minor small changes (off by a few milleseconds) dependent upon timing. After the fix all these variables remain accurate. [CSCdj48345]
A crash could occur for STUN DIRECT over frame-relay if data continues to be received after a stun peer was deconfigured, or the encapsulation is changed from STUN. [CSCdj48350]
When using appn-isr over an RSRB port over FDDI a cisco 7200 may start sending frames with the non-bitswapped address of the target device.
Workaround is to configure a mac address on the target device that is always the same canonical or non-canonical. i.e. 4242.6666.ffff. [CSCdj48606]
RIF may be modified incorrectly when multiring and SRB proxy explorer are configured on an interface but the SRB triplet is not configured.
e.g.
interface TokenRing0/0 ip address multiring ip source-bridge proxy-explorer
Note the absence of the "source-bridge "
The "source-bridge proxy-explorer" statement will not show up in the config unless the SRB triplet is configured.
Work-around for this problem is to configure "no source-bridge proxy-explorer". [CSCdj51631]
When running proxy explorer & netbios name caching on a token ring interface of a c7200, alignment errors will occur. [CSCdj52522]
DLSw routers with ethernet and token-ring ports, also configured for SR/TLB between DLSW ethernet and token-ring ports, will display token-ring devices as reachable through the token-ring and transparent bridge paths when show dlsw reachability is issued. [CSCdj55019]
LLC2 does not respond with DM to received RR if no LLC2 entity exists in teh router. This causes end stations to take a longer time period to realize their LLC2 session is gone and retry session startup. [CSCdj56042]
Router may reload when removing configuration of X.25 PVCs for QLLC. [CSCdj57872]
Router crash wile running CMPC over DLSw+ FST. [CSCdj58258]
In a rare timing situation, an APPN/DLUR router may reload due to a bus error/segV exception at ndr_sndtp_encap_mu. [CSCdj59639]
Alignment errors detected running TL/SRB on c7200 router. [CSCdj59922]
The work-around for this is to include the "xid-snd" field in the "sna host ..." and "dspu host ..." configuration commands, and the "xid-rcv" field in the "dspu pu ..." configuration command. This problem has now been corrected in source. [CSCdj60826]
Configuring LLC2 parameters on the CIP virtual interface at interface config mode are not being set. Configuring LLC2 parameters on the CIP virtual interfae at internal adapter config mode is not effected by this problem. [CSCdj61654]
If an RSRB session is disconnected by the local LAN side at exactly the same time as a data message is received from a remote host, a situation can occur which will lead to a crash in llc_get_oqueue_status().
There is no workaround. [CSCdj62026]
When router is configured with SRB-related features (e.g. RSRB or DLSw), the R/SRB background process may experience thrashing on a watched timer.
The output message is as follows:
02:22:53: %SCHED-3-THRASHING: Process thrashing on watched simple timer (0x875C08). -Process= "RSRB Background", ipl= 6, pid= 48 -Traceback= 1807B0 180A5C 6E1B12ebd
The SDLLC and DSPU features may also experience this problem. [CSCdj62105]
The appn router may have an excessive amount of processor memory allocated to appn after experiencing several spikes in appn processing. The appn memory manager was optimized to release groups of unused pools back to the operating system. [CSCdj62502]
SRB over FDDI between 4700 and 7505 does not work.
More details to follow as we investigate this report. [CSCdj62695]
Router may reload if trying to forward data on a QLLC connection that is down. [CSCdj62832]
FRAS Ban SDLC is non-operational in this release. This is fixed in the follow on maintenance release. [CSCdj63803]
When running rsrb direct or fst encap on c4000 or c4500, the router is unable to bridge ip over a fddi wan. Under this same configuration, netbios will be bridged. Only ip seems to be affected. [CSCdj64999]
Under certain appn/srb-fddi configurations, a router may blindly respond to a TEST P and XID P frame which are not destined for its mac address. This creates XID exchange confusion problems for all appn routers (which participates in the XID process) on the same ring. [CSCdj65580]
When implementing source route translational bridging, frames which originate in the transparent domain which have a payload larger then 1486 bytes may get silently dropped. Therefore, stations which transmit the largest possible ethernet frame of a payload of 1500 bytes may not be able to maintain sessions. The workaround is to reduce frame payload to something less that 1486 bytes. [CSCdj65835]
SYS-2-LINKED Bad enqueue error message displayed along with some spurious memory access error messages when the router is processing explorers and the 'source-bridge ring-group nnnn' statement the explorers are associated with is removed after the explorer(s) has been received, but before it has been processed. [CSCdj66238]
With SRB is configured, OIR removing a token ring port adapter (ex: PA-4R) followed by adding a different token ring port adapter type (ex: PA-4R-DTR), the user must reconfigure SRB on the ports. The problem is that this creates duplicate ring numbers and SRB fails to bridge traffic on those ports. [CSCdj66310]
When using APPN dlur directly attached to a FEP, when SSCP takeoever occurs for that FEP, the APPN router may detect an xid error in the non-activation xid following the takeover. The messages printed are:
Router may reload if hundreds of QLLC sessions fail simultaneously. [CSCdj67015]
DLUR pipe seesions goes on cpsvrmg mode. This mode supports only two sessions. Under some condition, before DLUS cleans up its dlur pipe seesion, it may get request for another session from same DLUR. This time DLUS send +RSP(BIND) followed by UNBIND request. This may cause race condtion in dlur subsystem and causes DLUR FSM in hung state. [CSCdj67223]
After a 'no [claw|csna|offload|mpc]' immediately followed by a shutdown, the deconfiguration attempt could be left pending. This would be apparant after attempting to reconfigure the claw,csna,offload, or mpc command and getting the following message: %Configuration of XXXX YY is pending...
The circumvention for this problem is to "no shut" the interface and then readd the configuration. [CSCdj67340]
Any dlur installation with over 800-1000 downstream PUs can may experience a reload with the following backtrace:
Dspu over rsrb with fst encapsulation reloads with bus error similar to this, when upstream or downstream connectino is initializing:
System was restarted by bus error at PC 0xCC6B8, address 0xFC4AFC82 4000 Software (C4000-JS-M), Version 11.2(10.3), MAINTENANCE INTERIM SOFTWARE Compiled Mon 01-Dec-97 19:45 by ckralik (current version) Image text-base: 0x00012000, data-base: 0x0076AE64
The workaround is to use tcp encapsulation for rsrb, or switch to dlsw. [CSCdj68261]
SRB tranmit count of "show source-bridge" output may be incorrect when 2-port bridging and "no source-bridge route-cache" are configured on the interfaces. [CSCdj69257]
Some hosts exist that use the unusual behaviour of setting the OAF (Origin Address Field) equal to the DAF (Destination Address Field) in traffic on the LU-LU session, instead of setting it to the more usual value of 1. This actually makes it impossible to distinguish whether the LU is dependent or independent, and DSPU has followed the standard SNA convention of assuming that all sessions with OAF greater than 1 were for independent LUs.
As DSPU only supports dependent LUs, it now assumes that the OAF equal to DAF condition does signify a dependent LU and maps the session accordingly.
The only workaround is the very restrictive configuration of only using the host LU locaddr 1. [CSCdj69265]
When DLSw is configured, the following error message may be seen:
This message does not affect functionality. It indicates that a race condition has occurred between DLSw and the LLC2 layers when cleaning up an LLC2 session that timed-out during the XID exchange process. [CSCdj69533]
DLSw FST peers can now support sessions from end-stations directly attached to DLSw peers via ethernet LAN media. One configures the ethernet LAN ports the same way as you would for DLSw TCP peers,(ie using "dlsw bridge-group xx" c ommand). The "lf 1500" parameter has to be specified on both DLSw local and remote peer statements on both routers for this feature to function properly. [CSCdj69739]
A message indicating that a configuration is pending may appear when updating the running configuration by doing a 'copy tftp running' or 'copy startup running'.
Circumstances under which this may happen: This may occur for configuration commands associated with the channel interface processor if there is a 'microcode reload' statement in the configuration. The message will only appear if the copied configuration statement matches an existing configuration statement in the running config and if the channel interface on which the command is configured is not administratively shutdown.
The message can be safely ignored. [CSCdj69759]
Implement two new DLSw timer commands:
dlsw timer connect-timeout
DSPU may be configured on the virtual TokenRing interface; but cannot establish any connections over the virtual interface. The only work-around is to configure DSPU for RSRB/VDLC support using the specific configuration commands. [CSCdj70853]
If the following BGETAS04 message is displayed on the APPN router, then appn's ps process may hang. In this case, the router may not process cp-cp session and cpsvrmgr session activations and deactivations. The appn subsystem must be restarted to clear this problem.
%APPN-7-APPNETERROR: BGETAS04: Invalid pool type %APPN-0-APPNEMERG: Assertion failed in ../ps/ptp05a.c at line 240 [BAY6] 100: -Process= "psp00 ", ipl= 0, pid= 53 [BAY6] 101: -Traceback= 60707F30 6067AF9C 6067D458 6067AD7C 6067789C 6067780C 6067767C 601A2208 601A21F4
The range for the cipCardAdminMaxLlc2Sessions and cipCardOperMaxLlc2Sessions CISCO-CIPCSNA-MIB objects should be changed from (0..4000) to (0..6000) to reflect the max llc2 session limit in the IOS code.
The description for the cipCardAdminMaxLlc2Sessions object does not match the behavior of the max llc2 session configuration parameter. [CSCdj72029]
Under certain circumstances, issuing appn ping commands may crash router. [CSCdj73921]
Customer running IOS 11.3(1) on a 2500 series router is experiencing packet loss on the AUX when the AUX port is setup for a speed of 38.4K (with encapsulation PPP on the AUX port) and the router is configured for DLSW.
No packet loss is being seen when the AUX port speed is below 38.4K. [CSCdj74103]
Symptom: In unusual circumstances a memory leak of buffers can occur in DSPU link station handling. This may lead to messages indicating a failure due to lack of memory, such as DSPU-3-LSConnInFailedNoMem.
Conditions: This buffer leak can occur only in a short window of time during DSPU link station activation processing and only when the link station fails to activate.
Workaround: This buffer leak will never occur for successful link station connections. It will only occur for some unusual types of connection failure that may occur before an XID response has been sent by DSPU back to the connecting link station. Lost memory can only be recovered by reloading the router. [CSCdj75816]
The LLC2 connx between the router and DEC Server does not connect. [CSCdj75841]
While configuring QLLC, the no-incoming option and the no-outgoing option have been added to the the x25 map qllc statement. [CSCdj75946]
QLLC may deactivate a connection before the DLSw+ connection timer expires. [CSCdj76334]
In a ISL environment with DLSW where DLSW bridge-group is on one of the ISL vlan subinterfaces, retransmitted frames from DLSW contain 4 bytes of extra data causing session loss.
This problem has been witnessed more severly when the switch port on the trunk between the router and switch is set to auto ( negotiation ). This causes the switch to default to 100/half while the router is at 100/full causing collisions, late collisions and overruns. These cause retransmisions that trigger the problem.
Besides trying to avoid the retransmissions there is no workaround in ISL/DLSW setup. [CSCdj76634]
The APPN router may crash with the following backtrace while processing a destroy tg.
Under very rare circumstances, when using software flow control on the AUX port under heavy load, the line may end up in a hung 0 state. The output of a show line command indicates "Status: Ready, Connected, Active, Waiting for XON, Sent XOFF." If XOFF has been sent and the device is waiting for XON, issue a clear line command to recover. [CSCdi56432]
When the user types the command "show controller tokenring ..." the values of the following 10 'since last reboot' error counters may be less than the actual counts:
Bridged traffic is not currently payload-compressed when compression is enabled. This is due to problems caused in some instances by the combination of software bridging and payload compression. [CSCdi63268]
Under a sudden burst of moderate load, MIP controllers cycle, taking all attached interfaces down. This behavior is sporadic (that is, it does not usually occur), and the router recovers without any user intervention within a few minutes. [CSCdi65044]
Running SRB over FDDI on Cisco 4000 series routers may not perform as well as expected. However, this behavior should not seriously impact network functionality. [CSCdi69101]
Certain types of source-route bridge explorers are process switched instead of fast-switched. [CSCdi72488]
When IPCP negotiates the peer's address, it ignores the dialer map as a possible source of the peer's address unless a phone number is configured in the dialer map statement. [CSCdi75423]
LMI becomes unknown to remote DTE with 2 or more frame-relay sub-interfaces - configured with - apparently after traffic transported over the link (before traffic sent - all stable). All DLCI's under physical interface are subsequently deleted. [CSCdi81761]
The FDDI NIM in a 4000 series router only places one data frame on the ring per token capture. On a large ring with a mix of 4000s and other devices, this can cause a nonoptimal level of performance. [CSCdj00852]
Symptom: Under certain conditions, customers may experience a memory-leak which would lead to a router reset if the (B)ridge-group (V)irtual (I)nterfaces for the new (I)ntegrated (R)outing and (B)ridging feature are not configured correctly.
Workaround: When configuring IRB in a router, customers should ensure that they DO NOT configure (B)ridge-group (V)irtual (I)nterfaces to logical/physical router interfaces that do not exist. [CSCdj02283]
When a 7200 is connected via a fast ethernet ISL link to a Catalyst 3000 switch the following traceback can result:
%SYS-2-LINKED: Bad enqueue of 609227FC in queue 609BA4DC -Process = "", ipl = 4 -Traceback = 60100618 600FE9F0 600DC5D0 60168980 60105318 600DC524 60022870 60114BA8 60023780 60024D84 [CSCdj07084]
When adding or removing a sub-interface to a Frame Relay interface, all DLCIs are brought down until the Frame Relay switch sends the PVC information again. Two problems are associated with this caveat:
The whole interface will be reset when a user tries to add the ip address command. Caveat CSCdj02488 (integrated into 11.1(11) and 11.2(5.1)) fixed this problem.
A workaround for the other problem is to turn off CDP globally ("no cdp run") BEFORE adding/removing new/old sub-interfaces and turn cdp back on AFTER that. [CSCdj07291]
The error "%CBUS-3-CTRUCHECK: Unit 0, Microcode Check Error" occurs on Token Ring interfaces, causing the interface to reset. [CSCdj08654]
IPX packets which are outbound on a async interface will not be fastswitched. [CSCdj09731]
In Cisco 7000 series router, FastSwitching does not work on TokenRing interface. It only does Process Switching even though it is configured as fast switching. [CSCdj10852]
The transparent bridging is not able to handle the packet that is greater than 1500 bytes with frame relay encapulation in the process level bridging.
Since the frame_relay packet is normally handled in the fast_switching path, The above failure won't be happened in most of the applications.
There are certain conditions matched will cause the failure:
1. The packet has to be forwarded to the Output interface with frame relay encapsulation configured.
and
2. The packet size is greater than 1500.
and
3. The input interface matched with one of the following cretiria:
a. The IRB turn on and the recieving packet contains the protocol type which can be either routed or bridged on the receiving interface. or
b. Unclassified packet received on the bridged interface.
or
c. The input interface is ATM and bridged. [CSCdj15970]
Under certain circumstances, rebooting a Cisco 2524 may cause the router to pause indefinitely with a T1 connected to a Fractional T1 module. The workaround is to unplug the T1 prior to the reload. OR, change the T1 framing setting from sf to esf at both end (including Central Office and the C2524 router). [CSCdj22485]
The work around is to turn the logg console debug in the config mode for the box: "no logg console", or to selectively turn of the interface state change debug from being printed in the console by turning of the interface state change messages: "no logg events link-status" [CSCdj25814]
A checkheaps crash on the VIP can occur with a POSIP when the line is flapping continuously. This is due to the POSIP getting reset during line up/down events. Line flapping can be minimized by disabling keepalives or reloading the one router at a time. [CSCdj26511]
In C7000 and C7500 (RSP) platforms, changing some encapsulations can cause cbus complex restart. There is no workaround for this. [CSCdj29409]
After unplug/plug the cable, the atm lite interface experiences ignores at low packet rate. The workaround is to shut/no shut the interface. [CSCdj29724]
7500's with OC3 POSIP interfaces do not support the Path Trace Buffer feature that the GSR (c12000) supports which indicates the name, interface, IP address, etc. of the remote connection.
On a GSR that is connected to a 7500, the Path Trace Buffer information available via the "show controller pos" command will be blank.
This will not impact the functionality of the router, but the presence of the feature makes misconnections easier to debug. [CSCdj31880]
Under certain circumstances, the ISL trunk connection between a Cat5000 and a router doing inter-VLAN routing, can stop carrying traffic that results in connection problems. The reason being that the Cat5000 trunk port connected to the router transitions from trunking mode to non-trunking due to the DISL protocol. In this particular case, the Cat5000 received a DISL (non-trunking) frame from another Cat5000 across a bridged WAN network (from the router's serial port across the ISL trunk to the Cat5000) making the trunk port stop trunking.
A workaround is to place all "auto" trunking ports on a Cat5000 that are not trunking to "off" state.
CSCdj52514 provides another solution in cat5000 supervisor code 2.4(3), as an option on the "set trunk" command (use in place of "set trunk on"): set trunk nonegotiate This turns trunking on, does not send DISL frames, and drops incoming DISL frames, so incoming DISL frames cannot turn off trunking. [CSCdj32425]
A Cisco 2520 low-speed port may sometimes ignore group polls. This problem occurs on average once per minute and appears to occur only when the router is configured for half duplex and is using a DTE cable.
This problem has minimal impact on the performance of the customer's multidrop line because a FEP usually resorts to individual polling. [CSCdj33392]
The ethernet interface on the AS5200, 4x00 and 2500 platforms log BADCABLE messages with the console periodically when the interface is under load. [CSCdj35951]
When a 3600 router serial interface is operating in HDX DCE mode and the attached DTE device drops RTS too quickly after the end of frame, it is possible that router will silently ignore the frame.
The workaround is to enable the interface to run in FDX or DTE mode. [CSCdj36625]
A Catalyst 5000 RSM populated with an ATM Port Adapter with LANE client(s) configured can get its ATM interface stuck in a down state if a user creates new vlan interfaces.
Symptoms include the following message being displayed to the console
Saving the RSM configuration and reloading its image will clear the error condition. [CSCdj41802]
The accounting of ip fast fragmentation will miscount packets on MIP interface. The fragmentation function works just fine. This is an accounting bug. [CSCdj42141]
In the case where a T1 is broken out of the CT3 bundle, and sent to one of the test/external ports, *and* that T1 is also configured as an IOS interface at the CT3, the following unintended side effects can be observed:
. data arriving on that T1 from the CT3 bundle is sent to the test/external port as intended, but also sent towards the IOS interface configured at the CT3. Depending on the router configuration, this may in turn cause each such packet to be received twice, once (correctly) by the MIP (or whatever is connected to the test/external port) and once (incorrectly) by the CT3.
. any FDL, IBCD or BOC messages sent from the remote T1 end (arriving via the CT3 bundle) will be sent to the test/external port as intended, but also interpreted by T1 framer at the CT3. When the message requests some loopbacks (most notably line loopback), that T1 will be looped at the CT3. The CT3 should be completely transparent for any T1s sent to the test/external ports. [CSCdj42171]
TTY lines on access servers may hang when control characters are sent in dumb terminal mode (no PPP or SLIP). A show line will show the TTY line in a ready state, but no response or prompt is seen from the access server when the activation-character is sent (default is a return). Doing a clear line # does allow for the line to recover and respond to the acitvation-character. [CSCdj46760]
Written By Steve Lee of SJ TAC WAN Team 3 Oct 1997
1. Symptom ---------- When configuring HSSI interfaces to support IPX traffic you can use the ipx encapsulation command which is not relevant on a HSSI interface since the IPX packets will simply traverse the HSSI link via whatever encapsulation method is present on the HSSI interface, ie... PPP, HDLC, SMDS, etc.
2. Conditions ------------- The commands can be entered on any type of HSSI interface and on any platform. This includes the following HSSI interface types: HIP, PA-H, and NP-1HSSI. This cosmetic bug has been configurable in testing all the way through 11.2(8)P and 11.1.14 IOS code.
3. Workaround ------------- There is no workaround required. Simply turn on IPX routing with the global configuration command ipx routing and then put an ipx network on the particular HSSI interface with the command ipx network <1-FFFFFFFD> and the HSSI interface will support the transport of IPX packets.
4. Further Problem Description ------------------------------ This is simply a cosmetic bug and causes no problem on the router as the command informs the user that the ipx encapsulation type is unsupported on the HSSI interface. [CSCdj47293]
In certain conditions, bridged traffic through a 7206 running 11.1(13a)CA1 coming in on a Frame Relay Interface may have the last four bytes corrupted. The same problem has also been reported on a 3640 running 11.2(8)P. It is also expected that the problem might occur when the inbound is atm(aal3/4), smds, lane-ether or the outbound media has enabled ppp compression, priority queueing or outbound media is isdn, dialer interface. [CSCdj47881]
On 7200 if IRB is configured for traffic b/w ethernet and atm port adapter that may drive the 5sec cpu utilization to 95%. Because at atm interface IP traffic is being process switched. This only happens if IRB is configured on the 7200. [CSCdj48228]
Decnet does not work over tokening-hssi bridge in 3600. [CSCdj50212]
Symptom : The show diag command in the cisco IOS was not able to display the port adapter type for FE-TX/FE-FX.
Further Problem description :
Analysis : This was occurring because the pas_display_pa_info function was reading the ideprom value and displaying the corresponding string from the pa_hw_desc_strings array. Since this array did not have entry for Fast Ethernets for c3600 (both FE-FX and FE-TX) therefore it displayed the string UNKNOWN for the port adapter type.
Changes to : The pa_hw_desc_strings array has been modified to include program the corresponding PA types. flow [CSCdj50944]
A situation has been found when bridging between LANE and FDDI that a Cisco router is not handling the packets appropriatly. This case is still under investigation. If a bug is found, then it will be fixed in a future release of software. [CSCdj51644]
For 802.10 interfaces such as fddi, ether, token, and hdlc transit bridging between smds, the translation failed. [CSCdj52314]
With IRB configured on the router, ipx clients can't log into services on a bridged interface. Removing the ipx routing from the bvi fixes the bridged interface but you'd loose the routing. At this time this feature isn't supported. [CSCdj54050]
In rare cases a Cisco 7200 router with a token ring port adapter may crash if one of it's token ring ports attempts to insert into the ring and fails due to a ring error. [CSCdj59796]
The appletalk might fail when packets are bridged through ppp transit. [CSCdj61857]
Symptom : setup command assigns invalid interface for ip unnumbered command while configuring the async/group-async interfaces.
Conditions : This occurs when there are interfaces (viz.,ethernet, token-ring,fddi) ,which do not have an ip address configured and these interfaces precede by slot number and unit number,any other interface which has an ip address configured.
Workaround : The workaround is to always have the first interface configured with an ip address or manually re-configure the async/group-async interface by assigning a valid interface to the ip unnumbered command. [CSCdj62240]
There are several problems that have been fixed on 11.2P and not on 11.3. They are bus error, transmitter hanging, receiver hanging, and performance degradation. There is no workaround. [CSCdj62436]
The 'no ip redirect' is autonatically added to the configuration when isl is defined. Customer removed it but after reload the 'no ip redirect' gets back in the config. [CSCdj64043]
Router crash with a bus error when configuring SRTLB [CSCdj64480]
Adding "show comp" features for frf.9 precluded display for old-style FR compression from working. Now "show comp" for old and new compression schemes co-exist. [CSCdj64747]
The 'debug broadcast' command doesn't produce any output on Lance ethernet interfaces. [CSCdj66833]
A 2500 router configured for source route bridging on a token ring interface may crash on bootup or during a 'no shutdown' on the token ring interface. This can only occur if the source-bridge is configured with the wrong number (a ring number mismatch with other devices already on the ring). Once the interface is properly configured and brought up, this problem cannot occur. [CSCdj68265]
3640 with 11.1(15)AA not allowing encaps frame-relay under the serial interface of the router. The router is configured for channelized T1. The router does accept the encaps without an error, however, it never shows up in the wr t output or the sho int serial output. Other encaps: X25 and ppp work fine under the same interfaces. [CSCdj69440]
Release-Note ------------ In rare circumstances, a 7200 containing FDDI pa's and configured for source-route bridging, will incorrectly forward an IP packet that contains a RIF field back out onto the same interface that it came. This behavior will result in IP packets "looping" around the FDDI ring until the Time To Live counter reaches 0. There is no known workaround. [CSCdj71082]
On 7200 with the I/O controller with MII only and other platforms (i.e., 4500 and 7500), the regular Fast Ethernet PA media config command is missing the RJ45 option; only the MII option is available. On 7500 platform, to configure for RJ45, use the "no media-type MII" option as a workaround. The workaround is not available for 4500 and 7200 platform. Because all images use RJ45 as the default media type for Fast Ethernet, they will not discard the original configurations that specify RJ45. [CSCdj75983]
Responses to RIP queries do not honor IP split horizon rules. [CSCdi30060]
A new command to set OSPF router ID is being added. When configuring OSPF with this new command, make sure that the new command always comes before the OSPF network statements. If the OSPF process is already running, the new command will only take effect after the OSPF process is re-enabled or by a reload. [CSCdi38380]
If a RPF change occurs or an outgoing interface list entry is added or deleted, RSVP is not informed immediately by IP multicast routing. This causes reservation latency. But only occurs for multicast sessions. [CSCdi58028]
Without periodic registers, the (S,G) state in the RP has to be kept alive by other means, such as (S,G) joins/prunes. [CSCdi59021]
Beta code may not correctly forward an RSVP message when RSVP is *not* configured [CSCdi61151]
Unequal messages seen on RSP platforms after a route flaps. There is no apparent functionality or performance impact. [CSCdi62271]
If a multicast mtrace request is received from the interface that toward the requested (source,group), the mtrace request is not dropped but forwarded back on the incoming interface. [CSCdi78092]
mrinfo with no command line options (a local request) sometimes times out if the request is looped back through an unroutable interface. Workaround is to specify the router's name ( mrinfo ) with the command. [CSCdi84362]
There is no prune sent toward the RP for (*,G) timeout. In the case that OIF is expired after the (*,G) entry, traffic will continue to flow down the shared tree for an extended period until each router along the path individually times out the entry. [CSCdi84784]
If a per-user static route is installed which depends on the host route for the current interface, then installation of the per-user route may be delayed by up to 30 seconds. [CSCdi85561]
When the fragments arrives at the destination out-of-order, router may fails to reassemble the packet. Typical example is when it has several lays of fragmentations along the path and fragments arrives at the tunnlel destination out-of-order because small fragments got fast-switched and large fragments got process switched(since it needs to be fragment again in process level). [CSCdj03076]
In LANE 11.2 code, LANE configuration appear before OSPF configuration in NVGEN. [CSCdj05560]
(*,G) prunes should also schedule removal of interfaces from all (S,G) entries which match. Currently, only the (*,G) entry's olist is updated. The work around is to enter clear ip mroute for the specific group. [CSCdj05669]
When enabling a gre-tunnel interface, it might not take the default configuration, but an old configuration - not stored in NVRAM. [CSCdj06852]
Problem:
Non-cisco PIM routers do not send CGMP messages. Cat5k with older code would not recognize them as routers and hence would not forward multicast data toward them. Adding the CGMP Proxy functionality in cisco routers for them was proposed in this bug report.
Workaround:
Cat5K with V2.3(1) code can recognize messages from any PIMv1 router and mark the port where the messages come in as a router port. With this level of code, CGMP Proxy is no longer needed for Cat5k. [CSCdj10170]
When auto-summary is turned off and back on again, subnets are not advertised. [CSCdj11276]
An ethernet interface can get wedged and stop receiving packets when running IPeXchange on the router. [CSCdj12768]
A router running 11.2(5.4) won't be able to normally trace to it's own ip address.
The work around is to do an extended trace and source the packet from a different IP address on the router. [CSCdj13341]
In the PIM/DVMRP border router, (S,G) with null OIF is pruned even if it is still registering. [CSCdj14514]
Under certain circumstances, the router may experience the following informational messages:
%ALIGN-3-SPURIOUS: Spurious memory access made at 0x602D4280 reading 0x30 %ALIGN-3-SPURIOUS: Spurious memory access made at 0x602D38CC reading 0x16 %ALIGN-3-SPURIOUS: Spurious memory access made at 0x60352800 reading 0x630 %ALIGN-3-SPURIOUS: Spurious memory access made at 0x601779E4 reading 0x648 %ALIGN-3-SPURIOUS: Spurious memory access made at 0x602B3D28 reading 0xC04 [CSCdj18623]
Private ASNs are not removed by the neighbor option in BGP if the AS path length is more than one.
This problem occurs when the AS_PATH has been created by using . The fix should be applied to the router originating the prefix, not the one stripping the private ASNs. [CSCdj19299]
If a router receives an EIGRP UPDATE from an non-existent neighbor, it might display the following message:
This error should not impact the operation of the router. [CSCdj22621]
Crash due to Memory leak, SH MEM shows 'IP Input' and 'Pool Manager' holding onto memory. [CSCdj23080]
This will let a route-reflector-client peer with RRs of more than one clusters and thus break away from the heirarchical topology. This is used in tie-breaking between the paths which are common upto and including IGP metric. [CSCdj28525]
The OSPF RFC doesn't allow having a virtual link thru a stub area.
Although the router allows this to be configured, it could lead to problems when trying to reach external domains through the stub area. [CSCdj30202]
The background timer which kicks off once a second will find out the neighbors who need attention. Access the queue of the neighbors with established sessions only. [CSCdj30654]
After changing the bandwidth or delay value at the interface, "sh ip eigrp topo" still shows old FD(metric) value. [CSCdj30917]
The ip forward-protocol udp command should only influence flooding broadcast (255.255.255.255) and not directed broadcasts. However if we configure on a router "no ip forward-protocol udp", it will prevent forwarding of directed broadcast to a local interface.
no ip forward-protocol udp | v router1---10.1.1.0---router2---10.1.2.0---router3---10.1.3.0 ^ ^ ^ | | | source fails works [CSCdj31239]
ALIGN-3-SPURIOUS messages may occur if the BGP SNMP MIB is polled when BGP is not configured. This error is cosmetic and will not affect the operation of the router. [CSCdj32320]
If OSPF external routes are summarized using the summary-address command, and the number of external routes being covered by this summary address drops to zero, the external summary will be flushed, but the router originating the summary will not install any matching external or nssa routes that may be present in its database.
The router can be forced to install the matching route by using the clear ip route * command. [CSCdj32471]
BOOTP requests being sent to 0.0.0.0 get forwarded to the gateway of last resort when there is one. [CSCdj33809]
route-map filtering of routing updates based upon community strings fails [CSCdj34779]
There is a bug in 11.2.7 where by offset commands coded in conjunction with router rip statements do not appear in the startup and running configurations. The commands do function, but do require to be re-entered after every router re-load. [CSCdj35131]
Routers experiencing a high incidence of DUAL-3-SIA messages may also incorrectly log DUAL-3-BADCOUNT messages. There is no functionality or performance impact from the BADCOUNT messages.
The workaround is to prevent the stuck-in-active (SIA) messages by configuring timers active-time for router eigrp to the correct value for the network. [CSCdj35254]
In some instance, a configured 'bgp router-id' is not used after the router reloads. Instead, the router uses the highest ip interface address as its router id, until 'clear ip bgp' is performed.
A workaround is to configure loopback interface, whose address is greater than any other address on the router. [CSCdj37962]
If two routing protocols with mutual redistribution cause a routing loop, it is possible that the loop will remain even after updates have been filtered. The problem usually occurs after a clear ip route * command is issued after applying the filters. If the routes are allowed to age out the normal way, the problem does not occur. If OSPF is running, the workaround is to issue the clear ip ospf redistribution command. [CSCdj38397]
If the summary-address statement is removed on a remote router that advertises summary-address routes on only one path, then the core router sees both equal cost paths. This problem occurs on OSPF with NSSA. [CSCdj38067]
Once a route learned from the DVMRP neighbor is poison-reversed, it is not cleared if the neighbor stops advertising it as a poison-reversed route and causes packets still flood to it. The only way to clear the bit is if the neighbor advertises a non-infinity metric for the route. [CSCdj39332]
7200 may reload with %ALIGN-1-FATAL: Corrupted program counter when running multicast. The only workaround is to disable the multicast on this router. [CSCdj40975]
Under certain conditions, the output of 'show ip ospf statistics' will not display a reason code explaining why an SPF run took place.
This is known to happen when the only event to trigger an SPF run is an update to a summary-asbr LSA. [CSCdj42636]
Configuring multiple virtual links to the same router id (via different transit areas) may cause routing table entries to be calculated with a correct metric (corresponding the the virtual link with the lowest cost), but an incorrect next hop (corresponding to the first virtual link appearing in the router LSA).
To avoid this problem, do not configure multiple virtual links to the same router. [CSCdj43279]
If a tunnel built on top of a dialer interface, turn on multicast fastswitch will crash the router. The work around is to configure 'no ip mroute-cache' on the tunnel interface. [CSCdj44432]
If the BGP neighbor has the default-originate defined and then the AS of the BGP neighbor is changed, then default-originate will no longer be in wr t. Workaround is to add it back in. [CSCdj45721]
Policy routing inconsistent on subinterfaces [CSCdj47355]
Set metric 0 configuration doesn't work in a BGP neighbor outbound route-map. A workaround is to use "set metric 1" in the route-map instead. [CSCdj49095]
If RSVP is configured on a router, it will only forward RSVP reservation information to interfaces that are configured for RSVP. It will not forward RSVP messages from or to interfaces that are not so configured.
While this is consistent with the specification, it precludes some uses of RSVP that might be desireable. [CSCdj51276]
Under EIGRP, when the router clears a route using the host ip address, the router fails to bring back the route on that subnet into the routing table. The route, howeber, is still in the topology table but not in the routing table. [CSCdj52415]
entering the command "no ipx routing" then enableing eigrp can crash the router. This is a regression of CSCdj54141. [CSCdj53541]
eigrp may crash when receiving updates in a network which has a major topology change in conjunction with a large eigrp topology database. [CSCdj54728]
Under certain conditions LS type 5 are not generated by an ABR in response to LS type 7 received (if the cost becomes worse or the LSA is purged) [CSCdj55301]
With certain route-map configuration or soft-reconfiguration, the LOCAL_PREF for a path may be set to 0, resulting in wrong path being selected. [CSCdj55839]
The Proteon router's Internal Address is advertised as a Host Route not a network in the router's LSA. A Host Route is represented as a Type 3 link ( Stub Network ) whose link ID is the host's IP address and whose Link Data is the mask of all ones ( 0xffffffff ). This Host Route is advertise into all OSPF Areas.
The interoperatbility issue with the Cisco routers is that we will install the latest 'learnt' route to the Proteon's Internal address - this may not be the Shortest Path. See descriptions enclosures for a full explanation. [CSCdj56079]
When you have a 7000 running EIGRP on two EIP6s, a TRIP4 and a FIP. EIGRP runs on all these interfaces. All connected networks are in the EIGRP topology, until... One adds a third EIP6. In the EIGRP toplology we may loose some of the connected networks that connect to the existing ethernet interfaces. The ip routing table still shows the routes.
Result: not all connected networks may be advertised in EIGRP.
Workaround: redistribute connected [CSCdj57362]
A permanent IP static route to an interface will be removed from the routing table when that interface goes down. For example: with ip route 10.9.10.0 255.255.255.0 Async1 permanent in effect, then if interface Async1 is down, the route will be absent, despite the "permanent" keyword. This will prevent the route from being redistributed into an IGP. [CSCdj57495]
misconfigured eigrp with a network statement for a non directly connected ip address will auto-summarize the network if it is receiving subnets for the network from its neighbors. [CSCdj57578]
If you are doing IRB with RFC1483 PVCs, you may see certain IP anamolies such ARP resolution not working or if the ARP resolutions may take place and yet you cannot ping the neighboring device. These issues are currently being worked and a resolution will be available in a future release of IOS. [CSCdj58194]
Customer moved the IP multicast tunnels (DVMRP, GRE) from a serial interface to an ATM interface on an 4700. The packets are now process switched instead of fast switched, which causes a lot of CPU (IP INPUT).
When we use the serial interface for incoming packets and the ATM for outgoing there's no problem. Incoming on ATM, outgoing on serial also has this problem.
We used several IOS versions, always the same effect. In the config I tried ATM subinterfaces, ATM map-list, aal5mux and aal5snap.
It seems that incoming (IP multicast?) packets are not fast switched.
sh atm int atm0: 3869452 input, 2950238 output, 0 IN fast, 1097846 OUT fast [CSCdj59076]
When booting an unconfigured 3600 or 4X00 with a CE1 module, all available processor memory may be consumed during the initial setup dialog. [CSCdj60090]
The ARP lookup routine may suspend, causing unexpected behaviors for IP protocols. For example: If the OSPF routing process is traversing a list of neighbors to send LSA packets and the ARP routine is called, the ARP routine suspension could cause a system reset. [CSCdj60533]
Symptom:
OSPF ABR does not generate summary for some connected networks.
Conditions:
The problem happens when unnumbered interface is used with OSPF. Summary for connected network which is put in the same area as the unnumbered interface might not be generated to other areas.
Workaround:
The workaround is to redistributed the connected network into OSPF to retain connectivity to those network. [CSCdj60959]
Symptom:
show ip ospf int interface command does not allow customer to specify a virtual-access interface. As a result, customer cannot get OSPF information for a single virtual-access interface.
Workaround:
Use show ip ospf int command to get information for all interfaces, including virtual-access interface. [CSCdj61373]
When the metric in EIGRP increments beyond unreachable, the value can wrap wrap around and be reported as a smaller metric. [CSCdj62489]
CPU utilization for RIP and IGRP are higher than expected. [CSCdj62564]
The error message displayed at the console when dampening "reuse" is higher than "suppress" is bogus. [CSCdj62820]
Gratuitous ARP replies are always sent over every interface of the box every minute. No known workaround. [CSCdj63114]
EIGRP fails to redistribute static routes when the next hop is pointed to an interface. [CSCdj63538]
When multicast is configured and then ip rsvp bandwidth is entered on an interface without ip configured on it, the box crashes. [CSCdj63772]
Under rare ciscumstances a BGP router sends bgp updates with a duplicate community attribute, which triggers the neighbor reset. [CSCdj64103]
When spt-thresholds are in use and the last-hop router switches back to the RP tree, the RP-bit on the (S,G)RP-bit Joins are being dropped (not sent) by the next router in the path to the RP. This is resulting in erroneous state being created along the RP-tree and data does not begin to flow down the RP-tree for several minutes. [CSCdj64114]
Router may hang telnet sessions and reload in rsvp process area. [CSCdj64211]
Dynamic redistribution into EIGRP from another routing protocol fails if the routes being redistributed fall within the same major network as EIGRP. A temporary workaround is to remove the redistribution statement from the EIGRP configuration, then re-insert the redistribution statement. [CSCdj65737]
At the IP on GRE tunnel configuration, Drop 2nd and 3rd ping packet when there is no IP route cache. This phenomenon does not occur when there are IP route cache or no ip route-cache. [CSCdj66098]
ospf ignore lsa mospf does not suppress all error messages related to MOSPF. In particular, error messages about receiving MOSPF LSA in link state acknowlegement packet are still generated. These error messages will appear if there are more than 2 MOSPF routers on the same LAN as the Cisco router.
This fix suppress error messages for link state acknowlegment packet too. [CSCdj66792]
A router supporting FastEthernet that is configured with ISL encapsulation will place an entry in its ARP Table if a client in one VLAN is incorrectly configured with an IP address in the subnet assigned to another VLAN that is supported within that trunked interface. [CSCdj67271]
If the ACL number specified in the offset-list is 0, the offset-list entry is not NVGENed.
Currently there is no workaround. [CSCdj67950]
EIGRP topology entries from the redistribution of connected routes where EIGRP is already running natively may not clear when the interface goes down. [CSCdj68388]
When an interface is configured to send rip v1 packets while running rip v2, router sends out corrupt packets. v2 packets are not effected. No known workaround. [CSCdj69026]
ripv2 sending duplicate route in update over unnumbered link when 'no auto-summary'. [CSCdj69646]
A new bgp neighbor command:
neighbor / shutdown
is added so that an individual peer or a peer-group can be brought down without de-configuration. [CSCdj69829]
A new route-map "set ip next-hop peer-address" Command is added to simplify overriding third-party next-hop. [CSCdj69835]
Router may crash when 'clear ip route *' if RIP is enabled with 'output-delay' configured. [CSCdj70535]
When inbound soft-reconfiguration is configured, this bug may cause bgp attributes to be set incorrectly for received prefixes. [CSCdj73336]
Routers with misconfigured IP address on a connected lan, show up as PIM neighbors because they still respond to the "ALL_ROUTERS" multicast address on the lan. But for all practical purposes (RPF problems, DR selection), they are not PIM neighbors. [CSCdj74197]
When a multicast source is continuously sending traffic and receiver leaves the group, DR correctly sends a prune upstream. But it triggers a prune, even when the receiver joins the group within short period of time of leaving. This causes the router not to forward for a recently joined receiver. Forwarding resumes when next periodic join occurs (30 secs or so).
This bug was introduced in: 011.002(005.001) 11.2(05.01)P 11.2(05.01)F 011.002(005.002) 011.001(010.005) 11.2(05.02)P 11.1(10.05)AA 11.1(10.05)IA 11.1(10.05)CA04 11.1(10.04)CA01 [CSCdj75375]
Releases 11.1(15.1), 11.2(10.1), 11.3(0.11) and later, which include the fix for CSCdj38748, do not add an arp entry for an ip secondary address if the address is of the subnet of the ip primary address or another ip secondary address of the same interface. [CSCdj75552]
An IGMP v2 querier router which is running pim sparse-mode, fails to send IGMP v2 group specific query when a member of the group sends a leave message. This causes other remaining members on the LAN, not to send membership report until the next periodic, general query. These members may see a loss of data during this period.
A possible work around is to use dense-mode PIM or reduce IGMP query interval by
[no] ip igmp query-interval
command. [CSCdj75782]
If there are duplicate external's in an OSPF domain, under certain conditions, there could be a continuous route flap for this network. [CSCdj75857]
RIP and IGRP send requests when an interface goes down even the protocol is not running on that interface. [CSCdj77928]
If a clns route points to an interface, and if the interface processor is moved from one slot to another slot of the 7xxx router then the old clns route cannot be removed. As a result the CLNS static route is not consistent. The router needs to be reloaded after this unusual OIR event. The impact is highly reduced running an image including the fix CSCdi78048. [CSCdi78517]
clns static route across map-lists fails [CSCdi80018]
A dynamically discovered clns route does not overwrite a static clns route pointing to a down interface. Workaround consists of removing the static route definition from the configuration and issue the command "clear clns route". [CSCdj31228]
When using ISO-IGRP in conjunction with backup load functionality, ISO-IGRP routes may be un-usable for approx. 300 seconds after the BRI backup link drops. [CSCdj34115]
Routing protocol hellos and updates are given priority over normal user data packets. After all, why forward data if you are not sure you have the right routes.
ISIS makes sure Hellos are given extra priority. ISIS should also do the same thing for some other ISIS control packets (SNPs). [CSCdj56141]
When running iISIS, with a very large IP routing table, ISIS may cause a CPUHOG warning when building its LSPs. [CSCdj56158]
Symptom: When two routers running ISIS are misconfigured to have the same IP address, ISIS will happily install routes in the routing table that have our own IP address as next-hop.
Conditions: Misconfiguration of duplicate IP addresses.
Workaround: Don't make the mistake to assign duplicate IP addresses. The IP address that will be used as next-hop is visible with the command "show clns neighbor detail". The IP address selected will have an asterix. [CSCdj58060]
When ISIS is configured for IP routing, and the command
router isis display-route-detail
has been configured, and someone does a "show ip route isis" while the routing table is changing, the router may crash.
A workaround to prevent the crash is to unconfigure "display-route-detail". This command is normally only needed during debugging by cisco development, and there is no need to configure this in a production network. The command will be made hidden a hidden command. [CSCdj62173]
When a router is a L1-only router it has only knowledge of ISs and ESs inside its own area. Whenever a L1-only router wants to send traffic outside its area, it sends that traffic to a closest L1L2 router. If there are multiple L1L2 routers at the same cost, we will send traffic to only one of them. We will loadbalance over parallel paths to one of those closest L1L2 routers, but we will not use paths to two or more different closest L1L2 routers. For ISIS-IP we do the right thing. This is a CLNS only limitation. [CSCdj62661]
When an ISIS router has an IP summary configured, it advertises that summary to other L2 routers. But it does not have a route in the routing table for that route. When there are two L2 routers in an area advertising the same IP summary, the two routers will install an IP route for that summary pointing to each other. This can cause forwarding loops for packet for non-exisiting more-specifics of that summary. The solution is to install an IP route to the null0 interface for that summary. [CSCdj62664]
When a node is directly connected via a LAN interface, but also has other equal-cost paths via other nodes, only the directly connected path over the LAN is used. [CSCdj70485]
Parallel adjacencies between a pair of two routers are currently all advertised in the LSPs. This is not necessary. This fix changes ISIS and NLSP to advertise only one (and only the best) p2p adjacency between two routers.
There are a number of advantadges: 1) LSPs will be smaller and use less bandwidth when flooded 2) LSPs have lower chances of being fragmented 3) SPF calculations will be more efficient 4) flapping of one of a set of parallel links will be invisible to the rest of the network [CSCdj71654]
If you issue the ipx router eigrp command by itself, without including any network commands, a process is created that is visible with the show ipx eigrp neighbors, but that does not appear in the system configuration and cannot be deleted with the no ipx router eigrp command. The workaround is to issue a network subcommand to the ipx router eigrp command before issuing the no ipx router eigrp command. [CSCdi52895]
When using SNMP to change an existing IPX static SAP entry and only the sap hop count is provided to change a traceback may occur. Workaround is when changing IPX static services to provide all objects and not just the object which is to change. [CSCdi57358]
When walking the MIB on the 4500 a "NoSuchName" error may be returned for the IPX NLSP Neighbor Entry Group when the Neighbor table is present and populated. [CSCdi57864]
In order to facilitate redundant IPX topologies, it would be beneficial to have an IOS IPX command which would allow one to regulate the speed at which the router responds to IPX RIP requests, similar to the ipx gns-response-delay. [CSCdi82056]
Adding XNS back into a router's configuration after it has been removed may cause a system to restart by bus error. This may only be a one-time event if it occurs at all. [CSCdj16694]
Named access-lists defined for one protocol (say IPX) can be applied for other protocols (sap IP). [CSCdj18085]
Login takes a long time when traversing a router using the Microsoft 32-bit NDS client. The problem does not appear to be related to the Novell or Microsoft clients. [CSCdj25785]
When using IPX-EIGRP over ISDN with floating static routes, there may be a short delay (~10 seconds) before the application is able to get through. [CSCdj38031]
If two routers running NLSP are also connected redundantly to each other via RIP, route changes in the NLSP area are sometimes not redistributed immediately via RIP (flash update). The situation corrects itself after a brief delay since the correct information is present in subsequent RIP periodic updates from both NLSP routers. [CSCdj39987]
On certain platforms when using XNS fastswitching, alignment warnings may occur. These warnings are informational and cause only a small increase in overhead as the system does some extra work to control for the alignment issues. [CSCdj49994]
Before a floating static route is installed a waiting period is observed when the network is down and unreachable, if IPX watchdogs or SPX keepalives arrive during this time they will be dropped. This may lead to session timeouts. [CSCdj50629]
The XNS control protocol for PPP XNSCP does not appear to function of virtual profile interfaces. [CSCdj52423]
In using floating static route across an ISDN link, when IPX EIGRP is the primary dynamic routing protocol, when the link goes down the EIGRP route is installed but after the floating static is configured and the line goes down and then back up there is no route to that network. The EIGRP route is received but never fully installed due to what seems to be incomplete removal of the floating static route. [CSCdj52947]
Some IPX SAP packets are counted twice in show ipx interface and show show ipx traffic stats, some incoming SAP GNS packets may not be increment the incoming GNS counter. [CSCdj53762]
This defect is only seen if you disable and re-enable IPX/XNS routing. If during this disable to re-enable window, some interfaces change state, there is a possibility of loosing the IPX/XNS background process.
Symptoms of this problem could be loss of network connectivity to a slow memory leakage till the router cannot allocate any more memory, and you will need a reload the router to correct this situation. [CSCdj57257]
An access server may encounter high CPU utilization when IPX has been enabled on the async and ISDN interfaces if the IPX network is very large, has a large number of servers and is unstable. The process which uses the most CPU will be the "IPX SAP OUT" process as shown in the output of "show process cpu". This CPU is caused by SAP changes or flashes being sent to a number of lines where SAP updates are unwanted.
A new option to an existing command has been added in response to more than one customer seeing high CPU use due to the sending of SAP updates when they thought they disabled SAP updates. Normal updates were disabled or sent very infrequently but flashes/changes updates are still sent normally. There was no way to disable these flashes without impacting the end clients.
In 11.2 the command
ipx sap-interval
is now
ipx sap-interval < | passive>
In 11.3 a "passive" option has been added to the existing ipx update command making it:
ipx update interval < | changes-only | passive>
11.3 will also accept
ipx sap-interval < | passive>
but will write out to Non Volatile Memory in the new form
ipx update interval sap < | changes-only | passive>
When the passive option is set both the normal updates are stopped and the flashes/changes updates are stopped. Queries will still be replied to on this interface. The update interval is set to the same interval used in change-only, for SAP that is an interval of 0 and for RIP a large value, any SAP or RIP heard on these interfaces will use that value for aging effectively taking forever, or a very long time, to age out. [CSCdj59918]
When replacing an adapter type with a different type while the router is running (OIR), configuration problems can surface if the new adapter is configured with the same IPX (and/or XNS, Apollo) network number as that of the replaced adapter. The error message will look similar to this "%IPX network CAFE already exists on interface Fddi0/0".
Workaround: An alternative to this fix is to remove the IPX (and/or XNS, Apollo) network from the existing adapter BEFORE replacing it. The command to use to remove the existing IPX network number, while in configuration mode, is: no IPX networknetwork [CSCdj60836]
If the command no ipx default-route is configured, the interface command [no] ipx down is ignore and non functional.
Workaround is to enable processing of the default route. [CSCdj63007]
When an IPX static route is delete via the command no ipx route , the deleted route is not advertised as "invalid" out IPX interfaces configured for "changes-only" updates.
Work-around: =========== As a work-around to this problem resolution, issue the following interface commands at the router with "changes-only" interface(s) adjacent to the router for which a static route is being deleted:
ipx down networkno ipx down network
Using the above example configuration: IPX interfaces S0 for both routers RT-A and RT-B are configured with "changes-only" RIP update. If a static route was deleted in router RT-A, then the following commands must be issued at interface S0 in router RT-B to remove the static route learned from RT-A:
! interface s0 ipx down 2163 no ipx down 2163 [CSCdj64497]
'show ipx nlsp database detail | private' allows detail or private to be entered again. This is merely a parser problem. It has no effect on the output. [CSCdj64577]
EIGRP/IPX without RIP process enabled will encounter sap processing problem. The workaround is to enable ipx router rip with no network all. [CSCdj73190]
Following a reload or a clearing of the NLSP data base ("clear ipx nlsp *") a router may experience several minutes of high CPU utilization. This can only happen if the NLSP router is reporting large numbers of RIP routes and SAP services into its NLSP area. [CSCdj73759]
When using one-step PT translation to PPP, an IP address must be configured even if only non-IP protocols will be used. [CSCdi48604]
A few rare times not all the configuration in a virtual template may clone to a Protocol Translation virtual access interface. [CSCdj18041]
Parser allows keywork options node and port as inbound options for LAT in the translate lat global command. These are not supported as inbound options and should not appear in the parser. [CSCdj29889]
A translation from tcp to either LAT or X.25 using the printer option may fail to close the outgoing connection under rare conditions. This will make the vty line unusable for protocol translation. If an exec session is started on that line, the line will be usable again for translation after the exec ends. [CSCdj40442]
Configuring the translate command's "keepalive" option to 0 sets the keepalive interval to default of 10 seconds and it does not disable keepalive messages. [CSCdj57061]
The active use count on translations to autocommand is incorrectly not decremented after a translation session ends. This is a cosmetic problem, unless the max-users option is also used. The workaround is to not use the max-users option. [CSCdj60689]
When using the translate command's x25 outgoing protocol option "no-reverse", the option "no-reverse" does not override the reverse setting of the interface. In addition, the "no-reverse" option does not get displayed with its corresponding translate statement when using the exec command writeterminal or showtranslation [CSCdj61121]
Some initial telnet negotiation may occur at the beginning of an X25->TCP translation even though the stream option is specified. [CSCdj71495]
The IOS TCP does not perform slow start after a connection becomes idle. [CSCdj18053]
TCP sessions terminated on a router may experience increased delays in unstable environments with large RTT, lost packets, and interoperating with TCP stacks with no fast retransmit and no congestion avoidance.
The normal issues when running TCP in the above environment can be exacerbated by an issue where the router may not buffer out of order datagrams up to the advertised window size.
This is no known word around, but this appears to only be a problem in rare situations with sessions to TCP stacks of sub-optimal design. [CSCdj68834]
At the time of the crashes, multiple Frame Relay DLCIs were flapping. [CSCdj72482]
Inbound connections may erroneously be refused to a TCP translation service. This is most likely to occur when many connections are being opened and closed at the same time. [CSCdj73057]
When using TN3270 under low memory conditions, the router can run out of DRAM memory. Reloading is the only way to recover. [CSCdi77852]
When using TN3270 keymaps, a keymap will not be selected based on a match of the local terminal-type name to the name in terminal type list of the keymap unless the keymap name is equal to the local terminal type.
Workaround is to explicity select a keymap-type on the line (TTY) or make the keymap name equal to the terminal type name. [CSCdj35972]
Clearing obsolete VINES routes and neighbors using the commands clear vi route * and/or clear vi nei * can actually cause these obsoleted routes to remain in the table for days. This patch addresses the above problem.
As a work-around to applying this patch, refrain from issuing the clear vi route * and/or clear vi nei * commands. The obsoleted routes should age out naturally within 10 minutes. [CSCdj52929]
When VINES fast-switching is enabled on an ATM circuit which is configured with encapsulation type of "aal5ciscoppp", VINES traffic ceases to forward across this ATM circuit. As an alternative to this fix, the work-around is to disable VINES fast-switching on all ATM circuits which use the encapsulation type of "aal5ciscoppp". The command used to disable VINES fast-switching is no vines route-cache. This command is normally issued under the "virtual-template" interface that the ATM circuit is assigned to. [CSCdj55471]
Problem: ------- When a router is enabled for VINES routing and if any VINES command has been issued on any active interface, that interface is considered an active VINES interface and would cause periodic VINES updates to be sent out on that interface. This problem exists even after the VINES commands have been removed (using the no prefix. These invalid updates could cause neighboring VINES routers' routing tables to be invalid.
Work-around: Alternative to this problem resolution ----------- If VINES is enabled in the router, issue the following command on all active interfaces which are connected to a VINES network, or interfaces on which an interface VINES command (e.g., vines update interval 60) was issued:
The x25 route x121 interface ethernet is not a valid command even though it is accepted as such when CMNS is enabled on the interface. [CSCdi44036]
Asynchronous LMI updates are currently not supported. If the Cisco router receives an async LMI update from the switch, all PVC's on that circuit could go down. Disable async LMI updates on the switch to workaround this problem. [CSCdi46835]
When traffic prioritization is configured on a Frame Relay interface with the command frame-relay priority-dlci-group, the command no fair-queuing should be also configured on the serial interface to achieve effective traffic prioritization.
See associated BUG CSCdi52882 [CSCdi52067]
If extended access-lists are used to prioritize traffic over two DLCI's with the command frame-relay priority-dlci-group, then fast-switching must be disabled with a commands such as no ip route-cache or priority-group on the serial interface to achieve prioritization as designed by the access-list.
See associated bug CSCdi52087 [CSCdi52882]
The map-class subcommand frame-relay traffic-rate is not being converted to an equivalent value for committed information rate and committed burst and excess burst values.
In addition, this command is not being written to non-volatile memory when the write memory is issued.
There is no work-around for this problem. [CSCdi59984]
ip tcp header-compression is not compatible with ppp multilink but the config allows both commands to be configured for the same interface.
A workaround is to remove either ip tcp header-compression or ppp multilink from tne interface configuration. [CSCdi60142]
The parser does not show the ppp quality command as an option. However, you can enter the ppp qualitypercentage command. [CSCdi61507]
With a Router running NetBIOS Frames Protocol (NBF) over Token Ring, a device connected via Async or ISDN with PPP encapsulation will appear to connect successfully but will be unable to see other NetBIOS devices in a domain. [CSCdi72429]
Show dialer will not display the correct idle time for link in a multilink bundle.
For PRI, sync or async interfaces that are have ddr configured and are part of a multilink bundle: 1. execute show ppp multilink to find the master link for the bundle 2. Look at the idle timer for this link when executing show dialer. This is the correct idle timer for the bundle.
No workaround for BRI. See CSCdi57326 [CSCdi72858]
The command "ipx ppp-client " is only for Async interface as documented in the manual. It should not be allowed for other interfaces, especially dialer interface. [CSCdi74600]
On the 3600 platform a show controller output displays duplicated info for the BRI WICs. Show interface output displays the D and B channels out of order. [CSCdi82688]
When PPP or SLIP is started from the async interface command prompt, the configured peer IP address pool name is not used. Instead, the peer address will be retrieved from the pool named 'default'. [CSCdi83107]
When bridging over Frame Relay, the IETF encapsulation type configured on the frame relay subinterface is not inherited by static maps on that subinterface. As a result, they use CISCO encapsulation. A workaround to the problem is to use the IETF keyword in the configuration of the frame relay maps. [CSCdi85189]
ARP replies are not sent over a PPP multilink interface. As a workaround, you can configure a static ARP on the remote device or disable PPP multilink. [CSCdi88185]
Soon after you disconnect a PRI on which active calls connected, a message such as the following may be displayed:
%SYS-3-CPUHOG: Task ran for 2004 msec (1871/435), Process = ISDN, PC = 2206232E [CSCdi93207]
X.25 is not yet conducting all the necessary data checks when encoding packets, so differences in DTE/DCE behavior, differences in X.25 version handling or configuration errors can cause X.25 to behave inappropriately. In addition some facilities are not being encoded yet. [CSCdj04995]
Because of a VIP2 problem the ESA service adapter must be installed in port adapter slot1 rather than slot 0 to function properly. Use the show diag command to indicate which slot the ESA is occupying in the VIPs. [CSCdj06072]
Setting encapsulation X25 under Bri interface of 1004 may cause traceback messages. [CSCdj07092]
Snapshot does not work with multilink PPP. Workardound is to disable multilink PPP [CSCdj07330]
CHAP authentication might fail when you configure the aaa authentication local-override command. [CSCdj08113]
Sending a Control packet (DATA packets with Q-bit) while X.25 is busy sending Data with More Bit set, can cause the send request to fail and the message "PAD: Req data_tx with Q bit failed" to be displayed. [CSCdj10872]
When using DLCI prioritization on a point-to-point Frame Relay subinterface and one of the DLCIs fail, the subinterface may bounce once or continually bounce during LMI full status reports, depending on whether LMI reports the DLCI as being DELETED or INACTIVE. This behavior is the same for every DLCI defined in the priority-dlci-group.
During normal behavior, the point-to-point subinterface should go down when the primary DLCI fails. If a secondary DLCI fails, the subinterface stays up, but traffic destined for that DLCI only will fail. [CSCdj11056]
The software cannot detect invalid swttings of the switches. Thus it is important to check that all switches are fully switched into the correct position. It is a good idea, with rocker switches, to put them into the desired position and then push them once more just to be sure they are fully depressed. [CSCdj11089]
When trying to route multiple X25 VCs over a single VC, the router crashes with an error %SYS-6-STACKLOW: Stack for process X.25 Background running low, 0/2000.
This causes the router to reload. [CSCdj11838]
ciscoCallHistoryDestinationAddress is missing from CiscoCallHistoryTable for successful call. For failed calls, the CiscoCallHistoryTable does not contain ciscoCallHistoryDialReason. [CSCdj13033]
Removing a fr map-class followed by a wr will - crash the system - erase the complete NVRAM (all config lost). The problem has been duplicated with 11.2.4 and 11.2.5.4 [CSCdj15205]
Incoming Multilink PPP calls will cause a routing broadcast request to be sent out all interfaces configured for RIP or IGRP. This has no serious impact other than additional processing. [CSCdj15850]
A Cisco Router running Release 11.1(6.1) can experience an input queue wedge on the serial interface. The symptoms are dropped packets on the interface. The only way to clear this problem is to reload or power cycle the router. [CSCdj17547]
PPP has been observed to actively negotiate LCP on a shutdown BRI interface on a 4x00. [CSCdj17377]
Intermittent ping failure when pinging over a ddr interface using lapb encapsulation. No workaround [CSCdj20072]
Sometimes an AS5200 displays messages of the following type on the console :
*Mar 1 12:23:16.295 EST: %AAAA-3-BADSTR: Bad accounting data: too many attributes
This problem in the feature dialer profiles is purely cosmetic. "idle timer" in "show dialer" doesn't change under the physical interfaces(BRI0:1 and BRI0:2) when entering the command "dialer idle-timeout xxx" under the logical interface(interface dialer1). Moreover, the idle timeout will be according to the defined value (xxx), which is specified under the logical interface. See below.
Furthermore, you cannot enter the command idle timeout under BRI0 when using dialer profiles.
artevelde#sh dialer BRI0 - dialer type = ISDN
Dial String Successes Failures Last called Last status 0 incoming call(s) have been screened. BRI0:1 - dialer type = ISDN Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is idle BRI0:2 - dialer type = ISDN Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is idle Dialer1 - dialer type = DIALER PROFILE Load threshold for dialing additional calls is 1 Idle timer (3600 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is idle
Dial String Successes Failures Last called Last status 237 4 2 00:22:35 failed Default artevelde# interface BRI0 description ISDN number 234 no ip address encapsulation ppp dialer pool-member 1 no fair-queue ppp authentication chap ! interface Dialer1 ip address 1.1.2.1 255.255.255.0 encapsulation ppp dialer remote-name bavik dialer idle-timeout 3600 dialer string 237 dialer load-threshold 1 either dialer pool 1 dialer-group 1 no cdp enable ppp authentication chap ! [CSCdj24994] [CSCdj25563]
Currently, the private buffer pool on the 4500-ATM card can be adjusted but the changes are onyl applied to the largest-size private buffer pool for that card rather than the mtu-based buffer pool that the card is using. This is currently being worked on and will be fixed in a later release of IOS. [CSCdj25842]
In a LANE environment the ATM module on the Cisco routers does not report the correct traffic count on the 'show int'. This problem has been identified and will be fixed in a future release of software. [CSCdj28364]
Router may stop making Frame Relay SVC calls after a long time. [CSCdj29722]
3640 Router with BRI interface second B-channel failed. The second B-channel failed to respond to the switch pull so the TEI is removed. First B-channel is not affected. [CSCdj33831]
*** Release-note *** This problem occured only using with pri.When I used bri on 4500 and these F-train images,the problem didn't occure.With bri testing, router recieved and placed a call correctly. [CSCdj34773]
This DDTS adds the following hardware registers to the crash context for VIP that is displayed in sho diag:
When dialer rotary-group is entered on an interface which has ongoing calls a crash seems to happen.
The workaround is to bring down all the ongoing calls ie. by disconnecting or shutting down the interface and then adding the dialer rotary-group . [CSCdj35360]
" sh isdn history " command shows improper o/p. [CSCdj36783]
When configuring 128k leased line on Cisco IOS Release 11.3, the Cisco 1000 series router may unexpectedly reload. [CSCdj37278]
If an asynchronous interface is configured with encapsulation slip (the default), and if it is currently up and running with encapsulation ppp, then the configuration command "encapsulation ppp" will not be saved in the running or nonvolatile configuration. [CSCdj38128]
In case of Frame Relay SVC, SNMP failed to get ShowFramePvc Object over Frame Relay. [CSCdj38255]
AToMMIB not supported on atm-lite. [CSCdj39371]
In the ISDN layer2, layer3 and management entity tasks, memory pointers are becoming invalid, it appears due to a race condition between tasks when when memory is freed in one task, and then another task attempts to access this now invalid pointer. This scenario has only been seen on ISDN BRI platforms in which a number of the BRI interfaces experience persistent deactivation such that the management entity is shutdown, etc. Add validmem_complete() checks before accessing pkt, pkg or primitive pointers, and before freeing these same. [CSCdj40403]
arp handling isn't quite right for 11.2(8) atm lane. [CSCdj40570]
Active calls dropped when entered "no shut" for Group-Async interface. A new hidden command is created to do no shut without dropping calls. [CSCdj41199]
Running two way authentication with Virtual Profile, running on ISDN may cause NCP negotiation failure. The workaround is to have only the NAS authenticate the user. [CSCdj42420]
On a 3600 series router, HSRP hellos are not received on a token ring interface with multiring all configured. [CSCdj47021]
You may experience issues with the pri hanging or busy when all channels are not in use. This is usually accompied by the following console messages:
ISDN Se9/0/1:23: Error: CCB run away: 0x61D97560: ISDN Se9/0/1:23: Error: CCB run away: 0x61C494F8: ISDN Se9/0/1:23: Error: CCB run away: 0x61C494F8:
A CCB is an internal structure, Call Control Block. Should only have 1 per call and B-channel. For an example, look at interface, Serial 9/0/1, 60 CCBs. Looks like Duplicated callids, B-channels, possibly caused by calls are failing and not getting cleaned up.
The only work-around is to reset the controller manually. This can be done with a shut / no shut of the 'interface Serial0:XX' or reload the router.
Modified the state change handler from B-channel to D-Channel for 128K leased-line configuration.
Added check for Layer 1 status before moving the IDB state to up for 64K leased B-Channels. [CSCdj50927]
An async interface with PPP encapsulation and DHCP address pooling will cause any matching dialer map IP address to be ignored. [CSCdj51011]
If a group-async interface is deleted, the group-range command from that interface is not automatically undone. [CSCdj51099]
Some Protocol Translations configurations will emit "%ALIGN-3-SPURIOUS: ...". This usually happens when a PPP over LAT session is terminated ungracefully. [CSCdj51284]
Direct broadcast with physical-broadcast destination MAC address is not forwarded to helper address over atm/lane interface. [CSCdj51378]
IOS support of rfc1315 frame relay mib does not include listing subinterfaces associated with dlci. As a result, any particular dlci will be referenced by the ifIndex of a main interface, rather than the subinterface the particular dlci is associated with. [CSCdj51386]
CPP encapsulation for compatibility with Combinet ISDN routers is permitted by the parser, but entering the configuration command "encapsulation cpp" results in %LINK-3-BOGUSENCAP error messages. There is no workaround. [CSCdj52384]
When the commands ip tcp header-compression and ppp multilink are configured together on the same interface, it can cause the router to crash.
The workaround is to remove the ip tcp header-compression or ppp multilink command. [CSCdj53093]
A router configured as ISDN leased-line does not tolerate other devices to share the same S-bus with it. It can only be used in a point-to-point fashion. [CSCdj53215]
When a configuration of 2 systems has Frame-Relay LMI timeouts set differently on DTE and DCE systems in communication, then the PVCs could remain active but no data would be transferred because once system would have declared the connection inactive while the other system still thought it was active.
The workaround is to set the timeout values the same using the lmi-t392dce parameter. [CSCdj53354]
%SCHED-3-PAGEZERO error messages are noticed, when a V.120 Terminal adapter connects to a vty line on cisco AS5200 Access Server's via ISDN, to run SLIP framing. [CSCdj54429]
CCP and legacy PPP may not work together. [CSCdj55923]
Under some circumstances, an AS5200 which experiences a layer 2 dropout may reject incoming calls even though channels and modems are available. This is caused by the retention of some obsolete information in the AS5200's ISDN call status table.
Configuration of scheduler-intervalmilliseconds often helps avoid these dropouts; a value of 2500 milliseconds is recommended. Also, make sure that console logging is either disabled by the no logging console configuration command or buffered by the logging buffered configuration command.
The bug fix in this DDTS applies only to the Primary-5ESS and Primary-DMS100 switches. [CSCdj58138]
In x28 mode, the exec-character-bits setting is not used. As a result, commands from terminals with mismatched parity settings are not understood. [CSCdj58264]
If neither packet size nor window size facilities are included, other facilities may be stripped. [CSCdj60831]
When X.25 switching is configured, Call Request packets for unknown destinations are not freed properly, resulting in a buffer leak. [CSCdj60878]
Symptom: 4000 Router reloads when frame-relay traffic shaping is unconfigured
Conditions: once configured, 4000 router may crash and reload if traffic shaping is unconfigured
Workaround: only workaround seems to be to blow away the config on the router, reload it, and restore the config. [CSCdj61097]
When configuring map-class frame-relay BCcommitted-burst-size, the system may encounter a CPU exception with reason = EXEC_ADERR(1200) and restart.
There is no workaround, this is an intermittent problem. [CSCdj62139]
1. Symptoms ----------- This bug pertains to utilizing Frame-relay SVC's. IOS appears to not include the magnitude parameters for Be and Bc on the SVC CONNECT message (It only includes them in the SETUP Message). The SVC circuits are on S4/0 for both routers. Without the magnitude parameters, the biggest value Bc and Be can be is ~130Kbits.
3. Workaround ------------- None known at this time [CSCdj63173]
PPP on Asynchronous interfaces configured with the Command Autoselect PPP takes too long to negotiate. [CSCdj63179]
Some Windows 95 Dial sessions that use script files fail to connect to an Asynchornous interface on Cisco Access Servers. [CSCdj63311]
When X.3 parameter 13 is set to 1, Incoming X.25 data stream is masked with the TTY data-character bits mask to extract the original data sent by the remote X.25 host. [CSCdj63533]
A frame relay interface configured for ANSI LMI will acknowlege a Cisco LMI update when the router should ignore it. [CSCdj64207]
Switching x25 calls without CUD will result in a bus error and subsequently, reload of the router. [CSCdj64505]
The map-class commands
frame-relay bc out frame-relay be out
are accepted by the enterprise image. These parameters are relevant for SVC setup.
However, the traffic shaping code doesn't use them As a result the values appear to be unset.
This behavior can be avoided by using the commands:
frame-relay bc frame-relay be [CSCdj65624]
TCP sessions originated over a router running multilink ppp can see sessions reset. This occurs only if there is more than one link in the multilink bundle and is due to the TCP sequencing number being corrupted.
With the enable mode debug ip tcp transactions you will see an false sequence number of 4278386749.
The current workaround is to either disable multilink ppp or set the interface subcommand multilink max-fragments 1. [CSCdj66824]
When the system is reducing its rate in response to the receipt of BEcNS, the reduction may not be predictable. Rate adjustments are made once per interval if any number of BECNs were received during that interval. [CSCdj67297]
frame-relay is broken. Most of the protocols on frame-relay may not work and packets may get dropped/misbehave as parsing of packets is not properly done in some cases. [CSCdj67384]
Configuring a PVC via the "frame-relay interface-dlci" command on multipoint subinterfaces caused a system reload if the PVC had previously been learned via inverse arp. [CSCdj67510]
Code must be updated to support new IOS calls introduced in 11.0 [CSCdj67809]
For ISDN PRI interfaces the Interface specifier in the Channel IE may not be supported by all switchtypes. If an incoming call does not have the Interface specifier, then do not add it in subsequent messages. [CSCdj67833]
An extended format X.25 Clear packet is not properly encoded if forwarded during X.25 switching. The virtual circuit will then be cleared anyway, due to the encoding error. [CSCdj67975]
When a user dials into an as5200 and uses a virtual-access interface over a normal async interface, IPCP will sometimes not negotiate correctly and loop over until the connection disconnects. This occurs for a very specific client. Normal windows 95 client work correctly. [CSCdj68881]
Custmer getting the following error %LINK-3-TOOBIG: Interface Lex1, Output packet size of= 1520 bytes too big on 4500 router after upgrading to 11.2.9. [CSCdj69018]
With an async interface in "async mode dedicated", but with "autoselect ppp" in effect on the corresponding line, when an incoming call arrives, autoselect spuriously starts on the line, despite the "async mode dedicated". This spurious autoselect quickly loses, rendering the line useless.
The workaround is to put in "no exec", "no autoselect ppp", "no autoselect during-login", etc., on the line. [CSCdj69797]
Even if you are using a dialer interface, you must configure an IP address, and "ip tcp header-compression", on the physical interface, if you want PPP to negotiate TCP header compression.
For example, given the following configuration:
int async1 no ip address dialer rotary-group 1 encapsulation ppp int dialer1 ip unnumbered loopback0 encapsulation ppp ip tcp header-compression
TCP header compression will NOT be negotiated. You will have to modify the physical interfaces as follows:
int async1 ip unnumbered loopback0 ip tcp header-compression
if you want PPP to negotiate VJ TCP header compression. [CSCdj70582]
Symptom:
IPX dialup clients do not see a server list.
Conditions:
Any IPX dialup connection usiing ISDN or any form of PPP multilink will not see a server list if they are using the 32 bit Netware Client or any device requiring an IPX RIP response.
This is a regression introduced by CSCdi72429.
Workaround:
Use a client that does not require IPX RIP such as the Microsoft Netware Client. [CSCdj70744]
When a dialup PPP link is coming up, PPP sometimes drops incoming LCP packets with a debug message: "Lower layer not UP, packet dropped". This is specially noticed on Asynch Autoselected interfaces. [CSCdj72006]
After Reload sometimes an Asynchronous interface running PPP framing will not come UP/UP automatically.
A workaround is to change the line speed or to clear the line or to issue the configuration commands Shutdown and the configuration command No Shutdown in succession. [CSCdj72909]
PAD over XOT and normal switched x25 calls over XOT only try the 1st address in the x25 route statement. When multiple IP addresses are specified, they are NEVER tried. [CSCdj72912]
The CyBus error reporting has been improved to help diagnose problems caused by VIP cards. Following the normal RSP-3-ERROR:
The presence of a DBUS-3-CXBUSERR can help identify a possible cause of the error:
%DBUS-3-CXBUSERR: Slot 2, CBus Error
And additional information about the CyBus error may be provided via the VIP2-1-MSG logging mechanism:
%VIP2-1-MSG: slot2 Nevada Error Interrupt Register = 0xA01 %VIP2-1-MSG: slot2 CYASIC Error Interrupt register 0x2010000F %VIP2-1-MSG: slot2 Readback of bad posted read data %VIP2-1-MSG: slot2 Parity Error internal to CYA %VIP2-1-MSG: slot2 Parity Error in data from CyBus %VIP2-1-MSG: slot2 Missing ACK on CyBus access %VIP2-1-MSG: slot2 NACK present on CyBus access %VIP2-1-MSG: slot2 CYASIC Other Interrupt register 0x100000 %VIP2-1-MSG: slot2 Unknown CYA oisr bit 0x00100000 %VIP2-1-MSG: slot2 CYBUS Error register 0x8001A10, PKT Bus Error register 0x41000001 %VIP2-1-MSG: slot2 Reno read parity error - bytes 0 & 1 %VIP2-1-MSG: slot2 Reno read parity error - bytes 2 & 3
The CyBus error will then still result in a cbus complex restart:
%RSP-3-RESTART: cbus complex [CSCdj74213]
LANE does not filter multicast packets (like ethernet hardware). As a result, some multicast packets may get to process level and get duplicated. To prevent the router from doing this, configure bridging on the interface. If the protocol is routed and if bridging is configured on the Lane Client configured interface, the multicast packets will get dropped. [CSCdj74418]
The x25 map option nudata may not be saved to non volatile correctly. [CSCdj75866]
When there are open channels on a PRI for a 5200 11.3(1), some incoming voice calls will be rejected with
Jan 28 20:37:30.347: ISDN No free channels: CALL_INCOMING, Voice: ERROR
This apparently occurs with incoming ISDN voice calls only [CSCdj77099]
This section describes possibly unexpected behavior by Release 11.3T. Unless otherwise noted, these caveats apply to all 11.3T T releases up to and including 11.3T.
If modem startup-test is configured on an AS5200, and if the AS5200 has 56k modems installed, then the startup test will interfere with the modem DSP code download. This can result in excessive delays in the DSP download, and sometimes in DSP code download failures. For example, one may see:
Nov 6 18:11:49.715: %MODEM-5-DL_DSP_START: Modem (2/4) started DSP download [...] .Nov 6 18:21:27.798: %MODEM-5-DL_DSP_GOOD: Modem (1/15) completed DSP download: MNPClass10K56flexModemRev3.1.30/85
i.e. an interval of many minutes between the start and completion of the DSP download.
Currently there are several major issues with using extended access-list in route filtering:
- Performance:
As entries of an access-list are stored in a linked list, search and insertion are too slow for large lists.
- Incremental Update:
Incremental update is not supported.
- User Interface:
The command-line-interface (CLI) is difficult to understand or use as it was implemented using packet filtering format.
The prefix-list is implemented for the purpose of efficient route filtering. Comparing with using the (extended) access-list in route filtering, there are several advantages with using the prefix-list:
- Significant performance improvemnt in loading and route lookup of large lists. - Support for incremental updates. - More user-friendly command line interface.
Several key features with the access-list are preserved in prefix-list:
- Configuration of either "permit" or "deny". - Order dependency - first match wins. - Filtering on prefix length - both exact match and range match.
However, non-contiguous masks are not supported in the prefix-list. [CSCdj61356]
When mrouted (3.8 or 3.9beta) and Cisco are connected on a LAN, and mrouted has a lower IP address then Cisco, mrouted is supposed to be IGMP v2 querier router. But Cisco discovers that mrouted has failed to send query and sends it's own query. Then, mrouted sends a query and Cisco shuts up and considers, mrouted is now the querier. In some cases, this may cause either router's igmp cache to time-out, causing blackouts for the receivers on the lan. [CSCdj73844]
In ISIS each metric consists of 6 bits. There is an extra bit called the internal/external bit. This functions like E1 and E2 external routes in OSPF. Our current implementation lets you set this bit at redistribution, but we will never look at this bit when calculating routes. [CSCdj62665]
In ISIS all areas are stub areas. This means that no routing information is leaked from the backbone (L2) into areas (L1). Level-1-only routers will use default routing to the closest L1L2 router in their area. This new feature will enable one to redistribute L2 IP routes into L1 areas. This enables L1-only routers to pick the best path for an IP prefix to get out of the area. This is an IP-only feature, CLNS routing is still stub. Which L2 IP routes can be redistributed into L1 can be controlled via distribute-lists for more control and scalability. [CSCdj62666]
ISDN PRI interfaces support a new switchtype, primary-ni, needed for US switches running National ISDN.
Multiple switchtypes can exist in the same router. The switchtype stays global, but also becomes an interface command as well. Router can now be configured to support different switchtypes on different PRI interfaces as well as BRI and PRI in the same platform. [CSCdj64195]
When the system is reducing its rate in response to the receipt of BEcNS, the reduction may not be predictable. Rate adjustments are made once per interval if any number of BECNs were received during that interval. [CSCdj67297]
