These release notes describe the features, modifications, and caveats for Software Release 9.1, up to and including Release 9.1(16). Refer to the Communication Server Configuration and Reference publication, dated September 1992, for complete communication server product documentation for Software Release 9.1.
Note Release 9.1(16) is the last maintenance release of Release 9.1. If you want to continue to use Release 9.1 after Cisco maintenance releases end, you must maintain a version of the software on a TFTP server at your site. If you are considering upgrading your software, the preferred upgrade path for Release 9.1 users as of April 17, 1995, is Cisco Internetwork Operating System (IOS) Release 10.0(9) or Release 10.2(5).
Cisco's communication server product line, including the 500-CS and ASM-CS, provides all the features of the Software Release 9.0 terminal servers as well as the new features listed in these release notes.
These release notes describe the following topics:
- Current Software Versions, page 2
- New Features in Release 9.1(9), page 2
- Hardware Features, page 3
- Software Features, page 3
- Important Notes, page 10
- 9.1(16) Caveats, page 13
- 9.1(15) Caveats/9.1(16) Modifications, page 13
- 9.1(13) and 9.1(14) Caveats/9.1(15) Modifications, page 13
- 9.1(11) Caveats/9.1(12) Modifications, page 15
- 9.1(11) Caveats/9.1(12) Modifications, page 15
- 9.1(10) Caveats/9.1(11) Modifications, page 17
- 9.1(9) Caveats/9.1(10) Modifications, page 18
- 9.1(8) Caveats/9.1(9) Modifications, page 18
- 9.1(7) Caveats/9.1(8) Modifications, page 19
- 9.1(6) Caveats/9.1(7) Modifications, page 20
- 9.1(5) Caveats/9.1(6) Modifications, page 21
- 9.1(4) Caveats/9.1(5) Modifications, page 22
- 9.1(3) Caveats/9.1(4) Modifications, page 23
- 9.1(2) Caveats/9.1(3) Modifications, page 24
- 9.1(1) Caveats/9.1(2) Modifications, page 26
- Cisco Information Online, page 27
- UniverCD, page 28
As of Software Release 9.1, all software capabilities are included in a single image. According to the software license agreement that accompanies each system, you are restricted to using only those software capabilities that you ordered from Cisco Systems. Refer to the Cisco Price List for the version number and ordering instructions.
You can now configure your communication server as an AppleTalk Remote Access (ARA) server. Cisco's implementation of ARA connectivity gives Macintosh users direct access to information and resources at a remote location. Macintosh users can connect to another Macintosh computer or AppleTalk network over standard telephone lines. For more information, see the AppleTalk Remote Access Protocol Addendum to Communication Server Configuration and Reference publication.
The following new hardware features are supported in Release 9.1:
- CSC/4 processor
- 500-CS communication server
This section describes new software features.
Blacker Front-end (BFE) encryption is required in secure DDN X.25 network applications. The Cisco communication server is considered to be the host that is connected to the BFE.
The Blacker Emergency Mode feature allows the communication server to support BFE if the routing host or gateway is unavailable. The BFE device, upon discovering the loss of the routing host, enters Blacker Emergency Mode and sends a message to the communication server that it is entering or requesting to enter Blacker Emergency Mode. At this point the communication server, depending upon the user configuration, also enters Blacker Emergency Mode. It then either ignores the message, or approves or denies authorization to enter Blacker Emergency Mode.
You can administratively configure the communication server to enter Blacker Emergency Mode. The choices are never, always, or based upon a decision. The decision depends on the specific configuration of BFE, which may or may not be allowed to enter Blacker Emergency Mode. After it enters Blacker Emergency Mode, the communication server has the additional facility for address translation information for the Blacker internet addresses of remote hosts and gateways.
New commands are as follows:
x25 remote-red host-ip-address remote-black blacker-internet-address
x25 bfe-emergency {never|always|decision}
x25 bfe-decision {no|yes|ask}
bfe {enter|leave} interface-type unit
show x25 remote-red
Point-to-Point Protocol (PPP) encapsulation is supported for serial line IP. To use this encapsulation, configure the interface with the following interface subcommand:
encapsulation ppp
Dial-on-demand routing (DDR) was provided in the 9.0 software release. No security features were built into the support for DDR until support for the Challenge Handshake Authentication Protocol (CHAP). CHAP is defined in RFC 1334 and is part of the PPP Link Control Procedures. It defines the process by which a router that is called is able to verify and control the access of a remote calling router.
The CHAP implementation in Software Releases 9.1(2) and later complies with RFC 1334 and interoperates with other conforming implementations. With this change, CHAP in 9.1(2) and later releases does not interoperate with the implementation in 9.1(1), although the CHAP feature in 9.1(1) interoperates with other Cisco routers using 9.1(1).
New commands are as follows:
ppp authentication chap
username name password secret
Cisco has added support for the encapsulation of IP packets in conformance with IETF RFC 1294 entitled "Multiprotocol Interconnect over Frame Relay."
The new command is as follows:
[no] encapsulation frame-relay [ietf]
The following commands support SLIP for IP routing:
slip address address [mask]
slip address dynamic [default-address]
slip header-compression [on|off|passive]
slip [/compressed] {address|default}
slip routing
The Router Discovery Protocol (RDP) outlined in RFC 1256 provides a standard way for IP hosts to discover routers. When operating as an IP router, RDP packets are generated, and when operating as a host, RDP packets are received.
The new interface subcommands are as follows:
[no] ip irdp
show ip irdp
Use the following interface subcommands to change IRDP parameters:
ip irdp preference number
ip irdp maxadvertinterval seconds
ip irdp minadvertinterval seconds
ip irdp holdtime seconds
ip irdp address address [number]
A Cisco communication server now can support more than one mask for the same network number. All masks must be left-contiguous (that is, there cannot be any zero bits to the left of a one bit).
The command changes that follow apply to static routes only.
The following display has been modified:
show ip route [network [mask]]
A new command has been added to display the masks used for network [address] and the number of subnets using each mask. This command is used mostly for debugging.
show ip masks [address]
Each of these commands adds an optional mask:
show ip route [address [mask]]
clear ip route [address [mask]]
For the following command, a mandatory mask has been added:
ip route network mask {address|interface} [distance]
The following command has been obsoleted:
ip default-network [subnet]
Default subnets can now be translated into network-level routes.
With Cisco's dial-up capability, you can set a modem to automatically dial the phone number of a remote communication server. This feature offers cost savings because you pay for using the phone line only when there is data to be received (or sent).
New XRemote capabilities allow users on X display servers that are not running XRemote to run a client program from a host on another network.
These commands allow you to add special graphical and international characters in banners and prompts and to add special characters such as software flow control characters.
The new commands are as follows:
exec-character-bits {8|7}
special-character-bits {8|7}
terminal exec-character-bits {8|7}
terminal special-character-bits {8|7}
This section describes new system management features.
You can increase access security on your communication server by encrypting both the privileged command password and the console and virtual terminal line access passwords using the following new command:
[no] service password-encryption
Interface statistics are kept for the number of packets of each protocol type that have been sent through the interface. The accounting keyword has been added to the show interfaces command as follows:
show interfaces [type unit] [accounting]
The following commonly used DEC LAT EXEC commands are supported on Cisco's systems:
help
logout
Use the help command to obtain information about EXEC commands. Use the logout command to exit EXEC mode and free the line.
The new LAT display commands are as follows:
show node [all|node-name] [counters|status|summary]
show service [service-name]
Real-Time Debugging Enhancements
Timestamping enhances real-time debugging by recording the relative timing of logged events. This information is especially useful when users send debugging output to technical support personnel for assistance.
To configure the system for timestamping, use the following global command:
[no] service timestamps
The show line command display now provides more information on the average
24-line screen.
With Software Release 9.1, the communication server supports the IP routing functionality offered on Cisco routers. This includes IP routing protocols. This section lists the IP routing commands.
debug ip-tcp-header-compression
debug probe
[no] arp internet-address hardware-address type [alias]
[no] async-bootp tag [:hostname] data ...
[no] ip accounting-list ip-address mask
[no] ip accounting-threshold threshold
[no] ip accounting-transits count
[no] ip default-network network
[no] ip hp-host name [TCP-port-number] address1 [address2...address8]
[no] ip hp-host hostname ip-address
[no] ip ipname-lookup
[no] ip mtu bytes
[no] ip probe proxy
[no] ip routing
Note Unlike the router, IP routing is disabled by default in the communication server.
[no] ip source-route
[no] ip subnet-zero
[no] access-group list
[no] arp {arpa|probe|snap}
[no] arp timeout seconds
[no] ip accounting
[no] ip address address mask [secondary]
[no] ip broadcast-address [address]
[no] ip directed-broadcast
[no] ip forward-protocol {udp|nd} [port]
[no] ip helper-address address
[no] ip mask-reply
[no] ip proxy-arp
[no] ip redirects
[no] ip security add
ip security dedicated level authority [authority...]
[no] ip security extended-allowed
[no] ip security first
[no] ip security ignore-authorities
[no] ip security implicit-labelling [level authority [authority...]]
ip security multilevel level1 [authority...] to level2 authority2 [authority2...]
[no] ip security strip
[no] ip tcp compression-connections number
[no] ip tcp header-compression [passive]
[no] ip unnumbered interface-name
[no] ip unreachables
transmit-interface interface-name
Debugging IP Routing
debug ip-bgp
debug ip-bgp-events
debug ip-bgp-updates
debug ip-egp [ip-address]
debug ip-egp-events [ip-address]
debug ip-hello
debug ip-igrp
debug ip-ospf-adj
debug ip-ospf-events
debug ip-ospf-flood
debug ip-ospf-packet
debug ip-ospf-spf
debug ip-rip
debug ip-routing
debug ip-tcp
debug ip-tcp-packet line
debug ip-udp
IP Routing Protocols Global Configuration Command Summary
[no] autonomous-system local-AS
[no] ip as-path access-list list [permit|deny] as-regular-expression
[no] ip default-network network-number
ip route network mask {address|interface} [distance]
[no] router egp 0
[no] router hello
[no] router protocol [autonomous-system]
[no] router ospf ospf-process-id
[no] router rip
IP Routing Protocols Subcommand Summary
[no] area area-id authentication
[no] area area-id range address mask
[no] area area-id stub
[no] area area-id default-cost cost
[no] area area-id virtual-link router-id [hello-interval number-of-seconds]
[retransmit-interval number-of-seconds]
[transmit-delay number-of-seconds]
[dead-interval number-of-seconds]
[authentication-key password]
[no] default-information allowed {in|out}
[no] default-information originate
[no] default-information originate metric metric-value metric-type type-value
[no] default-metric bandwidth delay reliability loading mtu
[no] default-metric number
[no] distance bgp external-distance internal-distance local-distance
[no] distance weight [address mask] [access-list-number]
[no] distribute-list access-list-number in [interface-name]
[no] distribute-list access-list-number out [interface-name|routing-process]
[no] ip irdp
ip irdp preference number
ip irdp maxadvertinterval seconds
ip irdp minadvertinterval seconds
ip irdp holdtime seconds
ip irdp address address [number]
[no] metric holddown
[no] metric maximum-hops hops
[no] metric weights tos k1 k2 k3 k4 k5
[no] neighbor address
[no] neighbor address distribute-list list {in|out}
neighbor address filter-list list {in|out|weight weight}
neighbor address remote-as number
no neighbor address
[no] neighbor address third-party third-party-ip-address [internal|external]
[no] neighbor address weight weight
[no] neighbor any [list]
[no] neighbor any [list]
[no] neighbor any third-party address [internal|external]
[no] neighbor ip-address
[no] neighbor ip-address version value
[no] network address backdoor
[no] network address wildcard-mask area area-id
[no] network network-number
[no] offset-list list {in|out} offset
[no] passive-interface interface
[no] redistribute process-name [AS-number]
[no] redistribute protocol [source-id]
[metric metric-value]
[metric-type type-value]
[tag tag-value]
[subnets]
[no] redistribute ospf ospf-process-id
[metric metric-value]
[match internal|external type-value|external type-value]
[no] synchronization
[no] timers basic update invalid holddown flush [sleeptime]
[no] timers bgp keepalive holdtime
[no] timers egp hello polltime
[no] variance multiplier
IP Routing Protocols Interface Subcommands
[no] ip address address mask [secondary]
[no] ip gdp
[no] ip gdp holdtime seconds
[no] ip gdp priority number
[no] ip gdp reporttime seconds
[no] ip ospf authentication-key password
[no] ip ospf cost cost
[no] ip ospf dead-interval seconds
[no] ip ospf hello-interval seconds
[no] ip ospf priority 8-bit-number
[no] ip ospf retransmit-interval seconds
[no] ip ospf transmit-delay seconds
[no] keepalive [seconds]
This section describes warning and cautions about using the Release 9.1 software. The information in this section supplements that given in the section 9.1(16) Caveats, page 13.
The software image provided in Cisco 500-CS communication servers is cs500-kr, which runs from ROM. This is a new image and is not documented in the Communication Server Configuration and Reference publication. To obtain a copy of the previously used cs500-k image, which can be booted from a network server and which runs from RAM, access CIO as described on page 27. Note that a minimum of 4 MB of system memory is required to boot Release 9.1(9) and later cs500-k images from a network server.
When you upgrade your EEPROMs to the Software Release 9.1(9) or later cs500-kr image, you need to install or move jumpers on the Cisco 500-CS system card. Table 1 indicates the locations of the jumpers. For more information, refer to the Cisco 500-CS Memory and Software Upgrade Instructions document.
J4 Jumper Settings
Software Version
| Place Jumpers on Pins ...
|
|---|
| 9.1(9) and later
| 7 and 8
9 and 10
13 and 14
|
| 9.1(8) and earlier
| 7 and 8
11 and 12
|
The following discussion concerns all users whose systems meet the following conditions:
- The system is using a CSC/3 processor.
- You want to boot 9.1 system software from either Flash or over the network.
When attempting to boot a 9.1 software image, you may see a message indicating a buffer overflow error. If you see this message, you must compress the software image before booting it.
When a server netboots or Flash boots software, the image being booted and the running image must both fit into memory.
The uncompressed 9.1 software image is in certain cases larger than half the available memory of a CSC/3 processor. However, a compressed 9.1 image is smaller than half the available memory and can be network-booted or Flash-booted into the CSC/3.
You can produce a compressed software image on any UNIX platform using the "compress" program. Refer to your UNIX platform's documentation for the exact usage of the "compress" program.
Note Many UNIX "compress" programs produce a file whose name ends in a
.Z. In certain instances (notably, booting with the
b command from the ROM monitor), uppercase names are not understood by the system. To ensure the ability to boot the software in all cases, rename such output files from the UNIX "compress" facility to a name that does not contain any uppercase characters.
When setting the bandwidth, the bandwidth that is displayed with the show interfaces command may not match in some higher bandwidth cases because some roundoff is performed on the number you entered. The values shown match those seen in IGRP update packets and hence are more useful for debugging.
As of Software Release 9.1, the system automatically translates old default network commands into appropriate static routes. The translation is completely transparent.
In BSD-derived UNIX systems, the block number in the TFTP header file is a short instead of a unsigned short. Because of this, you cannot write core on a 16M CSC4 to some UNIX systems, because the last block will never be accepted by the UNIX TFTP daemon. However, the entire core file, except for the last 512-byte block is successfully written, so you still can use the incomplete core file for debugging system problems. This was previously reported as Cisco bug CSCdi07776.
You can use TACACS security with AppleTalk Remote Access (ARA) if you have configured a TACACS server and if the CCL script on the client Macintosh is modified for TACACS security. For several of the most commonly used modems, Cisco has developed CCL logic that you can use to modify CCL scripts. You can obtain Cisco's CCL logic by downloading the file TACACS.sit.hqx from ftp.cisco.com. For information about how to use Cisco's CCL logic to modify a CCL script, see the AppleTalk Remote Access Protocol Addendum to Communication Server Configuration and Reference publication.
Once you have modified the CCL script and installed it in the Extensions folder on the Macintosh, use the Remote Access Setup control panel to select the modified script.
Once the modified CCL script is selected, a user who makes an AppleTalk Remote Access connection should select Guest login from the standard Login dialog box. Regardless of the user's selection in the Login dialog box, the user is prompted for their TACACS username and password after the ARA connection is established.
This section describes possibly unexpected behavior by Release 9.1(16). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(16). The caveats listed here describe only the serious problems. For the most current list of caveats against this release, access CIO as described in the section "Cisco Information Online" later in this document.
- In an environment where OSPF is redistributed into RIP and RIP into OSPF, under certain circumstances, the RIP updates are no longer interpreted by the router. Instead, they are forwarded to the gateway of last resort. [CSCdi18372]
This section describes possibly unexpected behavior by Release 9.1(15). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(15). For additional caveats applicable to Release 9.1(15), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.
No serious bugs were resolved in Release 9.1(16). For the most current list of caveats against this release, access CIO as described in the section "Cisco Information Online" later in this document.
This section describes possibly unexpected behavior by Releases 9.1(13) and 9.1(14). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(14). For additional caveats applicable to Releases 9.1(13) and 9.1(14), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.
The caveats listed here describe only the serious problems. For a most current list of caveats against this release, access CIO as described in the section "Cisco Information Online" later in this document.
All the caveats listed in this section are resolved in Release 9.1(15).
- A protocol translator can get into a Telnet TTY-TYPE negotiation loop with a device that does not negotiate TTY-TYPE. [CSCdi26990]
This section describes possibly unexpected behavior by Release 9.1(12). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(12). For additional caveats applicable to Release 9.1(12), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.
The caveats listed here describe only the serious problems. For the most current list of caveats against this release, access CIO as described in the section "Cisco Information Online" later in this document.
All the caveats listed in this section are resolved in Release 9.1(13).
- In OSPF, when a neighbor goes down, a host route for that neighbor is incorrectly added. A possible workaround is to trigger the rebuild of OSPF router link state advertisement by changing the interface metric or by rebooting. [CSCdi21103]
- Removing a translate command from the configuration can cause other translations using the same inbound IP address to stop working. A workaround is to configure the remaining translations again, for example, by doing write memory and config memory. [CSCdi23621]
- Under certain conditions, failed protocol translation connections between TCP and either X.25 or LAT using the translate command's printer option can cause a reload of the protocol translator. More specifically, the problem occurs when the software detects an error on the incoming TCP connection after the outgoing X.25 or LAT connection has been set up. [CSCdi22217]
- Under rare circumstances, an opening TCP connection can get stuck in CLOSEWAIT state. This can also result in a STUNpeer session getting stuck in an OPENING state at the same time. [CSCdi23455]
- When X.25-over-TCP (XOT) sends a Call Confirm that modifies one of the two proposed flow control facilities (window sizes or maximum packet sizes), the values may be set to 0, which is illegal. [CSCdi21602]
This section describes possibly unexpected behavior by Release 9.1(11). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(11). For additional caveats applicable to Release 9.1(11), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.
The caveats listed here describe only the serious problems. For the most current list of caveats against this release, access CIO as described in the section "Cisco Information Online" later in this document.
All the caveats listed in this section are resolved in Release 9.1(12).
- Under rare circumstances, the clear line command fails to clear the process running on that line. A show process command shows that the process on that line has an inappropriate and rapidly increasing number in the "invoked" column. [CSCdi16063]
- In systems configured to support the spanning-tree bridging protocol, the root bridge BPDUs reappear at the root bridge in a HSSI environment. [CSCdi18812]
- The default network does not work properly depending on the subnet used. [CSCdi18743]
- If an FDDI interface on a router reset via the no shut command, IP routes would be deleted from that interface. But since the FDDI ring is still in operational mode, there is no event generate to let OSPF know that routes has gone and recalculate SPF. [CSCdi19255]
- The source address-sensitive form of the distance command now works for OSPF. It formerly was silently ignored. Note that, for OSPF, this command has slightly different semantics, since the source address is matched based on the router ID of the router that originated the route within the OSPF area, rather than the next-hop router. [CSCdi19369]
- The router and communication servers allow remote users to Telnet into VTY ports by connecting to ports 20xx/40xx/60xx/80xx. All the standard VTY/TTY security features, such as passwords, TACACS, and the ability to block access with the access-class ... in command have always been supported, even when connecting to a high port. However, since many customers are unaware of this functionality, they do not take it into account when constructing packet filtering firewalls. Since this functionality can be explicitly enabled and configured by use of the VTY rotary feature, the default behavior is not necessary. This is not a security bug or hole, but rather a behavior that should be avoided as a matter of prevention due to its obscurity. [CSCdi20050]
- OSPF can choose and install nonoptimal interarea and external routes when there are multiple link state advertisements for the same destination advertised by multiple Area Border Routers (or Autonomous System Boundary Routers for external routes). This can cause a routing loop if other neighboring routers still install the shortest path to the destination. This problem will happen only after the system has been up for a period of time. The length of this period depends on how much connectivity changes have occurred. In a fairly busy network, the estimated length of this period is five to six weeks. [CSCdi20071]
- After an OSPF router installed a default route to network 0.0.0.0 that is advertised in an external link state advertisement (LSA) by an Autonomous System Boundary Router (ASBR) and a connectivity change happens in the network that triggers SPF calculation, the router will not reinstall the default route. This problem is introduced in the following software versions: 9.1(11.4), 9.17(9.2) and 9.21(3.1). There is no workaround. [CSCdi20401]
- Every time an OSPF router notices its neighbor state change on an interface (either by seeing new Hello packets or the lack of Hello packets for a RouterDeadInterval) and attempts to reoriginate its own router link state advertisement (LSA) but there is no change that needs to be reflected in the router LSA, a piece of memory of the size of the router LSA would be permanently consumed. This problem manifests itself by a slowly declining amount of free memory shown in show memory command. There is no workaround to this problem. This problem is introduced in software version 9.1(11.5). [CSCdi20849]
- The system implements diagnostic TCP servers on ports 7 (ECHO) and 9 (DISCARD). These services cannot be disabled, which is worrisome to users implementing firewalls. Also, the system mistakenly listens for XRemote connections on port 10000, corresponding to the non-existent rotary group 0. [CSCdi20077]
- On MCI/ciscoBus serial cards, when DDR is configured with priority queuing, a packet may get stuck in the output queue and get released only when the next packet replaces it in the queue. This one-packet delay may cause packets to be delayed, increasing response time or causing packet drops in case of timeout. [CSCdi17666]
- In X.25 environments, the message "System restarted by error - Jump to zero" appears. If you issue a show stack command, you see a two-line stack trace. The cause is related to failed PAD calls; an area of memory is modified after it has been returned as no longer in use. When the load is heavy or X.25 performance is slow, this invalid reference may modify critical data, causing unpredictable results. [CSCdi17688]
- Bridged IP packets for router management are sent with the wrong size. If you are bridging IP and using IP for router management, packets sourced by the router for the second frame-relay bridge entry are truncated. [CSCdi18862]
This section describes possibly unexpected behavior by Release 9.1(10). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(10). For additional caveats applicable to Release 9.1(10), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.
The caveats listed here describe only the serious problems. For the most current list of caveats against this release, access CIO as described in the section "Cisco Information Online" later in this document.
All the caveats listed in this section are resolved in Release 9.1(11).
- At system boot time, TACACS code dies because it fails to establish a UDP socket with which to talk to the TACACS server. [CSCdi17830]
- When using the printer option for a TCP-LAT translation, one packet erroneously remains in the input queue on the receiving interface for each translation attempt which fails. [CSCdi17681]
- Configuring SMDS on serial lines that are shutdown and subsequently reenabling them can in some circumstances cause a reload. A Token Ring interface appears to be required to trigger this problem. [CSCdi15880]
- X.25 calls received on a serial interface cannot be routed to a CMNS host. [CSCdi17212]
This section describes possibly unexpected behavior by Release 9.1(9). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(9). For additional caveats applicable to Release 9.1(9), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.
The caveats listed here describe only the serious problems. For the most current list of caveats against this release, access CIO as described in the section "Cisco Information Online" later in this document.
All the caveats listed in this section are resolved in Release 9.1(10).
- Protocol-translation-queued host-initiated connections from LAT to X.25 should be checked every second instead of every 60 seconds. [CSCdi15819]
- A protocol translator used for LAT to X.25 host-initiated connections (such as printing) may run out of memory over time. [CSCdi16105]
This section describes possibly unexpected behavior by Release 9.1(8). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(8). For additional caveats applicable to Release 9.1(8), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.
The caveats listed here describe only the serious problems. For the most current list of caveats against this release, access CIO as described in the section "Cisco Information Online" later in this document.
All the caveats listed in this section are resolved in Release 9.1(9).
- Under certain rare circumstances, the communication server may hang running TN3270. [CSCdi13290]
- Prior to software version 9.1(4.1), problem CSCdi01624 (X.25 switching over TCP doesn't convey window and packet info) required, for correct operation, that all Cisco interfaces routing via a TCP connection be configured with the same default flow control values (i.e. window sizes and maximum packet sizes; parameters win, wout, ips and ops). This is because the receiving router may not be able to determine what flow control values apply to the VC. The design of Cisco's X.25 routing capability requires that, for proper operation, both ends of the VC have complimentary flow control values. With the resolution of CSCdi01624, it was decided that CALLs received on a TCP connection that do not indicate one or both of the flow control facilities should have the universally acceptable value(s) (i.e. window sizes of 2/2 packets and maximum packet sizes of 128/128 bytes) forced onto the connection and indicated on the CALL CONFIRM returned over the TCP connection. While the decision to force the universally acceptable values on a connection with unknown values should offer correct X.25 operation for all connections (albeit with possibly degraded performance), it does create a migration problem for those routers running pre-9.1(4.1) software connecting X.25-capable equipment that cannot accept flow control values in the CALL CONFIRM. Configurations that once worked may no longer work when the far end is upgraded to 9.1(4.1) or better, because if the parameters indicated on the CALL CONFIRM from the far end do not match the interface defaults, the router will include them in the CALL CONFIRM to the equipment that then CLEARs the CALL because of its inability to modify the connection flow control parameters. To address this migration issue, a switch has been added to the global x25 routing command--this switch takes the form x25 routing TCP_USE_IF_DEFS will cause the router to force the outgoing interface defaults into the CALL CONFIRM sent back over the TCP connection. The pre-9.1(4.1) software, then, should remove these values from the CALL CONFIRM sent to the connecting equipment. Note, however, that if the forced values do not match the interface defaults that the values should still appear in the CALL CONFIRM and cause a CLEAR, which is preferable behavior to setting up a connection with mismatched values which may cause far more subtle and mysterious misbehavior. [CSCdi13759]
- If a Cisco 500-CS loads host configuration files from the network, lines can be turned off permanently if the line had status "input stopped" at the time the config file was loaded. This can happen, for example, if lines are receiving continuous data at a high rate during the software loading phase. A workaround is to disable the use of "host" config files, either including the commands in a network config file or relying completely on the nonvolatile config memory within the Cisco 500-CS. [CSCdi13978]
- Due to a parsing error, the interface subcommand frame-relay lmi-type ANNEX D is not accepted. This occurs even when the system is reading a configuration file written by the software, as from non-volatile memory. A workaround is to load a configuration file at boot time containing the alternative form, frame-relay lmi-type ansi which is accepted. [CSCdi15175]
This section describes possibly unexpected behavior by Release 9.1(7). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(7). For additional caveats applicable to Release 9.1(7), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.
The caveats listed here describe only the serious problems. For the most current list of caveats against this release, access CIO as described in the section "Cisco Information Online" later in this document.
All the caveats listed in this section are resolved in Release 9.1(8).
- Possibly due to a condition where all valid interfaces are in a down state, TACACS (or SYSLOG, or other datagram-oriented protocols running above IP) may begin sourcing packets from a downed interface. This situation can be verified with the show ip sockets command. It can be remedied by shutting down an interface (which may already be shut down). A workaround is to assign an IP address to the loopback interface. [CSCdi12845]
- When a communication server is used to connect a terminal to a LAT printer queue, a race condition may cause the last byte (or the last two bytes) sent to the printer to be corrupted. [CSCdi13310]
- The nohangup option to the username is not shown in the configuration when enabled. [CSCdi12700]
- The fix submitted for CSCdi12849 is incomplete; X.25 INTERRUPT packets are still mishandled in switched VCs. [CSCdi13369]
This section describes possibly unexpected behavior by Release 9.1(6). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(6). For additional caveats applicable to Release 9.1(6), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.
The caveats listed here describe only the serious problems. For the most current list of caveats against this release, access CIO as described in the section "Cisco Information Online" later in this document.
All the caveats listed in this section are resolved in Release 9.1(7).
- This correction prevents 32808 bytes from being lost each time a write memory command is executed on systems which utilize the MC or MC+ NVRAM board for its NVRAM configuration. [CSCdi11659]
- Communication servers with an inbound LAT connection that fails to find a line in the rotary group that responds correctly to a modem callout causes the system to reload. These symptoms may be resolved by configuring the dial-out line with modem inout or modem dtr. [CSCdi12162]
- The M bit is set improperly in the last packet when the packet is full but no additional data to be sent. [CSCdi12080]
This section describes possibly unexpected behavior by Release 9.1(5). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(5). For additional caveats applicable to Release 9.1(5), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.
The caveats listed here describe only the serious problems. For the most current list of caveats against this release, access CIO as described in the section "Cisco Information Online" later in this document.
All the caveats listed in this section are resolved in Release 9.1(5).
- There is a window in which commands to the interface get dropped. The fix is to protect against interrupts when issuing commands. In this case, the system drops the command to throttle the interface. When the system later tries to unthrottle the interface it can get passed random pointer values to the interfaces shared memory. Also, store the throttle count in idb and display in show controller. [CSCdi11046]
- TN3270 may return modified data fields to the host in the incorrect order. This is primarily manifested in applications complaining of invalid data in fields that do indeed have the correct data. [CSCdi10344]
- For encapsulation DDNX25, DDN Precedence facility is allowed in X25 CALL CONNECTED frames. The DDN Precedence (or absence) must agree with that of the X25 CALL REQUEST frame. [CSCdi11405]
This section describes possibly unexpected behavior by Release 9.1(4). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(4). For additional caveats applicable to Release 9.1(4), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.
The caveats listed here describe only the serious problems. For the most current list of caveats against this release, access CIO as described in the section "Cisco Information Online" later in this document.
All the caveats listed in this section are resolved in Release 9.1(5).
- Under unknown circumstances, entering the show process command can cause the router to reload. [CSCdi09760]
- The terminal down command is rejected as an ambiguous terminal command, even though it doesn't conflict with any other terminal commands. [CSCdi10637]
- The message "SETFUNFAIL" appears on the console as an error when in fact it is an informational message that should be masked by the debug token-event command. This has been done for all of 9.1 and is already done in 9.0 for the CSC-R16M. This bug has been submitted for the CSC-2R only. [CSCdi10147]
- The user may need to defer the specification of the interface's secondary IP addresses until the interface's state has stabilized. [CSCdi09744]
- When a TCP connection has a closed window, packets containing valid ACKs are discarded if they also contain any data (since the data is outside of the window). The correct behavior is to continue to process the ACKs for segments with reasonable ACK values. This is especially a problem in the initial stages of a connection, when we send the SYN-ACK with a 0 window. If the ACK to our SYN contains data also, we will not process that ACK, and the connection never gets to ESTABLISHED state. [CSCdi05962]
- The fix for CSCdi10017 broke the hangup process. [CSCdi10351]
This section describes possibly unexpected behavior by Release 9.1(3). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(3). For additional caveats applicable to Release 9.1(3), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.
The caveats listed here describe only the serious problems. For the most current list of caveats against this release, access CIO as described in the section "Cisco Information Online" later in this document.
All the caveats listed in this section are resolved in Release 9.1(4).
- If dialer interfaces are created using the interface dialer n command, they can never be deleted from the configuration. [CSCdi07979]
- If an asynchronous interface is unnumbered, and an IP address is assigned from the EXEC, then the async interface should not be renumbered. If SLIP routing is started, but the address does not belong to the subnet that is already configured on the communication server's primary interface, the address will be rejected. [CSCdi08621]
- The active monitor of the ring is not seen at initial boot time of the router. The active monitor will be seen only if a soft error occurs on the ring. There is no workaround. [CSCdi09830]
- When using multiple addresses on a single interface from different major networks and with different sized subnet masks, sometimes an address overlap is reported where none exists. [CSCdi09104]
- Source routed IP packets which are supposed to be discarded by the system sometimes are not. Such packets are being packet switched when the local system does not appear as the next hop in the source route. These packets should never be packet switched when the user has entered the no ip source-route configuration command. This unexpected behavior can pose a security problem for sites who use this command to restrict access. Access lists can probably be used as a substitute means of restricting access. [CSCdi09517]
- When using multiple addresses on a single interface from different major networks and with different sized subnet masks, sometimes an address overlap is reported where none exists. [CSCdi09104]
- This patch allows fast switching of Frame Relay, HDLC and SMDS across both serial interfaces. [CSCdi09107]
- This behavior is caused by some octets not being transferred from one MCI card to the other. This now corrected by ensuring that all octets are properly transferred across the multibus. [CSCdi09826]
This section describes possibly unexpected behavior by Release 9.1(2). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(2). For additional caveats applicable to Release 9.1(2), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.
The caveats listed here describe only the serious problems. For the most current list of caveats against this release, access CIO as described in the section "Cisco Information Online" later in this document.
All the caveats listed in this section are resolved in Release 9.1(3).
- There is a messaging scheme whereby the Token Ring interface board can send status info to the system. There was no protection against a runaway board dominating the system with interrupts. The fix is to watch for excessive amounts of interrupts over a short period and reset the board if necessary. [CSCdi09022]
- Run from ROM software (igs-kr or igs-bprx) may not properly advertise LAT services defined in the communication server or protocol translator. [CSCdi08837]
- An "event-dismiss" error message can be encountered when debug output is being output on the console while running a bootstrap system image, such as igs-rxboot, xx-rxboot, and csc3-boot,: [CSCdi08533]
(boot)ROUTER#debug tokenring
%SYS-2-INTSCHED: event dismiss at level 4
-Process = "Exec", level= 4, pid= 11
-Traceback= A87C A8D6 1418C 9422 9EB2 15FA 304D8 70DEC
%SYS-2-INTSCHED: event dismiss at level 4
-Process = "Exec", level= 4, pid= 11
-Traceback= A87C A8D6 1418C 9422 9
- When TN3270 has a buffer of data to send which is exactly the same size as the packet that it is sending it in, the packet is sent without the TCP PUSH flag set. Some host implementations will not act on the data unless the TCP PUSH is set. Connections to these hosts can pause for the session timeout period. This will be fixed by having all TN3270 packets sent with the push flag set. [CSCdi08034]
- If the dialer string or dialer map entries in a configuration are changed, the show dialer displays incorrect values for the number of successful and failed calls. This is due to the new dialer string simply replacing the old dialer string, rather than starting a whole new entry with new statistics. [CSCdi05886]
- There is a race condition where if a show dialer command is issued after the idle timer expires, but before the call is disconnected, the output may show a large negative number. Issuing the show dialer command again will show the correct value. [CSCdi06415]
- The x25 pvc bridge number interface command is not properly stored in the router's configuration memory. [CSCdi06683]
This section describes possibly unexpected behavior by Release 9.1(1). Unless otherwise noted, these caveats apply to all 9.1 releases up to and including 9.1(1). For additional caveats applicable to Release 9.1(1), see the caveats sections for newer 9.1 releases. The caveats for newer releases precede this section.
The caveats listed here describe only the serious problems. For the most current list of caveats against this release, access CIO as described in the section "Cisco Information Online" later in this document.
All the caveats listed in this section are resolved in Release 9.1(2).
- A copy to/erase of the MC+ fails: _str_mc_write_short. There is no further information available concerning this problem. [CSCdi07314]
- When processing PCM and dual-homing connection, if the user issues a cmt disconnect command to a standby port, the CPU utilization will go very high. [CSCdi08427]
- Configuring a location string longer than 69 characters can cause the system to reload. After configuring, the system prints out a message saying that the system was configured from and gives the location. If the location is greater than 69 characters in length, it can cause a system reload. The correct behavior would be to truncate the location string. [CSCdi07834]
- TCP connections can exhibit long pauses in data delivery if the communication server is attempting to send data faster than the foreign host can use that data. This happens most often in cases of protocol translation, SDLC tunneling, remote source route bridging, and X.25 switching. [CSCdi07964]
- The data-character-bits command only works in X.25 protocol translation cases. [CSCdi05102]
- The X.25 PAD code will return a list of ALL X.3 parameters if we received an x.29 "read request" message with more than one parameter requested. This is improper, and will cause some X.25 implementations to clear the connection. [CSCdi06432]
- Issuing a clear x25-vc command for a locally switched PVC or its interface will cause the PVC to be continually RESET. The PVC may be restored to operation by shutting down the interface and re-enabling it. [CSCdi07166]
- The error message and traceback:
- is used as a diagnostic aid; although an unexpected condition was detected and reported, the operation of the system and the X.25 protocol are not affected. If this message is produced, contact technical support; include the text and traceback of this message as well as the information from the show version command. [CSCdi07238]
- If a virtual circuit is established in order to forward a packet, the packet may not be forwarded immediately on receipt of the CALL CONFIRM. [CSCdi07560]
Cisco Information Online (CIO) is Cisco Systems' primary, real-time support channel. Maintenance customers and partners can self-register on CIO to obtain additional content and services.
Available 24 hours a day, 7 days a week, CIO provides a wealth of standard and value-added services to Cisco's customers and business partners. CIO services include product information, software updates, release notes, technical tips, the Bug Navigator, configuration notes, brochures, descriptions of service offerings, and download access to public and authorized files.
CIO serves a wide variety of users through two interfaces that are updated and enhanced simultaneously--a character-based version and a multimedia version that resides on the World Wide Web (WWW). The character-based CIO (called "CIO Classic") supports Zmodem, Kermit, Xmodem, FTP, Internet e-mail, and fax download options, and is excellent for quick access to information over lower bandwidths. The WWW version of CIO provides richly formatted documents with photographs, figures, graphics, and video, as well as hyperlinks to related information.
You can access CIO in the following ways:
- WWW:
http://www.cisco.com.
- Telnet:
cio.cisco.com (198.92.32.130).
- Modem: From North America, 408 526-8070; from Europe, 33 1 64 46 40 82. Use the following terminal settings: VT100 emulation; databits: 8; parity: none; stop bits: 1; and baud rates up to 14.4 kbps.
For a copy of CIO's Frequently Asked Questions (FAQ), contact cio-help@cisco.com. For additional information, contact cio-team@cisco.com.
Note If you are a network administrator and need personal technical assistance with a Cisco product that is under warranty or covered by a maintenance contract, contact Cisco's Technical Assistance Center (TAC) at 800 553-2447, 408 526-7209, or
tac@cisco.com. To obtain general information about Cisco Systems, Cisco products, or upgrades, contact 800 553-6387, 408 526-7208, or
cs-rep@cisco.com.
The complete caveats against this release are available on UniverCD, which is the Cisco Systems library of product information on CD-ROM. On UniverCD, access the Release 9.1 Caveats in the Release 9.1 database.
