Table of Contents
Router Products Release Notes for Cisco IOS Release 11.0
Introduction
Documentation
Platform Support
Cisco IOS Packaging
Memory Requirements
New Features in Release 11.0(11) and Later 11.0 Releases
New Features in Release 11.0(10)
New Features in Release 11.0(9)
New Features in Release 11.0(8)
New Features in Release 11.0(7)
New Features in Release 11.0(6)
New Features in Release 11.0(5)
New Features in Release 11.0(4)
New Features in Release 11.0(3)
New Features in Release 11.0(2)
New Features in Release 11.0(1)
Important Notes
Caveats for Release 11.0(1) through 11.0(22a)
Caveats for Release 11.0(1) through 11.0(22)
Caveats for Release 11.0(1) through 11.0(21)
Caveats for Release 11.0(1) through 11.0(20)
Caveats for Releases 11.0(1) through 11.0(19)
Caveats for Releases 11.0(1) through 11.0(18)
Caveats for Releases 11.0(1) through 11.0(17)
Caveats for Releases 11.0(1) through 11.0(16)
Caveats for Releases 11.0(1) through 11.0(15)
Caveats for Releases 11.0(1) through 11.0(14)
Caveats for Releases 11.0(1) through 11.0(13)
Caveats for Releases 11.0(1) through 11.0(12)
Caveats for Releases 11.0(1) through 11.0(11)
Caveats for Releases 11.0(1) through 11.0(10)
Caveats for Releases 11.0(1) through 11.0(9)
Caveats for Releases 11.0(1) through 11.0(8)
Caveats for Releases 11.0(1) through 11.0(7)
Caveats for Releases 11.0(1) through 11.0(5)
Caveats for Releases 11.0(1) through 11.0(4)
Caveats for Releases 11.0(1) through 11.0(3)
Caveats for Releases 11.0(1) through 11.0(2)
Release 11.0(1) Caveats
Microcode Software
Microcode Revision History (for Cisco 7000 Series Platforms)
Route Switch Processor (RSP) Microcode Revision History
Cisco Connection Online
Documentation CD-ROM
Router Products Release Notes for Cisco IOS Release 11.0
March 19, 2001
Note Cisco IOS Release 11.0 is scheduled to go End of Engineering (EOE) July 2000. End of
Engineering refers to the date of the last scheduled maintenance release (TAC support is still
available after End of Engineering). Cisco IOS Release 11.0 will be supported through January 2001
for any Y2K issues. These release notes will be the last release notes published for Cisco IOS
Release 11.0.
These release notes describe the features and caveats for Cisco IOS Release 11.0 up to and including Release 11.0(22a). They include all routing and protocol translation features.
Cisco IOS Release 11.0(11) and all subsequent 11.0 releases are deemed "Generally Deployable." Cisco believes Release 11.0 is suitable for deployment anywhere in the network where the features and functionality of the release are required.
Introduction
These release notes discuss the following topics:
Documentation
Cisco IOS Release 11.0 router software functionality and configuration information is documented in three publications. (Release 11.0 access server software is documented separately.) Refer to these publications for complete information about using and configuring Release 11.0 software:
- Router Products Configuration Guide
- Router Products Command Reference
- Protocol Translation Configuration Guide and Command Reference
There are also five supporting documents:
- Router Products Command Summary
- Cisco Management Information Base (MIB) User Quick Reference
- System Error Messages
- Debug Command Reference
- Cisco Access Connection Guide
All these documents are available both as printed manuals and as electronic documents. The most up-to-date Cisco IOS documentation can be found on the latest Documentation CD-ROM and on the Web. The electronic documents contain updates and modifications made after the paper documents were printed.
You can access the electronic documents either on the Cisco Documentation CD-ROM, or at Cisco Connection Online (CCO) on the World Wide Web.
On the CD-ROM, within the Cisco IOS Software Configuration database, select Cisco IOS Release 11.0.
CCO is on the World Wide Web at http://www.cisco.com, http://www-europe.cisco.com, or http://www-china.cisco.com. From CCO, go to the Documentation page to find the Cisco IOS Software Configuration database. Then, select Cisco IOS Release 11.0.
Additional information about CCO and the Documentation CD-ROM is in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of these release notes.
Platform Support
You can run all Cisco IOS 11.0 Releases on these Cisco platforms, except as noted:
- Cisco 7500 series
- Cisco 7000 series
- Cisco 4000 series (Cisco 4000, 4000-M, 4500, 4500-M, 4700, and 4700-M)
(you cannot run Cisco IOS Release 11.0(1) on Cisco 4700 platforms, and
you cannot run Cisco IOS Releases 11.0(1) through 11.0(6) on Cisco 4700-M platforms)
- Cisco 3000 series (except the Cisco 3202)
- Cisco 2500 series (you cannot run Cisco IOS Releases 11.0(1) through 11.0(4) on the Cisco 2520 through 2525 platforms)
- Cisco 1003 ISDN router (you cannot run Cisco IOS Release 11.0(1) on this platform)
- Cisco 1004 ISDN router (you cannot run Cisco IOS Releases 11.0(1) or 11.0(2) on this platform)
- Cisco 1005 router (you cannot run Cisco IOS Releases 11.0(1) through 11.0(3) on this platform)
- AGS+ (with a CSC/4 processor board)
- MGS (with a CSC/4 processor board)
- CGS (with a CSC/4 processor board)
Note To use Release 11.0 features, AGS+, MGS, and CGS routers must have CSC/4 processor
cards and 9.1(8)-level (or later) system ROMs for netbooting.
Note Cisco IOS Release 11.0 is the last release supported on the Gateway Server Product Line,
specifically the AGS+/4, AGS/4, MGS/4, and CGS/4 platforms. Later releases will not run on these
platforms.
For each of the supported platforms, Release 11.0 enables your Cisco device to use certain LAN and WAN interfaces and data rates.
For a list of interfaces supported by Release 11.0 for each platform, see Table 1 and Table 2.
Table 1 summarizes the LAN interfaces supported on each platform.
Table 2 summarizes the WAN data rates and interfaces supported on each platform.
For each platform, you can use any of the interfaces or data rates labeled "Yes" in the table. Release 11.0 does not support interfaces or data rates that are not labeled "Yes."
Table 1 LAN Interfaces Supported by Router Platforms
Interface |
Cisco 7500 Series |
Cisco 7000 Series |
Cisco 4000 Series |
Cisco 3000 Series1 |
Cisco 2500 Series |
Cisco 1000 Series |
AGS+ |
MGS |
CGS |
Ethernet (AUI)
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
Ethernet (10BaseT)
|
Yes
|
Yes2
|
Yes
|
—
|
Yes (some platforms3)
|
Yes
|
Yes
|
—
|
—
|
Fast Ethernet (100BaseTX)
|
Yes
|
Yes
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
4-Mbps Token Ring
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
16-Mbps Token Ring
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
FDDI DAS
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
Yes
|
—
|
—
|
FDDI SAS
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
Yes
|
—
|
—
|
FDDI multimode
|
Yes
|
Yes
|
Yes (DAS/SAS)
|
—
|
—
|
—
|
Yes
|
—
|
—
|
FDDI single-mode
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
Yes
|
—
|
—
|
ATM Interface
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
—
|
—
|
—
|
Channel Interface Processor (CIP)
|
Yes
|
Yes
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Second-generation Channel Interface Processor (CIP2)4
|
Yes
|
Yes
|
|
—
|
—
|
—
|
—
|
—
|
—
|
Channelized E1/T1
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
—
|
—
|
—
|
|
Except the Cisco 3202.
Requires an RSP7000 card.
The Cisco 2516, 2518, 2520, 2522, and 2524 platforms support Ethernet 10BaseT. The other Cisco 2500 series platforms do not support Ethernet 10BaseT.
The second-generation Channel Interface Processor (CIP2) support was introduced in Release 11.0(10). |
Table 2 WAN Data Rates and Interfaces Supported by Router Platforms
|
Cisco 7500 Series |
Cisco 7000
Series |
Cisco 4000 Series |
Cisco 3000 Series1 |
Cisco 2500 Series |
Cisco 1003/ 1004 |
Cisco 1005 |
AGS+ |
MGS |
CGS |
Data Rate
|
|
|
|
|
|
|
|
|
|
|
48/56/64 kbps
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
1.544/2.048 Mbps
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
34/45/52 Mbps
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
—
|
Yes
|
—
|
—
|
Interface
|
|
|
|
|
|
|
|
|
|
|
EIA/TIA-232
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
-
|
-
|
X.21
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
-
|
-
|
V.35
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
-
|
-
|
EIA/TIA-449
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
-
|
-
|
EIA-530
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
—
|
-
|
-
|
EIA/TIA-613 (HSSI)
|
Yes
|
Yes
|
—
|
—
|
—
|
—
|
—
|
Yes
|
-
|
-
|
ISDN BRI
|
—
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
—
|
-
|
-
|
ISDN PRI
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
—
|
—
|
-
|
-
|
G.703/G.704
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
—
|
Yes
|
-
|
-
|
|
Cisco IOS Packaging
The Cisco IOS software is packaged into "feature sets" (also called "software images"). There are many different feature sets available, and each feature set contains a specific subset of Cisco IOS features. Not all feature sets are available with all platforms. Also, some feature sets support different features when run on different platforms.
To learn what features are available with each feature set, see tables Table 3 through Table 9 (following). These tables summarize what features you can use when running a specific feature set on a specific platform. A "Yes" in the table indicates that the feature is available in the feature set.
Table 3 summarizes the feature sets and optional licenses for the Cisco 7500 series platforms.
Table 4 summarizes the feature sets and optional licenses for the Cisco 7000 series, AGS+, MGS, and CGS platforms.
Table 5 summarizes the feature sets for the Cisco 2500 series platforms.
Table 6 lists the features sets for the Cisco 4000 series platforms.
Table 7 summarizes the software for the Cisco 3000 series platforms.
Table 8 summarizes the software for the Cisco 1003 and Cisco 1004 ISDN routers.
Table 9 summarizes the software for the Cisco 1005 router.
Table 3 Cisco 7500 Series Software Feature Sets
Feature |
Feature Set |
Enterprise |
Enterprise/ APPN |
Enterprise/CIP2 |
Enterprise/ APPN/CIP2 |
SNMP
|
Yes
|
Yes
|
Yes
|
Yes
|
Asynchronous support (SLIP)
|
Yes
|
Yes
|
Yes
|
Yes
|
Frame Relay
|
Yes
|
Yes
|
Yes
|
Yes
|
SMDS
|
Yes
|
Yes
|
Yes
|
Yes
|
X.25
|
Yes
|
Yes
|
Yes
|
Yes
|
ISDN
|
Yes
|
Yes
|
Yes
|
Yes
|
PPP
|
Yes
|
Yes
|
Yes
|
Yes
|
HDLC
|
Yes
|
Yes
|
Yes
|
Yes
|
IP
|
Yes
|
Yes
|
Yes
|
Yes
|
RIP
|
Yes
|
Yes
|
Yes
|
Yes
|
IGRP
|
Yes
|
Yes
|
Yes
|
Yes
|
Enhanced IGRP
|
Yes
|
Yes
|
Yes
|
Yes
|
OSPF
|
Yes
|
Yes
|
Yes
|
Yes
|
BGP
|
Yes
|
Yes
|
Yes
|
Yes
|
EGP
|
Yes
|
Yes
|
Yes
|
Yes
|
PIM
|
Yes
|
Yes
|
Yes
|
Yes
|
NHRP
|
Yes
|
Yes
|
Yes
|
Yes
|
ES-IS
|
Yes
|
Yes
|
Yes
|
Yes
|
IS-IS
|
Yes
|
Yes
|
Yes
|
Yes
|
Snapshot routing
|
Yes
|
Yes
|
Yes
|
Yes
|
NTP
|
Yes
|
Yes
|
Yes
|
Yes
|
Transparent bridging
|
Yes
|
Yes
|
Yes
|
Yes
|
Translational bridging
|
Yes
|
Yes
|
Yes
|
Yes
|
Multiring
|
Yes
|
Yes
|
Yes
|
Yes
|
LAN extension host
|
Yes
|
Yes
|
Yes
|
Yes
|
IPX
|
Yes
|
Yes
|
Yes
|
Yes
|
NLSP
|
Yes
|
Yes
|
Yes
|
Yes
|
IPXWAN 2.0
|
Yes
|
Yes
|
Yes
|
Yes
|
AppleTalk Versions 1 and 2
|
Yes
|
Yes
|
Yes
|
Yes
|
AURP
|
Yes
|
Yes
|
Yes
|
Yes
|
DECnet IV, V
|
Yes
|
Yes
|
Yes
|
Yes
|
Apollo Domain
|
Yes
|
Yes
|
Yes
|
Yes
|
Banyan VINES
|
Yes
|
Yes
|
Yes
|
Yes
|
ISO CLNS
|
Yes
|
Yes
|
Yes
|
Yes
|
XNS
|
Yes
|
Yes
|
Yes
|
Yes
|
SRB
|
Yes
|
Yes
|
Yes
|
Yes
|
RSRB
|
Yes
|
Yes
|
Yes
|
Yes
|
APPN
|
—
|
Yes
|
—
|
Yes
|
DLSw (RFC 1795)
|
Yes
|
Yes
|
Yes
|
Yes
|
DLSw+
|
Yes
|
Yes
|
Yes
|
Yes
|
SDLC
|
Yes
|
Yes
|
Yes
|
Yes
|
SDLLC
|
Yes
|
Yes
|
Yes
|
Yes
|
STUN
|
Yes
|
Yes
|
Yes
|
Yes
|
TG/COS
|
Yes
|
Yes
|
Yes
|
Yes
|
QLLC
|
Yes
|
Yes
|
Yes
|
Yes
|
DSPU
|
Yes
|
Yes
|
Yes
|
Yes
|
Telnet
|
Yes
|
Yes
|
Yes
|
Yes
|
AutoInstall
|
Yes
|
Yes
|
Yes
|
Yes
|
DHCP
|
Yes
|
Yes
|
Yes
|
Yes
|
Router monitoring
|
Yes
|
Yes
|
Yes
|
Yes
|
CIP
|
Yes
|
Yes
|
—
|
—
|
CIP2
|
—
|
—
|
Yes
|
Yes
|
|
Table 4 Cisco 7000 Series, AGS+, MGS, and CGS Software Feature Sets
Feature |
Feature Set |
Enterprise |
Source-Route Switch1 |
Enterprise/ APPN2 |
Enterprise/ CIP2 |
Enterprise/ APPN/CIP22 |
SNMP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Asynchronous support (SLIP)
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
Frame Relay
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
SMDS
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
X.25
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
ISDN
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
PPP
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
HDLC
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
IP
|
Yes
|
Yes (host only)
|
Yes
|
Yes
|
Yes
|
RIP
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
IGRP
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
Enhanced IGRP
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
OSPF
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
BGP
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
EGP
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
PIM
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
NHRP
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
ES-IS
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
IS-IS
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
Snapshot routing
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
NTP
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
Transparent bridging
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Translational bridging
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
Multiring
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
LAN extension host
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
IPX
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
NLSP
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
IPXWAN 2.0
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
AppleTalk Versions 1 and 2
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
AURP
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
DECnet IV, V
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
Apollo Domain
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
Banyan VINES
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
ISO CLNS
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
XNS
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
SRB
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
RSRB
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
APPN
|
—
|
—
|
Yes
|
—
|
Yes
|
DLSw (RFC 1795)
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
DLSw+
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
SDLC
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
SDLLC
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
STUN
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
TG/COS
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
QLLC
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
DSPU
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
Telnet
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
AutoInstall
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
DHCP
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
Router monitoring
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
CIP
|
Yes
|
Yes
|
Yes
|
—
|
—
|
CIP2
|
—
|
—
|
—
|
Yes
|
Yes
|
|
The Source-Route Switch feature set applies to the Cisco 7000 and Cisco 7010 only, not to the AGS+, MGS, or CGS.
The Enterprise/APPN and Enterprise/APPN/CIP2 applies to the Cisco 7000, Cisco 7010, and AGS+ only. |
Table 5 Cisco 2500 Series Software Feature Sets
Feature |
Feature Set |
|
IP |
IP/IBM Base |
IP/IPX |
IP/IPX/ IBM Base |
IP/IPX/ IBM/ APPN |
Desk- top |
Desktop/ IBM Base |
Enter- prise |
Enter- prise/ APPN |
CFRAD |
ISDN |
LAN FRAD |
SNMP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Asynchronous support (SLIP)
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
CSLIP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
ARAP
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
Frame Relay (RFC 1490)
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
SMDS
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
X.25
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
ISDN
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
—
|
PPP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
CPPP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
HDLC
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
—
|
Yes
|
IP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
RIP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
IGRP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Enhanced IGRP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
OSPF
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
BGP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
—
|
EGP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
—
|
PIM
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
—
|
NHRP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
—
|
ES-IS
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
—
|
—
|
—
|
IS-IS
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
—
|
—
|
—
|
Snapshot routing
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
—
|
NTP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
Bridging (transparent and translational)
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Multiring
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
LAN extension host
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
IPX
|
—
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
NLSP
|
—
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
IPXWAN 2.0
|
—
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
—
|
Yes
|
RTMP
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
SMRP
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
SRTP
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
—
|
—
|
—
|
AppleTalk Versions 1 and 2
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
—
|
AURP
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
—
|
DECnet IV
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
DECnet V
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
—
|
—
|
—
|
Apollo Domain
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
—
|
—
|
—
|
Banyan VINES
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
—
|
—
|
—
|
ISO CLNS
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
—
|
—
|
—
|
XNS
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
—
|
—
|
—
|
SRB
|
—
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
—
|
—
|
Yes
|
RSRB
|
—
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
APPN
|
—
|
—
|
—
|
—
|
Yes
|
—
|
—
|
—
|
Yes
|
—
|
—
|
—
|
DLSw (RFC 1795)
|
—
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
DLSw+
|
—
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
SDLC
|
—
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
SDLLC
|
—
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
STUN
|
—
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
TG/COS
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
—
|
—
|
—
|
QLLC
|
—
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
Bisync
|
—
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
DSPU
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
—
|
—
|
—
|
Protocol translation
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
—
|
—
|
—
|
TN3270
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
—
|
—
|
—
|
LAT
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
—
|
—
|
—
|
XRemote
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
—
|
—
|
—
|
Telnet
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
AutoInstall
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
DHCP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
—
|
Router monitoring
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
|
Table 6 Cisco 4000 Series Software Feature Sets
Feature |
Feature Set |
|
IP |
IP/IBM Base |
IP/IPX |
IP/IPX/ IBM Base |
IP/IPX/ IBM/ APPN |
Desktop |
Desktop/ IBM Base |
Enterprise |
Enterprise/APPN |
SNMP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Asynchronous support (SLIP)
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
ARAP
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Frame Relay (RFC 1490)
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
SMDS
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
X.25
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
ISDN
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
PPP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
HDLC
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
IP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
RIP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
IGRP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Enhanced IGRP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
OSPF
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
BGP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
EGP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
PIM
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
NHRP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
ES-IS
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
IS-IS
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
Snapshot routing
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
NTP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Bridging (transparent and translational)
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Multiring
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
LAN extension host
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
IPX
|
—
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
NLSP
|
—
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
RTMP
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
SMRP
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
SRTP
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
IPXWAN 2.0
|
—
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
AppleTalk Versions 1 and 2
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
AURP
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
DECnet IV
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
DECnet V
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
Apollo Domain
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
Banyan VINES
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
ISO CLNS
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
XNS
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
SRB
|
—
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
RSRB
|
—
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
APPN
|
—
|
—
|
—
|
—
|
Yes
|
—
|
—
|
—
|
Yes
|
DLSw (RFC 1795)
|
—
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
DLSw+
|
—
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
SDLC
|
—
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
SDLLC
|
—
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
STUN
|
—
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
TG/COS
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
QLLC
|
—
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
Bisync
|
—
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
DSPU
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
Protocol translation
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
TN3270
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
LAT
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
XRemote
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
Telnet
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
AutoInstall
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
DHCP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Router monitoring
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
|
Table 7 Cisco 3000 Series Software Feature Set
Feature |
Feature Set |
Enterprise |
SNMP
|
Yes
|
Asynchronous support (SLIP)
|
Yes
|
ARAP
|
Yes
|
Frame Relay
|
Yes
|
SMDS
|
Yes
|
X.25
|
Yes
|
ISDN
|
Yes
|
PPP
|
Yes
|
HDLC
|
Yes
|
IP
|
Yes
|
RIP
|
Yes
|
IGRP
|
Yes
|
Enhanced IGRP
|
Yes
|
OSPF
|
Yes
|
BGP
|
Yes
|
EGP
|
Yes
|
PIM
|
Yes
|
NHRP
|
Yes
|
ES-IS
|
Yes
|
IS-IS
|
Yes
|
Snapshot routing
|
Yes
|
NTP
|
Yes
|
Transparent bridging
|
Yes
|
Translational bridging
|
Yes
|
Multiring
|
Yes
|
LAN extension host
|
Yes
|
IPX
|
Yes
|
NLSP
|
Yes
|
IPXWAN 2.0
|
Yes
|
AppleTalk Versions 1 and 2
|
Yes
|
AURP
|
Yes
|
DECnet
|
Yes
|
Apollo Domain
|
Yes
|
Banyan VINES
|
Yes
|
ISO CLNS
|
Yes
|
XNS
|
Yes
|
SRB
|
Yes
|
RSRB
|
Yes
|
APPN
|
—
|
DLSw (RFC 1795)
|
Yes
|
DLSw+
|
Yes
|
SDLC
|
Yes
|
SDLLC
|
Yes
|
STUN
|
Yes
|
TG/COS
|
Yes
|
QLLC
|
Yes
|
Bisync
|
Yes
|
DSPU
|
Yes
|
AutoInstall
|
Yes
|
Telnet
|
Yes
|
Protocol translation
|
Yes
|
TN3270
|
Yes
|
LAT
|
Yes
|
XRemote
|
Yes
|
DHCP
|
Yes
|
Router monitoring
|
Yes
|
|
Table 8 Cisco 1003 and Cisco 1004 ISDN Routers Software Feature Sets
Feature |
Feature Set |
IP |
IP/IPX/AT |
IP/AT |
IP/IPX |
SNMP
|
Yes
|
Yes
|
Yes
|
Yes
|
Asynchronous support (SLIP)
|
—
|
—
|
—
|
—
|
ARAP
|
—
|
—
|
—
|
—
|
Frame Relay (RFC 1490)
|
—
|
—
|
—
|
—
|
SMDS
|
—
|
—
|
—
|
—
|
X.25
|
—
|
—
|
—
|
—
|
ISDN
|
Yes
|
Yes
|
Yes
|
Yes
|
PPP
|
Yes
|
Yes
|
Yes
|
Yes
|
HDLC
|
Yes
|
Yes
|
Yes
|
Yes
|
IP
|
Yes
|
Yes
|
Yes
|
Yes
|
RIP
|
Yes
|
Yes
|
Yes
|
Yes
|
IGRP
|
Yes
|
Yes
|
Yes
|
Yes
|
Enhanced IGRP
|
Yes
|
Yes
|
Yes
|
Yes
|
OSPF
|
—
|
—
|
—
|
—
|
BGP
|
—
|
—
|
—
|
—
|
EGP
|
—
|
—
|
—
|
—
|
PIM
|
—
|
—
|
—
|
—
|
NHRP
|
—
|
—
|
—
|
—
|
ES-IS
|
—
|
—
|
—
|
—
|
IS-IS
|
—
|
—
|
—
|
—
|
Snapshot routing
|
Yes
|
Yes
|
Yes
|
Yes
|
NTP
|
—
|
—
|
—
|
—
|
Bridging (transparent)
|
Yes
|
Yes
|
Yes
|
Yes
|
Multiring
|
—
|
—
|
—
|
—
|
LAN extension host
|
—
|
—
|
—
|
—
|
IPX
|
—
|
Yes
|
—
|
Yes
|
NLSP
|
—
|
—
|
—
|
—
|
IPXWAN 2.0
|
—
|
Yes
|
—
|
Yes
|
AppleTalk Versions 1 and 2
|
—
|
Yes
|
Yes
|
—
|
AURP
|
—
|
—
|
—
|
—
|
DECnet IV
|
—
|
—
|
—
|
—
|
DECnet V
|
—
|
—
|
—
|
—
|
Apollo Domain
|
—
|
—
|
—
|
—
|
Banyan VINES
|
—
|
—
|
—
|
—
|
ISO CLNS
|
—
|
—
|
—
|
—
|
XNS
|
—
|
—
|
—
|
—
|
SRB
|
—
|
—
|
—
|
—
|
RSRB
|
—
|
—
|
—
|
—
|
DLSw (RFC 1795)
|
—
|
—
|
—
|
—
|
DLSw+
|
—
|
—
|
—
|
—
|
SDLC
|
—
|
—
|
—
|
—
|
SDLLC
|
—
|
—
|
—
|
—
|
STUN
|
—
|
—
|
—
|
—
|
TG/COS
|
—
|
—
|
—
|
—
|
QLLC
|
—
|
—
|
—
|
—
|
DSPU
|
—
|
—
|
—
|
—
|
Protocol translation
|
—
|
—
|
—
|
—
|
TN3270
|
—
|
—
|
—
|
—
|
LAT
|
—
|
—
|
—
|
—
|
XRemote
|
—
|
—
|
—
|
—
|
Telnet
|
Yes
|
Yes
|
Yes
|
Yes
|
AutoInstall
|
—
|
—
|
—
|
—
|
ClickStart
|
Yes
|
Yes
|
Yes
|
Yes
|
Router monitoring
|
Yes
|
Yes
|
Yes
|
Yes
|
DHCP
|
—
|
—
|
—
|
—
|
|
Table 9 Cisco 1005 Router Software Feature Sets
Feature |
Feature Set |
IP |
IP/IPX |
IP/IPX/ X25 |
IP/AT |
IP/AT/ X25 |
IP/IPX/ AT |
IP/IPX/ AT/X25 |
IP/OSPF/ PIM |
IP/IPX/ Async |
IP/ Async |
SNMP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Asynchronous support (SLIP)
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
Yes
|
ARAP
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Frame Relay (RFC 1490)
|
Yes
|
Yes
|
—
|
Yes
|
—
|
Yes
|
—
|
Yes
|
—
|
—
|
SMDS
|
Yes
|
Yes
|
—
|
Yes
|
—
|
Yes
|
—
|
Yes
|
—
|
—
|
X.25
|
Yes
|
—
|
Yes
|
—
|
Yes
|
—
|
Yes
|
Yes
|
—
|
—
|
ISDN
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
PPP
|
Yes
|
Yes
|
—
|
Yes
|
—
|
Yes
|
—
|
Yes
|
Yes
|
Yes
|
HDLC
|
Yes
|
Yes
|
—
|
Yes
|
—
|
Yes
|
—
|
Yes
|
—
|
—
|
IP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
RIP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
IGRP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Enhanced IGRP
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
OSPF
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
—
|
—
|
BGP
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
EGP
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
PIM
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Yes
|
—
|
—
|
NHRP
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
ES-IS
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
IS-IS
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Snapshot routing
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
NTP
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Bridging (transparent)
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
—
|
Multiring
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
LAN extension host
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
IPX
|
—
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
—
|
NLSP
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
IPXWAN 2.0
|
—
|
Yes
|
Yes
|
Yes
|
—
|
Yes
|
Yes
|
—
|
Yes
|
—
|
AppleTalk Versions 1 and 2
|
—
|
—
|
—
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
—
|
—
|
AURP
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
DECnet IV
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
DECnet V
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Apollo Domain
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Banyan VINES
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
ISO CLNS
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
XNS
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Source-route bridging/ remote source-route bridging
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
DLSw (RFC 1795)
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
DLSw+
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
SDLC
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
SDLLC
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
STUN
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
TG/COS
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
QLLC
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
DSPU
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Protocol translation
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
TN3270
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
LAT
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
XRemote
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Telnet
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
AutoInstall
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
—
|
—
|
ClickStart
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
DHCP
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
Router monitoring
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
|
Memory Requirements
Beginning with Cisco IOS Release 10.3, some software image (feature set) sizes exceed 4 MB and, when compressed, exceed 2 MB. Also, some systems now require more than 1 MB of main system memory for data structure tables.
For Cisco routers to take advantage of the Release 11.0 features, you need to have the code or main system memory as listed in Table 10. If you do not, you must upgrade your memory. Some platforms have specific chip or architecture requirements that affect what can be upgraded and in what increments.
The memory requirements listed in Table 10 are minimum requirements. Your specific hardware configuration and the software features you chose to deploy could require you to have more memory.
Notes:
- To use Release 11.0 features, AGS+, MGS, and CGS routers must have CSC/4 processor cards and 9.1(8)-level (or later) system ROMs for netbooting.
- The AGS+ platform running the Enterprise/APPN feature set cannot be booted from Flash memory; an upgrade to 8 MB boot ROMs is required.
- For the Cisco 7000 and 7010 routers to recognize Flash memory cards, 11.0 boot ROMs (or later) are required.
Table 10 Release 11.0 Memory Requirements
Hardware Platform |
Minimum Required Code Memory |
Required Main Memory |
Release 11.0Runs from |
Cisco 1003 and Cisco 1004 ISDN Routers
|
|
|
|
|
IP Set
|
2/4/8 MB optional Flash
|
4 MB RAM
|
|
RAM
|
IP/IPX/AT Set
|
2/4/8 MB optional Flash
|
8 MB RAM
|
|
RAM
|
IP/AT Set
|
2/4/8 MB optional Flash
|
4 MB RAM
|
|
RAM
|
IP/IPX Set
|
2/4/8 MB optional Flash
|
4 MB RAM
|
|
RAM
|
Cisco 1005 Router
|
|
|
|
|
IP Set
|
2/4/8 MB optional Flash
|
4 MB RAM
|
|
RAM
|
IP/IPX Set
|
2/4/8 MB optional Flash
|
4 MB RAM
|
|
RAM
|
IP/IPX/X25 Set
|
2/4/8 MB optional Flash
|
4 MB RAM
|
|
RAM
|
IP/AT Set
|
2/4/8 MB optional Flash
|
4 MB RAM
|
|
RAM
|
IP/AT/X25 Set
|
2/4/8 MB optional Flash
|
4 MB RAM
|
|
RAM
|
IP/IPX/AT Set
|
2/4/8 MB optional Flash
|
8 MB RAM
|
|
RAM
|
IP/IPX/AT/X25 Set
|
2/4/8 MB optional Flash
|
8 MB RAM
|
|
RAM
|
IP/OSPF/PIM Set
|
2/4/8 MB optional Flash
|
4 MB RAM
|
|
RAM
|
IP/IPX/Async Set
|
2/4/8 MB optional Flash
|
4 MB RAM
|
|
RAM
|
IP/Async Set
|
2/4/8 MB optional Flash
|
4 MB RAM
|
|
RAM
|
Cisco 2500 Series
|
|
|
|
|
IP Set
|
4 MB Flash
|
2 MB RAM1
|
|
Flash
|
IP/IBM Set
|
8 MB Flash
|
4 MB RAM
|
|
Flash
|
IP/IPX Set
|
4 MB Flash
|
4 MB RAM
|
|
Flash
|
IP/IPX/IBM Set
|
8 MB Flash
|
4 MB RAM
|
|
Flash
|
IP/IPX/IBM/APPN Set
|
8 MB Flash
|
8 MB RAM
|
|
Flash
|
Desktop Set
|
8 MB Flash
|
4 MB RAM
|
|
Flash
|
Desktop/IBM Set
|
8 MB Flash
|
4 MB RAM
|
|
Flash
|
Enterprise Set
|
8 MB Flash
|
6 MB RAM
|
|
Flash
|
Enterprise/APPN Set
|
8 MB Flash
|
8 MB RAM
|
|
Flash
|
Cisco Frame Relay Access Device (CFRAD) Set
|
4 MB Flash
|
2 MB RAM
|
|
Flash
|
ISDN Set
|
4 MB Flash
|
4 MB RAM
|
|
Flash
|
LAN FRAD Set
|
8 MB Flash
|
4 MB RAM
|
|
Flash
|
Cisco 2501CF, Cisco 2502CF, Cisco 2520CF, Cisco 2521CF
|
|
|
|
|
CFRAD Set
|
4 MB Flash
|
2 MB RAM
|
|
Flash
|
Cisco 2522CF, Cisco 2523CF
|
|
|
|
|
CFRAD Set
|
4 MB Flash
|
4 MB RAM
|
|
Flash
|
Cisco 3101, Cisco 3102, Cisco 3103
Enterprise Set
|
8 MB Flash
|
4 MB RAM
|
|
Flash
|
4 MB Flash
|
16 MB RAM
|
|
RAM
|
Cisco 3104, Cisco 3204
Enterprise Set
|
8 MB Flash
|
4 MB RAM
|
|
Flash
|
4 MB Flash
|
8 MB RAM
|
|
RAM
|
Cisco 4000, Cisco 4000-M
|
|
Cisco 4000
|
Cisco 4000-M
|
|
IP Set
|
4 MB Flash
|
16 MB RAM
|
8 MB RAM
|
RAM
|
IP/IBM Set
|
4 MB Flash
|
16 MB RAM
|
8 MB RAM
|
RAM
|
IP/IPX Set
|
4 MB Flash
|
16 MB RAM
|
8 MB RAM
|
RAM
|
IP/IPX/IBM Set
|
4 MB Flash
|
16 MB RAM
|
8 MB RAM
|
RAM
|
IP/IPX/IBM/APPN Set
|
4 MB Flash
|
16 MB RAM
|
16 MB RAM
|
RAM
|
Desktop Set
|
4 MB Flash
|
16 MB RAM
|
8 MB RAM
|
RAM
|
Desktop/IBM Set
|
4 MB Flash
|
16 MB RAM
|
8 MB RAM
|
RAM
|
Enterprise Set
|
4 MB Flash
|
16 MB RAM
|
16 MB RAM
|
RAM
|
Enterprise/APPN Set
|
4 MB Flash
|
16 MB RAM
|
16 MB RAM
|
RAM
|
Cisco 4500, Cisco 4500-M
|
|
Cisco 4500
|
Cisco 4500-M
|
|
IP Set
|
4 MB Flash
|
8 MB RAM
|
8 MB RAM2
|
RAM
|
IP/IBM Set
|
4 MB Flash
|
32 MB RAM
|
16 MB RAM
|
RAM
|
IP/IPX Set
|
4 MB Flash
|
8 MB RAM
|
8 MB RAM2
|
RAM
|
IP/IPX/IBM Set
|
4 MB Flash
|
32 MB RAM
|
16 MB RAM
|
RAM
|
IP/IPX/IBM/APPN Set
|
4 MB Flash
|
32 MB RAM
|
16 MB RAM
|
RAM
|
Desktop Set
|
4 MB Flash
|
32 MB RAM
|
16 MB RAM
|
RAM
|
Desktop/IBM Set
|
4 MB Flash
|
32 MB RAM
|
16 MB RAM
|
RAM
|
Enterprise Set
|
4 MB Flash
|
32 MB RAM
|
16 MB RAM
|
RAM
|
Enterprise/APPN Set
|
4 MB Flash
|
32 MB RAM
|
16 MB RAM
|
RAM
|
Cisco 4700, Cisco 4700-M
|
|
|
|
|
IP Set
|
4 MB Flash
|
16 MB RAM
|
|
RAM
|
IP/IBM Set
|
4 MB Flash
|
16 MB RAM
|
|
RAM
|
IP/IPX Set
|
4 MB Flash
|
16 MB RAM
|
|
RAM
|
IP/IPX/IBM Set
|
4 MB Flash
|
16 MB RAM
|
|
RAM
|
IP/IPX/IBM/APPN Set
|
4 MB Flash
|
16 MB RAM
|
|
RAM
|
Desktop Set
|
4 MB Flash
|
16 MB RAM
|
|
RAM
|
Desktop/IBM Set
|
4 MB Flash
|
16 MB RAM
|
|
RAM
|
Enterprise Set
|
4 MB Flash
|
16 MB RAM
|
|
RAM
|
Enterprise/APPN Set
|
4 MB Flash
|
16 MB RAM
|
|
RAM
|
Cisco 7000, Cisco 7010
|
|
|
|
|
IP Set
|
8 MB Flash
|
16 MB RAM
|
|
RAM
|
IP/IPX/IBM Set
|
8 MB Flash
|
16 MB RAM
|
|
RAM
|
IP/IPX/IBM/APPN Set
|
8 MB Flash
|
16 MB RAM
|
|
RAM
|
Desktop/IBM Set
|
8 MB Flash
|
16 MB RAM
|
|
RAM
|
Enterprise Set
|
8 MB Flash memory card
|
16 MB RAM
|
|
RAM
|
Enterprise/APPN Set
|
8 MB Flash
|
16 MB RAM
|
|
RAM
|
Enterprise/CIP2 Set
|
8 MB Flash memory card
|
16 MB RAM
|
|
RAM
|
Enterprise/APPN/CIP2 Set
|
8 MB Flash
|
16 MB RAM
|
|
RAM
|
Source Route Switch
|
4 MB Flash
|
16 MB RAM
|
|
RAM
|
AGS+, MGS, CGS
|
|
|
|
|
Enterprise Set (AGS+)
|
4 MB Flash (optional)
|
16 MB RAM
|
|
RAM
|
Enterprise/APPN Set (AGS+)
|
—
|
16 MB RAM
|
|
RAM
|
Enterprise/CIP2 Set (AGS+)
|
4 MB Flash (optional)
|
16 MB RAM
|
|
RAM
|
Enterprise/APPN/CIP2 Set (AGS+)
|
—
|
16 MB RAM
|
|
RAM
|
Cisco 7500 series,
RSP7000
|
|
|
|
|
IP Set
|
8 MB Flash
|
16 MB RAM
|
|
RAM
|
IP/IPX/IBM Set
|
8 MB Flash
|
16 MB RAM
|
|
RAM
|
IP/IPX/IBM/APPN Set
|
8 MB Flash
|
16 MB RAM
|
|
RAM
|
Desktop/IBM Set
|
8 MB Flash
|
16 MB RAM
|
|
RAM
|
Enterprise Set
|
8 MB Flash memory card
|
16 MB RAM3
|
|
RAM
|
Enterprise/APPN Set
|
8 MB Flash memory card
|
16 MB RAM3
|
|
RAM
|
Enterprise/CIP2 Set
|
8 MB Flash memory card
|
16 MB RAM3
|
|
RAM
|
Enterprise/APPN/CIP2 Set
|
8 MB Flash memory card
|
16 MB RAM3
|
|
RAM
|
Cisco 7505
|
|
|
|
|
Enterprise Set
|
8 MB Flash memory card
|
16 MB RAM3
|
|
RAM
|
Enterprise/APPN Set
|
8 MB Flash memory card
|
16 MB RAM3
|
|
RAM
|
Enterprise/CIP2 Set
|
8 MB Flash memory card
|
16 MB RAM3
|
|
RAM
|
Enterprise/APPN/CIP2 Set
|
8 MB Flash memory card
|
16 MB RAM3
|
|
RAM
|
|
For Cisco 2500 access servers (Cisco 2509-2512) and for Cisco 2520-2523 platforms, 4 MB DRAM is the minimum recommended.
The Cisco 4500-M requires 16 MB DRAM when an MBRI, NP-CT1, or NP-CE1 Network Processor Module is installed in the chassis.
The minimum recommended main memory is 24 MB for most applications. |
New Features in Release 11.0(11) and Later 11.0 Releases
There are no new features added in Release 11.0(11) or in later 11.0 releases. Cisco IOS Release 11.0(11) and later 11.0 releases are considered Generally Deployable (GD). To maintain the stability required in a GD release, no new features are added.
New Features in Release 11.0(10)
Note The first few maintenance releases of each new Cisco IOS software release may deliver
additional new features. When deciding whether to deploy a new release, you should weigh the
importance you place on maximizing product capability versus maximizing operational stability. An
early release of software should always be tried in a test network before being deployed in a
production network.
The following enhancements were added to Release 11.0(10):
New Feature Sets for CIP2
Cisco IOS Release 11.0(10) supports four new feature sets— two for the Cisco 7000 series and two for the Cisco 7500 series routers. The new feature sets include support for the second-generation Channel Interface Processor (CIP2). All other feature sets that do not include "CIP2" in their names (refer to Table 3 and Table 4 ) support the original CIP card. The new feature sets on both platforms are
- Enterprise/CIP2
- Enterprise/APPN/CIP2
The CIP2 card is the follow-on product to the original CIP card. The CIP2 card provides increases in performance, capacity, reliability, and serviceability.
The CIP2 card includes the following improvements over the original CIP:
- A secondary processor cache (providing a 50% performance increase)
- Increased memory options (CIP2 memory configurations come in 32 MB, 64 MB, and 128 MB)
- An on-board boot Flash, which is software upgradable (allowing upgrades to the boot microcode without physical replacement of parts)
The CIP2 card operates with the CxBus in the Cisco 7000 series routers with either of the following processor types:
- Route Processor (RP) and Switch Processor (SP) (or Silicon Switch Processor [SSP]) combination
- Cisco 7000 Series Route Switch Processor (RSP7000) and Cisco 7000 Series Chassis Interface (RSP7000CI) combination
The Enterprise/CIP2 image or Enterprise/APPN/CIP2 image is required if you will be using the CIP2 card.
Note Second-generation Channel Interface Processor (CIP2) microcode was introduced in
Release 11.0(10).
New Features in Release 11.0(9)
No new features were added in Release 11.0(9).
New Features in Release 11.0(8)
The following enhancements were added to Release 11.0(8):
New Feature Sets for Cisco 1005
Cisco IOS Release 11.0(8) supports three new Cisco 1005 feature sets:
- IP/OSPF/PIM
- IP/Async
- IP/IPX/Async
Refer to Table 9 for a list of features included in each of these sets.
UDP Turbo Flooding for Cisco 7500
User Datagram Protocol (UDP) datagram "turbo" flooding can be used on RSP systems (Cisco 7500 series and RSP7000). Previously, this feature was only supported on Cisco 7000 series routers.
New Features in Release 11.0(7)
The following enhancement was added to Release 11.0(7):
Support for the Cisco 4700-M Router
Release 11.0 now includes support for the Cisco 4700-M router. You can run Release 11.0(7) and later 11.0 releases on the Cisco 4700-M router.
New Features in Release 11.0(6)
Note Cisco IOS Release 11.0(6) consists of software feature-set images for the Cisco 1003,
Cisco 1004, and Cisco 1005 platforms only. All feature-set images for these routers are available. A
complete set of images for all platforms supported by Release 11.0 is available in Cisco IOS
Release 11.0(7) and later.
The following enhancements were added to Release 11.0(6):
Channel Service Unit/Data Service Unit (CSU/DSU) Management Information Base (MIB)
A new Cisco-proprietary MIB for integrated CSU/DSU is available in Release 11.0(6) and later. This MIB is available for use with the Cisco 2524 and Cisco 2525 products, and is for T1 and switched 56-kbps interfaces. It enables network managers to retrieve line statistics and CSU/DSU configuration data.
Support for the Cisco RSP7000
The RSP7000 provides an upgrade in the Cisco 7000 series routers to an integrated Route Switch Processor (RSP), which was previously only available with Cisco 7500 series routers. RSP combines the switched routing and high-speed switching functions of the separate Route Processor (RP) and Switch Processor (SP), making obsolete the need for two separate processor units.
RSP7000 functionality is similar to a Cisco 7505 with RSP1, except that CyBus is not supported. CIP, FEIP, and VIP (CyBus interface processors) operate in CxBus mode.
New Configuration Tool - ClickStart
ClickStart allows you to use a standard web browser, such as Netscape or Mosaic, to configure and monitor a Cisco router. You can use ClickStart to configure a Cisco 1003 or Cisco 1004 router that has one Ethernet and one BRI (ISDN) interface. You configure the router to dial your Internet service provider, and your Internet service provider supplies an ISDN connection to the Internet. You can also use ClickStart to monitor any Cisco router that is running Cisco IOS Release 11.0(6) or later.
If you have a Cisco 1003 or Cisco 1004 router, you can automatically use ClickStart to monitor your router.
If you have any other Cisco router, you must enable ClickStart before you can use it to monitor your router. To do this, follow this procedure:
1. To enable ClickStart, use the ip http server global configuration command.
2. By default, ClickStart uses port 80 to communicate with the router. If you want to configure a different port, use the ip http port number global configuration command. number is the number of the port you want to use for ClickStart.
New Features in Release 11.0(5)
The following enhancements were added to Release 11.0(5):
AAL3/4 E3/DS3 for Cisco 4500 and Cisco 4700 ATM NIM
Asynchronous Transfer Mode (ATM) is supported on the Cisco 4500 and Cisco 4700 routers, using the Cisco ATM Network Interface Module (NIM) cards. The ATM adaptation layer 3/4 (AAL3/4), and additional NIM variants for use with E3/DS3 services are supported in Release 11.0(5). ATM on the Cisco 4500 and Cisco 4700 routers is configured differently from that on the Cisco 7000 routers. Refer to the Router Products Configuration Guide for configuration information.
Support for the Cisco 2520, Cisco 2521, Cisco 2522, and Cisco 2523
The Cisco 2520 through Cisco 2523 models merge router and communication server features to serve access and telecommuting requirements in a single platform. WAN aggregation, telecommuting, branch office, and IBM protocol applications are well-suited to these new Cisco devices.
The interfaces available in each model are shown as follows:
Cisco 2520
|
1 Ethernet, 2 high-speed synchronous serial, 2 low-speed synchronous/asynchronous serial, 1 ISDN BRI
|
Cisco 2521
|
1 Token Ring, 2 high-speed synchronous serial, 2 low-speed synchronous/asynchronous serial, 1 ISDN BRI
|
Cisco 2522
|
1 Ethernet, 2 high-speed synchronous serial, 8 low-speed synchronous/asynchronous serial, 1 ISDN BRI
|
Cisco 2523
|
1 Token Ring, 2 high-speed synchronous serial, 8 low-speed synchronous/asynchronous serial, 1 ISDN BRI
|
The low-speed serial interfaces (maximum speed 115.2 kbps) are capable of supporting both synchronous and asynchronous protocols.
Support for the Cisco 2524 and Cisco 2525
The Cisco 2524 and Cisco 2525 routers eliminate the need for a separate terminal adapter on the ISDN line, or separate channel service unit/data service units (CSU/DSUs) on the synchronous serial WAN interfaces.
These platforms support a removable BRI or BRI with integrated NT1 interface, a LAN interface (either Ethernet or Token Ring), and two WAN interface slots.
New commands have been added to the Cisco IOS software to support the Cisco 2423 and Cisco 2525.
The Cisco 2524 and Cisco 2525 support RFC 1406, Definitions of Managed Objects for the DS1 and E1 Interface Types.
Cisco IOS Release 11.0(5) also supports the Cisco 2524 and Cisco 2525 routers.
Note The Cisco 2524 and Cisco 2525 require a minimum 11.0(5)-level boot ROM.
LAN Frame Relay Access Device (FRAD) Feature Set
The LAN FRAD feature set is supported on the Cisco 2501, Cisco 2502, Cisco 2520, Cisco 2521, Cisco 2522, and Cisco 2523.
Leased Line via ISDN BRI
An ISDN Basic Rate Interface (BRI) can be used as an alternate method of accessing leased lines provided by digital communication service providers. The interface can provide any combination of one 16K (D channel) or two 64K (B channel) leased lines. No signaling or call setup is required.
In some locations, data communications service providers offer leased-line service over the ISDN physical connection. With this service, there is no call setup or teardown required. Data is placed on the ISDN interface in much the same way a leased line connected to a serial port is used.
The leased-line interface supports all commands that a normal serial leased-line interface supports, with the exception of the commands affecting the physical layer. To use this feature, your Cisco router must contain a minimum of one BRI. The command isdn leased-line is added.
New Features in Release 11.0(4)
The following enhancements were added to Release 11.0(4):
Support for the Cisco 1005
The Cisco 1005 synchronous serial router connects small, remote Ethernet LANs to WANs over leased lines, Frame Relay, Switched Multimegabit Data Service (SMDS), Switched-56, and X.25.
New Feature Sets for Cisco 1003 and Cisco 1004 ISDN Routers
Two new feature sets are available:
- IP/AppleTalk (IP/AT)
- IP/IPX
Payload Compression for Frame Relay
This feature allows payload compression of data within Frame Relay packets. Compression is performed on a packet-by-packet basis, yielding a compression ratio of approximately 1.5 to 1, depending on the packet and data characteristics. The command frame-relay payload-compress packet-by-packet is added.
Standard Serial Interface Processor and Service Provider MultiChannel Interface Processor on the Cisco 7000 Series
The Cisco 7000 series now supports the Standard Serial Interface Processor (SSIP) and Service Provider MultiChannel Interface Processor (SMIP).
New Features in Release 11.0(3)
The following enhancements were added to Release 11.0(3):
Support for the Channel Interface Processor (CIP) on the Cisco 7500 Series
Support for IBM channel attach is provided on the Cisco 7500 series routers by the Cisco Channel Interface Processor (CIP) and an appropriate interface adapter card. With a CIP and the ESCON Channel Adapter (ECA) or bus-and-tag Parallel Channel Adapter (PCA), a Cisco 7500 series router can be directly connected to a mainframe. This direct connection replaces the function of an IBM 3172 interconnect controller with no loss in LAN-to-channel connectivity, thus enabling mainframe application and peripheral access from LAN-based workstations. Cisco IOS software supports TCP/IP mainframe protocol environments for the IBM MVS and VM operating systems, including the TCP/IP-based applications Telnet, FTP, SMTP, and NFS.
Dynamic Address Mapping for IPX over SMDS
The new smds glean command dynamically creates SMDS address to higher-level protocol address mappings from incoming packets. Therefore the need for static map configuration for the IPX protocol is optional rather than mandatory. However, static map configurations will override the dynamic maps configurations.
IP Address Pooling Changes
IP address pooling provides a pool of IP addresses from which an incoming interface can provide an IP address to a remote node through the IP Control Protocol (IPCP) address negotiation process. In Cisco IOS Release 11.0(3), the IP address pooling feature is enhanced to allow configuration of a global default address pooling mechanism, a per-interface configuration of the mechanism to use, and a per-interface configuration of a specific address or pool name to use. Cisco IOS Release 11.0(3) also enhances the flexibility of configuration by allowing multiple types of pooling to be active simultaneously.
ISDN B-Channel Setup and Teardown
Previously, an idle timeout was used to determine when to tear down (drop) an ISDN B channel. If there was no traffic on a B channel for the idle timeout period, the B channel would be dropped. Various methods, including "round robin" or "shortest queue" methods, were used to determine when to set up a B channel (depending on the hardware platform in use).
ISDN B channels are now set up or torn down based on the amount of aggregate traffic loading across all active B channels. A new B channel will be set up if the aggregate load exceeds a maximum value for a timeout period. A B channel will be disconnected if the aggregate load drops below a minimum value for a timeout period.
The maximum load value is equal to 64K*N*(load-threshold/255), and the minimum load value is equal to 64K*(N-1)*(load-threshold/255), where N is the number of currently open B channels, and load-threshold is a configurable value.
Multilink PPP
Cisco IOS Release 11.0(3) supports Multilink Point-to-Point Protocol over single or multiple ISDN interfaces. This feature provides load balancing functionality over multiple WAN links, while also providing multivendor interoperability, packet fragmentation and proper sequencing, and load calculation on both inbound and outbound traffic. This feature allows users to specify a load threshold for a link to a given IP address. When the traffic load surpasses that threshold, additional point-to-point links come up. Packets are then sent over all of the links. Cisco's implementation of Multilink PPP supports the fragmentation and packet sequencing specifications in RFC 1717.
Multivendor Flash SIMM Support
With Release 11.0(3), you can use Flash SIMMs from multiple vendors, as long as the total size of each SIMM is equal (if both slots are used, where available), and the SIMMs are installed in one of the combinations shown in Table 11 (for Cisco 2500 series, Cisco 4000-M, Cisco 4500, and Cisco 4700 platforms) or Table 12 (for the AccessPro PC card and Cisco 2517 router).
Multivendor Flash support is restricted to platforms that use Rxboot Version 10.2(7a) or later, and Cisco IOS Release 10.2(8), 10.3(6), or 11.0(3) or later. Currently, the Cisco 3000 series and Cisco 4000 series platforms do not support the multivendor Flash feature.
Cisco 2500 series routers (non AccessPro) and the Cisco 4500 and Cisco 4700 routers have two slots for Flash SIMMs. Table 11 provides the supported SIMM configurations.
Table 11 Flash SIMM Support for the Cisco 2500 Series Platforms, and the Cisco 4000-M, Cisco 4500, and Cisco 4700
SIMM Size |
Vendor |
Flash Bank |
Considerations |
4 MB
|
Intel (1Mbx8)
|
Single
|
None
|
4 MB/4 MB
|
Intel/Intel (1Mbx8)
|
Dual
|
None
|
4 MB/4 MB
|
Intel/AMD (1Mbx8)
|
Dual
|
This configuration requires Rxboot Version 10.2(7a) or later. It also requires one of the following Cisco IOS releases:
- 11.0(3) or later
- 10.3(6) or later
- 10.2(8) or later
|
8 MB
|
Intel (2Mbx8)
|
Single
|
This configuration requires Rxboot Version 10.2(7a) or later. It also requires one of the following Cisco IOS releases:
- 11.0(1) or later
- 10.3(1) or later
- 10.2(2) or later
- 10.0(6) or later
|
8 MB/8 MB
|
Intel/Intel (2Mbx8)
|
Dual
|
This configuration requires Rxboot Version 10.2(7a) or later. It also requires one of the following Cisco IOS releases:
- 11.0(1) or later
- 10.3(1) or later
- 10.2(2) or later
- 10.0(6) or later
|
8 MB/8 MB
|
Intel/AMD (2Mbx8)
|
Dual
|
This configuration requires Rxboot Version 10.2(7a) or later. It also requires one of the following Cisco IOS releases:
- 11.0(3) or later
- 10.3(6) or later
- 10.2(8) or later
|
4 MB
|
AMD (1Mbx8)
|
Single
|
This configuration requires Rxboot Version 10.2(7a) or later. It also requires one of the following Cisco IOS releases:
- 10.0(11) or later
- 10.2(7) or later
- 10.3(4) or later
|
4 MB/4 MB
|
AMD/AMD (1Mbx8)
|
Dual
|
This configuration requires Rxboot Version 10.2(7a) or later. It also requires one of the following Cisco IOS releases:
- 10.0(11) or later
- 10.2(7) or later
- 10.3(4) or later
|
8 MB
|
AMD (2Mbx8)
|
Single
|
This configuration requires Rxboot Version 10.2(7a) or later. It also requires one of the following Cisco IOS releases:
- 10.0(11) or later
- 10.2(7) or later
- 10.3(4) or later
|
8 MB/8 MB
|
AMD/AMD (2Mbx8)
|
Dual
|
This configuration requires Rxboot Version 10.2(7a) or later. It also requires one of the following Cisco IOS releases:
- 10.0(11) or later
- 10.2(7) or later
- 10.3(4) or later
|
|
The AccessPro PC card has one slot for a Flash SIMM. Table 12 provides the supported SIMM configurations.
Table 12 AccessPro PC Card and Cisco 2517 Flash SIMM Support
SIMM Size |
Vendor |
Flash Bank |
Considerations |
4 MB
|
Intel (1Mbx8)
|
Single
|
None
|
8 MB
|
Intel (2Mbx8)
|
Single
|
This configuration requires Rxboot Version 10.2(7a) or later. It also requires one of the following Cisco IOS releases:
- 11.0(1) or later
- 10.3(1) or later
- 10.2(2) or later
- 10.0(6) or later
|
8 MB
|
Intel (1Mbx8)
|
Dual
|
None
|
16 MB
|
Intel (2Mbx8)
|
Dual
|
This configuration requires Rxboot Version 10.2(7a) or later. It also requires one of the following Cisco IOS releases:
- 11.0(1) or later
- 10.3(1) or later
- 10.2(2) or later
- 10.0(6) or later
|
4 MB
|
AMD (1Mbx8)
|
Single
|
This configuration requires Rxboot Version 10.2(7a) or later. It also requires one of the following Cisco IOS releases:
- 10.0(11) or later
- 10.2(7) or later
- 10.3(4) or later
|
8 MB
|
AMD (2Mbx8)
|
Single
|
This configuration requires Rxboot Version 10.2(7a) or later. It also requires one of the following Cisco IOS releases:
- 10.0(11) or later
- 10.2(7) or later
- 10.3(4) or later
|
|
PPP Callback
Cisco IOS Release 11.0(3) supports PPP callback, which provides a client-server relationship between the end points of a point-to-point serial connection. PPP callback allows a router to request that a dial-up peer router call back. The callback feature can be used to control access and toll costs between the routers. This feature is a partial implementation of the PPP Callback specifications in RFC 1570.
SSE Switching of Input Access Lists
Beginning with Cisco IOS Release 11.0(3), input access lists are supported under silicon switching.
Support for the Cisco 1004 ISDN Router
The Cisco 1004 is an ISDN router similar to the Cisco 1003. The Cisco 1003 has a B interface that is connected to an NT1, which is connected to the phone company's ISDN line. The Cisco 1004 has a built-in NT1. The Cisco 1004 has one console port, one Ethernet 10BaseT port, one Basic Rate Interface (BRI) port, and one PCMCIA card slot. The BRI port is the interface between the NT1 and the phone company's ISDN line.
New Features in Release 11.0(2)
The following enhancements were added to Release 11.0(2):
Support for the Fast Ethernet Interface Processor on the Cisco 7000 Series and Cisco 7500 Series
The Cisco 7000 series and the Cisco 7500 series routers support the Fast Ethernet Interface Processor (FEIP) card, which allows communications speeds of 100 megabits per second (Mbps).
Support for the Cisco 1003 ISDN Router
Release 11.0 now includes support for the Cisco 1003 ISDN router.
QLLC and Bisync
The QLLC and Bisync features are included to the following feature sets for the Cisco 2500 series and Cisco 4000 series routers:
- IP/IPX/IBM Base
- IP/IPX/IBM/APPN
- Desktop/IBM Base
The Bisync feature is included in the following feature set for the Cisco 2500 series routers:
New Features in Release 11.0(1)
This section describes new features and enhancements in the initial Cisco IOS Release 11.0 of the router products software.
General Features
This section describes general features that are new in the initial release of Cisco IOS Release 11.0.
- Weighted fair queuing—Weighted fair queuing is a sophisticated traffic priority management algorithm that identifies conversations (traffic streams) and then breaks up the trains of packets belonging to each conversation to ensure that the capacity is shared fairly between individual conversations. Fair queuing provides an automated way to stabilize network behavior during congestion and results in increased performance and reduced retransmission. The algorithm automatically sorts among conversations without requiring the user to define access lists. Instead, by examining sufficient fields in the packet header, the algorithm can identify unique conversations.
Conversations are sorted into two categories—those that are attempting to use a lot of bandwidth with respect to the interface capacity (for example, FTP) and those that need less (for example, interactive traffic). For streams that use less bandwidth, the queuing algorithm always attempts to provide access with little or no queuing and shares the remaining bandwidth between the other conversations.
- Custom and priority queuing enhancements—The number of queues that can be used for custom queuing and priority queuing has been increased to 16.
- Custom and priority queuing Management Information Base (MIB)—This MIB provides detailed access to custom and priority queuing information. This information was previously available only via the show queue EXEC command.
Backbone Protocol Routing Features
This section describes the backbone protocol routing features that are new in the initial release of Cisco IOS Release 11.0.
TCP/IP Features
The following features have been added to the Cisco IOS TCP/IP software:
- Routing security enhancements with Message Digest 5 (MD5)—MD5 authentication is now available for Open Shortest Path First (OSPF) and also for TCP connections between Border Gateway Protocol (BGP) peers. MD5 authentication provides a standards-based method to greatly enhance the probability that the Cisco IOS software will detect and ignore hostile or erroneous routing messages.
- IP multicast fast switching—Fast switching of IP multicast packets is now available. Previously, IP multicast packets were only process switched.
- Rate limiting of IP multicast traffic—Using access lists, you can control how fast a sender can transmit to a multicast group.
- Protocol Independent Multicast (PIM) Nonbroadcast, Multiaccess (NBMA) mode—PIM NBMA mode allows the router to replicate packets for each neighbor on the NBMA network.
- Multicast static routes—IP multicast static routes allow you to have multicast paths diverge from unicast paths. The most common reason for using separate unicast and multicast paths is tunneling. The multicast packets can use the tunnel without having unicast packets use the tunnel.
- Session directory (SD) listener support—The multicast backbone is widely used for multimedia conferencing. The session directory tool helps announce multimedia conference sessions and provide setup information to potential participants. A session directory client multicasts announcement packets on a well-known multicast address and port. You can enable the router to listen for such announcements.
- Interactive input when tracing a branch of a multicast tree—When you use the mbranch or mrbranch commands to trace a branch of a multicast tree, you can now enter information interactively.
- Policy routing—You can now implement IP routing policies based on source or destination IP addresses or packet lengths. Policy routing provides a more flexible method for routing packets than destination routing.
- IP access list logging—The router can now send a logging message to the console when a packet passes or fails an extended access list. The message includes the access list number, whether the packet was permitted or denied, the protocol, whether it was TCP, UDP, ICMP, or a number, and, if appropriate, the source and destination addresses and source and destination port numbers.
- Open Shortest Path First (OSPF) point-to-multipoint—Support for point-to-multipoint media types is added, allowing the Cisco IOS software to more optimally support Frame Relay-type networks using the OSPF routing protocol.
- Border Gateway Protocol (BGP) peer groups—You can group neighbors with the same update policies into BGP peer groups to simplify configuration and make updating more efficient.
Transparent Bridging Features
The following feature has been added to Cisco's transparent bridging software:
- Concurrent routing and bridging (CRB)—This feature allows a given routable protocol to be routed on some interfaces and bridged on other interfaces within the same router. System managers can consolidate multiple IP subnet assignments into one IP subnet by bridging IP hosts on multiple data-link segments into one network segment. For networks that rely on packet absorption, CRB provides a bridge-group command that causes packets in a given protocol to be "absorbed" rather than bridged within the bridge group.
Note CRB is not a source-route bridging (SRB) feature.
Desktop Protocol Features
This section describes the desktop protocol features that are new in the initial release of Cisco IOS Release 11.0.
AppleTalk Features
The following features have been added to Cisco's AppleTalk software:
- AppleTalk Name Binding Protocol (NBP) filters—NBP provides directory services in AppleTalk. AppleTalk NBP filtering allows network administrators to use Cisco routers to build firewalls, dial-on-demand triggers, and queuing options based on any designed NBP type or object.
Benefits of using NBP filters include:
- Reducing switched circuit costs by using dial-on-demand triggers
- Controlling access to specific AppleTalk resources on the network (printers, file servers, and so on) with NBP access firewalls
- Reducing WAN costs using NBP-based traffic firewalls to prevent unnecessary NBP packets from traversing cost-per-packet network services, such as X.25, Switched Multimegabit Data Service (SMDS), and Frame Relay
- Minimizing NBP traffic overhead by using NBP queuing
- Increased AppleTalk management granularity by combining AppleTalk NBP filters with network and zone filters in a single access list
- AppleTalk Update-Based Routing Protocol (AURP) options—Optional features of AURP, network number mapping, loop detection, and hop count reduction have been added.
- AppleTalk floating static routes—Previously available for TCP/IP and Novell/IPX environments, the floating static routes feature is now available for AppleTalk internetworking environments. Static routes are traditionally implemented so that they always take precedence over any dynamically learned routes to the same destination network. A floating static route is a statically configured route that can be overridden by dynamically learned routing information. Thus, a floating static route can help create a path of last resort that is used only when no dynamic information is available. Floating static routes can be used to provide backup routes in topologies where dial-on-demand routing (DDR) is used.
- AppleTalk Simple Multicast Routing Protocol (SMRP)—SMRP provides multicast routing functions for AppleTalk traffic. SMRP routes AppleTalk packets to all members of a multipoint group so that packets are not replicated on a link. Applications produced by Apple Corporation, Inc., such as QuickTime Conferencing (QTC) will require support by SMRP.
Banyan VINES Features
The following feature has been added to Cisco's Banyan VINES software:
- VINES floating static routes—Previously available for TCP/IP and Novell/IPX environments, the floating static routes feature is now available for Banyan/VINES internetworking environments. Static routes are traditionally implemented so that they always take precedence over any dynamically learned routes to the same destination network. A floating static route is a statically configured route that can be overridden by dynamically learned routing information. Thus, a floating static route can help create a path of last resort that is used only when no dynamic information is available. Floating static routes can be used to provide backup routes in topologies where dial-on-demand routing (DDR) is used.
Novell Features
The following feature has been added to Cisco's Novell software:
- Sequence Packet Exchange (SPX) spoofing—Some SPX-based services in a Novell environment use SPX watchdog packets to verify the integrity of end-to-end communications when guaranteed and sequenced packet transmission is required. SPX spoofing implemented in the Cisco IOS software will receive, recognize, and successfully acknowledge these watchdog packets both at the server end and at the client end of the wide-area link. Requests for the transmission of legitimate information will trigger the dial-up connection. SPX spoofing can drastically reduce communications costs associated with dial-on-demand circuits.
Wide-Area Networking Features
This section describes the wide-area networking features that are new in the initial release of Cisco IOS Release 11.0.
ISDN/DDR Enhancements
The following feature has been added to Cisco's ISDN and DDR software:
- ISDN fast switching—This feature has been added to offset some of the performance limitations of process switched ISDN WAN connectivity introduced by Multiport Basic Rate Interfaces (MBRIs) and Primary Rate Interfaces (PRIs).
X.25 Enhancements
The following feature has been added to Cisco's X.25 software:
- Transparent bridging over multiprotocol Link Accessed Procedure, Balanced (LAPB)—This feature provides encapsulation of transparent bridging packets over a multiprotocol LAPB connection.
Frame Relay
The following features have been added to Cisco's Frame Relay software:
- Fast-switched Frame Relay bridging—This feature allows Frame Relay bridging traffic (transparent bridging, source-route bridging (SRB), and remote SRB (RSRB)) to be fast-switched.
- Data-link connection identifier (DLCI) prioritization—This feature allows up to four DLCIs to be created between any two sites so that each DLCI has a different priority level. These DLCIs can be used to send different types of traffic such as File Transfer Protocol (FTP), Telnet, or Systems Network Architecture (SNA) on different circuits. Congestion problems that result from mixing batch and interactive traffic over a common DLCI can be alleviated for process-switched packets, and greater granularity for performance management can be attained.
- Payload compression for Frame Relay—This feature allows for payload compression of data within Frame Relay packets. Compression is performed on a packet-by-packet basis, yielding a compression ratio of approximately 1.5 to 1, depending on the packet and data characteristics.
ATM Enhancements
The following features have been added to Cisco's Asynchronous Transfer Mode (ATM) software:
- ATM Point-to-Multipoint signaling—Point-to-multipoint signaling on ATM enables the creation of ATM switched virtual circuits (SVCs) that efficiently support "one-to-many" ATM connections. Point-to-multipoint signaling allows the establishment of unidirectional point-to-multipoint SVCs in addition to the existing support for bi-directional and unidirectional point-to-point SVCs.
- ATM Interim Local Management Interface (ILMI)—ILMI supports standards-based ATM network configuration and ATM address acquisition and registration. ATM network configuration parameters include identification of the User-Network Interface (UNI) version supported or Network-Node Interface (NNI) versus UNI interface identification.
- RFC 1577 Classical IP and ARP over ATM—RFC 1577 defines an application of classical IP and ARP in an ATM environment configured as a logical IP subnetwork (LIS). It also describes the functions of an ATM ARP server and ATM ARP clients in requesting and providing destination IP addresses and ATM addresses in situations when one or both are unknown. Cisco routers can be configured to act as an ARP Client, or to act as a combined ARP Client and ARP Server.
Cisco's implementation of the ATM ARP server functionality provides a robust environment in which network changes can be made more easily and more quickly than in a pure ATM environment. Cisco's ATM ARP client works with any ARP server that is fully compliant with RFC 1577.
- Generation of operation and maintenance (OAM) cells—OAM cells are transmitted over ATM virtual path connections (VPCs) and virtual channel connections (VCCs). This new feature enables the router ATM interface to initiate loopback OAM cells. Previously, ATM interfaces could only echo a loopback OAM cell to the initiator as required.
- SVC idle disconnect—This feature allows the router ATM interfaces to tear down SVCs after a user-definable (or default) period of inactivity on a given connection. SVC teardown provides more efficient use of the finite number of connections available per ATM interface.
- LAN Emulation (client/server)—The LAN Emulation (LANE) feature emulates an Ethernet segment over ATM that allows higher-layer protocols and their applications to operate without modification. LAN Emulation features service components (LANE configuration server, LANE server, and broadcast-and-unknown server) as well as a client component called the LANE client. LAN Emulation includes a connectionless broadcast service not otherwise available in ATM networks that can support important protocol mechanisms such as Address Resolution Protocol (ARP). In LAN Emulation, ARP requests resolve MAC addresses to ATM addresses. The LANE configuration server, LANE server, broadcast-and-unknown server, and LANE client are supported on the router ATM interfaces.
Core Enhancements
The following feature has been added to the Cisco 7000 router:
- Flash memory card for the Cisco 7000 route processor—Support for Personal Computer Memory Card International Association (PCMCIA) Flash memory cards for the Cisco 7000 product family is added with Release 11.0. Available in either 8 MB or 16 MB sizes, the Flash card serves as an extension of Flash memory or nonvolatile random-access memory (NVRAM). The Flash card enables you to boot images over 4 MB in size from Flash memory. Multiple images and configuration files can be stored in Flash memory, and the Flash card can serve as either a boot server or TFTP server.
IBM Functionality Features
This section describes the IBM networks software features and support that are new in the initial release of Cisco IOS Release 11.0.
New Features
The following new IBM software features are available:
- Data-link switching plus (DLSw+) over QLLC/Frame Relay—DLSw+ has been enhanced to support both Qualified Logical Link Control (QLLC) and direct encapsulation in Frame Relay. QLLC support allows DLSw+ to communicate with SNA resources over an X.25 network. Direct encapsulation in Frame Relay allows DLSw+ routers to transfer SNA or NetBIOS data across a Frame Relay cloud without requiring encapsulation in TCP/IP. DLSw+ frames are encapsulated directly in Frame Relay according to RFC 1490. This encapsulation scheme minimizes the overhead and improves performance when these protocols are transmitted over a Frame Relay network.
- SDLC improvements—Synchronous Data Link Control (SDLC) support in the Cisco IOS software has been enhanced to include the following:
- Individual control for devices on a multidrop SDLC line, including the ability to view, shut down, bring up, and add physical units
- Ability to ping physical units on an SDLC line to verify reachability
- More granular debugging with both hexadecimal and EBCDIC readouts
- Dial backup support for SNA Frame Relay Access Support (FRAS)—Cisco's SNA FRAS feature has been enhanced to support dial backup. With this feature, if the primary Frame Relay link to a front-end processor is lost, the Cisco IOS software automatically finds a backup path and uses DLSw+ to reroute around the failed link.
- Downstream physical unit (DSPU) concentration enhancements—The integrated DSPU concentration feature of the Cisco IOS software has been enhanced to support Ethernet and SDLC connections. DSPU concentration is now supported over the following connections: Token Ring, remote source-route bridging (RSRB), Ethernet, and SDLC. Any of these links can be used to connect the DSPU router to downstream SNA devices as well as to upstream SNA hosts. All combinations of upstream and downstream connections are supported.
DSPU concentration provides scalability benefits in integrated SNA and multiprotocol networks, reduces mainframe configuration requirements, limits WAN overhead, and speeds recovery of SNA sessions following network failures or restarts. In many environments, DSPU concentration eliminates the need for SNA gateways. Support for Ethernet and SDLC connections provides additional flexibility in connecting DSPUs and upstream mainframes to Cisco routers offering DSPU concentration.
- Advanced Peer-to-Peer Networking (APPN)/intermediate session routing (ISR) with dependent LU requester (DLUR)—APPN is second-generation SNA from IBM. APPN provides dynamic resource and route discovery without mainframe intervention. Release 11.0 provides APPN network node support, which lets you route SNA natively in a single or multiprotocol environment. ISR is the routing algorithm used in the first release of APPN. With DLUR functionality, an APPN network can concurrently carry legacy SNA traffic, enabling native routing of both APPN and legacy traffic.
- APPN over RSRB—This feature provides for encapsulation of APPN traffic in TCP/IP.
- APPN MIB—In support of APPN, the APPN MIB (based on informational RFC 1593) is implemented in this release. For mainframe NetView users, alerts are issued from APPN code points.
- NetView native service point—The native service point feature lets you view the router from a NetView host. The router appears as a PU 2 to virtual telecommunications access method (VTAM). When run commands are issued from the host to the router, responses are sent in the form of NetView network management vector transports (NMVTs).
- SNA support over Cisco's Channel Interface Processor (CIP)—The Cisco CIP now supports direct mainframe channel connectivity to VTAM. By appearing to be an IBM 3172 with SNA support to VTAM, and by appearing to be a virtual LAN to the Cisco 7000, the CIP can now pass SNA traffic between VTAM and an SNA physical unit (PU). Session traffic for VTAM to VTAM, VTAM to Network Control Program (NCP), and VTAM to a PU T2 or PU 2.1 is supported. In addition, SNA traffic that is transported using Cisco's RSRB, DLSw+, Frame Relay, or SDLLC can use the CIP for IBM mainframe access.
- TCP/IP offload on CIP—The Cisco CIP offers additional support for mainframes running TCP/IP applications by offloading the TCP/IP-level processing from the mainframe. With TCP/IP offload, a TCP/IP stack is resident on the CIP, removing checksum processing, packet retransmission, and the task of creating or removing TCP/IP headers from the mainframe. TCP/IP offload is only supported by IBM's TCP/IP for Multiple Virtual Storage (MVS) and TCP/IP for virtual machine (VM) mainframe applications.
With the addition of TCP/IP offload, the CIP now offers two methods for communicating with mainframes running a TCP/IP stack: traditional gateway connections, which offer the highest level of performance, or offload, which offers high performance as well as mainframe cycle savings. Typically, 30 percent of the mainframe cycles that were dedicated to full TCP/IP processing can be saved by implementing TCP/IP offload.
Note For the TCP/IP offload feature and the SNA support over CIP feature, contact your local sales
representative for an update on the prerequisite microcode. Target microcode availability is
anticipated in early October 1995 in Cisco IOS Release 11.0(2).
New MIB Support
The following new MIBs are available:
- TCP/IP offload MIB—This MIB manages configuration of the TCP offload feature. It is made up of one table entry that shows configuration information such as path, device, host name, router name, application programming interface (API) host application, and API router application.
- CIP CSNA MIB—This MIB provides information on the configuration of the Channel Interface Processor (CIP) Systems Network Architecture (SNA) feature. In eight tables, three pieces of information are provided: configuration of I/O device addresses of communication controllers, information regarding VTAM to internal adapter connections, and the number of sessions allowed between the VTAM and internal adapter.
- CIP/LAN MIB—This MIB provides configuration information on the internal (virtual) LAN and internal (virtual) adapter components of the CIP CSNA feature.Within the LAN configuration are entries for the type of LAN and the bridging protocol. Within the adapter configuration are entries for the media access control (MAC) address and the SNA name used for alerts.
- RSRB MIB—This MIB provides information about the attributes of the local-remote RSRB peer relationship. The following three entities are managed: virtual rings, remote peers, and associated Token Rings.
- STUN MIB—This MIB provides configuration and operational information on Cisco's serial tunnel (STUN) implementation. The following four entities are managed: global STUN information, STUN groups, STUN ports, and STUN routes.
- SDLLC MIB—This MIB provides read-only configuration and operational information on Cisco's implementation of SDLC-to-logical link control 2 (LLC2) media translation. The SDLLC MIB provides a table entry for each serial interface and SDLC address pair, and includes information such as front-end processor (FEP) MAC addresses, SDLC station addresses, and Token Ring numbers on LLC2 stations.
- SNADLC/LLC MIB—This MIB manages the LLC2 stack that runs on a CIP card. The CIP card provides the SNA gateway to an IBM mainframe via a channel connection from the router.
- QLLC MIB—This MIB provides information on QLLC stations in three tables—administrative, operational, and statistical—with an entry in each for every QLLC station. The station is indexed by connection index and by the virtual circuit number for the logical channel identifier or PVC number, depending on the type of circuit on the interface.
- SNADLC/CONV MIB—This MIB provides information for accessing the QLLC MIB objects. It supplies both administrative and operational objects for a connection object that is indexed on a virtual MAC (in 802.3/802.5 format) and displays the index into the QLLC objects. The following three conversion types are supported: QLLC to SDLC, QLLC to LLC, and QLLC to local acknowledgment.
- SDLC MIB—This MIB provides configuration and operational information about SDLC ports and stations. This MIB follows RFC 1213 format, and provides administrative and operational tables for both ports and stations.
- BSTUN MIB—This MIB provides configuration and operational information about Cisco's blocked serial tunnel (BSTUN) implementation. The following four entities are managed: BSTUN global entry, BSTUN group table, BSTUN port table, and BSTUN route table.
- BSC MIB—This MIB provides configuration and operational information for Cisco's Binary Synchronous Communications (BSC) implementation. The following two entities are managed: BSC ports (serial interfaces), and BSC control units (stations on a port).
- CIP/TCPIP MIB—This MIB is used to manage the TCP/IP protocol stack running on the Channel Interface Processor (CIP) card. In Release 11.0, only the TCP/IP offload feature makes use of this MIB. The read-only values allow statistics and status for every instance of IP, TCP, UDP, and Internet Control Message Protocol (ICMP) protocol stacks to be viewed.
Access Server Features Supported on the Router
This section describes the access server features that are new in the initial release of Cisco IOS Release 11.0.
- Asynchronous callback—This feature allows an access server to establish a connection on a supported interface, recognize that a callback is required, terminate the current connection, and initiate the callback to the caller. Callback can be initiated by an EXEC command, by a Point-to-Point Protocol (PPP) Link Control Protocol (LCP) callback request, by an AppleTalk Remote Access (ARA) callback request, or by Terminal Access Controller Access Control System Plus (TACACS+) once authentication has identified a user as requesting callback services. Cisco's implementation supports roaming callback, whereby a user can specify the phone number for callback.
- Asynchronous master interfaces—The asynchronous master interfaces feature reduces the time and complexity of configuring Cisco access servers by allowing you to create a single master interface and associate many subinterfaces to it. This many-to-one relationship allows you to configure the master interface and have the configuration apply to all associated interfaces.
- AAA/TACACS+ Phase II—This upgrade to Authentication, Authorization, and Accounting (AAA)/TACACS+ adds accounting to the existing facilities in TACACS+.
- Local IP pooling—Local IP pooling maintains a pool of IP addresses available to asynchronous interfaces that are dynamically assigned and reused upon disconnection. Pooling reduces the number of IP addresses required to support IP dial-in—via Serial Line Internet Protocol (SLIP) or PPP—on multiple interfaces.
Important Notes
This section describes warnings and cautions about using the Cisco IOS Release 11.0 software. This section discusses these topics:
BSC and SDLC Commands in Releases 11.0(5) and 11.0(6)
In Release 11.0(5), the bsc fdx and sdlc hdx commands were deprecated and replaced by new versions of the media-type command. Also, the sdlc cts-delay and sdlc rts-timeout commands were deprecated and replaced by the half-duplex timer command.
In Release 11.0(6), the half-duplex and full-duplex keywords of the media-type commands were removed and replaced by the half-duplex and full-duplex commands, respectively.
All of the deprecated commands continue to be supported in Release 11.0(6) and later.
X.25 Problem in 11.0(2)
Cisco IOS Release 11.0(2) contains a software defect, affecting all platforms, that involves an unexpected router reload when X.25 is configured. This defect, CSCdi40956, is not present in Release 11.0(1) and is fixed by Release 11.0(3).
Upgrading to a New Software Release
If you are upgrading to Cisco IOS Release 11.0 from an earlier Cisco IOS software release, you should save your current configuration file before installing Release 11.0 software on your router.
Emulated LAN Interoperability
Cisco IOS Release 11.0(6), Release 11.1(2), and Catalyst 5000 ATM software Release 2.1 and later contain a fix for an emulated LAN defect. This fix is incompatible with earlier releases of Cisco IOS Release 11.0, Release 11.1, and Catalyst 5000 ATM software Release 1.1.
If you use emulated LAN bridging features in your network, and you upgrade any device to Cisco IOS Release 11.0(6), Release 11.1(2), or Catalyst 5000 ATM software Release 2.1 or later, you must upgrade all devices in the emulated LAN that run Cisco IOS software to a release level that contains the emulated LAN fix. Failure to upgrade all devices in a particular emulated LAN will result in interoperability problems between Cisco devices.
If you choose to continue to use Cisco IOS Release 11.0(5), Release 11.1(1) or earlier releases, the Catalyst 5000 requires ATM software Release 1.1.
Payload Compression for Frame Relay Support
The payload compression for the Frame Relay feature is not supported in Cisco IOS Release 11.0(1), Release 11.0(2), or Release 11.0(3). This feature is supported in Release 11.0(4).
Multiring FDDI Support
Multiring FDDI features are not supported in Cisco IOS Release 11.0(1), Release 11.0(2), Release 11.0(3), Release 11.0(4), Release 11.0(5), Release 11.0(6), or Release 11.0(7).
SRB over FDDI
This feature supports forwarding of source-route bridged traffic between Token Ring and FDDI interfaces on the Cisco 7000, Cisco 7010, and AGS+ routers. Previously, the only way to transport SNA and NetBIOS over FDDI was with remote source-route bridging (RSRB), which is either fast switched (direct or Fast-Sequence Transport (FST) encapsulation) or process-switched (TCP encapsulation). With SRB over FDDI, traffic can be autonomously switched, greatly improving performance for SRB traffic that uses FDDI as a backbone. This feature eliminates the need for RSRB peer definitions to connect Token Ring networks over the FDDI backbone.
Note SRB over FDDI does not support RSRB traffic forwarded to RSRB peers. Routers that have
connections to local Token Ring networks as well as RSRB connections to remote networks cannot
use this feature. The work around is to move the RSRB connections to routers that are not connected
to the FDDI backbone.
Fast Switching of SRB over FDDI on Cisco 4000 Series
Earlier Cisco IOS Release 11.0 release notes inadvertently indicated that fast switching of SRB over FDDI was supported on the Cisco 4000 series. SRB over FDDI for the Cisco 4000 series routers is not supported in any release of Cisco IOS Release 11.0.
Cisco 1000 Series Support
The Cisco 1000 series, including the Cisco 1003 ISDN router is not supported in Cisco IOS Release 11.0(1). The Cisco 1003 router is supported in Release 11.0(2). The Cisco 1004 router is supported in Release 11.0(3). The Cisco 1005 is supported in Release 11.0(4). Note that the size of the Cisco 1003 and Cisco 1004 feature set images released in Release 11.0(3) prevent those routers from running if large routing tables are present. Those images are now obsolete, and new images are available in Release 11.0(4) and later.
Enabling IPX Routing
The Token Ring interface is reset whenever IPX routing is enabled on that interface.
Using AIP Cards
Cisco 7000 series ATM Interface Processor (AIP) cards that support E3, DS3, or Transport Asynchronous Transmitter/Receiver Interface (TAXI) connections and that were shipped after February 22, 1995, require Cisco IOS Release 10.0(9), 10.2(5), 10.3(1), or later.
Booting Cisco 4000 Routers
You must use the Release 9.14 rxboot image for Cisco 4000 routers because the Release 11.0 rxboot image is too large to fit in the ROMs. (Note that rxboot image size is not a problem for Cisco 4500 routers.) However, because the Release 9.14 rxboot image does not recognize new network processor modules, such as the Multiport Basic Rate Interface (MBRI), its use causes two problems:
- You cannot boot from a network server over BRI lines. Instead, you can boot either from a network server over other media or use the copy tftp flash command to copy images over BRI or other media to Flash memory. If you use the copy tftp flash command over a BRI interface, you must be running the full system image.
- If you use the rxboot image on a Cisco 4000 router that is already configured, the following error messages are displayed, with one pair of messages for each BRI interface configured:
Bad interface specification
No interface specified - IP address
Bad interface specification
No interface specified - IP address
Using LAN Emulation (LANE)
Note the following information regarding the LAN Emulation (LANE) feature:
- LANE is available for use with the Cisco 7000 series routers connected to an LS100 or LS1010 switch. LANE requires at least version 3.1(2) of the LS100 software, which requires a CPU upgrade if you are currently running software prior to version 2.5.
- The LS2020 cannot be used for LANE because it does not support UNI 3.0 and point-to-multipoint SVCs.
- Routing of IP, IPX, and AppleTalk is supported. Refer to the switching matrix in the "Switching" appendix of the Router Products Command Reference publication to determine what runs at process, fast, autonomous, and silicon levels.
- LANE does not support:
- DECnet, CLNS, VINES, and XNS
- LANE over PVCs
- HSRP
- AppleTalk Phase 1 cannot be routed to AppleTalk Phase 2 via LANE.
Forwarding of Locally Sourced AppleTalk Packets
Our implementation of AppleTalk does not forward packets with local source and destination network addresses. This behavior does not conform to the definition of AppleTalk in Apple Computer's Inside AppleTalk publication. However, this behavior is designed to prevent any possible corruption of the AppleTalk Address Resolution Protocol (AARP) table in any AppleTalk node that is performing MAC-address gleaning.
Using Source-Route Transparent Bridging (SRT) and Source-Route Bridging (SRB) on Cisco 2500 and Cisco 4000 Routers
Certain products containing the Texas Instruments TMS380C26 Token Ring controller do not support SRT. SRT is the concurrent operation of SRB and transparent bridging on the same interface. The affected products, shipped between March 30, 1994, and January 16, 1995, are the Cisco 4000 NP-1R, Cisco 4000 NP-2R, Cisco 2502, Cisco 2504, Cisco 2510, Cisco 2512, Cisco 2513, and Cisco 2515.
Units shipped before March 30, 1994, or after January 16, 1995, are not affected. They use the Texas Instruments TMS380C16 Token Ring controller, which supports SRT.
SRT support is necessary in two situations. In one, Token Ring networks are configured to source-route bridging (SRB) protocols such as SNA and NetBIOS, and transparently bridge other protocols, such as IPX. In the other situation, SNA or NetBIOS uses SRB and Windows NT is configured to use NetBIOS over IP. Certain other configuration alternatives do not require SRT (contact the Technical Assistance Center).
As of Release 10.3(1), SRB in the following Cisco IOS features sets is no longer supported: IP, IP/IPX, and Desktop. To use SRB, you need one of the following feature sets: IP/IBM base, IP/IPX/IBM base, IP/IPX/IBM/APPN, Desktop/IBM base, Enterprise, or Enterprise/APPN. In most non-IBM Token Ring environments, the multiring feature in IP, IP/IPX, and Desktop eliminates the need for IP/IBM base, IP/IPX/IBM base, IP/IPX/IBM/APPN, Desktop/IBM base, Enterprise, or Enterprise/APPN.
Release 11.0(10a) Fixes Caveat CSCdi66673
After the release of Cisco IOS Release 11.0(10), a caveat was discovered within the rsp- Cisco IOS images. It was determined that this caveat was significant enough to merit a rebuild of the rsp- images. The rebuild includes the caveat fix and is renumbered to 11.0(10a).
This defect is bug CSCdi66673 and is described as follows:
When Ethernet runt packets are received by Cisco 7500 series router processors (RSP1, RSP2, or RSP7000), a Reserved Exception crash or a QAERROR error will occur. When either of these problems happens, a switching complex restart is forced. The Reserved Exception crash has the following output:
Aug 14 10:44:16: %RSP-3-ERROR: memd write exception, addr 08000000
Aug 14 10:44:16: %RSP-3-ERROR: RSP alignment error on write to QA, addr 080000
*** System received a reserved exception ***
signal= 0x9, code= 0x0, context= 0x60c72fd0
PC = 0x60107514, Cause = 0x2020, Status Reg = 0x34008702
DCL Masked Interrupt Register = 0x000000ff
DCL Interrupt Value Register = 0x00000000
MEMD Int 6 Status Register = 0x00000000
The QAERROR error has the following output:
Jun 17 10:50:23.329: %RSP-2-QAERROR: reused or zero link error, write at addr 03
log 260308C0, data A816FFFF 00000000
Release 11.0(10a) and all subsequent releases of Cisco IOS software, including Release 11.0(11), include the fix for this caveat.
Release 11.0(12a) Fixes Caveat CSCdi71609
After the release of Cisco IOS Release 11.0(12), a caveat was discovered within the rsp- Cisco IOS images. It was determined that this caveat was significant enough to merit a rebuild of the rsp- images. The rebuild includes the caveat fix and is renumbered to 11.0(12a). Release 11.0(12a) includes 11.0(12) images plus the rebuilt rsp- images.
This defect is bug CSCdi71609 and is described as follows:
A serious bug has been found within various Cisco IOS software releases. In extremely rare conditions, a failure condition can occur when Backing-Store or Fair Queuing are enabled. To avoid these problems, the rsp- Cisco IOS images in affected releases are no longer available.
This problem can be avoided by disabling both Backing-Store and Fair Queuing on existing Cisco IOS software releases with rsp- images.
Release 11.0(12a) and all subsequent releases of Cisco IOS software, including Release 11.0(13), include the fix for this caveat.
Release 11.0(13a) Fixes Caveat CSCdi92818
Cisco IOS software release 11.0(13) was deferred due to a severe defect in source-route bridging protocol when used on a Route Switch Processor (RSP)-based platform, including the Cisco 7500 series and RSP7000 routers.
This defect is bug CSCdi92818 and is described as follows:
CSCdi92818 affects any RSP router running Cisco IOS Software Interim 11.0(12.3) through 11.0(13.3) with a CIP and/or a TRIP, and a FDDI. If the CIP or the TRIP are passing RIF data, the FDDI will stop passing traffic. The FDDI will not acknowledge incoming traffic on FDDI interfaces if SRB is in use anywhere in the router. There is no known workaround. SRB needs to be turned off in these configurations.
If you are not running source-route bridging in your network, this defect does not apply to you. If you are running source-route bridging in your network, certain interface types on an RSP-based platform may be specifically affected.
If you believe your network may be impacted by this defect, you can obtain Cisco IOS Release 11.0(13a) from the Cisco Connection Online Software Upgrade Library.
Release 11.0(13a) and all subsequent releases of Cisco IOS software, including Release 11.0(14), include the fix for this caveat.
Release 11.0(14a) Fixes Caveat CSCdj05366
Cisco IOS software release 11.0(14) was deferred due to a severe defect.
This defect is bug CSCdj05366 and is described as follows:
When establishing a second telnet session to a router, vty does not echo characters; the first established session works correctly.
If you believe your network may be impacted by this defect, you can obtain Cisco IOS Release 11.0(14a) from the Cisco Connection Online Software Upgrade Library.
Release 11.0(14a) and all subsequent releases of Cisco IOS software, including Release 11.0(15), include the fix for this caveat.
Caveats for Release 11.0(1) through 11.0(22a)
Cisco IOS Release 11.0(22a) is a rebuild release for Cisco IOS Release 11.0. The caveats in this section are resolved in Cisco IOS Release 11.0(22a) but may be open in previous Cisco IOS releases.
- Cisco IOS software releases based on versions 11.x and 12.0 contain a defect that allows a limited number of SNMP objects to be viewed and modified without authorization using a undocumented ILMI community string. Some of the modifiable objects are confined to the MIB-II system group, such as "sysContact", "sysLocation", and "sysName", that do not affect the device's normal operation but that may cause confusion if modified unexpectedly. The remaining objects are contained in the LAN-EMULATION-CLIENT and PNNI MIBs, and modification of those objects may affect ATM configuration. An affected device might be vulnerable to a denial-of-service attack if it is not protected against unauthorized use of the ILMI community string.
The vulnerability is only present in certain combinations of IOS releases on Cisco routers and switches. ILMI is a necessary component for ATM, and the vulnerability is present in every IOS release that contains the supporting software for ATM and ILMI without regard to the actual presence of an ATM interface or the physical ability of the device to support an ATM connection.
To remove this vulnerability, Cisco is offering free software upgrades for all affected platforms. The defect is documented in DDTS record CSCdp11863.
In lieu of a software upgrade, a workaround can be applied to certain IOS releases by disabling the ILMI community or "*ilmi" view and applying an access list to prevent unauthorized access to SNMP. Any affected system, regardless of software release, may be protected by filtering SNMP traffic at a network perimeter or on individual devices.
This notice will be posted at http://www.cisco.com/warp/public/707/ios-snmp-ilmi-vuln-pub.shtml. [CSCdp11863]
- Cisco IOS software contains a flaw that permits the successful prediction of TCP Initial Sequence Numbers.
This vulnerability is present in all released versions of Cisco IOS software running on Cisco routers and switches. It only affects the security of TCP connections that originate or terminate on the affected Cisco device itself; it does not apply to TCP traffic forwarded through the affected device in transit between two other hosts.
To remove the vulnerability, Cisco is offering free software upgrades for all affected platforms. The defect is described in DDTS record CSCds04747.
Workarounds are available that limit or deny successful exploitation of the vulnerability by filtering traffic containing forged IP source addresses at the perimeter of a network or directly on individual devices.
This notice will be posted at http://www.cisco.com/warp/public/707/ios-tcp-isn-random-pub.shtml. [CSCds04747]
Caveats for Release 11.0(1) through 11.0(22)
This section describes possibly unexpected behavior by Release 11.0(22). Unless otherwise noted, these caveats apply to all 11.0 releases up to and including 11.0(22).
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
Basic System Services
- On a Cisco 7000 series router, if you replace one interface processor (for example, a TRIP or an FSIP) with a different type of interface processor online, the show ip interface brief and show interface commands display information for both the old and new controllers. Rarely, this also results in the continual reinitialization of the newly inserted controller.
The only known workaround is to completely unconfigure the old card before replacing it with the new card. Sometimes, it might even be necessary to issue a write erase command, reboot the router, and then redefine the existing interfaces to completely remove all configuration traces of the old card. Once the information that is displayed by the show commands is self-consistent, the newly inserted card behaves normally. [CSCdi49800]
- When your configuration contains AAA commands, booting from Cisco IOS Release 11.0(10c) bootroms will cause error messages to be displayed. [CSCdk40563]
DECnet
- Under certain conditions, DECnet does not send triggered routing updates after an adjacency comes up. If (periodic) routing updates are sent out frequently (default frequency being 40 seconds), this is not an issue, since an update gets sent out in a short time, and routes are learned. However, if the routing update timer has been configured to be a large value, then routes may not be learned for a long time.The workaround is to configure a smaller value for the routing update timer.[CSCdk62414]
IBM Connectivity
- When you configure Native Service Point (NSP) on a router's Frame Relay interface and set the LSAP value, the value displayed by the show running-configuration command will be 0, even if you specified a different value.
sna host NETHOST xid-snd 05d26198 dlci 68 rsap 4 lsap 0 focalpoint
If you change the sna host command to another medium, for example Token Ring, and the sna host command uses an rmac instead of the dlci xx parameter, LSAP will be set to the actual value you specified, for example 20.
sna host NETHOST xid-snd 05d26198 dlci 68 rsap 4 lsap 20 focalpoint
[CSCdk46001]
Interfaces and Bridging
- If a serial interface is set to loopback via a hardware signal, the interface will remain in loopback until the hardware signal is dropped and a no loopback interface configuration command is issued. [CSCdi47768]
IP Routing Protocols
- An external SPF calculation may be triggered every 35 to 40 seconds if both of the following occur:
(1) An OSPF external LSA contains a forwarding address that OSPF has no route for, and
(2) A static route to the forwarding address is configured, and it points out an interface that OSPF is running on.
To work around this problem, either remove the static route, or prevent the unreachable forwarding address from being included in the external LSA by making sure that any ASBRs redistributed between different OSPF domains has the fix for CSCdi63983. [CSCdk52593]
ISO CLNS
- On platforms which do not use the old MCI controller, fast-switching of CLNS traffic with non-zero N-Selector does not work. [CSCdk36270]
Wide-Area Networking
- When changing the encapsulation of an ISDN or dialer interface from Frame Relay to X.25 or LAPB, the router may reload. To work around this problem, configure HDLC before configuring X.25 on the dialer interface. [CSCdi44646]
- The SSCOP layer sequence number wraparound conditions leads to memory leaks and memory fragmentation problems. The problem occurs when the sscop's send sequence number reaches a maximum value of 16777215. The switch needs to be reset to continue normal functionality.
The problem can also occur in routers. The shut and no shut commands need to be issued on the ATM interface in order to reset the sequence counters. This reset may also be used to free buffer resources in a system that has encountered the SSCOP wrap but not yet crashed. [CSCdj45157]
Miscellaneous
- When running 2523 and 2524 serial ports in asynchronous mode, modem control is supported only when DTE style 5-in-1 cables are used to connect to DCE devices. The DCE 5-in-1 cable will not support modem control for the asynchronous mode. To support DTE deviceswith modem control, you must use the DTE style cables with a null modem adapter. [CSCdi72371]
- This software-forced crash occured once on a Cisco 4500 Series router. The Development Engineers are waiting for the necessary coredump, as well as debug output to pinpoint the cause. The problem has not recurred. [CSCdk56185]
Caveats for Release 11.0(1) through 11.0(21)
This section describes possibly unexpected behavior by Release 11.0(21). Unless otherwise noted, these caveats apply to all 11.0 releases up to and including 11.0(21).
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Release 11.0(22).
Basic System Services
- From the login prompt, you can recover fragments of lines typed by the previous user of the same physical or virtual terminal line. This recovery may pose a security problem. A complete description and details are at http://www.cisco.com/warp/public/770/ioshist-pub.shtml. [CSCdk43920]
Interfaces and Bridging
- The router became very busy and hung up, seemingly because the token ring did not filter forwarded DECnet multicast frames, if permanent bridging entry and DECnet were configured. There was no workaround. [CSCdk27418]
- When transparent bridging is configured, the token ring protocol state may keep going up and down. There is no workaround.[CSCdk60152]
IP Routing Protocols
- The following platforms may reload with a bus error or segv after issuing the show ip eigrp event, show ipx eigrp event, show appletalk eigrp event commands, or by enabling Enhanced IGRP event logging for any of these protocols:
- Cisco Series1000
- Cisco Series 1250
- Cisco Series 1260
- Cisco Series1380
- Cisco Series1400
- Cisco Series1520
- Cisco Series 7000 (RP/SP)
Other platforms, including the Cisco 3600, 4500, 4700, 5300, 7000 (RSP), 7200, 7500, 8500, and RSM series routers may display the record as a spurious memory access. The Enhanced IGRP event log is invalid on all platforms.
The workaround to this problem is to not display the event log or enable Enhanced IGRP event logging. Additionally, the event log can be disabled by issuing the following commands (as appropriate) from configuration mode on the router:
IP:
router eigrp as eigrp event-log-size 0
IPX:
ipx router eigrp as event-log-size 0
Appletalk:
appletalk eigrp event-log-size 0
[CSCdk33475]
Caveats for Release 11.0(1) through 11.0(20)
This section describes caveats (possibly unexpected behavior) of Cisco IOS Release 11.0(20). These caveats also apply to Releases 11.0(1) through 11.0(19) (unless otherwise noted).
For more caveats of Release 11.0(20) and earlier 11.0 releases, see all the preceding caveats sections.
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Release 11.0(21).
IBM Connectivity
- When using NetView version 3.1 or greater, the DLUR router may display the following message repeatedly when a runcmd is issued to a DLUR router configured with NSP over DLUR.
%APPN-7-APPNETERROR: MSP04-bAuUEcKTSepupA TRIED TO SEND TO THIS NODE FOR bAuUEcKcbDe
%APPN-7-APPNETERROR: MSP08-MDS_MU RCVD WITH ERROR
%APPN-7-APPNETERROR: 008B13100038131119810801E2C1F5D5C5E30902D4D3E5F0F5F0C1060323F0F1 %APPN-7-APPNETERROR: F516820801E2C1F5D5C5E30602E3E2C4E5060323F0F1F4059000800000331549 %APPN-7-APPNETERROR: 16010A01E2C1F5D5C5E340400A02C3D5D4F0F14040400A0423F0F1F540404040 %APPN-7-APPNETERROR: 0F020000001200620602083B3200E9001C1212001880610C060A50C3D6D5E2D6 %APPN-7-APPNETERROR: D3C5400831E2C840E5C5D9
%APPN-7-APPNETERROR: MSP08-SENSE_CODE=0x8A80009
%APPN-7-APPNETERROR: MSP08: SENSE_DATA= 0x8A80009
%APPN-7-MSALERT: Alert CPMS002 issued with sense code 0x8A80009 by XXXMSP04
The workaround is to not use NSP over DLUR. [CSCdk19424]
Miscellaneous
- An error in TTY input processing allows interactive users to enter data that may corrupt internal data structures. This error allows anyone who can get interactive access to the system to crash it, without necessarily being able to log in. More information is available at http://www.cisco.com/warp/public/770/ioslogin-pub.shtml. [CSCdj43337]
Caveats for Releases 11.0(1) through 11.0(19)
This section describes caveats (possibly unexpected behavior) of Cisco IOS Release 11.0(19). These caveats also apply to Releases 11.0(1) through 11.0(18) (unless otherwise noted).
For more caveats of Release 11.0(19) and earlier 11.0 releases, see all the preceding caveats sections.
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Release 11.0(20).
IBM Connectivity
- Under certain stress conditions where a router's buffer is depleting (when processing DLUR pipe traffic, gds 1500 variables), the router sends an unsolicited reset IPM request to VTAM. VTAM immediately sends a reset IPM acknowledgment. Upon receiving this reset IPM acknowledgment, the router unbinds its cpsvrmgr (DLUR pipe) and cpsvrmg (CP-CP) sessions. [CSCdj44512]
- An upstream APPN node queued all binds destined for an intermediate APPN router because of a BIND pacing. The downstream router did not responded with an IPM (pacing response) to the upstream node. The pacing window was not released by the downstream router because the BIND buffer had been lost after waiting on a send_q to a downstream node that had not responded to a pacing request, and then the link to that node was terminated. Cleanup of the downstream node's link freed the BIND in an inappropriate way. [CSCdj81746]
- An APPN ping to any unknown resource in the network can cause a router reload. This is a regression defect caused by CSCdj73921. [CSCdj84606]
- APPN/DLUR: A router reload can occur when DLUR processes a flow on the DLUS/DLUR connect, which must be responded to negatively because the PU has disconnected. This is a regression defect introduced by CSCdj59639. [CSCdj84659]
- A router may display the following recurring message on its console:
%APPN-7-MSALERT: Alert LU62004 issued with sense code 0x812000D by XXXSMPUN
This sense code indicates that APPN is running out of buffers and therefore unable to allocate new sessions. One solution is not to reserve the unbind buffers in advance during the BIND time. [CSCdj87034]
- The maximum memory access for APPN is adjusted as the maximum memory capacity of Cisco routers increase to 256 M. With this fix, the APPN subsystem can use the full 256 M of main memory for the router. [CSCdk08186]
- A regression was caused by CSCdj87034 which caused sessions to have a single DLUR DLUS pipe. [CSCdk10696]
Interfaces and Bridging
- If a board is pulled out or inserted when FEIP is transferring data, system service may be disrupted because of an internal FEIP hardware bug. The user might see either a Cybus error or a MEMD error when the problem occurs. [CSCdj89682]
IP Routing Protocols
- Under unusual circumstances, a router configured for EIGRP may lose routes from the routing table. Examination of the EIGRP topology entry for the lost route reveals the feasible distance as infinity (4294967295), even though the metric for that route is good.
The loss of the route is due to sporadic line congestion (packet drops) and/or SIA events on the same link as the neighbor occurring while a route is active. On very rare occasions, this can result in a lost acknowledge packet and a retransmission of the reply packet. For the failure to occur the retransmitted reply must have a valid metric.
A known workaround is to issue the clear ip route * command. [CSCdj73617]
- If a Cisco router is attached to a network that includes a Proteon router, free processor memory in the Cisco router can very slowly decline. This is due to a memory leak in the OSPF process. [CSCdj78467]
Miscellaneous
- Online insertion and removal (OIR) of an interface processor in an rsp-based Cisco 7000 or Cisco 7500 router may result in multiple interfaces dropping very large numbers of incoming packets after the OIR. This problem may be seen on interfaces of other boards, as well as the interfaces on the board that was inserted or removed. The problem can be observed by a large and increasing number of packets reported in the "ignore" counter in the output of the show interfaces command. Communication through these interfaces will be severely impacted. This problem is most likely to occur in routers that have many active interfaces, and some interfaces with moderate to high traffic load. The problem is rare in routers that have few active interfaces and lightly loaded interfaces. The workaround is to reload the controller microcode using the microcode reload configuration command after the OIR event or power down the router to remove and insert cards. [CSCdk07259]
Wide-Area Networking
- Under certain conditions when using CHAP authentication, the router may reload unexpectedly. [CSCdj85943]
Caveats for Releases 11.0(1) through 11.0(18)
This section describes caveats (possibly unexpected behavior) of Cisco IOS Release 11.0(18). These caveats also apply to Releases 11.0(1) through 11.0(17) (unless otherwise noted).
For more caveats of Release 11.0(18) and earlier 11.0 releases, see all the preceding caveats sections.
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Release 11.0(19).
IBM Connectivity
- Timers are not cleaned up properly in LLC2. This may result in crashes when RSRB local acknowledgment is used under a high load. [CSCdj42474]
- Executing a show source command may cause the router to restart unexpectedly if a virtual ring group or remote peer is deconfigured when the source bridge command output is waiting at the -- more -- prompt.
The workaround is to not reconfigure virtual rings or remote peers while executing a show source command. [CSCdj49973]
- In a rare timing situation, an APPN/DLUR router may reload due to a bus error/segV exception at ndr_sndtp_encap_mu. [CSCdj59639]
- When an actpu is followed by a dactpu from VTAM and there has been no response from the downstream device to either flow, after a disconnect is received from the downstream device, DLUR will send a -rsp(actpu) upstream instead of the proper flow, a +rsp(dactpu). This can cause the PU from the DLUS perspective to hang in PDACP state. [CSCdj61872]
- It is rare, but possible, for DLUS to send a -rsp(REQDACTPU). When this happens, it indicates that VTAM has already cleaned up the PU in question. When receiving this response, DLUR must clean up the PU to avoid the PU from being stuck in "stopping" state. [CSCdj61879]
- When using APPN/DLUR with a large number of LUs (over 1000), a memory spike can occur during the processing of a downstream PU outage. In extreme cases, this memory spike can be large enough to exhaust memory in the APPN/DLUR router, which can cause a reload. [CSCdj61908]
- If an RSRB session is disconnected by the local LAN side at exactly the same time as a data message is received from a remote host, a situation can occur that will lead to a crash in llc_get_oqueue_status(). There is no workaround. [CSCdj62026]
- Session attempts fail with DLUR generating a sense 08060000 in a rare case where the LU name list gets corrupted. This problem is easily identified by the VTAM LU showing "active" state, while the show appn dlur-lu name display does not show the LU. [CSCdj62172]
- When source-route translational bridging is used, LLC sessions that are initiated from the transparent domain will result in the source-route largest frame to be incorrectly set to 4472 bytes instead of 1500. The result is that SNA and NetBIOS sessions may fail if the source-route station sends a frame with a payload that exceeds the maximum allowable size of 1500 bytes for Ethernet media.
The problem typically occurs when NetBIOS is utilized to allow workstations to communicate between Ethernet and Token Ring. It will also occur when SNA is used.
The workaround is to disable fast-switching by using the command no source-bridge transparent fastswitch or configure the end stations to use frames with a payload of less than or equal to 1500 bytes. [CSCdj62385]
- Any DLUR installation with more than 800 to 1000 downstream PUs may experience a reload with the following backtrace:
[abort(0x601f2c3c)+0x8]
[crashdump(0x601f0b20)+0x94]
[process_handle_watchdog(0x601c2f08)+0xb4]
[signal_receive(0x601b7d58)+0xa8]
[process_forced_here(0x60169424)+0x68]
[locate_node_index(0x607dbcc0)+0x64]
[etext(0x60849e00)+0xcbee04] [CSCdj67966]
- An APPN router may reload in rare situations with the following backtrace:
RA: 0x607E1724[find_matching_row(0x607e16ec)+0x38] RA: 0x607E1B9C[Tfind_next(0x607e1b70)+0x2c] RA: 0x6071182C[DBfind_next_directory_entry(0x60711814)+0x18] RA: 0x6070BAD8[CPdelete_men(0x6070ba90)+0x48] RA: 0x6070BA78[CPupdate_cp_status(0x6070b9c0)+0xb8] RA: 0x6070B40C[CPmain(0x6070b300)+0x10c] RA: 0x6070AC2C[newdss00(0x6070ab60)+0xcc] RA: 0x60183F80[r4k_process_dispatch(0x60183f6c)+0x14] [CSCdj70817]
- APPN leaks memory when directory services process unknown locate replies. [CSCdj70886]
Interfaces and Bridging
- When transparent bridging to a Token Ring interface, it is possible for the interface to read in a frame it has forwarded to the Token Ring interface. This will make the bridge table incorrect.
This problem only affects the midrange and low-end platforms. [CSCdj41666]
IP Routing Protocols
- A router may crash with a "System restarted by bus error at PC 0x60394488, address 0xD0D0D0D" message when running Cisco IOS Release 11.1(9) RSP with a heavy load of Enhanced IGRP and CSNA traffic. [CSCdj29447]
TCP/IP Host-Mode Services
- Somebody has released a program, known as land.c, that can be used to launch denial of service attacks against various TCP implementations. The program sends a TCP SYN packet (a connection initiation), giving the target host's address as both source and destination, and using the same port on the target host as both source and destination.
For in-depth information including workarounds and information on other Cisco product vulnerabilities, please see:
http://www.cisco.com/warp/customer/770/land-pub.shtml [CSCdj61324]
Wide-Area Networking
- When using DLCI prioritization on a point-to-point Frame Relay subinterface and one of the DLCIs fail, the subinterface may bounce once or continually bounce during LMI full status reports, depending on whether LMI reports the DLCI as being DELETED or INACTIVE. This behavior is the same for every DLCI defined in the priority-dlci-group.
During normal behavior, the point-to-point subinterface should go down when the primary DLCI fails. If a secondary DLCI fails, the subinterface stays up, but traffic destined for that DLCI only will fail. [CSCdj11056]
- A remote DLSw peering router may send a DM response just after the LLC2 connection is established if the router is very busy and the PC station responds immediately to the UA with an RR. The client will need to reestablish the connection. [CSCdj47782]
Caveats for Releases 11.0(1) through 11.0(17)
This section describes caveats (possibly unexpected behavior) of Cisco IOS Release 11.0(17). These caveats also apply to Releases 11.0(1) through 11.0(16) (unless otherwise noted).
For more caveats of Release 11.0(17) and earlier 11.0 releases, see all the preceding caveats sections.
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Release 11.0(18).
Basic System Services
- On Single Flash Bank 2500 devices, when the device is running from the image on Flash (RFF), the SNMP operation of copy to Flash using CISCO-FLASH-MIB does not work.
The work around is to use the command line interface command copy tftp flash. This CLI command invokes the FLH interface and the file is copied successfully to the device. [CSCdj27438]
- When custom or priority queuing is turned off on an interface that does not support fair queuing, the queuing data structures associated with the interface are left in an inconsistent state.
In particular, the enqueue and the dequeue routines are not reset, which causes the box to crash when the routines are invoked the next time. Once the box is rebooted the inconsistency is cleared. [CSCdj29439]
- A crash occurred in the Frame Relay packet classifier function called by the WFQ routine. A workaround for this problem is to disable WFQ on the interface with Frame Relay encapsulation. [CSCdj45516]
- The input queue may be wedged with IP packets if the exception dump command is configured.
The following are known workarounds:
- Increase the input queue to 175. ([75]Original Queue amount+[100] per exception dump x.x.x.x command)
- Remove the exception dump x.x.x.x command.
[CSCdj58035]
IBM Connectivity
- When an LNM queries the router with a report station address, the router answers correctly with a report station address. However, 0.001 seconds later, the router sends a second report station address to the LNM with all zeros in the frame. This causes the LNM to work incorrectly. [CSCdj04559]
- A 1500-byte frame sent to the SR/TLB code is dropped because the SR/TLB MTU is set to 1492 bytes. [CSCdj18838]
- A small window exists in which it is possible after a transmission group reinitialization that only one CP-CP session is established between the router and a neighboring node. In this case, the contention winner session from the perspective of the router is not activated. Once this occurs, the CP-CP contention winner session will only activate if the APPN subsystem is stopped and started.
There is no known workaround. [CSCdj25859]
- An APPN image may restart because of a CPU HOG problem in processing a link failure event by the Directory Service APPN process (xxxdns00). This problem occurs when many locate requests were pending with the node that had a link failure.
There is no alternative workaround when this happens. The router is forced to restart by the system watchdog process (software-forced reload event).
The fix is to give up the CPU by the xxxdns00 process after processing certain number of requests at a time. [CSCdj26423]
- An APPN router may display the following "Unanticipated CP_STATUS" message when the contention loser CP-CP session goes down and comes back up without the contention winner session being deactivated:
%APPN-6-APPNSENDMSG: Ended DLUR connection with DLUS NETA.SJMVS1
%APPN-7-MSALERT: Alert LU62004 issued with sense code 0x8A00008 by XXXSMPUN
%APPN-6-APPNSENDMSG: Starting DLUR connection with DLUS NETA.SJMVS4
%APPN-7-APPNETERROR: CP_STATUS FSM: Unanticipated CP_STATUS message received
Each subsequent broadcast locate received by the router causes the following messages to be displayed and about 1920 bytes of APPN memory to be leaked:
%APPN-7-APPNETERROR: MAP_INPUT_SET_TO_ROW: invalid input value=0x80200080
%APPN-7-APPNETERROR: State Error lcb: 60C05CC0 pcid: DA839C70FB1548CB row: 22 col: 0
This problem occurs when two links are active to the same node and the CP-CP sessions are split between these two links and the link with contention loser is stopped.
The APPN subsystem should be stopped and restarted to clear this problem. If the CP-CP sessions are between the router and the host, terminating either CP-CP session on the host will also clear this problem. [CSCdj33718]
- If the DLUR router received fixed session-level pacing values on the primary stage, it may modify these pacing values before forwarding the bind to the secondary stage. [CSCdj36195]
- The APPN router may crash during an SNMP access to the APPN MIB. This problem only occurs after an unused APPN node is garbage collected. [CSCdj36824]
- An APPN DLUR router may reload with SegV exception in ndr_sndtp_encap_mu in a timing window where the DLUR supported device disconnects before a request_actpu is sent to the DLUS for that device. [CSCdj37172]
- A problem occurs when a LU node-specific node attempts to start a session with a set of invalid Bind parameters. This results in a locate-find (with the bind in the CDINIT) being sent through the Cisco APPN network to the end VTAM CP. The end VTAM CP rejects the locate-find with a 0835003A sense. It then sends this back with a control vector CV35 of minimum length 8 bytes to the originator through the Cisco APPN network node (NN). The APPN NN then rejects the frame with a 08953500 sense and drops the CP-CP session between the Cisco and VTAM CPs. [CSCdj37479]
- APPN enforces the maximum size of a CV10 (product set identifier) on XID to not exceed 60 bytes. Some products include a CV10 that is larger than the 60-byte value. These products will fail XID negotiation with APPN. [CSCdj40144]
- In the event that APPN/DLUR has processed and sent a bind request to a downstream device, and that device has not responded to the bind, issuing a vary,inact command on the host for the LU name that the bind is destined for will not completely clean up the session as it should. [CSCdj40147]
- Memory leaks occur when APPN TPsend_search is sending locate search requests to adjacent nodes when a link failure occurs. [CSCdj40915]
- When RSRB with TCP encapsulation is configured and remwait/dead peers exist, an explorer packet may continuously try to open the remwait/dead peer. After several tries, the router may crash with memory corruption.
A workaround is to remove any remwait/dead peer statements. [CSCdj42427]
- An APPN router may crash with a bus error if a race condition is experienced during cleanup processing. The stacktrace shows the crash occurred in Qfind_front while executing a psp00 function. An example stacktrace for this problem is shown below.
System was restarted by bus error at PC 0x3784864, address 0xF0110208 PC 0x3784864[_Qfind_front(0x3040a04+0x743e44)+0x1c] RA: 0x36C1F2E[_queue_find_front(0x3040a04+0x68151c)+0xe] RA: 0x36CC554[_psbmfrm(0x3040a04+0x68bb30)+0x20] RA: 0x36CDAF6[_psp00(0x3040a04+0x68cfd4)+0x11e] RA: 0x314BD78[_process_hari_kari(0x3040a04+0x10b374)+0x0] [CSCdj44198]
- APPN crashed when it received a CV35 without the Termination Procedure Origin Name (TPON) field. [CSCdj44661]
- DLUR bind processing may cause stack corruption, resulting in a reload with PC 0x0. This problem is caused by attempting to parse the user data subfields beyond the location where the subfields exist. The reload will only occur if the byte two bytes beyond the end of the user data area is 0x3 or 0x4. This is a very rare occurrence. [CSCdj45676]
- In recent 11.0 releases, problems were experienced when APPN CP/CP sessions are split across multiple transmission groups (TG). A workaround is to force the CP/CP session to use a single TG. [CSCdj46413]
- The message "%APPN-0-APPNEMERG: Mfreeing bad storage, addr = 60BB7188, header = 60BB6B20, 00000218 -Process= "ndrmain", ipl= 0, pid= 62" may be issued when a DLUR served PU disconnects. [CSCdj46783]
- Some 68K-based routers, such as the Cisco 7000, Cisco 4000, and Cisco 2500 routers, may crash while running APPN. This memory corruption may occur after a rare combination of APPN detail displays, followed by a show appn stat display.
[CSCdj47941]
- An APPN router may fail the ACT_ROUTE if using parallel Transmission Groups (TG). This problem may occur when an APPN router has two parallel links defined with the adjacent node. If the adjacent node activated a link to the network node (NN) requesting a TG number that had previously been used for a different defined link activation, the NN may fail the ACTIVATE_ROUTE. The APPN router sometimes tried to incorrectly activate the route using the other inactive link which still had the same TG number. [CSCdj49814]
- Normal non-extended unbind (0x3201) was extended with corrupted information, which caused rejection by the host. As far as the host is concerned, the session is still active. A user cannot clean up this session without bringing down the link. [CSCdj50581]
Interfaces and Bridging
- The auto-enable feature for packet-by-packet Frame Relay compression is removed and this form of compression is allowed to be manually enabled. [CSCdi85183]
- PPP compression and custom queuing are incompatible features and may cause the router to crash. To work around this problem, turn off all fancy queuing. [CSCdj25503]
IP Routing Protocols
- A router crashes after receiving multicast packets with the illegal source address 0.0.0.0. The workaround is to configure the access list to filter out packets with a source IP address of 0.0.0.0. [CSCdj32995]
- On a Cisco 4700, RIP cannot handle more than 1800 routes received back to back without inter-frame gap. [CSCdj40042]
- If the OSPF summary host route is overwritten by a route from another routing process that has a lower administrative distance, it is possible that the OSPF summary host route will not be reinstalled after the latter route is removed. In particular, it only happens if the host route address is also the router ID of some ASBR. [CSCdj49161]
LAT
- The following message may be erroneously displayed:
%LAT-3-BADDATA: Tty124, Data pointer does not correspond to current packet
When many LAT sessions are active, and a received data slot starts in the last 14 bytes of a full Ethernet frame, data for that slot is discarded. [CSCdi82343]
Novell IPX, XNS, and Apollo Domain
- Using the xns flooding command may cause the router to reload in certain environments. [CSCdj23479]
- If a route goes away due to aging (180 seconds) and the default route is known, a cache entry may be installed for the network using the default route path. If the network comes back within the next 60 seconds, a new cache entry pointing to the now valid path may not be installed and the cache will still point to the default route path for the network. A workaround is to issue the clear ipx route and clear ipx cache commands, or run without using the default route. [CSCdj47705]
TCP/IP Host-Mode Services
- Memory allocated for a new TCP connection will not be freed after receiving an ICMP unreachable if the new connection has its own listeners for processing of incoming connections. [CSCdj07761]
VINES
- A router may unexpectedly reload when VINES SRTP routing is configured. The workaround is to remove the vines srtp-enabled command. [CSCdj37888]
Wide-Area Networking
- PPP IPCP negotiation will be changed after Cisco IOS Release 11.0(11).
In Cisco IOS Release 11.0(11) the software accepts the remote peer's "Her" proposed address regardless, and the "Her" address is subsequently added to the IP routing table as a host route.
With Cisco IOS releases later than 11.0(11) the software will check the "Her" address against the corresponding dialer map and if the address is different than the IP address detailed within the dialer map, a NAK will be sent and the dialer map IP address will be added as a host route in the IP routing table.
It is possible to revert to the previous operation using the hidden interface command ppp ipcp accept-address. When enabled, the peer IP address will be accepted but is still subject to AAA verification. It will have precedence over any local address pool, however. [CSCdj04128]
- On a Cisco 4500 running Cisco IOS Release 11.0(11) and RSRB, there may be a crash in the "llc2_timer" routine causing a system reload. [CSCdj13175]
- The patch prevents the use of an invalid pak-info_start pointer when doing payload compression on RSP platforms, thus avoiding a crash. [CSCdj43332]
- A boot image without a subsystem containing IPCP will restart the router. There is no workaround. [CSCdj48085]
Caveats for Releases 11.0(1) through 11.0(16)
This section describes caveats (possibly unexpected behavior) of Cisco IOS Release 11.0(16). These caveats also apply to Releases 11.0(1) through 11.0(15) (unless otherwise noted).
For more caveats of Release 11.0(16) and earlier 11.0 releases, see all the preceding caveats sections.
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Release 11.0(17).
Basic System Services
- When using AAA, it is not possible to duplicate the precise sequence of prompts that dialup users have become accustomed to from using XTACACS. This makes moving from XTACACS to AAA problematic for users who do not wish to rewrite their dial-in scripts. [CSCdi42842]
- The router may reload inadvertently if you respond improperly to extended ping dialog prompts. [CSCdi88443]
- An ARAP session attempt causes NAS to reload when running AAA accounting with ARAP. [CSCdj21751]
IBM Connectivity
- Issuing the show lnm station command may cause the routers to reload, especially when the stations are getting in and out of the ring. [CSCdj09905]
- Continuously issuing the appn ping command causes the router to hang indefinitely. [CSCdj19525]
- Using the dlsw ring-list or dlsw port-list configuration commands can cause a SegV exception when executing the show dlsw reachability command. [CSCdj21894]
- The DLUR router may get into a tight loop, in which it continuously retries to start the DLUR/DLUS pipe to the same DLUS without waiting the specified retry time. This problem could cause the router to crash or continuously display pipe retry messages without waiting the specified retry time. It may also result in high CPU usage. [CSCdj22330]
- When establishing a DLSw session, the circuit priority field in the SSP header of the CUR_cs, ICR_cs, and/or REACH_ACK SSP frames may be set to a reserved value (5, 6, or 7). While this value will not cause problems when sent to a Cisco router peer, it may cause interoperability problems when peering to another vendor's equipment. This problem may manifest itself as an inability to start the circuit. [CSCdj22482]
- Under certain circumstances, the router will fail to create a dynamic link station. The workaround is to restart APPN on the router. This is caused by a small buffer leak that occurs for each ACTPU processed by DLUR. After some time, enough buffers may be lost as to cause session failures and dynamic link station failures due to insufficient buffers. [CSCdj23782]
- When RSRB with TCP encapsulation is configured and there are dead peers, an explorer packet may continuously try to open the dead peer. After several tries, the router may crash with memory corruption. The workaround is to remove any dead peer statements. [CSCdj24658]
- During certain race conditions, an APPN router may crash with the following stack trace:
PC= 0x606079a4[psbmfrm(0x60607930)+0x74], 32 bytes
PC= 0x606094d0[psp00(0x60609380)+0x150], 320 bytes [CSCdj25484]
- ReqActPU continuously fails with sense 8170001. This problem may occur when there are two parallel links to the same adjacent CP and the links are frequently stopped and started. The reason this may occur is because someone could try to activate a route over an inactive link. [CSCdj26027]
- When promiscuous or peer-on-demand peers are used and there are more than 100 circuits connected, a memory corruption crash may result when the promiscuous or peer-on-demand peers disconnect. The corruption occurs when circuit cleanup is delayed due to end station delay, LAN network delay, or high router CPU usage. [CSCdj26284]
- When a Cisco DLSw router starts a circuit (by sending CUR_cs) to another vendor's DLSw implementation, the Cisco DLSw incorrectly sets the largest frame (lf) bits in the CUR_cs header. [CSCdj26402]
- An APPN router may crash with the following stack trace:
606CD174[Qfind_front+0x24]
606C7D80[timer_process+0x300]
606C8070[csweotsk+0x1d0]
A router may experience this problem after displaying several messages when the output buffer was full. If the crash was related to displaying "incomplete definition in configuration" warnings, the workaround is too remove these incomplete definitions. [CSCdj26701]
- The timer that controls the daily cleanup of APPN topology and the 5-day rebroadcast of topology resources owned by this APPN node can fail after 45 days. At this time, other nodes where the timer is still functioning properly may age out the topology of the node with the failed timer after 15 days. Thus, after a total of 60 days, APPN routing failures and failed CP-CP sessions may result between APPN network nodes.
Because other network events (link outages, and so forth) can trigger a node to send a TDU, this problem will not necessarily appear exactly after a 60-day uptime -- it may occur much later or not at all. However, any APPN router running in the network for over 60 days is at risk for seeing this problem.
Stopping and restarting APPN will work around this problem until the next timer wrap, which can be up to 45 days, but may be less depending on the current value of the timer. Reloading the router will reset the timer and avoid the problem for an additional 60 days. [CSCdj29014]
- A router configured for RSRB may crash with a watchdog timeout during low memory conditions and/or continual peer state changes. [CSCdj30381]
- A DLUR router may reject unbind requests from the host if it has not received a bind response from the downstream LU.
If the downstream device never responds to the outstanding bind, the DLUR router will wait indefinitely and not free the local-form session ID (lfsid). This may cause a situation in which the host tries to reuse a lfsid after it has sent an unbind request, but the DLUR rejects the new bind request because it believes that this lfsid is in use. If the host continuously tries to use this lfsid which the DLUR believes is in use, then no new sessions can be established. This problem occurs only when the downstream device does not respond to a bind request. [CSCdj30386]
- Sometimes the linkstations may get stuck in a XIDSENT state when an APPN linkstation fails and recovery is attempted.
Caveat CSCdi77040 provides a fix for this problem in the system side. This caveat provides the corresponding fix for APPN. [CSCdj30552]
- Any device connecting to APPN/DLUR that does not carry a cv0E with a CPname specified on XID (any PU2.0 and some older PU2.1 implementations) causes APPN to fail to release 536 bytes of memory each time the device disconnects and reconnects. Any device connecting on a port with LEN-connection defined also exhibits this behavior.
When memory is exhausted, the APPN subsystem may stop or the router may reload. [CSCdj33429]
Interfaces and Bridging
- On Cisco 7500 RSP platforms, FSIP serial interfaces may display the following panic messages on the RSP console:
%RSP-3-IP_PANIC: Panic: Serial12/2 800003E8 00000120 0000800D 0000534C
%DBUS-3-CXBUSERR: Slot 12, CBus Error
%RSP-3-RESTART: cbus complex
If the string "0000800D" is included in the panic message, the problem is related to this bug. The workaround is to load a new image that contains the fix for this bug. [CSCdi78086]
- A Cisco 4700 Token Ring interface appears to intermittently stream "claim tokens" followed by streaming beacons when AM is lost. [CSCdj22150]
- Transparent bridging does not work with SMDS subinterfaces in Cisco IOS Release 11.0. Cisco IOS Release 11.1 is not affected.
Frames are not bridged properly through the SMDS subinterface. Issuing the show bridge command will not show any bridge table entries for hosts through the SMDS subinterface. [CSCdj23544]
IP Routing Protocols
- Under unusual circumstances, EIGRP may reinitialize multiple peers when a stuck-in-active condition occurs, instead of just the peer through which the route was stuck. [CSCdi83660]
- Under certain conditions, the EIGRP variance command may not remove routes that have a higher next hop metric. To resolve the problem, issue the clear ip route command. [CSCdj19634]
- When the LSA with the host bits is generated, OSPF ABR handles the LSA incorrectly and reports the "OSPF-3-DBEXIST" error message for type 3 LSAs. [CSCdj21392]
LAT
- Illegal LAT STOP slots may be sent if a line is disconnected immediately after initiating a LAT connection. This is more likely to be seen when using protocol translation. These illegal slots cause the LAT virtual circuit to be disconnected, affecting all connections to the host. [CSCdj09876]
- When performing protocol translation from X.25 to LAT, spurious memory accesses may be seen in console messages as well as in the output from the show alignment EXEC command. [CSCdj18470]
Novell IPX, XNS, and Apollo Domain
- IPX fast switching might fail over a PRI interface, resulting in IPX client connections not being established over the PRI even though the IPX servers are visible. The workaround is to configure no ipx route-cache on the PRI interface. [CSCdj29133]
TCP/IP Host-Mode Services
- New TCP connections may become stuck in SYNSENT state when router is low on memory. [CSCdj30008]
VINES
- Issuing the write memory command may cause the system to reload while writing the VINES access list to memory. Issuing the write terminal or show vines access commands may also halt the system. The workaround is to delete the configuration file and reconfigure the system. [CSCdi49737]
Wide-Area Networking
- TCP header compression does not work over Point-to-Point Protocol (PPP), ISDN, and asynchronous dialer interfaces. To work around this problem, turn off ip tcp header-compression. Note that non-dialer asynchronous interfaces used for dial-in PPP access are not affected. [CSCdi19199]
- When the shutdown and no shutdown commands are issued on a BRI interface while the primary Frame Relay interface is down, the interface comes back in standby mode. This problem also occurs when the router is reloaded with the BRI in a standby mode and the primary is down. [CSCdj16441]
- Under a high CPU load, it may be possible for the number of active calls and the number of available B channels displayed by the show isdn status command to be incorrect. Duplicate caveats are CSCdj23944, CSCdj27419, CSCdj15811, CSCdi82010 and CSCdj28147. [CSCdj18895]
- Routers running with x25 routing enabled on releases after 11.0(14.1), 11.1(10.1) and 11.2(4.4) are susceptible to the router processor pausing indefinitely when malformed connections are made to the X.25-Over-TCP (XOT) port. If this occurs, the router must be reloaded to recover.
The following error message can be seen scrolling on the console if the router is in the above state:
%X25-4-VCLOSTSYNC: Interface TCP/PVC, VC 0 TCP connection corrupted
This does not seem to occur in a normal XOT switching environment. [CSCdj25846]
- When the primary interface goes down, the secondary interface may not come up if there is a specific backup load configured. This problem does not affect backing up for a subinterface, since the backup load command does not apply. [CSCdj26048]
Caveats for Releases 11.0(1) through 11.0(15)
This section describes caveats (possibly unexpected behavior) of Cisco IOS Release 11.0(15). These caveats also apply to Releases 11.0(1) through 11.0(14) (unless otherwise noted).
For more caveats of Release 11.0(15) and earlier 11.0 releases, see all the preceding caveat sections.
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Release 11.0(16).
Basic System Services
- If a Cisco Catalyst 3000 on an adjacent network does not have a protocol address configured and it sends CDP updates, the router may be reset when the show cdp neighbor detail command is used. [CSCdj15708]
IBM Connectivity
- NetBIOS sessions may not come up in a busy system. [CSCdj11152]
- A system may be restarted by an error caused by LAN Manager. The current workaround is to disable LNM. [CSCdj11711]
- Some circuits may connect using smaller, non-optimal maximum frame sizes when Cisco DLSw is used with other vendors' DLSw implementations. In addition, some circuits may not connect at all. [CSCdj17372]
- Cisco 2522 routers running Cisco IOS Release 11.0(11) may have problems with the SDLC state machine. When a large amount of data is input into the router from a PU (for example, during a file transfer), the router may poll the next PU without receiving a poll final in a frame and without T1 expiring. The router may also expect data from the PU, even though it did not poll the PU.
A workaround is to ensure there are no unnecessary PUs configured on a line that is continually sending SNRMs. [CSCdj17630]
- When a directory cache entry exists for a resource and a broadcast search arrives for that same resource name, the intermediate node broadcast processing will delete the valid cache entry that previously existed, resulting in excessive locate broadcast traffic. [CSCdj21343]
Interfaces and Bridging
- A Cisco 7500 series router may report spurious errors such as the following:
%RSP-3-ERROR: CyBus0 error 78
%RSP-3-ERROR: invalid page map register
%RSP-3-ERROR: command/address mismatch
%RSP-3-ERROR: invalid command %RSP-3-ERROR: address parity error
%RSP-3-ERROR: address parity error 23:16 1, 15:8 1, 7:0 1
%RSP-3-ERROR: bus command invalid (0xF)
%RSP-3-ERROR: address offset (bits 3:1) 14
%RSP-3-ERROR: virtual address (bits 23:17) FE0000
%RSP-3-RESTART: cbus complex
or
%RSP-3-ERROR: MD error 0080008030003000
%RSP-3-ERROR: SRAM parity error (bytes 0:7) 0F
%RSP-3-RESTART: cbus complex
CyBus errors similar to the above errors have two known causes. If there are HIPs in the router and on the bus reporting the CyBus error, a race condition may exist with the HIP microcode on an oversubscribed bus. The workaround on dual-CyBus platforms is to move all the HIPs onto a CyBus that is not oversubscribed.
The errors can also be caused by the failure of a marginal CI arbiter board or an RSP board. As a result of this problem, all interfaces are reset, causing forwarding to be stopped for a few seconds. [CSCdj06566]
IP Routing Protocols
- Cisco 4500 routers may not correctly policy-route when serial subinterfaces are configured and the fast-switching cache is populated. A workaround is to disable fast switching on all interfaces. [CSCdi86063]
TCP/IP Host-Mode Services
- DLWS incorrectly connects to a down interface on the peer. [CSCdj00448]
Wide-Area Networking
- Cisco AS5200s may experience hung calls and ISDN data structure memory leaks. It may not be able to either call out or accept incoming calls. This caveat is a duplicate of CSCdj02168, CSCdj07119, CSCdj08187 and CSCdi82010.
Other ISDN platforms are affected largely by that described in CSCdj07119 or CSCdi82010 depending upon their particular ISDN usage characteristics. [CSCdj05355]
Caveats for Releases 11.0(1) through 11.0(14)
This section describes caveats (possibly unexpected behavior) of Cisco IOS Release 11.0(14). These caveats also apply to Releases 11.0(1) through 11.0(13) (unless otherwise noted).
For more caveats of Release 11.0(14) and earlier 11.0 releases, see all the preceding caveats sections.
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Release 11.0(15).
Basic System Services
- A Cisco 2511 router might display these messages and then reload:
Sched-3-pagezero: low memory modified by Exec Traceback=30C36AA 3141C4C 30A18D0 30A110C 31448DC 30D557C 308AEB0 30DE9C8 trace trap at 0X31FC794
Issuing the show version command after the reload displays the following:
System restarted by unknown reload cause - ptr to non-ascii bytes 0x4 at
date/time
[CSCdi73404]
- When using RSP code with HIP, TRIP, or FIP interfaces, and when the MTU is larger than 4096 bytes on TRIP or FIP interfaces or larger than 8192 bytes on HIP interfaces, there is a rare chance that a system error might occur. When this happens, the error message "CYBus error 8" or "CYBus error 10" is displayed. [CSCdi75522]
- A memory leak might be introduced whenever TACACS+ is enabled. The memory is released to the EXEC process as seen on the show memory command. This memory leak does not occur in Cisco IOS Release 11.0(9) or earlier releases. [CSCdi89479]
- Sometimes the router may restart due to a bus error. [CSCdj02493]
- When ntp broadcast client is enabled, packet buffer leaks may occur unexpectedly. Deconfigure the command if this condition occurs. [CSCdj03162]
- On RSP systems, when maximum-size MTU packets are received by serial interface processors (including the FSIP, HIP, MIP, POSIP, and serial port adapters on VIPs that forward data to the RSP to be routed), up to 8 bytes of data might be written into the next datagram's packet memory. This could result in anomalous system behavior, including software-caused system crashes and dropped datagrams. This problem is only applicable to RSP systems with serial interfaces. [CSCdj08573]
- Customers who have an FDDI interface installed on their router may see some bad input packets with other interfaces which are using the same pool of MEMD buffers. There may be up to one input failure per SMT frame input over each FDDI interface.
A workaround is to execute the command test rsp cache memd-fastswitchuncache each time the router is rebooted. [CSCdj10028]
EXEC and Configuration Parser
- The output of the show tech-support command displays some potentially sensitive SNMP data, such as the SNMP community strings, SNMP MD5 keys, and SNMP user IDs and passwords. If these data refer to read-write communities or views, they can be used to reconfigure the Cisco IOS software, providing the same level of access to the Cisco IOS software that is available with the enable password. Use caution when sending show tech-support command output across insecure channels. For example, remove the community strings, keys, user IDs, and passwords before sending. [CSCdj06881]
IBM Connectivity
- A crash is caused by the SP microcode on Cisco 7000 series routers when a buffer copy by the SP makes the Route Processor (RP) wait too long and take a bus error. [CSCdi77785]
- A QLLC connection using a virtual MAC address from a pool of virtual MAC addresses may get connected to the wrong resource on the mainframe. [CSCdi86358]
- When using SDLC via DLSw in Cisco IOS Release 11.0, the sdlc address command will disappear from the router configuration after a router reload. It may also disappear from the configuration without performing a reload. [CSCdi88796]
- A DLUR router may fail to establish new LU-LU sessions once it experiences a race condition during session activation and deactivation. Messages similar to the following may be displayed on the router console when attempting to start new sessions. To clear the problem, APPN must be stopped and restarted.
IPS ID: 1400 QUEUE: 2 ORIGIN: xxxpcs00 MUTYPE: C5
%APPN-0-APPNEMERG: Assertion failed in ../scm/xxximndr.c at line 158
-Process= "xxxims00", ipl= 0, pid= 58
-Traceback= 606C3488 606879EC 606818C8 606810E4 6067AF90 6019AB08 6019AAF4
[CSCdi90117]
- Removing dead peers by using the no source-bridge remote-peer configuration command can sometimes cause the router to crash if that peer is trying to come up. [CSCdi93052]
- The SDLC output queue can get stuck if the sdlc line-speed command is not set or if it is set to an incorrect value. A symptom is that the router stops sending SDLC frames out of the serial interface, resulting in SNA session drops. The interface needs to be recycled or reset to clear the condition. A workaround is to set the sdlc line-speed command parameter to equal the actual line speed being used. [CSCdj01434]
- Cisco 2520, 2521, 2522, and 2523 routers might report SDLC abort frames on the low-speed ports, but these abort frames do not get reported on the high-speed ports or on other platforms. This is because the low-speed ports count all aborts, whereas high-speed ports and other platforms count only aborts that are longer than 2 bytes. This is a cosmetic error and does not result in retransmitted frames. There is no performance impact and merely indicates that the transmitting device is sending erroneous bits after the trailing flag. These bits are ignored. No workaround is necessary. [CSCdj01488]
- If end stations are continually activating and deactivating, a router configured for DSPU may crash with the error "Software forced crash, PC 0x31598BC". [CSCdj02005]
- A race condition may occur during session cleanup, which causes the DLUR router to crash or display a "Mfreeing bad storage" message. [CSCdj02249]
- RSRB LACK was incorrectly freeing a packet if the RSRB local-ACK state entered a busy/await state. The traceback occurs when there are packet drops or congestion. [CSCdj05810]
- A buffer leak causes a crash when NSP is used over DLUR. [CSCdj10387]
- The DLUR router may send a corrupt APPC frame to a DLUS if a timing window is hit when accessing multiple DLUSs. This problem may occur if there are primary and backup DLUSs configured and at least one inactive PU that cannot get into the primary DLUS while other PUs are active with the primary DLUS.
This problem may cause VTAM to refuse to activate subsequent DLUR/DLUS pipes for all DLUR NNs. A "/d net, DLURs" message shows the DLUS conwinner state as reset and the conloser state as active.
To prevent the DLUR router from sending this corrupt frame, reconfigure the DLUR routers without coding a backup DLUS. [CSCdj10485]
Interfaces and Bridging
- When a router is configured as an RARP server and is also configured for transparent bridging on the same interface, the router does not respond to reverse ARP requests. The router should provide RARP service if configured as a RARP server, regardless of whether it is configured later as a two bridge only. [CSCdi83480]
- OIR removal of a FIP from one slot into another will cause the FDDI to permanently remain in a DOWN/DOWN state; a reload is needed to change this state. However, OIR removal from one slot into the same works correctly. [CSCdi87221]
- Sometimes FDDI interfaces may stop accepting multicast packets. [CSCdi92156]
- Transparent bridging may cause high CPU utilization. The show align command can be used to confirm whether large "counts" of alignment errors are the source of the problem. The show align command will also yield TRACE information which can be decoded to determine the source of the problem. [CSCdj03267]
- When a serial interface is configured as half-duplex in a Cisco 4000 series router, and the shutdown and no shutdown commands are entered for another full duplex serial interface, the router may become non-responsive. To correct this condition, turn the router off and then back on. [CSCdj13056]
IP Routing Protocols
- Systems running OSPF might experience a software-forced crash. There is no known workaround. [CSCdi81510]
- In very rare cases involving equal-cost backup routes to a failing route, it is possible for Enhanced IGRP to be caught in a "stuck in active" state (self-correcting after several minutes). There is no workaround to this problem. [CSCdi81791]
- Cisco 4500 routers might reload and provide the following stack trace:
System was restarted by bus error at PC 0x601E4CD0, address 0xD0D0D0D
4500 Software (C4500-P-M), Version 10.3(16), RELEASE SOFTWARE (fc1)
Compiled Thu 24-Oct-96 18:32 by richardd (current version)
Image text-base: 0x600087E0, data-base: 0x60370000
Stack trace from system failure:
FP: 0x605D46B8, RA: 0x601E4CD0
FP: 0x605D46D8, RA: 0x601E4D88
FP: 0x605D46F8, RA: 0x601E50EC
FP: 0x605D4710, RA: 0x601C88E0
FP: 0x605D4740, RA: 0x601E4998
FP: 0x605D4760, RA: 0x601E5174
FP: 0x605D4778, RA: 0x60081D04
FP: 0x605D47B8, RA: 0x6006C8A4
This trace decodes as follows:
rn_walktree_blocking_list
[CSCdi90523]
- An extended access list that denies IP traffic and that does not require transport layer information might let fragments go through if the log option is configured. As a workaround, do not configure the log option. [CSCdj00711]
- IGRP erroneously accepts a majornet route over an interface that is directly connected to a different majornet. [CSCdj03421]
- A byte may be added to packets moving from serial to FDDI interfaces. [CSCdj06246]
- Static routes configured by the ip route command may not be found from the EIGRP topology table if they are a sub-net of a net advertised as unreachable, even though they show up in the IP routing table. [CSCdj09571]
- OSPF cannot form adjacency because the neighbor list is corrupted, resulting in a possible router crash. [CSCdj16875]
Novell IPX, XNS, and Apollo Domain
- If IPXWAN is configured and the remote router is configured to allow IPXWAN Client mode, the local router will reset the link, upon receiving the IPXWAN Timer Request. IPXWAN debugging will show an "IPXWAN: Rcv TIMER_REQ reject Router asking for Client mode" message . The workaround is to disable IXPWAN Client mode negotiation on the remote router. [CSCdi93285]
TCP/IP Host-Mode Services
- A crash may occur that looks similar to caveat CSCdi61278. [CSCdj01350]
- A TCP packet still in use may accidentally get freed in IP when the packet is going out a Frame Relay interface on which TCP header compression is configured. When this happens, the following messages are logged on the console:
Mar 19 08:41:23: %TCP-2-BADREFCNT: Tty0: Bad refcnt for packet 0x608F9C2C during retransmit, 135.135.100.1:1998 to 135.135.105.1:11000, state 4-Traceback= 601EEB7C 601EEEA4 601F1B68 601F1E4C 6013F140 6013F12C
Mar 19 08:41:50: %X25-4-VCLOSTSYNC: Interface Serial3, VC 82 TCP connection corrupted
Mar 19 08:41:52:TCP0: extra packet reference for pak 0x60A031D8 found:
Mar 19 08:41:52: %TCP-2-BADQUEUE: Multiple entry for packet 60A031D8-Process= "TCP Driver", ipl= 0, pid= 26-Traceback= 601F3384 601F5408 6023CCB4 6023D214 6013F140 6013F12C
Mar 19 08:41:52: pak: 135.135.100.1:1998, 135.135.1.4:11137, seq 1668710213length 47
Mar 19 08:41:52: TCB: 135.135.100.1:1998, 135.135.1.13:11137, sendnext 1668710220, state 4
[CSCdj06781]
Wide-Area Networking
- I/O and processor memory may be consumed by processes in the router, primarily the Critical Background process. The router may run out of memory after 29 hours of operation. [CSCdi80450]
- Under unknown circumstances, the router may be restarted by a bus error. This problem occurs only if PPP is configured. [CSCdi89566]
- When the x25 suppress-calling command is configured on a router running ISIS over X.25, ISIS does not find the called address or the SNPA. [CSCdj00315]
- When a network management station frequently polls Frame Relay MIB data from a router being reloaded, a crash in the Frame Relay MIB code area can occur. [CSCdj00447]
- An async controller may hang and cause four connected modems to go into a hung state. [CSCdj01441]
- The last X.25 fragment has the M-Bit set improperly when the packet is full, but no additional data is to be sent. [CSCdj03488]
- For TS014 (Australia, PRI) switchtypes: When a clear collision occurs between the CE and the network simultaneously transferring a DISCONNECT message specifying the same call, the call is not properly cleared. Neither side sends the RELEASE message to release the call, and hence the call reference and the associated call control block (CCB). [CSCdj06157]
- A router may reload without producing a stack trace or otherwise behave unpredictably while routing an X.25 call that contains 16 bytes of Call User Data. There is no known workaround. [CSCdj10216]
- The number of available B channels is incorrectly incremented by the total number of B channels per interface whenever the controller or the interface is reset. The incorrect number results in a dialer attempting to place calls on resources that are actually in use. [CSCdj11181]
Caveats for Releases 11.0(1) through 11.0(13)
This section describes caveats (possibly unexpected behavior) of Cisco IOS Release 11.0(13). These caveats also apply to Releases 11.0(1) through 11.0(12) (unless otherwise noted).
For more caveats of Release 11.0(13) and earlier 11.0 releases, see all the preceding caveats sections.
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Release 11.0(14).
Basic System Services
- AGS+ routers with first generation FDDI cards (CSC-C2FCI) do not support translational bridging, and are no longer supported. They only use encapsulated bridging. The second generation AGS+ FDDI cards (CSC-C2FCIT) support both translational and encapsulated bridging.
Also, encapsulated bridging does not work on the Cisco 7500 router. To bridge between the AGS+ and the Cisco 7500 router you must use CSC-C2FCIT cards in the AGS+ and use translational bridging.
A disadvantage of using encapsulated bridging is that it cannot use the hardware bridge filtering capabilities of the CSC-C2FCIT cards, which have a CAM built into them, which is used to do bridge filtering on the card. When encapsulated bridging is used, the main processor has to do all bridge filtering. This means that one busy encapsulated bridging FDDI network can consume the entire bandwidth of the router's main processor, just to accomplish bridge filtering. [CSCdi46862]
EXEC and Configuration Parser
- Newer Telnet clients, which support the NAWS option, cause line and width line configuration commands to appear on the vty. [CSCdi90442]
IBM Connectivity
- This problem has been more prevalent in STUN/Local-Acknowledgment scenarios involving AS/400s. The remote router expects to see an OPCODE called LINK_ESTABLISHED from the host router, in order for it to transition the state from USBUSY to CONNECT. While in USBUSY state, the remote router continually sends RNR to the downstream devices. The host router will only send the OPCODE once it sees the first RR/P after a SNRM/UA exchange sequence. With other devices such as a FEP, an I-Frame can be sent out prior to the RR/P which would actually take the remote router state out of USBUSY, but the local-ack states do not correspond to the actual situation at hand. This problem can be partly avoided by using a Cisco IOS release that includes the fix for CSCdi65599. [CSCdi61514]
- Cisco 4700 router Token Ring interfaces intermittently stop working and fail to reinitialize. This problem is seen only during heavy activity and when more than one Token Ring port is active. This problem occurs only on Cisco 4700 platforms, not on Cisco 4000 or 4500 platforms. [CSCdi70398]
- When two or more FEPs at a central site, each with the same TIC address, are connected to a different Token Ring and a different DLSw peer router, a remote SDLC attached PU2.0 device will not establish a session to the back-up FEP if the first is taken offline. This problem does not affect PU2.1 devices. [CSCdi76575]
- DLSw sessions might fail to establish, and existing sessions might be torn down. This problem occurs because of a failure with Multiple DLSw peerings to remote routers that are using Frame Relay direct encapsulation and passthrough. The workaround is to configure TCP encapsulation. [CSCdi78017]
- When using DLSw+ to communicate with non-Cisco devices, the Cisco platform might not deal with incoming transport keepalive packets in an appropriate manner. [CSCdi78202]
- When the command stun remote-peer-keepalive is enabled in a locally acknowledged STUN over Frame-Relay configuration, STUN peers constantly reset because of incorrect handling of STUN keepalives. [CSCdi78480]
- FST switching of DLSw through a Frame Relay subinterface is process switched when it should be fast switched. This can be seen by the command show dlsw peer. [CSCdi80779]
- An APPN connection network will not properly identify a currently active connection between the MAC/SAP pairs if the connection network is defined over an RSRB or VDLC port. (It works fine over Token Ring and FDDI ports). This causes the session to fail with sense 80020000. [CSCdi81897]
- A router might reload when more than 125 sessions on the router are using QLLC/DLSw+ conversion. [CSCdi84896]
- When a downstream PU2.0 stops by issuing a REQDISCONT to a DLUR router, the DLUR router may loop continuously, restarting the link to a downstream PU2. In this case, the DLUR router sends a corrupted packet to the host, instead of a REQDACTPU. [CSCdi86769]
- An Invalid packet might be received from the VTAM NN, and the CP-CP session might be torn down. [CSCdi87217]
- When source-route bridging is enabled on a Cisco 7500 router in a Token Ring environment, if the router receives a packet that is to be routed but that contains a RIF, the router misclassifies the packet, treating it as a source-route bridge packet, which causes it to be discarded. This may cause intermittent failures of routed protocol sessions. There is no known workaround. [CSCdi87321]
- For LU0-LU0 traffic, the extended BIND may contain unformatted user data fields. The NN rejects the BIND and the session will never start. [CSCdi87365]
- The lsap-output-list parameter on a DLSw remote peer statement blocks SNA and/or NetBIOS if configured as such, but will only block other types of broadcast traffic from local DLSw interfaces. DLSw routers acting as border peers are not able to use lsap-output-list filters on remote peer definitions.
A workaround is to configure the required filter at the originating router, either at the interface or DLSw level. (This is a large administrative task in large networks.) [CSCdi87600]
- Configuring the output-lsap-list command on local Token Ring interfaces does not block broadcast traffic from a DLSW peer. The workaround is to use a filter at the DLSW level on either router or to block the traffic with an input-lsap-filter command at the remote peer. [CSCdi88593]
- When running multiple large file transfers across DLSw using FST transport, sequence errors may occur causing the job to abort. This is viewed by the command show dlsw peer. A sequence error occurs when a numbered FST (IP) packet is received by the DLSw peer and the sequence number does not match what the peer expects. [CSCdi89838]
- PEER INVALID trace messages are displayed on the console. (Also, in Releases 11.1 and 11.2, the session on the peer-on-demand does not come up for quite some time.) [CSCdi90953]
- A router configured for DSPU may crash with the error message "Software forced crash, PC 0x31598BC" if end-stations are continually activating/de-activating. [CSCdi91368]
- When running APPN/DLUR sessions, a reload in check_heaps may occur due to a memory overwrite. The memory overwrite occurs if the amount of control vector data in an extended bind response is larger than the buffer that the bind response arrived in. [CSCdi91432]
- The DLUR router may crash with a "SegV exception" or a "Illegal access to a low address" message due to a DLUR memory corruption problem. This error is a race condition which usually occurs when DLUR sessions are going up and down. The stack trace after the memory corruption usually indicates Mget_x. [CSCdi92947]
- DLSw+ reachability entry may get stuck in the VERIFY state. This problem is timer related and the likelihood of this happening is low. It is more likely to occur after several months of operation. [CSCdi93217]
Interfaces and Bridging
- When the command ip route-cache cbus is configured on an interface, the router might intermittently crash because of an incoherent cache entry data structure.
If this incoherency occurs but does not cause a router crash, it might instead cause ciscoBus switching to be automatically disabled, and the interface would resort to fast switching or SSE switching (if SSE switching was configured). [CSCdi43526]
- Packets are dropped when bridging on an FDDI interface if the packet has DSAP and SSAP = 0xaaaa and packet length is less than 21 bytes. This problem can cause this error message to display:
CBUS-3-INTERR: Interface 6, Error (8011)
This problem occurs because the bridging code sees "aaaa" and assumes the packet is SNAP encapsulated. Because SNAP encapsulated packets have a minimum length of 21, the bridging code subtracts 21 from the original length of the packet (20) when queuing it on the outbound interface. This results in a packet length of -1 or 65535 bytes. This causes the SP to become confused and write over low core, causing the 8011 error. [CSCdi65953]
- A Token Ring driver might misclassify IPX broadcast packets as SRB explorer packets and flush, rather than switch, the packets. This occurs only when bridging on low-end products (such as an IGS or Cisco 4500 platform). [CSCdi75134]
- Policy routing on a Cisco 7000 router with silicon switching enabled does not function correctly. As a workaround, manually disable silicon switching on each of the interfaces with the no ip route-cache sse command. [CSCdi77492]
- On Cisco RP/SP 7000 series routers, if you reload the router after adding new interface processors or swapping interface processors, the configuration for serial interfaces may be lost. Also, the encapsulation may be lost, causing the serial interface configuration to change to the default (HDLC). You can identify this problem if your interface is a serial interface, for example, an FSIP or HIP, and the show configuration command correctly displays the original configuration for the serial interface. As a workaround, EOIR the new card, configure it, and issue the write memory command before reloading. [CSCdi79523]
- When pinging over synchronous DDR with HDLC stack compression, the router will unexpectedly reset. [CSCdi79832]
- The FDDI interface driver can interact poorly with OSPF during OIR, causing SPF recalculations. This occurs only when OSPF is running on a FDDI interface that is not being inserted or removed. There is a spurious indication from the driver that the SPF recalculation needs to take place. [CSCdi81407]
- RSP routers running Release 11.0(13) ignore incoming traffic on FDDI interfaces if SRB is used anywhere in the system (either on TRIP or CIP interface cards). If this problem occurs, turn off SRB. [CSCdi92818]
IP Routing Protocols
- A router might advertise a combination of unicast and DVMRP routes in excess of the configured route limit (but no more that two times the limit). The workaround is to configure a lower route limit. [CSCdi85263]
ISO CLNS
- After removing a static CLNS route, ISO-IGRP prefix routes might count to infinity around a looped topology. The workaround is to use the no clns router iso-igrp domain command to break the loops in the CLNS topology until the routes age out. [CSCdi78048]
Novell IPX, XNS, and Apollo Domain
- NLSP links may reflect an incorrect source network/node address in the routing tables. This does not hinder connectivity to other IPX networks when routing between Cisco devices. However, certain non-Cisco routers may not like the incorrect address and NLSP routing may fail. NLSP routers should use the address Internal-Network.0000.0000.0001 when sending NLSP packets; therefore, on WAN media which require MAPs for IPX, this should be the next hop address in the map statement. [CSCdi68981]
- NLSP may reflood LSP fragments unnecessarily, including both changed and unchanged fragments. Typically, this is not a problem on LAN circuits. However, this can present bandwidth-related problems on low-speed WAN circuits, especially as the size of the network increases.
The flooding behavior covers up a problem where services may be missing from the SAP table until the next full SPF. This is not a problem when all neighbors are Cisco routers, but can be a problem when third-party routers are present on the same link. [CSCdi74487]
- In a redundant IPX Enhanced IGRP network running IPX incremental SAP, the router's SAP table SAP information may contain out-of-date information, such as the socket number if the socket number is changed from its initial advertisement. [CSCdi85953]
- SPX keepalive spoofing will cease to spoof after a router has been up for 24 or more days. The command debug ipx spx-spoof will show packets being skipped at the time when they should be spoofed. The only workaround is to reload the router once every three weeks. [CSCdi86079]
- When IPX incremental SAP is running, the router's SAP table may not contain all the SAPs in the network if one of it interfaces goes down and comes back up later. [CSCdi90899]
- When running IPX incremental sap, the router may not remove all the SAPs that are no longer reachable via this router. [CSCdi90907]
TCP/IP Host-Mode Services
- Non-TCP reverse connections to lines may corrupt memory, resulting in a software-forced crash. This problem was introduced starting in Releases 10.3(15.1), 11.0(11.1), and 11.1(6.1). [CSCdi79310]
- A router will reload if TCP tries to repacketize a packet that has an invalid packet reference count. [CSCdi87175]
VINES
- If you add a VINES static route of equal metric for an alternative path when vines single-route is configured, the system may reload. The workaround is to delete the static route or enter the no vines single-route command. [CSCdi92190]
Wide-Area Networking
- Under certain circumstances, a group of four serial ports on an AS5100 or Cisco 2509, 2510, 2511, or 2512 router can become unresponsive. Only a reload will solve the problem. [CSCdi58103]
- When two routers are connected to the same destination, outbound IP fast switching on dialer interfaces does not work on the more recently connected interface. The workaround is to turn off fast switching on the DDR interfaces using the no ip route-cache command. [CSCdi75490]
- Dial-on-demand (DDR) load balancing does not forward packets correctly when the system dials out via the dialer load-threshold command and more than one remote device is connected by either dialout or dialin. This typically occurs on a PRI with dialer load threshold configured, but may also occur on BRI or multiple DDR interfaces in a dialer rotary group when more than one remote device is connected. As a workaround, remove the dialer load-threshold command. [CSCdi76324]
- IPX fast switching with multiple route paths over multiple ATM/LANE interfaces/subinterfaces may cause random system reloads. A workaround is to use only one AMT/LANE IPX path, set ipx maximum-path 1, or use ipx per-host-load-balance to force only one interface to be used. [CSCdi77259]
- If the dialer hold-queue command is configured, DDR dialing may force a reload with a high amount of connect/disconnect activity. The workaround is to remove the dialer hold-queue command. [CSCdi81000]
- Routers will reload when the no frame-relay priority-dlci-group command is entered. The workaround is to first remove any frame-relay interface-dlci commands and then remove the frame-relay priority-dlci-group command. [CSCdi85395]
- If DLCI prioritization is enabled on an interface, and a low/medium/normal-priority DLCI is the same as a high-priority one, the router might not Inverse-ARP after a router reload or after a shut and no shut command cycle. This might cause loss of IP connectivity if a Frame Relay map does not exist. A workaround for this bug is to first remove the DLCI prioritization and then add it back after the router has Inverse-ARP'ed for the remote IP address. [CSCdi85414]
Caveats for Releases 11.0(1) through 11.0(12)
This section describes caveats (possibly unexpected behavior) of Cisco IOS Release 11.0(12). These caveats also apply to Releases 11.0(1) through 11.0(11) (unless otherwise noted).
For more caveats of Release 11.0(12) and earlier 11.0 releases, see all the preceding caveats sections.
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Release 11.0(13).
Basic System Services
- The boot config nvram: configuration command, which was added for the RSP platform, interacts improperly when the service compress-config command is enabled. The boot config command causes the NVRAM to lock up, and the router must be rebooted to free the NVRAM. [CSCdi52587]
- AAA authorization and accounting transactions to the TACACS+ server can be delayed by 9 seconds if DNS is not configured on the router, or if the IP address of your TACACS+ server does not exist in your local host table. This occurs because whenever the router needs to establish a connection to your TACACS+ server, it attempts to look up your server's IP addresses.
To work around this problem, do at least one of the following:
- Add the global configuration command no ip domain-lookup to your configuration.
- Add the IP address of your TACACS+ server to your local host table.
[CSCdi70032]
- When an accountable task has a duration shorter than the time is takes to contact the TACACS+ accounting server, the stop record may be discarded by the Cisco IOS software without being transmitted to the server. [CSCdi70312]
- A problem has been found in the RSP code within Cisco IOS Releases 10.3, 11.0, 11.1, and 11.2. In extremely rare conditions, a failure condition can occur when Backing Store or Fair Queuing are enabled. To avoid these problems, the rsp- Cisco IOS images in affected releases are no longer available.
For Release 11.0, this problem has been fixed in maintenance releases 11.0(12a), 11.0(13) and later 11.0 releases.
To avoid this problem, Cisco highly recommends that you upgrade all Release 11.0 RSP-based systems to Cisco IOS Release 11.0(12a), 11.0(13), or a later release.
For those systems that cannot be upgraded, you can avoid this problem by disabling Backing Store, Fair Queuing, and UDP turbo flooding.
Disable Backing Store and Fair Queuing on each interface with the commands no transmit-buffers backing-store and no fair-queue. Backing Store defaulted to OFF in images beginning with 11.0(9.2). However, it is important to look at the current configuration. An image configured before Backing Store defaulted to OFF may have it ON for router interfaces.
Disabling UDP turbo flooding is a workaround required for Release 11.0 and later major releases. UDP turbo flooding is OFF by default in all releases; however, you should ensure that it is turned OFF in the current configuration. The command to disable UDP turbo flooding is no ip forward-protocol turbo-flood. [CSCdi71609]
- Timer-related functions, such as NTP and routing update intervals, do not work correctly in Revision D Cisco 4700 routers. Also, Revision E Cisco 4700 routers are recognized by SNMP as "4700" instead of "4700M." [CSCdi75353]
EXEC and Configuration Parser
- The router will crash if you issue a command line that is an alias and that is greater than 256 characters in length after the alias is expanded. [CSCdi63994]
IBM Connectivity
- When using APPN/DLUR, if many sessions to downstream dependent LUs are started and stopped, the router may stop with a bus error at ndr_queue_handler. [CSCdi52377]
- If you perform online insertion and removal (OIR) of an Interface Processor (IP) in a Cisco 7500 series router that is equipped with a CIP and another IP that has the same size MTU as the CIP, the router might crash with a ciscoBus error. [CSCdi59377]
- QLLC DLSw cannot reconnect after a failure. The following assert message is displayed:
%CLS-3-CLSFAIL: CLS: Assertion failed: file "../srt/qllc.c", line 4352 !"QSapAddCepFailed"
[CSCdi64840]
- If you are running an 11.1 Cisco IOS software version and you have a 4-port Token Ring port adapter in a VIP2 card, your router might crash and display these messages:
ALIGN-1-FATAL: Illegal access to a low address
addr=0x1, pc=0x60544FE0, ra=0x60544FE8, sp=0x60AEE780
*** System received a SegV exception ***
signal= 0xb, code= 0x8000200c, context= 0x60a1a980
PC = 0x6010bfd4, Cause = 0x2020, Status Reg = 0x34008002
DCL Masked Interrupt Register = 0x00000000
DCL Interrupt Value Register = 0x00000000
MEMD Int 6 Status Register = 0x00000000
System was restarted by error - a SegV exception, PC 0x60544FE0
The workaround is to not use the Token Ring interfaces on the VIP. [CSCdi69234]
- If source-route bridging (SRB) explorer traffic is so low that no explorer is forwarded on a Token Ring interface for 25 days, then the Token Ring interface stops forwarding SRB explorers. The show source command shows that the "flushed" count increments for every explorer received, while no "expl_gn" explorers are counted to the remote peers. This problem causes connectivity loss. On more recent products, such as the Cisco 7500 series, these symptoms can occur on very active Token Ring interfaces after the Cisco IOS software is reloaded. A short-term workaround is to reload the affected router. [CSCdi70559]
- When using RSRB with FST encapsulation, the router may crash if there is more data to forward onto the virtual ring than there is bandwidth to accept. [CSCdi72427]
- A bug introduced by the fix to CSCdi69231 might cause NSP to stop working. Images affected are 11.0(11.2), 11.1(6.2), and 11.2(1.1). The following message may display when NSP stops working: "SNA: Connection to Focal Point SSCP lost." or "SNA: MV_SendVector rc = 8001." [CSCdi72696]
- The router might crash when you enter the show lnm station command. This might happen when there are many ring status changes; for example, when stations are added to or removed from the ring. This problem is platform independent. The workaround is to disable LNM. [CSCdi72954]
- Rarely, APPN's APPC stack (used to send locates and TDUs) will hang. This can occur when an outbound locate or TDU is in the process of being transmitted on a CP-CP session at the exact time that the session is terminated (due to link failure or other reason). The APPC component does not handle this situation properly, and after the condition occurs, APPC and all locates and TDU processing become stuck. [CSCdi73085]
- Data-link switching (DLSw) sometimes cannot handle disconnects being issued by two stations that are in session, if the stations have a requirement to re-establish a session in less than 3 seconds. The first disconnect is answered with a UA message, but the second disconnect is not responded to until the station resends the disconnect message (DISC). After the DISC is resent, a DM message is sent to answer. [CSCdi73204]
- Frames coming from a High-Speed Serial Interface (HSSI) are sometimes dropped. This problem occurs when a Cisco router has remote source-route bridging (RSRB) configured direct over a HSSI interface. The HSSI interface shows that the packets are forwarded on the interface itself, but the packets are not passed to the source-route bridging (SRB) process. The show source command on FHDC-1 shows "receive cnt:bytes 0," and the show interface h 5/0 command shows nonzero packets are input. [CSCdi73357]
- An APPN/DLUR router cannot establish an LU-LU session with a downstream DSPU router. The bind sent by the host is rejected by the DLUR with an x'0806002b' sense code. [CSCdi73494]
- When many sessions are created and then torn down over an ISR network, a memory leak might occur in the router. [CSCdi73676]
- If SNA/DSPU receives a RECFMS frame that contains control vectors and the RECFMS cannot be forwarded to the focal point host for any reason (for instance, the focal point is inactive), the negative response sent by DSPU causes the router to display the BADSHARE error and deactivate the connection. [CSCdi76030]
- If a BIND request is received before the Notify response has arrived, DSPU will reject the BIND request with sense code 0x80050000. [CSCdi76085]
- When two or more FEPs at a central site each have the same TIC address, and both are connected to a different Token Ring and a different DLSw peer router, then a remote SDLC attached PU2.0 device will not establish a session to the back-up FEP if the first FEP is taken offline. This problem does not affect PU2.1 devices. [CSCdi76575]
Interfaces and Bridging
- Under certain conditions the Spanning Tree Protocol can cause a memory leak. This leak occurs when small buffers are created but not released. (In the show buffer command output, "Created" increases but "Trims" does not increase.) Also, the show memory command shows the available memory decreasing.
This problem is caused by the way small buffers handle Spanning Tree BPDUs. When a BPDU comes in, a small buffer is used. If the interface goes down at the same time the BPDU comes in, the small buffer is not released even though it should be. [CSCdi72783]
- The cxBus controller may end up in an output hung state when using a MIP under moderate load. As a workaround, you can set the MIP tql (tx-queue-limit) to greater than 32 and make sure that fancy queuing (WFQ/CQ/PQ) is not use on the MIP interface. To stop the outhung message cycling, clear the affected T1 controller (clear controller t1 x/y). [CSCdi73106]
- In Cisco 7500 series routers, the following error message might be displayed while booting the system image from TFTP or Flash memory, or when changing the serial encapsulation (for example, from HDLC to SMDS), or when doing OIR of another card in the chassis:
%CBUS-3-CMDTIMEOUT: Cmd timed out, CCB 0x5800FF50, slot x, cmd code 0
The show diag x command reports that the board is disabled, wedged. The show version command does not show the card in the specified slot. The write terminal command does not show the configuration for the card in the slot. A possible workaround is to issue a microcode reload command or load a new system image that has the fix for this bug. [CSCdi73130]
- A Token Ring driver might misclassify IPX broadcast packets as SRB explorer packets, and flush rather than switch the packets. This problem can occur when the packets are bridged on low-end products only (for example, IGS or Cisco 4500 series platforms). [CSCdi75134]
IP Routing Protocols
- Routes learned over dialer interfaces might not go away after the interface goes down. The workaround is to issue the clear ip route command. [CSCdi65211]
- The system suffers a gradual loss of free memory whenever ip sd listen or ip sdr listen are enabled. [CSCdi72863]
- On AGS+, MGS, or CGS routers configured with CSC-1R or CSC-2R Token Ring interfaces, IP fastswitching can fail under some circumstances. To workaround, disable weighted fair-queuing on all interfaces with the no fair-queue interface command and reload the router. [CSCdi73785]
ISO CLNS
- If an interface is down when it is configured as passive for IS-IS, it will not be advertised in IS-IS link-state packets after the interface comes up. The workaround is to deconfigure and then reconfigure the interface as passive after it is up. [CSCdi76431]
Novell IPX, XNS, and Apollo Domain
- Some Service Advertisement Protocols (SAPs) might not be seen if an interface is flapping while running IPX Enhanced Interior Gateway Routing Protocol (Enhanced IGRP) and the ipx sap-incremental command is configured. As a work around, clear the IPX Enhanced IGRP neighbors. [CSCdi72438]
TCP/IP Host-Mode Services
- You might see a crash at PC 0x12CFA8, address 0xD0D0D11. [CSCdi70432]
Wide-Area Networking
- PRI ISDN calls may be dropped on heavily loaded Cisco 7513 routers with multiple PRIs. The following error is displayed when this occurs: "BRI Error: isdn_fromrouter() msg dequeue NULL." [CSCdi66816]
- After several days of operation, PRI calls may be dropped and high ISDN CPU utilization may occur. There also might be some discrepancy between the show dialer command output, which indicates free B channels available, and the show isdn service command output, which shows all channels busy. Eventually a software forced crash occurs. [CSCdi75167]
- The negotiation of a PPP Callback option, passing a dial string or E.164 number, will fail due to a defect that was introduced into 11.2(1.4), 11.1(7.1), 11.2(1.4)P, 11.2(1.4)F, and 11.0(12.1). The negotiation will appear to complete successfully, but the callback will not succeed. The failure can be seen if the command debug ppp negotiation is set. The callback option will be marked "acked," but there will typically be garbage on the debug line between "allocated" and "acked;" for example, "PPP Callback string allocated ^]" acked." [CSCdi77739]
Caveats for Releases 11.0(1) through 11.0(11)
This section describes caveats (possibly unexpected behavior) of Cisco IOS Release 11.0(11). These caveats also apply to Releases 11.0(1) through 11.0(10) (unless otherwise noted).
For more caveats of Release 11.0(11) and earlier 11.0 releases, see all the preceding caveats sections.
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Release 11.0(12).
AppleTalk
- Additional debugging messages need to be created for the arap logging command. (A new command, arap logging debug-extensions, is proposed. This command would enable seven advanced debugging messages in addition to the traditional ARAP logging messages.) [CSCdi68276]
- AppleTalk domains do not operate correctly when configured on subinterfaces. The domain properties will be applied to the main interface rather than its subinterface(s). The workaround is to disable AppleTalk fast switching. [CSCdi69886]
Basic System Services
- When service compress-config is configured, accessing the configuration stored in NVRAM from simultaneous Exec sessions might leave the NVRAM locked and inaccessible. The only recourse is to reload the software. [CSCdi68092]
- The command debug chat line x and parser do not display the chat script components correctly if the octal 7 or 8 bit xxx format is used to specify a byte greater than 0 x7f. [CSCdi69149]
- If you have standard SunOS/Solaris Telnet servers, if the NAWS option is mistakenly sent, the Telnet server hangs instead of ignoring NAWS. [CSCdi71067]
DECnet
- DECnet might fail to work properly when using an area number of 63 for layer-2 (L2) routers. If this failure happens, you might be unable to ping (DECnet) between two area routers if one router is using area 63.x. This router might report that the "attached" flag is false when you issue the show dec command, even though the show dec route command shows routes to the router.
To work around this problem, use the decnet attach override command to force the router into an attached state. [CSCdi69247]
IBM Connectivity
- With a direct Escon-attached CIP, the host may "box" the CIP if the router is reloaded without the CIP being varied offline. This problem has not been seen with CIPs connected through a director or if the CIP is taken offline before the router is reloaded. The workaround is to vary the device offline before reloading the router. [CSCdi59440]
- When the PS/2 link station role is configured as negotiable, the XID(3) negotiation may not complete. The workaround is to configure the PS/2 link station role as secondary. [CSCdi60999]
- When running CIP SNA over DLSw, the LLC2 control blocks may not be freed even when the LLC2 session is lost and the DLSw circuit is gone. The workaround is to reload the router. [CSCdi62627]
- LSAP filters and NetBIOS host filters that are applied to the DLSw remote-peer statements do not work on DLSw border routers. [CSCdi66251]
- The router crashes if NSP is configured and is trying to connect back to the owning host. [CSCdi69231]
- The router might sometimes reload with an "intermediate_reassembly" or a memory corruption stack trace. This reload can occur when segmentation or reassembly is involved in a logical unit-to-logical unit (LU-LU) session that is managed by Dependent LU Requester (DLUR). In this situation the maximum transmission unit (MTU) for the downstream link to the physical unit (PU) is smaller than the MTU for the upstream link toward the host. Also, the request/response unit (RU) size is larger than can be transmitted in a single frame. (This problem occurs most commonly with IND$FILE transfers from a PU to the host.) [CSCdi69283]
- When using DLSw Fast Sequenced Transport (FST), end user sessions might be unable to switch over to an alternate LAN or peer path, if there is a connectivity failure. [CSCdi70709]
- The lnm disable global command sometimes prevents stations from inserting into the ring. The workaround is to issue the no lnm rps or no lnm rem interface command. [CSCdi70962]
- The router might sometimes reload with an "intermediate_reassembly" or a memory corruption stack trace. This reload can occur when segmentation or reassembly is involved in a logical unit-to-logical unit (LU-LU) session that is managed by Dependent LU Requester (DLUR). In this situation the maximum transmission unit (MTU) for the downstream link to the physical unit (PU) is smaller than the MTU for the upstream link toward the host. Also, the request/response unit (RU) size is larger than can be transmitted in a single frame. (This occurs most commonly with IND$FILE transfers from a PU to the host.) [CSCdi72260]
- If the asynchronous balanced mode (ABM) indicator differs from the way the APPN/DLUR feature sets the indicator and the way the attached node sets the indicator, the exchange identification (XID) message will fail with sense 10160010. While there is a mismatch, this problem is usually caused by incorrect xid3 implementations or bridge implementations that do not convert the indicator appropriately. Cisco NN DLUR is removing the check because it can fail a connection unnecessarily when the xid3 would otherwise succeed. [CSCdi73143]
Interfaces and Bridging
- For the AGS+ and probably for Cisco 7000 series routers, IP routing has problems with 1500-byte packets following a serial-to-router-to-FDDI path. Packets of 1499 bytes get 1524 bytes on the FDDI network, and IP packets of 1500 bytes get 1526 bytes. This problem breaks communication between the router and switches such as the Cisco 1200. The routers on the FDDI network continue to understand these packets. [CSCdi62156]
- When you perform buffer changes on a serial interface with SMDS encapsulation, the changes are not recognized after a reload. [CSCdi62516]
- The source-bridge ring-number command allows you to configure a ring-number mismatch. The workaround is to make sure that all bridge devices on a ring use the same ring number. [CSCdi63700]
- In Cisco 7500 series routers, the following error message might be displayed while booting the system image from TFTP or Flash memory, or when changing the serial encapsulation (for example, from HDLC to SMDS):
%CBUS-3-CMDTIMEOUT: Cmd timed out, CCB 0x5800FF50, slot x, cmd code 0
The show diagnostics x command reports that the board is disabled. The show version command does not show the card in the specified slot. The write terminal command does not show the configuration for the card in the slot. A possible workaround is to issue a microcode reload command or load a new system image that has the fix for this bug. [CSCdi66450]
- When a MIP card is reseated, the configuration of PPP encapsulation might be erased. This has occurred on Releases 10.3(7), 10.3(8), 10.3(12), 11.0(9), and 11.1(4). [CSCdi66915]
- When an Address Resolution Protocol (ARP) packet is received from the ATM interface, the router sends out a total of two ARP packets to the Ethernet interface. [CSCdi70533]
IP Routing Protocols
- IP multicast fast switching may stop switching traffic through an AGS+ router. To work around, configure no ip mroute-cache on all interfaces forwarding IP multicast packets. [CSCdi45353]
- If the router is reloaded when the OSPF dead-interval setting is the same as the original default (40 for broadcast network and 120 for nonbroadcast network), and the hello-interval is not the default, the router does not retain the OSPF dead-interval setting even though the configuration in NVRAM shows the dead-interval set properly. The router sets a default value to the dead-interval instead of what is set in the NVRAM configuration.
The workaround is to not set the dead-interval the same as the original default.
When the fixed image is first loaded, the problem still happens. To resolve the problem, reconfigure the dead-interval again and perform a write memory operation. [CSCdi62640]
- IPX Enhanced IGRP updates do not propagate if the MTU size is less than the IPX Enhanced IGRP packet size. [CSCdi65486]
- Processing of input offset lists in Enhanced IGRP is disabled erroneously, so offset list processing is not available. There is no workaround. [CSCdi65889]
- Clearing an IP host route (for example, 10.1.1.1/32) that was learned by OSPF out of the IP routing table can cause the network route (for example, 10.1.1.0/24) to take a long time to reappear in the table. This problem occurs while on a stable network and when only the net route (not the host route) exists in the table. To avoid this problem, clear the network route exactly as it appears in the IP route table, and do not clear the host route. [CSCdi70175]
- If two routers are configured for Hot Standby Router Protocol (HSRP) and the primary (active) router goes down and then comes back up, both the active and standby routers will attempt to forward packets after the primary router comes back up. The standby router does not quit sending packets when the active router comes online. [CSCdi70693]
- Use of the Domain Name System (DNS) for alias lookups causes the router to reload. Lookups of canonical names do not cause this problem. [CSCdi73022]
Novell IPX, XNS, and Apollo Domain
- If SPX spoofing fails to send a keepalive, a traceback message will be display on the system console. [CSCdi69062]
TCP/IP Host-Mode Services
- Remote shell protocol (RSH) commands that are executed to the router without a controlling shell will return only the first 1608 bytes of data. [CSCdi69424]
- The system might reload when doing DNS name validation. [CSCdi70707]
Wide-Area Networking
- In certain circumstances when using a BRI port for backup load of a serial port and using IPX Enhanced IGRP and IPX fast switching, the router may reload with a Local Timeout or Bus Error immediately after the BRI port establishes the link. [CSCdi61504]
- When parallel, nonmultilink connections exist in a dialer group, the loss of one connection will remove the route to the peer address even though one or more connections exist to forward packets to the destination. This defect occurred as a result of fixing CSCdi59425. [CSCdi67844]
- When dialing into an AS5200 from an I-Courier modem over sync ISDN and then starting a PPP session, the router may crash. This occurs only when login is done on a non-async interface and when extended TACACS is enabled. A workaround for non-async interfaces is to use AAA/TACACS+. [CSCdi68257]
- If multiple, parallel connections to the same peer are made and one connection drops, the remaining connections may be unusable as packets will not be forwarded over them. [CSCdi68456]
- A router configured for data-link switching (DLSw) with a Token Ring interface might send Frame Relay responses without the i-field to Systems Network Architecture (SNA) devices. This error can bring down the Logical Link Control, type 2 (LLC2) sessions. To temporarily work around this problem, reload the router. [CSCdi69576]
- On certain platforms, entering an ip address configuration command while the interface is connected to a SLIP or PPP peer may cause a software-forced reload. [CSCdi69809]
- A neighbor route is not installed for PPP connections over an asynchronous or a vty-asynchronous connection. [CSCdi69919]
- Using TACACS+ with dialback over a rotary group causes the authorization to fail for the user when the callback script aborts or finishes incorrectly. This problem causes failover to another line of the rotary. The call is made successfully, but an internal error occurs when debugging TACACS+. [CSCdi70549]
- ISDN BRI routers might have problems bringing up multiple B-channels to the same destination. The router and PBX might also get into a Layer 3 state mismatch and continuously exchange Layer 3 messages. [CSCdi71333]
Caveats for Releases 11.0(1) through 11.0(10)
This section describes caveats (possibly unexpected behavior) of Cisco IOS Release 11.0(10). These caveats also apply to Releases 11.0(1) through 11.0(9) (unless otherwise noted).
For more caveats of Release 11.0(10) and earlier 11.0 releases, see all the preceding caveats sections.
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Release 11.0(11).
Additionally, one caveat was resolved in a special release prior to Release 11.0(11), as well as in Release 11.0(11). This special release was named 11.0(10a) and is described in the following paragraphs.
Cisco IOS Release 11.0(10a)
The Cisco IOS Release 11.0(10) rsp- images were rebuilt to include a single defect fix, and were renumbered to 11.0(10a). The defect is bug CSCdi66673 and is described as follows:
When Ethernet runt packets are received by Cisco 7500 series Router Switch Processors (RSP1, RSP2, or RSP7000), a Reserved Exception crash or a QAERROR error will occur. When either of these problems happens, a switching complex restart is forced. The Reserved Exception crash has the following output:
Aug 14 10:44:16: %RSP-3-ERROR: memd write exception, addr 08000000
Aug 14 10:44:16: %RSP-3-ERROR: RSP alignment error on write to QA, addr 080000
*** System received a reserved exception ***
signal= 0x9, code= 0x0, context= 0x60c72fd0
PC = 0x60107514, Cause = 0x2020, Status Reg = 0x34008702
DCL Masked Interrupt Register = 0x000000ff
DCL Interrupt Value Register = 0x00000000
MEMD Int 6 Status Register = 0x00000000
The QAERROR error has the following output:
Jun 17 10:50:23.329: %RSP-2-QAERROR: reused or zero link error, write at addr 03
log 260308C0, data A816FFFF 00000000
AppleTalk
- A router configured with AppleTalk Enhanced IGRP takes too long to age-out routes even when the link is down, causing a long convergence time for features such as backup interface. [CSCdi62796]
- When ARAP is configured, the message "%SYS-2-INPUTQ: INPUTQ set, but no idb, ptr=xxxxx %SYS-2-LINKED: Bad enqueue of xxxxx in queue yyyyy" might appear and the router might reload. [CSCdi63635]
- IPTalk does not function correctly. IPTalk-speaking CAP servers cannot communicate and are not recognized on the network. [CSCdi64165]
Basic System Services
- If a microcode reload command is issued over a Telnet connection, the router may enter an infinite loop. [CSCdi47580]
- Control characters are not interpreted properly in chat scripts. [CSCdi62960]
- In some cases the snmp-server party and snmp-server context configuration commands may cause a system reload. Neither of these commands verifies that the configured OID is not already in use, so it permits multiple records to be configured with the same OID, violating the rule that each record must have a unique OID. A common occurrence is to attempt to configure an initialPartyIdentity or initialContextIdentity that conflicts with the OIDs that are automatically preconfigured per RFC 1447. A workaround is to not configure OIDs that conflict with the initial party and context OIDs specified in RFC 1447. [CSCdi63694]
- Cisco routers with Motorola 68000 microprocessors (such as the Cisco 7000 and Cisco 2500 series) cannot fast switch packets larger than 8192 bytes. These packets are switched at process level, a slower performance path. [CSCdi63695]
- When Ethernet runt packets are received by Cisco 7500 series router processors (RSP1, RSP2, or RSP7000), a Reserved Exception crash or a QAERROR error will occur. When either of these problems happens, a switching complex restart is forced. The Reserved Exception crash has the following output:
Aug 14 10:44:16: %RSP-3-ERROR: memd write exception, addr 08000000
Aug 14 10:44:16: %RSP-3-ERROR: RSP alignment error on write to QA, addr 080000
*** System received a reserved exception ***
signal= 0x9, code= 0x0, context= 0x60c72fd0
PC = 0x60107514, Cause = 0x2020, Status Reg = 0x34008702
DCL Masked Interrupt Register = 0x000000ff
DCL Interrupt Value Register = 0x00000000
MEMD Int 6 Status Register = 0x00000000
The QAERROR error has the following output:
Jun 17 10:50:23.329: %RSP-2-QAERROR: reused or zero link error, write at addr 03
log 260308C0, data A816FFFF 00000000
[CSCdi66673]
IBM Connectivity
- Some IBM LLC2 implementation devices send an RNR when they run out of buffers and drop the frame. This causes data traffic flow to halt for 30 seconds. Non-IBM LLC2 devices using IEEE LLC2 send REJ rather than RNR, thus no delay occurs. [CSCdi49447]
- An SDLLC secondary router fails to respond to SNRM input frames. This problem was introduced by CSCdi51341. [CSCdi56398]
- FRAS remote source-route bridging dial backup fails on SDLC-attached devices if more than one SDLC device is configured. [CSCdi61179]
- If the vmac parameter is not specified in the qllc dlsw command, a Cisco 4500, Cisco 4700, or Cisco 7500 router may crash in the function QLLCTestStnReq(). [CSCdi61562]
- QLLC may try to initiate a connection in the middle of activating a connection. [CSCdi62155]
- DLSW NetBIOS cannot connect to Windows NT. [CSCdi62784]
- A race condition when one DLSw peer has come up while another is in the process of coming up results in the error message "IBM: Unknown L3 PID, fr_doencap failed." This is a warning message that does not prevent the DLSw peers from coming up. [CSCdi63658]
- A memory leak in QLLC can result in buffer starvation on the serial interface, and may cause LAPB on the serial interface to become stuck in the RNRSENT state. [CSCdi64333]
- Configuring the dlsw remote-peer cost command has no effect on peer selection. All peers displayed in the show dlsw capabilities command show equal costs. [CSCdi64537]
- A router running remote source-route bridging where the input explorer queue overflows may crash with the message "%ALIGN-1-FATAL: Illegal access to low address from srb_enq." [CSCdi65489]
- SNA sessions using QLLC over X.25 PVCs do not become active. The following tracebacks are a symptom of this problem:
%SYS-2-LINKED: Bad enqueue of 9600E8 in queue 88380. SNA: Alert xxxxx not sent, Focal point buffer overflowed.
[CSCdi66340]
- If the Channel Interface Processor (CIP) on a Cisco 7000 becomes hung, the software may enter a loop trying to reset it. The following messages will be repeated:
%CBUS-3-CIPRSET: Interface Channel(slot)/(port), Error (8010) disable - cip_reset() %CBUS-3-INITERR: Interface (decimal), Error (8004), idb (hex) (decimal) cmd_select - cbus_init()
%CBUS-3-INITERR: Interface (decimal), Error (8004), idb (hex) (decimal) cmd_select -cbus_init()
%CBUS-3-CTRLRCMDFAIL1: Controller (decimal) , cmd (128 (hex)) failed (0x8010)count (16)
%CBUS-3-FCICMDFAIL1: Controller (decimal), cmd (32 0x00000001) failed (0x8010) count (1)
The looping may be severe enough to require the a reboot.
The looping messages may overrun the logging buffer and thus obviate the reason for the initial attempt at resetting the CIP. [CSCdi66420]
- The router may reload when a second device tries to connect for reverse QLLC with DLSw+ local switching. [CSCdi67189]
- APPN/DLUR NN with connection network defined on a port that has no other defined links and no active dynamic links can cause a reload when the connection network dynamic links are stopped and then restarted. [CSCdi67419]
Interfaces and Bridging
- Incoming packets to the Hot Standby Router Protocol (HSRP) MAC address are process-switched, regardless of the route cache status on the interface. [CSCdi44437]
- Serial interfaces may occasionally show the following symptom when the interface cable is changed or the remote end dies and comes back:
PC2PR2#
show interface s 4/1
Serial4/1 is down, line protocol is down
Hardware is cyBus Serial.
0 output buffer failures, 0 output buffers swapped out 0 carrier transitions
RTS up, CTS up, DTR up, DCD up, DSR up
Note that router reload is not necessary; two workarounds are known. If the first workaround is not successful at bringing up the interface, try the second.
- This workaround was discovered while attempting to observe this problem. It can permit the problem interface to be bought on line without resetting every interface in the ciscoBus complex.
Enter the ciscoBus test mode and select the interface having the problem. Read a portion of the interface processor memory.
This example is for an FSIP interface at 2/0:
RSP diagnostic console program
Enter slot number: [0x0]: 2
Enter interface number: [0x0]:
Command queue for slot 2 is 0x12. CCB is 0xFF50
Enter FSIP Mem starting address [0x0]:
Enter FSIP Mem ending address [0x20000]: 0x20
FSIP Mem 00000: 0001 FFFC
FSIP Mem 00004: 0000 01C6
FSIP Mem 00008: 0000 049A
FSIP Mem 0000C: 0000 049A
FSIP Mem 00010: 0000 049A
FSIP Mem 00014: 0000 049A
FSIP Mem 00018: 0000 049A
FSIP Mem 0001C: 0000 049A
FSIP Mem 00020: 0000 049A
This example is for the HIP at 1/0:
RSP diagnostic console program
Enter slot number: [0x2]: 1
Enter interface number: [0x0]:
Command queue for slot 1 is 0x11. CCB is 0xFF40
Enter IP Mema starting address [0x0]:
Enter IP Mema ending address [0x10000]: 0x20
IP Mema 0000: 7FA2 7FA0 7FA4 0044 0005 0000 0000 0000
IP Mema 0008: 0000 0098 00D0 0080 0032 0000 0000 0000
IP Mema 0010: FFFF 0001 0000 0003 0000 7EA0 7E98 7E90
IP Mema 0018: 0000 0000 0000 0000 0000 0003 0000 00DD
- This workaround will reset all the interfaces in the ciscoBus complex.
ramki_7500(config)#
microcode reload
[CSCdi57573]
- A router running Frame Relay crashes at bridge_enq even when bridging is not configured. This defect is fixed as CSCdi67157. [CSCdi63140]
- On Cisco 2520 through Cisco 2523 router models that have dual-mode sync/async interfaces, LAPB frames are infrequently sent out of order on X.25 links. This occurs only when two of the async/sync ports are used in sync mode at the same time. [CSCdi64284]
- In DCE mode, FSIP looks for DCD and DSR up before declaring the line UP. FSIP should only look for DCD. [CSCdi64735]
IP Routing Protocols
- Input queues may become full while running IP multicasts. The only way to clear them is to reload the router. [CSCdi61826]
- A problem introduced in Releases 10.3(11.1), 11.0(7.3), 11.1(2.3), and 11.2(0.5) causes OSPF to crash when an OSPF external LSA with a nonzero forwarding address exists and the router has a non-OSPF route for the forwarding address. If the non-OSPF route is removed, OSPF crashes when it reprocesses the external LSA. There is no workaround for the problem. However, in general, no more than one routing protocol should be run over the same topology. If you follow this guideline, no non-OSPF route for forwarding address will exist and the router will not crash. [CSCdi61864]
- Shutdown interfaces with IP addresses or static routes that point to down next-hops or other interfaces may cause the IP cache to be partially invalidated more frequently than necessary. This is particularly evident when there are multiple paths. The workaround is to remove IP addresses from down interfaces or remove static routes through down interfaces, or both. [CSCdi62877]
- The router responds to a Telnet request when the destination of the Telnet is a broadcast address. [CSCdi63787]
- A problem introduced in Releases 11.0(9.3), 11.1(4.2), and 11.2(0.14) might cause OSPF to fail to install an external route that has no forwarding address. This occurs if the next hop of the path to the ASBR changes and its cost increases. The workaround is to create an external LSA with forwarding address set. [CSCdi64208]
- With IGRP and RIP, IP unnumbered interfaces using PPP encapsulation receive but do not process routing updates of major network summaries correctly. The major networks appear as host routes instead of network routes. This affects all IP unnumbered interfaces using PPP encapsulation that are pointing to different major networks. This affects dedicated links as well as DDR links using RIP or IGRP.
It is also possible for a race condition to occur, where the majornet route is lost, even after it has been received and installed into the routing table.
The workaround for this problem is a floating static route for the majornet matching the PPP-created host route using a majornet mask pointing to the PPP-created host route. For example, if the host route is 192.1.1.1, then using the command ip route 192.1.1.0 255.255.255. 0 192.1.1.1 250 should solve the problem. [CSCdi65258]
- A directly connected route may disappear from the IPX Enhanced IGRP topology table if the interface that is configured for IPX Enhanced IGRP goes down and comes back up in brief period of time, on the order of 2 seconds. The workaround is to issue the shut and no shut commands on the interface. [CSCdi65345]
Novell IPX, XNS, and Apollo Domain
- In rare circumstances, NLSP may not report information learned from RIP and SAP. There is no workaround to this problem. [CSCdi45425]
- CSCdi63412 introduced an alignment error, in particular for IPX frames routed from Token Ring networks with multiring enabled. Alignment errors occur in process-switched and certain fast-switched paths. [CSCdi63741]
- CSCdi58363 introduced a problem where NLSP-learned services and SAP-learned services overwrite one another, causing unstable service table information. This is particularly a problem in networks with redundant paths. There is no workaround. [CSCdi63771]
- The SPX spoofing code does not automatically age out old entries from the SPX spoofing table. Over time, this table can grow very large. Some customer sites have reported that when the table is very large, the routers cease to send SPX keepalive acknowledgment spoof packets. At that time, reloading the router is the only way for SPX spoofing to function again. The workaround is to issue the command clear ipx spx spoof on a regular basis to clear the SPX spoofing table. [CSCdi64010]
- After upgrading Cisco IOS software, a show processor memory command might indicate that the IPX SAP table memory usage has grown by almost 300%. [CSCdi65740]
- Using IPX Enhanced IGRP can cause a memory leak when a link with an Enhanced IGRP neighbor is flapping. The SAP updates are queued and backed up, thus using increasingly more memory. [CSCdi66169]
VINES
- VINES time server service may get out of synch when the system runs over 49 days. This is because only the low 32 bits of the internal clock counter are used when VINES computes network time. When network time is out of synch, it is recommended that you either disable VINES time server service for Cisco IOS Releases 10.2 and 10.3, or upgrade to Cisco IOS Release 11.0 or 11.1. [CSCdi58105]
- VINES clients running an Oracle application program cannot make connection to a server due to packet reordering when vines route cache is enabled. A suggested workaround is to use process switching for those applications that cannot process out-of-sequence packets. [CSCdi59059]
Wide-Area Networking
- An RSP-based system running Cisco IOS software that contains the defect documented as CSCdi55969 may start dropping all packets incoming to the input queue of a AIP interface.
The error message "%SYS-2-INPUTQ: INPUTQ set, but no idb, ..." will appear.
A temporary workaround is configuring the interface level command: hold-queue 750 in until you are able to reload the router. Remove this configuration after upgrading the software. [CSCdi61629]
- RFC 1577 and LANE applications get blocked due to a difference between VCD known by different parts of the software. This problem has been reported with both applications (LANE, RFC 1577) in Releases 11.0(8) and 11.1(4). [CSCdi61979]
- Error messages similar to the following may appear in devices that contain ATM interfaces:
%SYS-3-INVMEMINT: Invalid memory action (malloc) at interrupt level
%SYS-2-MALLOCFAIL: Memory allocation of 52 bytes failed from 0x60298EF4, pool Processor, alignment 0
These messages most often appear in Cisco 4000 series routers when the routers are being reloaded. The workaround is to put the ATM interfaces in the shutdown state before reloading. [CSCdi62194]
- On an asynchronous interface, configuring no keepalive sets keepalive 10 instead. [CSCdi62199]
- An error in the AIP microcode code introduced in aip177-2/rsp_aip205-2 causes a race condition in the microcode and causes commands from the RP/RSP to be rejected. When this happens, the following console messages are logged:
%ATM-3-FAILCREATEVC: ATM failed to create VC(VCD=1011, VPI=0, VCI=262) on Interface ATM5/0, (Cause of the failure: Failed to have the driver to accept the VC) %AIP-3-AIPREJCMD: Interface ATM5/0, AIP driver rejected Teardown VC command (error code 0x8000)
[CSCdi62445]
- Dialing into an asynchronous line and starting a SLIP/PPP session may fail even though the same IP address was previously allocated successfully for the particular user. [CSCdi63143]
- The printer printer-name line number global configuration command uses the newline-convert option as the default. There is no way to get the router to work without either the newline-convert or formfeed option. [CSCdi63342]
- On the Cisco AS5200, the performance does not scale well when additional asynchronous interfaces are deployed. The symptoms include the Ethernet interface showing input drops and frequent throttles. [CSCdi65706]
- PAP authentication fails when using TACACS+ as an authentication method for PPP. [CSCdi66077]
- Setting a group range on a pre-11.2 group-async interface while calls are active causes all asynchronous modem calls to be disconnected. [CSCdi66297]
- A Cisco 2511 may reload at _bridge_enq when no bridging is configured. When illegal bridging packets flow into Cisco routers running Release 11.0 and above, a crash might occur. [CSCdi67157]
- LANE does not set up the data direct again after it has been established the first time. This problem was introduced as a result of the fix for CSCdi61979.
Any release containing this bug should not be used in sites using LANE. The following releases are affected: 11.0(10.3), 11.1(5.3), 11.1(5.4), 11.2(0.23), and 11.2(0.24).
Note that for Release 11.0, only the Cisco 7000 images (gs7-) will be affected, as the Cisco 4500 and RSP-based systems do not run LANE using Release 11.0. [CSCdi68089]
Caveats for Releases 11.0(1) through 11.0(9)
This section describes caveats (possibly unexpected behavior) of Cisco IOS Release 11.0(9). These caveats also apply to Releases 11.0(1) through 11.0(8) (unless otherwise noted).
For more caveats of Release 11.0(9) and earlier 11.0 releases, see all the preceding caveats sections.
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Release 11.0(10).
AppleTalk
- MacIP server will not give an IP address to a MacIP client if the next address to give out is currently being use by a genuine IP device. The problem is the MacIP server does not skip over that IP address and assign the next available address. This causes the process to get stuck. [CSCdi61526]
- According to Inside AppleTalk, 2nd Edition, page 8-18, the router should convert NBP BrRq to NBP FwdReq packets. Instead, the router sends NBP LkUp packets for nonextended networks.
Note: For routers that are directly connected to a Phase 1 (non-Phase 2) router in compatibility mode, the appletalk proxy-nbp network zone command must be used. This will allow the router to convert the NBP FwdReq to NBP LkUp to the Phase 1 router. [CSCdi61668]
Basic System Services
- Under some conditions, the SEEQ will incorrectly pass up runt Ethernet packets. We did not previously check for them, which results in incorrectly received Ethernet runt packets. [CSCdi55978]
- Configuring custom or priority queuing on an MBRI interface causes performance degradation. [CSCdi56473]
- User should turn backing store ON for slow interface processors. Routers without slow interface processors suffer performance degradation during peak activity. [CSCdi57740]
- An RSP router (Cisco 7500 series or Cisco 7000 with RSP7000) can crash with a "reserved exception" error, due to a software error, or else due to an error in the microcode for an interface processor.
More than one problem can generate a similar error message and stack trace, which can make this problem hard to trace. See also CSCdi58999, CSCdi60952, and CSCdi60921. [CSCdi58658]
- AutoInstall is not working in RSP. This problem is reported only in serial media but exists in LAN media as well. There is no workaround. [CSCdi59063]
- A Cisco 7507 router might reload and indicate SegV exception after receiving a serial interface RSRB explorer. [CSCdi59082]
- Cisco 7500 series routers cannot fast switch packets whose size is greater than 8192. These packets are switched at the process level, a slower performance path. [CSCdi60295]
DECnet
- A router running DECnet might present ALIGN-3-SPURIOUS error messages. This condition will occur only if the adjacency between neighbors expires. [CSCdi60716]
IBM Connectivity
- The router might crash while removing RSRB peers. [CSCdi39270]
- When automatic spanning tree (AST) is configured on multiple routers in a high-redundancy topology, a bridge protocol data unit (BPDU) broadcast storm might be triggered. [CSCdi41851]
- A Cisco 4700 router running DLSW+ and SDLC might crash in the SDLC process. [CSCdi48414]
- If a new CIP internal LAN interface is added following a dBus internal error, the CIP virtual port x/2 may not be found. The workaround is to reload the router. [CSCdi54224]
- ACTPU RSP is never received by the host in a parallel SDLLC network. [CSCdi55142]
- On rare occasions, CSNA Virtual Port X/2 may hang in down/down state following a Shut/No Shut or Microcode Reload of the Channel Interface. The workaround is to reload the router. [CSCdi58517]
- When using APPN/DLUR in a multiple VTAM host environment and v inact, force is issued on the LU name from the DLUS host, proper cleanup of the existing LU-LU session that may have been up at the time of the inactivation does not occur. When the LU is reactivated, session establishment may be impaired since the application host and the DLUR believe the original session is still active. [CSCdi58699]
- A router might crash and display the message "System restarted by bus error at PC 0xD0D0D0D, address 0x0." The crash happens when using promiscuous TCP peers. The crash occurs when peer structures get deleted (transmission line problems, peer routers reloads, etc.) while still being used by TCP.
The work around is to define static peers.
Note: CSCdi61278 is a follow-on fix to this problem. [CSCdi58842]
- Valid multicast explorers that should be handed to the protocol stack are instead being diverted to the SRB module and are being flushed by the SRB explorer control mechanism.
This problem was introduced by some changes to the Token Ring interrupt handler in Release 11.0 and later.
There is no workaround for the diversion, though the flushing can be avoided by raising the explorer maxrate value to some high number. However, this may cause instability in the network.
Note that this bug fix is comprehensive in that several issues regarding multicast explorers and inbound remote explorers have now been resolved. [CSCdi59090]
- Directed source-route bridge frames with control field of 010 instead of the more usual 000 are dropped. [CSCdi59100]
- LNM Resync does not work in Release 10.3(10.2) on a Cisco 7000 if the router is configured for IBM automatic spanning tree support. [CSCdi59890]
- The QLLC features npsi-poll and proxy XID do not operate correctly for DLSw+. [CSCdi60002]
- DLSW LLC Ethernet 80d5 bad frames occur after an LLC retransmission. [CSCdi60102]
- APPN/DLUR may leak very-big buffers in some situations when it is retrying connections to a DLUS. The show buffer command will show a large number of very big buffers has been created and relatively few will be in use. [CSCdi60931]
- The command stun schema cnt offset 0 length 1 format hexadecimal must be entered as stun schema cnt offset 0 length 1 format hexadecimal but is saved as stun schema cnt offset 0 length 1 format hexadecimal. When the router is reloaded the following error is printed:
stun schema cnt offset 0 length 1 format hexadecimal
% Invalid input detected at '^' marker.
[CSCdi60992]
- When using APPN/DLUR, the Cisco network node will never set the response indicator in XID frames that it generates, even if it sends the XID frame in response to a command XID received from the partner node. There are some implementations of pu2.0 and pu2.1 devices that cannot recover from this, even though most do. [CSCdi61157]
- The router crashes and displays the message "System restarted by bus error at PC 0xD0D0D0D, address 0x0." The crash happens when using promiscuous TCP peers. The crash occurs when peer structures get deleted (transmission line problems, peer routers reloads, etc.) while still being used by TCP. The work around is to define static peers. If there is a stack trace action_b() will be one of the entries.
This bug fix is a follow-on fix to CSCdi58842. [CSCdi61278]
- This software fix enables DSPU/FDDI support for end-stations attached directly to FDDI media [CSCdi61351]
- Connections cannot be established when using IBM process-switched features (for example, RSRB/TCP or DLSw+/TCP) because of dropped packets.
The symptom is that "dropped Routed protocol" messages are output when debug source-bridge error is enabled. [CSCdi62738]
Interfaces and Bridging
- If a Token Ring Interface Processor (TRIP) is present in a Cisco 7000 series router, Token Rings that beacon frequently may cause router performance to be degraded. This is not a problem on Cisco 7500 series routers. [CSCdi55758]
- If a serial interface on FSIP sees lots of giants, then there is a possibility that the error "%DBUS-3-CXBUSERR: Slot x, CBus" will occur. If Slot x has FSIP then look into show interface for this slot. If any of the serial interfaces on this slot shows giants, then chances are high that this bug is causing the problem. This can happen in both Cisco 7000 and RSP (Cisco 7500) systems. If this error occurs, see show interface of the above slot. The workaround is to load the new image, which contains new microcode (fsip10-15 or later for the Cisco 7000 and rsp_fsip202-5 or later for RSP systems). [CSCdi58194]
- SABME (for NetBIOS) are not correctly bridged from FDDI to serial lines using HDLC encapsulation. Bridging SABME from FDDI to Ethernet or from Ethernet to FDDI functions properly. [CSCdi58733]
- An AGS running Release 11.0(8) with a CSC-C2FCI does not bridge Ethernet packets encapsulated in a FDDI frame correctly. The work around is to run Release 10.3. [CSCdi59204]
- This fix simply causes compressed bridged traffic to not be compressed. The fix is considered temporary until the time Cisco can make process-level bridging compatible with payload compression. [CSCdi63245]
IP Routing Protocols
- The HSRP command standby track interface priority cannot track the status of a subinterface. [CSCdi54969]
- Disabling Optimum Switching on an RSP platform has no effect. [CSCdi59203]
- If an Enhanced IGRP candidate default route is overwritten by another protocol, the Enhanced IGRP topology table may be left in a state where the candidate default route will not return to the routing table. A workaround to this problem is to clear all Enhanced IGRP neighbors. [CSCdi59276]
- Customer requires a RIP update to immediately be sent when a dialer interface changes from "UP & UP" (spoofing) to "UP & UP". [CSCdi59478]
- In a Cisco 4500 or Cisco 4700 system, an Ethernet interface running HSRP may come up in a state of init with timers set to 0 upon reloading of the router.
To recover, perform a shut / no shut command sequence on the interface. [CSCdi60445]
- A router running Enhanced IGRP (AppleTalk, IPX, or IP) which has input route filters configured, may improperly filter routes that it should install.
Additionally, if a router running IPX-Enhanced IGRP receives an update containing an external route that was originated by the router itself, the rest of the update will be ignored.
There is no workaround to this problem. [CSCdi61491]
- OSPF corrupts memory, which might cause the system to reload. [CSCdi61956]
- A problem introduced in Releases 10.3(12.4), 11.0(9.3), and 11.1(4.2) causes an OSPF crash if there are parallel intra-area paths. [CSCdi62870]
ISO CLNS
- A router reload may occur when CLNS traffic is fast-switched. This regression affects 10.3(12) and 11.0(9) maintenance releases. [CSCdi57629]
- A router running IS-IS will not clean up its adjacency database properly when switched from being a level-1/level-2 router to being level-1 only. A workaround is to manually clear the adjacency database (using the clear clns neighbors command) on the reconfigured router and on all of its neighboring routers, or restarting the router. [CSCdi58953]
Novell IPX, XNS, and Apollo Domain
- IPX SPX spoofing might fail when using RPRINTER across a spoofing interface. [CSCdi42806]
- IPX SNMP requests sent to the router may accumulate in the input queue when SNMP is disabled. These packets are not processed, possibly causing full input queues. [CSCdi57589]
- Issuing a no ipx router eigrp autonomous-system-number command may cause the router to reload if there are a lot of SAPs in the router and the SAP table is changing. [CSCdi60174]
- Defining a static IPX route using the peer address of an IPXWAN neighbor may fail with a message about multicast addresses. The workaround is to avoid using 8-digit IPX internal network numbers that have an odd numbered first byte. A 7-digit or fewer length IPX internal address also will not give this error message. [CSCdi61993]
- Under certain conditions an IPX packet may be received that has an incorrect IPX length in the IPX header, the CRC is good, and we process this packet. We incorrectly pad the packet to the length specified in the IPX header instead of throwing the malformed packet away. [CSCdi63412]
- CSCdi63412 introduced an alignment error. For IPX frames routed from Token Rings with multiring enabled, alignment errors occur in both process-switched and certain fast-switched paths. [CSCdi63741]
- CSCdi58363 introduced a problem where NLSP learned service and SAP learned services overwrite one another causing unstable Service Table Information. This is particularly a problem in networks with redundant paths. There is no workaround. [CSCdi63771]
VINES
- VINES clients running Oracle application program can not make connection to a server due to packet reordering when vines route cache is enabled. A suggested workaround is to use process switching for those applications that cannot handle out-of-sequence packets. [CSCdi59059]
Wide-Area Networking
- When authentication is not configured and different phone numbers are dialed to add bandwidth for dialer load balancing or multilink PPP, additional links may not be added to the correct group or bundle. This can result in lower than expected performance for dialer load balancing. The result for multilink PPP is no data transfer at all. The workaround is to configure authentication and put the name of the remote system in the dialer map name field. [CSCdi46872]
- The ATM Interface Processor (AIP) may stop receiving cells in a fully meshed PVC environment. [CSCdi55512]
- IP route configuration commands accept Group-Async interfaces as an interface parameter. This causes crashes in the asynchronous dialer. [CSCdi58223]
- Serial lines with SMDS encapsulation may take SegV catastrophic failures when enabled after reboot. There is no workaround. [CSCdi60761]
- RFC 1483 transit bridging is broken. [CSCdi62961]
- The amount of free system memory may decrease when using the command dialer hold-queue over an ISDN interface. [CSCdi63716]
Caveats for Releases 11.0(1) through 11.0(8)
This section describes caveats (possibly unexpected behavior) of Cisco IOS Release 11.0(8). These caveats also apply to Releases 11.0(1) through 11.0(7) (unless otherwise noted).
For more caveats of Release 11.0(8) and earlier 11.0 releases, see all the preceding caveats sections.
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Release 11.0(9).
Basic System Services
- Reloading the microcode from ROM on an Interface Processor board in a Cisco 7500 series router can cause the system to enter a rebooting loop that requires a system reload for recovery. The ROM-based microcode on the Interface Processors is only compatible with Cisco 7000 series routers. [CSCdi44138]
- A Cisco 7500 series router might crash if Frame Relay interfaces are active at the same time as MIP channel groups. [CSCdi49868]
- On late model 11.0 and 11.1 RSP system images, Optimum Switching will be disabled upon router reboot. [CSCdi54567]
- A memory leak can occur in some circumstances while running Release 11.0(8) or earlier on a Cisco 7000 router. The symptoms include: small buffers are created but are not trimmed, and RSRB and explorers are received with a wrong SNAP type value. [CSCdi54739]
- Under some conditions SNMP queries of the CISCO-ENVMON-MIB can cause the system to reload. This reload occurs when an SNMP get-request is received that tries to retrieve instance 0 of an object in the ciscoEnvMonSupplyStatusTable. Since the instances of this table start with 1, the correct processing is to return a noSuchName error (or noSuchInstance if SNMPv2 is used). A workaround is to not use SNMP get-requests that specify instance 0 for objects in the CISCO-ENVMON-MIB. Instead, applications should either use SNMP get-requests starting with instance 1, or else use SNMP get-next-requests or get-bulk-requests. [CSCdi55599]
DECnet
- When DECnet conversion is enabled, discard routes are inserted into the Connectionless Network Service (CLNS) routing table. [CSCdi40503]
EXEC and Configuration Parser
- The terminal download privileged EXEC command is omitted from the configuration after it is configured. [CSCdi52164]
- The write memory and copy running-config startup-config commands now work at privilege level 15. Other write and copy running-config commands still operate at the user's current privilege level. [CSCdi55809]
- The AUX port in Cisco 2520 through Cisco 2523 routers cannot be configured for asynchronous services. [CSCdi56563]
IBM Connectivity
- When a Synchronous Data Link Control (SDLC) device is reloaded, the connection is not automatically reestablished. To reestablish the connection, issue the configuration commands shut and no shut. [CSCdi42369]
- QLLC devices that are connected through a router using QLLC/LLC2 conversion might occasionally experience poor response time. [CSCdi44923]
- A Cisco 4700 router may report intermittent "SYS-2-LINKED" error messages, even though there is no memory shortage. [CSCdi52327]
- Automatic Spanning Tree (AST) is affected in some mixed vendor bridge environments. A hidden option has been added to the source-bridge spanning command: message-age-increment. This option assists message age count manipulation. This hidden command may be needed in environments where the existing max_age is insufficient for network diameter and max_age is not configurable by vendor bridges. [CSCdi53651]
- Some NetBIOS applications that require a UI frame in response to Add Name Query will not be able to connect using a DLSw peer on demand if the NetBIOS circuit is the initial circuit that triggers the peer-on-demand to connect.
The software fix for this problem passes UI frames through the border peer relay network. [CSCdi54796]
- If two Token Ring interfaces are attached to the same physical Token Ring and either an all routes explorer is generated on that ring or a packet is received with a RIF that indicates that the packet should go back onto the Token Ring it originated on, a bridge loop will be created and cause router CPU to rise as well as increase ring utilization. The workaround is to issue a clear rif command. [CSCdi55032]
- Multiple qllc dlsw commands cannot be configured. [CSCdi55749]
- Issuing a no source-bridge remote-peer command causes the router to reload. [CSCdi55919]
- Connection to DLU (DSPU or APPN) across RSRB may fail when remote SAP address is not enabled at the destination router. The workaround is to enable remote SAP address. [CSCdi56660]
- DLSw FST encapsulation does not work over a WAN Token Ring or FDDI. [CSCdi57207]
- The APPN DLUR router may unbind LU sessions with the DLUS and the downstream node if fixed pacing was enabled on the session bind request from the DLUS. If this is the case, when the user attempts to log in from the downstream device, the USS message 7 with a sense code of 0835 0009 might be displayed. [CSCdi57729]
- The APPN router may unbind an LU6.2 session after receiving an unsolicited IPM with a non-zero next-window size. [CSCdi57730]
Interfaces and Bridging
- Turning on ipx route-cache sse with microcode version SSP10-12 or SSP10-13 produces a mismatch between the frame length on odd-byte 802.3 IPX packets and the 802.3 length. Novell devices might not recognize these packets, resulting in communication timeouts.
The following three workarounds can be used:
- Turn off padding on process-switched packets via the command:
no ipx pad-process-switched-packets
- Configure the router for Autonomous Switching instead of SSE switching via the commands:
no ipx route-cache sse
ipx route-cache cbus
no ipx route-cache sse [CSCdi42802]
- If you use MIP hardware version 1.0 (not EOIR-capable) and you run MIP EOIR-capable software (Release 11.0(8) and later), you will notice that a controller reset is necessary on the MIP for it to work again after adding or removing another card. This controller reset should not be necessary. [CSCdi49807]
- On a Cisco 7000 router with a Silicon Switch Processor (SSP), access lists used for packet filtering that contain an entry matching all IP packets followed by two or more entries can cause the router to reload. To work around, remove all access list entries following the entry that matches all packets. Doing so will not change the behavior of the access list.
As an example, change [CSCdi50886]:
access-list 116 permit ip any any access-list 116 permit tcp any any gt 1023 access-list 116 permit tcp any any eq smtp
to:
access-list 116 permit ip any any
- Bridging IPX raw between Ethernet and FDDI on Cisco 4500 routers does not work in Release 10.2 for unicast packets. In Releases 11.0 and 11.1 the problem appears for both unicast and broadcasts. Bridging IPX raw in Cisco 7000 routers functions properly in Release 10.2. [CSCdi53363]
- While booting a Cisco 7500 router, the FIP FDDI interface might momentarily beacon the ring, causing ring instability. [CSCdi54444]
- After starting CMT, one second is allowed for the FDDI interface to come up. For some FDDI rings that isn't long enough, and the router should wait five seconds instead. [CSCdi55837]
IP Routing Protocols
- There is a small delay between the time OSPF marks an LSA as deleted and the time the LSA is actually removed. Within this small window, if OSPF receives an old copy of the LSA which has a higher sequence number, probably from some new neighbors through database exchange, OSPF will be confused and will not be able to remove the LSA. The self-originated LSAs will be stuck in the database. The stuck LSA is removed automatically when the router regenerate a new instance of the LSA. [CSCdi48102]
- OSPF puts incorrect information in the source field for a stub route. This information prevents BGP from advertising this stub route to a peer because the route is not synchronized. [CSCdi49377]
- The system may fail when a no router eigrp as-number command is issued and there are summary routes present. A workaround is to turn off auto-summary and deconfigure all manual summaries before deconfiguring Enhanced IGRP. [CSCdi57814]
- Attempting to copy an empty startup configuration to the network will cause the router to reload. [CSCdi58040]
ISO CLNS
- There is no method for altering the transmission rate of IS-IS link state packets in cases where the rate would add undue load to the receiving system. There is no workaround for this problem. [CSCdi54576]
- If IS-IS is running, and a CLNS static route is configured that points to a point-to-point interface on which IS-IS is not configured, and the static route is removed, the system may crash.
A workaround is to either disable IS-IS before removing the static route or enable IS-IS on the interface before removing the static route. [CSCdi56815]
- Under situations of extreme load, IS-IS and NLSP may cause packets to be dropped unnecessarily. There is no workaround to this problem. [CSCdi58433]
- If a non-Cisco router running IS-IS on a level-1-only circuit is also sending ES-IS End System Hello (ESH) messages, it is possible for the Cisco router to not recognize the other router for IS-IS.
A workaround is to filter out the ESH packets using the clns adjacency-filter es configuration command in conjunction with an appropriate filter set (which should specify a wildcard, "**", in the last byte of the address). [CSCdi58621]
Novell IPX, XNS, and Apollo Domain
- If there are more than 42 neighbors on a single LAN interface, IS-IS and NLSP will be unable to establish neighbor adjacencies. The workaround is to limit the number of neighbors to 42 or fewer. [CSCdi56547]
- The IPX SAP table may not accurately reflect SAP entries learned locally if IPX Enhanced IGRP and IPX RIP/SAP is configured at the same time. Some of the SAP entries may show up on the SAP table as Enhanced IGRP-derived rather than RIP/SAP-derived even when the local LAN where the problem SAP sourced is not running Enhanced IGRP. [CSCdi56588]
- A Cisco 2500 series router running IPX with NLSP on Release 11.0(8) and 10.3(11) might reboot intermittently. Time between reloads can vary between a few hours or a few days. [CSCdi57683]
- The router may reload when running IPX Enhanced IGRP due to illegal access to memory. [CSCdi57728]
- Under obscure circumstances, some IS-IS and NLSP link-state packets (LSPs) may not be transmitted on some point-to-point interfaces. There is no workaround to this problem. [CSCdi58613]
Protocol Translation
- When doing large file transfers on VTY-asynchronous interfaces which must cross an X.25 network with large RTT, an aggressive TCP implementation can cause return traffic on the VTY-asynchronous interface to be delayed. [CSCdi54905]
Wide-Area Networking
- If the cell burst size is a multiple of 64, the ATM Interface Processor (AIP) may reset with the error "CBUS-3-OUTHUNG: ATM3/0: tx0 output hung (800E = queue full)." This causes a short, temporary interruption of the ATM traffic. [CSCdi45984]
- In a Cisco 2511, groups of four ports may have data set ready (DSR) behaving in unison to a single stimulus. Reloading the router is the only workaround. [CSCdi49127]
- When authenticating to a peer using Password Authentication Protocol (PAP), the username password might be sent to a peer that is not authenticated. Currently there is no mechanism to disable outbound PAP. This problem may represent a security risk. [CSCdi49278]
- Frame Relay switching across an IP tunnel does not work if one of the Frame Relay serial interfaces is configured to be frame-relay intf-type dte.
In addition, when the serial line is configured to be frame-relay intf-type dce or frame-relay intf-type nni, if a frame-relay intf-type command is entered after the desired PVCs have been configured, then the router will fail to send the correct LMI Full Status message. [CSCdi52339]
- A heavily loaded X.25 link that is experiencing congestion can, under rare conditions, enter a state where it oscillates between sending an RNR and an REJ. [CSCdi55677]
- With ILMI-resolution of the switch portion of ATM NSAP addresses, an attempt to place a multipoint call to a destination can occur (and with PIM, always will occur) before the switch part of the address is discovered. This leaves the router in a state where it will never place calls to that static map again. To work around, do not use ILMI negotiation. [CSCdi55904]
- If the router receives an incoming ATM SVC call with an SDU size incompatible with the configured MTU on the ATM interface, the router may crash. This problem is present in Releases 11.0(8.3), 11.0(8.4), 11.1(3.1), and 11.1(3.2). If the router is generating the following warning messages in earlier releases, it is likely that the defect will affect them if the images from the releases listed earlier are installed:
%ATM-4-MTUCALLMISMATCH: Incoming call has mismatched maximum transmission unit
To workaround, reconfigure the remote device with the correct SDU size. [CSCdi57676]
Caveats for Releases 11.0(1) through 11.0(7)
This section describes caveats (possibly unexpected behavior) of Cisco IOS releases 11.0(6) and 11.0(7). These caveats also apply to Releases 11.0(1) through 11.0(5) (unless otherwise noted).
For more caveats of Releases 11.0(7), 11.0(6), and earlier 11.0 releases, see all the preceding caveats sections.
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Release 11.0(8).
AppleTalk
- Multiple Cayman tunnels do not work because routes do not arrive correctly from remote side of tunnels. To workaround, use only one Cayman tunnel. [CSCdi50981]
- Adding the command appletalk virtual-net network-number zone-name to the configuration of a Cisco 4000 router running Release 11.0(5) can cause the router to reload. [CSCdi51787]
Basic System Services
- When trying to set the MTU on an interface in an RSP chassis (Cisco 7500 series or RSP7000) larger than 8192, the MTU change will fail and report the error message "can't carve anything." [CSCdi50133]
- A router containing a CIP card does not become fully operational when Cisco IOS software is loaded. [CSCdi51441]
- Transparent bridging with Cisco 7500 series routers may fail if a frame crosses the HDLC link. [CSCdi52360]
IBM Connectivity
- A router running RFC 1490 support over Frame Relay does not properly swap the direction bit in the RIF frame. [CSCdi36042]
- When two or more routers are connected to the same Token Rings, and each uses source-route bridging (SRB), a station on one of the rings might choose a non-optimal route with a path through both routers. In typical (large) networks, this behavior might result in explorer storms as well as suboptimal routes. [CSCdi45116]
- When the dlsw icanreach mac-exclusive and dlsw icanreach mac-address mac-addr commands are issued to specify a single MAC address to be filtered, all traffic is filtered instead. [CSCdi45773]
- An incorrect timer reference causes explorer frames to be flushed on interfaces, even though the maximum data rate for explorers on any interface does not exceed the maximum data rate for explorers. [CSCdi47456]
- Low-end platforms will cache invalid RIF entries when using any form of the multiring command. This can also be seen in the DLSw reachability cache and possible loops with LNM. [CSCdi50344]
- RSRB will not declare that a peer is dead until keepalive times out. Therefore, for RSRB to detect the dead peer so that the ring list can be cleaned up properly, the keepalive value should be set as small as possible. [CSCdi50513]
- Peer on Demand peers (peers that learn of each other through Border Peers) do not connect. The options inactivity timeout and lf lfsize should be added to the dlsw peer-on-demand-defaults command. [CSCdi50574]
- Removing DLSw configuration by configuring no dlsw local-peer and adding the DLSw configuration back can cause a memory leak in the middle buffer. [CSCdi51479]
- Applying a source-bridge output-lsap-list to a Token Ring interface when source-bridge explorer-fastswitch is enabled may cause packets permitted by the output-lsap-list to be dropped. The workaround is no source-bridge explorer-fastswitch. [CSCdi51754]
- When a very large number of I-frames are sent by an end station to a DLSw router at the same instant, the following message may appear on the console:
DLSW:CPUHOG in CLS background, PC=0x60549f3c
Since the CPU is being occupied by the CLS background process for a period of time, protocols that involve polling may lose their connections because of poll starvation. [CSCdi52382]
- When configured to use the DSPU feature, the router may crash during deactivation of multiple downstream physical units. [CSCdi54114]
- When local acknowledgment is configured, and a STUN packet is received, the router displays the message "%LINK-2-NOSOURCE: Source idb not set -Process= <interrupt level>, ipl= 4 -Traceback= <traceback info>." [CSCdi54162]
- A router may crash when DSPU debugging is enabled on a Cisco 4500 or Cisco 7500 router. [CSCdi54277]
Interfaces and Bridging
- When a Cisco 7000 router Ethernet interface is the root of a spanning tree and UDP flooding is configured with turbo flooding, packet loops occur. The workaround is to disable turbo flooding. [CSCdi45659]
- The concurrent routing and bridging (CRB) feature does not bridge IP traffic if the destination IP address is internal to the router. Also, IP packets with a destination IP address internal to the router are not responded to. [CSCdi48117]
- After an OIR of the MIP in a Cisco 7000, the first interface configured on each MIP controller remains shutdown after reinstallation. [CSCdi48767]
- If an interface processor does not respond to a DBUS access, the router will crash. The interface processor may not respond to a DBUS access if it has crashed. If the interface processor has been removed, it cannot respond to the access. The show controller cbus command on a Cisco 7000 router does not protect itself against trying to run during an OIR event, which lets it try to access a removed card over the DBUS, causing a crash. [CSCdi50481]
- Transparent bridge ports in the blocking state do not respond to ARP broadcasts. This problem is acute only when there is no other IP route to the blocking port. A workaround is available in the form of a static ARP entry in the host. [CSCdi51444]
- On a Cisco 7000 series router, the show diag command incorrectly reports the Route Processor as an EIP controller. On a Cisco 7500 series router, the show diag command incorrectly reports the Route/Switch Processor and the Chassis Interface as an EIP controller. This problem has no functional impact on the router. [CSCdi52129]
- A bug exists in the MEMD carve code on the Cisco 7000 that can cause bandwidth considerations to be ignored. This might result in nonoptimal MEMD carving. [CSCdi52227]
- A router may pause indefinitely when the configuration command encapsulation ppp is entered for Async-Group Interfaces. The configuration command async mode dedicated has the same effect. [CSCdi53185]
- A Cisco 7500 router running Release 11.0(6) will attempt to bridge RIP broadcasts if transparent bridging is turned on and the originator of the broadcast is also routing DECnet and therefore has a DECnet MAC address. [CSCdi53321]
- Asynchronous TTY lines on Cisco 2509 through Cisco 2512 devices sometimes stop answering new modem calls. The show line x command output shows the line with modem state in Idle and Hanging-up. A workaround is to configure sessiontimeout 0 for asynchronous lines. [CSCdi54196]
IP Routing Protocols
- Running multiple Enhanced Interior Gateway Routing Protocol (Enhanced IGRP) autonomous systems might consume all available memory in the router. [CSCdi36031]
- Unconfiguring OSPF can cause the router to reload. [CSCdi51283]
- If two IP-Enhanced IGRP autonomous systems are configured, and an interface address is changed so that the interface moves from one autonomous system to the other, Enhanced IGRP will fail to operate on that interface. The workaround is to delete the IP address (using the no ip address command) before configuring the new address. [CSCdi52078]
- Under certain conditions, Enhanced IGRP may stop transmitting packets. This may manifest itself as large numbers of routes repeatedly Stuck-In-Active. The workaround is to unconfigure and restart EIGRP, or reload the system. [CSCdi53466]
- Regular expressions longer than 59 characters in the ip as-path access-list configuration command will cause the router to reload. [CSCdi53503]
- Enhanced IGRP will stop working on an interface if the interface goes down for some reason and then comes back up. There is no workaround to this problem. [CSCdi53903]
- Because of an uninitialized variable, multipoint GRE tunnels in Releases 10.3 and 11.0 may allow non-IP network protocols to be forwarded to all endpoints of the tunnel. This can give the perception that non-IP protocols are capable of being routed over the multipoint tunnel in these versions. Only IP multipoint tunnels are supported in these versions. In Release 11.1, routing IPX over GRE multipoint tunnels does not function. [CSCdi54192]
ISO CLNS
- If two routers running intermediate system (IS)-IS are connected via multiple point-to-point links and one of the links fails in only one direction, it is possible for traffic to be sent down the failing link and subsequently lost. This is because of a deficiency in the IS-IS protocol specification. There is no workaround to this problem. [CSCdi48351]
- ISO-IGRP fails to install parallel routes into the CLNS prefix table under certain conditions. [CSCdi50714]
- Issuing a CLNS ping to one of the router's own addresses will cause the router to reload if debug clns packet is on. The workaround is to not have this particular debug on if you need to ping to one of the router's own addresses. [CSCdi50789]
Novell IPX, XNS, and Apollo Domain
- On a Cisco 4000 running Enhanced IGRP for IPX the router may generate CPU-HOG messages for the IPX SAP process. [CSCdi39057]
- Clearing the SPX spoofing table with either the clear ipx spx-spoof command or by removing the ipx spx-spoof command from the last interface left spoofing may cause a system reload. [CSCdi53070]
- The default for ipx eigrp-sap-split-horizon needs to be changed to off. [CSCdi55576]
VINES
- VINES SRTP on serverless segments running Release 10.3(8) do not send the redirect to the correct network number (layer 3) address. The workaround is to turn off VINES redirects on the serverless segment interface. A sniffer trace of this packet will show "abnormal end of Vines SRTP." [CSCdi50536]
Wide-Area Networking
- Under certain conditions, the router can reload with the message "System was restarted by error - Illegal Instruction, PC 0x300D646" This problem is related to ISDN. There is currently no workaround. [CSCdi45085]
- With synchronous dial-on-demand routing (DDR) the dialer does not respect the enable-timeout before trying a second dialer map. The dial command is lost when the modem is initializing. [CSCdi46421]
- A Cisco 4000 series router with ISDN BRI interfaces can run out of timer blocks and crash. Use the show isdn memory command to see if memory is not being freed. [CSCdi47302]
- In some failed CHAT script operations over asynchronous interfaces, data can be left in an inconsistent state, sometimes causing a reload to occur during later operations. [CSCdi47460]
- Systems using the ATM Interface Processor (AIP) card may restart with the error message "System was restarted by error - Illegal Instruction, PC 0x0." [CSCdi47523]
- If a backup interface is brought up, a floating static route will point through the backup interface to the remote node and network. When the original interface comes back up, the floating static route is removed. The backup interface will not see any traffic and an idle timeout will bring down the backup connection. If, however, the original interface comes back up before the backup connection is complete, the floating static route will have been removed and a neighbor route will be added to the peer address. This route will carry routing updates to the peer over the backup and thus reset the idle timeout with each packet. The backup interface will never disconnect. This behavior was not present before Release 11.0(3). [CSCdi50489]
- A Cisco 7000 with two ATM interfaces running RFC 1577 ARP server will not register its own IP address. There are two workarounds:
- Specify the full NSAP address of the ARP Server interface, using the atm nsap-address nsap-address command, instead of just the ESI portion.
- After boot-up, issue a no atm arp-server command and then reissue the atm arp-server command. [CSCdi50592]
- Fast switching IP traffic may fail from an ATM Interface Processor (AIP) onto an FDDI with RIF presence. [CSCdi50609]
- The dialer fails to bring up an additional BRI interface when both BRI B-channels are active and the dialer load-threshold load is exceeded. [CSCdi50619]
- International calls being placed using the Australian Primary Rate switch type of primary-ts014 do not tag the format of the called address field correctly. This results in calls to locations outside of Australia being rejected as unassigned. [CSCdi50927]
- When bridging between a Cisco 7500 and an ISDN router running Cisco IOS software, data is not successfully passed if multilink PPP is used. [CSCdi51813]
- Using multidrop lines on a 5ESS ISDN switch is not recommended. If used, they will have SPIDs. Currently, the SPIDs are send out BRI0 only, so on a router equipped with an MBRI, lines other than BRI0 will not be able to place calls. The workaround is to get point-to-point lines from the telco. [CSCdi53168]
Caveats for Releases 11.0(1) through 11.0(5)
This section describes caveats (possibly unexpected behavior) of Cisco IOS Release 11.0(5). These caveats also apply to Releases 11.0(1) through 11.0(4) (unless otherwise noted).
For more caveats of Release 11.0(5) and earlier 11.0 releases, see all the preceding caveats sections.
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Releases 11.0(6) and 11.0(7).
Basic System Services
- Free memory will slowly decrease on a router that is bridging IP and that has more than one interface with the same IP address. [CSCdi44023]
- Cisco 7513 routers carrying intensive SRB activity may crash with an error in s rsp-fastsend. [CSCdi45887]
- Unconfiguring and then reconfiguring the timeslots on a MIP interface or a Cisco 4000 series E1/T1 interface may cause the router to hang. [CSCdi46506]
- Under heavy load conditions it is possible for a Cisco 2509 through Cisco 2512 access server to pause indefinitely and report a bus error. [CSCdi47190]
- MBRI and PRI hunt groups do not propagate queue management algorithms from the D channel to the B channels. [CSCdi47191]
- When the router attempts write a core file it pauses indefinitely. [CSCdi47877]
- The EEPROM in some chassis interfaces is misprogrammed. A show diag command indicates that the chassis interface has "07" in the first byte of the EEPROM, instead of "01." The system software does not recognize the chassis interfaces. At boot, the following message appears:
%CI-3-CTRLRTYPE: Wrong controller type 10 %CI-4-NOTFOUND: Chassis Interface not found
The output of the show version command indicates:
WARNING: Chassis Interface not present
When these messages appear, the show environment commands do not work, and no environmental monitoring takes place. [CSCdi48075]
DECnet
- DECnet Phase IV to Phase V conversion can introduce erroneous area routes into ISO-IGRP if there are DECnet L2 routes on the DECnet side. These area routes appear as "AA00," and are propagated to other routers. [CSCdi47315]
IBM Connectivity
- When source-route transparent (SRT) bridging is configured on the router, calls to management functions related to source-route bridging, specifically CRS, may not work correctly. [CSCdi42298]
- When the FEP initiates a QLLC connection, the virtual circuit is established, but the XID negotiation does not proceed to completion. The router sends XID responses as commands, rather than responses. There is no workaround. [CSCdi44435]
- A router might crash if running QLLC and using remote source-route bridging (RSRB) over a serial line to provide the Logical Link Control, type 2 (LLC2) connection from QLLC to an end station or host. The crash only occurs if multiple changes are made to the encapsulation type on the RSRB serial line. [CSCdi45231]
- When concurrent or multiple link activations are requested from or to the same interface or service access point (SAP) of a Cisco Link Services (CLS) user (typically APPN or DSPU) to multiple devices, some of the link activations may fail in random fashion. The problem is more likely to be evident when in networks where test polls are outstanding for longer periods of time, and when many links are auto-activated at the same time. [CSCdi46491]
- A Cisco router might report inaccurate traffic statistics. In particular, nonbroadcast frame counts might be incorrect if the router is acting as a source bridge on a Token Ring. [CSCdi46631]
- Explorers are not forwarded to the CIP CSNA feature from DLSw+. [CSCdi47239]
- A Cisco Link Services component (such as APPN or DSPU) may be unable to reconnect after it is disconnected when running over a CLS controlled by a locally acknowledged RSRB connection. This problem only affects reconnecting after an LLC2 outage when the RSRB peer remains up throughout the disconnection and reconnection process. [CSCdi47275]
- Using a CIP with CSNA configured in a Cisco 7500 router causing ciscoBus complex restarts and output stuck messages for the CIP virtual interface (ch x/2). [CSCdi47536]
- If the router receives a source-bridge packet with bit 2 of the routing control field set (for example, 28), the router may send back an invalid bridge path trace report frame intended for the source of the original frame, but directed to a group address instead. This may cause congestion. [CSCdi47561]
- A downstream physical unit (DSPU) sometimes retries connecting to the host too rapidly, with as many as sixty tries per second, flooding the host with XID packets. This problem causes the NetView log to get congested and run out of storage, which might bring down the host. [CSCdi47803]
- If DLSw with FST is configured, an LLC2 session should not be set up. [CSCdi47888]
- Using the no lnm disable command in conjunction with a CSNA internal Token Ring adapter can cause a bus error. [CSCdi47898]
- A DLSw SDLC ABM bit is not turned off in xid(pn). [CSCdi47942]
- On the Cisco 7000 or Cisco 7010, a FDDI interface with both ip address and source-bridge commands configured will not respond to ARP requests destined to its IP address. [CSCdi48284]
- When proxy explorer and proxy NetBIOS are configured, looped RIFs might be created. The only workaround is to disable the feature. [CSCdi48577]
- Under extreme traffic load, CLSi may deliver packets to DLSw out of sequence (LLC sequence). In some environments, including PU4/5-to-PU4/5, this will cause the receiving end station to disconnect. [CSCdi48915]
- When a router running DSPU over Frame Relay in communication with a frame device breaks the session, it does not try to reconnect after DM is received. [CSCdi49044]
- When attempting to run APPN over Frame Relay, the router generates error and traceback messages: "APPN-6-APPNSENDMSG," "APPN-7-APPNETERROR," and "SYS-2-BADSHARE." [CSCdi49162]
- On Cisco 7000 series routers installed with a CIP, the commands csna, llc2, offload and show extended channel tcp-stack fail after a router reload or boot. To workaround, reboot the microcode reload clears up the problem. [CSCdi49312]
- The number of downstream PU supported should be increased from 256 to 1024. [CSCdi49448]
- When using an APPN Connection Network over FDDI, sessions that use the router as a member of the FDDI connection network fail to activate. [CSCdi49560]
- Connections to a host cannot be established from a DSPU using virtual telecommunications access method (VTAM) through a Cisco 3172 Channel Interface Processor (CIP). [CSCdi49872]
- If peer A and peer B are DLSw priority peers (the keyword priority is on the remote peer definition), and peer A is reloaded, peer B may crash. [CSCdi50155]
- NetView native service point acquires but does not free VTY lines. The only way to recover the VTY lines is by using the clear line line-number command. [CSCdi51685]
Interfaces and Bridging
- On a Cisco 4500 router, if you issue the no shutdown command on a Fiber Distributed Data Interface (FDDI) interface, the router will reboot. [CSCdi42429]
- The MIP T1 and E1 interfaces do not support enhanced or normal online insertion and removal (EOIR/OIR). There is no workaround. This bug is fixed in Release 11.0(6) and later, and requires a minimum of MIP hardware version 73-0903-08 Rev A0.
In addition to the hardware requirements, the fix for this bug that is in Release 11.0(6) and later releases requires that you allow a minimum of 15 seconds to elapse between OIR events. Removal of one interface counts as one event, and insertion of one interface counts as one event.
Failure to provide this time for the router to stabilize between OIR events can result in the reset performed for one event corrupting the reset performed for another event, which could require interfaces to be reconfigured or reinitialized manually. This reset requires even more time if additional channel-groups are defined within the router. The time between OIR events should be increased to as much as 30 seconds if three or more MIP cards are fully channelized in the router. While the corruption of this reset activity might occur only occasionally if OIR events are too closely timed, it is mandatory to allow the correct interval to guarantee the benefits of EOIR/OIR. [CSCdi46137]
- Transparent bridging and the HSRP protocol cannot be simultaneously enabled on Fast Ethernet interfaces. Random crashes resulting in image or memory corruption will occur. [CSCdi48646]
- Bridging from a Token Ring through an ATM cloud via RFC 1483 AAL5 snap encapsulation back to a Token Ring does not function because of an incorrect CTL/OUI. There is no workaround. [CSCdi49151]
IP Routing Protocols
- Routers may be misconfigured to assume that a particular AS is in a confederation when it is not. This misconfiguration causes the confederation information that is inside the AS path to be propagated. The workaround is to configure the router correctly. [CSCdi46449]
- On an AGS+ router with FDDI interfaces and 181-1 ciscoBus microcode on the interface, enhanced IGRP does not discover neighbors when bridge-group is configured on that interface. [CSCdi48057]
- Packet corruption can occur when fast-switching IP packets from ATM interfaces to Token Ring interfaces configured with the multiring command. [CSCdi49734]
Novell IPX, XNS, and Apollo Domain
- Cisco 1003, Cisco 1004, and Cisco 1005 routers advertise all IPX services with a SAP hop count of zero. Both dynamically-learned and static SAPs are sent out every interface with a zero hop count, which makes remote services invisible to Novell servers connected directly to the router (for example, on the LAN interface.
Clients on LANs with no server can connect correctly, as the router answers the GetNearestServer request. However, whenever there is a Novell server on the same LAN as the client, the client will not be able to connect to any remote services.
Use the show ipx servers command to determine whether any SAPs are being seen with zero hop count from the neighboring router. [CSCdi46488]
- When an Enhanced IGRP route is advertised back into RIP, the delay within the Enhanced IGRP cloud is not taken into account properly in the tics value of the route when it is redistributed into RIP. The RIP advertised route then may appear to be closer than it really is. [CSCdi49360]
- When an interface goes down, services that are not learned over that interface are marked as down, possibly causing excessive SAP packet generation as packets are first flooded as down, then learned, and flooded again as new. [CSCdi49369]
- If IPX Enhanced IGRP is running, the command sequence interface serial / no ipx network / no ipx routing may cause the router to reload. [CSCdi49577]
- Multicast fast switching is not functional for ATM subinterfaces. A workaround is to configure no ip mroute-cache on the incoming subinterface. [CSCdi51178]
TCP/IP Host-Mode Services
- Under unknown circumstances, random lines on an ASM will pause indefinitely in the Carrier Dropped state. The only way to clear the line is to reload the ASM. [CSCdi44663]
- Opening hundreds of simultaneous telnet connections from a TTY or VTY can cause the software to reload with a watchdog timeout error. [CSCdi47841]
VINES
- VINES servers located downstream might unexpectedly lose routes that were learned via Sequenced Routing Update Protocol (SRTP). This behavior results from improper handing of network sequences numbers by the system. Issuing a clear vines neighbor or disabling SRTP are suggested workarounds. [CSCdi45774]
- A Cisco router reloads when it receives incorrectly formatted Interprocess Communications Protocol (IPC) packets from the VINES application software "Streetprint." The VINES IPC length field should contain the number of bytes that follow the long IPC header in a data packet, but Streetprint incorrectly set the IPC length in each IPC message to the total number of bytes of all IPC messages. [CSCdi47766]
Wide-Area Networking
- When a LAN Emulation (LANE) client becomes nonoperational, the subinterface state remains in the Up state. This causes routing tables to retain routes longer than normal. These routes remain until the configured routing protocol discovers (via neighbor discovery or holddown) that the subinterface has gone deaf. Static routes are discouraged on LANE interfaces, because the route will always be advertised. [CSCdi36121]
- When routing an X.25 call request packet containing a Calling/Called Address Extension facility in some cases the Calling/Called Address Extension facility may be modified. [CSCdi41580]
- An X.25 interface might hang if the Link Access Procedure, Balanced (LAPB) layer gets stuck in the RNRsent state. This might occur if virtual circuits (VCs) receive encapsulated datagram fragments that are held for reassembly, and the number of these fragments approaches the interface input queue count. The LAPB protocol will not exit the RNRsent state until the number of held buffers decreases. This condition can be cleared if a shut /no shut is performed on the interface, or if the other end of the LAPB connection resets the protocol. [CSCdi41923]
- If a new permanent virtual circuit (PVC) is defined on an ATM Interface Processor (AIP) when existing switched virtual circuits (SVCs) and PVCs are already defined, an interface reset might occur with a subsequent restart of all SVCs. [CSCdi43779]
- When fast switching IP traffic from an AIP onto an FDDI interface, an extra byte is added to the end of the packets. [CSCdi44580]
- Under some unknown conditions, an ISDN B-Channel may fail to disconnect. The PPP Keepalive feature detects the partially disconnected link and repeats the message "exceeded max retries taking LCP down," every few minutes. [CSCdi48111]
- If parallel connections are made to a dialer group or ISDN interface that use the same IP address and a neighbor route is necessary, the neighbor route will be added for the first connection only. Subsequent connections will detect that a route already exists and not add another route. This will works until the first connection closes and its neighbor route is removed. The other connections will remain open but there will be no neighbor route installed for them. This problem applies to parallel connections, not to multilink bundles. [CSCdi49007]
- When a router on which all ATM interfaces are in a no shut state is booted, you need to issue a shutdown and no shutdown command sequence on any one of the ATM interfaces to make SSCOP fully initialized and allow ATM signaling to function properly. [CSCdi49275]
- If aaa new-model (for example TACACS+) is enabled, you cannot specify callin on the PPP authentication configuration line. [CSCdi49280]
- Non-default IPX encapsulation cannot be configured on an ATM subinterface using the ipx encapsulation encapsulation-type command. The workaround is to configure non-default encapsulation using the ipx network network encapsulation encapsulation-type command. [CSCdi49729]
- Cisco IOS Release 11.0(6), Release 11.1(2), and Catalyst 5000 ATM software Release 2.1 and later contain a fix for an emulated LAN defect. If you deploy Release 11.0(6), Release 11.1(2), or Catalyst 5000 ATM software Release 2.1 or later releases in your network, and you use emulated LAN bridging features, you must upgrade the Cisco IOS software in all routers and Catalyst 5000 switches in your network to use a version of Cisco IOS software that contains the fix. Failure to upgrade all devices in a particular emulated LAN will result in interoperability problems between Cisco devices.
If you choose to continue to use Cisco IOS Release 11.0(5), Release 11.1(1) or earlier releases, the Catalyst 5000 requires ATM software Release 1.1. [CSCdi49790]
Caveats for Releases 11.0(1) through 11.0(4)
This section describes caveats (possibly unexpected behavior) of Cisco IOS Release 11.0(4). These caveats also apply to Releases 11.0(1) through 11.0(3) (unless otherwise noted).
For more caveats of Release 11.0(4) and earlier 11.0 releases, see all the preceding caveats sections.
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Release 11.0(5).
AppleTalk
- When AppleTalk packets go through ARAP, it is possible that the destination address may be set incorrectly to use a multicast address instead of a unicast address. [CSCdi44145]
Basic System Services
- When authenticating using TACACS or extended TACACS with Password Authentication Protocol (PAP) on an interface that is not an asynchronous line, the system may reload if the principal's username and password also exist in the local database. [CSCdi45530]
- When the MIB variable .iso.org.dod.internet.private.enterprises.cisco.local. linterfaces.lifTable.lifEntry.locIfOutputQueueDrops is polled, a Cisco 7000 router's CPU utilization increases to over 90 percent. [CSCdi45961]
- TACACS+ does not send accounting stop requests. [CSCdi46519]
- Using HSRP in heavy traffic situations can cause RSP-3-ERROR reports and ciscoBus resets. [CSCdi46654]
- Upon process completion, the scheduler leaks a small amount of memory. In routers that have many processes, such as IPX, the memory leak can be significant. When the router runs out of memory a crash is possible. There is no workaround. Note that this problem only affects versions 11.0(4.2) and 11.0(4.3). [CSCdi47177]
DECnet
- Switching DECnet Phase IV packets may be slow when the packets must traverse a Phase V cloud, that is, when a DECnet IV/V conversion is involved.
An illustration of this problem can be seen by issuing a SET HOST command from one Phase IV host to another over a Phase V cloud, and noticing that the connection can take about a minute to complete. Normally this operation should take a few seconds. [CSCdi38569]
EXEC and Configuration Parser
- If you configure a nondefault FDDI transmission time and save the fddi valid-transmission-time command to NVRAM, the system will reload when the boot monitor reads the command from NVRAM at boot time. If a nondefault time is required, the workaround is to boot that portion of the configuration using the boot host command. [CSCdi37664].
IBM Connectivity
- On low-end systems if the router interface is DTE, and a router reload occurs, SDLC packets are identified as HDLC packets by the serial driver until a shut / no shut command sequence is issued on the interface. This problem causes occasional packet drops without any trace if a byte pattern matches that of another protocol and can also cause serious performance problems. [CSCdi43686]
- Using the SRB proxy-explorer feature with SRB autonomous switching on FDDI can cause incoming packets to be dropped by the FDDI interface. The workaround is to disable the SRB proxy-explorer feature or disable SRB autonomous switching on the FDDI interface. [CSCdi44095]
- Frame Relay AutoInstall with dlsw bridge-group 1 in the router configuration can cause the router to reset and display the error message "Exception: Software forced crash at 0x." [CSCdi44169]
- When running DLSw+ Frame Relay encapsulation in a non-pass-through mode, NetBIOS stations might time out. This happens when the NetBIOS stations have NetBIOS retries and timeout values lower than the default values. The default values are typically a retry value of 8 and a timeout value of 500 ms. Increasing the NetBIOS retries or the timeout value eliminates this behavior. [CSCdi45362]
- DLSw peers configured with direct encapsulation will not be connected. To work around, use TCP encapsulation. [CSCdi45411]
- A router configured for QLLC support of a PU 2.0 to a host might ignore the null XID response from the host and not send the XID T2 on behalf of the controller. [CSCdi45514]
- A router running APPN aping traffic for extended periods of time will crash intermittently at CepPongRequest. [CSCdi45974]
- When access lists are configured on the router interfaces and when a locally attached SDLLC connection sends a TEST frame to a Channel Interface Processor (CIP)-connected host, the TEST frame is dropped and the router reports a Bad VCN error. Frames are, in turn, received from the host and forwarded to the appropriate destination. [CSCdi46474]
- A router configured for DSPU crashes at _CLSCepCheck while making DSPU configuration changes. [CSCdi46820]
Interfaces and Bridging
- The Cisco 1000 series routers receive and respond to unicast packets incorrectly under certain conditions. The problem appears when a protocol that uses a multicast address is enabled, for example, CDP. [CSCdi42687]
- Changing the encapsulation on a dialer interface after issuing the command no dialer in-band causes the router to reload. To prevent this problem from happening, do not remove the dialer type from the configuration. [CSCdi44101]
- When bridging is configured on interfaces not capable of doing SSE bridging, SSE bridging for all interfaces on the router is disabled. The workaround is to use ciscoBus bridging. [CSCdi45124]
IP Routing Protocols
- IPX routing by RIP or Enhanced IGRP may fail on primary serial interfaces when there are subinterfaces of that primary serial interface configured for IPX routing before the configuration of the primary interface for IPX routing. [CSCdi44144]
- Enhanced IGRP may announce IP summary routes with a wrong metric (a value too high). This may cause networks to be unreachable. [CSCdi46290]
ISO CLNS
- CLNS routes learned via IS-IS are not properly redistributed into ISO-IGRP. [CSCdi44688]
- If an IS-IS link-state packet (LSP) is not regenerated for 24.8 days, it will become impossible to transmit it for another 24.8 days. This only happens in very stable IS-IS networks. [CSCdi45179]
- Under rare conditions, the show isis route command causes the router to reload. [CSCdi45496]
Novell IPX, XNS, and Apollo Domain
- Clearing the SPX spoofing table using the clear ipx spx-spoof command or by removing the ipx spx-spoof command from the last interface left spoofing may cause a system reload. [CSCdi43117]
- IPX fast switching fails over an AIP interface. [CSCdi44647]
- Where there are several SAP entries in the network, if ipx sap-incremental is configured, a router may end up with fewer SAP entries than actually exist when the interface goes down and is brought up later. [CSCdi46224]
Protocol Translation
- A TCP to LAT/X.25 translation that uses an access-class option which specifies an extended access list can cause the router to reload. Extended access lists are not permitted with a translate command. [CSCdi44853]
TCP/IP Host-Mode Services
- On a Cisco AGS+ router or Cisco 7000 router, if ip tcp header-compression is turned on for FDDI or serial interfaces, the following error message may display: "%LINK-3-TOOBIG: Interface Serialxx, Output packet size of 1528 bytes too big." [CSCdi38666]
Wide-Area Networking
- TCP header compression over PPP and ISDN is not functioning. This also affects asynchronous dialer interfaces. To work around, turn off IP TCP header-compression. [CSCdi19199]
- The AIP card of the Cisco 7000 series routers does not map the virtual path identifier/virtual channel identifier (VPI/VCI) pair used in an ATM connection unless the router is initiating the switched virtual circuit. There are two symptoms: The first occurs when a new VPI/VCI is opened to the router from an ATM switch. In this case, the AIP does not pass this information to the RP and a reply to the incoming traffic is not sent back on the VPI/VCI just opened. Rather, the AIP card opens a new VPI/VCI and sends it back to the switch, creating unidirectional switched virtual circuits, which is inefficient. The second more serious symptom occurs when cells carrying packets, which are responses to packets in a VPI/VCI pair opened by a sending router, return on a new, unidirectional VPI/VCI for which the router has no mapping. In this case, the incoming cells are missed, requiring retransmissions to complete the intended communications. The correct behavior is for the router to map all VPI/VCI pairs. [CSCdi32192]
- When using a Cisco 2500 series terminal server with PPP, packets are allowed to pass after IP Control Protocol (IPCP) has completed negotiation, but before the interface is declared to be up. This can cause problems with applications that send out immediate requests; the response may be dropped by the terminal server because the interface is down. The workaround is to place a slight pause after IPCP is negotiated but before sending requests. [CSCdi37400]
- BRI interfaces might stop placing calls after some time of normal operation. To reenable the interface, reload the router. [CSCdi42098]
- ISDN interfaces on an MBRI card might stop functioning after reporting an error message similar to "%SYS-3-HARIKARI: Process ISDN top-level routine exited..." To restart ISDN, reload the router. [CSCdi42578]
- Clearing an asynchronous dialer interface will prevent subsequent calls from being made over that interface. A shutdown command is needed to allow calls to be made again. [CSCdi43794]
- When LAPB or X.25 encapsulation are configured, it is possible for the lapb n1 xxx command to disappear from the working configuration and for N1 to fall back to the default. This might occur after an interface reset or a router reload. [CSCdi44422]
- Under unknown conditions, a debug ppp packet may cause the router to stop processing packets. [CSCdi45322]
- If an ATM interface goes down and back up because of a disruption on the fibers connecting it, PVCs are defined for the interface remain inactive. Because this includes the signaling (qsaal) and ILMI PVCs, no SVCs can be established. The workaround is to do a shut / no shut on the interface. [CSCdi45544]
- The dialer load threshold command does not choose between the outbound and inbound thresholds correctly. The workaround is use dialer load-threshold inbound. [CSCdi45593]
- When using ATM without declaring any PVCs, but with an ARP server declared, the router might crash. The workaround is to always declare the signaling VC before attempting to configure an ARP server. If a PVC is present at any point after boot, deleted, and the ARP server declared, no crash occurs. If the configuration is written to NVRAM, there will be a crash on boot. [CSCdi45733]
- Using the frame-relay payload compression command disables the parse-tree for all commands after it in the frame-relay map statement. [CSCdi45797]
- A serial interface running with X.25 encapsulation and under heavy load can top sending LAPB RRs. The X.25 switch sends I-frames until the window is full. After 3 seconds, when the switch sends a frame with the poll bit set, the frame is rejected and the traffic continues. [CSCdi46024]
- If you configure dialer-list # protocol ip permit on an asynchronous/PPP backup interface, the routing protocol is not sent to the interface after it has gone from standby to up/up spoofing and does not initiate a dialout for DDR. This also occurs on synchronous serial DBU interfaces.
One workaround is to configure SNMP or syslog to a host on the remote side. An SNMP trap is required for snmp-server host x.y.z.w, or a console message to logging host, but will initiate a dialout. [CSCdi46312]
- Under some unusual circumstances, a Cisco 7000 router might reload and indicate a bus error. [CSCdi46318]
- Routers with ISDN BRI interfaces that use the isdn switch-type basic-net3 command may experience BRI port failures because of all network layer control blocks (NLCBs) being used and never released. Once all NLCBs and call control blocks (CCBs) are used, a reload of the router is required to use the BRI interface. The problem does not apply to ISDN Primary Rate Interfaces (PRI).
A possible workaround is to set the dialer idle-timeout value on the BRI routers connected to NET3 switches higher than the timeout value of the other routers connected via ISDN. This assumes the other router or routers do not have BRIs connected to NET3 switches, as they would have the same problem. This workaround also requires knowledge of the dialer idle-timeout value configured on the other router or routers.
The problem does not occur if the call hangup is initiated by the ISDN network rather than the BRI router connected to a NET3 switch. [CSCdi46668]
- In dial-in only ISDN or rotary group configurations, fastswitching may cause packets to be sent on the wrong interface. To work around this problem, disable fastswitching, or configure a phone number on the dialer maps. [CSCdi47701]
Caveats for Releases 11.0(1) through 11.0(3)
This section describes caveats (possibly unexpected behavior) of Cisco IOS Release 11.0(3). These caveats also apply to Releases 11.0(1) and 11.0(2) (unless otherwise noted).
For more caveats of Release 11.0(3) and earlier 11.0 releases, see all the preceding caveats sections.
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Release 11.0(4).
AppleTalk
- Issuing a show appletalk route network where network is an AppleTalk proxy network causes the system to halt. [CSCdi44235]
Basic System Services
- IP multicast fast switching does not work on the Cisco 7500 series routers. However, process-level IP multicast switching does work. All multicast interfaces on Cisco 7500 series routers should be configured to process switch IP multicast traffic using the interface configuration command no ip mroute-cache. [CSCdi39140]
- The router may pause indefinitely if a single process fails to update its event timers. [CSCdi44073]
IBM Connectivity
- DSPU sends TEST (P) in response to a NULL XID (P) on Connect-ins. This causes problems with some LLC2 implementations. [CSCdi40809]
- A Cisco 4500 router might reload if a TEST (F) or NULL XID (F) is received while the X.25 SVC for the QLLC connection is down. [CSCdi40851]
- In rare cases, the router's serial interface driver software will drop SDLC frames with bit patterns identical to HDLC LEX frames. This problem has been observed on interfaces using STUN-basic encapsulation with non-IBM SNA data traffic (for example, COMM10 CNS protocol). There is no indication in the router when this problem occurs. The router does not increment the interface "drop" counter or the STUN "drop" counters. Detection is only possible with a media tracing tool. [CSCdi41558]
- The Find Name NetBIOS broadcast is sent from all the Token Ring interfaces even though the proxy-explorer and NetBIOS name caches are configured on the interface. To work around, run backlevel software. [CSCdi41972]
- The number of LLC2 sessions allowed in the router is artificially limited. Also, a count of the number of LLC2 sessions should be seen in the banner of the show llc2 command. [CSCdi42181]
- Two new global commands that add keepalive support are now available:
- [no] bstun remote-peer-keepalive [n]
where n is the time period between keepalives in seconds.
- [no] bstun keepalive-count [count]
where count is the number of keepalive periods to expire before declaring the TCP session down.
The keepalives can be viewed using the debug command debug bstun event, for example [CSCdi42960]:
BSTUN: Received Version Reply opcode from (all[2])172.16.12.2/1976 at 1360
BSTUN: Received Version Request opcode from (all[2])172.16.12.2/1976 at 1379
BSTUN: Received Version Reply opcode from (all[2])172.16.12.2/1976 at 1390
- Running QLLC/LLC2 conversion in the router sometimes results in a memory leak during connection establishment. [CSCdi43119]
- When an SDLLC or QLLC virtual ring is configured, explorers might be incorrectly forwarded to the interface corresponding to the third ring in the RIF. [CSCdi43378]
- When more than one virtual circuit is configured per subinterface for ATM RFC 1483 transparent bridging, every other packet originating from FDDI has the MAC address swapped in canonical order. The workaround is to configure one ATM virtual circuit per subinterface. [CSCdi43833]
- When using FRAS or DLSw, large delays might be seen in SDLC session startup for PU 2.0. One workaround is to configure the router so that SDLLC starts the timer. The SDLLC configuration can then be removed, and the timer will continue on the 5 second dispatch interval. [CSCdi43856]
- SRB bridged packets might be dropped if the router is configured for RSRB direct and priority or custom queueing is enabled on the output serial interface. The workaround is to disable priority or custom queueing on the serial interface. [CSCdi44430]
- Packets cannot be fast switched from the CIP virtual interface to a TRIP interface using TRIP microcode version 10.3 To work around, load TRIP microcode version 10.2. [CSCdi44617]
Interfaces and Bridging
- If two routers are on a ring, it is possible for the OSPF neighbors to disappear because the IP process does not receive the multicast packet for OSPF hellos. [CSCdi38185]
- Transparent bridging may fail to forward packets on MultiBus Token Ring interfaces or MCI serial interfaces on the AGS. [CSCdi39644]
- For a given bridge table entry, bridging might not forward packets sourced from that address destined for a particular device, but forward others. This can be seen by the show bridge nnnn.nnnn.nnnn TX count incrementing, but the RX count staying constant. To work around, issue a clear bridge command. [CSCdi42445]
- On a Cisco 4500 router bridging DECnet, certain stations might be unable to establish connectivity over transparent bridging. Some DLC frames are not forwarded when they should be. [CSCdi42690]
- Cisco 4000 series routers with FDDI NIMs can reload under stress. There is no workaround. [CSCdi43618]
- When configuring SLIP or PPP framing on the auxiliary port of a router, a "Low memory modified by Input Helper" message appears in system error log. [CSCdi43970]
- Enabling SSE for IP might cause the system to crash. The workaround is to configure no ip route-cache sse. [CSCdi44414]
IP Routing Protocols
- In rare circumstances, the router may reload while fast switching over a DDR interface. [CSCdi42068]
- MAC Burned-in-addresses (BIA) can sometimes replace the HSRP group MAC address for the HSRP IP address in the ARP table. [CSCdi43875]
ISO CLNS
- Under some circumstances, OSI end-system adjacencies may not appear in an ISIS Level-1 pseudonode Link State Packet (LSP). This typically happens when there is only a single router on the LAN that contains the end systems. [CSCdi43236]
VINES
- The system may halt unexpectedly after issuing a clear vines neighbor command. [CSCdi42431]
- An SRTP update sent in response to a client request for specific networks will omit the last network specified in the request. [CSCdi44517]
Wide-Area Networking
- TN3270 and Telnet user sessions can be dropped unexpectedly from the Cisco 2509 and Cisco 2511 access server asynchronous ports because of an inactivity timeout. [CSCdi41542]
- Ethernet packets that are too short are sent by a Catalyst 5000 if a short packet originates on an FDDI ring and is routed to the Catalyst 5000 by a Cisco 7000 router via an emulated LAN. To work around, turn off fast switching (no ip route-cache) on the ATM interface on the Cisco 7000 router. [CSCdi41868]
- Routers with an ISDN BRI interface may have problems with B-channels or run out of Call Control Blocks (CCBs). Some switches will assign a B-channel that is currently in use. The router then rejects these calls with a "Channel Unacceptable" cause. Previously, the router accepted the new call and stranded CCBs. This leads to the router eventually running out of CCBs. [CSCdi42123]
- "ATM failed to create VC" errors can occur because an ATM switch assigns VPI/VCI numbers outside the ranges that can be accepted by the router. The workaround is to manually set the VPI/VCI space on the switch. [CSCdi42518]
- Hardware flow control may be inadvertently disabled on the Cisco 2509, 2510, 2511 and 2512 asynchronous ports after issuing a configure network or a copy tftp running-config command. To restore flow control, issue the line configuration command flowcontrol hardware on all lines. [CSCdi43306]
- With subinterfaces defined on ATM interfaces (AIP) and with the command atm pvc aal5mux ip under each subinterface, the PVCs may not show up in the active configuration (viewable using the write terminal command) after reload, and cause the PVCs to not come up. The only way to get the PVCs up is to issue a configure memory command. [CSCdi43387]
- The Cisco 4500 router will fail when the PRI controller configuration is removed. This failure is seen as a "SegV Exception" error. It does not occur if the interface has been shut down since the router was last rebooted. A workaround, if the PRI controller configuration must be removed, is to first shutdown the interface, reboot the router, and then remove the configuration. [CSCdi43511]
- If the remote end of the connection (the peer) attempts to authenticate with PAP, and no authentication of the peer is attempted, the authentication will appear to succeed, but none of the NCPs (such as IPCP or IPXCP) will begin negotiation. The peer will think the link is up, and the local end will think the link is down. [CSCdi43514]
- If an ATM interface is up and has established SVCs, and a clear interface atm slot/port command is issued, the router will try to reestablish virtual circuits. At this point the ATM switch sends a status request to the router. The router ignores this status request. After 4 seconds the switch times-out the status request and issues call releases. The router responds to the call release with a code of zero. [CSCdi43528]
- Certain configurations of IP address pooling commands will cause IPCP to reject an IP address suggested by the peer. Typically, no peer address will be negotiated and IP connectivity may be broken. Debug statements corroborate that IP address pooling is involved even if no ip address-pool or peer default ip address statements have been entered.
This problem can be avoided if each PPP interface is configured correctly for a peer address, for address pooling, or with pooling explicitly disabled.
The commands to configure pooling (local or DHCP) are site-specific.
If a fixed peer address is acceptable, it can be set with the command peer default ip address a.b.c.d where a.b.c.d is the IP network address of the peer. Note that this command replaces the command async default ip address a.b.c.d for asynchronous interfaces, but applies to all PPP and SLIP interfaces including ISDN interfaces.
Pooling can be explicitly disabled on an interface by issuing the command no peer default ip address.
This command has no other effect and can be replaced later with an appropriate address pooling configuration. [CSCdi43677]
- The router reloads if the interface subcommand async mode dedicated is configured for a group asynchronous interface. [CSCdi44030]
- When fast switching IP or IPX over a dial-on-demand media, calls may be disconnected by the idle timer even though interesting traffic goes through. [CSCdi44938]
Caveats for Releases 11.0(1) through 11.0(2)
This section describes caveats (possibly unexpected behavior) of Cisco IOS Release 11.0(2). These caveats also apply to Release 11.0(1) (unless otherwise noted).
For more caveats of Release 11.0(2) and earlier 11.0 releases, see all the preceding caveats sections.
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Release 11.0(3).
AppleTalk
- IPTalk clients running Columbia AppleTalk Package (CAP) cannot start up because a nonstandard NBP packet generated by the client is not forwarded by the system. There is no workaround. [CSCdi39096]
Basic System Services
- When performing SNMP queries of a router using the RSP2 board, the router may reset with error message "System restarted by abort". [CSCdi40186]
- When using protocol translation for virtual asynchronous connections, the system may restart with the message "System was restarted by error - Illegal Instruction, PC 0x0". [CSCdi40681]
- Memory might become corrupted when servicing MacIP ATP packets, which results in a system reload. [CSCdi41076]
- In some configurations with a loopback interface, memory will be consumed by packets erroneously queued to that interface. As packets are queued to the loopback interface, free memory dwindles until the router crashes because it has no free memory. The only workaround is to delete the loopback interface. [CSCdi41281]
- Removing enable secrets using the no enable secret configuration command fails and prints an error when specifying explicit privilege levels. [CSCdi41368]
- When DSPU or DLSw+ is configured to accept connections across QLLC/X.25, the router will reload when the second QLLC/X.25 connection becomes active. [CSCdi41826]
IBM Connectivity
- SNA packets are lost during fragmentation if no buffer is available to store the fragmented packet. The SNA application will recover and resend the packet without disconnecting the session. [CSCdi27730]
- With SRB configured (local only), the router occasionally appends random data to the end of LLC2 RR frames being bridged through the router. Some LLC2 devices will reject these padded frames, causing sessions to be lost. [CSCdi38486]
- CMNS will use an incorrect MAC address when trying to open an LLC2 connection to a host running DECnet Phase IV. The workaround is to have the DECnet host open he LLC2 connection to the router. [CSCdi40639]
- The local and remote ring numbers can now be between 1 and 4095. Before they were only allowed to be between 1 and 255. [CSCdi41283]
- When DSPU over QLLC is configured, the router may experience loss of memory caused by the fragmentation of a large frame into several smaller frames. The workaround is to ensure that the MAXDATA for both the upstream and downstream links is set at a maximum of 256 bytes. If data lengths are 256 bytes or less, data frames will not require fragmentation by QLLC and memory leak should not occur. [CSCdi41663]
- After configuring an LNM PC with a bridge definition that contains the target interface MAC addresses on the router, if a no source-bridge local-ring bridge-number target-ring command is subsequently entered for one of the interfaces previously configured on the LNM PC, and a Link Bridge command is then entered on the LNM PC, the router will halt with a bus error indication. The only workaround is to ensure that no source-bridge local-ring bridge-number target-ring commands are not executed on the router after defining the target LNM server bridge on the LNM PC. [CSCdi41997]
- SRB packets are not bridged to or from the CSNA internal LANs when DLSw+ peers are configured with FST/direct encapsulation. To work around, configure DLSw+ peers for TCP encapsulation. [CSCdi42462]
- LLC2 connections cannot be established to CSNA internal LANs configured on the RSP/75xx platforms. [CSCdi42839]
Interfaces and Bridging
- VINES ping fails over transparent bridging with the following configurations:
- Ethernet-FDDI
- Ethernet-FDDI-Ethernet
- FDDI-serial-FDDI with serial encapsulations HDLC, PPP, FR-EITF, Frame Relay
- FDDI-HSSI-FDDI with serial encapsulations HDLC, PPP, FR-EITF, Frame Relay
- DEC and IEEE with serial encapsulations HDLC, PPP, FR-EITF, Frame Relay
There are no failures with SMDS or X25. [CSCdi37994]
- Weighted fair queueing is incompatible with transparent bridging on HDLC, Frame Relay, or ATM serial interfaces. The default configuration of weighted fair queueing causes bridge flooding to fail and may produce the following error messages:
%SYS-2-BADSHARE: Bad refcount in pak_enqueue, ptr=<hex value>, count=<number> -Traceback= <list of hex values>
%SYS-2-BADSHARE: Bad refcount in datagram_done, ptr=<hex value, count=<number> -Traceback= <list of hex values>
Weighted fair queueing cannot be deconfigured on serial lines in Release 11.0(1) software, so transparent bridging should not be configured on HDLC, Frame Relay, or ATM serial interfaces. On nonserial interfaces, the same problem occurs if you explicitly configure weighted fair queueing. [CSCdi39516]
- Transparent bridging can generate report giants coming off an ATM interface. This occurs when routers are configured with non-HDLC encapsulation on the serial links, or when priority queuing is configured. The workaround is to configure the serial interfaces for HDLC or to not force process-level transparent bridging. [CSCdi40560]
- If bridging is used on a router with an RSP2 processor from Ethernet to ATM to Ethernet, and if a MAC address filter is enabled, IPX, IP, AppleTalk, and XNS will fail to be forwarded. This happens with IEEE and DEC spanning tree. [CSCdi40658]
- If ATM or Frame Relay is used in a transparent bridging environment, DECnet and CLNS packets are not flooded correctly. There is no workaround. [CSCdi40861]
- Under rare circumstances, the IP fast switching cache can contain overlapping prefixes. If the SSE manager detects this, it will disable SSE switching. [CSCdi41807]
IP Routing Protocols
- AutoInstall sets up temporary static routes to access the TFTP server. These routes are deleted when AutoInstall is complete. When this happens, the chain of static routes may be corrupted. [CSCdi38875]
- EIGRP displays incorrect redistributed routes in the topology table. [CSCdi40200]
- If PIM sparse-mode is enabled on an Ethernet interface, all incoming ISIS packets on that interface are lost (not received). The workaround is to disable PIM sparse-mode on the interface. [CSCdi40951]
- On an SSE-equipped Cisco 7000 router routing IP with IP fast switching and SSE switching enabled, if a route is configured to use parallel paths, and one of the paths is removed because of a local interface flap, the SSE will suspend operation and the system will revert to fast switching. [CSCdi41527]
- OSPF it is not able to flood huge router LSA (bigger than 1456 bytes) correctly. The huge router LSA is generated when there are more than a hundred OSPF interfaces or there are more than a hundred secondary addresses defined on the OSPF interfaces. This can cause the router to crash. Note that the fix for this requires that all routers in the OSPF area that need to process huge LSA must be upgraded with the Cisco IOS version containing the fix (for example, Release 11.0(3) or later); routers running older versions could crash upon receiving the huge LSA. [CSCdi41883]
- If a PPP session on an ISDN interface has installed a neighbor route in the routing table and then the routing table is cleared, the neighbor route will not be re-installed although the connection will remain undisturbed. [CSCdi42602]
ISO CLNS
- When running ISO-IGRP and a CLNS route goes in holddown and is deleted, a memory leak of 128 bytes occurs. This happens frequently in a normal network. The final result is that the ISO-IGRP process uses most of the RAM, and the router becomes unreachable and stops functioning. Rebooting is the only way to restart the router. [CSCdi39191]
Novell IPX, XNS, and Apollo Domain
- When a floating static route is defined, the same route learned via NLSP does not override the user-defined floating static route. [CSCdi41138]
- When a learned route entry goes away on an interface that is also used as the IPX default route path, and a routed packet to the previously learned network is sent over this interface while the learned network is in hold down, a system restart may occur. [CSCdi41272]
- Configuring IPX on the router when the router is low in memory can cause the command shell to be stopped. [CSCdi42363]
- The ipx routing command does not enable IPX RIP protocol if no ipx routing has been configured. The workaround is to not configure no ipx routing. [CSCdi42953]
Protocol Translation
- Terminating a PAD-virtual asynchronous connection immediately after initiating it can cause the router to reload. [CSCdi39675]
TCP/IP Host-Mode Services
- UDP checksum is set to zero instead of being recalculated when a BOOTP reply from a server (with a correct UDP checksum) is forwarded to the client. This causes certain BOOTP client implementations to incorrectly ignore the BOOTP reply. [CSCdi38285]
- An access server can accept a new reverse TCP connection while in the HANGUP state for the previous connection. This causes the new connection to close shortly after being established. This happens with the modem cts-required command configured. [CSCdi39085]
VINES
- Under heavy loads, the VINES Router system process may not run frequently enough for proper VINES operation. Symptoms include a high amount of route and neighbor flappage. Reducing the load on the router may help alleviate the problem. [CSCdi41922]
Wide-Area Networking
- In configurations where a static map is mapping an IP address to an ATM-VC and running an ARP server on that IP logical IP subnetwork (LIS), an ARP is performed for that address. When the NSAP is returned, the static map entry to point at the NSAP is changed instead of the PVC. The workaround is to not use RFC 1577 ARP servers with static mapped PVCs. [CSCdi39485]
- When using DTR dialing and PPP encapsulation, DTR does not stay "low" after the call is disconnected. [CSCdi39576]
- Routers with an ISDN BRI interface may not properly answer incoming calls. This occurs if a clear interface bri x command is entered while calls are established or if the ISDN TEI flag is configured for first-call. The incoming call will be accepted, but the layer 3 CONNECT message will not be sent to the network. [CSCdi39627]
- The first CMNS connection directed to an Ethernet CMNS host fails if the LLC2 session between the Cisco router and the CMNS host has not been opened by a previous connection attempt. [CSCdi39783]
- In rare circumstances, an SDLLC connection failure causes the router to reload. [CSCdi39832]
- When a serial PPP link from a Cisco 7000 router to a LEX box goes protocol down, the LEX code should not continue to forward frames out the serial interface. [CSCdi39882]
- X.25 and LAPB encapsulations do not operate correctly. [CSCdi40746]
- A CMNS call directed to an x.25 destination interface that is down causes a bus error. [CSCdi40830]
- A router configured with X.25 on a serial interface may reload unexpectedly with the message "Exception: Illegal Instruction". All router platforms that have X.25 functionality are susceptible to this problem. This defect is not present in Release 11.0(1). [CSCdi40956]
- On an ISDN interface configured as part of a dialer group for PPP:
- IPCP causes a host route to be pointed at the D channel (subinterface 23 in a Primary Rate Interface)
- IPCP overrides the statically defined host route of the calling party
- IPCP installs only a single host route even if multiple users are connected
- Host routes installed by IPCP are never cleared
On an asynchronous (including VTY) interface:
- BOOTP fails
- An IP address entered with a PPP command is lost during IPCP negotiation
On a PPP interface (asynchronous, VTY, synchronous, ISDN):
- IP Address Pooling loses addresses
- IPCP does not negotiate the correct IP address
On a VTY interface:
- default is not a valid parameter to "ppp" or "slip" on the first command [CSCdi40958]
- Cisco 2509 through Cisco2512 devices' asynchronous lines stop accepting input under certain conditions. One of these conditions occurs when a user connected to a LAT host types a Control-C character. A clear line x or a change to the line parameters causes the line to start accepting input again. [CSCdi40994]
- After X.25 is configured on an interface, that interface does not work correctly with any other serial protocol. The router must be rebooted before another serial protocol can be used. [CSCdi41491]
- If an X.25 call is forwarded to a down interface, the router will reload. [CSCdi42195]
- ISDN Routers with a PRI or BRI interface may crash when receiving a layer 3 Status Enquiry message with a Display IE in the message. [CSCdi42382]
- ISDN routers may have trouble placing additional calls and may run out of ISDN call control blocks. [CSCdi42565]
- If a dialer dialstring configuration is used on an ISDN interface instead of a dialer map command, the router may crash. [CSCdi42764]
Release 11.0(1) Caveats
This section describes caveats (possibly unexpected behavior) of Cisco IOS Release 11.0(1). For more Release 11.0(1) caveats, see all the preceding caveats sections.
Only serious caveats are described in these release notes. For the complete list of caveats against this release, access CCO or use the Documentation CD-ROM as described in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of this document.
All the caveats listed in this section are resolved in Release 11.0(2).
AppleTalk
- The system may halt unexpectedly when the show appletalk route detail command is given. [CSCdi36007]
- When a Macintosh dials into an asynchronous port on a Cisco 2511 access server using ATCP and tries to print to a device off the Ethernet of the Cisco 2511, the device crashes and gives the message "System restarted by error - Line 1111 Emulator, PC 0xD7A". [CSCdi37588]
- IPTalk clients running Columbia AppleTalk Package (CAP) cannot start because a nonstandard Name Binding Protocol (NBP) packet generated by the client is not forwarded by the system. There is no workaround. [CSCdi39096]
Basic System Services
- Using point-to-point LAPB compression generates a memory leak. The workaround is to remove the compress predictor command from the configuration. [CSCdi32109]
- When using autoselect PPP in conjunction with TACACS+ authorization, the routing table will contain the host route for the default IP address assigned on the asynchronous interface even if TACACS+ and IPCP have assigned a different address to the client. [CSCdi37366]
- The IPX SAP process may use more memory than required which in turn may cause a memory leak. This could potentially cause the system to run out of memory. [CSCdi38381]
- When using TN3270 emulation, the 3270 datastream WSF command code X'll' is not handled correctly. After the router receives this command, the keyboard locks. To return to the IBM login screen, reset the keyboard and press an attention key (such as ENTER). [CSCdi39265]
DECnet
- The DECnet fast-switching code path cannot handle a static route that points to another DECnet address (in other words, the static route has no outgoing interface information). [CSCdi38977]
EXEC and Configuration Parser
- You cannot assign a privilege EXEC level to the command terminal download. [CSCdi38824]
IBM Connectivity
- NetBIOS connections occasionally fail to connect through remote SRB when local acknowledgment is enabled. The workaround is to disable local acknowledgment. [CSCdi37525]
- LLC2 parameters from the Internet Engineering Task Force are not recognized when entered. [CSCdi37921]
- DSPU does not recognize the 2-byte ACTLU Route Switch Processor (RSP) as a valid response and, therefore, does not activate the LU. [CSCdi38299]
- An AGS+ may fail and restart unexpectedly when configured to do RSRB direct encapsulation over a serial line. The following message will appear, "Exception: Illegal Instruction at 0xC". [CSCdi39276]
- A problem exists with APPN link activation between a virtual telecommunications access method (VTAM) host running APPN and the Cisco APPN network node function. The symptom is an XID negotiation failure with sense 08090040. This problem only occurs when the Cisco APPN network note has a control point name that is lexicographically higher than the system services control point name of the VTAM. [CSCdi39565]
Interfaces and Bridging
- Very intermittently, the FSIP controller detects a spurious error on the transmit buffer size, which results in a controller fatal error. [CSCdi30344]
- Cisco 7000 series routers using SDLC Multidrops should ignore data carrier detect signals. [CSCdi32813]
- On the Cisco 3000 router variant co-developed with DEC (the Brut partner product), when an Ethernet interface goes down, the output of a show interface command still shows the interface as being up. The SNMP replies are also incorrect. [CSCdi37135]
- If an asynchronous interface has been configured using the command peer default ip address poolname and the command is re-entered with this or another poolname, an internal failure will occur and the device may unexpectedly restart.
If an asynchronous interface has a configured pool name that needs to be changed, the workaround is to first enter any other variation of the command. For example, peer default ip address pool or no peer default ip address. You can then enter the peer default ip address poolname command.
This sequence should only be used when the pool name of an asynchronous interface needs to be changed. You do not need to do this if a specific peer IP address needs to be configured, if pooling needs to be disabled completely, or if the default selection needs to be set. [CSCdi39470]
IP Routing Protocols
- When the eigrp process receives a hello packet from a neighbor, it tries to send an update packet, but the process of sending an update packet can be suspended by the eigrp process. When the eigrp process is scheduled to again send the update packet the neighbor could be dead; all of the internal data structures for that neighbor could have been erased, which confuses the eigrp process and results in the generation of wrong bus address. [CSCdi35257]
- In a misconfigured or malfunctioning Token Ring bridging environment, pinging the HSRP virtual IP address can cause the ICMP echo request packets to be massively replicated. [CSCdi38170]
- Static routes are not redistributed into eigrp after a clear ip route *. A workaround is to kick-start the redistribution process by either removing one static route and reinstalling it, or by removing and reinstalling the redistribute static command under the router eigrp xx command. [CSCdi38766]
- Extended IP access lists that use UDP destination ports can have an incorrect configuration generated for them. [CSCdi39192]
- If the command no ip route-cache is executed on a serial interface configured for X.25 on a router with an RSP, the message "%RSP-3-RESTART: cbus complex" will be displayed periodically. [CSCdi39476]
- Tunnel interfaces configured as generic routing encapsulation tunnels do not pass packets. Additionally, output buffers are consumed and not returned. [CSCdi39816]
Protocol Translation
- When using one-step translation without requiring a login, per-user access lists cannot be assigned by extended TACACS for a virtual asynchronous interface. [CSCdi37678]
TCP/IP Host-Mode Services
- The router can erroneously drop packets (generating ICMP TTL-expired messages) from serial interfaces when TCP header compression is configured on those interfaces. [CSCdi37637]
TN3270
- Terminal emulations for Mod3, Mod4, and Mod5 terminals, part of TN3270 emulation support, do not work as expected. Rather than placing characters in particular fields, all characters wrap the screen lines. [CSCdi38665]
- The cursor placement in TN3270 emulation does not behave as expected. When editing fields in a CICS application, the cursor moves to the side of the screen, instead of to the left-most position in the field. [CSCdi38677]
VINES
- When vines single-route is enabled, the metric for alternative routes is recorded incorrectly. The workaround is to disable vines single-route. [CSCdi39054]
Wide-Area Networking
- When encapsulating OSI packets for transmission on a Frame Relay PVC, two copies of the NLPID are put in the header. RFC1490 specifies that the redundant NLPID should be left out. [CSCdi36199]
- CMNS connections cannot be established. [CSCdi38709]
- When one end of a Frame Relay link fails, the router or access server at the far end will not resynchronize with the PVC status provided by the LMI. [CSCdi39354]
- Using STAC compression can result in links not coming up, links going down unexpectedly, router reloads, and decompression size errors. [CSCdi39487]
- Frame Relay DLCIs that are deleted using the no frame-relay interface dlci command are not actually deleted from the system. [CSCdi39555]
- When using PPP subinterfaces on a Frame Relay interface, all packet traffic fails because of encapsulation failures—no map is found. This is caused by a mismatch in the map entry routine and the lookup routine. There is no workaround [CSCdi40023].
- The ATM ARP Server will crash the router after receiving a packet from a client reporting the IP address 0.0.0.0. This usually happens if the IP address is not configured on the ATM interface. Ensure you have IP addresses on all members of the LIS. [CSCdi40277]
Microcode Software
Table 13 and Table 14 list the minimum microcode versions for the AGS+, MGS, and CGS platforms, Table 15 lists the current microcode versions for the Cisco 7000 series, and Table 16 lists the current microcode versions for the RSP-based systems (Cisco 7500 series and 7000RSP). Note that for the Cisco 7000 series, microcode software images are bundled with the system software image. Bundling eliminates the need to store separate microcode images. When the router starts up, the system software unpacks the microcode software bundle and loads the proper software on all the interface processor boards.
Table 13 Minimum Microcode Versions for AGS+, MGS, and CGS with CCTL2
Processor or Module |
Minimum Version Required |
CSC-SCI
|
1.4
|
CSC-SCI HDX (half duplex)
|
5.0
|
CSC-MCI
|
1.11
|
CSC-R16M
|
3.2
|
CSC-1R/CSC-2R
|
1.6
|
CSC-ENVM
|
2.2
|
CSC-CCTL2
|
11.0
|
CSC-C2MEC
|
10.0
|
CSC-C2HSCI
|
10.0
|
CSC-C2FCI
|
10.0
|
CSC-C2FCIT
|
10.0
|
CSC-C2CTR
|
10.0
|
|
Table 14 Current Microcode Versions for AGS+, MGS, and CGS with CCTL
Processor or Module |
Minimum Version Required |
CSC-SCI
|
1.4
|
CSC-SCI HDX (half duplex)
|
5.0
|
CSC-MCI
|
1.11
|
CSC-R16M
|
3.2
|
CSC-1R/CSC-2R
|
1.2
|
CSC-ENVM
|
2.2
|
CSC-CCTL
|
3.0
|
CSC-MEC (5.0)
|
1.1
|
CSC-MEC (5.1)
|
2.2
|
CSC-HSCI
|
1.0
|
CSC-FCI
|
2.0
|
|
Note For the Cisco 7000 series, all boards must use the Level 10 microcode that is bundled with
the system image.
Table 15 Current Microcode Versions for the Cisco 7000 Series
Processor or Module |
Current Bundled Microcode Version |
Minimum Version Required |
AIP (ATM Interface Processor)
|
10.17
|
10.2
|
CIP (Channel Interface Processor)
|
21.221
|
10.0
|
CIP22 (second-generation Channel Interface Processor)
|
21.22
|
21.8
|
EIP (Ethernet Interface Processor)
|
10.1
|
10.0
|
FEIP (Fast Ethernet Interface Processor)
|
10.7
|
10.0
|
FIP (FDDI Interface Processor)
|
10.2
|
10.0
|
FSIP (Fast Serial Interface Processor)
|
10.18
|
10.2
|
HIP (HSSI Interface Processor)
|
10.3
|
10.0
|
MIP (MultiChannel Interface Processor)
|
11.5
|
10.0
|
SP (Switch Processor)
|
10.15
|
10.2
|
SSP (Silicon Switch Processor, 512 KB)
|
10.15
|
10.2
|
SSP (Silicon Switch Processor, 2 MB)
|
10.15
|
10.3
|
TRIP (Token Ring Interface Processor)
|
10.4
|
10.0
|
|
Beginning with Release 11.0(5), the CIP microcode version numbering for the Cisco 7000 and Cisco 7500 routers was synchronized.
Second-generation Channel Interface Processor (CIP2) microcode was introduced in Release 11.0(10). |
Table 16 Current Microcode Versions for the Cisco 7500 Series
Processor or Module |
Current Bundled RSP Microcode Version |
Minimum Version Required |
AIP (ATM Interface Processor)
|
20.10
|
20.1
|
CIP (Channel Interface Processor)
|
21.22
|
21.1
|
CIP21 (second-generation Channel Interface Processor)
|
21.22
|
21.8
|
EIP (Ethernet Interface Processor)
|
20.3
|
20.0
|
FEIP (Fast Ethernet Interface Processor)
|
20.6
|
20.1
|
FIP (FDDI Interface Processor)
|
20.4
|
20.1
|
FSIP (Fast Serial Interface Processor)
|
20.8
|
20.1
|
HIP (HSSI Interface Processor)
|
20.2
|
20.0
|
MIP (MultiChannel Interface Processor)
|
20.4
|
20.1
|
TRIP (Token Ring Interface Processor)
|
20.2
|
20.0
|
|
Second-generation Channel Interface Processor (CIP2) microcode was introduced in Release 11.0(10). |
Microcode Revision History (for Cisco 7000 Series Platforms)
This section describes each revision of microcode for Cisco 7000 series routers using a Route Processor/Silicon Switch Processor (RP/SSP) or Route Processor/Switch Processor (RP/SP) combination. The descriptions list the caveats that were fixed in each microcode revision.
This section does not describe RSP microcode.
For descriptions of each revision of RSP microcode, which is used with Cisco 7500 series routers and Cisco 7000 series routers using an RSP7000, see the next section, "Route Switch Processor (RSP) Microcode Revision History."
ATM Interface Processor (AIP) Microcode Revision Summary
AIP Microcode Version 10.9
Modification
AIP Microcode Version 10.9 adds the following:
AIP Microcode Version 10.10
Modification
AIP Microcode Version 10.10 fixes the following bug:
- Ethernet packets that are too short are sent by a Catalyst 5000 if a short packet originates on an FDDI ring and is routed to the Catalyst 5000 by a Cisco 7000 router via an Emulated LAN (ELAN). To work around, turn off fast switching (no ip route-cache) on the ATM interface on the Cisco 7000 router. [CSCdi41868]
AIP Microcode Version 10.11
Modification
AIP Microcode Version 10.11 fixes the following bug:
- With subinterfaces defined on ATM interfaces (AIP) and with the command atm pvc aal5mux ip under each subinterface, the PVCs may not show up in the active configuration (viewable using the write terminal command) after reload, and cause the PVCs to not come up. The only way to get the PVCs up is to issue a configure memory command. [CSCdi43387]
AIP Microcode Version 10.12
Modification
AIP Microcode Version 10.12 fixes the following bug:
- The AIP card of the Cisco 7000 series routers does not map the virtual path identifier/virtual channel identifier (VPI/VCI) pair used in an ATM connection unless the router is initiating the switched virtual circuit. [CSCdi32192]
AIP Microcode Version 10.13
Modification
AIP Microcode Version 10.13 fixes the following bug:
- Ping between the two routers fails intermittently with SMDS configuration. [CSCdi45807]
AIP Microcode Version 10.14
Modifications
AIP Microcode Version 10.14 fixes the following bugs:
- AIP sends out incorrect idle cells. [CSCdi48069]
- VINES encapsulation errors cause an AIP outhung condition. [CSCdi50568]
- Configuring the AIP microcode might cause a race condition to occur. [CSCdi54829]
- ATM fails when used on a Route Switch Processor (RSP). [CSCdi60561]
AIP Microcode Version 10.15
Modification
AIP Microcode Version 10.15 fixes the following bug:
- An error in the AIP microcode code introduced in aip177-2/rsp_aip205-2 causes a race condition in the microcode and causes commands from the RP/RSP to be rejected. When this happens, the following console messages are logged:
%ATM-3-FAILCREATEVC: ATM failed to create VC(VCD=1011, VPI=0, VCI=262) on Interface ATM5/0, (Cause of the failure: Failed to have the driver to accept the VC) %AIP-3-AIPREJCMD: Interface ATM5/0, AIP driver rejected Teardown VC command (error code 0x8000)
[CSCdi62445]
AIP Microcode Version 10.16
Modifications
AIP Microcode Version 10.16 fixes the following bugs:
- Bad SAP messages are received. [CSCdi67812]
- Online Insertion and Removal (OIR) events cause ATM traffic to be lost. [CSCdi66076]
AIP Microcode Version 10.17
Modifications
AIP Microcode Version 10.17 fixes the following bugs:
- Online Insertion and Removal (OIR) causes ATM to fail in Cisco 7507 routers. [CSCdi75659]
- The ATM Interface Processor (AIP) sometimes hangs. [CSCdi60941]
- The AIP microcode doesn't support configurable LBO settings. [CSCdi72800]
- The AIP sometimes fails to set up a DS3 scramble. [CSCdi57924]
Channel Interface Processor (CIP) Microcode Revision Summary
CIP Microcode Version 11.1
Modification
CIP Microcode Version 11.1 adds the following:
- Code to support the CIP offload feature.
CIP Microcode Version 11.2
CIP Microcode Version 11.2 was never released.
CIP Microcode Version 11.3
Modifications
CIP Microcode Version 11.3 fixes the following:
- When fast-switching IP packets that are less than 46 bytes long from the Ethernet interface, the Ethernet padding bytes will be switched in addition in the IP packet causing the hardware checksum to fail. A check needs to be made to see if the DMA transfer length is greater than the packet length; and if it is the case, the CIP needs to recalculate the checksum. [CSCdi39869]
- Under no- or low-traffic conditions, the no adapter command is not processed immediately. A subsequent add adapter command will be rejected. [CSCdi42301]
- When a shut or no shut command is issued, VTAM sends a close station request using a SAP handle. This is tried as an invalid service primitive. It is asserted. [CSCdi42560]
- When DLU close is performed, the message used to perform a RESET is not freed. As a result, the message pool is depleted and the router crashes. [CSCdi42725]
CIP Microcode Version 11.4
Modifications
CIP Microcode Version 11.4 fixes the following:
- CTA pools display crashes if no pools are allocated. [CSCdi43232]
- When running offload or CSNA, the halt processing might cause a request element to be queued twice. This can lead to messages about bad request code or unexpected type code. There is no workaround. [CSCdi44855]
CIP Microcode Version 21.3
Second-Generation Channel Interface Processor (CIP2) Microcode Revision Summary
Fast Ethernet Interface Processor (FEIP) Microcode Revision Summary
FEIP Microcode Version 10.1
Modifications
FEIP Microcode Version 10.1 includes the following:
- VPLD-20 FLEX load was integrated that addressed a CyBus direct memory access (DMA) problem, a CyBus parity problem, and a protocol control information (PCI) register timeout problem.
- The collision and deferred counters were fixed.
- Performance enhancements were introduced.
- ISL support was introduced.
FEIP Microcode Version 10.2
Modification
FEIP Microcode Version 10.2 fixes the following:
- A hardware manufacturing change affects margin timing. [CSCdi40448]
FEIP Microcode Version 10.3
Modification
FEIP Microcode Version 10.3 fixes the following bug:
- Serial interfaces that are down but not administratively disabled (downed) might periodically reset and display the error "8010 - disable fsip_reset." [CSCdi49431]
FEIP Microcode Version 10.4
Modifications
FEIP Microcode Version 10.4 fixes the following bugs:
- The FX port adapter is not supported.
- FEIP's keepalive will not detect line protocol down (disconnected cable) when configured for full duplex, so reliance on this feature to detect cable faults is inaccurate. The only known workaround is to periodically track successful transmissions and reception on the suspect interface. [CSCdi48337]
FEIP Microcode Version 10.5
Modifications
FEIP Microcode Version 10.5 fixes the following bugs:
- The FEIP MII interface fails to reset if there is OIR of another card in the router. [CSCdi82350]
- There is a failure of both ping and telnet to HSRP virtual addresses on Fast Ethernet. [CSCdi92485]
FEIP Microcode Version 10.6
Modifications
FEIP Microcode Version 10.6 fixes the following bugs:
- An internal error may occur on Cisco 7513 routers using FEIP:
"%DBUS-3-DBUS". [CSCdi92811]
- An active router resigns after receiving its own packet. [CSCdi93012]
FEIP Microcode Version 10.7
Modification
FEIP Microcode Version 10.7 fixes the following bugs:
- Enabling FEIP in RP/SP 7000 causes the error message "CBUS-3-INITERR with Error (8021)." [CSCdj14743]
Fast Serial Interface Processor (FSIP) Microcode Revision Summary
FSIP Microcode Version 10.11
Modifications
FSIP Microcode Version 10.11 fixes the following bugs:
- SDLC multidrops need the router to ignore DCD for high-end platforms. [CSCdi32813]
- A STUN error, cannot initial program load a 3725 using FSIP occurs. [CSCdi38317]
FSIP Microcode Version 10.12
Modification
FSIP Microcode Version 10.12 fixes the following bug:
- FSIP counts alarm signals hundreds or thousands more times than they actually occur. [CSCdi42881]
FSIP Microcode Version 10.13
Modification
FSIP Microcode Version 10.13 fixes the following bug:
- Serial interfaces that are down but not administratively disabled (downed) may periodically reset with error "8010 - disable fsip_reset." [CSCdi49431]
FSIP Microcode Version 10.14
FSIP Microcode Version 10.14 was never released.
FSIP Microcode Version 10.15
FSIP Microcode Version 10.15 was never released.
FSIP Microcode Version 10.16
Modifications
FSIP Microcode Version 10.16 fixes the following bugs:
- Using FSIP might cause a ciscoBus restart. [CSCdi58194]
- Transmitter-delay does not work on FSIP DCE interfaces. [CSCdi58196]
FSIP Microcode Version 10.17
FSIP Microcode Version 10.17 was never released.
FSIP Microcode Version 10.18
Modification
FSIP Microcode Version 10.18 fixes the following bug:
- In DCE mode, FSIP looks for DCD and DSR up before declaring the line UP. FSIP should only look for DCD. [CSCdi64735]
MultiChannel Interface Processor (MIP) Microcode Revision Summary
MIP Microcode Version 11.3
Modification
MIP Microcode Version 11.3 fixes the following bug:
- MIP select took forever. [CSCdi38132]
MIP Microcode Version 11.4
Modification
MIP Microcode Version 11.4 fixes the following bug:
- MIP drops packets in bursts. This fix makes the MIP buffer size smaller (from 1024 to 512), so fewer packed are lost if drops occur. [CSCdi38132]
MIP Microcode Version 11.5
Modification
MIP Microcode Version 11.5 fixes the following bug:
- Enhanced online insertion and removal (EOIR/OIR) is not supported. Note that the fix for this bug in MIP Microcode Version 20.4 requires the user to allow 15 seconds to elapse between OIR events to allow the system to stabilize. If the router contains multiple MIPs, additional time should be allowed between OIR events. [CSCdi46137]
Switch Processor (SP) Microcode Revision Summary
SP Microcode Version 10.13
Modifications
SP Microcode Version 10.13 fixes the following:
- IP packets sent to the HSRP virtual MAC address are not received if the packet is SNAP-encapsulated and the receiving interface is part of the ciscoBus or SP complex. [CSCdi39274]
- ISL classification support for FEIP was added.
SP Microcode Version 10.14
Modifications
SP Microcode Version 10.14 fixes the following:
- When the SSE IP TX packet counter overflows the low-order 16-bit value, and the TX byte counter does not overflow, the IP checksum and TTL adjust is performed on the wrong address, causing the generation of an IP checksum error at the next hop. [CSCdi42703]
- Crash in multibus I/O - address 0x1110C14C. [CSCdi46295]
SP Microcode Version 10.15
Modification
SP Microcode Version 10.15 fixes the following:
- Turning on ipx route-cache sse with microcode version SSP10-12 or SSP10-13 produces a mismatch between the frame length on odd-byte 802.3 IPX packets and the 802.3 length. Novell devices might not recognize these packets, resulting in communication timeouts.
The following three workarounds can be used:
- Turn off padding on process-switched packets via the command:
no ipx pad-process-switched-packets
- Configure the router for Autonomous Switching instead of SSE switching via the commands:
no ipx route-cache sse
ipx route-cache cbus
no ipx route-cache sse
[CSCdi42802, CSCdi45139, CSCdi46156]
Silicon Switch Processor (SSP) Microcode Revision Summary
SSP Microcode Version 10.13
Modifications
SSP Microcode Version 10.13 fixes the following:
- IP packets sent to the HSRP virtual MAC address are note received if the packet is SNAP-encapsulated and the receiving interface is part of the ciscoBus or SP complex. [CSCdi39274]
- ISL classification support for FEIP was added.
SSP Microcode Version 10.14
Modifications
SSP Microcode Version 10.14 fixes the following:
- When the SSE IP TX packet counter overflows the low-order 16-bit value, and the TX byte counter does not overflow, the IP checksum and TTL adjust is performed on the wrong address, causing the generation of an IP checksum error at the next hop. [CSCdi42703]
- Crash in multibus I/O - address 0x1110C14C. [CSCdi46295]
SSP Microcode Version 10.15
Modification
SSP Microcode Version 10.15 fixes the following:
- Turning on ipx route-cache sse with microcode version SSP10-12 or SSP10-13 produces a mismatch between the frame length on odd-byte 802.3 IPX packets and the 802.3 length. Novell devices might not recognize these packets, resulting in communication timeouts.
The following three workarounds can be used:
- Turn off padding on process-switched packets via the command:
no ipx pad-process-switched-packets
- Configure the router for Autonomous Switching instead of SSE switching via the commands:
no ipx route-cache sse
ipx route-cache cbus
no ipx route-cache sse
[CSCdi42802, CSCdi45139, CSCdi46156]
Token Ring Interface Processor (TRIP) Microcode Revision Summary
TRIP Microcode Version 10.3
Modifications
TRIP Microcode Version 10.3 fixes the following:
- The DMA engine appears to "clock in" the memd address an extra time or increment the memd address an extra time.
- Transmit frames in which the prototype access control byte is invalid (bit 0x10 set) need to be handled. This fix ignores such frames.
- A SpyGlass problem causes adapter checks.
TRIP Microcode Version 10.4
Modification
TRIP Microcode Version 10.4 fixes the following:
- A SpyGlass problem causes the command queue to the SpyGlass to overflow. The symptom of this problem is a "ctrucheck" at location 0x925 in trip10-3.
Route Switch Processor (RSP) Microcode Revision History
This section describes each revision of RSP microcode, which is used with Cisco 7500 series routers and Cisco 7000 series routers using an RSP7000. The descriptions list the caveats that were fixed in each microcode revision.
For descriptions of each revision of microcode for Cisco 7000 series routers using a Route Processor/Silicon Switch Processor (RP/SSP) or Route Processor/Switch Processor (RP/SP) combination, see the previous section, "Microcode Revision History (for Cisco 7000 Series Platforms)."
ATM Interface Processor (AIP) Microcode Revision Summary
AIP Microcode Version 20.2
Modifications
AIP Version 20.2 fixes the following bugs:
- The AIP should set the OAM cell length to 56 bytes.
- The AIP rejects cells with a congestion experienced bit set.
- Initial JT2 PLIM support was added.
AIP Microcode Version 20.3
Modification
AIP Version 20.3 fixes the following bug:
- Ethernet packets that are too short are sent by a Catalyst 5000 if a short packet originates on an FDDI ring and is routed to the Catalyst 5000 by a Cisco 7000 router via an Emulated LAN (ELAN). To work around, turn off fast switching (no ip route-cache) on the ATM interface on the Cisco 7000 router. [CSCdi41868]
AIP Microcode Version 20.4
Modification
AIP Version 20.4 fixes the following bug:
- With subinterfaces defined on ATM interfaces (AIP) and with the command atm pvc aal5mux ip under each subinterface, the PVCs may not show up in the active configuration (viewable using the write terminal command) after reload, and cause the PVCs to not come up. The only way to get the PVCs up is to issue a configure memory command. [CSCdi43387]
AIP Microcode Version 20.5
Modification
AIP Version 20.5 fixes the following bug:
- The AIP card of the Cisco 7000 series routers does not map the virtual path identifier/virtual channel identifier (VPI/VCI) pair used in an ATM connection unless the router is initiating the switched virtual circuit. [CSCdi32192]
AIP Microcode Version 20.6
Modification
AIP Version 20.6 fixes the following bug:
- Ping between the two routers fails intermittently with SMDS configuration. [CSCdi45807]
AIP Microcode Version 20.7
Modifications
AIP Version 20.7 fixes the following bugs:
- AIP sends out incorrect idle cells. [CSCdi48069]
- VINES encapsulation errors cause an AIP outhung condition. [CSCdi50568]
- Configuring the AIP microcode might cause a race condition to occur. [CSCdi54829]
- ATM fails when used on a Route Switch Processor (RSP). [CSCdi60561]
AIP Microcode Version 20.8
Modification
AIP Microcode Version 20.8 fixes the following bug:
- An error in the AIP microcode code introduced in aip177-2/rsp_aip205-2 causes a race condition in the microcode and causes commands from the RP/RSP to be rejected. When this happens, the following console messages are logged:
%ATM-3-FAILCREATEVC: ATM failed to create VC(VCD=1011, VPI=0, VCI=262) on Interface ATM5/0, (Cause of the failure: Failed to have the driver to accept the VC) %AIP-3-AIPREJCMD: Interface ATM5/0, AIP driver rejected Teardown VC command (error code 0x8000)
[CSCdi62445]
AIP Microcode Version 20.9
Modifications
AIP Microcode Version 20.9 fixes the following bugs:
- Bad SAP messages are received. [CSCdi67812]
- ATM traffic is lost with Online Insertion and Removal (OIR) events. [CSCdi66076]
AIP Microcode Version 20.10
Modifications
AIP Microcode Version 20.10 fixes the following bugs:
- Online Insertion and Removal (OIR) causes ATM to fail in Cisco 7507 routers. [CSCdi75659]
- The ATM Interface Processor (AIP) sometimes hangs. [CSCdi60941]
- The AIP microcode doesn't support configurable LBO settings. [CSCdi72800]
- The AIP sometimes fails to set up a DS3 scramble. [CSCdi57924]
Channel Interface Processor (CIP) Microcode Revision Summary
CIP Microcode Version 21.2
Modifications
CIP Microcode Version 21.2 fixes the following:
- CTA pools display crashes if no pools are allocated. [CSCdi43232]
- When running offload or CSNA, the halt processing might cause a request element to be queued twice. This can lead to messages about bad request code or unexpected type code. There is no workaround. [CSCdi44855]
CIP Microcode Version 21.3
Modifications
CIP Microcode Version 21.3 fixes the following:
- VTAM flow request displays the message, "CSNA code does not recognize 0x0d50, Flow Request from VTAM." [CSCdi45035]
- If the host sends a CLAW disconnect message to a link that has already been disconnected and that CLAW connection has a different link that is connected, the CIP will cause the static route for the CLAW connection to be removed. Older versions of Interlink (2.1) and IBM TCPIP V2 behave in this manner.
The router shows that the CLAW connection is connected (via the show extended channel slot/port statistics command), but the static route is removed. [CSCdi45752]
- When status is pending on initial connection, the pending status is not flushed. This results in owed status being suppressed. On CSNA connections this causes data transfer to stop and VTAM or the Missing Interrupt Handler detects an operation as taking too long. [CSCdi46037]
- All active connections cannot be moved from an internal LAN adaptor to another by varying the subchannel off the XCA major node. [CSCdi47267]
CIP Microcode Version 21.4
Modifications
CIP Microcode Version 21.4 fixes the following:
- HOB hub terminals expect an RR to be sent after the SABME is sent. This is not required by the 802.2 standard. After the HOB sends a SABME to the CIP LLC stack, the CIP LLC stack should respond with an RR and then assume that the terminal is in normal transfer mode. [CSCdi45083]
- Running MVS V=R in a VM/XA guest machine with a PCA, the mainframe channel generates an interface disconnect in the middle of command chaining when it reaches an invalid CCW. If multiple devices are active on the PCA, this may result in an SCB_CHAIN error. The only workaround for the SCB_CHAIN error is to not run in this configuration. [CSCdi49057]
CIP Microcode Version 21.5
Modifications
CIP Microcode Version 21.5 fixes the following:
- fbls are lost on XCA node activation. [CSCdi51452]
- Restarting TCP/IP on a mainframe while data is moving through an offload connection can crash the CIP. The result is a fatal error dump. The problem can be avoided by shutting down TCP/IP, (thus closing all open sockets and connections) before restarting. [CSCdi51859]
- CSNA hangs on shutdown. [CSCdi53138]
CIP Microcode Version 21.6
CIP Microcode Version 21.6 was never released.
CIP Microcode Version 21.7
Modifications
CIP Microcode Version 21.7 fixes the following:
- When a single offload device is configured and active on an interface and no other devices are active on the interface, it is possible for the offload interface to stop processing channel requests and to stop processing packets. When this occurs on a Cisco 7500 series router, the message "RSP-3-RESTART: ... output hung ..." occurs. The CIP will not restart. A microcode reload command or a reload of the router is required to clear this condition. [CSCdi55044]
- The router crashes if it is configured for too many LLC connections. To workaround, run 256 connections or less. [CSCdi57348]
- If a shut / no shut command sequence is preformed while running CSNA under high traffic conditions and the buffer pool is depleted, the router may crash. [CSCdi57356]
- Under certain conditions, the File Transfer Protocol (FTP) server on VM or MVS stops functioning if the offload device returns an invalid return code to a particular socket request to receive data. This return code also generates a traceback in the TCPIP logs for TCPIP for VM and MVS. The offload device no longer returns this invalid return code. [CSCdi61870]
CIP Microcode Version 21.8
Modification
CIP Microcode Version 21.8 fixes the following:
- A router running CSNA that is in the process of bringing up a session or is in data transfer phases might experience a problem wherein VTAM deactivates all active sessions and displays the error message "INOP RECEIVED FOR XXXXXXXX code = 02." [CSCdi64229]
CIP Microcode Version 21.9
Modifications
CIP Microcode Version 21.9 fixes the following:
- If the router switches a packet to the CIP for the virtual port adapter (such as interface channel slot/2) using the wrong virtual circuit number, the CIP crashes. Before the fatal error dump you will see this error message:
%CIP5-3-MSG: %CONFIG-3-WRONGINT: VCN 0(0000) not for port adapter 2
[CSCdi61532]
- On a CIP2 (hardware revision 5.x) with CSNA and TCP Offload both in use, TCP sessions could drop out randomly with the remote client appearing to have requested disconnect. [CSCdi63044]
- On rare occasions if CIP gets a packet greater than 4k from an RP or RSP, the CIP might stop functioning properly and might eventually crash, and indicate fatal errors. The following message may appear:
CLAW-6-TOOBIG: 4352 byte IP datagram exceeds CLAW MTU for device
The workaround is to reload the router. [CSCdi64874]
- If the router is running IP datagram and a number of Selective Resets are issued to a CLAW connection, that CLAW connection may eventually hang. One indication that this is occurring is that the CLAW connection state is "Y," but every packet from the router to the CIP is dropped, as viewed by the Read Block Dropped counter seen from a show extended channel slot/port statistics command. A microcode reload is required to clear the problem. [CSCdi65099]
- Whenever more the one device is configured on a CIP interface, it is possible for those devices to stop accepting data from the mainframe. For CLAW type devices, this only prevents data from being received from the host. For CSNA type devices, this prevents traffic from flowing into or out of the host.
A microcode reload is required to recover from the problem. [CSCdi66108]
CIP Microcode Version 21.11
Modifications
CIP Microcode Version 21.11 fixes the following:
- Statically allocated arrays in SRAM need to be malloced. [CSCdi53816]
- A crash occurs at _setsockopt with Concurrent CSNA and Offload. [CSCdi39888]
- No signal is sent to VTAM when Adapter# is removed from CSNA Internal LAN. [CSCdi64700
- EADDRINUSE error occurs when multiple servers bind to the same port. [CSCdi69082]
- CIP occasionally spins for 5 seconds when executing IPC server code. [CSCdi69724]
- After an RSP router reload, the CIP crashes once before loading successfully. [CSCdi71343]
- CIP2 resets with a fatal error 35 in ipc_send_cbus or in ipc_send_rpc_reply. [CSCdi70633]
- ESCON Link level errors could cause CIP to hang. [CSCdi69548]
- There are insufficient diagnostics for the ESCON port adapter. [CSCdi71938]
- There is no ability to put individual sub-channels in command retries. [CSCdi45356]
- CSNA times out while running CSNA and TCPIP concurrently. [CSCdi71177]
CIP Microcode Version 21.12
CIP Microcode Version 21.12 was never released. The following problems were fixed in Version 21.12. These fixes are included in CIP Microcode Version 21.13 as well.
- Lost CTA buffers cause subchannels to be reset. [CSCdi73007]
- No support exists for new CPU and DMA measurements. [CSCdi73018]
- CSNA BFR deadlocks might occur when BFRs near depletion. [CSCdi73034]
- The information message for 1-byte pads repeats when in loopback mode. [CSCdi73237]
- Sometimes there is not enough memory to handle a new socket. [CSCdi74628]
- The CIP sends LLC DISC Polls with the LLC Response bit set. [CSCdi67354]
- A CIP Fatal Error 15 occurs after a shutdown is issued on the channel interface. [CSCdi74491]
- When the value of RXCURR is greater than RXHIGH, the CIP interface buffer counter is corrupted. [CSCdi75138]
- A fatal error might occur when the CIP performs multiple mgets. [CSCdi75396]
- There is an invalid disable adapter indication. [CSCdi75070]
- Offload crashes when receiving from a closed socket. [CSCdi72208]
- On the CIP console, mbstat shows random values for global pages in_use. [CSCdi77481]
- A TN3270 server file transfer error can occur if an SNMP query is sent to the CIP. [CSCdi77480]
- A CIP fatal error occurs during high rates of session teardown. [CSCdi77248]
- Offload drops packets larger than CLAW read frame size. [CSCdi77029]
CIP Microcode Version 21.13
Modifications
CIP Microcode Version 21.13 fixes the following:
- A memory leak can occur when Offload quits. [CSCdi78569]
CIP Microcode Version 21.14
Modifications
CIP Microcode Version 21.14 fixes the following:
- OIR in a router with a CIP card can cause CIP statistics to not be reported. [CSCdi58895]
- An incorrect packet length is received from the ssi_msg_concat process, if the target has multiple mbufs. [CSCdi68808]
- The CTA Inactive Timer might pop while CSNA traffic is in progress. [CSCdi74726]
- PCA doesn't respond to GO_OFFLINE messages if sending ELP interrupts. [CSCdi77139]
- A fatal error can occur in drain_port during memory display. [CSCdi78520]
- The Offload function needs to close all sockets when an API link is disconnected. [CSCdi78638]
- All SNA sessions might fail with the CIP CSNA fatal error (code = 09). [CSCdi79267]
- CIP CPU percent sliding averages might be inaccurate. [CSCdi79798]
- The Offload read task hangs when sending too much data on an IP link. [CSCdi80263]
- The new errmsg usage does not work with C++ files. [CSCdi81126]
- Sometimes there is a crash in the inp_hash_unassign process. [CSCdi82181]
- TCP sessions might hang when a pseudo header checksum = 0xffff. [CSCdi83308]
- Softclock processing is incorrect if timeout/untimeout next entry. [CSCdi83700]
- A length field corruption, %OFFL-3-ILLEN, might occur when running OFFLOAD. [CSCdi83886]
- You might get the error "CBUS-3-INITERR:.. Error (8034).." after a BADFIFO error on a CIP card. [CSCdi85216]
- The function which forces BPT lacks a delay parameter. [CSCdi87535]
CIP Microcode Version 21.15
Modifications
CIP Microcode Version 21.15 fixes the following:
- Using the offload command uses more storage control blocks than it should. [CSCdi41087]
- A fatal error (code=35) occurs when the channel is very busy. [CSCdi75485]
- Need ability to stop tracing during offload protocol errors. [CSCdi88393]
- The CIP IP datagram needs additional buffers in order to pass a large amount of routes. [CSCdj03799]
CIP Microcode Version 21.16
Modifications
CIP Microcode Version 21.16 fixes the following:
- The trace route function from the host does not work. [CSCdi52947]
- A corrupt purge socket from the host could erase the wrong socket. [CSCdi64196]
- While running the offload command, the following messages may appear:
%OFFL-4-BADDESC
%OFFL-4-BADPURGE
[CSCdi84662]
- Using the claw or offload commands 129 times may result in a fatal error. [CSCdi86777]
- Using the offload commands will send a UDP packet with zero checksum. [CSCdj05102]
- A bad socket request results in an alignment error in get_offl_msg. [CSCdj13586]
CIP Microcode Version 21.17
Modifications
CIP Microcode Version 21.17 fixes the following:
- Requesting more than the Highest Concurrent LLC2 results in a FATAL_ERROR message. [CSCdi84818]
- Replacing delay with tsend(). [CSCdi87227]
- CIP sends FRMR after incorporating a frame while 3172 does not. [CSCdj06243]
- CIP crash in tmr_service_chain running CSNA and TN3270s. [CSCdj11140]
- There is corrupt data over PCA when using IOS390 stack. [CSCdj13880]
- There is an SSI_ASSERT failure in ../cta802/ccb802.c @ 378. [CSCdj14956]
- While running the offload command, the following messages may appear:
%OFFL-4-BADDESC
%OFFL-3-HEX
[CSCdj15521]
- Data through channel (CIP) between VTAM-to-VTAM leads to blocked VRs. [CSCdj17412]
- An alignment error exists in get_offl_msg. [CSCdj17843]
- ESCON adapter reports device error for an inactive device. [CSCdj21031]
CIP Microcode Version 21.18
Modifications
CIP Microcode Version 21.18 fixes the following:
- CIP offload reset after "CCA-0-BSQ_FULL: Buffer status queue is full" message. [CSCdj25040]
- CIP crash in get_lifo_safe, global page queue contains 0x00000100. [CSCdj25062]
CIP Microcode Version 21.19
Modifications
CIP Microcode Version 21.19 fixes the following:
- "MSG802-6-LLC_DUP_SAP" errors occur after channel shutdown. [CSCdj26081]
- CIP crash in get_lifo_safe, global page queue contains 0x00010001. [CSCdj30387]
- CIP crash with code=09 and SSI_ASSERT fail. [CSCdj30949]
- Problem in handling slowdown from VTAM while VTAM is being shutdown. [CSCdj38712]
- The cta clear cip console command hangs CIP. [CSCdj38818]
- Fix cache bugs exposed by eno cache checker. [CSCdj39061]
- CSNA should stop responding to TEST when XCA is inactivated. [CSCdj41342]
- Added dynamic window. [CSCdj41513]
- Added check for llc show_ccb routine. [CSCdj41609]
- Filter traps by class. [CSCdj42339]
- llc_fsm, llc_err trace bits override default in ccb802.c. [CSCdj48522]
- The offlstat command does not find CUADD != 0. [CSCdj48579]
- Cannot establish Cisco 4000 connections. [CSCdj51067]
- New ESCON adapter code. Fixes Data request count problem. [CSCdj51076]
- CSNA nodes/connections go inop - cache problem. [CSCdj51725]
- Make cannot find gcc utility compiler. [CSCdj52507]
- Removed LLC_REAL from LLC_GRP. [CSCdj52509]
CIP Microcode Version 21.20
Modifications
CIP Microcode Version 21.20 fixes the following:
- CSCdi89523 overreacts to IBM APAR PQ02051. [CSCdj31238]
- CIP crashes with a fatal error (code=35) and an "interface output stuck" message. [CSCdj52480]
- CIP reported a "BSQ-0-SCB_CHAIN: Read SCB chain is out of sequence" error message. [CSCdj61319]
- A fatal error occurred in the IP Input task when running Offload or the TN3270 server. [CSCdj63361
- Offload could run out of memory when receiving bad CLAW frames. [CSCdj64309]
- IP options lead to bad transport layer checksum. [CSCdj65535]
- CIP crashed with a code 9 and an "SSI_ASSERT failure in ../ssi/ssi_buff.c" error message. [CSCdj69281]
- Offload's restart request is invalid. [CSCdj69527]
- Softclock is confused by negative timeouts. [CSCdj72646]
CIP Microcode Version 21.21
Modifications
CIP Microcode Version 21.21 fixes the following:
- An Offload crash occurred in setup_new_socket because there are no available mbufs. [CSCdj12754]
- The "RSP-3-RESTART Ch x/2 output stuck" error occurred. [CSCdj80253]
- Offload initialization fails with a SIOCC 2 condition (reported to VM console). Pending DE is not returned following CANCEL rsp to Cmd Retry. [CSCdj80886]
- CSNA failed to send a disconnect when the indication buffer was in use. [CSCdj82785]
- The link timeout has been increased to 800 ms in order to avoid some LOGDATA occurrences. [CSCdj84218]
CIP Microcode Version 21.22
Modifications
CIP Microcode Version 21.22 fixes the following:
- CIP responds to TEST with no SAP being active. [CSCdj80925]
- CIP-offload was not setting the more-to-come bit correctly. [CSCdj88636]
- Dropped Blocks counter was not incrementing correctly. [CSCdk02058]
- Added flowoff support and RIF information. [CSCdk07022]
- CIP crashed and displayed the error message: %SSI802-3-FATAL_ERROR & %DEBUGG. [CSCdk12245]
Second-Generation Channel Interface Processor (CIP2) Microcode Revision Summary
Ethernet Interface Processor (EIP) Microcode Revision Summary
EIP Microcode Version 20.1
Modification
EIP Microcode Version 20.1 fixes the following bug:
- Use of the Hot Standby Router Protocol (HSRP) in heavy traffic situations can cause "RSP-3-ERROR" reports and ciscoBus resets. [CSCdi46654]
EIP Microcode Version 20.2
Modification
EIP Microcode Version 20.2 fixes the following bug:
- Version 1.6 Rev C0 EIP cards may cause cache parity errors on all Cisco 7500 series and RSP7000 systems. The cache parity errors may cause system reloads. The hardware revision and version can be determined from a show diag output. [CSCdi52082]
EIP Microcode Version 20.3
Modification
EIP Microcode Version 20.3 fixes the following bug:
- A bad R4600 processor causes router crashes with errors such as XBUFHDR errors, INVRTN errors, and GETBUF errors. [CSCdi75404]
Fast Ethernet Interface Processor (FEIP) Microcode Revision Summary
FEIP Microcode Version 20.2
Modification
FEIP Microcode Version 20.2 fixes the following bug:
- Serial interfaces that are down but not administratively disabled (downed) might periodically reset and display the error "8010 - disable fsip_reset." [CSCdi49431]
FEIP Microcode Version 20.3
Modifications
FEIP Microcode Version 20.3 fixes the following bugs:
- The FX port adapter is not supported.
- FEIP's keepalive will not detect line protocol down (disconnected cable) when configured for full duplex, so reliance on this feature to detect cable faults is inaccurate. The only known workaround is to periodically track successful transmissions and reception on the suspect interface. [CSCdi48337]
FEIP Microcode Version 20.4
Modifications
FEIP Microcode Version 20.4 fixes the following bugs:
- The FEIP MII interface fails to reset if there is OIR of another card in the router. [CSCdi82350]
- There is a failure of both ping and telnet to HSRP virtual addresses on FastEthernet. [CSCdi92485]
FEIP Microcode Version 20.5
Modifications
FEIP Microcode Version 20.5 fixes the following bugs:
- An internal error may occur on Cisco 7513 routers using FEIP:
"%DBUS-3-DBUS". [CSCdi92811]
- An active router resigns after receiving its own packet. [CSCdi93012]
FEIP Microcode Version 20.6
Modification
FEIP Microcode Version 20.6 fixes the following bugs:
- Enabling FEIP in RP/SP 7000 causes the error message "CBUS-3-INITERR with Error (8021." [CSCdj14743]
Fast Serial Interface Processor (FSIP) Microcode Revision Summary
FSIP Microcode Version 20.2
Modifications
FSIP Microcode Version 20.2 fixes the following bugs:
- When using the X.21 protocol, DTE devices erroneously send data when Control is OFF. [CSCdi45512]
- Using FSIP might cause a ciscoBus restart. [CSCdi58194]
- Transmitter-delay does not work on FSIP DCE interfaces. [CSCdi58196]
FSIP Microcode Version 20.3
FSIP Microcode Version 20.3 was never released.
FSIP Microcode Version 20.4
Modifications
FSIP Microcode Version 20.4 fixes the following bugs:
- Serial interfaces may occasionally show the following symptom when the interface cable is changed or the remote end dies and comes back:
PC2PR2#
show interface s 4/1
Serial4/1 is down, line protocol is down
Hardware is cyBus Serial.
0 output buffer failures, 0 output buffers swapped out 0 carrier transitions
RTS up, CTS up, DTR up, DCD up, DSR up
Note that router reload is not necessary; two workarounds are known. If the first workaround is not successful at bringing up the interface, try the second.
- This workaround was discovered while attempting to observe this problem. It can permit the problem interface to be bought on line without resetting every interface in the ciscoBus complex.
Enter the ciscoBus test mode and select the interface having the problem. Read a portion of the interface processor memory.
This example is for an FSIP interface at 2/0:
RSP diagnostic console program
Enter slot number: [0x0]: 2
Enter interface number: [0x0]:
Command queue for slot 2 is 0x12. CCB is 0xFF50
Enter FSIP Mem starting address [0x0]:
Enter FSIP Mem ending address [0x20000]: 0x20
FSIP Mem 00000: 0001 FFFC
FSIP Mem 00004: 0000 01C6
FSIP Mem 00008: 0000 049A
FSIP Mem 0000C: 0000 049A
FSIP Mem 00010: 0000 049A
FSIP Mem 00014: 0000 049A
FSIP Mem 00018: 0000 049A
FSIP Mem 0001C: 0000 049A
FSIP Mem 00020: 0000 049A
This example is for the HIP at 1/0:
RSP diagnostic console program
Enter slot number: [0x2]: 1
Enter interface number: [0x0]:
Command queue for slot 1 is 0x11. CCB is 0xFF40
Enter IP Mema starting address [0x0]:
Enter IP Mema ending address [0x10000]: 0x20
IP Mema 0000: 7FA2 7FA0 7FA4 0044 0005 0000 0000 0000
IP Mema 0008: 0000 0098 00D0 0080 0032 0000 0000 0000
IP Mema 0010: FFFF 0001 0000 0003 0000 7EA0 7E98 7E90
IP Mema 0018: 0000 0000 0000 0000 0000 0003 0000 00DD
- This workaround will reset all the interfaces in the ciscoBus complex.
ramki_7500(config)#
microcode reload
[CSCdi57573]
- In DCE mode, FSIP looks for DCD and DSR up before declaring the line UP. FSIP should only look for DCD. [CSCdi64735]
FSIP Microcode Version 20.5
Modifications
FSIP Microcode Version 20.5 fixes the following bugs:
- Serial interfaces stay line down when the remote side toggles. [CSCdi57573]
- FSIP sometimes gets lost from the chassis during OIR of a VIP2. [CSCdi73130]
FSIP Microcode Version 20.6
Modification
FSIP Microcode Version 20.6 fixes the following bugs:
- Transmitter-Delay does not work. [CSCdi72431]
Modification
FSIP Microcode Version 20.8 fixes the following bugs:
- The "CBUS-3-CMDTIMEOUT" error message causes FSIP to vanish. [CSCdj00013]
FSIP Microcode Version 20.7
Modification
FSIP Microcode Version 20.8 fixes the following bugs:
- The "RSP-3-IP_PANIC" error message causes interface resets and buffer misses. [CSCdi78086]
HSSI Interface Processor (HIP) Microcode Revision Summary
HIP Microcode Version 20.2
Modification
HIP Microcode Version 20.2 fixes the following bug:
- When HIP is in the router, OIR of any card causes problems. [CSCdj21227]
MultiChannel Interface Processor (MIP) Microcode Revision Summary
MIP Microcode Version 20.3
Modification
MIP Microcode Version 20.3 fixes the following bug:
- MIP drops packets in bursts. [CSCdi46383]
MIP Microcode Version 20.4
Modification
MIP Microcode Version 20.4 fixes the following bug:
- Enhanced online insertion and removal (EOIR/OIR) is not supported. Note that the fix for this bug in MIP Microcode Version 20.4 requires the user to allow 15 seconds to elapse between OIR events to allow the system to stabilize. If the router contains multiple MIPs, additional time should be allowed between OIR events. [CSCdi46137]
Token Ring Interface Processor (TRIP) Microcode Revision Summary
TRIP Microcode Version 20.1
Modifications
TRIP Microcode Version 20.1 fixes the following:
- A SpyGlass problem causes the command queue to the SpyGlass to overflow. The symptom of this problem is a "ctrucheck" at location 0x79b in rsp_trip20-0.
- The DMA engine appears to "clock in" the memd address an extra time or increment the memd address an extra time.
- With transmit frames, the prototype Access Control byte is invalid (bit 0x10 is set).
Cisco Connection Online
Cisco Connection Online (CCO) is Cisco Systems' primary, real-time support channel. Maintenance customers and partners can self-register on CCO to obtain additional information and services.
Available 24 hours a day, 7 days a week, CCO provides a wealth of standard and value-added services to Cisco's customers and business partners. CCO services include product information, product documentation, software updates, release notes, technical tips, the Bug Navigator, configuration notes, brochures, descriptions of service offerings, and download access to public and authorized files.
CCO serves a wide variety of users through two interfaces that are updated and enhanced simultaneously: a character-based version and a multimedia version that resides on the World Wide Web (WWW). The character-based CCO supports Zmodem, Kermit, Xmodem, FTP, and Internet e-mail, and it is excellent for quick access to information over lower bandwidths. The WWW version of CCO provides richly formatted documents with photographs, figures, graphics, and video, as well as hyperlinks to related information.
You can access CCO in the following ways:
For a copy of CCO's Frequently Asked Questions (FAQ), contact cco-help@cisco.com. For additional information, contact cco-team@cisco.com.
Note If you are a network administrator and need personal technical assistance with a Cisco
product that is under warranty or covered by a maintenance contract, contact Cisco's Technical
Assistance Center (TAC) at 800 553-2447, 408 526-7209, or tac@cisco.com. To obtain general
information about Cisco Systems, Cisco products, or upgrades, contact 800 553-6387,
408 526-7208, or cs-rep@cisco.com.
Documentation CD-ROM
Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM, a member of the Cisco Connection Family, is updated monthly. Therefore, it might be more current than printed documentation. To order additional copies of the Documentation CD-ROM, contact your local sales representative or call customer service. The CD-ROM package is available as a single package or as an annual subscription. You can also access Cisco documentation on the World Wide Web at http://www.cisco.com, http://www-china.cisco.com, or http://www-europe.cisco.com.
If you are reading Cisco product documentation on the World Wide Web, you can submit comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco. We appreciate your comments.
Posted: Fri Oct 3 23:03:39 PDT 2003
All contents are Copyright © 1992--2003 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.