9.1(16) Caveats

This section describes possibly unexpected behavior by Release 9.1(16). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(16).

AppleTalk

When entering more than one zone for an Appletalk-enabled interface, zones after the first are shown in the order opposite from what was entered. This has no functional impact on router operation whatsoever, however it may make comparisons of configuration files more difficult.

For example, if the following commands were entered:

interface ethernet 0 appletalk zone a appletalk zone b appletalk zone c appletalk zone d

...the following would be output on 'write terminal':

interface ethernet 0 appletalk zone a appletalk zone d appletalk zone c appletalk zone b

The user ordering will be preserved in an upcoming maintenance release of 9.21 and 10.0. [CSCdi20804]
CSCdi31098 introduced an error where some AT/EIGRP update packets from neighboring AT/EIGRP routers would be dropped with an indication that they were received with an incorrect DDP checksum.

The update packets are, in fact, not being generated with an incorrect checksum. However, the error in question causes the packets to be dropped regardless of whether or not the packets' checksum is correct.

The easiest work-around is to disable DDP checksums on the router running AT/EIGRP and dropping update packets and indicating checksum errors. [CSCdi31812]

Basic System Services

igs-syn (ROM boot) fails. There is no further information about this problem. [CSCdi04653]
The protocol translation option of the IGS router software fails to properly initialize the allowed transport outputs to include X.25 PAD service. This will result in messages of the form "% pad connections not permitted from this terminal" when a user attempts to create a PAD connection. Outgoing PAD connections configured via translate commands will operate correctly. A workaround is to configure the virtual terminals on the IGS to explicitly include the PAD capability by using the command transport output lat pad telnet. [CSCdi05115]
The stopbits 1.5 command is never written to nonvolatile RAM or to remote network configuration files, even for lines which have been configured using it. [CSCdi05124]
If a terminal line is configured with a non-existant access-list number (or acquires an access list via user login), IP connections will be permitted, but LAT connections will not be allowed. This is an inconsistancy, included for informational purposes. There is no actual failure. If a terminal line is configured with a non-existant access-list number (or acquires an access list via user login), IP connections will be permitted, but LAT connections will not be allowed. This is an inconsistancy, included for informational purposes. There is no actual failure. [CSCdi08234]
When loading an image from flash in a cisco 4000 in which the configuration file has the command:
x25 map NOVELL [x.x.x.x] [x.21 address] broadcast
the following error message appears during the boot sequence:
Illegal Novell address Unknown protocol keyword [x.21 address]

There is no operational impact. [CSCdi09366]
Fixed in 9.21 [CSCdi17538]
It seems that static routes are being reported as ipRouteIfIndex = 0 :
KEY=1.0.0.0 ipRouteDest=1.0.0.0 ipRouteIfIndex=0 ipRouteMetric1=0 ipRouteMetric2=-1 ipRouteMetric3=-1 ipRouteMetric4=-1 ipRouteNextHop=198.92.60.3 ipRouteType=direct ipRouteProto=local ipRouteAge=18 ipRouteMask=255.0.0.0

Since the type of connection is direct, there is no way to see that this in fact is a static route.

RFC 1213 does not provide a mechanism to identify static routes. Rather than not report them, cisco's implementation reports them as ifIndex=0. [CSCdi17967]
A memory leak in big buffers causes the router to miss lmi packets on a frame relay connection, resulting in the line going up and down and loss of RSRB connectivity. 9.1(11.1) or above resolves the problem. This failure is rare. [CSCdi19558]
The show version command does not label the booted image correctly when it was booted from ROM. The command shows "System image file is unknown, booted via" instead of the expected "Running default software." [CSCdi23575]
Detection and initialization of the flh logging buffer is incorrectly handled possible causing a "booting loop." During power up, reloading, or exception handling the presence of the flh logging buffer is detected by validating a MAGIC value in the buffer header. If the magic value is present the buffer is assumed to be present.

During power cycling, it's possible for the Magic value to be retained in DRAM even though the contents of the buffer is invalid (and parity has been lost as well). Messages are logged to the buffer during boot up time. This results in a parity error, which in turn tries to log a message to the flh logging buffer. This leads to a double bus fault. The system watchdog timer resets the system and the process repeats.

The following output is seen on the console port:

System Bootstrap, Version 4.0(8), RELEASE SOFTWARE Copyright (c) 1986-1994 by cisco Systems

System Bootstrap, Version 4.0(8), RELEASE SOFTWARE Copyright (c) 1986-1994 by cisco Systems

System Bootstrap, Version 4.0(8), RELEASE SOFTWARE Copyright (c) 1986-1994 by cisco Systems

System Bootstrap, Version 4.0(8), RELEASE SOFTWARE Copyright (c) 1986-1994 by cisco Systems ...

The OK led may also flash at the rate with which the system reboots.

If the system showing this symptom is powered of for a minute and then powered on, the system should boot up correctly. [CSCdi24663]
This bug exist in version 9.1, 10.0 and 10.2. When forwarding BOOTP reply which original UDP checksum is non-zero, the box will recalculate the UDP checksum before forwarding it. However, the checksum is calculated incorrectly so the BOOTP client will reject it. The fix solves the problem for 10.0 and 10.2. [CSCdi27277]
There are a few instances of the NO MEMORY error message where the arguments will not be printed correctly. This should not be a problem, as the included stack trace will pinpoint what part of the system was attempting to allocate memory. [CSCdi31811]

Communication Server

Making a reverse telnet to an async port configured as a dedicated SLIP line may hang the router. [CSCdi26062]

DECnet

In DECnet extended access-lists, use of the character '_' causes that entry to be denied even if it is permited in the access-list. The workaround is to use a backslash in front of this character ex. _ [CSCdi12947]

EXEC and Configuration Parser

On the communication server, many subcommands of show, clear, and debug that are not at all applicable to this system are nonetheless listed when the user types a question mark (?) on a partially typed command. [CSCdi05319]
The command show flash is not currently supported on terminal servers and protocol translators. [CSCdi05506]
The no slip anything command turns off all SLIP on the line, instead of just turning off the anything capability. There are other ways of turning off the individual SLIP options. The slip accesss-class 0 in command removes an input access list. The slip interactive command is the inverse of slip dedicated. The slip header-compression off command turns off header compression. foobar. [CSCdi07912]
Operation of banners is inconsistent with respect to where logins occur. Also, need to add a banner login command to allow for special banners to accompany TACACS logins. [CSCdi10700]
The configuration parser ignores trailing characters at the end of otherwise valid command lines In the following example "interface Serial 0 apple cable-range 20-20 20.200", the "apple cable-range 20-20 20.200" would be ignored [CSCdi12442]
"delay x" is removed whenever the router reloads. It needs to be manually reconfigured under token-ring interface. [CSCdi13445]
If a router doesn't have ethernet or token-ring card, it doesn't use the FDDI ieee mac address or novell mac address while system boots from flash or net. It learns the FDDI address if the system boots directly from rom. [CSCdi13950]
The command "lo" has different results with different versions of cs500 software. For instance, in 9.1(3), typing "lo" means logout. In 9.1(6), the command "lo" means lock. In 9.21, "lo" generates the message "ambiguous command". [CSCdi15444]
Even if configured with exec-character-bits 8, user typin to the exec prompt is echoed and interpretted with the 8th bit cleared. [CSCdi25148]

IBM Connectivity

In certain topologies, the LAN Network Manager "Path Test" functionality cannot be executed successfully across a Cisco source-route bridged backbone. [CSCdi07266]
A local-ack session can sometimes get out of sync with the remote side. That is one side will say connected and the other side will say disconnected. This violates a key operating principal of local ack. [CSCdi09715]
The RIF cache entry for SDLLC does not get removed after the SNA session goes away. If the RIF happens to change during the next connection attempt (due perhaps to a duplicate FEP MAC address configuration), the SDLLC connection will fail due to the existing RIF entry. The code fix changes this behavior so the RIF associated with the SDLLC session is static for the duration of the session and gets removed properly after session loss. [CSCdi11427]
Document changes for clarification of bridging access-list(extended): 1/When attempting to enable an explicit permit, please note that this following syntax will be allowed: access-list 1100-1199 permit 0000.0000.0000 ffff.ffff.ffff 0000.0000.0000 ffff.ffff.ffff Note the lack of an offset/operator/operand. 2/ An extended access list should not be used on FDDI interfaces that provided transit bridging. 3/ "Offset" field is the number of bytes from the start of the destination address field in the packet not the start of the packet. [CSCdi12667]
Remote Source Route Bridging using direct encapsulation across a token ring does not work. [CSCdi13077]
SR/TLB doesn't work within a router, i.e: Both Ethernet interface and Tokenring interface are in the same router. This behavior can only be found in 9.1.7.1. 9.1.7 and 9.1.7.2 work fine. [CSCdi13258]
Setting the bridge number on SRB interface using Lan Network manager fails. [CSCdi14352]
This problem shows up as a serial device which fails to restablish a locally acknowledged sdllc session after the session has died. The serial interface will show the interface up but the device in disconnect state. The recovery is to do a shut/no shut on the serial interface. [CSCdi14604]
When issueing a query of the virtual ring form Lan Network Manager the information supplied by the system is incomplete. [CSCdi15923]
When IPX routing is enabled on a Token Ring interface and there is a source-route bridge network behind the ring, a multiring ipx all command is used to cache the RIF in the router. During normal operation all is well. But when a station is moved from one ring to another ring (for example, from 0B8 to 0B1), the station cannot reach the server. Looking at the RIF cache on the AGS+, it is fine. However, analyzing the frames with a Sniffer, we can see the "create connection request" from the station with a good RIF field but the answer from the AGS+ shows the previous RIF (the RIF before the station was moved). The workaround is to disable the IPX route cache or to clear the IPX cache when a station is moved. This is a general problem with all routed protocols. The RIF code does not inform the routing protocols when an entry in the table changes. Therefore, the cache entries become invalid. [CSCdi17099]
When an RSRB remote peer connection is lost, a "%RSRB-4-CONIPST: Peer nnn/n.n.n.n, CONN, illegal state 2" message may appear on the console. This message represents a transitory RSRB peer state condition and has been moved to appear under debug source-bridge output. [CSCdi18888]
When an RSRB remote peer is being shut down or brought up a "%RSRB-3-HDRVRP: Peer nn/n.n.n.n, HDR, vrp state wrong, 0" message may appear on the console. This message most likely represents a temporary state transition and will be moved to debug output. [CSCdi18890]
RIF entries for Novell traffic (specifically Netbios over Novell via helper addresses) continue to age out when the end stations are on the *same* ring as the router. [CSCdi18995]
On a router configured with RSRB through Frame Relay, the RSRB peer state remains stuck at "REMWAIT" and "REMOPEN" after a Frame Relay link recovery. [CSCdi21067]
Turning on proxy explorers caused the router to be in a hung state as it was putting the packets on the same ring more than once, which is a violation of SRB protocol. [CSCdi32284]
TEST/XID frames are dropped by the cisco box. [CSCdi32976]

Interfaces and Bridging

This bug was caused by improper management of shared memory buffer. The errors began showing up when data rates began increasing. [CSCdi05445]
When under high loads, the CSC-2R may enter the "initializing" state. If initialization is delayed because of excessive input load, the system may eventually time out and shut down its interface to the ring. This will result in an interface reset. [CSCdi05446]
Using local SRB under heavy load may cause SETFUNFAIL errors and a high rate of resets for both the CSC-2R and CSC-R16 Token Ring interfaces. [CSCdi05499]
There is an extremely small timing window where the CSC-R16 or CSC-2R may attempt to send a frame that does not exist. This transmission attempt usually causes the interface card to reload with an adapter check error. [CSCdi05663]
When receiving routed IP frames on a CSC-R16 or STR interface, the IP TTL field is decremented twice. This causes the router to appear twice in a traceroute display. This is a bug in the SBEMON 3.0 and STRMON 1.0 interface firmware. [CSCdi05925]
STR ring-speed of 16 causes beaconing as it inserts into the ring. There is no further information about this problem. [CSCdi06874]
There is a possibility that the input queue on Ethernet-based Cisco 3000s may fill completely when the router is configured for bridging. This is most noticeable when bridging from a fast media like Ethernet to a slow media like ISDN. There is no known way to recover from this error other than to reboot the router. [CSCdi07582]
BSD-derived UNIX systems have a bug that the block number in the TFTP header file is a short instead of an unsigned short. Because of this, we are unable to successfully write core on a 16M CSC4 to some UNIX systems with this bug because the last block will never be accepted by the UNIX TFTP daemon. However, the entire core file is successfully written except for the last 512-byte block, so we can still use the incomplete core file for debugging system problems. [CSCdi07776]
All references to the no smds d15 command should be removed. The documentation should state that all SMDS interfaces come up in the D15 mode by default and that they should stay that way. [CSCdi07919]
In bridge tables with large numbers of entries or more than one bridge group, dynamic station entries may appear with an S in the Age field. These entries will not be properly aged or relearned, which may result in a station being unreachable from a bridge should the spanning tree reform. These entries may be removed manually using the no bridge group address MAC-address command. This action will allow the entry to be relearned. These entries can be removed from the bridge table as a whole only by reconfiguring the affected bridge group. [CSCdi08239]
The SLIP address used on a terminal server mode SLIP line must be on the same subnet as the primary IP address of the LAN interface. SLIP addresses on the same subnet as a secondary address are not supported. [CSCdi08424]
For Token Ring interface only, multicast addresses were bit-swapped before being inserted into the forwarding database. This is incorrect, since all packets received will be bit-swapped before being compared. Do not bit-swap them before inserting them into the forwarding database or else you will see garbage characters in the forwarding database. There is no workaround. [CSCdi08615]
When IP extended access lists are used and the extended access list has not yet been defined, some usages result in all packets being denied. Other usages result in all packets being permitted. [CSCdi08718]
If a very large FDDI SMT frame is received or sent by the router, and debug fddi-smt is configured, the debug output for that frame may be corrupted. [CSCdi09114]
The communication server will send SLIP packets on an async network interface configured for DTR dialing, whether or not dialing has been completed. Many modems require special configuration to prevent them from aborting the dialing sequence when they see this data. [CSCdi09342]
Dial-on-demand routing on Async serial interface (DTR dialing) works only for SLIP encapsulation. DDR over asynchronous PPP is not supported in this release. [CSCdi09343]
An Ethernet frame padded to meet the minimum required length sent from an Ethernet across a serial line to another Ethernet the 6 byte padding is dropped . So it resulted in a runt with 58 byte length seen on the destination Ethernet across the serial line. This caveat occurs only when the system bridges Ethernet frames with length field (802.3, ISO, and SNAP) with more than two interfaces in the same bridge group.

This is configuration sensitive when using 9.1 or 9.0 s/w on one router and 8.3 on the other router. [CSCdi10148]
A "%SYS-2-GETBUF: Bad getbuffer" error message is generated by corrupted shared memory pointers. This problem is corrected in the new fastmac microcode incorporated into STRMON 1.2.100 firmware. [CSCdi12441]
Don't enable autonomous switching on HSSI when using FST. Autonomous switching causes out of order packets. Packets greater than 1500 bytes are automatically fast switched. Packets less than 1500 bytes are autonomously switched causing smaller packets to arrive at destination ahead of larger, autonomously switched packets. [CSCdi13053]
On a 3000 or 4000 platform, a show interface or show controller token does not reflect that early-token-release has been configured. [CSCdi14439] [CSCdi14661]
Fddi interface can hang with output queue reaching 40/40. The following error can be observed Fddi0: fddi output hung, error (8007) --- resetting interface [CSCdi15408]
Fully loaded CSC/4 terminal servers with 96 lines gets wedged occasionally. Recommend to adjust the input hold-queue to 100 and the problem still occur. [CSCdi15849]
Changing the ring number of a cisco's token ring interface via Lan Network Manager will cause the token ring interface to reset. [CSCdi16737]
R16M Token Ring Cards with SBEMON3.3 may experience interface resets. These resets may produce console messages reporting %TR-3-RESETFAIL . [CSCdi17103]
FDDI trace counter can increment when there is no beacon on the ring. [CSCdi17634]
Fast switching RSRB using direct encapsulation over Ethernet, bridge does NOT drop the frame greater than Ethernet MTU size. Instead, it forwards it. If fast switching is turned off, packets exceeding the ethernet MTU size are dropped. [CSCdi17972]
Under certain rare events minor token ring errors can cause the router to report this message. [CSCdi17977]
Fast FDDI ring claims my result in inaccurate show interface transition counts and debug fddi-cmt-event messages saying

FDDI interface is up FDDI interface is up

instead of the expected

FDDI interface is down FDDI interface is up [CSCdi18551]
Router may fail to acquire its neighbors. [CSCdi18578]
A token ring interface may get stuck in an "initializing" state during initialization if a large amount of fast-switched traffic is destined for that token ring interface. [CSCdi19039]
A STUN multipoint link with 4700 ALA controllers drops connection. When an IBM 4700 ALA polls for the first station, it polls for the second station as soon as it gets a reply. While the IBM waits for a reply from the second station, the first station loses the session. [CSCdi20511]
When TCP/IP routing is enabled along with transparent bridging on the same interface, some SNAP encapsulated TCP/IP packets with destinations on the same network segment may be bridged to other networks. [CSCdi23944]
Extended bridging access lists are not evaluated correctly for flooded packets when the access list is applied on output from an interface. [CSCdi24778]
Bandwidth of token-ring interfaces always set at 16000 Kbit regardless of the actual wire speed (4Mb/16Mb). [CSCdi27243]

IP Routing Protocols

When IGRP is configured to redistribute directly connected major network routes learned from other protocols, the routes are advertised using the computed metric instead of the default metric. [CSCdi07959]
The system fails to recognize the following configuration commands as being syntactically incorrect: autonomous system, autonomous system 164, and autonomous-system. By silently accepting these syntactically incorrect commands, the system can lead users to believe that they have configured the autonomous system number when they have not. The user can verify the current setting of the autonomous system number by checking for the autonomous-system command in the output generated by the write terminal EXEC command. [CSCdi08422]
When an interface IP address mask is changed, the router not directly connected to that network might have a route to that address with old mask along with the route to that address with new mask. The workaround is to enter the clear ip route * command. [CSCdi09933]
IP static routes which have a next hop of 0.0.0.0 will not be injected into the routing table. [CSCdi10376]
On routers with multiple interfaces with the same MAC address (for example with DECnet enabled) and multiple connections to the same network segment (to use multiple encapsulations for example), a condition exists where one or more of the interfaces may accept IP packets even though IP is not defined for that interface (i.e no ip address). A workaround for this problem is to explicitely disable the fast-switching cache on the interfaces routing ip with the no ip route-cache interface subcommand. [CSCdi10647]
When an interface goes down, IP static routes through that interface get deleted from the routing table. IP static routes not associated with the interface that went down may also get deleted from the routing table. [CSCdi10821]
Summary routes (not learned via VLSM routing protocol) are not deleted from the routing table when a subnet route for a network is added to the routing table. [CSCdi10866]
During the OSPF adjacency forming period, two neighbor routers get stuck while they are exchanging database information. [CSCdi11053]
Cosmetic:

The show ip route command can display a last update line for a major net that is subnetted. The information is meaningless and should not be displayed.

Example:

Routing entry for 143.111.0.0 (mask 255.255.255.255), 4 known subnets Known via "rip", distance 10, metric 1 Tag 0 Redistributing via rip Last update from 129.106.1.20 on Ethernet1, 357012 seconds ago [CSCdi11241]
When a loopback interface is shut down, the corresponding entry in the routing table is not removed from the routing table. [CSCdi12912]
A static route to subnet zero is not redistributed via IGRP, RIP or HELLO even with "ip subnet-zero" configured on the router. This occurs due to a failure in the split horizon check which indicates this subnet as a possible broadcast address. The work around is to either code a static route to subnet zero on each router or have the route learned via a dynamic routing protocol. [CSCdi12958]
The inbound RIP routing updates are discarded if the interface is configured with secondary address on a different major netowrk and the primary major network is not running RIP. [CSCdi13274]
OSPF advertises summary route with non-optimal metric. [CSCdi13990]
If a router receives an IGRP update from a host on a different IP network that the IP network(s) of the receiving interface, the routes are accepted anyway. These routes will subsequently be propagated as inaccessible. The workaround is to either set an administrative distance in order to discard those routes or to add a secondary address to the receiving interface so that it belongs to the same IP network of the sending interface. [CSCdi15106]
Ping does not recover if the interface goes down while the ping is operation. If the pinged device is not on the local segment, it will recover when the route comes back up. [CSCdi15703]
Priority queueing does not classify IP fragments as expected. This is because some of the information required to classify the fragment is not in the packet. [CSCdi17905]
When priority queueing, if an access list is set up to classify against TCP/UDP ports, the priority queueing classification code will compare garbage against the port #s when processing a fragmented IP packet.
The fragmented IP packets to not contain a UDP or TCP header. [CSCdi18278]
$IGNORE Do not wish to encourage possible attempts at denial of service. [CSCdi19862]
Issuing the autonomous-system does not change the AS number used by the currently running EGP process. Rebooting the router or removing and re-issuing all EGP commands works around this problem. It is rare that an EGP router will change its AS number. [CSCdi19962]
An address error has occurred when accessing the ospf_database. It happened since it was accessing data on incorrectly aligned address boundaries. [CSCdi20337]
Starting from 9.1, the intended default for redistribute ospf command is to redistribute internal route only into EGP, but it is not enforced. This fix solves the problem for 10.0 and later versions. [CSCdi23229]
Starting from 10.0, the redistribute ospf 1 route-map map command with match route-type external clause in the route-map for EGP will result in nothing being redistributed. The only way to specify redistributing external route is through the use of the match external for the redistribute command. The fix correct the problem for 10.0 and later versions. [CSCdi23291]
If a UDP broadcast is sent as a physical layer unicast, it will be forwarded even if the protocol is not enabled for forwarding. [CSCdi23360]
[no] ip summary-address can cause the router to reload. [CSCdi23646]
On an interface with secondary addresses the router replies to ARP requests with the primary address only. [CSCdi25069]
If an interface is configured with an IP secondary address and the ip access-group in command, the router will not respond to pings or Telnets directed to the interface secondary address if the ping or Telnet comes into the router on an interface other than the interface configured with the ip access-group in command. [CSCdi30011]
Receiving a fragmented packet can cause the input queue counter to go negative. [CSCdi30204]
This problem only occurs when the user types certain commands. Some of these include clear ip route * exec command, ip addrerss, transmit-interface, and mtu inteface subcommands. The workaround for this is to either retype the redistribute router subcommands, or reload the configuration file either from nvram or over the net, depending, of course, on where it comes from. [CSCdi30575]
This bug exist in all release, the system always generated IP packet with identification field as zero. This cause problem when the packet is fragmented and those fragments arrive the destination intermixed with fragments from other packets. The recieving end will not be able to reassemble correctly without a useful identication. The fix solves the problem. [CSCdi30818]

ISO CLNS

If clns address is configured incorrectly, the system may crash upon changing configuration for the clns address. "see CSCdi06665". [CSCdi06666]
After a 24 day uptime this caveat causes the CLNS process to stop sending out Level2 updates to the other routers. The impact is that Level2 connectivity and routing are affected. The workaround is to reinitialize the CLNS routing by removing and reinserting the CLNS commands. [CSCdi14448]
ISO-IGRP does not build equal-cost paths to the same system-id on different interfaces. This causes load balancing to be effected. [CSCdi14475]
The behaviour of this caveat is that CLNS neighbours over X.25 networks can't see each other. The impact is that no neighbour adjacencies can be formed over X.25 networks. [CSCdi17771]
First of all, interface static routes are always up, regardless of the interface state. The fake adjacency created in this case should probably vary based on the interface state. Secondly, next-hop static routes do not get added/withdrawn from the IS-IS database if they point through an adjacency learned through IS-IS rather than ES-IS and the adjacency goes up or down. [CSCdi19594]
When a self-generated LSP is received from the net and it appears newer than router's own. If anything other than LSP fragment 1 is received this way, IS-IS attempts to regenerate fragment 1 with this new sequence number. This may cause the IS-IS to regenerate LSP with wrong sequence number. [CSCdi20806]
If the DR generates a new set of LSP fragments and if, as a result of there being less info to stuff into the LSP, there are less LSP fragments generated, the old high-numbered fragments will not be flushed. This may cause IS-IS not to flush DR LSPs. [CSCdi20807]
Starting from 9.1, the no clns router iso-igrp command can clns-disable the interface even though some other level 2 iso-igrp's are still configured over the interface. This fix solves the problem for 10.0 and later versions. [CSCdi23008]
Some particular pattern of exchange of ESIS and ISIS hello packets can cause the router not to carry out the DR election correctly. The customer may either find the router which is the DR itself do not update its non-pseudo LSP to point to its pseudo LSP, or find that fail to elect itself and thus do not originate pseudo LSP totally. Usually, reconfigure ISIS will solve the problem.

This fix resolves the problem for 10.0 and 10.2. [CSCdi25656]
The clns fastswitching from FDDI to Ethernet on a different MCI interface is broken. The last byte of the fastswitched packet is corrupted. The only way to prevent corruption is to turn off fastswitching on FDDI.

The fix solves the problem for 9.1, 10.0 and 10.2. [CSCdi25950]

LAT

Enabling debug lat-packet may cause a system reload to occur. [CSCdi05100]
The default terminal-queue entry-retry-interval is 60 minutes instead of 60 seconds. In some cases this can cause VAX LAT print queues to stall for up to 60 minutes even when the printer is idle. A workaround is to configure an explicit terminal-queue entry-retry-interval 60. [CSCdi31720]

Novell IPX, XNS, and Apollo Domain

XNS and Novell routing use the MAC-level address of an interface as the node id for that interface. Serial lines have no MAC-level address. The address used for them is the first valid IEEE address found on another interface in use by the router. If no valid IEEE address is found, a random address is generated and used. Some Cisco Token Ring cards may take several seconds to initialize and announce their IEEE address to the router. Therefore, a "timing race" is possible where no valid MAC-level address will be found by routers with only Token Ring IEEE interfaces when it needs to assign an address to a serial interface, even when the router will eventually have such an address available. When this timing race is hit, the router will choose a random address, as described above. When such random addresses are chosen, there is always a small but non-zero possibility that the address chosen will not be unique on the network. Therefore, it is always best to choose an explicit address in situations where this timing race can occur. if you turn on Novell routing in a chassis which has a Token ring card and serial ports the system piks up bogus mac address of the form 0000.0c00.xxxx. the workaround presumably is to turn on novell routing and give the mac address of the token ring interface. [CSCdi05740]
System would sometime crash with the following bus error. Bus error at PC 0xCEE16, address 0x26D2CC This is caused by memory crruption. [CSCdi10209]
The ipx route-cache cbus command is accepted and displayed in write terminal output even when ipx is not enabled on that interface. [CSCdi31249]
There is a chance the router will crash when interface subcommand "no ipx network ##" is entered while IPX EIGRP is running. The crash most likely to happen when the command is entered on the serial port where incremental SAP is the default for IPX EIGRP. [CSCdi31520]
When deleting a network from the ipx router eigrp command, the RSP reloads and the 4500 prints out spurious memory access message. [CSCdi32071]
Some versions of the Novell MPR appear to drop RIP poisons (network unreachable, hopcount 16) if the delay field is set to 0. This tends not to be serious since if the network is really gone, it will age out within 4 update periods.

Under some circumstances, a triggered update indicating that a network is unreachable may be sent with a delay value of 0. This change makes sure that the delay field is always non-zero. [CSCdi32097]

Protocol Translation

Incoming PAD calls on to VTYs without passwords fails without issuing the message "Password required but none set." [CSCdi18618]

TCP/IP Host-Mode Services

A router may experience large processing demands for a TCP connection on closure if the TCP protocol exchange for the close is unduly delayed. This was detected and traced in connection with Cisco's X.25-over-TCP implementation where X.25 caused the connection to linger in a half-closed state. The X.25 behavior was reported and fixed as bug report CSCdi05031. [CSCdi05515]

TN3270

ASM running 9.1(4) restarted by bus error. No further information avaiable at this time. [CSCdi13191]
$IGNORE

TN3270 connections to some types of hosts will come up as line mode if the "return" key is pressed more than once between issuing the command and completing the TCP connection. A suggested workaround is to use a login-string containg a keyboard-locking pause of several seconds (login-string myhost /%5w/) [CSCdi19385]

VINES

The router always chooses the last entry in the neighbors table when responding to a client request. The correct behavior is to respond with the first entry in the table. [CSCdi05000]
When the vines serverless broadcast command is configured in a redundant topology and all other router interfaces are configured with the vines serverless command, a broadcast storm results. [CSCdi25597]
The "show protocols" command does not display VINES metrics correctly. It displays all metrics as sixteen times their actual value. The "show vines" command should be used to view correct metric numbers. [CSCdi31770]
The problem is with access-list of the vines. The access list gets wiped out after router power on and off. This occurs with 9.1 software and the problem will not be fixed in 9.1 releases. This does not occur with 10.0 and above software. [CSCdi31778]
The problem is with access-list of the vines. The access list gets wiped out after router power on and off. This occurs with 9.1 software and the problem will not be fixed in 9.1 releases. This does not occur with 10.0 and above software. [CSCdi31779]

Wide-Area Networking

The router does not support X.25 clear request packets which have facilities or call user data attached. These packets are neither accepted on connections terminating at the router nor forwarded by the X.25 switching code. [CSCdi04048]
The x25 map configuration's modulo option may cause the virtual circuit(s) created using the map entry to pass data improperly. Because many X.25 implementations do not allow both modulo 8 and modulo 128 virtual circuits on the same interface, this use of this feature is deprecated. [CSCdi06396]
An X.25 interface will allow its modulus to be changed while the protocol is active. This will cause the interface to have difficulties exchanging data. [CSCdi06675]
Under unusual circumstances, the clear x25-vc command may cause the router to reload. [CSCdi06883]
Under unusual circumstances, a RESET of a virtual circuit (VC) may not properly discard all in-transit data. This may cause an additional RESET of the VC to occur. [CSCdi07811]
The Cisco X.25 implementation allows both modulo 8 and modulo 128 virtual circuits to coexist on the same interface; this is nonstandard. [CSCdi07812]
The X.25 idle timer previously applied to SVCs that were switched (via the x25 route command) or nonswitched on an interface. Now only nonswitched SVCs are subject to the X.25 idle timer. [CSCdi09927]
When using PPP and CHAP, if a call is received, and is on a BRI interface and caller ID is received, or if the dialer string is configured, the CHAP name is not used correctly after authentication.

The correct behavior is to always use the CHAP authentication as the validation of the calling party, and override any caller ID that is available.

This requires that there be a dialer map with the name option if CHAP is used. [CSCdi10235]
The default value for x25 hold-queue is 10. A setting of x25 hold-queue 0, means there is no hold queue limit. A value of zero (no hold queue limit) may be desirable if the interface is configured with the following:

mtu larger than x25 ips/ops ip mtu larger than x25 ips/ops

In the above case, a ping can fail because X.25 will fragment the encapsulated IP packet into multiple X.25 frames which have the possiblity to cause the X25 window to close and the hold queue to become full. [CSCdi10729]
When you issue a RESTART, X.25 interfaces are not reset to reasonable defaults. [CSCdi10896]
Mixed modulo operation was allowed, but must be disabled for GOSIP compliance. [CSCdi10902]
The serial interface subcommand encapsulation hdlc incorrectly removes any priority queuing configuration on the interface being configured.

Only X.25 and LAPB should remove priority queuing. [CSCdi12643]
When frame relay encapsulation is used, and is connected to another vendor's router across a frame relay network, the argumentietfdoes not display when using theshow fr maporwr termEXEC commands. [CSCdi14892]
There is not way to change the amount of time that the cisco PAD code will wait for a repsonse to its x.29 invitation to clear message before clearing the x.25 call. The default of five seconds is too short for some applications. A x29 inviteclear-time seconds configuration command should be added to the system in future releases (9.21 and later.) [CSCdi16491]
Under unusual circumstances X.25 addresses may be improperly encoded. [CSCdi16601]
Under very obscure cirumstances, X.25 may not free a buffer on failure to route a Call from a remote TCP connection to a DDN interface. [CSCdi18527]
Priority queuing is not supported on a BRI interface. [CSCdi18843]
Under poorly understood but rare circumstances, a router may force a reload with a traceback pointing to X.25 memory usage. [CSCdi20392]
A router with an ISDN BRI interface using switchtype basic-5ess may not properly support a spid. The spid is not required, but some customers may want the overhead.

The router sends a spid, the network responds with an endpoint identifier. The router will then send an endpoint identifier acknowledgement. [CSCdi20515]
The X.25 software typically does not encode address or facility information in a Call Accepted/Call Connected packet, which some X.25 equipment rejects with a "packet too short" diagnostic (38). [CSCdi21201]
Dial-on-demand PPP connections to any router sending an IPCP request with an IP address of 0.0.0.0, such as as Wellfleet router, do not work. The workaround is to have the non-Cisco router propose a valid IP address in its IPCP packet. [CSCdi22160]
Under rare circumstances, a cisco-500 line configured for hardware flow control may become idle while the cisco has the RTS signal dropped. This can prevent some modems from answering the next call. [CSCdi22708]
There is no form of modem control that offers the capabilities of modem cts-required or modem callout that also allows simultaneous HW flow control. [CSCdi26270]
In Protocol Translation version 9.1 the last three translate statments entered into the configuration file will be the first three displayed in the output of show x25 route. [CSCdi27719]
With DDR and PPP the same protocols must be defined at each end of a connection. As an example if IP were defined on one side, and IP and IPX defined on the other then the call would be dropped because the IPX negotiation would fail. Deleting IPX from the other side or adding it to the one side works around this. This is due to PPP protocol rejects not being handled correctly for network control protocols.

This occurs in 9.1, 9.14, and 9.17 only versions, in versions starting at 9.1(7), 9.14(3), and 9.17(5). [CSCdi29802]
If a user sets up the MAXVC limit via atm maxvc MAXVC then configures an atm pvc with a VCD beyond the MAXVC, the system dose not generate an error message. [CSCdi30007]

9.1(15) Caveats/9.1(16) Modifications

This section describes possibly unexpected behavior by Release 9.1(15). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(15). For additional caveats applicable to Release 9.1(15), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in release 9.1(16).

DECnet

9.1(14) Caveats/9.1(15) Modifications

This section describes possibly unexpected behavior by Release 9.1(14). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(14). For additional caveats applicable to Release 9.1(14), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in release 9.1(15).

IBM Connectivity

9.1(13) Caveats/9.1(14) Modifications

This section describes possibly unexpected behavior by Release 9.1(13). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(13). For additional caveats applicable to Release 9.1(13), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in release 9.1(14).

Basic System Services

Excessive processor utilization can result from the tty_background process running more than once per second due to a timer error. This also results in keepalives being sent more often than the configured keepalive interval. This has been observed on systems with an uptime of greater than 49 days. [CSCdi25372]
A protocol translator could get into a telnet TTY-TYPE negotiation loop with a device that does not negotiate TTY-TYPE. [CSCdi26990]

IBM Connectivity

Setting the llc2 ack-max parameter to value n actually causes router to acknowledge every n+1 packets. Since this value cannot be set to zero, this makes it impossible to tell the router to acknowledge every packet. [CSCdi27034]

Interfaces and Bridging

If a R16M Token Ring card is Administratively Down and the router is reloaded or powered off and back on, the R16M will try to initialize its interface and no longer be Administratively Down. This only appears to happen on R16 [CSCdi17976]

VINES

9.1(12) Caveats/9.1(13) Modifications

This section describes possibly unexpected behavior by Release 9.1(12). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(12). For additional caveats applicable to Release 9.1(12), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in release 9.1(13).

AppleTalk

On an AppleTalk network with no routers, it is possible to configure a communication server with arbitrary network numbers and zones. Other AppleTalk devices on the network will pick these up and function correctly; however, ARAP connections made to the communication server will be unable to do NBP lookups on the network. The workaround is to use the appletalk zone * command to configure a network address in the start-up range. [CSCdi19202]
When system uptime exceeds approximately 24.45 days, AppleTalk interfaces can unexpectedly hang during restarts and never become operational. The only workaround is to reload the system. [CSCdi20052]
MNP4 can get random value for packet address. This may cause the system to crash. [CSCdi21656]

DECnet

A router that has been configured as a Level 1 router should not send out Level 2 routing updates. [CSCdi20884]

EXEC and Configuration Parser

Enabling ip split-horizon on an interface set to frame- relay IETF encapsulation causes a problem with the command parser. The IETF keyword is not displayed properly in the configuration file. If the configuration file is saved with this error a system reload will cause the interface encapsulation to revert to the default frame-relay type. [CSCdi22134]

IBM Connectivity

The netbios enable-name-cache command is not working in a topology that has two or more paths to access to the workstations. The show rif command shows both paths, but the show netbios-cache command shows only one path. [CSCdi18524]
Some packets are discarded when TCP queue runs full. This caused various symptoms such as : Peers closing due to keepalive failure, synchronization losss with local-ack sessions, extremely long sessions setup times. [CSCdi19493]
When an explorer packet is received by the router and the requested hardware address in the explorer packet cannot be verified, it re-transmits the explorer packet out all interfaces at a high rate for several seconds. This behavior manifests itself as a sudden increase in token ring traffic for several seconds. [CSCdi22541]
When running RSRB with local-ack, certain topologies may cause the input queue to fill up. The result is that the interface with the filled input queue will no longer pass traffic. [CSCdi22676]
The SMAC and SSAP options are added to the RSRB case.

locaddr-priority-list list lu-address queue-keyword [dsap ds] [dmac dm] [ssap ss] [smac sm] The new syntax of the locaddr-priority-list global command is :

where the argument "list" is an arbitrary integer between 1 and 10 that identifies the priority list.

the argument "lu-address" is the value of the LOCADDR= parameter on the LU macro which is a one-byte address of the LU in hex.

the argument "queue-keyword" is a priority queue name, one of high, medium, normal, or low.

the keyword "dsap" indicates the next (hex) byte ds represents the destination service access point address. If these are not specified, the defalut is all dsaps.

the keyword "dmac" indicates the next argument dm is the destination mac address, written as a dotted triple of four-digit hexdecimal number. If these are not specified, the default is all dmacs.

the keyword "ssap" indicates the next (hex) byte ss represents the source service access point address. If these are not specified, the defalut is all ssaps.

the keyword "smac" indicates the next argument sm is the source mac address, written as a dotted triple of four-digit hexdecimal number. If these are not specified, the default is all smacs. [CSCdi23323]
On half-duplex SDLC serial interfaces, the show interface serial n command returns incorrect information regarding the RTS and CTS signal timing information. This has no operational impact on the SDLC link. [CSCdi23781]

Interfaces and Bridging

On Cisco remote access routers, the configuration interface subcommand bridge-group group output-pattern grouplist does not function properly. All packets will be passed through this interface regardless of the filters set in this command. [CSCdi13619]
Using FST encapsulation on a 4000 does not change the MTU size. If the MTU size is changed on a 4000 serial interface 0 and 1, size on interface serial 0 is changed immediatly. Serial one MTU size is not changed untill clear inter- face command is issued, however if the router is reloaded default values are returned. This causes a problem when transmitting SNA trafic that is greater then 1500 bytes. [CSCdi21023]
Translational bridging of Novell IPX packets from Ethernet to FDDI and back to Ethernet fails if the source MAC address ends with 0xff All other protocols bridge correctly with this MAC address, and all other MAC addresses bridge correctly with all protocols. [CSCdi21873]
A bus error may occur on a cisco 4000 router when connecting to a 3COM Netbuilder II, ver 7.1 via a serial line configured for PPP encapsulation. The following error messages may be seen with debug PPP turned on: LINK-2-NOSOURCE: source IDB not set, SYS-2-INLIST:Buffer in list, SYS-2-LINKED: Bad p_enqueue, and SYS-2-BADSHARE: Bad refcount in pak_duplicate. [CSCdi22454]

IP Routing Protocols

Invalid packets can be accepted by the router resulting in an exception dump. [CSCdi18314]
In OSPF, when a neighbor goes down, a host route for that neighbor is incorrectly added. A possible workaround is to trigger the rebuild of OSPF router link state advertisement by changing the interface metric or by rebooting. [CSCdi21103]
Broadcast addresses can sometimes be put in the IP route cache. This can cause routing updates to stop. [CSCdi22737]

ISO CLNS

The system may crash and reload itself while the route described in (c) is removed from the routing table. A combination of the following conditions causes this to happen: (a) There is a variably subnetted route; (b) Multiple routes hash into the same subnet table hash bucket; (c) There is a subnet with netnumber == major_net and mask == major_net_mask; and (d) Another subnet follows. The root cause is the same as CSCdi20345. [CSCdi18659]
Starting in 9.1, it is possible for the CLNS Input process to hog the CPU under heavy clns traffic. No workaround is available. This fix solves the problem for 9.1 and on. [CSCdi21418]

Novell IPX, XNS, and Apollo Domain

The original default of the ipx gns-response-delay command was 500 ms. This value fixes an issue in NetWare 2.x with dual-connected servers in parallel with a router NetWare 2.x was the most common release. NetWare 3.x and later do not have the same issue, and a nonzero GNS response delay may cause problems in certain situations. The default of the ipx gns-response-delay command has been changed to 0. [CSCdi22285]
Fast switching large IPX packets from a high-MTU interface (such as Token Ring or FDDI) to an MCI serial card may corrupt MCI memory, resulting in an %MCI-3-SETUPERR message. This is an issue only if you use a version of IPX that uses packets larger than the default 576 (using LIPX or BIGPAK). [CSCdi22888]
Memory corruption with ipx causes software forced crash. It has been fixed and been integrated in later releases. [CSCdi22929]
A Server might get added to the Service Table when a SAP is received and we do not have a route to the Server's network. [CSCdi23367]

Protocol Translation

A pre-mature termination of LAT TCP translate sessions could prevent removing the translate commands from the configuration file. Current active users will contain a non-zero count in "show translate" command. [CSCdi21414]
The password is echoed and the username is double echoed if the "login" option is specified in a translate command for TCP to PAD connections. Remote telnet option negotiation should happen before the login sequence. [CSCdi22864]
Removing a translate command from the configuration can cause other translations using the same inbound ip address to stop working. A workaround is to configure the remaining translations again, e.g. by doing write memory and config memory . [CSCdi23621]
In LAT to PAD (X25) translated sessions, a CTRL-S followed by the entry of any character can sometimes cause a continuous stream of empty LAT messages, causing a session disconnect. [CSCdi24491]

TCP/IP Host-Mode Services

Under certain conditions, failed protocol translation connections between TCP and either X.25 or LAT using the translate command's printer option can cause a reload of the Protocol Translator. More specifically, the problem occurs when the software detects an error on the incoming TCP connection after the outgoing X.25 or LAT connection has been set up. [CSCdi22217]
UDP broadcasts can be flooded even if TTL checks fail. [CSCdi22568]
Under rare circumstances, an opening TCP connection can get stuck in CLOSEWAIT state. This can also result in a STUN peer session getting stuck in an OPENING state at the same time. [CSCdi23455]

VINES

When forwarding a Streettalk broadcast from a server, if there is no routing table entry for the source network, the broadcast will be flooded out all interfaces (including the source interface). This can cause broadcast storms since the packet will be propogated forever.

Note: A likely cause of this problem is a bug in Banyan's SRTP implementation whereby the server stops sending compatibility updates. This can be fixed by applying the 5.52(5) "LJ" patch, or the 5.53(6) "LF" patch.

Note2: This problem never existed in release 9.21 or later. [CSCdi22844]

Wide-Area Networking

When a held-down Virtual Circuit (VC state = X1) receives a packet other than a Call Request, the router will reload; this circumstance is unusual because standard operation will not result in any packet type other than a Call. [CSCdi21078]
When X.25-over-TCP (XOT) sends a Call Confirm that modifies one of the two proposed flow control facilities (window sizes or maximum packet sizes), the values may be set to 0, which is illegal. [CSCdi21602]
If a switched VC is connected without explicit flow control negotiation, an interface that is not configured with the correct maximum packet size values may exhibit mysterious problems without an obvious cause.

When a partial data packet is switched on such a VC (and the D-bit is zero), the M-bit is forced to zero; this behavior is required per the standards and GOSIP certification, but the VC's message boundaries are lost. [CSCdi23465]
When running X.25 and LLC2 simultaneously, the router may erroneously reset X.25 calls with diagnostic 33 (Unidentifiable packet). LLC2 is used by RSRB with Local Acknowledgment, SDLLC Media Conversion, QLLC Media Conversion, Lan Network Manager and CMNS. [CSCdi23822]

9.1(11) Caveats/9.1(12) Modifications

This section describes possibly unexpected behavior by Release 9.1(11). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(11). For additional caveats applicable to Release 9.1(11), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in release 9.1(12).

AppleTalk

When there are multiple appletalk routers on the same LAN (either ethernet, Token Ring or FDDI) the ARP tables may show different MAC addresses for the a particular end-node DDP address.

This problem can be worked around by disabling gleaning with the command:

no appletalk gleaning [CSCdi18817]
Executing the show apple interface command may cause the system to restart itself. This happened on interfaces configured with many zones. [CSCdi18875]
MacIP servers with a significant number of attached clients (25 or more) may unexpectedly drop the connections to those clients that have been inactive for more than a ten minutes. Workarounds include limiting the number of attached clients to less than 25 and/or insuring that no client is inactive for more than ten minutes. [CSCdi18893]
When the command no appletalk permit-partial-zones is enabled, multi-zoned cable-ranges that have one or more restricted zones may be unexpectedly omitted from RTMP routing updates as a result of access control provided by the appletalk distribute-list facility. [CSCdi20945]

Basic System Services

Under rare circumstances, the clear line command fails to clear the process running on that line. A show process command shows that the process on that line has an inappropriate and rapidly increasing number in the "invoked" column. [CSCdi16063]
If a SAP update packet is received with an invalid length, much larger than the data actually contained in the packet, the system may reload. It is also possible, but unlikely, that invalid server entries may appear in the show ipx server table. When these packets are received, they should be counted as SAP format errors and the counter displayed by the show ipx traffic command should increment. [CSCdi19010]
A new error message has been added to the system. It has the form: %SYS-3-CPUHOG: Task ran for nnn msec, Process = xxx, PC = yyyyy If you encounter this message, please contact customer support. [CSCdi19294]
Changes to various makefile files seem to make it possible for me to build 9.1 boot and sys images on colby (a Solaris 2.3 SparcCenter 2000 box).

These changes in conjunction with the changed versions of the {update,prep}_{sys,boot}_tree scripts (the generated symbols.sh will use 'nm.930630.68k' instead of 'nm') I have provided to each of the 9.1/9.14/91.7 release masters should make it possible to build 9.1 images on colby.

The changes provided to close this report make it desirable that the release-engineering folks make controlled copies of /router/bin/{size,strip,nm}.930630.68k as well as /router/bin/m4 . [CSCdi19971]

DECnet

When updating DECnet access-lists, the new entries are improperly appended to the access-list. This behaviour deviates from the standard access-list behaviour. [CSCdi12660]
For a router that is connected to a LAN where ANOTHER router is elected designated router, the show decnet interface command displays the wrong designated router. The displayed designated router is to the one we received the latest router hello from. This has no practical impact at all, the selection process works fine, even if the router it self becomes the designated router. [CSCdi18497]

The symptoms exhibited by this caveat is a large value for the encapsulation failure count maintained by the DECnet process as seen in the output of a sh decnet traffic . This happens because the "ALL PHASE IV L2" routers encapsulation type on the token ring was not being recognized by the router. [CSCdi18783]
If decnet conversion is enabled but the clns router isis is not set on the pt-to-pt interface from which decnet adjacency is came from, the information of this ES decnet adjacency will not be put inside the L1 LSP even the clns router isis command is set later.

This fix take care about it and make sure decnet adjacency information will be put into the L1 LSP immediately whenever clns router isis is set on the interface. [CSCdi19190]
While converting from DECnet Phase IV to Phase V (and vice versa), the router holds back a converted packet once in a while and sends it out when some other event happens (for example, routing update and keepalives). This sporadic delay in packet transmission results in degradation of end-to-end DECnet performance. [CSCdi20151]
A problem due to an incorrect interface MTU negotiation is seen on any interface whose default MTU is larger than the Ethernet MTU (for example, FDDI). When the VAX comes up, the router negotiates a block size that is larger than the maximum value that it can process (1524). Consequently, all adjacent routers send larger-sized updates, which the router rejects. This makes all destinations behind the router unreachable. [CSCdi20225]

EXEC and Configuration Parser

Any use of the commands

lookup domain lookup no lookup domian no lookup

will cause the router to crash. [CSCdi19499]

IBM Connectivity

Command show interface show double the rate of the five minute input rate/second when using RSRB. [CSCdi13041]
The local-ack rnr-disable function / extended UA feature was removed from the new local-ack code. 5494 controllers were not able to connect to AS400 anymore. The function was restored as a work-around for te LLC2-level failure. [CSCdi15950]
FEP-to-FEP local acknowledgment sessions are blocked when an SDLC-TG packet SQN=1 was delivered before a packet SQN=0. The code has been optimized to prevent this from happening (automatic resequencing). [CSCdi17904]
If an RSRB remote-peer is defined but not currently in use, the router may reload due to a software forced crash. [CSCdi17934]
After running for an extended period of time with remote source-route bridging configured, the console may display "%SYS-2-LINKED: Bad enqueue of nnnnnn in queue nnnnn" messages. These will be followed by a traceback message containing several hex numbers. RSRB will continue to function normally. [CSCdi18003]
In low-end routers such as the Cisco 4000 and Cisco 3000, the Token Ring interface ignores IP packets that have single-route or all-route broadcast RIF. The correct behavior is to accept the packet and subsequently route it when IP routing is enabled. [CSCdi18131]
When source-route translational bridging is used in a dual TIC (Token Ring interface) environment, the RIF is cached for the first return explorer from the destination. Subsequently, if another return explorer from the same destination is seen with a shorter RIF, the RIF cache on the router is updated. This causes the end-stations to reinitiate their sessions. The correct behavior for source-route translational bridging in a dual TIC environment is to cache the shortest RIF based on the fastest return and lock it. A timer is then started. If there is no packet from the destination and timer expires, the RIF cache for the destination is removed. Subsequently, new returns from an alternate route may be cached. If there are packets from the destination station, then the RIF from the cache is applied and the timer is reset. [CSCdi18169]
In a local acknowledgment environment, incoming disconnect packets were not handled properly and remained on the input queue. The Token Ring input queue would fill up completely and cause continuous Token Ring resetting. [CSCdi18222]
Clear netbios-cache does not completely clear the netbios cache. [CSCdi18521]
Support Broadcast 0xFF SDLC address on SNRM for TG. [CSCdi18897]
For SDLLC, there are certain situations in which LLC2 congestion across the RSRB connection can cause the LLC transmit queue to be overrun. If this is the case, a packet that has been acknowledged on the SDLC interface can get dropped on the LLC queue and cause a session interuption. One of the symptoms of this occurring is the SNA LU-LU session ending with an UNBIND due to a skipped sequence number in the TH header. Changes have been made in the SDLLC code to allow the system to sense congestion on the LLC2 side and apply back pressure on the SDLC side by sending RNRs. The current/maximum values of the LLC transmit queue can now be displayed with the show llc2 command. The default value is 200, with a maximum of 2000 allowed. The value can be changed with the llc2 txq number interface configuration subcommand. [CSCdi18898]
SDLLC configurations with System 88 machines may fail due to a known limitation in their ability to handle the direction bit in the RIF field. The fix modifies the router behavior to allow for this contingency. [CSCdi18921]
When applying NetBIOS access lists with rsrb remote-peer access list statements on a system with active SRB traffic, the router may reload due to a bus error. The fix changes the system code so that it handles these conditions in a more graceful manner. [CSCdi18993]
A reverse Ethernet SDLLC configuration with local acknowledgment enabled may cause a reload due to a software forced crash (jump to zero). [CSCdi19067]
Use of the rsrb remote-peer 100 tcp n.n.n.n lsap-output-list num causes a slow memory leak under heavy RSRB load. The show process memory command will show an increasing amount of memory taken by the SRB background process. The workaround is to remove the access list and achieve the same desired behavior through the use of access lists applied on the Token Ring interfaces. [CSCdi19106]
A configuration in which SDLLC and reverse SDLLC are configured back to back does not work properly. A sample of this configuration would be an SDLC attached FEP going to a Token Ring through the router (reverse SDLLC) to another router to an SDLC attached PU. This configuration is common where a TIC for a FEP is not available and the customer requires both remote SDLC and Token Ring connectivity through the router network to a single SDLC line on the host side. The fix will ensure this configuration works. The workaround is to configure STUN for SDLC attached PUs and reverse SDLLC for Token Ring attached PUs going to separate SDLC FEP lines on the host side. [CSCdi19148]
Access lists of the form rsrb remote-peer nnn tcp ip address netbios-output-list host access-list-name do not function properly. The workaround is to use the same access list applied on the Token Ring interface to achieve the desired result. [CSCdi19198]
The stun cos-enable causes unnecessary FID4 frame resequencing. The network gains no benefit and the routers are performing unnecessary work, so the feature is being removed. In addition, the feature was causing packets to be delivered out of transmission group (TG) sequence, which on rare occasions causes blocking TGs. [CSCdi19357]
When the T1 timer is coded too short on a multidrop SDLC line, SDLC messages of the form "nn data from wrong address! got address " (where nn are SDLC poll addresses in hex) appear on the console. In a large multidrop configuration, the number of these messages is excessive. The code changes this behavior so that the messages appear only when debug sdlc is turned on. Note that these messages are informational only and that polling of the downstream SDLC devices continues. [CSCdi19376]
-- Release-note -- Removing sdlc address configuration command before other stun commands can cause router to crash with bus error. [CSCdi19714]
Support was added to allow multiple Netbios sessions to one work-station when doing local acknowledgement [CSCdi19806]
In a local acknowledgment startup phase, the router was dropping the first I-frame received when the peers were still in pending state. For some end-stations, this causes session startup failures. [CSCdi19999]
Router accepts stun interface commands even though interface has not been placed in stun group. This causes later confusion when user does write term, and none of the previous commands are displayed even though router apparently accepts them. [CSCdi20191]
Debug stun packet only displays half of the data when router is configured for stun basic. For example, when the stun packet is an RR, only one byte of data is displayed when it there should be 2. [CSCdi20210]
This fix allows a FEP operating as a secondary SDLC station to load a remote FEP operating as a primary SDLC station. The opposite has been possible since Release 9.1(9). Before a FEP is loaded with an NCP Gen, it does not have an SDLC role. The SDLC role is negotiated via XID exchange when the remote FEP is activated. [CSCdi20463]
When source-route translational bridging is used in a dual TIC (Token Ring interface) environment, the RIF is cached for the first return explorer from the destination. Subsequently, if another return explorer from the same destination is seen with a shorter RIF, the RIF cache on the router is updated. This causes the end-stations to reinitiate their sessions. The correct behavior for source-route translational bridging in a dual TIC environment is to cache the shortest RIF based on the fastest return and lock it. A timer is then started. If there is no packet from the destination and timer expires, the RIF cache for the destination is removed. Subsequently, new returns from an alternate route may be cached. If there are packets from the destination station, then the RIF from the cache is applied and the timer is reset. [CSCdi23429]

Interfaces and Bridging

Routers configured for transparent bridging over a frame relay link will continue to transmit HELLO BPDUs every second, even if the serial interface linking the router to the frame relay link goes down. This consumes CPU bandwidth, which may have [CSCdi15576]
Show interface on a 4000 in RSRB environment show incorrect input rate. This only happen's when DIRECT encapsulation is used. Using FST, TCP, TCP/LACK ip encapsulation does not exhibit same problem. [CSCdi17353]
In systems configured to support the spanning-tree bridging protocol, the root bridge BPDUs reappear at the root bridge in a HSSI environment. [CSCdi18812]
When transparently bridging from Token Ring to serial on a Cisco 4000, a 2-byte length field is inserted without correcting the frame size. During the copy, the last two bytes of the packet get lost. This happens only when flooding packets. [CSCdi18814]
fddiMACFrameCts does not get incremented. The value returned is always zero. [CSCdi18904]
On Cisco 3000 series routers, when using dial-on-demand routing, a transition of CTS or DSR can appear as a transition of DCD when spoofing. [CSCdi19053]
On systems configured to tranparently bridge AppleTalk, AARP packets belonging to one segment incorrectly get bridged to other segments. [CSCdi19056]
Interfaces configured to support X.25 cannot be configured for bridging. Attempting to do so will result in an error similar to the following:
Briding is not supported on LAPB-encapsulated interfaces: Serial0 [CSCdi19121]
Duplicate address checking on FDDI is not performed in the Ring Operational state. Duplicate address checking in the Ring Non-Operational state is only performed when the command fddi duplicate-address-check is enabled. [CSCdi19899]
The code structure of the routine that is handling the buffers for FDDI packets to be placed on the output queue has been improved. The routine now handles errors relating to the unavailability of the buffers more effectively. To take advantage, us [CSCdi20040]
Formatting of token ring output from show controller is not correct. [CSCdi20105]

IP Routing Protocols

The router continually reports '%SYS-2-NOBLOCK: event dismiss with blocking disabled' errors preventing the router from processing other information. Reloading the router temporarily resolves the issue. [CSCdi18565]
The default network does not work properly depending on the subnet used. [CSCdi18743]
When a router is reloaded or powercycled, IP fast switching will not be enabled by default for an unnumbered serial interface. The workaround is to either explicitly enable fast switching on the unnumbered interface using the ip route-cache command or to assign an IP address to the interface, remove the IP address, and then make it unnumbered. This needs to be done every time the router is reloaded or power-cycled. [CSCdi18748]
If an FDDI interface on a router was reset via the no shut command, IP routes would be deleted from that interface. However, because the FDDI ring is still operational, no event would be generated to let OSPF know that routes were gone and that it should recalculate the SPF. [CSCdi19255]
[CSCdi19270]
The source address-sensitive form of the "distance" command now works for OSPF. It formerly was silently ignored.

Note that, for OSPF, this command has slightly different semantics, since the source address is matched based on the router ID of the router that originated the route within the OSPF area, rather than the next-hop router. [CSCdi19369]
[CSCdi19612]
OSPF crashes in db_install, receiving an old self-originated LSA. This happens when the box received an old router LSA (with the same router ID that it is using) generated by itself in the past, that had already been deleted from the database. We call db_add_lsa() to handle this old self-originated LSA for all type of LSA, except for router LSA. [CSCdi19826]
[CSCdi19842]
$IGNORE [CSCdi19957]
OSPF should not check mask in Hello packet on point-to-point link. OSPF should not check mask in Hello packet on point-to-point link [CSCdi19959]
The router and communication servers allow remote users to Telnet into VTY ports by connecting to ports 20xx/40xx/60xx/80xx. All the standard VTY/TTY security features, such as passwords, TACACS, and the ability to block access with the access-class ... in command have always been supported, even when connecting to a high port. However, since many customers are unaware of this functionality, they do not take it into account when constructing packet filtering firewalls. Since this functionality can be explicitly enabled and configured by use of the VTY rotary feature, the default behavior is not necessary. This is not a security bug or hole, but rather a behavior that should be avoided as a matter of prevention due to its obscurity. [CSCdi20050]
OSPF can choose and install nonoptimal interarea and external routes when there are multiple link state advertisements for the same destination advertised by multiple Area Border Routers (or Autonomous System Boundary Routers for external routes). This can cause a routing loop if other neighboring routers still install the shortest path to the destination. This problem will happen only after the system has been up for a period of time. The length of this period depends on how much connectivity changes have occurred. In a fairly busy network, the estimated length of this period is five to six weeks. [CSCdi20071]
Defining the 'ip alias' can defeat fire-wall security of the router [CSCdi20075]
When different sessions on a router do a 'clear ip route *' and a 'sh ip route', the router crashes. [CSCdi20099]
$IGNORE

A minor bug using an obscure, undocumented command. [CSCdi20200]
The system reloads when it receives new link state advertisement and there is no free memory. [CSCdi20231]
After an OSPF router installed a default route to network 0.0.0.0 that is advertised in an external link state advertisement (LSA) by an Autonomous System Boundary Router (ASBR) and a connectivity change happens in the network that triggers SPF calculation, the router will not reinstall the default route. This problem is introduced in the following software versions: 9.1(11.4), 9.17(9.2), and 9.21(3.1). There is no workaround. [CSCdi20401]
Crash in _is_db_in_nbr_retrans after 'config net' [CSCdi20427]
Every time an OSPF router noticed its neighbor state change on an interface (either by seeing new Hello packets or the lack of Hello packets for a RouterDeadInterval) and attempts to reoriginate its own router link state advertisement (LSA) but there is no change that needs to be reflected in the router LSA, a piece of memory of the size of the router LSA would be permanently consumed. This problem manifests itself by a slowly declining amount of free memory as shown in the show memory command. There is no workaround to this problem. This problem was introduced in Release 9.1(11.5). [CSCdi20849]

ISO CLNS

The IS does not put dynamically learned ESs over point-to-point links in the L1 LSP, so the other ISs do not have a route to that ES. [CSCdi18856]
When a no net XXXX.XXXX. ... .XX router command is executed to remove the last NET for the router and is immediately followed by another net XXXX.XXXX. ... .XX router command to set a new NET for the box, the adjacency count of the ISIS router process will become zero and never recover, even though show clns ne command says that there is L1/L2 adjacency. If a clear clns ne command is issued under this circumstances, the adjacency count will have a value of -1 and later back to 0.

This fix takes care of the problem. [CSCdi18902]
The clns adjacency count of an interface becomes greater than the actually number of adjacencies. Back to back clear clns neighbour commands will illustrate the bug.

The bug is caused by the fact that the adjacency count (per interface) is increased when the adjacency state become INIT while it should not. This fix take care about the problem to ensure that the adjacency count is only increased when the adjacency state change to UP. [CSCdi19192]
Router fails to do load balancing to the end node for equal cost paths. This will result the router uses only one path to reach to the destination. [CSCdi19538]
Under some circumstances the IS-IS process can use 100% of the system processor for up to three seconds. This situation will remedy itself. There is no workaround to this problem. [CSCdi19752]

Novell IPX, XNS, and Apollo Domain

There is a problem with type 4 NetBIOS broadcast traffic looping in redundant topologies. The workaround is to eliminate the redundancy. [CSCdi18824]
Doing the interface command "no apollo network x", where x is the apollo network number of the interface has no effect. Apollo is not disabled on this interface and write terminal still shows the network number assigned. An alternative method to remove Apollo routing from an interface is to use the command "no apollo network" without a network number, then the network number will be removed. [CSCdi19240]
Under unknown rare conditions the system may restart while processing a RIP or SAP specific (not all nets, not GNS) request packet. [CSCdi19769]
When an ipx output-sap-delay command is configured, if an update is in progress and service entries are timing out (older than four times the SAP update interval) and a GNS request is received, the router may restart. [CSCdi20370]

Protocol Translation

[CSCdi18908]

TCP/IP Host-Mode Services

When a vty accepts a telnet connection, it will not request tty-type from the telnet client. [CSCdi18905]
The system implements diagnostic TCP servers on ports 7 (ECHO) and 9 (DISCARD). 10.0 adds a server on port 19 (CHARGEN). These services cannot be disabled, which is worrisome to users implementing firewalls. Also, the system mistakenly listens for XRemote connections on port 10000, corresponding to the non-existent rotary group 0. [CSCdi20077]

VINES

When VINES is disabled on an interface, neighbors and routes reached via that interface are not flushed immediately. They will age out of the tables after the normal aging interval. [CSCdi19397]
In 9.1 releases beginning with 9.1(6.4), the router does not correctly honor the vines propagate command. Broadcast packets are dropped when the should be forwarded. This is most noticeable when performing a newrev command on a serverless client when a serial line separates the client and server. [CSCdi20428]

Wide-Area Networking

On MCI/ciscoBus serial cards, when DDR is configured with priority queuing, a packet may get stuck in the output queue and get released only when the next packet replaces it in the queue. This one-packet delay may cause packets to be delayed, increasing response time or causing packet drops in case of timeout. [CSCdi17666]
In X.25 environments, the message "System restarted by error - Jump to zero" appears. If you issue a show stack command, you see a two-line stack trace. The cause is related to failed PAD calls; an area of memory is modified after it has been returned as no longer in use. When the load is heavy or X.25 performance is slow, this invalid reference may modify critical data, causing unpredictable results. [CSCdi17688]
Protocol Translators running X25 will reload when a PVC is configured in the translate statement and the command sh x25 vc or sh x25 pad is entered.

For example:

translate x25 11111 pvc 1 tcp 149.25.40.100

Performing either sh x25 vc or sh x25 pad will cause the router to reload. [CSCdi18239]
Bridged IP packets for router management are sent with the wrong size. If you are bridging IP and using IP for router management, packets sourced by the router for the second Frame Relay bridge entry are truncated. [CSCdi18862]
If you configure ppp restart 1, when you write to term or to memory, ppp restart 1000 gets saved/displayed. [CSCdi19495]
User may recieve the error message Address already in map when attempting to add a frame-relay map statment to his configuration, where the DLCI differs from an existing one by a value of 255. This error would occur if an existing map stamtment was frame-relay map ip x.x.x.x 105 broadcast and user attempts to enter frame-relay map ip x.x.x.x 360 broadcast . [CSCdi19526]
Cisco routers with an ISDN BRI interface running the basic-dms100 or basic-ni1 switchtype may have B-channels become unavailable for usage. This may occur if there are long dialing delays for outgoing calls through an ISDN network. Also, when a call is connected on channel B2 and the dialer idle timer attempts to hang up the call, the B-channels may become stranded and unavailable for usage. [CSCdi19671]

9.1(10) Caveats/9.1(11) Modifications

This section describes possibly unexpected behavior by Release 9.1(10). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(10). For additional caveats applicable to Release 9.1(10), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in release 9.1(11).

AppleTalk

NBP FwdReq and LkUp packets outgoing the same interface on which the original request was received may unexpectedly use the source address of the request packet on AppleTalk interfaces configured with a wide cable-range. As a result devices performing MAC address gleaning may enter incorrect information into their AARP caches. A wide cable-range is defined as a cable-range with different starting and ending network numbers. [CSCdi17628]

Basic System Services

If the source-route bridging is used, the Lan Network Manager functions such as CRS, REM, and RPS are automatically turned on. An error in the system code causes rapid accumulation of small buffers. The work around is to put the configuration statement no lnm crs. [CSCdi16384]
When setting up priority queueing, if you try to change the default sizes of the queues without actually creating a priority list, the changes to the queue sizes will go into effect immediately (as seen in a sh int), but the change won't appear in the config, and will be lost at reload, even if you do a write. [CSCdi17082]
When doing an snmpget on the following mib value, snmp fails to return the modem inout as tsLineModem: cisco.local.lts.ltsLineTable.ltsLineEntry.tsLineModem

For example, notice the following "show line" command showing modem inout is set:

*126 TTY 19200/19200 - inout 126 1 - 126 0 14631 127 TTY 19200/19200 - inout 127 1 - 127 0 0 *130 TTY 19200/19200 - inout 130 1 - 128 0 20370 *131 TTY 19200/19200 - inout 131 1 - 143 0 791 *132 TTY 19200/19200 - inout 132 1 - 124 0 3085 *133 TTY 19200/19200 - inout 133 1 - 103 0 430 134 TTY 19200/19200 - inout 134 1 - 113 0 40 *135 TTY 19200/19200 - inout 135 1 - 106 0 1 136 TTY 19200/19200 - inout 136 1 - 100 0 2934 *137 TTY 19200/19200 - inout 137 1 - 95 0 0 140 TTY 19200/19200 - inout 140 1 - 3 0 0

snmp result for the some of the same lines (decimal not octal)

cisco.local.lts.ltsLineTable.ltsLineEntry.tsLineModem.86 none cisco.local.lts.ltsLineTable.ltsLineEntry.tsLineModem.87 none cisco.local.lts.ltsLineTable.ltsLineEntry.tsLineModem.88 none cisco.local.lts.ltsLineTable.ltsLineEntry.tsLineModem.89 none cisco.local.lts.ltsLineTable.ltsLineEntry.tsLineModem.90 none

Any other modem control is returned properly. [CSCdi17661]

Communication Server

When a username command is used with an autocommand that connects to a remote host using telnet or rlogin, the screen size reported to the remote host will not match the configuration of the line. [CSCdi16661]
Under certain sequences of telnet option negotiation, the telnet local echo fails to work as expected. [CSCdi17185]

DECnet

The router goes into a state where it stops sending out DECnet Level1 routing updates. The number of Level1 adjacencies will show 0 though the router does have adjacent Level1 nodes. In some instances the Level1 adjacency count will go to 65,363. The impact of this is DECnet Level1 routing breaks down. The workaround is to reinitalize the DECnet routing process in the router by removing and re-entering the DECnet routing commands. [CSCdi15732]
The DECnet router maintains routes through a router in Initializing state. The correct behaviour is to purge the routes through the 'Intializing' router. The impact is that packets are sent to the router in Initalizing state. [CSCdi17171]
On a router running DECnet IV to V conversion, the phase IV adjacencies are not entered in the phase V table. The impact is the functioning of the phase IV - phase V conversion is affected. [CSCdi17520]
In ISO-IGRP adjacent Phase IV-only routers and End-Nodes are NOT recognized as adjacent when the routing-table is calculated, but may instead be reachable via another adjacent router. This causes the adjacent node to be 1 hop away in the ISO-IGRP routing table even if it is adjacent. [CSCdi18483]
In a Token Ring enviornment, when an encapsulation failure occurs on a router running DECnet, a memory leak is caused. The impact is that the router could lose memory and maynot be able to allocate memory to other process. [CSCdi18525]

EXEC and Configuration Parser

Release Note

The command 'Copy tftp flash' had to be in lower case to be accepted. It can be done with either upper or lower case now. [CSCdi18472]

IBM Connectivity

When the system is Source Route Bridging Novell packets, the RIF cache is not updated as Novell packets are passed through the system. When the RIF entry is aged out for the Novell network nodes a loss of session may occur. [CSCdi14618]
When removing SDLC encapsulation from an FSIP interface with the no encapsulation sdlc-primary or no encapsulation sdlc-secondary configuration commands, the CxBus complex is reset. The fix prevents this from happening by negating the need to reallocate the CxBus buffers for this encapsulation change. [CSCdi16767]
Due to the incorrect frame translation when SR/TLB is enable. Bridging access-list ([input/ouput]-lsap-list) will fail to stop the frame correctly. [CSCdi17037]
During SDLLC start-up, the system does not respond to the XID POLL frame sent by some up-stream devices which require a reponse to properly bring up the LLC2 session. [CSCdi17093]
When removing the global source-bridge ring-group configuration command, the router may crash due to an invalid memory pointer. [CSCdi17134]
When remote source-bridging is enabled between multiple peers, one or more of the peers maybe stuck in REMOPEN state. This is observable via show source-bridging. The correct behavior is to transit from REMWAIT to OPEN state. [CSCdi17149]
The netbios access-list feature does not function properly for permit/deny decisions against NETBIOS names which contain special non-alphanumeric characters. The workaround is to change the NETBIOS names of the end stations to use only alphanumeric characters. [CSCdi17163]
For an interface with SDLC encapsulation, many fields in output from the show interface command do not have units associated with them. The code fix adds units and other cosmetic changes to make the display easier to interpret. [CSCdi17210]
Output from the show source-bridge command erroneously shows the transmit count value as "u" instead of the actual value. This is a cosmetic error only and does not effect the forwarding of SRB traffic. [CSCdi17337]
A system reload may occur when attempting to remove stun process by entering no stun peer-name ip-address. This seems to be occured only after the stun sessions are up and run for a while. The router won't reload if the above command is entered right after a session is established. [CSCdi17657]
When source-route bridging is enabled, a show interface tokenring unit display is scrolled off the screen. [CSCdi17746]
A system reload may happen while configure source-route bridging, and a no vines routing is entered. [CSCdi17862]
More thoroughly documented System Code to make maintenance much easier. [CSCdi17939]
When trying to open more than one FST remote peer version 3 connection, only one peer can open successfully. The remaining FST remote peers stay in a closed state. The work around is to use TCP or direct encapsulation. The problem was due to an internal data structure not being initialized properly and has been fixed. [CSCdi18117]
When using FST encapsulation for Remote Source Route Bridging the FWD field in the show source-bridge output is erroneous. The number of frames forwarded to the local rings is displayed as twice the actual value. This problem [CSCdi18316]
sdlc rts-timeout can now be configured on AGS+. [CSCdi18323]
The old default sdlc hold queue depth of 50 is too low in some configurations and does not allow sufficient time to apply back pressure on the LLC connection before packets are dropped. The default sdlc hold queue value has been changed to 200. The value is still user configurable via the sdlc holdq interface configuration sub-command. This problem is most likely to be an issue in configurations with high speed RSRB connectivity feeding a slow speed SDLC line. [CSCdi18461]
The local acknowledgement feature of remote source route bridging sends a SABME to the end station with the incorrect direction bit set in the RIF portion of the MAC frame. The fix corrects this behavior, which existed only in interim releases between 9.1(10.1) and 9.1(10.4) inclusive. [CSCdi18617]

Interfaces and Bridging

When transparently bridging is turned on Multibus Token Ring cards, the monitor bit is not cleared in the token when the packet is flooded to another Token Ring interface. The Active Monitor on the destination ring will see this bit set, assume the packet has already passed around the ring, purge it, and reissue a new free token. The work around for this problem is to add a static bridge table entry for each destination address, e.g.: bridge 1 addr 0208.6ce2.088e forward t 0. Note that the address must be in Ethernet canonical format. This ensures that packets destined for this address will not have to be flooded via transparent bridging. This problem may not happen consistently, since the location of the Active Monitor on the destination ring may change over time. [CSCdi12451]
The serial line shows "up" with no cables connected to it. Seen in SDLC environments.
The workaround is to use "tx-queue-limit" to budget each port in case of being hit by this bug. Set tx-queue-limit to 5 if we have total 15 Tx buffers. [CSCdi15843]
FDDI trace counter can increment when there are no beacons on the ring. [CSCdi16744]
On low end routers (IGS, 3000, 4000), changing the serial encapsulation from from non-HDLC to HDLC causes all packets to be processed switched, even though fastswitching is possible and configured. The work around is to do a shutdown followed by a no shutdown on that interface. [CSCdi16887]
The commands for manipulating the manual forward and discard functions of transparent bridging require fields that the manual has marked as optional. The correct behavior is to infer a "reasonable default" in absence of an explicit optional parameter. [CSCdi17121]
Under certain rare conditions, the Token Ring interface would erroneously increment the token error counter. This counter can be seen with the show controller token command. During certain instances when this counter is increasing rapidly, the affected Token Ring interface will stop processing incoming frames. This problem has been seen only on the Cisco 4000 series. [CSCdi17292]
When setting queue-limits on any interface, the cbus complex will reset itself. This will cause token rings to re-initialize. [CSCdi17646]
no fddi if-cmt may cause WRAP B failure. [CSCdi17672]
In systems with only one up interface, broadcast or multicast bridged packets received will cause the input hold queue counter for that interface to remain at 38/75 when traffic is stopped. [CSCdi17675]
Code is re-structured so that variables that were initialized with numbers are now initialized with constants that have been defined in header files. This does not affect any functionality of the code. [CSCdi17679]
In modular systems configured with CSC-1R or CSC-2R Token Ring interface cards running STRMON microcode version 1.2 or older, NetBIOS multicast traffic is not propogated when bridging from Ethernet to Token Ring to Ethernet. [CSCdi17697]
In SIF configuration response, the Path Descriptor Parameter returns a wrong value for the Connection Resource Index for the MAC.. [CSCdi17836]
"cmt disconnect" will force bypass switch to bypass mode. But "cmt connect" will fail to set the bypass switch back to connect mode. This fix corrects the mistake. [CSCdi18010]
Problem exists with clocking under DCE mode with multidrop modem. It is fixed by the new board with version 5.1 or above microcode. This DDTS is a co-requisite to the new SCI/HDX board. [CSCdi18325]
The system software configuration parser incorrectly accepts the interface configuration of bridging over LAPB encapsulation. Interfaces cannot be configured to support both LAPB encapsulation and bridging at the same time. [CSCdi18420]

IP Routing Protocols

Configure doesn't save changes in " ip ospf hello-interval" for non-broadcast networks. The change is seen when doing "show ip ospf int s x" but not when doing "write term". [CSCdi15717]
The system inside an OSPF stub area receives invalid updates from the area border router (ABR) when the ABR finds that an Autonomous System Boundary Router (ASBR) from other areas is unreachable. This manifests itself by the repeating error messages.

%OSPF-4-ERRRCV: Received invalid packet: Ext update into stub area

The correct behavior is; the ABR will not send any invalid update into the stub area. There is no workaround for this problem.

The system now has the additional capability to control the amount of information distributed into a stub area. The command area area-id stub no-summary will prevent any summary link state advertisements (LSAs) from being flooded into a stub area, except for the summary LSA for the default route (0.0.0.0). This capability helps to further reduce the size of the database of routers inside the stub area by eliminating inter-area advertisements in addition to external advertisements. [CSCdi16054]
Checking mask in Hello packets received on Virtual-links causes interoperability problem with DEC.
Since Virtual links are like unnumberd links, masking checking is not needed. [CSCdi16693]
Duplicate secondary address can be configured on a second interface if the original interface is shutdown at the time of configuration. After the duplicate address is configured it cannot be removed. [CSCdi17109]
OSPF receives a RIP route thru the secondary address on the interface that has OSPF turned on on the primary address, and redistributes the route into OSPF with the forwarding address set to the secondary address. As a result, SPF on this external LSA fails because it cannot reach the forwarding address (or this address is also imported as external route which we cannot use to get to another external). [CSCdi17369]
Debugging log information is created for OSPF. [CSCdi17709]
At system boot time, tacacs code dies because it fails to establish a UDP socket with which to talk to the tacacs server. A change has been made so that UDP socket is successfully established. [CSCdi17830]
Using both 'loose source route' and 'record route' options simultaneously in ICMP ECHO requests may confuse cisco routers. This may cause problems with normal IP routing. [CSCdi17879]
When running with synchronization enabled (the default), BGP will install a less preferable external path into the main routing table. If this less preferable external path is installed, there is no way for the internal path to ever get synchronized. Therfore, the behavior should be changed so that lack of synchronization does not affect preferability of a given path, but rather, we should merely never install or advertize an unsynchronized path. [CSCdi18119]
If a router receives a LSA with invalid LSA type, it can cause a crash as the LSA type is used to index into database Hash table to lookup the LSA. [CSCdi18144]
OSPF: Doesn't show multiple paths when parallel links are unnumbered [CSCdi18313]

ISO CLNS

Static ES enteries not inserted in IS-IS non-psudonode. The impact is the system does not put the end node into its IS-IS database. [CSCdi16553]
There is a potential memory leak in displaying IS-IS database. This happens only when show isis database detail is issued. [CSCdi16952]
On entering the clns is-neighbour command the IS-IS process stops redistributing CLNS static routes. The impact is that CLNS routing problems may arise, but to incomplete information sent into the network. [CSCdi16954]
IS-IS routes are dropped after a 24.8 days time. The routes will disappear from the routing table resulted loosing connectivity. [CSCdi17253]
When CLNS cluster aliasing was enabled on an interface and there were more than 2 members in the cluster, we would have a memory leak. This fix will take care of the general case when we have more than 2 members in a CLNS cluster. [CSCdi18550]
**** Relase Notes ****

On configuring IS-IS routing, the IS-IS 'tag' is lost in the configuration file. The impact of this caveat is that when the router reboots, the CLNS NET is lost in the configuration and CLNS routing is disabled. The workaround is to remove all CLNS routing and reconfigure it. [CSCdi18644]
IS-IS stops sending IS-IS Hellos after 49 days. This leads to loose adjacencies. [CSCdi18757]

Novell IPX, XNS, and Apollo Domain

Novell IPX watchdog-spoof requires no novell route-cache to be configured on the serial interface doing the spoofing. When configuring watchdog-spoof when fastswitching is disable via software but not disabled through the configuration editor there can be confusion as show Novell interface says fastswitching is already disabled.

Changes made are:

If no novell route-cache has not been configured and watchdog-spoof is attempted:

% IPX fast switching must be disabled Please configure NO NOVELL ROUTE-CACHE

will be displayed instead of just

% IPX fast switching must be disabled first

The Show novell interface display of

NOVELL Fast switching is enabled

changes to

NOVELL Fast switching is configured (enabled)

or

NOVELL Fast switching is configured (disabled)

or

NOVELL Fast switching is not configured

depending on the circumstances. In 9.21 "Fast" is replace with "Autonomous" if autonomous switching is enabled. [CSCdi16953]
The number of learned Novell IPX and XNS routes will be incorrect after a clear novell route * or clear xns route * command is given respectively. [CSCdi17855]
If a Novell access-list has a host id portion but not a mask the mask portion may take an incorrect value and cause the access-list to fail. A workaround is to always specify a mask even when none should be required.

access-list 800 permit 1.0000.0000.0001 0000.0000.0000 2.0000.0c00.acbe 0000.0000.0000

instead of

access-list 800 permit 1.0000.0000.0001 2.0000.0c00.acbe [CSCdi17980]

Protocol Translation

X.25 VC's for PAD calls would sometimes be put into hold-down if hold-vc-timer is configured. This could cause random system hangs. This behavior has been corrected.

Work-around and correct configuration is that hold-vc-timer should not be configured on X.25 interfaces that might make PAD calls, as on a system running protocol translation software. [CSCdi16965]
The Protocol Translator does not handle TCP urgent data. This caused a %TN-3-BADSTATE: Illegal state 4 error message to be displayed. [CSCdi17153]
Under some circumstances, the system can reload when user reset the connection. [CSCdi18535]

TCP/IP Host-Mode Services

When using the printer option for a TCP-LAT translation, one packet erroneously remains in the input queue on the receiving interface for each translation attempt which fails. [CSCdi17681]

VINES

Disabling vines split-horizon does not allow VINES Streettalk broadcasts to be forwarded out an interface that they were received on. This will break "hub-and-spoke" frame relay networks since spoke Streettalk broadcasts will not be forwarded from the hub router to other spoke sites. [CSCdi17488]

Wide-Area Networking

Configuring SMDS on serial lines which are shutdown, and subsequently re-enabling them can in some circumstances cause a reload. A Token Ring interface appears to be required to trigger this problem. [CSCdi15880]
X.25 Calls received on a serial interface cannot be routed to a CMNS host. [CSCdi17212]
When acting as an IP bridge but using IP for management, the system is not recognizing packets destined for one of its IP addresses when received via frame relay. [CSCdi17739]
After ISDN DDR connection is already established, sometimes the line gets a DISCONNECT message from the remote end and the line drops. The only way to get the line back to where you can redial the distant end is to issue a clear int bri 0 command. [CSCdi17908]
A router with an ISDN BRI interface configured for the basic-1tr6 switchtype may have problems connecting on Channel B2. An incoming SETUP message using Channel B2 can be incorrectly answered using Channel B1. This may cause the PPP protocol to keep the BRI channel interface in a Protocol-Up and Line-Down situation. It will also prevent the B2 channel from receiving any more calls. [CSCdi18562]
The ppp restart-timer commands parameter was being used as milliseconds. This should be seconds. Make sure it is scaled accordingly. [CSCdi18599]

9.1(9) Caveats/9.1(10) Modifications

This section describes possibly unexpected behavior by Release 9.1(9). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(9). For additional caveats applicable to Release 9.1(9), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in release 9.1(10).

AppleTalk

The zone list presented to an Appletalk Remote Access client may omit valid zones names. [CSCdi16652]
Configuring iptalk for an interface and, then removing it from configuration file. Can not enable back the iptalk configuration to the router. The workaround is to disable the appletalk process by configuring first "no appletalk" and then configur [CSCdi16711]

Basic System Services

Ethernet frames containing an invalid LLC header length and a DSAP equal to 0xF4 or 0x7E cause memory corruption and cause the system to reload. [CSCdi15699]
[CSCdi15841]
An SNMP query of routing information returns a value incorrectly of OTHER for routes that have been discovered using OSPF. [CSCdi16024]
Several changes have been done to improve timer handling. One occurance would be the FDDI up-time counter that would get stuck on 0 after wrapping. [CSCdi16099]
In some rare cases, the router may crash due to memory corruption. [CSCdi16226]
The system fails to reply to a DO TIMEMARK when translating from telnet to X.25. This may result in a telnet session hang between th cisco and the machine sending the DO TIMEMARK. [CSCdi16405]

Communication Server [CSCdi13895]

There is no way to completely disable the escape-character to prevent users access to the command parser. [CSCdi15220]

DECnet

Under certain circumstances a router running DECnet may crash when a "show decnet " command is performed. [CSCdi15065]
There is a known memory leak when running DECNET routing. Obvious symptoms include being unable to telnet into the router until rebooting the system, and encountering '%% Low on memory; try again later' messages when attempting to issue commands from the console port. If you look at the first page of a show memory command output over time, you will notice the amount of free memory decrease continuously. [CSCdi17083]

IBM Connectivity

A System Reload may happen when there are two PU's connected to a STUN port with only one ever really connected. If the connected PU is pull off, the router may reload. The problem can be avoided if the unused address is removed or if the stun remote-peer-keepalives are set to 60 or a value that doesn't tear down the stun peers prior to establishing an alternate route. [CSCdi14727]
There is a memory leak in the RSRB process which may occur in certain configurations. Output from show process memory will show the *Dead* process holding an increasing amount of memory over time. [CSCdi15658]
When Locally Assigned Addresses with the Manufacturers address of 4000.02 is used in conjunction with command netbios enable-name-cache there are no packet savings register. If the mac address is changed to the original vendors number 1000.5A then packet savings counters increment nrmally. [CSCdi15794]
The Ring Parameter Server functionality has been improved so the system will retransmit MAC frames when acting as the Ring Parameter Server. [CSCdi15810]
A change was applied to the Lan Network Manager code to cause the system to more effectively report REM and CRS information internally. [CSCdi15811]
Added support for spanning hopcounts.

There are two new commands to allow the limitation of source-route bridging spanning output and input hops for the network.

To limit the maximum number of source-route bridging spanning output hops for the network, use the following command:

source-bridge max-output-hops count

To limit the maximum number of source-route bridging spanning input hops for the network, use the following command:

source-bridge max-input-hops count [CSCdi15816]
Problem: cisco router did not respond to a explorer frame when it had a specific sap as the destination. LNM always sends a null explorer frame at session startup.

Resolution: Code was modified to accept a explorer with a specific dsap. [CSCdi15893]
The stun peer was not completely terminating its SDLC connections when a network tcp session loss was detected. [CSCdi15937]
in a router with STUN using TCP encapsulation, TCP window may close during file transfer session. This may cause the STUN session to pause indefinitely. [CSCdi16092]
When STUN with local-ack receives a packet, it copies the packet unnecessarily. For better performance, this duplicate process will be minimized or removed.

This ddts also will provide message "Interface xx, no buffer available to xx" when STUN gets a buffer miss. [CSCdi16098]
When RSRB and SR/TLB are both configured on a router, a %SYS-2-LINKED error message may be seen, followed by a traceback message from the SRB Background process. [CSCdi16101]
Netbios can not be prioritized using SAP Prioritization. [CSCdi16188]
When using the SAP prioritization feature for RSRB, the clear source-bridge command resets the counters for only the high queue. The low, medium, and normal queue counters will not be reset. This is a cosmetic defect and does not effect the operation of the SAP prioritization feature. [CSCdi16233]
Adding and removing Source-route bridging interface subcommand( source-bridge source-ring# bridge# destination-ring# cause memory leak in the router. The memory is allocated by adding the command but will not release properly when the command is removing, thus causes the memory leak. [CSCdi16275]
When changing the bridge number of a SRB interface using Lan Network Manager platform, the router crashed. [CSCdi16403]
Under rare instances the system may reload if the ring number is changed via Lan Network Manager. [CSCdi16752]

Interfaces and Bridging

CTR cards hear their own DECnet hellos, resulting in a "%DNET-3-HEARSELF: Hello type 1 for my address.." error message. This has no operational impact. [CSCdi07368] [CSCdi09691]
Certain combinations of system code and FDDI microcode may cause packet duplication on the FDDI ring. [CSCdi14083]
sh interface FDDI shows neighbor unknown allthough the ring is operational, NIF processing seems correct on the ring, and the interface is active. [CSCdi14360]
When responding to a test poll frame the router will erroneously insert the DSAP, SSAP and Control field of the test final frame into the RIF field. [CSCdi15029]
The downstream neighbor in show interface fddi remains 0000.0000.0000. The issue is resolved in microcode and an additional workaround was creaded at system image level. [CSCdi15780]
On a token ring experiencing errors a systems interface may report itself as being administratively down without being administratively shutdown by the system operator. The only way to reinitialize this previously working interface is to issue a shutdown / no shutdown to the affected interface. This will only affect 1R / 2R cards using microcode prior to release 1.204. [CSCdi15822]
Systems configured for transparent bridging and DECnet routing will not bridge (forward) DEC multicast traffic after DECnet routing has been turned off. The workaround is to delete those DEC multicast addresses from the bridging table using the gl [CSCdi15827]
Corrupt / invalid ethernet frames where incorrectly bridged to the FDDI interface resulting in FDDI transitions. The source of the corrupt frame was in this case a Hirschmann hub sending diagnostic packages. [CSCdi15992]
Systems configured to filter Ethernet- and SNAP-encapsulated packets on input will not bridge (forward) SNAP-encapsulated packets with broadcast destinations. [CSCdi15997]
The minimum forward delay interval value currently supported is not in line with the IEEE 802.1d standard. The 802.1d standard supports a minimum delay interval of four seconds, while the lowest delay interval supported by Cisco software is 10 sec [CSCdi16114]
System issues link down traps from the fddi interface when in fact the interface did not go down. debug fddi-cmt-events shows link down and link up trap without any corresponding cmt data. [CSCdi16506]
Vines may not work properly on CTR interfaces that are also part of a transparent bridge group. [CSCdi16797]
The bridge-group 1 spanning-disabled interface configuration command is stored incorrectly in NVRAM as bridge-group 1 span-disabled. On subsequent router reloads this command is marked as invalid and removed [CSCdi16892]
A Token ring interface may return an incorrect error message when an error occurs on the ring. [CSCdi17041]

IP Routing Protocols

OSPF neighbor config lost when the interface is shutdown. [CSCdi13549]
OSPF uses buginf instead of errmsg. [CSCdi15061]
OSPF redistributes other protocol's route when not configured to. [CSCdi15123]
Under rare circumstances, When configuring static routes for a major net and its subnets, IGRP may pick the wrong metric when advertising the routes. [CSCdi15686]
Token ring interface will reset when that interface is added to an OSPF area. This can cause some problems like the RSRB peers may get closed and session may get dropped. [CSCdi15763]
OSPF Routing Table disappears for no apparent resaon. [CSCdi15845]
A redistributed RIP route disappears from OSPF routing table for no apparent reason, causing a service disruption for that particular lost route. [CSCdi16196]
Virtual link fails to come up if the destination router has multiple links in the transit area and if the first link in the lsa could not be reached. [CSCdi16215]
An active LSA summary is flushed when one of the address that falls in that summary is equal to the summary configured. Workarround: clear the ip routing table: "clear ip ro *". [CSCdi16238]
Cisco router is not able to recognizea Proteon router as AS Boundary router due to Proteon sending some extra bits in Type of router field in Router LSA. The problem is solved by masking out the extra bits. [CSCdi16363]
OSPF does not sufficiently validate received data, which in some cases can cause system failure.

There is no workaround to this problem. [CSCdi16521]
OSPF process logs unnecessary message. No further information available. [CSCdi16592]
OSPF error messages has too high message level. No further information available. [CSCdi16621]
When an interface goes down, the system fails to poison the corresponding subnet route in RIP or HELLO routing advertisements sent out other interfaces that are part of the same major network number. The system also fails to poison a network summary route advertised by RIP or HELLO to other networks. The result is that adjacent routers must time out the corresponding route in their tables, instead of being notified of the routing change immediately. [CSCdi16698]
Show ip ospf database does not stop properly. No further information available. [CSCdi16736]
Ospf_clean_area() skips every other link state db in the hash chain when clean up. Hence, the database for OSPF Link State Advertisements is not cleaned up properly. [CSCdi16888]
Issuing the command 'no router ospf' hangs the system. [CSCdi17080]
Under certain conditions, floating static routes may be incorrectly redistributed into IGRP and RIP with an inaccessible metric. [CSCdi17285]

ISO CLNS

When the iso-igrp routing for a Serial 1 inteface is changed from Level 1 to Level2, in the configuration the iso-igrp tag changes from the original Serial 1 tag to that of the Serial 0 interface with Level 2 routing. This results in incorrect tagson interfaces. [CSCdi15588]
If the router hears ES hellos, this may cause the ISO-IGRP process to get called, though the router is not configured for ISO-IGRP. [CSCdi17079]
IS-IS causes crash dumps appears without termination. [CSCdi17169]

LAT [CSCdi14476]

Novell IPX, XNS, and Apollo Domain

When bringing up an interface which has been down since system startup, on a router running with XNS routing configured for over two weeks, the newly installed XNS interface will not send out XNS RIP updates. The work around is to power cycle the router. [CSCdi15730]
Pinging XNS traffic through a frame relay causes a high number of timeouts. [CSCdi16118]
Some access lists do not work correctly when applied to the interface. Novell and XNS access lists do not look at the destination network in the packet or in the defined access list when novell route cache is enabled. Work around is to turn off fast switching on the interface no novell route-cache [CSCdi16166]
Novell IPX echoes (ping) do not work to the router's own IPX address on certain kinds of interfaces. [CSCdi16558]
XNS echoes (ping) do not work to the router's own XNS address on certain kinds of interfaces. [CSCdi16567]

Protocol Translation

The option "Printer" supports LAT and TCP printing over an X.25 network among multiple sites. The "Printer" option provides an intterlock machanizim between accepting the incomming X.25 connection and the openining of LAT/TCP outgoing connection. Translate x25 55555 Printer tcp TCP-Device configuration command causes the Protocol Translator to confirm the outgoing TCP/LAT connection before sending a Call Confirm to the incoming X.25 connection. An unsuccessful outgoing TCP/LAT connection attempt will result in the incoming X.25 connection to the Protocol Translator to be refused rather than being confirmed followed shortley by being cleared. Note that using the "Printer" option will force the global option "Quiet" to be applied to the translation. [CSCdi14263]
Protocol Translation queued Host Initiated Connections from LAT to X.25 should be checked every Second instead of 60 Seconds. [CSCdi15819]
[CSCdi15844]
A protocol translator used for LAT to X.25 Host-Initiated Connections (such as printing), may run out of memory over time. [CSCdi16105]

Wide-Area Networking

When bridging over frame relay, data may be sent on inactive DLCIs. [CSCdi13429]
The MTU of a BRI interface cannot be increased. [CSCdi14913]
"sh bridge" command does not diplay Frame Relay DLCI. [CSCdi15566]
The router does an incorrect check for the V.25 dialing frame. [CSCdi15771]
A Cisco router with an ISDN BRI interface may not properly show dialer information. The show dialer and show dialer interface bri 0 should have the same format and show the same information. [CSCdi16197]
Invalid DLCI value in frame-relay map command accepted. [CSCdi16326]
Under some circumstances, the cisco PAD code will fail to actually send an x.29 invitation-to-clear message, even though the output from debug pad indicates that one is being sent. [CSCdi16630]

XRemote

9.1(8) Caveats/9.1(9) Modifications

This section describes possibly unexpected behavior by Release 9.1(8). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(8). For additional caveats applicable to Release 9.1(8), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in release 9.1(9).

AppleTalk

AARP Packets with bogus protocol type fields in the AARP header are not pitched. There is no significant system impact. [CSCdi13778]
AARP packets with bogus hardware types, hardware address lengths and protocol address lengths are not dropped. There is no significant system impact. [CSCdi14107]
Gleaning of MAC addresses from AppleTalk Phase 2 packets does not work properly on Token Ring and FDDI interfaces. A low impact workaround is to disable gleaning by issuing the command no apple gleaning on the affected interfaces. It may also be necessary to clear the AARP cache to flush out any corrupt entries. This may be done by issuing the EXEC command, clear arp. [CSCdi14227]
When NBP BrRq and NBP FwdReq packets are converted to NBP LkUps, the source address is not preserved. This can cause access-groups to inadvertently filter out the LkUps. The workaround is to disable access-groups. [CSCdi14245]
Software does not support ARAP feature yet. [CSCdi14301]
Devices that perform gleaning of MAC addresses from AppleTalk Phase 2 packets may experience connectivity problems. This problem can manifest itself as services on the local network appearing and disappearing in Mac Choosers. There is no workaround. An upgrade is necessary. [CSCdi14732]
If the router hears a Pre-FDDItalk encapsulated RTMP, would reset the FDDI interface. Appletalk state machine, depends on number of non-seed routers, can take up to few minutes to restart the interface. [CSCdi14993]
Misconfigured (incorrect address or zone name list) AppleTalk interface causes AppleTalk processes on the router to continuously allocate more memory until the router hangs. [CSCdi15369]

Basic System Services

There is no way to reduce the number of virtual terminals allocated on a cisco product, even if the box is not intended to support protocol translation. [CSCdi11230]
The DECnet routing table can become corrupted, resulting in unpredictable behaviour. [CSCdi12840]
Routers generate excessive snmp "link down" traps with the reason "N2 (Retry Count) Expired" during every restart attempt on an SDLC line rather than whenever the line changes state. [CSCdi13309]
CBUS tokens do not populate the memory location that SNMP looks in for the data. Therefore the token ring upstream neighbor is always reported as 0000.0000.0000 [CSCdi13489]
The CSC/3 processor card may be unable to load newer software images from FLASH or TFTP servers due to memory constraints.

For example, the 9.1(7) or later images may be too large to fit in the system boot buffer memory. The factors affecting the size of available system boot buffer memory include:

- Features enabled (more features reduce memory available)

- Number of cards in the router (more cards reduce memory available)

- Version of system code in ROM (newer system code reduces available memory)

The short term workaround for systems unable to load the never software images is to downgrade the version of system code in ROM. Alternatively, cards may be removed or features disabled.

This only affects the CSC/3 cards at this time. [CSCdi14366]
The dot5 token ring mib implementation does not handle getnext operations correctly. [CSCdi15090]

DECnet

The router apparently ignores the command decnet routing-timer xxx, and send lvl2 routing updates at a higher interval. [CSCdi12802]
Router with DECnet routing enabled, gives the error message %SYS-2-LINKED: Bad Enqueue, Process="Virtual Exec". Aside from the error message the router functions normally, the imapct on normal functioning of the router is minimal. [CSCdi13322]
Under certain circumstances when the router sends packets on an interface which are larger than the MTU size on that interface the router crashes. [CSCdi13994]
Memory allocation for the CLNS process allocates buffers which are larger than required. This causes low memory problems as other process fail to find buffers they require. [CSCdi14122]
Cisco routers do not listen to the DECnet multicast address for level-2 only routers. This can create problems in situations where DEC routers are configured level-2 only. The workaround is to configure those routers for both level-1 and level-2 routing. [CSCdi14521]

EXEC and Configuration Parser

The bandwidth statement configured on a Token Ring interface is removed from a working configuration after a reload, resulting in a difference between the output of show config and write terminalRip redistribution [CSCdi10277]
This is a dynamic configuration problem. If you issue an area range command while the router is in operation, the router will not remove the summary LSAs that fall into that range. The workaround is that after completing the configuration, do a write memory and remove the OSPF process. Then configure the process again from memory. [CSCdi10293]
A router which is configured as an area border router in OSPF domain fails to generate a summary network link state advertisement into the backbone area for a network in non-backbone area that is configured as an interface's secondary address. [CSCdi10302]
Debug messages for BGP updates should be limited to particular networks by using an ACL. BGP should give up the processor to allow other processes to run while servicing callbacks and redistributing routes into BGP from another protocol. The TTL on BGP packets should be set to 1 for external neighbors unless the EBGP-multihop override has been specified. On routers that are not advertising an external path to a network, we should not send unreachables for that network to IBGP neighbors. The IP forwarding table should be immediately pruned of all BGP routes when a global BGP reset is performed. BGP should never take a locally sourced path and inject a route based on that path into the routing table. When BGP determines that it has successfully placed a route into the routing table, it should remove any sourced paths that it has in its path table. BGP should never send an update back to a neighbor for something that we learned from that particular neighbor. BGP should never send inter-AS metrics to internal neighbors. show ip bgp x.x.x.x should not display an inter-AS metric value unless a metric was received, or is being generated. OSPF metrics are carried into BGP as the INTER-AS metric (which in itself is somewhat broken). The default-metric command overwrites these computed OSPF metrics as well as provides an inter-AS metric for all routes learned via protocols other than OSPF. The default metric should not overwrite the computed OSPF metric, but rather just gives metrics to routes that don't have an inter-AS metric already. To explicitly override the OSPF metric, enter the command redist ospf as metric metric-value. A new metacharacter should be added to the regexp parser. The "_" character should match on the beginning of line, end of line, or a single whitespace. [CSCdi10324]
If a summary route for a major network exists in the routing table and the route is advertised by BGP, a bad NEXT_HOP attribute can be generated in some cases. The summary route must point to a next hop which is not directly connected, and the BGP neighbor must not be directly connected. If a major network is learned initially via BGP and then subsequent subnets are learned from other sources, the network will not be learned by BGP. [CSCdi10358]
Static IP routes to 0.0.0.0 via an intermediate destination are not removed immediately from the routing table if the interface to the destination goes down. Static IP routes to 0.0.0.0 via an intermediate destination are not removed immediately from the routing table if the interface to the destination goes down. [CSCdi10377]
A spurious OSPF HELLO packet may be sent during a system reload. The HELLO may not contain proper router ID information and can confuse other vendors OSPF implementations, resulting in improper startup. [CSCdi10516]
If two routers exchange an external BGP route over IBGP and that external route is removed, the routers can converge on the IBGP route. This forms a static routing loop. This behavior was introduced in 9.1(4.5). [CSCdi10733]

ISO CLNS

A redirect sent out over an X25 interface does not get encapsulated and CLNS returns a failure. [CSCdi04417]
CLNP packets carrying the Global QoS option will not be fast switched. This option is commonly included by OSI End Systems because it contains the Congestion Experienced bit, which is used by the ISO Transport congestion avoidance mechanism. This will cause reduced CLNP switching capacity. [CSCdi08045]
ES-IS cache entries for a disabled interface are not flushed when the interface is disabled. This means that packets destined to systems that were formerly reachable through that interface may be lost until the cache entries time out (maximum of five minutes). [CSCdi08490]
CLNS packets that are slow switched will always have their checksums calculated from scratch, even when the incoming packet has checksums turned off. This has no operational impact, other than slowing down packet forwarding and receipt if the original packet did not have checksums enabled. [CSCdi08567]
Packets generated by the CLNS ping command do not contain the Global QoS option (which includes the "congestion experienced" bit). Since most typical CLNP packets carry this option, the ping command would be more useful as a test tool if the option were present. [CSCdi08568]
IS-IS will send level-1 LSPs over a point-to-point link to a level-2 adjacency. The router on the other end discards the packet, and the sending side continually retransmits these LSPs. [CSCdi09335]
When CLNS receives a packet that needs to be fragmented, but the 'segmentation permitted' bit in the packet is off, it should send back an error packet (ERPDU) indicating this situation. [CSCdi09413]
There are four obscure cases where IS-IS does not purge its own LSPs. The effect is LSPs harmlessly stay in the database longer than necessary. [CSCdi09526]
If IS-IS areas are configured in neighboring routers such that they are not in the correct order, a level-1 adjacency will not form. This only occurs in multihomed areas over point-to-point links. [CSCdi09555]
The Cisco router will create an adjacency with an end-system that has advertised an invalid NSAP format in its ESHes. [CSCdi09670]
If an OSI end-system advertises an NSAP address that exceeds the legal length (20 octets), the Cisco router will accept and process the NSAP and will build an adjacency. [CSCdi09672]
There are rare occurences that the system may reload when a "show isis database detail" command is issued when the link state database contents is changing. [CSCdi09805]
An interface static route requires an snpa if the interface is ethernet or (in the case of serial interfaces) if the encapsulation is of a "WAN" type (i.e. x25, SMDS, FR). In the serial case, the SNPA is not inserted in the NVRAM configuration.

e.g. for interface s2 with x25 encapsulation:

router# config term Enter configuration commands, one per line. Edit with DELETE, CTRL/W, and CTRL/U; end with CTRL/Z int s 2 clns route 39.0008 serial 2 111111

router# write term ..... int s 2 clns route 39.0008 serial 2 ^^^^^ missing snpa ..... [CSCdi09867]
The NSAP lookup routine goes through the entire hash table even when a matching entry has been found. [CSCdi09915]
If there are any CLNS discard routes configured and they are redistributed into ISO-IGRP, they will not be advertised. The workaround is to configure a fictitious static route so it can be redistributed. [CSCdi09917]
Under certain circumstances, CLNS over x.25 would not work because the encapsulation of the CLNS packets would fail. The call to the x.25 address look-up routine did not zero out the structure containing the x.121 address correctly, thus causing the look-up routine to fail; this error was propagated up to the encapsulation routine which also would fail. [CSCdi09966]
If a static CLNS route to the zero-length prefix ("default") is configured, it will not be written correctly to NVRAM.

The workaround is to install a small number of static routes of length one instead. [CSCdi09997]
If there is a neighboring IS on a LAN, and a router is configured to run IS-IS on the interface, the router does not advertise the IS as an ES link in the pseudo-node LSP.

This fix allows ISes that do not run IS-IS to be reachable via the IS-IS running domain. [CSCdi10002]
The active ISIS adjacency count on an interface was being counted incorrectly when the IS was of type level-1-2. [CSCdi10025]
CLNP packets carrying the Global QoS option will not be fast switched. This option is commonly included by OSI End Systems because it contains the Congestion Experienced bit, which is used by the ISO Transport congestion avoidance mechanism. This will cause reduced CLNP switching capacity. [CSCdi10052]
When there exists static routes in which the next-hop interface is no longer reachable, and ISO-IGRP is redistributing static routes, it will continue to do so if the interface goes down or the next-hop goes unreachable. [CSCdi10060]
When deconfiguring an ISO-IGRP routing process, static prefix routes learned by that process are not deleted from the routing table. These routes stay in the table indefinitely. A system reload is the only cure for the problem. [CSCdi10406]

LAT

A protocol translation to a LAT printer will routinely lose the end of the job. [CSCdi08256]
If the name specified in the hostname command is illegal as a LAT node name, LAT service advertisements will be sent out with the invalid name and will be ignored by LAT terminal servers on the network. This will cause the Cisco system to be unreachable (via LAT) from those terminal servers. The administrator should either ensure that the hostname is a legal LAT nodename or add an additional lat node-name command to override the use of the hostname. [CSCdi09592]
If more than one node offers a LAT service with the same name, and one of those nodes crashes, the communications server may reload. [CSCdi09705]

Local Services

If an attempt is made to either write a read-only object or read a write-only object, the wrong error code is returned. [CSCdi09714]
The Apollo ping command displays the destination
Novell encapsulations other than the system defaults on Token Ring or FDDI interfaces are not written out in the write term, write network, or write memory commands. If the Novell encapsulation on Token Ring or FDDI is changed from the default, it will revert to the default Novell encapsulation after the next system restart. [CSCdi09892]
The SHOW NOVELL/XNS ROUTE display is missing the count of learned routes in the header of the display. [CSCdi09923]
Novell, XNS, and Apollo maximum-path 0 is accepted and displayed by the system, but the default maximum-paths is 1. If a user types a maximum path of 0, make this return to the default setting of 1. [CSCdi09955]
- If static saps are present and novell routing is disabled, configuration entries do not disappear.
- Multicast host addresses are not permitted. Unfortunately, this check is done incorrectly if the static sap is associated with a remote network.
- The multicast host address check is not performed correctly if the (local) medium is fddi. The same problem exists for static routes. [CSCdi09985]
Corrupted Novell RIP updates on Token Ring can cause a race condition to occur when trying to free packets for the Token Ring interface. This caveat manifests itself by causing novell network numbers assigned to the Token Ring interface to get switched with another novell network number on a different interface. This usually results in an error on the Novell Fileserver. ie: Router at X claims network Y, should be X. [CSCdi10070]
The Cisco IPX ping command was limited to a maximum of 1500 bytes. This patch increases the ping maximum to 4096 bytes for segments which supports that size. [CSCdi10130]
Odd-length Token Ring Novell IPX frames that are fast switched from a ciscoBus Token Ring to an MCI Ethernet have a padding byte missing from the frame. Certain Ethernet NIC drivers will work fine with this frame, while others will count this frame as an error packet, resulting in connection failures. A workaround is to turn off Novell route-cache on the destination Ethernet. However, be advised that this will slow down all IPX traffic destined for that Ethernet. [CSCdi10159]
When fast switching from SBE Token Ring interfaces to HDLC encapsulated serial interfaces, the last 7 bytes of data in an odd-length frame and 8 bytes of data in even-length frames will become corrupted. Turning off Novell route-cache on the output serial interface will allow the frames to be forwarded properly. [CSCdi10230] network number in decimal; it should be displayed in hexidecimal. The minimum Apollo ping size should be 75 because of Apollo packet header size overhead. [CSCdi10265]

TCP/IP Host-Mode Services

When a TCP connection has a closed window, packets containing valid ACKs are discarded if they also contain any data (since the data is outside of the window). The correct behavior is to continue to process the ACKs for segments with reasonable ACK values. This is especially a problem in the initial stages of a connection, when we send the SYN-ACK with a 0 window. If the ACK to our SYN contains data also, we will not process that ACK, and the connection never gets to ESTABLISHED state. [CSCdi05962]
A TCP connection that has transmitted a very large amount of data (on the order of 2 billion bytes) can remove packets from the retransmission queue prematurely, causing the connection to unexpectedly close due to a retransmission timeout, even though the network path is working correctly. This can affect router functions like remote source route bridging, which can transmit large amounts of data over a long period of time. [CSCdi09764]

TN3270

Under certain circumstances, use of TN3270 may cause the Communication Server to hang. [CSCdi09987]

Wide-Area Networking

The protocol translator resets X.25 switches by sending pad control packets with the Q-bit set immediately after full data packets which have the M-bit set. [CSCdi09201]
When a router with frame-relay encapsulation is configured for frame-relay lmi-type ansi and then reloaded, the status enquiry message sent out the interface is seen on DLCI 1023, not DLCI 0. No serious consequences arise from this. [CSCdi09661]
OSI packets switched from an Ethernet, Token-ring, or FDDI interface to a PPP encapsulated serial line are transmitted with a non-zero padding byte between the OSI protocol data unit and the PPP encapsulation. The non-zero value is actually 03, and is put by the encapsulation on the Ethernet/Token-ring/FDDI interface. When this incoming encapsulation is removed and replaced by the PPP encapsulation, the padding byte is left untouched instead of being initialized to zero.

Since padding bytes are supposed to contain the value zero, this can confuse equipment from other vendors and cause interoperability problems.

There is no interoperability problem between cisco equipment on account of this caveat because cisco equipment always expects one byte padding and does not specifically check the value of this padding byte. [CSCdi09795]
The warning message is not displayed any more. [CSCdi09846]
Under certain circumstances, routing X.25 packets over an IP network may cause the system to reload. [CSCdi09872]
The string of the rotary group is not affected by any configuration change any more. [CSCdi09889]
Incoming PAD connections to the AUX port will fail, because the code that starts the tty_daemon processes do not recognize AUX ports. [CSCdi09918]
In a configuration with two or more dialer maps, if one call was up, and a packet needed to be transmitted to a different phone number, the call that was active would be immediately disconnected even if it had not been idle for the fast idle period. [CSCdi09925]
The behavior of X.25 packet size negotiation may now depend on the value of the LAPB N1 parameter and may cause confusion. It is not necessary to set N1 to an exact value to support a particular X.25 data packet size, although both ends of a connection should generally have the same N1 value. The value of N1 is to simply avoid processing any huge frames that result from a 'jabbering' interface, which is a fairly unlikely event.

Cisco's default N1 corresponds to the hardware interface buffer size. If it is desired to set the value to something else, the new value must allow for an X.25 data packet (maximum packet size plus 3 or 4 bytes of overhead for modulo 8 or 128 operation, respectively) and LAPB frame overhead (2 bytes of header for modulo 8 operation plus 2 bytes of CRC). In addition to this, the standards bodies specify that N1 is given in bits rather than bytes. While some equipment may be configured using bytes or by automatically adjust for some of the overhead information present, Cisco equipment should be configured using the true N1 value.

The following table specifies the *minimum* N1 values needed to support a given X.25 data packet.

max. data in min. N1 for min. N1 for X.25 data packet X.25 modulo 8 X.25 modulo 128 ---------------- ------------- --------------- 128 1088 * 1088 256 2104 2112 512 4152 4160 1024 8248 8256 2048 16440 16448 4096 32824 32832

* Note that N1 cannot be set to a value less than what is required to support an X.25 data packet size of 128 bytes under modulo 128 operation; this is because all X.25 implementations must be able to support 128 byte data packets.

Configuring N1 to be less than 2104 will generate a warning message that X.25 may have problems because some nondata packets can use up to 259 bytes.

N1 cannot be set to a value larger than the default without first increasing the hardware MTU parameter.

X.25 will accept default packet sizes and CALLs that specify maximum packet sizes greater than what the LAPB layer will support, but will negotiate the CALLs placed on the interface to the largest value that can be supported. For switched CALLs the packet size negotiation takes place end-to-end through the Cisco equipment, so the CALL will not have a maximum packet size that exceeds the capability of either of the two interfaces involved. [CSCdi09930]
When using PPP encapsulation for a BRI interface with a switch type of DMS-100 or AT&T, the ISDN software on the router will behave improperly. [CSCdi10017]
The protocol translator will now respond with a pad error message to X.3 parameter sets that are outside the range of recommendations X.3. [CSCdi10042]
With remote X.25 switching, and routing to a destination that cannot route the call, the originating router pauses indefinately. [CSCdi10051]
When the ISDN switchtype is set for 5ESS on the BRI interface, there is a problem at startup. If the BRI line is unplugged and plugged back in a couple of times, the router may crash. [CSCdi10118]
The interface subcommand no encapsulation ppp is not handled correctly by the ISDN BRI interface. The encapsulation will be set to whatever came after the no encapsulation, rather than resetting the interface back to HDLC. When the command no encapsulation ppp is entered the D channel uses HDLC, and the B channels stayed in PPP. [CSCdi10215]
The output of debug frame-relay-packetis incorrect for the multicast DLCI. This is only a problem with the formatting of the debug output. [CSCdi10332]
The fix for CSCdi10017 broke the hangup process. It is now done fixed. [CSCdi10351]
A Cisco 3103 router with a basic rate interface connected to a DMS100 telephone switch does not properly use both B-channels for incoming calls. The use of SPIDs (Service Profile IDentifiers) can complicate the configuration. [CSCdi10379]
When parsing an LMI frame with an invalid IE, all valid IE prior to the invalid one will be taken into account. Once the invalid IE is reached, the packet is dropped. The entire LMI frame IEs should be ignored. [CSCdi10383]
Bridged packets destined for a unicast address are not sent over frame relay interfaces when keepalive is turned on. [CSCdi10385]
Frame-relay LMI updates do not indicate when a status enquiry message is not sent out due to a lack of buffers. [CSCdi10511]
For X.25 connections that are not using DDN X.25, local facilities are not accepted by the router. [CSCdi10558]
A Cisco 3103 with an ISDN basic rate interface may not properly disconnect a call that it has received. When the 3103 idle timer expires the B-channel may not be disconnected and will be left unavailable for use. [CSCdi10562]
X.25 does not properly set the default values for MTU and LAPB N1 for DDN and BFE encapsulation. Therefore, the flow control negotiation code will lower the values on outgoing CALLs and clear an incoming CALL with little indication as to what the problem is. Additionally, the BFE behavior of disallowing flow control facilities on a CALL CONFIRM packet does not apply to DDN implementations. X.25 does not properly set the default values for MTU and LAPB N1 for DDN and BFE encapsulation. Therefore, the flow control negotiation code will lower the values on outgoing CALLs and clear an incoming CALL with little indication as to what the problem is. Additionally, the BFE behavior of disallowing flow control facilities on a CALL CONFIRM packet does not apply to DDN implementations. [CSCdi10573]
A Cisco 3103 with an ISDN basic rate interface may not be able to properly complete an outgoing ISDN call. This might happen if the switch-type is set for basic-5ess. When a CONNECT message is received from the network, an "Unexpected Connect" message may be displayed. [CSCdi10600]

9.1(3) Caveats/9.1(4) Modifications

This section describes possibly unexpected behavior by Release 9.1(3). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(3). For additional caveats applicable to Release 9.1(3), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in release 9.1(4).

AppleTalk

The AppleTalk name lookup cache may not always be reflected in the output of various show apple commands. This affects the output of these show commands only; it does not affect any core router functionality. [CSCdi07775]
A clear interface command does not clear the IPtalk port. Use the configuration command no apple iptalk instead. [CSCdi07778]
AppleTalk zone multicasts such as NBP lookups are unexpectedly ignored on FDDI interfaces. [CSCdi09424]
Serial interfaces configured with discovery mode never become operational. [CSCdi09532]
Two routers connected back to back, may crash upon netbooting one after another. [CSCdi09567]

Basic System Services

In a limited number of 9.1 images, the user may be incorrectly placed in setup mode while attempting to netboot. Any information that might be assigned there is further ignored. This is mainly seen, but not limited to, routers such as the Cisco 3000 that have RXBOOT ROMs. Also, the AutoInstall feature will not be able to complete under these circumstances since the router will wait at the setup prompt for human intervention before running. [CSCdi09229]
Translate commands should be written before LAT service commands, because LAT service commands can modify existing translation services. [CSCdi09255]
A terminal line configured for flow control will not successfully time out (due to a "session-timeout" configuration) if XOFF is selected for the line at the time of the timeout. [CSCdi09310]
Once the flash check/verify/erase sequence begins during a TFTP copy to flash, it is not possible to break from the process until it finishes or fails. This can be an inconvenience if the filename is mistyped. [CSCdi09417]
The "uptime" portion of the show version command incorrectly identifies a Cisco 4000 as an IGS. [CSCdi09441]
In some cases, error messages that precede a crashdump may be lost. Instead, we should always at least dump them to the console before doing the crashdump. [CSCdi09632]

DECnet

If a DECnet Phase V end node sends both Phase IV hellos and ESHs, the Cisco router continually changes the adjacency type stored in the OSI adjacency database. Therefore, packets are sometimes converted and sometimes not. The correct behavior is to set the adjacency type to Phase V and use this adjacency. Phase IV packets should then always be converted. Phase V packets should not. [CSCdi09235]
DECnet should look at the MAX AREA parameter and not advertise reachability to any areas greater than this parameter. Likewise, it should not advertise reachability to a node that is greater than the MAX NODE parameter. It should also not accept hellos from such nodes. [CSCdi09716]

EXEC and Configuration Parser

If dialer interfaces are created using the interface dialer n command, they can never be deleted from the configuration. The reported behavior is corrected. When typing no interface dialer 1 the configuration does not show anymore. When removing a dialer with the command no dialer in-band the other configuration commands are deleted and do not show up when adding a dialer back. [CSCdi07979]
If nonvolatile memory is erased, corrupted, or does not exist, the router will exhibit new behavior. In any of the above cases, the router now enters the service config mode before it goes into setup. If any of the interfaces gets configured automatically from BootP, RARP, or SLARP, you will see the router attempting to netboot its name and ultimately a configuration file from a server. This will be seen by the output "Booting network-confg ...". It is possible for a new router to exhibit this behavior if it is connected to an active router's serial line from SLARP resolution. This is desired behavior and is not considered a bug, though it might be a nuisance if it is not expected.

The experienced bug is if we answer "no" to the setup command's prompt to continue, service config is still valid, and attempts to netboot the configuration file will continue. The router should assume to turn off service config if someone is there to type "no". If we type "yes" and provide a valid configuration, it will turn off service config. Manually turning off service config from configure terminal will be necessary if we type "no". [CSCdi09049]
The frame-relay subcommands are incompatible between the system image and the bootstrap image. The bootstrap image, which is a trimmed down version of the system image and stored permanently in read-only memory, is used primarily to download system images over the network. The system image expects these subcommands with frame-relay as one hyphenated word. The bootstrap image expects these subcommands with frame relay as two separate words. A consequence of this incompatibility is that frame-relay configuration subcommands created using the system image are rejected by the bootstrap image and vice versa. Therefore, situations where system images are downloaded over a Frame Relay encapsulated line using the bootstrap image will fail if the system configuration has been created using a system image. The workaround for this unexpected behavior is to manually alter the frame-relay configuration subcommands to the form acceptable to the relevant image. [CSCdi09464]

IBM Connectivity

There is currently a problem (in both Software Release 9.0 and 9.1) of setting access filters on source-route bridge networks based on SNAP type codes. [CSCdi09010]
Misconfiguration of the router with peers that do not exist or are powered down can cause the box to loose all memory. [CSCdi09041]
Certain IBM machines are seen to continue doing XID exchanges even after they have received the SABME. With local acknowledgment if the FEP side has already brought up the LLC2 session and the remote PC is still sending XIDs, it causes the FEP to disconnect the LLC2 session. To remedy this, the startup sequence needs to suppress the RNR at the FEP side and not bring up the session with the FEP until the router receives the positive linkup response reply from the remote router. This suppression of the RNR is possible by adding an rnr-disable configuration option to the source-bridge remote-peer command. This option must only be used if local acknowledgment is configured. This option should be configured on both the Cisco routers. [CSCdi09116]
Ignore Format 3 type 4 XIDs for SDLLC connections. This is sent by NCP when VTAM is brought down. Once VTAM is brought down, there is no point for the router to initiate connection. [CSCdi09211]
An SNA frame that was sent and replied to with RNR, is never resent and causes the FEP to enventually drop the session by sending the DM. [CSCdi09218]
Router with STUN configuration would reload with the error message pointed to sdlc_set_clear_busy. There is no work around. [CSCdi09388]
A low-end router could not forward an RSRB packet with RIFs longer than 8 bytes. There is no workaround. [CSCdi09429]
Some local-ack RSRB stations will hang in initializing. Symptom: The hung station will have "local ack state = waiting link up response" stat [CSCdi09551]
Cisco 4000 routers configured with Token Ring interfaces and LAN Network Manager support may experience a system reload as the Token Ring interface initializes. Removing LAN Network Manager support during startup can act as a temporary workaround. [CSCdi09594]
RSRB peers that use TCP used to rely on the TCP transport to inform it that the remote side has gone away. The problem with this is TCP can take a very long time to time out. This is not acceptable in the IBM environment. We have implemented the concept of remote-peer keepalives that ensures that the other side is healthy. Messages are only sent if there is no other traffic. [CSCdi09596]
LNM LLC2 parameters always set to default even if the configuration file does contain commands with different set of values. [CSCdi09646]
Configuring SRT on the Cisco 4000 crashes the box. There is no workaround. [CSCdi09708]
The RSRB state machine goes to a null state when one of the peers of the WAN peers is power cycled. The workaround is to reset both routers. [CSCdi09767]
The rnr-disable argument is dropped from the Remote Source Route Bridging configuration after the system is reloaded. [CSCdi09880]

Interfaces and Bridging

The system reloads when OSPF processes the link state advertisement retransmission list. This happens right after the system starts up. [CSCdi04617]
A message appears when a LAN Network Manager trace frame is accepted by the router and forwarded onto other interfaces on that router, causing a minor memory leak because the wrong packet inside the router is trying to be freed. There is no workaround. [CSCdi07950]
If an async interface is unnumbered, and an IP address is assigned from the EXEC, then the async interface should not be renumbered. If SLIP routing is started, but the address does not belong to the subnet that is already configured on the terminal servers primary interface, the address will be rejected. [CSCdi08621]
BGP should allow a way to override routes sourced by the router with routes learned from another BGP peer. [Vince Fuller Memorial Hack] BGP should allow a way to override routes sourced by the router with routes learned from another BGP peer. [CSCdi08892]
FDDI valid transmission time will display 4294965054 in some cases. [CSCdi08923]
The input queue will fill up slowly while bridging transparently. When this happens, the interface with the filled input queue will no longer accept packets. [CSCdi09131]
LAT compression is broken while bridging LAT on the low-end platforms (for example, IGS, Cisco 3000, Cisco 4000). There is no workaround. Cisco recommends that LAT compression should not be turned on in the low-end platforms until the next interim release. [CSCdi09180]
There is a minor memory leak while bridging. There is no workaround. [CSCdi09183]
RSRB packets when sent from CTR to MCI using direct serial encapsulation are found to be out of sequence, causing NetBIOS sessions to reset. The problem is in sending the packets to the MCI card. If no buffers are available on the serial card, the packets are being queued at the process level. This dual switching of packets (both process and fast switching) cause packets to get out of sequence. The solution is to drop the packet (instead of process switching it) if no buffers are available on the serial card. [CSCdi09196]
Autonomous switching for IP over PPP and Frame Relay IETF works with ciscoBus2 version 11 microcode. Current microcode operations are not impacted by this change. The ciscoBus2 version 11 microcode must not be used with earlier software revision for autonomous switching use. [CSCdi09203]
If your router is configured to redistribute OSPF into RIP, and there is a static subnet configured before another subnet is learned by OSPF, the IP network is not redistributed into RIP. This occurs for subnets associated with an IP network that is not directly connected. [CSCdi09215]
The system normally disallows multiple interfaces to be configured with IP addresses on the same subnet. Such IP address overlap should be allowed when it occurs between a transmit only interface and its associated receive interface, as designated by the transmit-interface interface subcommand. [CSCdi09300]
Some SLIP configurations may cause line protocol to fail on the async connection. In particular, the following configurations were found to be a problem:

line x no exec modem dtr-active slip dedicated slip routing slip address 131.108.152.1 255.255.255.240 session timeout 1 [CSCdi09330]
Static routes with destination gateways routed to via an interface that goes down (or is shutdown) are not always removed from the main routing table. [CSCdi09374]
The command no ip route address only deletes the first static route to address as opposed to all static routes matching the specification. The no ip route address command only deletes the first static route to address as opposed to all static routes matching the specification. [CSCdi09375]
This patch resolves a bug where IP packets, with a TTL of 1 would be rejected. The solution is to allow switching of IP packets with a TTL of 1. Now all packets with a TTL of 0 are dropped if the packet is not for us. [CSCdi09390]
The system will not forward a frame if the frame arrives with the Monitor bit set to 1. The workaround is to make the cisco always be the Active Monitor. [CSCdi09400]
Transparently bridging on a serial interface and turning on priority queuing, X.25, or Frame Relay encapsulation causes a packet to be tossed, which halts bridging. The workaround is to use different serial encapsulation and disable priority queuing. [CSCdi09489]
There is a minor memory leak while bridging from serial to Ethernet or Ethernet to Ethernet. There is no workaround. [CSCdi09495]
In the Cisco 4000 platform, a serial card in the slot closest to the power supply will disable transparent bridging on that slot. The workaround is to move the serial card to a different slot. [CSCdi09496]
Transparently bridged packets were compared to the maximum MTU of the media minus the MAC encapsulation. The workaround is to increase the media encapsulation. [CSCdi09533]
Due to interactions between the bridging code and driver code, the spanning- tree state is handled incorrectly. In pre-9.1, this shows up most readily on serial lines. If a serial line is shut and then no-shut, the port goes into blocking and then stays there. Similarly, if you have an Ethernet port and you pull the cable out, the port will go down. But if you wait for a minute or so (give the spanning-tree protocol time to recompute) and then plug the cable back in, you will see the port go into Forwarding immediately. This can cause temporary network meltdowns. [CSCdi09535]
Configuring local acknowledgment on only one side of a peer set may result in a system reload. [CSCdi09536]
OSPF doesn't listen to multicasts on an old Type 2 ethernet card. OSPF does not listen to multicasts on an old Type 2 Ethernet card. [CSCdi09553]
While parsing through an RSRB packet, the location of the RIF was calculated wrong, resulting in looking at the wrong place in the RIF trace and broadcast bits. There is no workaround. [CSCdi09650]
The active monitor of the ring is not seen at initial boot time of the router. The active monitor will be seen only if a soft error occurs on the ring. There is no workaround. [CSCdi09830]

IP Routing Protocols

When using the domain-list feature, the software may fail to properly update domain cache entries that have been timed out. [CSCdi03896]
BGP does not accept advertisements of network 0.0.0.0. [CSCdi08880]
When using multiple addresses on a single interface from different major networks and with different sized subnet masks, sometimes an address overlap is reported where none exists. [CSCdi09104]
If there is a subnet that is learned by OSPF and the associated IP network is not directly connected, the route will not be redistributed into IGRP, RIP, and Hello. The IP network is suppose to be redistributed but is not. This only occurs when you are redistributing OSPF routes into the other Distance Vector protocols. [CSCdi09146]
OSPF removes the wrong instance of link state advertisement from link state retransmission list after receiving a link state acknowledgment. This happens in a rare circumstance when the acknowledgment is for an older instance of link state advertisement. [CSCdi09189]
OSPF module miscalculates whether two link state advertisements are the same instance. [CSCdi09190]
In a user environment that requires to use TAB character with tn3270, the system incorrectly handle TAB characters in a login-string. A new option argument-%t is added to handle TAB character correctly. [CSCdi09220]
OSPF module miscalculates whether two link state requests are for the same link state advertisement instance. [CSCdi09338]
Debugging messages showed by the OSPF module during the designated router election process shows a wrong router ID. [CSCdi09411]
OSPF is not enabled on an unnumbered interface automatically when a numbered interface is changed to unnumbered while OSPF is enabled on the router. [CSCdi09433]
Source-routed IP packets that are supposed to be discarded by the system are sometimes not. Such packets are being packet switched when the local system does not appear as the next hop in the source route. These packets should never be packet switched when the user has entered the no ip source-route configuration command. This unexpected behavior can pose a security problem for sites that use this command to restrict access. [CSCdi09517]
When redistributing core egp into another protocol, the command redistribute egp 0 is written out as redistribute egp which is an invalid command. This only happens if the EGP AS is 0. [CSCdi09524]
When TFTP booting a router over a slow serial line, the TFTP read requests may be timed out by the router before the TFTP server on the other end has had a chance to respond. This can result in netbooting failure. The router's TFTP implementation should reduce its retransmit time in order to adjust to TFTP servers that respond slowly. In the absence of such a change, the system should only be TFTP booted via a path that can be expected to acknowledge TFTP requests within 5 seconds. [CSCdi09550]
show ip route does not display information about a network summary route. [CSCdi09561]
Static routes that point to destinations reached via a route that has expired are not removed from the routing table. [CSCdi09564]
When initiating a TFTP read request, the system can generate TFTP packets with invalid UDP checksums. This only happens when the request is transmitted out an unnumbered interface. If the TFTP server has UDP checksumming enabled, TFTP read requests via the unnumbered interface will fail. Turning off UDP checksumming at the TFTP server or restricting TFTP reads to numbered interfaces avoids this problem. [CSCdi09577]
When an interface's encapsulation is changed via the configuration command encapsulation encapsulation-type, the change is not reflected by most network protocols until the next system reload. In many cases, the original encapsulation continues to be used by these protocols until the system is reloaded. The new encapsulation should take effect immediately. [CSCdi09619]
The OSPF summary lock timer is created as a continuous timer where it should be a one-shot timer. If this timer is set once, it will try to come back even when it is not supposed to. [CSCdi09684]
One of the OSPF forward address queue timers is set to a very low value, which might cause the timer to fire too soon. [CSCdi09693]
If a new BGP neighbor is configured after the router has been operational for 24 days, BGP will not attempt to start the session. The workaround is to manually start the session with clear ip bgp. [CSCdi09732]
This behavior is caused by some octets not being transfered from one MCI card to the other. This is now corrected by ensuring that all octets are properly transferred across the Multibus. [CSCdi09826]

ISO CLNS

When an invalid ER PDU is received, we should just discard it without sending an ER PDU in response. [CSCdi09139]
When redistributing ISO-IGRP routes into IS-IS, there are cases where some routes do not get redistributed. This occurs when the number of ISO-IGRP prefix routes causes more than one IS-IS Level 2 LSP to be generated. The routes that overflow the first LSP do not get generated. [CSCdi09144]
CLNS fast switching over a serial interface with HDLC encapsulation falls back to slow switching. [CSCdi09172]
Certain OSI packets are transmitted with a nonzero padding byte. The padding byte is inserted between the OSI protocol data unit and the relevant data link layer encapsulation. Since padding bytes are supposed to contain the value zero, this condition can confuse equipment from other vendors and cause interoperability problems. This caveat does not occur between Cisco equipment because Cisco equipment always expects 1-byte padding and does not specifically check the value of this padding byte. [CSCdi09238]
There are situations where IS-IS will delete the wrong link in an LSP. This results in either duplicate entries or corrupt LSPs. [CSCdi09466]
Duplicate adjacencies are formed (both system ID and SNPA are the same) when CLNS cluster aliasing is enabled on an interface. This happens for ISO-IGRP and DECnet Phase IV systems. This does not happen for IS-IS and OSI end-system adjacencies. [CSCdi09525]
IS-IS sends point-to-point IIHs out HSSI interfaces that are 1 byte larger than the allowable MTU. This results in a %TOOBIG.... error message. The adjacency still forms. [CSCdi09538]
Interface static routes with no SNPA specified will not be deleted from the configuration file. They are deleted from the routing table. [CSCdi09579]
If there exists a Phase IV end node directly connected to a router, and IS-IS is enabled where the router is designated router, the Phase IV end system is not inserted into the Level 1 routing table and therefore is not reachable. This is a problem for end systems that are both Phase IV and Phase V. [CSCdi09678]
IS-IS does not free the memory used for any LSP when the Lifetime expires and it is deleted from the link state database. This event does not occur very often. [CSCdi09759]

LAT

A LAT protocol translation session can fail to be destroyed properly under some circumstance when output is still in progress as the connection is closed by the remote LAT host. [CSCdi07506]

Novell IPX, XNS, and Apollo Domain

When receiving a Novell RIP request packet with an invalid length, it is possible that a system data structure could become corrupted. In extreme cases this could cause the system to crash at some later time. The novell rip-check command will turn on special processing of these invalid RIP request packets, avoiding the undesirable behavior. [CSCdi09056]
A race condition in the show novell cache command can cause the router to reload. [CSCdi09163]
Certain Novell packets may be received and processed by the local interface when they have been sent by a misconfigured client, server, or router. For example, a SAP Get Nearest File Server packet sent on network 0xA1 from a host whose network number has been misconfigured as 0xA2. These misconfigured packets should be ignored and counted as bad packets. In the Show Novell Traffic display the packets pitched counter should be incremented when we receive one of these packets. [CSCdi09178]

Protocol Translation

On the protocol translator, if two host-initiated TCP connections to a single resource exist (one active, one queued), and the active connection is closed by a remote system, the protocol translator does not close the TCP connection, and does not process the next queued connection. A workaround is to specify a (small) session timeout (with "output"). [CSCdi09305]

TN3270

Communication servers under certain circumstances may drop TN3270 connections and eventually reload. [CSCdi09197]

VINES

A Cisco router may occasionally send an ICP error message with an error code of zero. Receipt of this message can cause a Banyan server to drop some or all communications links passing through the router. [CSCdi09175]
If a station is removed from an interface that uses one type of encapsulation and is added to another interface that uses a different encapsulation before the neighbor entry expires, communication to the station will never be reestablished. [CSCdi09294]
There is a condition where some serverless networks will have extreme difficulty logging in to any server. This is caused by a packet sent by the router not being understood by a VINES server. The workaround to this problem is to shorten the name of the Cisco router to be 15 characters or fewer. [CSCdi09372]
This problem only occurs when a client is initially powered on, and the first login attempt results in a forced password change. The user will not be able to change his password and will not be able to log in. The workaround is to have another user log in and log out at that client, then the affected user will be able to log in and change his password. [CSCdi09467]

Wide-Area Networking

This patch allows Cisco 4000 users to enable fast switching of packets on both serial lines. Prior 9.1 releases prevented users from enabling this feature. This patch allows fast switching of Frame Relay, HDLC, and SMDS across both serial interfaces. [CSCdi09107]
OSI packets encapsulated in PPP are always expected to have a 1-byte padding between the OSI protocol data unit and the PPP encapsulation. This is not compliant with the Internet standards document RFC 1377, which specifies that a system must be able to accept such a padding of anywhere from 0 to 3 bytes. This noncompliance can therefore cause interoperability problems with another vendor's equipment if that equipment cannot or does not insert a 1-byte padding. Note that there is no problem if both sides of the PPP encapsulated serial line have Cisco equipment. [CSCdi09237]
Systems with X.25 map entries for more than one remote AppleTalk host on a single interface are subject to reloads. [CSCdi09328]
When running PPP between a Cisco router and a Wellfleet router, the Cisco router, over time, ignores packets on its interface to the Wellfleet router because rejected packets are not freed by the Cisco router. The Wellfleet router violates protocol by continuing to send packets of a particular type to the Cisco router even after the Cisco router rejects that particular type. [CSCdi09404]
The 3103 router does not allow for Service Profile IDentifier (SPID) numbers to be sent from the router to the DMS-100 ISDN switch. A SPID for each B-channel (two maximum) must be sent to the network before any calls can be made to or from the router. The SPID is given to the user by the network when the basic rate service is started. The SPID values are entered into the configuration using the interface bri 0 command with the spid and spid2 commands. These values are sent to the network upon powerup or after a clear interface bri 0 command is entered. [CSCdi09422]
When connected to a 1TR6 ISDN switch, the 3103 router does not properly respond to an incoming CONNECT message. A RELEASE message is incorrectly sent out to clear the call. Instead of clearing the call, a CONNECT ACKNOWLEDGMENT message should be sent out to accept the call. [CSCdi09488]
For ISDN routers, incoming SETUP messages are not accepted when using the NTT switch type. [CSCdi09614]
An serial interface with Cisco HDLC encapsulation is considered to be up when in a looped-back state. In some configurations, notably those involving dialed backup, it is more appropriate to consider a looped line to be down. The solution to this problem is to add a new interface configuration command, [no] down-when-looped. By default, when this command line is absent from the configuration, the line does not go down when in loopback. This new command is valid only for HDLC encapsulation. [CSCdi09657]
CLNS will not work over X.25. X.25 calls that are received and have NSAP addresses in the facilities are classified as CONS (CMNS) calls even if CMNS isn't enabled on the interface. [CSCdi09679]
There are certain problems in LMI processing: Invalid LMI frames may be processed (incorrectly) instead of discarded. Sequence numbers are not reset after interface failures. Checks for deleted DLCIs may improperly identify active DLCIs as deleted. [CSCdi09722]

9.1(2) Caveats/9.1(3) Modifications

This section describes possibly unexpected behavior by Release 9.1(2). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(2). For additional caveats applicable to Release 9.1(2), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in release 9.1(3).

AppleTalk

A spurious "couldn't register" traceback message may occasionally be seen on an interface that is being enabled for AppleTalk support if the interface resets at the same time the support is being started. This traceback message is harmless and can be ignored. [CSCdi06171]
The AppleTalk nbptest facility does not correctly represent 8-bit characters in output resulting from the use of 8-bit characters in NBP entity names or zone names. As this is a diagnostic facility, there is no impact upon routing functionality. There is no workaround for this problem at this time. This error will be fixed in a future release. [CSCdi06266]
The computed total in the summary line of the show appletalk zones command is not the same as the number of zone names shown in the output of the command. This is cosmetic and does not affect routing operation. [CSCdi06993]
Loading interface-specific MacIP configuration commands across the network will cause MacIP to fail when the interface is already configured for AppleTalk and the configuration file read from the network also contains the same configuration commands that reenable AppleTalk on that interface. The workaround for this problem is either to not load in MacIP commands across the network, by saving the commands locally in NVRAM on the router, or to not specify the interface-specific AppleTalk commands in the host configuration file being read across the network. [CSCdi07353]
When a router is configured with an AppleTalk zone name that begins or ends with a special 8-bit graphics character, NBP lookup queries made to this zone in the router will cause the router to reload. The workaround is to not configure zone names that begin or end in 8-bit characters. A crash can also occur when an NBP search is performed with graphics characters at the beginning or end of the type field. For example, a server with a trademark symbol at the end of the server-type name will cause the router to crash if it is installed on a zone connected to the router. The workaround is to move the server to a zone not assigned to the router, so that lookup requests for this type of service will not be directed at the router. [CSCdi07672]
This is a cosmetic fix. When a router receives a nbp lookup to its net# and the zone, it finds all the matching entities in that entire zone and sends the nbp reply. Correct behaviour is to just respond with the entities registered on that interface only.Routers do not have to reply with all entities in that zone this is a NBP protocol function to generate the lookups to all the networks that correspond to this zone . This rdundancy is eliminated [CSCdi08746]
When the appletalk permit-partial-zones command is enabled, the appletalk distribute-list access-list out and appletalk getzonelist-filter access-list commands unexpectedly permit all networks and zones in RTMP updates and GetZoneList replies when used with access lists that contain no zone information (that is, network number restrictions/permissions only). [CSCdi08819]

Basic System Services

The router may experience a software error when the command show memory free is executed, and the command must pause for output at any time in displaying the results of the command. The workaround is to ensure that the output does not pause by using the command terminal length 0 before issuing the show memory free command. [CSCdi08368]
The boot system rom commands are written out in configuration files with a superfluous IP address at the end of the command. There is no operational impact. [CSCdi08407]
The show memory command on the Cisco 4000 system did not show any information on the high-speed static RAM (SRAM) memory. The show memory command on the Cisco IGS, Cisco 3000, and Cisco 4000 systems did not include a command to show a summary of free IO memory. The show memory command on the Cisco 4000 system did not include a command to show a summary of free SRAM memory. [CSCdi08447]
entering multiple logging buffered commands without an intervening no logging buffered command can cause meaningless output to be included in the output of the show logging command. [CSCdi08459]
System images from the 8.3, 9.0, 9.1, and 9.14 releases could not be successfully netbooted on IGS boxes with 8.2 EPROMs. The ROM monitor in the 8.2 EPROMs did not support some functions that the newer releases use. The system image should protect itself by error checking the return code from all ROM monitor calls. [CSCdi08521]
An "event-dismiss" error message can be encountered when debug output is being output on the console while running a bootstrap system image; for example, igs-rxboot, xx-rxboot, csc3-boot, and so on.

(boot)ROUTER#debug tokenring %SYS-2-INTSCHED: event dismiss at level 4 -Process = "Exec", level= 4, pid= 11 -Traceback= A87C A8D6 1418C 9422 9EB2 15FA 304D8 70DEC %SYS-2-INTSCHED: event dismiss at level 4 -Process = "Exec", level= 4, pid= 11 -Traceback= A87C A8D6 1418C 9422 9 [CSCdi08533]
This fixes a bug where changing encapsulations on a serial interface would reallocate the buffers incorrectly. If the maximum MTU size of the interface was greater than the default, then changing the encapsulation would cause errors when the buffers were allocated based on the default maximum MTU for that interface. The maximum MTU would still show what was configured but the buffers allocated to that interface would be set back to the default of 1500 for serial lines and 4470 for HSSI. [CSCdi08928]

Communication Server

Under certain circumstances, a reload may occur when switching between multiple TCP connections or using the state machine feature of the communications server. [CSCdi06884]
If a line is configured with session-timeout n output, the "output" part of the command will remain in effect even if a new session-timeout n command is given (without "output" specified). A workaround is to turn off the "output" part explicitly with a no session-timeout 0 ouput command.

If a line is configured with the session-timeout n output command, the output option will remain in effect even if a new session-timeout n command is given (without output specified). A workaround is to turn off the output option explicitly with a no session-timeout 0 ouput command. [CSCdi08625]

DECnet

DECnet address translation fails on IGS platform routers in the cases where both interfaces are not fast switched and one of the interfaces is capable of being fast switched. The workaround is to configure both interfaces for DECnet fast switching. Since this is not possible for all interfaces and encapsulations, such as Token Ring, X.25, and Frame Relay interfaces, some configurations cannot support ATG on IGS platform routers. [CSCdi07652]
DECnet fast-switching on the Cisco 7000 works fine on Ethernet when the encapsulation is ARPA. It does not seem to work for ISO1/SNAP encapsulations. A (crude) workaround to the ISO1/SNAP ethernet encap switching problem is to: 1) enable the default encap (ARPA) 2) set your switching mode 3) enable the desired encap (ISO1 or SNAP)

Fast-switching is supported only for ARPA encapsulation (for Ethernet). The problem is that the code does not change the decnet 'fast-switch' flag to FALSE when the encaps flag is changed to anything other than ARPA. Likewise, the code does not set the flag to TRUE when the encaps is changed back to ARPA (and DECnet fast-switching is turned on). [CSCdi08415]
When a DECnet extended access list is configured with a destination address, the code ignores the destination/mask information in the ACL. If a match was found in the connect part of the ACE, it would return TRUE, that is, grant access, regardless of the destination/mask information. For example, access-list 300 permit 1.400 0.0 1.999 0.0 eq any should allow only packets from 1.400 to 1.999 to go through. The observed behavior was all packets would go through, regardless of destination. The fix is to just check that the source address/mask (and destination/mask, if applicable) specified in the access list matches the corresponding values in the incoming packet. [CSCdi08760]
Turning on fast switching on an interface should be disallowed if that interface does not support fast switching, or in the case of serial interfaces, if the encapsulation does not support fast switching. [CSCdi08806]
With DECnet access lists, the destination address/mask is ignored, regardless of what is in the connect part of the ACL. If the connect part of the ACL matches, access is granted, regardless of the destination address/mask. [CSCdi08818]
The DECnet fast-switching code will not process an extended ACL if no standard ACL is present. To be consistent with the slow-switched case, the check for the presence of a standard ACL should be removed so that a list consisting of only extended ACEs will be processed. [CSCdi08875]
The DECnet fast-switching code will not process an extended ACL if no standard ACL is present. To be consistent with the slow-switched case, the check for the presence of a standard ACL should be removed so that a list consisting of only extended ACEs will be processed.

DECnet fast-switching on a Cisco 7000 works fine on Ethernet when the encapsulation is ARPA. It does not seem to work for ISO1/SNAP encapsulations. A (crude) workaround to the ISO1/SNAP Ethernet encapsulation switching problem is to enable the default encapsulation (ARPA), set your switching mode, and enable the desired encapsulation (ISO1 or SNAP). Fast switching is supported only for ARPA encapsulation (for Ethernet). The problem is that the code does not change the DECnet fast-switch flag to FALSE when the encapsulation flag is changed to anything other than ARPA. Likewise, the code does not set the flag to TRUE when the encapsulation is changed back to ARPA (and DECnet fast-switching is turned on). [CSCdi08879]

EXEC and Configuration Parser

The debug ? command does not show serial options if only serial interface type is HSSI. [CSCdi07674]
When an auxiliary port is set for dedicated slip mode, the clear line 1 command will take the auxiliary port out of SLIP mode. Typing slip at the EXEC prompt when connected to the auxiliary port, the auxiliary port will return SLIP mode. [CSCdi07908]
The lapb hold-queue interface subcommand is not properly stored in the router's configuration memory. [CSCdi08957]

IBM Connectivity

When routing IP in conjunction with bridging, HP Probe packets will be bridged rather than received by the router. Cisco Systems expects to resolve this problem in a future release. [CSCdi07039]
Initializing Token Ring causes existing LNM links to be dropped. There is no further information available concerning this problem. [CSCdi07235]
The order of deletion of STUN interface commands is significant when the SDLC connections are locally terminated. While order is significant when defining the configuration commands, there should not be any order imposed upon the operator when deleting commands. There is a very easy workaround for this problem. If you see the error message "An DLC address command must be given before local-ack can be used" when trying to deconfigure SDLC local acknowledgment for a given address (for example: C1), simply issue the following command sequence:

sdlc address C1 no stun route address C1 tcp 150.136.134.86 local-ack no sdlc address C1

If the stun route command is deleted first, followed by the sdlc address command, then everything is deleted accordingly. [CSCdi07340]
When issueing a query to the system using Lan Network Manager Version 1.0 the router may produce error messages on the console. The message %SYS-2-LINKED may be produced on the console but does not appear to effect operation. [CSCdi07597]
After configuring the routers for STUN with Local-ack, the lines stun sdlc-role primary and stun sdlc-role secondary could not be removed from the routers config files.

The command no stun sdlc-role primary and the command no stun sdlc-role secondary will not remove the lines as they should. The command encap hdlc will remove these commands but when the encapsulation is returned to stun, the lines will reappear. [CSCdi07915]
When the router is configured with the netbios enable-name-cache command it does not modify the Largest Frame (LF) field within the Routing Control field of all-routes and spanning tree explorer frames. Stations communicating across a source-routed network connected by routers experiencing this condition may not be able to establish a connection. Because stations do not see the LF reduced, they may transmit a frame larger than the maximum size, which is capable of successfully crossing a router. The router will drop the large frame and the connection will not be established. The proper behavior is for the LF field of all-routes and spanning tree explorer frames to be reduced to indicate the maximum frame size capable of being transferred across the bridge. The maximum frame size is the minimum of the frames sizes supported by the input interface, the transit media, and the output interface. A workaround is to disable the NetBIOS name caching feature with the no netbios enable-name-cache command. The router will properly process and reduce the LF field with name caching disabled. The behavior is present in all versions of the router supporting NetBIOS name caching. Cisco Systems will resolve this problem in an upcoming maintenance release of 9.1. [CSCdi08170]
When reconfiguring the priority on an interface used for transparent bridging, we delay reconfiguring the port until we receive the following BPDU message. This can cause a significant delay in the convergence of the spanning tree. This caveat is present in all previous releases. The port is now reconfigured as soon as the configuration command is executed. [CSCdi08296]
When trying to link to more than one bridge at a time (on a router with more than one bridge) LNM would fail on the second link attempt with the nessage:

Bridge failed to link RC = 00n

This behavior has been corrected. [CSCdi08864]
RR contains wrong address in SDLC multidrop environment.

This problem is observed in a SDLLC setup with multiple SDLC secondary stations. A secondary station may get a series of I-Frames with the correct address and then a RR with some other station's address.

Although not observered in STUN multidrop, the problem can occur in STUN as well. [CSCdi08976]
With LU Prioritization, COS, or SDLC Address Prioritization enabled, frames that should be processed in the HIGH priority queue are being processed in the medium priority queue. [CSCdi09109]

Interfaces and Bridging

Output drops double counted when output holdq is full. There is no further information available concerning this problem. [CSCdi07195]
Under unknown circumstances, IP routing has a memory leak and will slowly use up all available memory on the router. Under unknown circumstances, IP routing has a memory leak and will slowly use up all available memory on the router. [CSCdi07288]
The debug broadcast command does not work on FDDI broadcast packets unless the hidden debug fddi-event command is enabled. [CSCdi08137]
The Ethernet driver on the Cisco 4000 platform currently fails to record some error occurrences reported by the controller hardware. The errors affected by this problem are Babble, Miss, Memory Error and Spurious Initialization Done. None of these errors will be counted and, as a consequence, will appear always as zero in driver status commands. There is no workaround for this problem. [CSCdi08371]
Entering the diagnostic command test leds will cause the Cisco 4000 platform to reboot immediately. There is no exception error created and the router will reload and restart as if the command reload had been typed at the command prompt. There is no workaround for this problem. [CSCdi08380]
Bringing up a Token Ring interface on the low-end platforms is an asynchronous process. We start the interface, and check on its state after a while. When configuring an interface as administratively down, the next time we check to see where we are in bringing up the interface, we forget all about the administrative down state. The symptom is a Token Ring interface that cannot be administratively shut down when connected to a ring it cannot insert into. A simple workaround would be to configure the interface as down, write the file to NVRAM, and reload the box. [CSCdi08421]
Bridging for the IGS, Cisco 2000, Cisco 3000, and Cisco 4000 systems will fill up the input queue for Ethernet or Token Ring interfaces. This will happen over an extended period of time. The only current workaround is to reload the box. [CSCdi08505]
When a communication server line is configured for modem control and with a session time-out, the session time-out will not be honored if the line is running in SLIP mode. [CSCdi08562]
On the IGS, Cisco 3000, and Cisco 4000 serial network interfaces, we check the status of DCD before we assert DTR. This means that loopback interfaces that connect our output DTR signal to our input DCD signal will not work, because DCD will never be asserted. We should assert DTR before checking for DCD. [CSCdi08612]
Transparent bridging between Token Ring to Token Ring is broken for xx. Basically, the checksum for the packet is incorrect. There is no workaround. [CSCdi08655]
If a Cisco 4000 router has a dual serial NIM installed that only has one of its ports up (and neither of them being in the shutdown state), spurious interface resets may occur on the port that is up. Ports not in use should always be configured administratively down using the configuration interface command . [CSCdi08709]
If an unnumbered interface is shut down, it is periodically removed from the IP routing table. This causes unnecessary routing table activity and can introduce other detrimental side effects. [CSCdi08715]
BGP does not allow negative weights to be specified; this prevents one from defining a neighbor or set of networks less preferable than the default, rather than defining everything else as more preferable.

EBGP peers are incorrectly allowed to be on other than attached networks. If you really want EBGP peers to be more than one hop away, then use the new command neighbor addr ebgp-multihop to override this limitation.

If BGP metrics are the same, and path lengths are the same, the IGP metric should for the BGP neighbor is not (and should be) used to break ties.

BGP reads data from TCP in an inefficient way. BGP does not allow negative weights to be specified. This behavior prevents one from defining a neighbor or set of networks less preferable than the default, rather than defining everything else as more preferable. EBGP peers are incorrectly allowed to be on other than attached networks. If you really want EBGP peers to be more than one hop away, then use the new command neighbor addr ebgp-multihop to override this limitation. If BGP metrics are the same, and path lengths are the same, the IGP metric should for the BGP neighbor is not (and should be) used to break ties. BGP reads data from TCP in an inefficient way. [CSCdi08758]
If a neighbor command is used with IGRP, RIP, or Hello, and the neighbor is not in the major net as the primary address of the outbound interface, the routing update will be sent with an incorrect source address. This can result in incorrect routing at the neighbor. [CSCdi08770]
The clear counter [type unit] command always clears the counters regardless of the user's response to confirmation. [CSCdi08774]
Frame Relay and X.25 bridging is broken on the low-end systems. It will not pass packets if the input interface is an Ethernet or serial interface. There is no workaround. [CSCdi08779]
The RIF structures are now initialized before use. It is possible that a previous use of a RIF structure had entries that could affect operations when the RIF entry is reused a second time for a different purpose. This has caused problems of pings being unsuccessful, unable to reach SRB hosts, and so on. Initializing an entry will clear out all previous usage and start afresh. [CSCdi08790]
Novell SNAP 8137 and Novell ISO1 E0E0 on both TR and FDDI are currently classified as the same type. Incoming FDDI SNAP 8137 packets will not be fast switched. [CSCdi08820]
MCI/SCI will become unusable when the MTU is 4K or above because there is only one buffer for the receive side. We recommend that MTU should be less than 4.5K. [CSCdi08842]
Novell has introduced a new encapsulation for Ethernet media that is not currently supported. This is referred to by Novell as 802.2 encapsulation. [CSCdi08849]
The Chaos, PUP, and Hello routing protocols do not properly expire old routing entries, leading to a memory leak, race conditions, crashes, and incorrect routing decisions. [CSCdi08881]
Router should damp BGP fluctuations by not actively attempting connections during the first minute after reboot. The router should suppress BGP fluctuations by not actively attempting connections during the first minute after reboot. [CSCdi08891]
Configuring source-bridge spanning on and off with the source-bridge spanning and no source-bridge spanning commands creates a deaf Token Ring interface on the low end platforms. This should not happen too often since this option does not change very often. The workaround is to restart the interface with a clear int t 0 or configuring it off then on. [CSCdi08946]
Entry for the token mac addr in the bridging forwarding database table was put in the incorrect bit swapped order. There is no workaround. [CSCdi08980]
When using a protocol translator or communication server without IP routing enabled, ARPs for IP aliases or addresses associated with translate commands may not be answered correctly. As a workaround, turn on IP routing to restore the expected behavior. [CSCdi08981]
When an IP packet with options is received on a serial interface with fast-switching enabled, the system sometimes neglects to decrement the TTL of the packet before it is forwarded or received locally. This is most noticeable when a "traceroute" program is being used with source-routing options. The hop where the system with this problem should appear contains information on the successor hop. [CSCdi08989]
The mac-address address command does not work on serial interfaces, even though a serial interface may want to use this, for example, when a communication server is originating LAT packets on the serial link. [CSCdi09015]
MAC_index in SIF response should be 3 instead of 1. [CSCdi09017]
There is a messaging scheme whereby the Token Ring interface board can send status information to the system. There was no protection against a runaway board dominating the system with interrupts. The fix is to watch for excessive amounts of interrupts over a short period and reset the board if necessary. [CSCdi09022]
Certain routed packets could get leaked and bridged. The current workaround is to set up an output type filter to stop this leak. [CSCdi09067]
When a system is attempting to TFTP boot, it may not know a route to the TFTP server. If the system has multiple interfaces by which it might contact the TFTP server, it can fail to continue to use the interface on which the TFTP transfer was just established. The result is that the TFTP boot attempt fails. The system should remember by means of its ARP table the interface to use to reach the TFTP server. Configuring the system's NVRAM so that it can only reach the server by one interface at boot time avoids this problem. [CSCdi09068]
When TCP sessions go across a serial line that has TCP header compression enabled, those sessions may fail. This failure occurs if IP packets are fast switched from the serial interface that has the TCP header compression active to any other interface. Users may work around this problem by disabling IP fast switching in systems that have the TCP header compression active. This disabling need be done only for interfaces other than the serial interface doing TCP header compression. This is because TCP header compression automatically disables fast switching of IP packets on the serial interface. The configuration interface subcommand no ip route-cache can be used to disable IP fast switching on an interface. [CSCdi09069]
A Cisco router sends VINES routing updates as spanning tree explorers whereas a VINES server sends routing updates as all-routes explorers. The Cisco implementation provides lower explorer impact upon the network, whereas the Banyan implementation finds the shortest path between any two nodes. The fix for this behavior allows choosing between spanning tree explorers and all-routes explorers on a per protocol basis. This is done via an extension to the multiring command. The new command syntax is [no] multiring {protocol | all} [all-routes | spanning]. The trailing all-routes and spanning keywords specify the explorer type to be used. The default is to use spanning tree explorers. [CSCdi09091]
There was a condition whereby the Token Ring chipset would become the Ring Parameter Server but the LAN Network Manager could not discover this fact and so would not respond to requests by other stations to insert onto the ring. [CSCdi09108]

IP Routing Protocols

Whenever inconsistent metrics are assigned to a router interface, it is possible to run into this bug. The result of this bug is that the route entries in the IP routing table will sometimes drop the interface or will have a wrong interface. The workaround is to have consistent metrics in the network. [CSCdi08297]
The system disallows multiple interfaces to be configured with IP addresses on the same subnet. Such IP address overlap should be allowed when it occurs between an interface and its backup, as designated by the backup interface interface subcommand. [CSCdi08318]
When a route boots from ROM, it ignores OSPF configuration in NVRAM. After booting, enter the command config mem. [CSCdi08409]
If a summary LSA is regenerated within 5 seconds, the flooding of the LSA may not happen resulting in inconsistent database. The fix will be available in a future release. [CSCdi08463]
When there are subnet routes in the IP routing table for a major network and if there is a route for that major network from EGP, the EGP route will not be aged. This will result in keeping invalid route entries from EGP. There is no workaround. [CSCdi08512]
Whenever you have a major network route from EGP followed by subnets From OSPF, all the OSPF subnets and EGP routes will be deleted after 180 seconds. There is no workaround. [CSCdi08513]
The system can refuse to allow the user to remove static ARP entries that were specified by the user, with the error message "Can't unset interface address." The system is wrongly confusing the user supplied ARP entry with the system generated ARP entries for its local network interfaces. The correct behavior is to allow the user to remove any ARP entries they added to the ARP table. This can happen when the user explicitly specifies an ARP entry for the local IP address of an interface on which ARP is not running. [CSCdi08523]
The system reloads when handling fragmented IP packets larger than 32767 bytes in length. The software was treating the offset in a fragmented packet as a signed quantity that becomes negative when the offset exceeds the value 32767. This is not likely to be seen by systems unless the buffers huge size n is used to increase the allowable size of fragmented IP packets. Without this change, the system starts dropping the fragments well before the offset becomes negative. The system reloads can be avoided by changing the internal representation of IP fragment offsets. [CSCdi08592]
When a link is flapping continuously, it is possible to run SPF calculations after each topology change, resulting in locking the router. There is no workaround. This will be fixed in a future release. [CSCdi08600]
The system does not properly process RARP response packets received where these packets are responses for requests not initiated by the system. The system allows such packets to remain in the input queue, resulting in two user visible problems. First, the network interface input queue can fill up with RARP response packets, causing all subsequent packets destined for the system to be dropped. Second, the system fails to bridge these RARP response packets. The correct behavior is to bridge such packets in the case where the system is configured to bridge RARP packets; otherwise, it should ignore these packets. [CSCdi08651]
The distribute-list command sometimes makes access list changes even when a parsing error is detected and an error message is printed. The software continues processing this command even though an error has been detected. Because of this aspect of the implementation, the system will treat a distribute-list command that specifies a nonexistent interface as if no interface has been specified, thus unexpectedly applying the access list to all interfaces. If the user receives parser errors in response to their distribute-list configuration commands, it is recommended that they verify that the system has not wrongly interpreted their commands by examining the distribute-list commands reported by write terminal. [CSCdi08668]
When configuring the metric to use for route redistribution, the system can confuse metrics specified via the default-metric configuration command with those specified via the redistribute metric subcommand. The system should keep the configured values of these metrics separate and use the metric specified via the redistribute configuration command in preference to the metric specified via the default-metric configuration command. Additionally, the system refuses to accept the no form of the configuration command redistribute protocol metric, where the metric value argument is included. [CSCdi08695]
If an interface is configured with the ip unnumbered and no ip split-horizon commands, no routing updates will be received on that interface. [CSCdi08717]
During a designated router election process, a router that used to be a designated router but just lost the election fails to choose itself as backup designated router when it should. The correct behavior is to choose a router with the highest router priority among the rest, excluding the router that declared itself as designated router. [CSCdi08732]
OSPF generates a Seq Number Mismatch event after receiving a duplicate database description packet after it moved into state Full and it was a slave during database synchronization. The correct behavior is to simply discard it, up until Dead Interval time since transition into state Full. After that period, it will generate a Seq Number Mismatch event. [CSCdi08829]
When configuring a router with the redistribute static metric-type 1 router subcommand for OSPF router, the metric-type 1 argument is correctly set for redistributed routes but it is not recorded in configuration file as indicated by write terminal command. This can cause the router to use the default metric-type of 2 if the incorrect configuration file is written to either file or memory, then reloaded back to the router. [CSCdi08870]
The system reloads after loading configuration file with the distribute-list access-list-number out router subcommand for an OSPF router. This only happen when loading configuration file from TFTP server. Configuring From the console will not cause a reload. [CSCdi08956]
If a BGP router learns a route via IBGP and it has an EBGP neighbor as the next hop, and it then advertises the same route to the EBGP neighbor, the resulting next hop will be the EBGP neighbor itself. This will cause the BGP session to disconnect. [CSCdi08963]
Packets being fast switched from an MCI serial line using SMDS encapsulation to an SBE Token Ring are placed onto the Token Ring with an incorrect length. The result is that these packets appear to be invalid and are ignored by the next hop. A system with the above configuration needs to have fast switching disabled in order for packets to be properly switched. [CSCdi08997]
An OSPF packet is sent with IP-TTL 1 on a virtual link. This can cause the packet to be discarded when it is crossing the transit area. The IP-TTL for packet to virtual link is now set to 255. [CSCdi09000]
There are some cases when OSPF processes an incoming summary link state advertisement, the system will reload. This problem occurs under heavy OSPF load conditions. [CSCdi09090]
This fixes a problem when fastswitching IP packets on the SBE TokenRing to/from Serial lines. Now all forms of encapsulations on Serial lines can be fastswitched to/from the SBE TR, HDLC, Frame-Relay(non-IETF) & SMDS. This fixes a problem when fast switching IP packets on the SBE Token Ring to/from serial lines. Now all forms of encapsulations on serial lines can be fast switched to/from the SBE TR, HDLC, Frame Relay (non-IETF) and SMDS. [CSCdi09187]

ISO CLNS

CLNS static routes will not be written to NVRAM when a routing protocol has learned the same route and has better administrative distance. The correct behavior is for static routes to be written to NVRAM. [CSCdi05767]
The no clns enable command does not check to see whether or not a dynamic protocol is active on an interface before disabling CLNS on the interface. [CSCdi07413]
The MTU of CLNS is always set to be three less than the IP MTU on the same interface. This works for Ethernet/802.3, but is incorrect for other media. This bug could cause CLNS to attempt to generate fragments larger than can be reasonably sent on an interface, resulting in packet loss, although this is unlikely to happen in practice. [CSCdi07875]
If the isis metric value interface subcommand is entered and the IS-IS process is not created (no previous router isis command), the system may crash. [CSCdi08434]
If a Cisco router is an IS-IS designated router on a multiaccess network, it will transmit LSP entries in CSNP packets with a negative lifetime. This is only a problem if a receiver uses the lifetime information, and Cisco routers do not. This was found while doing interoperability testing with IBM's IS-IS implementation. [CSCdi08435]
The encapsulation type for CLNS is sometimes displayed incorrectly when a show clns interface command is entered. This is a cosmetic defect only. [CSCdi08467]
CLNS fast switching does not properly fragment packets. Packets received on FDDI that are larger than 1497 octets will not be forwarded properly over serial and 802.3 interfaces. This is not typically a problem, since CLNS packets are seldom this large. The workaround is to disable CLNS fast switching on the FDDI interface with the no clns route-cache command. [CSCdi08494]
If the CLNS trace facility is used to trace a path that goes through another Cisco router on the same LAN, the second of the three trace packets may not work. This has no operational impact, other than causing a 3-second delay in the execution of the trace. [CSCdi08653]
CLNP packets received by a router with a lifetime field of zero will be forwarded (with a lifetime of 255) if slow-switched. This has no operational impact whatsoever unless a host is emitting packets with a lifetime of zero. [CSCdi08654]
This problem only occurs when you run an ISO-IGRP routing process where you enable Level 2 only routing for all interfaces for the processes routing domain. For example:

router iso-igrp 39 net 39.0001.0000.0c00.ffff.00 int e 0 clns router iso-igrp 39 level 2 int e 1 clns router iso-igrp 39 level 2

ISO-IGRP routes are created, ISO-IGRP adjacencies are not. Routes may not go away. [CSCdi08745]
If you enter the command no router iso-igrp 39 all prefix routes created by this process will not be removed from the CLNS prefix routing table. A workaround is to do a clear clns routes. Also, if you enter router iso-igrp 39 and distance 90. Prefix routes that are created by this process are not assigned a distance of 90. A workaround is to enter the clear clns routes command. The next updates received will build routes with a distance of 90. [CSCdi08755]
If there are multiple options present in an IS-IS hello packet, there are cases that the area address is not extracted and stored in the adjacency database. This occurs when the router on the other end of a serial link advertises both an IP address and an area address. This does not occur between two Cisco routers, since integrated IS-IS is not supported until a later release. [CSCdi09048]
When using IS-IS as the OSI routing protocol, any static routes that are configured are not entered into the Level 1 IS-IS routing table. As a result, route table lookups on the static address fail. The IS-IS code will add a route to the routing table if the route is IS-IS or ES-IS derived; it should also add the route if the route is a static one. [CSCdi09053]

LAT

When a passthrough connection is made to another LAT system over an existing LAT connection, the break key does not return the terminal server to the correct mode. [CSCdi07815]
Under certain conditions, the LAT disconnect sequence may cause the Communication server to reload. [CSCdi08636]
Run from ROM software (igs-kr or igs-bprx) may not properly advertise LAT services defined in the communication server or protocol translator. [CSCdi08837]
Using the protocol translator, LAT to TCP translation sessions may cause TCP checksum errors. [CSCdi09097]

Local Services

If enable use-tacacs is configured on either a commication server or protocol translator without defining a tacacs-server host, then any username/password combination will allow any user to enable. [CSCdi08070]
If a router or comm server is configured with a username having an encryped password of invalid format, it is possible that the unit will reload when someone tries to log in using that username. The only way to get an encrypted password is for the cisco unit to create it; users should not enter: username myname password 7 mypassword Since "mypassword" is not a valid format for a type 7 encrypted password. [CSCdi08805]
The TR and the SRB mibs were in the experimental space when the code was being developed for Release 9.1. The Standards Committee has now moved both the TR and the SRB mibs to the standard space. This fix moves them from the experimental to the standard space. [CSCdi08815]

Novell IPX, XNS, and Apollo Domain

The ping command will display incorrect round-trip times for 32-, 33-, or 34-byte Novell IPX or XNS packets. Use larger sizes when sending IPX or XNS echoes from the router to obtain more accurate round-trip times. [CSCdi07529]
On media other than 802.x, the show xns int command will display the wrong encapsulation type if the default encapsulation has been changed. For example, on an SMDS interface show xns int will display "XNS encapsulation is HDLC." We should only display XNS encapsulation types for 802.x media. [CSCdi07929]
When a Cisco unit has a large number of the same type of interfaces, the show novell cache or show xns cache commands will display the interface limited to nine characters, which allows only Ethernet1 to be displayed when it is in fact Ethernet11. The initial 9.1 release changed this to ten characters, which corrects Ethernet names, but Token Ring will have a similar problem unless the length is eleven characters. [CSCdi08236]
Certain destination addresses will not be correctly placed into the FDDI fast switching cache for XNS or Novell. As such, certain addresses will always be slow switched. This problem will be fixed in a future release. [CSCdi08373]
When a Cisco router generates an XNS error response packet, it is sent out with a source address equal to the original source of the packet that caused the error response. The source address should be that of the router itself. [CSCdi08377]
When fast switching Novell Ethernet frames that have an 802.3 length less than the minimum Ethernet size, the 802.3 length field is incorrectly set to 60. Some Novell hosts will then count this as an error when they receive it. The frame that might often been seen with the error would be a NetWare "Create Service Connection Reply" packet coming from a server through a Cisco router to a client; if the client rejects this packet, then the connection attempt fails. Only some clients and some servers will see this problem, depending on the vendor and version of the Ethernet driver on the PC. When fast switching is off, we put the correct 802.3 length in the packet. This happens between any two MEC Ethernet ports in the same router or between any two Ethernet ports on the same MCI card. [CSCdi08547]
Certain Ethernet drivers (cards) used by workstations running Novell/IPX when using the Novell encapsulation type on an Ethernet of novell encapsulation novell-ether cannot have their packets fast switched. There are two workarounds to this problem. The first is to make the workstations use the encapsulation compatible with the novell encapsulation arpa for Ethernet interfaces. The second is to enable slow switching on the Ethernet interfaces. This compatibility issue will be addressed in an upcoming release of software.

The command novell gns-desponse-delay x has been made available. The delay x is the amount of time to delay when responding to Get Nearest Server SAP requests. The default value is 500, which is 0.5 second. [CSCdi08577]
XNS was treating all serial lines as HDLC encapsulation and attempted to fast switch packets to/from these lines. This is a problem for SMDS encapsulated lines. XNS fast switching was modified to force process-switching of all SMDS encapsulated serial lines. [CSCdi09121]

TCP/IP Host-Mode Services

In some netbooting configurations, a client may have multiple interfaces that it could use to traffic data back and forth to the server while it is netbooting. The first thing a client will do if the server is not on the same physical wire as one of its interfaces is broadcast a request for a proxy ARP to get to the server. This is asking a neighbor to help it traffic to the server. Once a neighbor responds, data will be forwarded to the server. In some cases, a second neighbor might step in and tell the client that it will act as the proxy ARP. When this happens, the client gets confused as his original path to the server has now changed. It is more common that two or more parallel IEEE media between the client and its only neighbor will also cause this to happen. This will most likely cause an error similar to the following:

Booting gs3-k.91 from 223.255.254.254: !O.OO.O.......... [timed out] [CSCdi07727]
The system normally disallows multiple interfaces to be configured with IP addresses on the same subnet. Such IP address overlap should be allowed during system startup. This is a problem when dynamic address configuration (such as via BootP or RARP) specifies IP addresses for the system interfaces that overlaps with the configuration specified later in the booting process by the configuration data. In this situation, the IP addresses specified by the configuration data are thrown out where they overlap with the IP addresses that were learned dynamically. This is not a problem for systems with valid configuration data contained in EPROM, as these systems will not attempt to learn the IP addresses for their interfaces dynamically from the net. [CSCdi08166]
When the IP address for a system interface is learned at system boot time via BootP, the address is assigned a default network mask, without regard for any subnet mask that might be intended for use on the attached network segment. Subsequently, interfaces attached to other subnets of the same network cannot be configured with the proper IP address and subnet mask due to the address overlap caused by the default netmask already configured. When the IP address for a system interface is learned via BootP, it should be assigned a host netmask, thus avoiding the above overlap problem. This is not a problem for systems with valid configuration data contained in EPROM, as these systems will not attempt to learn the IP addresses for their interfaces via BootP. [CSCdi08167]
The login-string configuration command is not correctly implemented for tn3270 connections. As currently implemented, it merely sends the ASCII text of the login-string to the host at the other end of the connection. This is fine for Telnet and Rlogin connections, but for tn3270 connections, the login-string must be passed through the tn3270 input path.

The problem will be fixed by passing the login-string through the tn3270 input path on tn3270 connections. Additionally, two special escape characters have been added, %t for tab, and %m for carriage return. In order to place a tab in a login-string, one will enter %t. Likewise, one will use %m at the end of the login-string to achieve a carriage return, as normal telnet processesing would send an undesirable line feed after the carriage return. The login-string configuration command is not correctly implemented for TN3270 connections. As currently implemented, it merely sends the ASCII text of the login-string to the host at the other end of the connection. This is fine for Telnet and Rlogin connections, but for TN3270 connections, the login-string must be passed through the TN3270 input path. The problem will be fixed by passing the login-string through the TN3270 input path on TN3270 connections. Additionally, two special escape characters have been added: %t for tab, and %m for carriage return. In order to place a tab in a login-string, one will enter %t. Likewise, one will use %m at the end of the login-string to achieve a carriage return, as normal Telnet processing would send an undesirable line feed after the carriage return. [CSCdi08438]

TN3270

Keymaps are not currently parsed correctly. Each keymap consists of the name of the keymap, the terminal types to which it applies, and the various mappings. When parsing the terminal types, only the first one is read correctly. The result is that the keymap will only be selected when the user's terminal type matches either the name of the keymap or the first terminal type in the keymap. This will be fixed by changing the software to correctly parse the terminal types in the keymap. [CSCdi05677]
When tn3270 has a buffer of data to send which is exactly the same size as the packet that it is sending it in, the packet is sent without the TCP PUSH flag set. Some host implementations will not act on the data unless the TCP PUSH is set. Connections to these hosts can pause for the session timeout period. This will be fixed by having all tn3270 packets sent with the push flag set. When TN3270 has a buffer of data to send that is exactly the same size as the packet that it is sending it in, the packet is sent without the TCP PUSH flag set. Some host implementations will not act on the data unless the TCP PUSH is set. Connections to these hosts can pause for the session timeout period. This will be fixed by having all TN3270 packets sent with the push flag set. [CSCdi08034]
Clear to end of line is currently done by writing spaces. This is very slow and can be painful on low-speed dialup lines.

It will be fixed by using two attributes in the ttycap, ms: and cx:. If both attributes are in the terminal's ttycap cisco's tn3270 implentation will use the clear to end of line command rather than sending spaces to the terminal. This will be the default behavior. Note that this may not be appropriate when a terminal is in underline mode. Removing the cx: attribute from the termcap will cause cisco's tn3270 to clear to the end of line by sending spaces. Clear to end of line is currently done by writing spaces. This is very slow and can be painful on low-speed dial-up lines. It will be fixed by using two attributes in the ttycap: ms: and cx:. If both attributes are in the terminal's ttycap, Cisco's TN3270 implementation will use the clear to end of line command rather than sending spaces to the terminal. This will be the default behavior. Note that this may not be appropriate when a terminal is in underline mode. Removing the cx: attribute from the termcap will cause Cisco's TN3270 to clear to the end of line by sending spaces. [CSCdi08449]

VINES

If a VINES SPP packet is addressed directly to a router, it will discard the packet twice producing a "Buffer in list" error message. This error is very unlikely, and is also harmless. [CSCdi08362]
The Cisco router now accepts and process VINES redirects from other servers. Prior to this fix, redirect messages were ignored. This patch also fixes some minor problems generating redirect messages. [CSCdi09088]

Wide-Area Networking

On the IGS platform only, transparent bridging over Frame Relay does not work.

CSCdi08495] [CSCdi05664]
If the dialer string or dialer map entries in a configuration are changed, the show dialer command displays incorrect values for the number of successful and failed calls. This is due to the new dialer string simply replacing the old dialer string, rather than starting a whole new entry with new statistics. [CSCdi05886]
There is a race condition where if a show dialer command is issued after the idle timer expires, but before the call is disconnected, the output may show a large negative number. Issuing the show dialer command again will show the correct value. [CSCdi06415]
The x25 pvc bridge number interface command is not properly stored in the router's configuration memory. [CSCdi06683]
The clear counters [interface] command does not clear LAPB or X.25 counters. [CSCdi06880]
When bridging over a frame relay ntwork that supports a multicast facility, the router learns the multicast DLCI as the source rather than the DLCI of the sending router. This causes all bridged packets to be sent on the multicast channel rather than being sent directly to the destination DLCI. This does not impact operation when using the frame relay map bridge command.

When bridging over a frame relay ntwork that supports a multicast facility, the router learns the multicast DLCI as the source rather than the DLCI of the sending router. This causes all bridged packets to be sent on the multicast channel rather than being sent directly to the destination DLCI. This does not impact operation when using the frame relay map bridge command. [CSCdi08280]
The change made for CSCdi08408 had the side effect of clearing dynamically learned frame relay maps every 10 seconds. This behavior is seen when the frame relay network supports a multicast network and dynamic address resolution is being used. In addition, the status display from the show frame-relay map command indicates all DLCIs are "added" rather than "defined" as expected. [CSCdi08482]
Still waiting to reproduce. Maybe related to similar behavior (CSCdi08508). [CSCdi08495]
When PPP keepalives declare a link down, they will never declare a link back up unless a carrier transition occurs. This problem first appeared in release 9.1(1) when PPP echo requests were started to be used as keepalives. To work around this problem, either disable keepalives on the PPP interface using the no keepalive command, or if the link is declared down, shut down the interface and then take it out of shutdown. [CSCdi08499]
When the BRI initially comes up, the link state change message does not contain the interface name. This is a cosmetic change and does not affect normal operation. [CSCdi08535]
The ISDN software for the 3103 does not correctly deal with timer T304, which is used for XID time-outs. [CSCdi08536]
The previous releases of 9.1 didn't allow fastswitching of SMDS packets to/from TokenRing. This was considered to be a serious limitation at the time but has turned out different.

It was discovered that a configuration that supported both a TokenRing and SMDS was required to have all fastswitching to be disabled. This was necessary for proper operation of the SMDS interface. Packets would otherwise be lost/corrupted.

This problem is resolved by providing support for fastswitching of SMDS packets to/from TokenRing. With this change, all normal fastswitching devices can again be enabled with an SMDS interface. In addition, higher performance is achieved by also fastswitching SMDS packets to/from TokenRing as with other highspeed LANs. The previous releases of 9.1 did not allow fast switching of SMDS packets to/from Token Ring. This was considered to be a serious limitation at the time but has turned out different. It was discovered that a configuration that supported both a Token Ring and SMDS was required to have all fast switching to be disabled. This was necessary for proper operation of the SMDS interface. Packets would otherwise be lost or corrupted. This problem is resolved by providing support for fast switching of SMDS packets to/from Token Ring. With this change, all normal fast switching devices can again be enabled with an SMDS interface. In addition, higher performance is achieved by also fast switching SMDS packets to/from Token Ring as with other high-speed LANs. [CSCdi08589]
For the European SMDS(CBDS) a country code value, other than 1, is required. A value of 1 specifies a North American address. The French, Germans, etc... have different values. This country code is placed in all SMDS E.164 addresses in the second highest nibble. 1100 nnnn for a Unicast SMDS address and 1110 nnnn for a Multicast SMDS address.

Where 'nnnn' can now be any value. C120.1580.4721 Specifies a North American SMDS address c020.1580.4721 May specify a European address of the same no. For the European SMDS (CBDS), a country code value other than 1 is required. A value of 1 specifies a North American address. The French, Germans, and so forth have different values. This country code is placed in all SMDS E.164 addresses in the second highest nibble. 1100 nnnn for a unicast SMDS address and 1110 nnnn for a multicast SMDS address, where nnnn can now be any value. C120.1580.4721 specifies a North American SMDS address. C020.1580.4721 may specify a European address of the same number. [CSCdi08590]
Regarding the x25 map ip ipaddr broadcast command, all x25 map commands must accept an X.121 address for association with each protocol address mapped to. Rather than having the broadcast keyword taken as an X.121 address incorrectly, the configuration will now contain an X.121 address before the broadcast keyword is specified. [CSCdi08630]
The 3103 router does not support the 1TR6 German ISDN Basic Rate Interface. It must pass the necessary homologation tests in Germany before it can be used with these switch types. [CSCdi08786]
The show frame-relay mapdisplays all the mappings even though the serial line is shut or the encapsulation is changed. Write term does get rid of the configuration statments from the frame-relay map when encapsultion is changed. [CSCdi08792]
When using CHAP on an ISDN link, the router fails to recognize that it is connected to the other router, even though CHAP succeeds. [CSCdi08912]
On an ISDN router, DDR may not place calls when there is not a dialer string or map defined because the B channel is not released, causing the router to think that all the B channels are in use. [CSCdi08978]
An ISDN router configured for a 5ESS switch may fail to place a call because it does not get a Terminal Endpoint Identifier (TEI) from the switch. [CSCdi08999]
When a serial interface is configured for HDLC and it detects a loopback, it will set the loopback flag. If the encapsulation of this interface is then changed to PPP, the loopback flag stays set, and the show interface always displays that the interface is looped. [CSCdi09023]
When a configure request is recieved for a supported PPP protocol, that is not configured, the system sends a TERMACK because we are in a closed state. The system should send a protocol reject when the protocol is not configured on the interface. [CSCdi09024]
RFC1294 header format is not followed properly in frame relay encapsulation. [CSCdi09026]
The system should not allow the user to configure lapb holdq n command for X.25 encapsulation. The default command is lapb holdq 0. Users changing this default value will see performance problems over X.25 links. [CSCdi09064]
On PPP systems, PPP negotiation is broken over rotary groups and BRI. [CSCdi09098]

9.1(1) Caveats/9.1(2) Modifications

This section describes possibly unexpected behavior by Release 9.1(1). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(1). For additional caveats applicable to Release 9.1(1), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in release 9.1(2).

AppleTalk

During setup, the default setting for the AppleTalk ending cable range does not match the ending cable range from a previous setup or configure. This prevents you from using setup to alter the configuration whilst preserving other settings. [CSCdi06645]
AppleTalk implementations on some other vendor's equipment can generate incorrectly addressed packets that could cause Cisco routers to retransmit the packet out the same interface from which it was received. This unexpected behavior can only occur on wide extended-cable configurations (those interfaces that are configured with a cable-range that does not have the same starting and ending network number.) [CSCdi07345]
No user impact.

When the router loses connectivity with a neighbor, the output of SHOW APPLE NEIGHBOR reports that the neighbor is overdue instead of down. It should only report that the neighbor is overdue after the update interval but still within the valid interval. [CSCdi07752]
An error has been found in the AppleTalk fastswitching functionality which results in invalid AppleTalk packets being generated in the case of a packet being received on a cBus FDDI interface running extended AppleTalk and being destined for a non-extended Ethernet MEC interface.

This error can be worked around by disabling the AppleTalk route cache on either the MEC Ethernet interface or the FDDI interface. [CSCdi08211]

Basic System Services

Cisco 500-CS should enabled all capabilities like other 9.1 software There is no further information available concerning this problem. [CSCdi05930]
get_pak_size missing support for huge buffers There is no further information available concerning this problem. [CSCdi07091]
On the 8.3, 9.0, and 9.1 releases, the Ethernet and serial interfaces on the IGS use larger buffers than is required if a Token Ring is configured in the system. This wastes shared (buffer) memory. On the 9.1 release, the Cisco 4000 also uses larger buffers than is required if a Token Ring Network Interface Module (NIM) is configured in the system. [CSCdi07369]
If a router gets its nvram erased or corrupted, and a reload occurs, an admininstrator must be present to reconfigure the box. Instead, it would be good to turn on service-config automatically in such a circumstance so that the box can restart on its own. [CSCdi07521]
show process memory can be inaccurate due to incorrect accounting of deallocated memory. [CSCdi07586]
OSPF may stop working after 49 days. The work around is to deconfigure, then reconfigure, OSPF. [CSCdi07671]
booting problems for 500-CS, realize NULL case There is no further information available concerning this problem. [CSCdi07763]
Configuring a location string longer than 69 characters can cause the system to reload. After configuring, the system prints out a message saying that the system was configured from and gives the location. If the location is greater than 69 characters in length, it can cause a system reload. The correct behavior would be to truncate the location string and will be implemented in a future release. [CSCdi07834]
If we add a new interface board, the router will turn on service config. Also, if rarp or bootp resolves our config while setup is running, setup gives no warning before exiting automatically. [CSCdi08069]
Output of "show process" outputs octal numbers, even if service decimal-tty is set (the default on the protocol translator and 500-CS). [CSCdi08240]

Communication Server

Some older RS-232 devices do not respond to the 500-CS short break. [CSCdi07299]

DECnet

When a router is configured to perform DECnet conversion and IS-IS is the routing protocol enabled, OSI adjacencies created by DECnet IV are not inserted in IS-IS LSPs. This causes loss of connectivity of Phase IV end-systems through IS-IS clouds. [CSCdi07850]
DECnet Phase IV end-systems do not get propogated through an IS-IS routing domain. [CSCdi07938]
A packet going from one DECnet host to another on the same LAN should not be subject to access control checks. Making these packets go through the access control check serves no useful purpose since end systems can easily discover that they are on the same LAN and bypass the router altogether. This makes any access control set-up useless for such packets. Also, the result of this is that two end systems on the same LAN cannot talk to each other if they end up using the router to "discover" each other for the first time. [CSCdi08121]
Prior to 9.1(1.5) and 9.17(0.7), DECnet will fail. This is 9.1 and 9.17 only. [CSCdi08515]

EXEC and Configuration Parser

If for some reason an interface already has the clockrate command in it with a DCE interface, and someone changes the box physically to be DTE, you cannot remove the now useless clockrate command. [CSCdi07697]
When the system is configured for ANSI Annex D LMI on a frame relay interface and the user writes the configuration to non-volative memory, the system generates an unneeded command defining the LMI DLCI. When the nonvolatile memory is read, the system complains about the unneeded command. There is no impact on system operation. [CSCdi07735]

IBM Connectivity

Router issues a %SYS-2-INTSCHED message and traceback when operating with debug rif enabled. The behavior has been present in all versions of the code supporting process-level bridging.

After the command has been issued, the router may begin to display the message. The length of time depends upon how much traffic is presented to the router. Higher levels of traffic cause the problem to appear sooner. Once the condition has been triggered, the router continually sends error message and traceback information.

The impact is a potential performance for process level activities. The workaround is to not use the debug rif command. The behavior has been present in all versions of the router supporting rif caching. [CSCdi06634]
The show sdllc should be removed from show ? display. There is no further information available concerning this problem. [CSCdi07287]
If the ring-group parameter for the sdllc traddr configuration command is configured before defining the ring-group (by issuing the source-bridge ring-group configuration command) it could cause the router to crash.

Now, the sdllc traddr command will not be accepted, if the ring-group parameter specified is not already defined by the source-bridge ring-group command. [CSCdi07317]
The show interface command does not display the NetBIOS name caching status for Token Ring interfaces on the Cisco 3000 and Cisco 4000 platforms. To determine if NetBIOS name caching is enabled for an interface, use the write terminal command and examine the configuration. Interfaces enabled for NetBIOS name caching will display a command line stating netbios enable-name-cache. [CSCdi07394]
IBM OS/2 2.0 generates an incorrect response to received SABME frames with the Poll bit set to zero. OS/2 responds with a UA frame with the Poll bit set to one. The LLC2 standard requires that an outstanding SABME be acknowledged by a UA frame which has its Final bit set to the state of the Poll bit of the SABME, therefore, the LLC2 component in the Cisco router ignores the acknowledgment and the connection is never made. Therefore, attempts to link to the LAN Network Manager component of the Cisco router with LAN Manager or LAN Network Manager running under OS/2 2.0 will fail, and it will be impossible to manage or monitor the IBM features of the router from an OS/2 2.0-based management platform, Two workarounds exist. The first is to manage the router with management software running under older versions of OS/2 2.0, or to manage the router with NetCentral or some other management agent other than OS/2 2.0, that does not exhibit this bug in LLC2 behavior. In a future release, the Cisco router will send a SABME with Poll bit set to one when requesting a connection to IBM Network Management SAPs so the response, which has the Final bit set in any case, will be acknowledged, and the bug in OS/2 2.0 will be avoided. [CSCdi07429]
The Cisco 3000 and IGS platforms may display the message "Cannot pass serial packet to SDLC! Insufficient internal buffer..." when configured for SDLC local termination. Serial Tunnel (STUN) operating in passthrough mode does not experience the problem. For remote SNA device support, the IGS or Cisco 3000 would be configured as a primary SDLC device. If local termination of the SDLC connections is also desired, it is possible to adjust the poll timer to be a larger value and therefore reduce the number of SDLC-induced interrupts in the router. This is done with configuring a large value for the sdlc poll-pause-timer command, such as 500 or 1000. For local SNA device support (for example, if the IGS or Cisco 3000 is attached to a FEP), it would be necessary to adjust the poll interval on the NCP gen to slow it down enough for the IGS to catch its breath. [CSCdi07580]
When a source-route bridge uses a locally administered MAC address, LAN Manager 1.3 and LAN Network Manager 1.0 require that bridge to respond to a TEST frame with a RIF field even when both the bridge and the LAN Manager station are on the same ring. Cisco routers do not respond in this manner. As such, the LAN manager station closes its adaptor when attempting to link to a Cisco source-route bridge. Users can use the universally administered MAC addresses on the Cisco routers to work around this problem. [CSCdi07598]
llc2 operation parameters always use the default value for the rsrb virtual interface. They can not be changed. [CSCdi07600]
When a secondary SDLC station attached to a Cisco router running SDLC Local Acknowledgment issues a RD to request the session to be disconnected, the request is lost at the primary-side Cisco router and never gets to the primary end of the STUN connection. Eventually, the secondary SDLC station will give up sending RDs and will drop the link, which then causes the STUN connection to be closed. This problem does not have a serious adverse effect on functionality. At worst, it will be observed to take just a few seconds longer for the STUN connection to be closed when the secondary station requests a disconnect. This problem will be resolved in a future release. [CSCdi07692]
There is an internal memory leak problem when the source route bridge is used and error condition continue happening on the token ring. It shows a low number of medium size buffer when users issur a show buff command. [CSCdi07851]
Repeated disconnections of the router could cause the router to hang. This was especially seen with Lan Network Mananger sessions.

The problem was that multiple llc2 control blocks would get allocated pointing to the same session. [CSCdi08350]
This is an optimization to better handle explorer traffic.

The explorer queue is monitored to check if the elements of the queue are within a certain predefined threshold. If the value falls outside of these thresholds then the explorer packet is dropped. The depth of the explorer queue is configurable - the threshold values are not.

To configure the maximum queue size use the config command:

source-bridge explorerQ-depth

default is 40. [CSCdi08351]
The problem is that Lan Manager starts up XID transmissions and don't clean it up when the session terminates. Next time when another Lan Manager session is started for the same machine there a duplicate entries created on the timer blocks causing indeterminate events to occur - i.e. sometime the first timer block gets the event and sometimes the other timer block gets the event.

The solution could be to clean up the first timer block when the first Lan Manager session ends - however SNA sessions don't need llc2 to transmit XID frames. So instead of cleaning up this for Lan Manager it is best not to create these blocks.

Also a defensive check was put in the llc2 timer logic to exit the loop if a count exceeds the max number of llc2 sessions. [CSCdi08488]
Transparent bridging on Token Ring for any low-end product (IGS, Cisco 4000) is broken. No transparent bridging occurs from Token Ring or to Token Ring.

This caveat is present in Release 9.1 when support of fast switching for bridged frames was first introduced. [CSCdi08508]
$ignore [CSCdi08565]
IBM OS/2 2.0 generates an incorrect response to received SABME frames with the Poll bit set to zero. OS/2 responds with a UA frame with the Poll bit set to one. The LLC2 standard requires that an outstanding SABME be acknowledged by a UA frame which has it's Final bit set to the state of the Poll bit of the SABME, therefore, the LLC2 component in the Cisco router ignores the acknowledgment and the connection is never made. Therefore, attempts to link to the LAN Network Manager component of the Cisco router with LAN Manager or LAN Network Manager running under OS/2 2.0 will fail, and it will be impossible to manage or monitor the IBM features of the router from an OS/2 2.0-based management platform, Two workarounds exist. The first is to manage the router with management software running under older versions of OS/2 2.0, or to manage the router with NetCentral or some other management agent other than OS/2 2.0, that does not exhibit this bug in LLC2 behavior. In a future release, the Cisco router will send a SABME with Poll bit set to one when requesting a connection to IBM Network Management SAPs so the response, which has the Final bit set in any case, will be acknowledged, and the bug in OS/2 2.0 will be avoided. [CSCdi08704]

Interfaces and Bridging

IBGP sessions can fail if the target interface on the destination router goes down due to physical layer problems. A new virtual interface called a 'loopback' interface needs to be added to the router so that one can assign an IP address to a box that is not dependent upon a particular physical interface being up or online. This interface can then be assigned an IP address, and that IP address can be advertised via an IGP. A new command, neighbor x.x.x.x update-source interface should be used to override the IP address used in outgoing BGP TCP connections. IBGP sessions can fail if the target interface on the destination router goes down due to physical layer problems. A new virtual interface called a 'loopback' interface needs to be added to the router so that one can assign an IP address to a box that is not dependent upon a particular physical interface being up or online. This interface can then be assigned an IP address, and that IP address can be advertised via an IGP. A new command, neighbor x.x.x.x update-source interface should be used to override the IP address used in outgoing BGP TCP connections. [CSCdi05158]
copy to/erase of the MC+ fails: _str_mc_write_short There is no further information available concerning this problem. [CSCdi07314]
GDP client process sleeps but never dies when GDP deconfigured. GDP client doesn't release memory when it is deconfigured. GDP client should immediately ignore all routing updates from an interface if it goes down. IRDP server should rapid-fire announcements when an interface comes up. IRDP server should send out poison announcements when an interface is shutdown. GDP client process sleeps but never dies when GDP deconfigured. GDP client doesn't release memory when it is deconfigured. GDP client should immediately ignore all routing updates from an interface if it goes down. IRDP server should rapid-fire announcements when an interface comes up. IRDP server should send out poison announcements when an interface is shutdown. GDP client process sleeps but never dies when GDP deconfigured. GDP client doesn't release memory when it is deconfigured. GDP client should immediately ignore all routing updates from an interface if it goes down. IRDP server should rapid-fire announcements when an interface comes up. IRDP server should send out poison announcements when an interface is shutdown. GDP client process sleeps but never dies when GDP deconfigured. GDP client doesn't release memory when it is deconfigured. GDP client should immediately ignore all routing updates from an interface if it goes down. IRDP server should rapid-fire announcements when an interface comes up. IRDP server should send out poison announcements when an interface is shutdown. GDP client process sleeps but never dies when GDP deconfigured. GDP client doesn't release memory when it is deconfigured. GDP client should immediately ignore all routing updates from an interface if it goes down. IRDP server should rapid-fire announcements when an interface comes up. IRDP server should send out poison announcements when an interface is shutdown. [CSCdi07343]
The error message "TR mode failed, result code = 0x1818, error code= 0x0" will occur if source-bridge commands are configured in this order.

source-bridge spanning source-bridge x y z

To avoid this error message, issue the commands in the opposite order. [CSCdi07395]
When routing IP in conjunction with transparent bridging, 802.3 SNAP encapsulated IP will be bridged rather than routed. Cisco Systems expects to resolve this problem in a future release. [CSCdi07495]
No ip broadcast-address should return to default. There is no further information available concerning this problem. [CSCdi07563]
In very rare circumstances, EGP can cause a router to reload if another process attempts to clear the IP routing table while an EGP update is being processed. [CSCdi07587]
When there is a single fiber break or the neighbor station sends constant halt line state(HLS), system CPU utilization will reach 100%. [CSCdi07682]
Under extremely heavy loads, Ethernet or serial interfaces configured for bridging on the IGS, Cisco 3000, and Cisco 4000 platforms may occasionally 'stutter' and drop frames. The only workaround is to shut down, then re-enable the interface. when pounding on an ethernet or serial interface configured for bridging quite heavily, the rx ring for the low end products, i.e., igs, xx

can get in a funny state where it starts to stutter. the only known solution at this time is to shut the interface down and then configure it back up again.

it will be fixed in the next interim release. [CSCdi07686]
Due to a race-condition present in the Siemens MK5025 serial controller used in the Dual port serial NIM for the Cisco 4000, the MK5025 initializes into a state with the interrupt enable bit set off. Normally, this isn't an issue, as keepalives or routing updates cause a transmit request to happen, which has the side effect of always enabling the interrupt enable bit. However, with the Cisco 4000 set to be a secondary SDLC station, no frames are sent until a frame from the primary station is received. As the interrupt enable bit is disabled, this never occurs and the Cisco 4000 appears to be deaf. The workaround is to use the Cisco 4000 as the primary station when running SDLC or Serial Tunnel software. [CSCdi07691]
When the Cisco router receives a IEEE 802.2 TEST and XID frame that contains both a RIF field which indicates that the frame should traverse the Cisco router, and a destination address which indicates the frame should terminate at the Cisco router, the Cisco router chooses to terminate the frame and reply to it, if needed. This is not in compliance with a strict definition of source-route bridging. This is a minor problem that has little, if any, actual functional impact in most source-bridged networks. [CSCdi07722]
When the encapsulation on a serial line is switched from encapsulation frame-relay IETF to another encapsulation, the output of the show interface will include the "IETF" tag in the display. This behavior does not impact operation. [CSCdi07869]
Line deactivation not being debounced There is no further information available concerning this problem. [CSCdi07899]
If extended access lists are used on an MCI, SCI or cBus interface, the IP route cache is enabled, and also the 'established' keyword is used, it can be improperly evaluated. This can permit packets which should be filtered and exclude packets which should be permitted. This behavior was first introduced in 8.2. [CSCdi07901]
A bridge configured with no bridge acquire will continue to flood and forward packets for other than statically configured MAC addresses. In some cases, bridge filters may be used instead to achieve the desired pattern of traffic containment. [CSCdi07934]
A Cisco 4000 may not allocate interface buffers properly at startup resulting in the interface failing to become active. Buffers can be adjusted as a workaround. Please contact the Cisco TAC for assistance. [CSCdi07954]
Packets which were fast bridged were counted as fast source route bridged (srb) packets resulting in incorrect accounting. There is no workaround. [CSCdi07958]
If the NT tries to reactivate within ~600ms after a clear interface, it will fail. The workaround is to unplug from the ISDN network before doing a clear interface, then plugging back in. [CSCdi07970]
When a packet could not be fast bridged, it needs to be sent to process level code. (A case of this is if the packet is for us.) When this action must occur, we must tell the system that there is a packet for the bridge process. To do this, we must set the flag, activatehigh.

Symptoms users may see is the input hold queue filling up and not being drained. There is no simple workaround, but in order to fix this problem, a reload is necessary. [CSCdi07975]
When running DECnet on a CTR interface, the address filter is improperly initialized thus preventing any communication. The workaround for this problem is to issue a clear interface command on any Token Rings that are running DECnet. [CSCdi08009]
Packets that are larger than the max mtu on the Token Ring interface must be fragmented. The second part of the packet's interrupt was being cleared before our Token Ring driver had a chance to process it, therefore not being processed in a timely fashion.

Symptoms users may see is dropped packets if the packets are larger than the physical mtu (currently 8144 bytes). [CSCdi08013]
there could be a case where certain routed packets could get bridged. make sure this never happens.

symptons a user may see is that some routed traffic might get bridged.

no work around. [CSCdi08026]
make sure that only bridge packets gets filtered for lsap. routed packets should not get filtered. Symptoms are routed packets could get filtered as a bridged packet. There is no workaround. [CSCdi08029]
The bit to turn on rp functionality was erroneously turned on when inserting the low-end Token Ring interface into the ring. This is value added code, and our LAN Network Manager code was not running therefore unable to answer ring parameter server (rps) requests.

The symptoms are that any Token Ring device trying to insert onto the ring after the router will not be able to insert onto the ring unless there is really an rps server on the ring.

The correct behavior is to only turn on the rps bit when configured by the user.

A simple workaround is to configure srb, rsrb or appletalk and unconfigure it right away. [CSCdi08073]
If bridging is enabled, non-local packets from routed protocols can occasionally be bridged. [CSCdi08081]
Regarding multibus timeouts and RESETFAIL errors:

Please note the linkage between the following system versions and the sbemon & strmon token ring firmware versions:

FIRMWARE SYSTEM 8.3 SYSTEM 9.0 SYSTEM 9.1 ========= ========== ========== ========== sbemon 3.2 8.3(5.14) 9.0(3.1) 9.1(1.4) strmon 1.2 N/A 9.0(3) 9.1(1.4)

It is the firmware that is linked to the system versions and will cause a crash if earlier systems are used.

CUSTOMER ENGINEERING:

The older versions of the firmware will work as before with all systems. This means that if a customer has token rings with older firmware that are working fine then there is no need to upgrade them.

On the otherhand, if the system is crashing with a multi-bus timeout (the stack trace should indicate the crash happened in madge_input), or the token ring adapter board dies with a RESETFAIL error from the system, then a firmware upgrade with the proper system software will solve the problem. This is a valid solution as of November, 1992, prior to the above system and firmware releases.

MANUFACTURING:

As I understand it, manufacturing does not have a process for issuing different versions of firmware and they prefer to use the latest firmware as their "default" image, but this would cause the older systems to crash.

A partial solution is to release the new firmware along with, or after, the above system versions. The problem, then, is if a customer buys a new token ring adapter (or upgrades an existing one): they *must* also have the right system. Currently, the way we deal with this problem of incompatable hardware is to wait untill the bug generates a call from the field and then we check the version numbers, recommending the proper software upgrade. This is how we do it with the cbus micro-code. With this in mind, strmon 1.2 and sbemon 3.2 probably won't be released until January, 1993. [CSCdi08087]
Static IP routes can fail to be removed from the routing table when an unnumbered interface goes down. This can result in host or network routes pointing to a down interface to continue to be advertised via routing protocols. When the interface goes down, the router should remove the static route from the routing table for as long as the interface remains down. Until fixed, static IP routes should not be used with unnumbered interfaces. [CSCdi08180]
When an interface goes down, all static IP routes are removed from the routing table. When an interface goes down, the system should only be removing those static routes which direct traffic to the down interface. [CSCdi08184]
When no bridge acquire is configured, Token Ring interfaces on low-end systems will fail to respect it and will continue to learn and flood received packets. [CSCdi08201]
If IS-IS is not configured to redistribute static routes but is configured to redistribute ISO-IGRP routes, in some cases the ISO-IGRP routes are not propogated. [CSCdi08231]
In moderate to heavy traffic on Token Ring, the Token Ring could free the packets before the actual transmission of the packet. The symptoms a user may see is an interface which toggles on and off. [CSCdi08254]
The Vines protocol fails to run over an FDDI interface configured for transparent bridging. Routing information passes in only one direction across the FDDI link. [CSCdi08288]
When the system is bridging IP, ARPs originated by the system cause an error message to be generated. This behavior is seen only with packets originated by the system and impacts the use of IP for management of a bridge with a frame relay interface. [CSCdi08293]
Under certain circumstances a pure IP bridge (no ip routing) wouldn't be able to communicate with other IP hosts in the presence of topology changes. [CSCdi08349]
When use process PCM and dual-homing connection, if the user issues a cmt disconnect command to a standby port the CPU utilization will go very high. [CSCdi08427]
On an interface configured with both primary and secondary IP addresses, RIP, HELLO, and IGRP will fail to propagate the subnet information for the secondary IP address if the network mask of the secondary address differs from the netmask of the primary address. [CSCdi08483]
Duplicate rif entries pointing to the same mac address were populating the rif cache. In some instances there were different rif entries which pointed to the same mac address.

We need to check only the dest address to see if an entry exists in the rif cache irrespective of which interface it came on. [CSCdi08493]

IP Routing Protocols

Executing the command show ip ospf database may cause a system reload to occur. [CSCdi05692]
If BGP is configured with the no synchronization command, and a route is learned via internal BGP from a BGP peer which is not adjacent, BGP may subsequently advertise the route with a sub-optimal next hop. In this case, the next hop will point to the BGP speaker itself which will forward traffic correctly. This caveat only affects forwarding efficiency. This caveat was introduced in 9.0(2). [CSCdi07531]
After a topology change occurs, OSPF waits for 8 seconds before running SPF on the database in order to protect the router from link flapping. This delay is not absolutely necessary and will be removed in a future release. [CSCdi07562]
When there are multiple External LSAs for the default route (0.0.0.0) in OSPF domain, there is a possibility for the default route to disappear from the IP routing table. There is no workaround. The fix for this will be available in a future release. [CSCdi07576]
When an IP address used as the OSPF router id is removed from the router and used in a different router, there is the possibility of two OSPF routers using same router id, thereby causing an inconsistent OSPF database. The workaround is to remove the OSPF configuration and reenter it when changing OSPF router id's. [CSCdi07602]
If a router is configured for BGP and no BGP neighbors are active, either because they are not configured or because their BGP connections have not been established, then excessive memory utilization will occur. The workaround is to configure at least one BGP peer and to insure that it becomes active. This caveat was introduced in 9.0(2). [CSCdi07626]
In obscure circumstances which are not fully understood, a problem with a TCP connection underlying a BGP connection may cause the router to reload. [CSCdi07637]
Configuring RIP when there are no IP addresses in the router will cause the RIP router code to fail. The workaround is to remove and re-enter the RIP configuration after assigning an IP address. [CSCdi07765]
Fails to redistribute Connectd nets into OSPF There is no further information available concerning this problem. [CSCdi07885]
A race condition in the show ip cache command can cause the router to reload. This caveat cannot be completely fixed in 8.2 and 8.3. [CSCdi07900]
If IP accounting was misconfigured, the box would use up all of available memory storing accounting records. A threshold of 64k was established, if memory drops below that threshold, IP accounting will dump excess entries.

If IP accounting was misconfigured, the box would use up all of available memory storing accounting records. A threshold of 64k was established, if memory drops below that threshold, IP accounting will dump excess entries. [CSCdi08064]
In certain obscure circumstances and configurations, internal BGP paths which are not yet synchronized can be preferred over external BGP paths. This can cause instability in both BGP and in the IGP. [CSCdi08113]
When a subnet is known via OSPF and is redistributed into some other protocols (for example, BGP or another OSPF) and the route to the subnet is removed, the other protocol may remove that entire network from its routing table. [CSCdi08129]
If VLSM features are in use, and subnets of a network are known, but the major network is NOT connected to the router, then ONLY OSPF default should be used as a subnet default. [CSCdi08199]
In a very large networks, it is possible for fragmentation to occur on OSPF packets. This can cause problems with routers that do not do proper reassembly. [CSCdi08210]
Duplicate AS path regular expressions are not ignored with the consequence that they will show up more than once in the list if a box is configured with the same set of ACL's more than once. Duplicate AS path regular expressions are not ignored with the consequence that they will show up more than once in the list if a box is configured with the same set of ACL's more than once. [CSCdi08228]

ISO CLNS

When an NSAP address with length of 0 is present in a CLNS packet, the fast switching routines corrupt memory and causes the system to reload. [CSCdi06370]
This problem applies only when doing ISO-IGRP inter-domain routing over links that split horizon is not performed. This includes X.25 PDNs, Frame Relay and SMDS networks. Prefix route advertisements will count to infinity over these networks when a prefix goes unreachable. CSC [CSCdi07379]
If there exists any IS-IS routers in a network that originates LSPs with an LSP number of non-zero, the destinations in that LSP will not be inserted into the routing table. The only workaround is for LSPID's of the form xxxx.xxxx.xxxx.yy-zz, zz must be 00. [CSCdi07491]
If a ISO-IGRP route exists where a valid next-hop is used but there is no adjacency entry for the next-hop, the system may crash.

This situation is very rare. If a ISO-IGRP route exists where a valid next-hop is used but there is no adjacency entry for the next-hop, the system may crash.

This situation is very rare. [CSCdi07502]
The router may crash in very rare circumstances. If a single LSP exists in the AVL tree and it is deleted, it may dereference a NULL pointer. [CSCdi07683]
The show clns routes command can, under some circumstances, cause the router to reload. [CSCdi07710]
If CLNS is configured on an interface (either by the "clns enable" or "clns router iso-igrp ..." command), and IS-IS is not configured on the interface, received IS-IS packets will consume packets and not return buffers to the system. If CLNS is configured on an interface (either by the "clns enable" or "clns router iso-igrp ..." command), and IS-IS is not configured on the interface, received IS-IS packets will consume packets and not return buffers to the system. [CSCdi07758]
If an IS-IS link resides in a non-zero LSP number, it will be displayed as appearing in LSP number 0 as well. This creates the illusion that it is advertised more than once. This causes no problems with connectivity. [CSCdi07827]
The system may reload when the last IS-IS LSP is deleted from the link state database. This may happen when you are deconfiguring IS-IS from the system. [CSCdi07846]
A DECNET created adjacency in the OSI adjacency database will have a data-link address that is multicast. This results in multicast packets transmitted for each packet sent to the host. [CSCdi07939]
The show clns route command will display unused next-hop addresses when one of the equal-cost routes goes down. [CSCdi08262]

LAT

LAT status returns "already queued" on first queue attempt There is no further information available concerning this problem. [CSCdi07893]

Local Services

Any attempt to query an unimplemented SNMP MIB variable will cause the system to return the snmpEnableAuthenTraps variable. The correct behavior is to indicate that the variable requested is not available, and this will be corrected in a future release. [CSCdi04806]
A box with TR crashed with the following:

IP-3-Desthost:src=200.2.3.1 dst=0.0.0.0 Null desthost Process="SNMP Server",level=0,pid=28 Traceback=23628 23364 2500e 26a14 269ae 26c00 391da 81bbc [CSCdi05629]
sysLocation is read-only. As a workaround, the location can be set with the snmp-server location configuration command. [CSCdi07909]
SNMP GetNext will return incorrect responses for certain queries. [CSCdi08044]
SNMP variable ifinOctets fails to count fast-swicthed and autonomously switched packets. [CSCdi08072]
On routers without NVRAM, part of the sequence used to determine IP addresses is to send a BOOTP request. The replies to these requests are being ignored. On routers without NVRAM, part of the sequence used to determine IP addresses is to send a BOOTP request. The replies to these requests are being ignored. [CSCdi08077]

Novell IPX, XNS, and Apollo Domain

Static SAP entries are not advertised in response to Novell Get Nearest Server queries if the interface associated with the static SAP entry is currently down. This has no effect on current user functionality, but this behavior will be changed in future releases to help support dial-on-demand. [CSCdi07661]
There is a window where the XNS and Novell routing code code can learn the wrong MAC address for a CTR interface. This only happens when DECnet is being used onthe same CTR interface as XNS or Novell. The workaround is to re-issue the xns network xxx or novell network xxx command. [CSCdi07895]

Protocol Translation

The "data-character-bits" command is only works in x.25 protocol translation cases. It is inefficient to make this work on async lines, so it will end up being implemented only for virtual terminals. The data-character-bits command only works in X.25 protocol translation cases. [CSCdi05102]

TCP/IP Host-Mode Services

If the trace utility is used and a source route option is selected, an incorrect UDP checksum is calculated. This causes the entire route not to be displayed. [CSCdi07356]
TCP connections can exhibit long pauses in data delivery if the cisco is attempting to send data faster than the foreign host can use that data. This happens most often in cases of protocol translation, sdlc tunneling, remote source route bridging, and X.25 switching. TCP connections can exhibit long pauses in data delivery if the cisco is attempting to send data faster than the foreign host can use that data. This happens most often in cases of protocol translation, sdlc tunneling, remote source route bridging, and X.25 switching. [CSCdi07964]
The format of the output from debug tftp does not follow Cisco conventions. [CSCdi07967]
In debug tftp, spelled "Received" wrong. [CSCdi07977]

VINES

When operating in serverless mode, some customers need the ability to flood a received broadcast to all other interfaces instead of choosing the best interface and sending the frame. This bug fix adds this capability and the supporting code so it may be configured. The new command is "vines serverless broadcast". [CSCdi07599]
A recent Vines bug is causing Vines clients to send broadcast streettalk packets. Because the Cisco router floods streettalk broadcasts, this can cause congestion in wide area links. The change to the router code is to only flood streettalk broadcasts sent from a server. [CSCdi08277]

Wide-Area Networking

The X.25 PAD code will return a list of ALL X.3 parameters if we received an x.29 "read request" message with more than one parameter requested. This is improper, and will cause some X.25 implementations to clear the connection. [CSCdi06432]
An illegal CLEAR or CALL packet on a Permanent Virtual Circuit will cause the PVC to be deleted. [CSCdi06741]
Once enabled, disabling X.25 routing with the no x25 routing command does not disable X.25 call forwarding. [CSCdi06840]
Issuing a clear x25-vc command for a locally switched PVC or its interface will cause the PVC to be continually RESET. The PVC may be restored to operation by shutting down the interface and re-enabling it. [CSCdi07166]
If the ISDN line from the NT1 to the 3103 is disconnected, the router may not detect this. This results is calls still appearing to be connected. If the interface is shutdown, then calls will be disconnected. Also, when the line is reconnected, it is possible that the router either will not detect this, or still think that calls are still connected if the interface was not shut down as stated above. Again, to correct this, the interface should be shutdown and then taken out of shutdown. This problem will be corrected in a future release. [CSCdi07177]
The error message and traceback:
%X25-3-INTIMEQ Interface [chars], LCN [dec] already in timer queue, new time [dec]
is used as a diagnostic aid; although an unexpected condition was detected and reported, the operation of the router and the X.25 protocol are not affected. If this message is produced, contact Cisco Systems; include the text and traceback of this message as well as the information from the show version command. [CSCdi07238]
When a switch is reconfigured to use a different DLCI to reach the same end address, the Cisco router does not flush the deleted map entry and attempt to learn a new mapping. [CSCdi07318]
If a Virtual Circuit is established in order to forward a packet, the packet may not be forwarded immediately on receipt of the CALL CONFIRM. [CSCdi07560]
The system does not reset the sequence counters used for the LMI keepalive information element when the LMI type is changed. This behavior occurs if the LMI type is changed (from Cisco to ANSI Annex D or vice versa) after the system as been in operation for some period of time. This behavior has no impact on operation but does not conform to the detail of the specification. [CSCdi07649]
When using an interface for Dial on Demand Routing, keepalives must be disabled, or the call will be disconnected incorrectly. This is due to keepalives not being correctly passed through dial on demand interfaces. [CSCdi07654]
SMDS drops packets with CIB==1. SMDS should ignore CIB.

After revisiting the spec. it was decided that for SMDS to reject all packets with CIB==1 was incorrect. CIB indicates whether a CRC32 value is at the end of the packet for CRC calculation. The CIB bit is used only to suggest what we do CRC calculcation.

Until this problem is fixed in the future release of 9.1, customers are encouraged to only send packets with CIB == 0, without CRC32. There is no other workaround to this problem. [CSCdi07844]
When a system interface is set for the frame relay IETF encapsulation, switched to another encapsulation, and then back to frame relay, the flag indicating the IETF format is still set.

This behavior is seen only when switching encapsulations. To avoid this behavior one can use the IETF flag on the frame-relay map statement. the [CSCdi07923]
When the LMI type is set to the ANSI Annex D for a frame relay interface, the system sends out a status enquiry message that is incorrect. As a result, the frame relay switch does not recognize this packet and does not respond with the appropriate status message. This causes the line protocol to go down for the interface. [CSCdi07928]
Dynamic address resolution for frame realy is broken. [CSCdi07936]
Modified CHAP to be compliant with RFC 1334. This code is not backward compatible with 9.1(1) CHAP. This is because the length of the CHAP authentication option in LCP has changed from 6 to 5 by removing the callback option.

Also, we now send our hostname to the device we are challenging. The challenged device uses this name to look up in its table of secrets the secret to use. They then send a response with their hostname which we look up.

This eliminates the need to configure a USERNAME/PASSWORD combination for our hostname in our router. [CSCdi07952]
Release 9.1(1) did not correctly handle "passive" dial on demand interfaces. It was required in release 9.1(1) that a dialer string be specified where in version 9.0 this was not required. [CSCdi07993]
The command dialer in-band is changed to support specification of parity. The new command is dialer in-band [no-parity | odd-parity]. The parity applies to the dialer string that is sent out to the V.25bis modem. If no parity keyword is specified or if no-parity is entered, then no parity is applied to the output number. If odd-parity is configured, the dialed number will have odd parity (7-bit ASCII characters and 8th bit (msb) being the parity bit). [CSCdi08276]
Software prior to 9.1(2) on the Cisco 3103 would not free the TEI assigned to it when the BRI interface was shutdown. [CSCdi08281]
In version of software prior to 9.1(2), it is possible for the ISDN software to cause a system reload. This will occur if calls are received by the 3103 router which it ignores. This would include voice calls, or calls to another device in a multidrop situation. [CSCdi08401]
Back-to-back routers cannot communicate using frame relay. [CSCdi08408]
In release 9.1(1), the dialer map command applied to a dialer rotary group was not propogated to interfaces in that dialer rotary group. [CSCdi08412]

XRemote

Invalid Xremote packets from an X-terminal may cause the cisco Communication Server to reload. [CSCdi08110]
Xremote debugging messages may appear even if debugging is disabled. Also, some of the debug messages are incorrect. [CSCdi08259]
Invalid Xremote replies may cause a system reload. [CSCdi08306]

Table of Contents

9.1(16) Caveats

9.1(15) Caveats/9.1(16) Modifications

9.1(14) Caveats/9.1(15) Modifications

9.1(13) Caveats/9.1(14) Modifications

9.1(12) Caveats/9.1(13) Modifications

9.1(11) Caveats/9.1(12) Modifications

9.1(10) Caveats/9.1(11) Modifications

9.1(9) Caveats/9.1(10) Modifications

9.1(8) Caveats/9.1(9) Modifications

9.1(3) Caveats/9.1(4) Modifications

9.1(2) Caveats/9.1(3) Modifications

9.1(1) Caveats/9.1(2) Modifications