Guest

Cisco uBR7200 Series Universal Broadband Routers

Release Notes for Cisco uBR7200 Series for Cisco IOS Release 12.3 BC

  • Viewing Options

  • PDF (2.8 MB)
  • Feedback
Release Notes for Cisco uBR7200 Series for Cisco IOS Release 12.3BC

Table Of Contents

Release Notes for Cisco uBR7200 Series for Cisco IOS Release 12.3BC

Contents

Introduction

Cisco uBR7200 Series Universal Broadband Routers

Cisco uBR7246VXR Universal Broadband Router

Cisco uBR7246 Universal Broadband Router

Cisco uBR7223 Universal Broadband Router

Cisco uBR7200 Series Universal Broadband Router Overview

Early Deployment Releases

Supported Features

System Requirements

Memory Recommendations

DOCSIS System Interoperability on the Cisco uBR7246VXR CMTS

DOCSIS 1.0 Baseline Privacy

Cable Modem Interoperability

DOCSIS 1.0 and 1.0+ Extensions

DOCSIS 1.1 Extensions

Additional Cable Modem Interoperability

Supported Hardware

Network Processing Engines

I/O Controllers

Cable Interface Line Cards

Port Adapter Cards

Determining Your Software Release

Upgrading to a New Software Release

Feature Support

New and Changed Information

New Hardware Features in Cisco IOS Release 12.3(23)BC10

New Software Features in Cisco IOS Release 12.3(23)BC10

New Hardware Features in Cisco IOS Release 12.3(23)BC9

New Software Features in Cisco IOS Release 12.3(23)BC9

Open Source Software Licenses for Cisco Universal Broadband Routers

New Hardware Features in Cisco IOS Release 12.3(21a)BC9

New Software Features in Cisco IOS Release 12.3(21a)BC9

New Hardware Features in Cisco IOS Release 12.3(21a)BC9

New Software Features in Cisco IOS Release 12.3(21a)BC9

New Hardware Features in Cisco IOS Release 12.3(23)BC8

New Software Features in Cisco IOS Release 12.3(23)BC8

New Hardware Features in Cisco IOS Release 12.3(23)BC7

New Software Features in Cisco IOS Release 12.3(23)BC7

Enhanced Show Tech

Cable Modem QoS Information

Direct Load for Cable Modems

Three Step Dynamic Modulation

New Hardware Features in Cisco IOS Release 12.3(23)BC6

New Software Features in Cisco IOS Release 12.3(23)BC6

New Hardware Features in Cisco IOS Release 12.3(23)BC5

New Software Features in Cisco IOS Release 12.3(23)BC5

New Hardware Features in Cisco IOS Release 12.3(23)BC4

New Software Features in Cisco IOS Release 12.3(23)BC4

New Hardware Features in Cisco IOS Release 12.3(21a)BC8

New Software Features in Cisco IOS Release 12.3(21a)BC8

New Hardware Featues in Cisco IOS Release 12.3(23)BC3

New Software Features in Cisco IOS Release 12.3(23)BC3

New Hardware Features in Cisco IOS Release 12.3(23)BC2

New Software Features in Cisco IOS Release 12.3(23)BC2

Subscriber Traffic Management Version 1.2

Upstream Utilization Optimization

New Hardware Features in Cisco IOS Release 12.3(21a)BC7

New Software Features in Cisco IOS Release 12.3(21a)BC7

New Hardware Features in Cisco IOS Release 12.3(23)BC1

New Software Features in Cisco IOS Release 12.3(23)BC1

PacketCable Subscriber ID Support

New Hardware Features in Cisco IOS Release 12.3(21a)BC6

New Software Features in Cisco IOS Release 12.3(21a)BC6

New Hardware Features in Cisco IOS Release 12.3(21a)BC5

New Software Features in Cisco IOS Release 12.3(21a)BC5

New Hardware Features in Cisco IOS Release 12.3(23)BC

DOCSIS Timing & Control Card (DTCC)

New Software Features in Cisco IOS Release 12.3(23)BC

New Hardware Features in Cisco IOS Release 12.3(21a)BC4

New Software Features in Cisco IOS Release 12.3(21a)BC3

New Hardware Features in Cisco IOS Release 12.3(21a)BC3

New Software Features in Cisco IOS Release 12.3(21a)BC3

Control Point Discovery (CPD)

New Hardware Features in Cisco IOS Release 12.3(21a)BC2

New Software Features in Cisco IOS Release 12.3(21a)BC2

New Hardware Features in Cisco IOS Release 12.3(21a)BC1

New Software Features in Cisco IOS Release 12.3(21a)BC1

New Hardware Features in Cisco IOS Release 12.3(21)BC

New Software Features in Cisco IOS Release 12.3(21)BC

Automatic Virtual Interface Bundles

Cable DHCP Enhancements

Cable Duplicate MAC Address Reject

PacketCable Client Accept Timeout

Per Downstream Static Multicast

SAMIS Source Address Management

Service Flow Admission Control

New Hardware Features in Cisco IOS Release 12.3(17b)BC9

New Software Features in Cisco IOS Release 12.3(17b)BC9

New Hardware Features in Cisco IOS Release 12.3(17b)BC8

New Software Features in Cisco IOS Release 12.3(17b)BC8

New Hardware Features in Cisco IOS Release 12.3(17b)BC7

New Software Features in Cisco IOS Release 12.3(17b)BC7

New Hardware Features in Cisco IOS Release 12.3(17b)BC6

New Software Features in Cisco IOS Release 12.3(17b)BC6

New Hardware Features in Cisco IOS Release 12.3(17b)BC5

New Software Features in Cisco IOS Release 12.3(17b)BC5

New Hardware Features in Cisco IOS Release 12.3(17b)BC4

New Software Features in Cisco IOS Release 12.3(17b)BC4

Downstream Load Balancing Distribution with Upstream Load Balancing

New Hardware Features in Cisco IOS Release 12.3(17b)BC3

New Software Features in Cisco IOS Release 12.3(17b)BC3

New Hardware Features in Cisco IOS Release 12.3(17a)BC2

New Software Features in Cisco IOS Release 12.3(17a)BC2

Advanced-Mode DOCSIS Set-Top Gateway Issue 1.2

DOCSIS1.0 ToS Overwrite

New Hardware Features in Cisco IOS Release 12.3(17a)BC1

New Software Features in Cisco IOS Release 12.3(17a)BC1

New Hardware Features in Cisco IOS Release 12.3(17a)BC

New Software Features in Cisco OS Release 12.3(17a)BC

Cable Monitor Enhancements

Configurable Leasequery Server

Dynamic Channel Change (DCC) for Load Balancing

DOCSIS 2.0 SAMIS ECR Data Set

DSX Messages and Synchronized PHS Information

High Availability Support for Encrypted IP Multicast

IPv6 over L2VPN

Management Information Base (MIB) Changes and Enhancements

Pre-equalization Control for Cable Modems

show cable modem Command Changes

New Hardware Features in Cisco IOS Release 12.3(13a)BC6

New Software Features in Cisco IOS Release 12.3(13a)BC6

New Hardware Features in Cisco IOS Release 12.3(13a)BC5

New Software Features in Cisco IOS Release 12.3(13a)BC5

New Hardware Features in Cisco IOS Release 12.3(13a)BC4

New Software Features in Cisco IOS Release 12.3(13a)BC4

New Hardware Features in Cisco IOS Release 12.3(13a)BC3

New Software Features in Cisco IOS Release 12.3(13a)BC3

New Hardware Features in Cisco IOS Release 12.3(13a)BC2

New Software Features in Cisco IOS Release 12.3(13a)BC2

New Hardware Features in Cisco  IOS Release 12.3(13a)BC1

New Software Features in Cisco IOS Release 12.3(13a)BC1

New Hardware Features in Cisco IOS Release 12.3(13a)BC

New Software Features in Cisco IOS Release 12.3(13a)BC

Access Control List Support for COPS Intercept

Admission Control for the Cisco CMTS

Advanced-Mode DOCSIS Set-Top Gateway Issue 1.1

Cable Monitor Support for Cisco MC28U Broadband Processing Engines

COPS TCP Support for the Cisco Cable Modem Termination System

cops ip dscp

cops tcp window-size

DOCSIS 1.0 Concatenation Override Featurette

Dynamic SID/VRF Mapping Support

Enhanced Rate Bandwidth Allocation (ERBA) Support for DOCSIS 1.0 Cable Modems

High Availability Features in Cisco IOS Release 12.3(13a)BC

Multicast QoS Support

MLPPP Support

PacketCable Multimedia

Service Independent Intercept (SII) Support on the Cisco uBR7200 Series

Optional Upstream Scheduler Modes

Transparent LAN Service and Layer 2 Virtual Private Networks

Virtual Interface Bundling on the Cisco uBR-MC28/U BPE

New Hardware Features in Cisco IOS Release 12.3(9a)BC8

New Software Features in Cisco IOS Release 12.3(9a)BC8

New Hardware Features in Cisco IOS Release 12.3(9a)BC7

New Software Features in Cisco IOS Release 12.3(9a)BC7

New Hardware Features in Cisco IOS Release 12.3(9a)BC6

New Software Features in Cisco IOS Release 12.3(9a)BC6

New Hardware Features in Cisco IOS Release 12.3(9a)BC5

New Software Features in Cisco IOS Release 12.3(9a)BC5

New Hardware Features in Cisco IOS Release 12.3(9a)BC4

New Software Features in Cisco IOS Release 12.3(9a)BC4

New Hardware Features in Cisco IOS Release 12.3(9a)BC3

New Software Features in Cisco IOS Release 12.3(9a)BC3

New Hardware Features in Cisco IOS Release 12.3(9a)BC2

New Software Features in Cisco IOS Release 12.3(9a)BC2

New Hardware Features in Cisco IOS Release 12.3(9a)BC1

New Software Features in Cisco IOS Release 12.3(9a)BC1

New Hardware Features in Cisco IOS Release 12.3(9a)BC

New Software Features for Cisco IOS Release 12.3(9a)BC

Cable ARP Filter Enhancement

Cisco Broadband Troubleshooter (CBT) 3.2

Cisco CMTS Static CPE Override

Cisco DDC (Dual DOCSIS Channel)

Cisco IOS Release 12.3(9a)BC Command-Line Interface (CLI) Enhancements

DOCSIS Set-top Gateway (DSG) 1.0

Dynamic Shared Secret (DMIC) with OUI Exclusion for DOCSIS

MIBs Changes and Updates in Cisco IOS Release 12.3(9a)BC

CISCO-CABLE-QOS-MONITOR MIB

CISCO-CABLE-SPECTRUM-MIB

CISCO-PROCESS-MIB

DOCS-IF-MIB

DOCS-QOS-MIB

DSG-IF-MIB

Load Balancing Support

Spectrum Management Enhancements in Cisco IOS Release 12.3(9a)BC

Subscriber Traffic Management (STM) Version 1.1

Transparent LAN Services (TLS) and L2 Tunneling ATM/SIDs

Usage Based Billing (SAMIS)

Virtual Interface Support and Frequency Stacking Support

MIBs

MIB Changes and Enhancements for Cisco IOS Release 12.3(17a)BC:

Important Notes

How to Upgrade to Cisco IOS Release 12.3(21)BC

Symptoms of Corrupted NVRAM

Conditions of Corrupted NVRAM

New Command Information for Cisco IOS Release 12.3(21)BC3

controller modular-cable

clear cable modem reset

hw-module shutdown

show cable modem summary

Restriction for Cisco IOS Release 12.3(17a)BC

New Command Information for Cisco IOS Release 12.3(13a)BC3

debug cable classifiers

New and Changed Command Reference for Cisco IOS Release 12.3(9a)BC

cable logging layer2events

cable source-verify

cable submgmt default

show cable tech-support

show controllers cable

show tech-support

Caveats for Cisco IOS Release 12.3 BC

Open Caveats for Cisco IOS Release 12.3(23)BC10

Resolved Caveats for Cisco IOS Release 12.3(23)BC10

Open Caveats for Release 12.3(23)BC9

Resolved Caveats for Release 12.3(23)BC9

Open Caveats for Release 12.3(21a)BC9

Resolved Caveats for Release 12.3(21a)BC9

Open Caveats for Release 12.3(23)BC8

Resolved Caveats for Release 12.3(23)BC8

Open Caveats for Release 12.2(23)BC7

Resolved Caveats for Release 12.2(23)BC7

Open Caveats for Release 12.3(23)BC6

Resolved Caveats for Release 12.3(23)BC6

Open Caveats for Release 12.3(23)BC5

Resolved Caveats for Release 12.3(23)BC5

Open Caveats for Release 12.3(23)BC4

Resolved Caveats for Release 12.3(23)BC4

Open Caveats for Release 12.3(21a)BC8

Resolved Caveats for Release 12.3(21a)BC8

Open Caveats for Release 12.3(23)BC3

Resolved Caveats for Release 12.3(23)BC3

Open Caveats for Release 12.3(23)BC2

Resolved Caveats for Release 12.3(23)BC2

Open Caveats for Release 12.3(21a)BC7

Resolved Caveats for Release 12.3(21a)BC7

Open Caveats for Release 12.3(23)BC1

Resolved Caveats for Release 12.3(23)BC1

Open Caveats for Release 12.3(21a)BC6

Resolved Caveats for Release 12.3(21a)BC6

Open Caveats for Release 12.3(21a)BC5

Resolved Caveats for Release 12.3(21a)BC5

Open Caveats for Release 12.3(23)BC

Resolved Caveats for Release 12.3(23)BC

Open Caveats for Release 12.3(21a)BC4

Resolved Caveats for Release 12.3(21a)BC4

Open Caveats for Release 12.3(21a)BC3

Resolved Caveats for Release 12.3(21a)BC3

Open Caveats for Release 12.3(21a)BC2

Resolved Caveats for Release 12.3(21a)BC2

Open Caveats for Release 12.3(21a)BC1

Resolved Caveats for Release 12.3(21a)BC1

Open Caveats for Release 12.3(21)BC

Resolved Caveats for Release 12.3(21)BC

Open Caveats for Release 12.3(17b)BC9

Resolved Caveats for Release 12.3(17b)BC9

Open Caveats for Release 12.3(17b)BC8

Resolved Caveats for Release 12.3(17b)BC8

Open Caveats for Release 12.3(17b)BC7

Resolved Caveats for Release 12.3(17b)BC7

Open Caveats for Release 12.3(17b)BC6

Resolved Caveats for Release 12.3(17b)BC6

Open Caveats for Release 12.3(17b)BC5

Resolved Caveats for Release 12.3(17b)BC5

Open Caveats for Release 12.3(17b)BC4

Resolved Caveats for Release 12.3(17b)BC4

Open Caveats for Release 12.3(17b)BC3

Resolved Caveats for Release 12.3(17b)BC3

Open Caveats for Release 12.3(17a)BC2

Resolved Caveats for Release 12.3(17a)BC2

Open Caveats for Release 12.3(17a)BC1

Resolved Caveats for Release 12.3(17a)BC1

Open Caveats for Release 12.3(17a)BC

Resolved Caveats for Release 12.3(17a)BC

Open Caveats for Release 12.3(13a)BC6

Resolved Caveats for Release 12.3(13a)BC6

Open Caveats for Release 12.3(13a)BC5

Resolved Caveats for Release 12.3(13a)BC5

Open Caveats for Release 12.3(13a)BC4

Resolved Caveats for Release 12.3(13a)BC4

Open Caveats for Release 12.3(13a)BC3

Resolved Caveats for Release 12.3(13a)BC3

Open Caveats for Release 12.3(13a)BC2

Resolved Caveats for Release 12.3(13a)BC2

Open Caveats for Release 12.3(13a)BC1

Resolved Caveats for Release 12.3(13a)BC1

Open Caveats for Release 12.3(13a)BC

Resolved Caveats for Release 12.3(13a)BC

Open Caveats for Release 12.3(9a)BC8

Resolved Caveats for Release 12.3(9a)BC8

Open Caveats for Release 12.3(9a)BC7

Resolved Caveats for Release 12.3(9a)BC7

Open Caveats for Release 12.3(9a)BC6

Resolved Caveats for Release 12.3(9a)BC6

Open Caveats for Release 12.3(9a)BC5

Resolved Caveats for Release 12.3(9a)BC5

Open Caveats for Release 12.3(9a)BC4

Resolved Caveats for Release 12.3(9a)BC4

Open Caveats for Release 12.3(9a)BC3

Resolved Caveats for Release 12.3(9a)BC3

Open Caveats for Release 12.3(9a)BC2

Resolved Caveats for Release 12.3(9a)BC2

Open Caveats for Release 12.3(9a)BC1

Resolved Caveats for Release 12.3(9a)BC1

Open Caveats for Release 12.3(9a)BC

Resolved Caveats for Release 12.3(9a)BC

Related Documentation

Release-Specific Documents

Platform-Specific Documents

Feature Modules

Cisco Feature Navigator

Cisco IOS Software Documentation Set

Documentation Modules

Release 12.3 Documentation Set

Obtaining Documentation, Obtaining Support, and Security Guidelines


Release Notes for Cisco uBR7200 Series for Cisco IOS Release 12.3BC


Revised: February 28, 2011, OL-6763-49

The release notes for Cisco IOS Release 12.3BC for the Cisco uBR7200 series universal broadband routers describe the enhancements and caveats for all releases in the cable-specific, early deployment, 12.3BC release trains. Some of the most recent releases in 12.3BC include 12.3(17b)BCx-, 12.3(21a)BCx-, and 12.3(23)BCx-based releases.

These release notes are updated with each release in the train. This update adds information for Cisco IOS Release 12.3(21a)BC9 . For a list of the updated caveats that apply to each release, see the "Caveats for Cisco IOS Release 12.3 BC" section and Caveats for Cisco IOS Release12.3T. Use these release notes in conjunction with the cross-platformRelease Notes for Cisco IOS Release 12.3 T located on Cisco.com and the Documentation CD-ROM.


Note Cisco IOS Release 12.3(23)BC6 does not include support for telco-return images.


Cisco recommends that you view the field notices for this release to see if your software or hardware platforms are affected. If you have an account on Cisco.com, you can find field notices at http://www.cisco.com/en/US/support/tsd_products_field_notice_summary.html. If you do not have a Cisco.com login account, you can find field notices at http://www.cisco.com/en/US/support/tsd_products_field_notice_summary.html.

Contents

These release notes describe the following topics:

Introduction

Early Deployment Releases

System Requirements

Feature Support

New and Changed Information

MIBs

Important Notes

Caveats for Cisco IOS Release 12.3 BC

Related Documentation

Obtaining Documentation, Obtaining Support, and Security Guidelines

Introduction

For information on new features and the Cisco IOS documentation set supported by Cisco IOS Release 12.3(23)BC6, see the "New and Changed Information" section and the "Related Documentation" section.

Cisco uBR7200 Series Universal Broadband Routers

The Cisco uBR7200 series universal broadband routers—the Cisco uBR7223, the Cisco uBR7246, and the Cisco uBR7246VXR—are based on the Data-over-Cable Service Interface Specification (DOCSIS) standards. Each is designed to be installed at a cable operator's headend facility or distribution hub and to function as the cable modem termination system (CMTS) for subscriber-end devices such as the Cisco uBR905 and Cisco uBR925 cable access routers, and other DOCSIS-compliant cable modems (CMs) and set-top boxes (STBs).

Cisco uBR7200 series universal broadband routers allow two-way transmission of digital data and Voice over IP (VoIP) traffic over a hybrid fiber-coaxial (HFC) network. The Cisco uBR7200 series routers support IP routing with a wide variety of protocols and combinations of Ethernet, Fast Ethernet, Gigabit Ethernet, serial, High-Speed Serial Interface (HSSI), Packet over SONET (POS) OC-3 and OC-12c, Asynchronous Transfer Mode (ATM) media, and EtherChannel trunking technology.

Cisco IOS Release 12.3(23)BC6 supports the Cisco uBR7246VXR, Cisco uBR7246, and Cisco uBR7223 universal broadband routers.

Cisco uBR7246VXR Universal Broadband Router

The Cisco uBR7246VXR offers an industry-proven CMTS and carrier-class router in a scalable platform with a high-performance network processing engine to support data, voice, and video services for medium to large network installations.

The Cisco uBR7246VXR provides the following major hardware features:

High-performance network processing engine

I/O controller

Up to two network interface port adapters

Up to four cable interface line cards

Up to two removable power supplies providing load-sharing and redundancy capabilities

Two Personal Computer Memory Card International Association (PCMCIA) slots that allow for software upgrades through the use of Flash memory cards


Note The Cisco uBR7246VXR chassis does not support the MC11-FPGA cable interface line card.


Cisco uBR7246 Universal Broadband Router

The Cisco uBR7246 offers an industry-proven CMTS and carrier-class router in a scalable platform to support data, voice, and video services for medium to large network installations.

The Cisco uBR7246 provides the following major hardware features:

Network processing engine

I/O controller

Up to two network interface port adapters

Up to four cable interface line cards

Up to two removable power supplies providing load-sharing and redundancy capabilities

Two PCMCIA slots that allow for software upgrades through the use of Flash memory cards


Note The Cisco  uBR7246 router reached its End of Sale (EOS) point on November 15, 2001. For details see Product Bulletin No. 1438, which is at the following URL:
http://www.cisco.com/en/US/products/hw/cable/ps2217/products_eol_models.html.


Cisco uBR7223 Universal Broadband Router

The Cisco uBR7223 is a cost-effective, scalable interface between subscriber cable modems and the backbone data network, and is designed specifically for small to medium network installations.

The Cisco uBR7223 provides the following major hardware features:

High-performance network processing engine

I/O controller

One network interface port adapter

Up to two cable interface line cards

One removable power supply (The Cisco uBR7223 does not feature load-sharing and redundant power supply capability like the Cisco uBR7246VXR and Cisco uBR7246.)

Two PCMCIA slots that allow for software upgrades through the use of Flash memory cards


Note The Cisco uBR7223 router reached its End of Sale (EOS) point on October 23, 2002. For details see Product Bulletin No. 1955, which is at the following URL: http://www.cisco.com/en/US/products/hw/cable/ps2217/products_eol_models.html.


Cisco uBR7200 Series Universal Broadband Router Overview

Table 1 provides a quick overview of the major hardware features of the three Cisco uBR7200 series universal broadband routers.

Table 1 Cisco uBR7200 Series Universal Broadband Router Overview 

Supported Hardware
Cisco uBR7246VXR
Cisco uBR7246 1
Cisco uBR7223 2

Network Processing Engine

One of the following:

UBR7200-NPE-G1

NPE-225

NPE-300

NPE-400

One of the following:

NPE-150

NPE-200

NPE-225

One of the following:

NPE-150

NPE-200

NPE-225

I/O Controller

One of the following:

UBR7200-I/O

UBR7200-I/O-FE

UBR7200-I/O-2FE/E

One of the following:

UBR7200-I/O

UBR7200-I/O-FE

One of the following:

UBR7200-I/O

UBR7200-I/O-FE

Network Interface Port Adapters

up to 2

up to 2

1

Cable Interface Line Cards

up to 4

up to 4

up to 2

Removable Power Supplies

up to 2

up to 2

1

PCMCIA Slots

2

2

2

1 End of Sale (EOS) point on November 15, 2001.

2 End of Sale (EOS) point on October 23, 2002.



Note The UBR7200-NPE-G1 does not require that an I/O controller be installed. For additional information, refer to the Release Notes for Cisco uBR7200 Series for Cisco IOS Release 12.2 BC on Cisco.com: http://www.cisco.com/en/US/docs/ios/12_2/12_2b/12_2bc/release/notes/u7208bc1.html.


Early Deployment Releases

These release notes describe the Cisco uBR7200 series universal broadband routers for Cisco IOS Release 12.3(23)BC6. Feature support is cumulative from release to release, unless otherwise noted.

Supported Features

The Cisco IOS Release 12.3BC train supports the following new features.

Table 2 Early Deployment (ED) Releases for the Cisco uBR7200 Series 

ED Release
Software Features 1 and MIBs 2
Hardware Features
Hardware
Availability

Cisco IOS Release 12.3(23)BC10

None

None

None

Cisco IOS Release 12.3(23)BC9

None

None

None

Cisco IOS Release 12.3(21a)BC9

None

None

None

Cisco IOS Release 12.3(23)BC8

None

None

None

Cisco IOS Release 12.3(23)BC7

Enhanced Show Tech

Cable Modem QoS Information

Direct Load for Cable Modems

Three Step Dynamic Modulation

None

Now

Cisco IOS Release 12.3(23)BC6

None

None

Now

Cisco IOS Release 12.3(23)BC5

None

None

Now

Cisco IOS Release 12.3(23)BC4

None

None

Now

Cisco IOS Release 12.3(21a)BC8

None

None

Now

Cisco IOS Release 12.3(23)BC3

None

None

Now

Cisco IOS Release 12.3(23)BC2

Subscriber Traffic Management Version 1.2

Upstream Utilization Optimization

None

Now

Cisco IOS Release 12.3(21a)BC7

None

None

Now

Cisco IOS Release 12.3(23)BC1

PacketCable Subscriber ID Support

None

Now

Cisco IOS Release 12.3(21a)BC6

None

None

Now

Cisco IOS Release 12.3(21a)BC5

None

None

Now

Cisco IOS Release 12.3(23)BC

None

None

Now

Cisco IOS Release 12.3(21a)BC4

None

None

Now

Cisco IOS Release 12.3(21a)BC3

Control Point Discovery (CPD)

None

Now

Cisco IOS Release 12.3(21a)BC2

None

None

Now

Cisco IOS Release 12.3(21a)BC1

None

None

Now

Cisco IOS Release 12.3(21)BC

Automatic Virtual Interface Bundles

Cable DHCP Enhancements

Cable Duplicate MAC Address Reject

PacketCable Client Accept Timeout

Per Downstream Static Multicast

SAMIS Source Address Management

Service Flow Admission Control

None

Now

Cisco IOS Release 12.3(17b)BC9

None

None

Now

Cisco IOS Release 12.3(17b)BC8

None

None

Now

Cisco IOS Release 12.3(17b)BC7

None

None

Now

Cisco IOS Release 12.3(17b)BC6

None

None

Now

Cisco IOS Release 12.3(17b)BC5

None

None

Now

Cisco IOS Release 12.3(17b)BC4

Downstream Load Balancing

None

Now

Cisco IOS Release 12.3(17b)BC3

None

None

Now

Cisco IOS Release 12.3(17a)BC2

Advanced-Mode DOCSIS Set-Top Gateway Issue 1.2

DOCSIS1.0 ToS Overwrite

None

Now

Cisco IOS Release 12.3(17a)BC1

None

None

Now

Cisco IOS Release 12.3(17a)BC

Cable Monitor Enhancements

Configurable Leasequery Server

Dynamic Channel Change (DCC) for Load Balancing

DOCSIS 2.0 SAMIS ECR Data Set

DSX Messages and Synchronized PHS Information

High Availability Support for Encrypted IP Multicast

IPv6 over L2VPN

Management Information Base (MIB) Changes and Enhancements

Pre-equalization Control for Cable Modems

None

Now

Cisco IOS Release 12.3(13a)BC6

None

None

Now

Cisco IOS Release 12.3(13a)BC5

None

None

Now

Cisco IOS Release 12.3(13a)BC4

None

None

Now

Cisco IOS Release 12.3(13a)BC3

None

None

Now

Cisco IOS Release 12.3(13a)BC2

None

None

Now

Cisco IOS Release 12.3(13a)BC1

None

None

Now

Cisco IOS Release 12.3(13a)BC

Access Control List Support for COPS Intercept

Admission Control for the Cisco CMTS

Advanced-Mode DOCSIS Set-Top Gateway Issue 1.1

Cable Monitor Support for Cisco MC28U Broadband Processing Engines

COPS TCP Support for the Cisco Cable Modem Termination System

DOCSIS 1.0 Concatenation Override Featurette

Dynamic SID/VRF Mapping Support

Enhanced Rate Bandwidth Allocation (ERBA) Support for DOCSIS 1.0 Cable Modems

High Availability Features in Cisco IOS Release 12.3(13a)BC

Multicast QoS Support

MLPPP Support

PacketCable Multimedia

Service Independent Intercept (SII) Support on the Cisco uBR7200 Series

Optional Upstream Scheduler Modes

Transparent LAN Service and Layer 2 Virtual Private Networks

Virtual Interface Bundling on the Cisco uBR-MC28/U BPE

None

Now

Cisco IOS Release 12.3(9a)BC8

None

None

Now

Cisco IOS Release 12.3(9a)BC7

None

None

Now

Cisco IOS Release 12.3(9a)BC6

None

None

Now

Cisco IOS Release 12.3(9a)BC5

None

None

Now

Cisco IOS Release 12.3(9a)BC4

None

None

Now

Cisco IOS Release 12.3(9a)BC3

None

None

Now

Cisco IOS Release 12.3(9a)BC2

None

None

Now

Cisco IOS Release 12.3(9a)BC1

None

None

Now

Cisco IOS Release 12.3(9a)BC

Cisco Broadband Troubleshooter (CBT) 3.2

Cisco IOS Release 12.3(9a)BC Command-Line Interface (CLI) Enhancements

DOCSIS Set-top Gateway (DSG) 1.0

Cisco DDC (Dual DOCSIS Channel)

Dynamic Shared Secret (DMIC) with OUI Exclusion for DOCSIS

Virtual Interface Support and Frequency Stacking Support

Load Balancing Support

Subscriber Traffic Management (STM) Version 1.1

Transparent LAN Services (TLS) and L2 Tunneling ATM/SIDs

Usage Based Billing (SAMIS)

Virtual Interface Support and Frequency Stacking Support

None

Now

1 Only major features are listed.

2 MIB = Management Information Base


System Requirements

This section describes the system requirements for Cisco IOS Release 12.3(23)BC6 with the following topics:

Memory Recommendations

DOCSIS System Interoperability on the Cisco uBR7246VXR CMTS

Supported Hardware

Determining Your Software Release

Upgrading to a New Software Release

Memory Recommendations

Table 3 displays the memory recommendations of the Cisco IOS feature sets for the Cisco uBR7200 series universal broadband routers for Cisco IOS Release 12.3 BC. Cisco uBR7200 series routers are only available with a 48 MB or 128 MB of Flash disk memory on the I/O Controller cards. The UBR7200-NPE-G1 uses compact Flash disk only.


Note Flash disks, an alternative to linear Flash memory, are Flash memory-based devices that can be used as file storage media in the PCMCIA card slots of the I/O Controllers. Each I/O Controller has two PCMCIA slots and can be configured with up to 256 MB of Flash disk memory.


Table 3 Memory Recommendations for the Cisco uBR7200 Series Routers, Cisco IOS Release 12.3 BC Feature Sets 

Feature Set
Software Image
Recommended
Flash Memory
Recommended
DRAM Memory
Runs
From
Two-Way Data/VoIP Images

DOCSIS Two-Way

ubr7200-p-mz

32 MB Flash

256 MB DRAM

RAM

DOCSIS Two-Way IP Plus

ubr7200-is-mz

32 MB Flash

256 MB DRAM

RAM

DOCSIS Two-Way with BPI

ubr7200-k8p-mz

32 MB Flash

256 MB DRAM

RAM

DOCSIS Two-Way IP Plus with BPI

ubr7200-ik8s-mz

32 MB Flash

256 MB DRAM

RAM

DOCSIS Two-Way 3DES

ubr7200-k9p-mz

32 MB Flash

256 MB DRAM

RAM

DOCSIS Two-Way 3DES IP Plus

ubr7200-ik9s-mz

32 MB Flash

256 MB DRAM

RAM

Boot Image

UBR7200 Boot Image

ubr7200-kboot-mz

None

None

UBR7200 Boot Image

ubr7200-boot-mz

None

None


The image subset legend for Table 3 is as follows:

i = IP routing, MPLS-VPN support, and non-cable interface bridging, including Network Address Translation (NAT)

k8 = DOCSIS Baseline Privacy

p = IP routing with Intermediate System-to-Intermediate System (IS-IS) and Border Gateway Protocol (BGP); MPLS-VPN support; no bridging and no NAT

s = "Plus" features: NAT and Inter-Switch Link (ISL)

k9 = 3DES level of encryption


Note All images support all of the hardware listed in the "Supported Hardware" section, unless otherwise indicated.



Note A Cisco uBR7200 series router requires 256 MB of DRAM memory on the NPE processor card when HCCP redundancy is configured and the router is supporting more than 3,000 cable modems. Using less memory in these conditions results in temporary out-of-memory situations and incomplete synchronization between the Working and Protect interfaces.


DOCSIS System Interoperability on the Cisco uBR7246VXR CMTS

This section describes the operation of primary interoperability features in the Cisco uBR7246VXR router. For additional DOCSIS information for the Cisco uBR7246VXR router, refer to the following document on Cisco.com:

DOCSIS 1.1 for Cisco uBR7200 Series Universal Broadband Routers

http://www.cisco.com/en/US/docs/cable/cmts/feature/DOCSIS11.html.

DOCSIS 1.1 for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_docs.html.

DOCSIS 1.0 Baseline Privacy

DOCSIS baseline privacy interface (BPI) gives subscribers data privacy across the RF network, encrypting traffic flows between the CMTS and cable modem. BPI ensures that a cable modem, uniquely identified by its Media Access Control (MAC) address, can obtain keying material for services only it is authorized to access.

To enable BPI, choose software at both the CMTS and cable modem that support the BPI mode of operation. For the Cisco uBR7200 series software, choose an image with "k8" in its file name or BPI in the feature set description. BPI must be enabled using the DOCSIS configuration file.

The cable modem must also support BPI. Cable modems must have factory-installed RSA private/public key pairs to support internal algorithms to generate key pairs prior to first BPI establishment.


Note RSA stands for Rivest, Shamir, and Adelman, inventors of a public-key cryptographic system.


Cable Modem Interoperability

The Cisco uBR7200 series router interoperates with DOCSIS-based two-way cable modems that support basic Internet access, VoIP, or Virtual Private Networks (VPNs).

EuroDOCSIS cable modems or set-top boxes (STBs) with integrated EuroDOCSIS cable modems using Cisco uBR-MC16E cable interface line cards and Cisco OS Release 12.2(4)BC1 or higher. EuroDOCSIS operation support includes 8-MHz Phase Alternating Line (PAL) or Systeme Electronique Couleur Avec Memoire (SECAM) channel plans.


Note Cisco IOS Release 12.3(23)BC6 does not support telco-return cable modems or STBs.


Configuring the CMTS Cable Interface When in Routing Mode

If you have configured a Cisco cable modem for routing mode and are also using the cable-modem dhcp-proxy nat command on the cable modem, you must configure the corresponding cable interface on the Cisco uBR7200 series router with the cable dhcp-giaddr policy command. Otherwise, the cable interface could flap and the cable modem could go offline unpredictably.

DOCSIS 1.0 and 1.0+ Extensions

Earlier releases of Cisco IOS software for the Cisco uBR7246VXR router provide support for the original DOCSIS 1.0 standard, featuring basic best-effort data traffic and Internet access over the coaxial cable network. The DOCSIS 1.0+ extensions provides Quality of Service (QoS) enhancements for real-time traffic, such as voice calls, in anticipation of full DOCSIS 1.1 support.


Note All DOCSIS 1.0 extensions are activated only when a cable modem or Cisco uBR924 that supports these extensions solicits services using dynamic MAC messages or the feature set. If the cable modems in your network are pure DOCSIS 1.0-based, they receive regular DOCSIS 1.0 treatment from the CMTS.


DOCSIS 1.1 Extensions

The DOCSIS 1.1 specification provides the following functional enhancements over DOCSIS 1.0 coaxial cable networks:

Enhanced Quality of Service (QoS) to give priority for real-time traffic such as voice and video.

The DOCSIS 1.0 QoS model (a Service IDs (SID) associated with a QoS profile) has been replaced with a service flow model that allows greater flexibility in assigning QoS parameters to different types of traffic and in responding to changing bandwidth conditions.

Multiple service flows per cable modem supported in either direction due to packet classifiers.

Support for multiple service flows per cable modem allows a single cable modem to support a combination of data, voice, and video traffic.

Greater granularity is available in QoS per cable modem (in either direction), using unidirectional service flows.

Dynamic MAC messages are supported to create, modify, and tear down QoS service flows dynamically when requested by a DOCSIS 1.1 cable modem.

Several QoS models are supported for the upstream.

Best effort-Data traffic is sent on a non-guaranteed best-effort basis.

Committed Information Rate (CIR) supports the guaranteed minimum bandwidth for data traffic.

Unsolicited Grants (UGS) support constant bit rate (CBR) traffic, such as voice, that is characterized by fixed size packets at fixed intervals.

Real Time Polling (rtPS) supports Real Time service flows, such as video, that produce unicast, variable size packets at fixed intervals.

Unsolicited Grants with Activity Detection (USG-AD) support the combination of UGS and RTPS, to accommodate real time traffic that might have periods of inactivity (such as voice using silence suppression). The service flow uses UGS fixed grants while active, but switches to RTPS polling during periods of inactivity to avoid wasting unused bandwidth.

Enhanced time-slot scheduling mechanisms support guaranteed delay/jitter sensitive traffic on the shared multiple access upstream link.

Payload Header Suppression (PHS) conserves link-layer bandwidth by suppressing unnecessary packet headers on both upstream and downstream traffic flows.

Layer 2 fragmentation on the upstream prevents large data packets from affecting real-time traffic, such as voice and video. Large data packets are fragmented and then transmitted in the time slots that are available between the time slots used for the real-time traffic.

Concatenation allows a cable modem to send multiple MAC frames in the same time slot, as opposed to making an individual grant request for each frame. This avoids wasting upstream bandwidth when sending a number of very small packets, such as TCP acknowledgement packets.

DOCSIS 1.1 cable modems can coexist with DOCSIS 1.0 and 1.0+ cable modems in the same network—the Cisco uBR7246VXR router provides the levels of service that are appropriate for each cable modem.

DOCSIS 1.1 Quality of Service

The DOCSIS 1.1 QoS framework is based on the following objects:

Service class: A collection of settings maintained by the CMTS that provide a specific QoS service tier to a cable modem that has been assigned a service flow within a particular service class.

Service flow: a unidirectional sequence of packets receiving a service class on the DOCSIS link.

Packet classifier: A set of packet header fields used to classify packets onto a service flow to which the classifier belongs.

PHS rule: A set of packet header fields that are suppressed by the sending entity before transmitting on the link, and are restored by receiving entity after receiving a header-suppressed frame transmission. Payload Header Suppression increases the bandwidth efficiency by removing repeated packet headers before transmission.

In DOCSIS 1.1, the basic unit of QoS is the service flow, which is a unidirectional sequence of packets transported across the RF interface between the cable modem and CMTS. A service flow is characterized by a set of QoS parameters such as latency, jitter, and throughput assurances.

Every cable modem establishes a primary service flow in both the upstream and downstream directions. The primary flows maintain connectivity between the cable modem and CMTS at all times.

In addition, a DOCSIS 1.1 cable modem can establish multiple secondary service flows. The secondary service flows can either be permanently created (they persist until the cable modem is reset or powered off) or they can be created dynamically to meet the needs of the on demand traffic being transmitted.

Each service flow has a set of QoS attributes associated with it. These QoS attributes define a particular class of service and determine characteristics such as the maximum bandwidth for the service flow and the priority of its traffic. The class of service attributes can be inherited from a preconfigured CMTS local service class (class-based flows), or they can be individually specified at the time of the creation of the service flow.

Each service flow has multiple packet classifiers associated with it, which determine the type of application traffic allowed to be sent on that service flow. Each service flow can also have a Payload Header Suppression (PHS) rule associated with it to determine which portion of the packet header will be suppressed when packets are transmitted on the flow.

ARP Filter

The cable arp filter command, introduced with Cisco IOS Release 12.2(15)BC2b, enables service providers to filter ARP request and reply packets, to prevent a large volume of such packets from interfering with the other traffic on the cable network. For additional information refer to the following document on Cisco.com:

Cable ARP Filtering

http://www.cisco.com/en/US/docs/cable/cmts/feature/cblarpfl.html.

Additional Cable Modem Interoperability

In Cisco IOS Release 12.2(11)BC3c, the following new or enhanced software features are implemented for DOCSIS 1.1 functionality. Feature support continues with Cisco IOS Release 12.3(9a)BC. (For more information, see the feature module DOCSIS 1.1 for Cisco uBR7200 Series Universal Broadband Routers).

Clock Synchronization

The Cisco uBR7200 series routers support clock hardware and software to enable high-quality delivery of IP telephony services through synchronized data transmissions. To support the clock feature set, a Cisco uBR7246VXR chassis must be used. The Cisco uBR7246VXR must contain a clock card and either a Cisco uBR-MC16E or Cisco uBR-MC28C cable interface line card. Only these cards support the external clock reference from the clock card to distribute that signal to CMs or STBs attached to the specific network segments.

Each cable modem must also support VoIP applications and the clock reference feature set to enable synchronized timing. The Cisco uBR924 and Cisco uBR925 cable access routers, running Cisco IOS Release 12.0(7)T or later, supports the clock reference feature set automatically.

National Clock Card

The Cisco uBR7246VXR supports the National Clock Card. The National Clock Card allows the Cisco uBR7246VXR to accept a primary or secondary external clock reference. If there is no primary clock, the Clock Card goes into Holdover. After a period of 2-10 seconds, the Clock Card switches to the secondary clock. When the primary clock is back online, the Clock Card switches to the primary clock after a period of 2-10 seconds. The National Clock Card requires the Cisco uBR-MC1xS or the Cisco uBR-MC1xE cable interface line card.

Supported Hardware

This section describes the hardware supported by the Cisco uBR7246VXR Universal Broadband Router in Cisco IOS 12.3BC software releases.

Network Processing Engines

The Cisco uBR7246VXR supports the following Network Processing Engines (NPEs) in Cisco IOS Release 12.3(23)BC6:

UBR7200-NPE-G1

NPE-225

NPE-300

NPE-400


Note The Cisco UBR7200-NPE-G1, Cisco NPE-300 and Cisco NPE-400 are not supported on the Cisco uBR7223 and the Cisco uBR7246. The Cisco NPE-150 and Cisco NPE-200 are not supported on the Cisco uBR7246VXR.



Note The Cisco NPE-300 is at end-of-life and has not been orderable since November 15, 2001. See the following product bulletin for more details on the Cisco NPE-300 recommended upgrade path: http://www.cisco.com/en/US/products/hw/cable/ps2217/prod_eol_notices_list.html.


For more information, see the Network Processing Engine and Network Services Engine Installation and Configuration guide and the Memory Replacement Instructions for the Network Processing Engine or Network Services Engine and Input/Output Controller guide on Cisco.com.

I/O Controllers

Cisco IOS Release 12.3(23)BC6 supports the following I/O controllers for the Cisco uBR7200 series universal broadband routers:

UBR7200-I/O-2FE/E input/output controller—Two Fast Ethernet ports and one Ethernet port; equipped with 2 RJ-45 receptacles for 10/100 Mbps operation. Supported for the Cisco uBR7246VXR router. The Cisco IOS Release 12.1(10)EC boot helper image [ubr7200-boot-mz.12.1-10.EC] must be used on this controlle.r

UBR7200-I/O-FE—One Fast Ethernet port; equipped with an MII receptacle and an RJ-45 receptacle for use at 100 Mbps full-duplex or half-duplex operation. Only 1 receptacle can be configured for use at a time. Supported for Cisco uBR7223, Cisco uBR7246, and Cisco uBR7246VXR routers. The 12.0(15)SC [ubr7200-boot-mz.12.0-15.SC] boot helper image is recommended for this controller.

UBR7200-I/O—Has no Fast Ethernet port. Supported for Cisco uBR7223, Cisco uBR7246, and Cisco uBR7246VXR routers. The 12.0(15)SC [ubr7200-boot-mz.12.0-15.SC] boot helper image is recommended for this controller.


Note The Single-Port Fast Ethernet I/O Controller (UBR7200-I/O-FE) reached its End of Sale (EOS) point on June 30, 2003. For details, see the Addendum to Product Bulletin, No. 1725, which is at the following URL: http://www.cisco.com/en/US/products/hw/cable/ps2217/prod_eol_notices_list.html



Note Do not use the 12.1(10)EC boot helper image with the UBR7200-I/O-FE and UBR7200-I/O controllers.


Cable Interface Line Cards

Table 4 provides a quick overview of the cable interface line cards that are supported in Cisco IOS Release 12.3(23)BC6 for the Cisco uBR7200 series routers:

Table 4 Cisco uBR7200 Series Cable Interface Line Cards 

Cable Interface Line Card
Upstream
Ports
Downstream
Ports
Additional Features

MC16C

6

1

 

MC16E

6

1

EuroDOCSIS (Annex A) Support

MC16S

6

1

Supports advanced spectrum management features.

MC16U

6

1

A-TDMA, Adv PHY, CPU

MC16X

6

1

Features dedicated media access control (MAC) layer hardware.

MC28C

8

2

 

MC28C-BNC

8

2

BNC connectors instead of F-connectors

MC28U

8

2

Integrated upconverter

MC28X

8

2

Features dedicated media access control (MAC) layer hardware.


OIR of Cable Interface Line Cards

Technically, the Cisco uBR7200 series universal broadband routers support true online insertion and removal (OIR), or "hot swapping" of cable interface line cards only when exchanging cable interface line cards of the exact same type (for example, exchanging a Cisco uBR-MC28U card for another Cisco uBR-MC28U card). Under these conditions, no reload of the router is required.


Caution When you OIR different types of cable interface line cards (for example, a Cisco uBR-MC16C card replaced by a Cisco uBR-MC16S card, or Cisco uBR-MC16C card replaced by a Cisco uBR-MC28U card), you not only might have to reconfigure the interfaces, you must reload the router.

Port Adapter Cards

Table 5 lists and describes the port adapters supported by Cisco uBR7200 series routers in Cisco IOS Release 12.3(23)BC6.


Note Table 5 identifies some port adapters for the Cisco uBR7200 series routers that are in an end-of-life (EOL) stage. See the following product bulletin for more details on these EOL port adapters:
http://www.cisco.com/en/US/products/hw/cable/ps2217/prod_eol_notices_list.html.



Note Not all Cisco uBR7200 series routers support all port adapters. Some port adapters must be at certain revision levels to be used in the Cisco uBR7246VXR router.


Table 5 Cisco uBR7200 Series Port Adapter Releases 

Product Number
Cisco uBR7223
Cisco uBR7246
Cisco uBR7246VXR
End-of-Life
Ethernet

PA-4E—4-port Ethernet 10BASE-T port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

PA-8E—8-port Ethernet 10BASE-T port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

Yes

PA-FE-TX—1-port 100BASE-TX Fast Ethernet port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

PA-FE-FX—1-port 100BASE-FX Fast Ethernet port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

PA-2FEISL-TX—2-port 100BASE-TX Fast Ethernet port adapter with Inter-Switch Link (ISL) support

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

Yes

PA-2FEISL-FX—2-port 100BASE-FX Fast Ethernet port adapter with ISL support

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

Yes

PA-12E/2FE—12-port 10BASE-T and 2-port 10/100BASE-TX port adapter

Not applicable

12.2(4)XF1

Not applicable

No

PA-2FE-TX—2-port 100BASE-TX Fast Ethernet port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

PA-2FE-FX—2-port 100BASE-FX Fast Ethernet port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

Gigabit Ethernet

PA-GE—1-port, full-duplex, IEEE 802.3z-compliant Gigabit Ethernet (GE) port adapter1

Not applicable

Not applicable

12.2(4)XF1

No

Serial

PA-4T+—4-port synchronous serial port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

PA-8T-232—8-port EIA/TIA-232 synchronous serial port adapter

12.2(4)XF1

12.2(4)XF1

Not applicable

Yes

PA-8T-V35—8-port V.35 synchronous serial port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

PA-8T-X21—8-port X.21 synchronous serial port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

Yes

PA-4E1G-75—4-port unbalanced (75-ohm) E1-G.703/G.704 synchronous serial port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

Yes

PA-4E1G-120—4-port balanced (120-ohm) E1-G.703/G.704 synchronous serial port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

Yes

PA-E3—1-port high-speed serial E3 interface port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

PA-T3—1-port T3 serial interface port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

PA-T3+—1-port T3 serial interface port adapter enhanced

12.2(4)BC1

Not applicable

12.2(4)BC1

No

PA-2E3—2-port high-speed serial E3 interface port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

PA-2T3—2-port T3 serial interface port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

PA-2T3+—2-port T3 serial interface port adapter enhanced

12.2(4)BC1

Not applicable

12.2(4)BC1

No

PA-MC-T3—1-port T3 (channelized into 28 independent T1 data lines) port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

PA-MC-2T1—2-port multichannel DS1 Integrated Services Digital Network (ISDN) Primary Rate Interface (PRI) single-wide port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

Yes

PA-MC-4T1—4-port multichannel DS1 ISDN PRI single-wide port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

PA-MC-8E1/120—8-port multichannel E1 ISDN PRI single-wide port adapter

12.2(4)XF1

12.2(4)XF1

Not applicable

Yes

PA-MC-8T1—8-port multichannel DS1 ISDN PRI single-wide port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

Yes

PA-MC-2E1/120—2-port multichannel E1 ISDN PRI single-wide port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

HSSI

PA-H—1-port HSSI port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

Yes

PA-2H—2-port HSSI port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

ATM

PA-A1-OC3SMI—1-port ATM OC-3c/STM-1 single-mode intermediate reach port adapter

12.2(4)XF1

12.2(4)XF1

Not applicable

No

PA-A1-OC3MM—1-port ATM OC-3c/STM-1 multimode port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

Yes

PA-A2-4E1XC-OC3SM—5-port ATM CES2 (4 E1 120-ohm CBR3 ports and 1 OC-3 ATM single-mode port) port adapter

Not applicable

12.2(4)XF1

Not applicable

Yes

PA-A2-4E1XC-E3ATM—5-port ATM CES2 (4 E1 120-ohm CBR3 ports and 1 E3 ATM port) port adapter

Not applicable

12.2(4)XF1

Not applicable

Yes

PA-A2-4T1C-OC3SM—5-port ATM CES2 (4 T1 CBR3 ports and 1 OC-3 ATM single-mode port) port adapter

Not applicable

12.2(4)XF1

Not applicable

Yes

PA-A2-4T1C-T3ATM—5-port ATM CES2 (4 T1 CBR3 ports and 1 T3 ATM port) port adapter

Not applicable

12.2(4)XF1

Not applicable

Yes

PA-A3-E3—1-port E3 ATM, PCI-based port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

PA-A3-T3—1-port T3 ATM, PCI-based port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

PA-A3-OC3MM—1-port OC-3c ATM, PCI-based multimode port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

PA-A3-OC3SMI—1-port OC-3c ATM, PCI-based single-mode intermediate reach port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

PA-A3-OC3SML—1-port OC-3c ATM, PCI-based single-mode long reach port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

PA-A3-8T1IMA—ATM inverse multiplexer over ATM port adapter with 8 T1 ports

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

No

Packet-Over-SONET (POS)

PA-POS-OC3SML—1-port POS OC-3 single-mode, long reach port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

Yes

PA-POS-OC3SMI—1-port OC-3 single-mode, intermediate reach port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

 

PA-POS-OC3MM—1-port POS OC3 multimode port adapter

12.2(4)XF1

12.2(4)XF1

12.2(4)XF1

Yes

Dynamic Packet Transport (DPT)
       

PA-SRP-OC12SML—2-port OC-12c (STM4c) single-mode fiber, long reach DPT port adapter

Not applicable

12.2(4)XF1

12.2(4)XF1

 

PA-SRP-OC12SMI—2-port OC-12c (STM4c) single-mode fiber, intermediate reach DPT port adapter

Not applicable

12.2(4)XF1

12.2(4)XF1

 

PA-SRP-OC12SMX—2-port OC-12c (STM4c) single-mode fiber, extended reach DPT port adapter

Not applicable

12.2(4)XF1

12.2(4)XF1

 

PA-SRP-OC12MM—2-port OC-12c (STM4c) multimode fiber DPT port adapter

Not applicable

12.2(4)XF1

12.2(4)XF1

Yes

1 The Gigabit Ethernet port adapter must be combined with the appropriate optical fiber cable and a Gigabit Interface Converter (GBIC).

2 CES = circuit emulation services.

3 CBR = constant bit rate.


Determining Your Software Release

To determine the version of Cisco IOS software running on the Cisco uBR7200 series universal broadband router, log in to the router and enter the show version EXEC command:

Router> show version
Cisco Internetwork Operating System Software 
IOS (tm) 12.3 BC  Software (ubr7200-is-mz), Version 12.3(23)BC6, RELEASE SOFTWARE

Upgrading to a New Software Release

For general information about upgrading to a new software release, see Cisco IOS Upgrade Ordering Instructions located at: http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/957_pp.htm.

Feature Support

Cisco IOS software is packaged in feature sets that consist of software images that support specific platforms. The feature sets available for a specific platform depend on which Cisco IOS software images are included in a release. Each feature set contains a specific set of Cisco IOS features.


Caution Cisco IOS images with strong encryption (including, but not limited to 168-bit (3DES) data encryption feature sets) are subject to U.S. government export controls and have limited distribution. Strong encryption images to be installed outside the United States are likely to require an export license. Customer orders may be denied or subject to delay because of U.S. government regulations. When applicable, the purchaser/user must obtain local import and use authorizations for all encryption strengths. Please contact your sales representative or distributor for more information, or send an e-mail to export@cisco.com.

The feature set tables have been removed from the Cisco IOS Release 12.3 release notes to improve the usability of the release notes documentation. The feature-to-image mapping that was provided by the feature set tables is available through Cisco Feature Navigator.

Cisco Feature Navigator is a web-based tool that enables you to determine which Cisco IOS software images support a specific set of features and which features are supported in a specific Cisco IOS image. You can search by feature or by feature set (software image). Under the release section, you can compare Cisco IOS software releases side by side to display both the features unique to each software release and the features that the releases have in common.

To access Cisco Feature Navigator, you must have an account on Cisco.com. If you have forgotten or lost your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will verify that your e-mail address is registered with Cisco.com. If the check is successful, account details with a new random password will be e-mailed to you. Qualified users can establish an account on Cisco.com by following the directions found at this URL:

http://www.cisco.com/web/siteassets/account/index.html

Cisco Feature Navigator is updated regularly when major Cisco IOS software releases and technology releases occur. For the most current information, go to the Cisco Feature Navigator home page at the following URL:

http://www.cisco.com/go/fn

For frequently asked questions about Cisco Feature Navigator, see the FAQs at the following URL:

http://www.cisco.com/support/FeatureNav/FNFAQ.html

Determining Which Software Images (Feature Sets) Support a Specific Feature

To determine which software images (feature sets) in Cisco IOS Release 12.3 support a specific feature, go to the Cisco Feature Navigator home page, enter your Cisco.com login, and perform the following steps:


Step 1 From the Cisco Feature Navigator home page, click Feature.

Step 2 To find a feature, use either "Search by full or partial feature name" or "Browse features in alphabetical order." Either a list of features that match the search criteria or a list of features that begin with the number or letter selected from the ordered list will be displayed in the text box on the left side of the web page.

Step 3 Select a feature from the left text box, and click the Add button to add a feature to the Selected Features text box on the right side of the web page.


Note To learn more about a feature in the list, click the Description button below the left box.


Repeat this step to add additional features. A maximum of 20 features can be chosen for a single search.

Step 4 Click Continue when you are finished selecting features.

Step 5 From the Major Release drop-down menu, choose 12.3.

Step 6 From the Release drop-down menu, choose the appropriate maintenance release.

Step 7 From the Platform Family drop-down menu, select the appropriate hardware platform. The "Your selections are supported by the following:" table will list all the software images (feature sets) that support the feature(s) that you selected.


Determining Which Features Are Supported in a Specific Software Image (Feature Set)

To determine which features are supported in a specific software image (feature set) in Cisco IOS Release 12.3, go to the Cisco Feature Navigator home page, enter your Cisco.com login, and perform the following steps:


Step 1 From the Cisco Feature Navigator home page, click Compare/Release.

Step 2 In the "Find the features in a specific Cisco IOS release, using one of the following methods:" box, choose 12.3 from the Cisco IOS Major Release drop-down menu.

Step 3 Click Continue.

Step 4 From the Release drop-down menu, choose the appropriate maintenance release.

Step 5 From the Platform Family drop-down menu, choose the appropriate hardware platform.

Step 6 From the Feature Set drop-down menu, choose the appropriate feature set. The "Your selections are supported by the following:" table will list all the features that are supported by the feature set (software image) that you selected.

New and Changed Information

The following sections list the new hardware and software features supported by the Cisco uBR7200 series routers for Cisco IOS Release 12.3BC.


Tip For information on these features, see the Cisco uBR7200 Series Software Configuration Guide, the Cisco CMTS Feature Guide, and the Cisco Broadband Cable Command Reference Guide, as listed in the "Related Documentation" section.


New Hardware Features in Cisco IOS Release 12.3(23)BC10

There are no new hardware features in Cisco IOS Release 12.3(23)BC10.

New Software Features in Cisco IOS Release 12.3(23)BC10

There are no new software features in Cisco IOS Release 12.3(23)BC10.

New Hardware Features in Cisco IOS Release 12.3(23)BC9

There are no new hardware features supported in Cisco IOS Release 12.3(23)BC9.

New Software Features in Cisco IOS Release 12.3(23)BC9

There are no new software features supported in Cisco IOS Release 12.3(23)BC9.

Open Source Software Licenses for Cisco Universal Broadband Routers

Expat 1.1 is used in Cisco IOS Release 12.3(23)BC9, under the MPL 1.1 license. You can obtain the source code for Expat 1.1 at the following URL.

ftp://ftp-eng/pub/opensource/ios/xpat_1.1.tar

For information on Open Source Software License MPL 1.1, refer to the following URL:

http://www.cisco.com/en/US/docs/cable/cmts/license/cable_licensing.html

New Hardware Features in Cisco IOS Release 12.3(21a)BC9

There are no new hardware features supported in Cisco IOS Release 12.3(21a)BC9.

New Software Features in Cisco IOS Release 12.3(21a)BC9

There are no new softwarefeatures supported in Cisco IOS Release 12.3(21a)BC9.

New Hardware Features in Cisco IOS Release 12.3(21a)BC9

There are no new hardware features supported in Cisco IOS Release 12.3(21a)BC9.

New Software Features in Cisco IOS Release 12.3(21a)BC9

There are no new softwarefeatures supported in Cisco IOS Release 12.3(21a)BC9.

New Hardware Features in Cisco IOS Release 12.3(23)BC8

There are no new hardware features supported in Cisco IOS Release 12.3(23)BC8.

New Software Features in Cisco IOS Release 12.3(23)BC8

There are no new softwarefeatures supported in Cisco IOS Release 12.3(23)BC8.

New Hardware Features in Cisco IOS Release 12.3(23)BC7

There are no new hardware features supported in Cisco IOS Release 12.3(23)BC7.

New Software Features in Cisco IOS Release 12.3(23)BC7

The following software features are new in Cisco IOS Release 12.3(23)BC7.

Enhanced Show Tech

A new keyword, cmts, has been added to the show tech-support command to provide debugging information specific to a cable interface or a modem for the following universal broadband routers:

Cisco uBR10012 router

Cisco uBR7200 series

Cisco uBR7225VXR router

For details about this command, see the Cisco IOS CMTS Cable Command Reference at the following URL:

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_19_show_m_to_show_z.html

Cable Modem QoS Information

A new command, show cable modem service-flow, is introduced to provide information about all service flows associated with a particular modem.

For details about this command, see the Cisco IOS CMTS Cable Command Reference at the following URL:

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_16_show_cable_m_to_show_cable_u.html

Direct Load for Cable Modems

A new command, cable upstream equalization-error-recovery, is introduced to enable the CMTS to send Type-Length-Value (TLV) Type 9 in the DOCSIS RNG-RSP MAC management messages. The TLV Type 9 helps CMs come online if the TLV Type 4 convolved method causes CMs to go offline.

For details about this command, see the Cisco IOS CMTS Cable Command Reference at the following URL:

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_10_cable_u_to_cable_w.html

Three Step Dynamic Modulation

Cisco IOS Release 12.3(33)BC7 introduces Three Step Dynamic Modulation, which allows you to create and use a third modulation profile in the Dynamic Upstream Modulation feature, as against the existing 16-QAM and quadrature phase-shift keying (QPSK) modulation profiles. The feature now permits 64-QAM based modulation profile to increase the upstream throughput and to satisfy the demand for new spectrum management.

The 64-QAM modulation profile is a more bandwidth-efficient modulation scheme and has a higher throughput than the other two modulation profiles.

For more details on Three Step Dynamic Modulation and the Dynamic Upstream Modulation feature, refer to Spectrum Management and Advanced Spectrum Management for the Cisco CMTS guide at the following location: http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_spec.html

The Cisco IOS Release 12.3(23)BC7 introduces or modifies the following commands:

The cable upstream threshold hysteresis command was introduced to allow configurable hysteresis values for spectrum management channel upgrade thresholds.

The cable upstream modulation command was enhanced to accept up to three profiles, instead of the existing two.

The show cable hop history command was enhanced to display the modulation profile number when a change occurs.

New Hardware Features in Cisco IOS Release 12.3(23)BC6

There are no new hardware features supported in Cisco IOS Release 12.3(23)BC6.

New Software Features in Cisco IOS Release 12.3(23)BC6

There are no new software features supported in Cisco IOS Release 12.3(23)BC6.

New Hardware Features in Cisco IOS Release 12.3(23)BC5

There are no new hardware features supported in Cisco IOS Release 12.3(23)BC5.

New Software Features in Cisco IOS Release 12.3(23)BC5

The following command is modified in Cisco IOS Release 12.3(23)BC5:

show cable logging

The command output was modified to display the linecard's CPU revision number.

New Hardware Features in Cisco IOS Release 12.3(23)BC4

There are no new hardware features supported in Cisco IOS Release 12.3(23)BC4.

New Software Features in Cisco IOS Release 12.3(23)BC4

There are no new software features supported in Cisco IOS Release 12.3(23)BC4.

New Hardware Features in Cisco IOS Release 12.3(21a)BC8

There are no new hardware features supported in Cisco IOS Release 12.3(21a)BC8.

New Software Features in Cisco IOS Release 12.3(21a)BC8

There are no new software features supported in Cisco IOS Release 12.3(21a)BC8.

New Hardware Featues in Cisco IOS Release 12.3(23)BC3

There are no new hardware features supported in Cisco IOS Release 12.3(23)BC3.

New Software Features in Cisco IOS Release 12.3(23)BC3

There are no new software features supported in Cisco IOS Release 12.3(23)BC3.

New Hardware Features in Cisco IOS Release 12.3(23)BC2

There are no new hardware features supported in Cisco IOS Release 12.3(23)BC2.

New Software Features in Cisco IOS Release 12.3(23)BC2

The following software features are new in Cisco IOS Release 12.3(23)BC2.

Subscriber Traffic Management Version 1.2

The STM feature enables service providers to identify and control subscribers who exceed the maximum bandwidth allowed under their registered quality of service (QoS) profiles. STM works as a low CPU alternative to Network-Based Application Recognition (NBAR) and access control lists (ACLs), however, using STM does not mean that NBAR and ACLs have to be turned off; STM can be applied along with NBAR and ACLs. STM also works in conjunction with the Cisco Broadband Troubleshooter to support additional network management and troubleshooting functions in the Cisco CMTS.

The STM Version 1.2 feature is enhanced in Cisco IOS Release 12.3(23)BC2 with the following support on the Cisco uBR7246VXR and Cisco uBR10012 Universal Broadband Routers:

Support was added for the Cisco Wideband SPA (Cisco uBR10012 router only).

Support for suspension of the cable modem (CM) penalty period at a certain time of day.

Support for weekday and weekend traffic monitoring.

Support of up to 40 total enforce rules.

Support for service providers to change subscriber service classes for a particular modem using the cable modem service-class-name command.

Addition of the following SNMP objects to the CISCO-CABLE-QOS-MONITOR-MIB:

ccqmCmtsEnfRulePenaltyEndTime

ccqmCmtsEnfRuleWkndOff

ccqmCmtsEnfRuleWkndMonDuration

ccqmCmtsEnfRuleWkndAvgRate

ccqmCmtsEnfRuleWkndSampleRate

ccqmCmtsEnfRuleWkndFirstPeakTime

ccqmCmtsEnfRuleWkndFirstDuration

ccqmCmtsEnfRuleWkndFirstAvgRate

ccqmCmtsEnfRuleWkndSecondPeakTime

ccqmCmtsEnfRuleWkndSecondDuration

ccqmCmtsEnfRuleWkndSecondAvgRate

ccqmCmtsEnfRuleWkndOffPeakDuration

ccqmCmtsEnfRuleWkndOffPeakAvgRate

ccqmCmtsEnfRuleWkndAutoEnforce

The following commands are new or modified:

cable modem service-class-name

penalty-period

show cable qos enforce-rule verbose

weekend duration

weekend off

weekend peak-time1

For detailed information about this feature, see the Subscriber Traffic Management on the Cisco CMTS Routers document at:

http://www.cisco.com/en/US/docs/ios/cable/configuration/guide/cmts_sbsbr_tfmgt.html

Upstream Utilization Optimization

The Upstream (US) Utilization Optimization feature on the Cisco Cable Modem Termination System (CMTS) routers provides higher upstream throughput. It provides the following benefits and functions on a Cisco CMTS router:

Group configuration mode enables rate-adapt eligibility on all cable modem upstream flows.

Local configuration mode enables rate-adapt eligibility on a specific upstream, provides configuration of selective parameters, and provides that local configuration overrides any global configuration.

The following commands are new or modified:

cable upstream rate-adapt (global)

cable upstream rate-adapt (interface)

show cable rate-adapt

show interface cable sid

show interface cable upstream

For detailed information about this feature, see the Upstream Utilization Optimization on the Cisco CMTS Routers document at:

http://www.cisco.com/en/US/docs/ios/cable/configuration/guide/cmts_upstream_rate_adapt.html

New Hardware Features in Cisco IOS Release 12.3(21a)BC7

There are no new hardware features supported in Cisco IOS Release 12.3(21a)BC7.

New Software Features in Cisco IOS Release 12.3(21a)BC7

There are no new software feature supported in Cisco IOS Release 12.3(21a)BC7.

New Hardware Features in Cisco IOS Release 12.3(23)BC1

There are no new hardware features supported in Cisco IOS Release 12.3(23)BC1.

New Software Features in Cisco IOS Release 12.3(23)BC1

The following software feature is new in Cisco IOS Release 12.3(23)BC1.

PacketCable Subscriber ID Support

Subscriber ID is added to all Gate Control messages and enhances error codes returned from the Cable Modem Termination System (CMTS).

Previously, the Gate ID was unique only to individual CMTS systems, with the CMTS proxying all CMS (Call Management Server) Gate control messaging through a central device which manages the CMTS connections on the behalf of the CMS. The CMS had a single Common Open Policy Service (COPS) association to the proxy device. Therefore, the Gate IDs could be duplicated when using multiple CMTS systems.

The new PacketCable Subscriber ID feature adds a Subscriber ID to each Gate Control message to disambiguate the Gate IDs between the CMS and proxy device. The Subscriber ID parameter is added to the following COPS messages:

GATE-INFO

GATE-DELETE

GATE-OPEN

GATE-CLOSE

The Subscriber ID is available at the CMS and is used in the Gate-Set messages. Additionally, the error codes returned from CMTS or its proxy are enhanced to include more specific information about gate operation failures.

To enable this feature, a new command is introduced: packetcable gate send-subscriberID used in global configuration mode. For more information, see the Cisco IOS CMTS Cable Command Reference Guide.

New Hardware Features in Cisco IOS Release 12.3(21a)BC6

There are no new hardware features supported in Cisco IOS Release 12.3(21a)BC6.

New Software Features in Cisco IOS Release 12.3(21a)BC6

There are no new software features supported in Cisco IOS Release 12.3(21a)BC6.

New Hardware Features in Cisco IOS Release 12.3(21a)BC5

There are no new hardware features supported in Cisco IOS Release 12.3(21a)BC5.

New Software Features in Cisco IOS Release 12.3(21a)BC5

There are no new software features supported in Cisco IOS Release 12.3(21a)BC5.

New Hardware Features in Cisco IOS Release 12.3(23)BC

The following software features are new in Cisco IOS Release 12.3(21)BC:

DOCSIS Timing & Control Card (DTCC)

On the Cisco uBR10012 universal broadband router, the DOCSIS Timing & Control Card (DTCC) acts as a secondary processor that performs the following functions:

In the default DTI mode, a 10.24 MHz clock and 32-bit DOCSIS timestamp are generated by the DTI Server, propagated to DTI client using DTI protocol, and distributed by DTI client to each cable interface line card.

Allows software to independently power off any or all cable interface line cards.

Drives the LCD panel used to display system configuration and status information.

Monitors the supply power usage of the chassis.

Two RJ-45 cables with the DTI server, which, in turn, can generate the clock using its own oscillator or external timing reference inputs such as GPS or network clock.

When two DTCC cards are installed, they are configured as active (primary) and backup (redundant). If the DTCC card in the first slot is working at system power-up, it automatically becomes the active card and the DTCC card in the second slot becomes the backup card. The DTCC cards monitor each other's priority information, so that if the active card fails, the active card role is transferred to the redundant backup card without loss of data.

Each DTCC card contains two RJ-45 connectors labeled Primary and Secondary, on the front panel. See Xref_Colorparanum[FC_FigureCap,FCW_FigureCapW]on page *. These connectors are for a primary and secondary (redundant) Stratum 3 external clock reference source that is traceable to a Stratum 1 clock source. The external reference source allows the Cisco uBR10012 router's reference clock to be synchronized to the Stratum 1 clock source, providing a free-running DOCSIS-quality clock reference and time stamp to the cable interface line cards.

If present, the primary DTI link is used. If it is lost, the secondary DTI link (if present) on the active DTCC card is used. If the active DTCC card stops functioning, control is transferred to the backup DTCC card, which then uses its primary and secondary clock reference sources. If neither card has a valid clock reference source, In DTI mode, all M-CMTS elements should have common timing source. The internal clock of DTI client cannot be used to provide DOCSIS clock and timestamp. High availability strategies (active/backup card, active/backup ports) should be used to prevent loss of common timing source.

New Software Features in Cisco IOS Release 12.3(23)BC

There are no new software features supported in Cisco IOS Release 12.3(23)BC.

New Hardware Features in Cisco IOS Release 12.3(21a)BC4

There are no new hardware features supported in Cisco IOS Release 12.3(21a)BC4.

New Software Features in Cisco IOS Release 12.3(21a)BC3

There are no new software features supported in Cisco IOS Release 12.3(21a)BC4.

New Hardware Features in Cisco IOS Release 12.3(21a)BC3

There are no new hardware features supported in Cisco IOS Release 12.3(21a)BC3.

New Software Features in Cisco IOS Release 12.3(21a)BC3

The following software features are new in Cisco IOS Release 12.3(21a)BC3:

Control Point Discovery (CPD)

The Control Point Discovery (CPD) can be used to discover the IP address of a control point between the requestor and a media endpoint. It can be used by CMS (call management server), DF (delivery function for CALEA), or PS (policy server for Packetcable multimedia) to discover the IP address of the CMTS connected to the media endpoint. The CMTS needs to interpret and respond to the CPD messages.

New Hardware Features in Cisco IOS Release 12.3(21a)BC2

There are no new hardware features supported in Cisco IOS Release 12.3(21a)BC2.

New Software Features in Cisco IOS Release 12.3(21a)BC2

There are no new software features supported in Cisco IOS Release 12.3(21a)BC2.

New Hardware Features in Cisco IOS Release 12.3(21a)BC1

There are no new hardware features supported in Cisco IOS Release 12.3(21a)BC1.

New Software Features in Cisco IOS Release 12.3(21a)BC1

There are no new software features supported in Cisco IOS Release 12.3(21a)BC1.

New Hardware Features in Cisco IOS Release 12.3(21)BC

There are no new hardware features supported in Cisco IOS Release 12.3(21)BC.

New Software Features in Cisco IOS Release 12.3(21)BC

The following software features are new in Cisco IOS Release 12.3(21)BC:

Automatic Virtual Interface Bundles

All cable bundles are now automatically converted and configured to be in a virtual bundle, and standalone cable interfaces must be manually configured to be in a virtual bundle to operate properly.

Previously, new virtual interface bundles and bundle members required reconfiguration, and there could also be standalone interfaces not part of a bundle at all.

The following guidelines describe the automatic virtual interface bundling:

The former rules for bundle master are applicable to the new virtual bundle interface.

The former rules for bundle slaves are applicable to the new virtual bundle members.

All cable bundles are automatically converted and configured to be in a virtual bundle after loading the software image.

The virtual bundle interface accumulates the counters from members; counters on member links are not cleared when they are added to the bundle. If a bundle-only counter is desired, clear the bundle counter on the members before loading the image.

A maximum of 40 virtual interface bundles are supported, with the numeric range from 1 to 255.

The virtual bundle interface remains configured unless specifically deleted, even if all members in the bundle are deleted.

This feature supports subinterfaces on the virtual bundle interface.

Bundle-aware configurations are supported on the virtual bundle interface.

Bundle-unaware configurations are supported on each bundle member.

If the bundle interface existed in earlier Cisco IOS releases, the earlier cable configurations re-appear after upgrade.

For more information, see the "Cable Interface Bundling and Virtual Interface Bundling for the Cisco CMTS" chapter in the Cisco CMTS Feature Guide.

Cable DHCP Enhancements

When using an external DHCP server, the Cisco CMTS supports a number of options that can enhance operation of the cable network in certain applications.

Dynamic Cable Helper Address Selection

The cable helper-address command has been expanded to further specify where to forward DHCP packets based on origin: from a cable modem, MTA, STB, or other cable devices:

cable helper-address address [ cable-modem | host | mta | stb ]

This enables load-balancing of DHCP requests from cable modems and CPE devices by specifying different DHCP servers according to the cable interface or subinterface. You can also specify separate servers for cable modems and CPE devices.

When the mta or stb option is used, you must also use the cable dhcp-parse option-optnum command to parse the DHCP options.

If you specify only one option, the other types of devices (cable modem, host, mta, or stb) will not be able to connect with a DHCP server. You must specify each desired option in a separate command.

You may specify more than one helper address on each cable interface by repeating the command. You can specify more than 16 helper addresses, but the Cisco IOS software uses only the first 16 valid addresses.

If you do not specify an option, the helper-address will support all cable devices, and the associated DHCP server will accept DHCP packets from all cable device classes.

Cable Node Location Reporting

The DHCP Relay Agent can now be used to identify cloned modems or gather geographical information for E911 and other applications. Using the cable dhcp-insert command, users configure the CMTS to insert downstream, upstream, or hostname descriptors into DHCP packets:

cable dhcp-insert {downstream-description | hostname | upstream-description}

A DHCP server can then utilize such information to detect cloned modems or extract geographical information. Multiple types of strings can be configured as long as the maximum relay information option size is not exceeded.

Multiple types of descriptor strings can be configured as long as the maximum relay information option size is not exceeded.

show cable modem docsis device-class

The show cable modem docsis device-class command is now supported.

For more information on these enhancements and related commands, see theCisco Broadband Cable Command Reference Guide and the "DHCP, ToD, and TFTP Services for the Cisco Cable Modem Termination System" chapter in the Cisco CMTS Feature Guide.

Cable Duplicate MAC Address Reject

Cisco IOS Release 12.3(21)BC introduces a DOCSIS 1.1-compliant and above security enhancement that helps to eliminate denial-of-service (DOS) attacks that are caused by cloned cable modems. A clone is presumed to be one of two physical cable modems on the same Cisco CMTS chassis with the same HFC interface MAC address. The cloned cable modem may be DOCSIS 1.0 or greater, and may be semi-compliant or non-compliant with portions of the DOCSIS specifications.

This feature is enabled by default on the Cisco CMTS, and has no associated command-line interface (CLI) configuration commands. This feature creates a new log message. By default, this message appears in the syslog, but may be moved into the cable layer2 event log using the configuration command cable logging layer2events.

For additional information about this feature, its causes, and the introduction of the new cable privacy bpi-plus-enforce command, which enforces DOCSIS 1.1 BPI+ on the cable network, refer to the following documents on Cisco.com and the Internet:

Cable Duplicate MAC Address Reject for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/cmtsfg.html

Cisco Broadband Cable Command Reference Guide

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_book.html

PacketCable Client Accept Timeout

Cisco IOS Release 12.3(21)BC introduces support for setting timeout values for COPS Telnet connections on the Cisco CMTS, and for clearing COPS telnet sessions.

Network or Cisco CMTS telnet errors can cause incomplete COPS sessions to be created. This new timeout timer enables the clearing and cleaning of allocated resources for the stale COPS Telnet sessions on the Cisco CMTS. This feature supports COPS for PacketCable on the Cisco CMTS.

If the Connection between a PacketCable CMS and the Cisco CMTS is not completely established, and the PacketCable CMS does not correctly terminate the session by sending a TCP FIN message, the connection otherwise shows a COPS server in the output of the show cops server command.

The timeout timer applies to each COPS Telnet connection on the Cisco CMTS, and expiration of this timeout setting triggers the termination of the Telnet session and clears supporting resources on the Cisco CMTS.

To set the timeout timer for Telnet COPS sessions on the Cisco CMTS, use the following command in global configuration mode. To remove this timeout timer, use the no form of this command.

packetcable timer client-accept seconds

no packetcable timer client-accept seconds

Syntax Description

seconds

The timeout value in seconds, beyond which the Telnet COPS session is terminated, and associated resources on the Cisco CMTS are cleared.

Range from 300 seconds (five minutes) to 1800 seconds (30 minutes).


To clear all COPS Telnet sessions and associated resources on the Cisco CMTS, use the following command in global configuration mode:

clear cops connection

For additional information, refer to the following documents on Cisco.com:

PacketCable and PacketCable MultiMedia for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_pkcb.html.

COPS Engine Operation on the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_cops.html

Cisco Broadband Cable Command Reference Guide

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_book.html

Per Downstream Static Multicast

The IOS IGMP Static-Group feature was first introduced back in Release 11.2, while the Source Specific Multicast (SSM) extension was added in Release 12.0(6)T. This allows network administrators to configure the router to be a statically connected member of the specified group on the interface. All multicast traffic destined to that particular group will be forwarded out on that configured interface.

Beginning in Cisco IOS Release 12.3(21)B, the Cisco uBR10012 universal broadband router supports the Per Downstream Static Multicast feature. This feature provides several multicast enhancements and makes it possible to control the replication of static IP multicast streams within a cable bundle using the cable igmp static-group command on the physical cable downstream interface.

For additional information, refer to the following documents on Cisco.com:

Advanced-mode DOCSIS Set-Top Gateway 1.1 for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/ubradsg.html

SAMIS Source Address Management

Cisco IOS Release 12.3(21)BC introduces Subscriber Account Management Interface Specification (SAMIS) enhancements which will provide the ability to set the source of the usage based billing packets originated by the router using the cable metering command. This enables the ip address to be set as the source of the loopback interface, similar to what is done for telnet or ftp (ip ftp source-interfacelo0).

For additional information about Subscriber Account Management Interface Specification (SAMIS), refer to the following document on Cisco.com:

http://www.cisco.com/en/US/docs/cable/cmts/feature/ubrsamis.html

Service Flow Admission Control

Cisco IOS Release 12.3(21)BC introduces Service Flow Admission Control (SFAC) on the Cisco Cable Modem Termination System.

SFAC on the Cisco CMTS is a mechanism that gracefully manages service flow admission requests when one or more resources are not available to process and support the incoming service request. Lack of such a mechanism not only causes the new request to fail with unexpected behavior but could potentially cause the flows that are in progress to have quality related problems. SFAC monitors such resources constantly, and accepts or denies requests depending on the resource availability.

SFAC enables you to provide a reasonable guarantee about the Quality of Service (QoS) to subscribers at the time of call admission, and to enable graceful degradation of services when resource consumption approaches critical levels. SFAC reduces the impact of unpredictable traffic demands in circumstances that would otherwise produce degraded QoS for subscribers.

SFAC uses two event types for resource monitoring and management—cable modem registration and dynamic service (voice call) requests. When either of these two events occurs on the Cisco CMTS, SFAC verifies that the associated resources conform to the configured limits prior to admitting and supporting the service call request.

SFAC is not a mechanism to apply QOS to the traffic flows. Scheduling and queuing are some of the mechanisms used for implementing the QOS. The QOS is applied on per packet basis. SFAC checks are performed before the flow is admitted.

SFAC in Cisco IOS Release 12.3(21)BC monitors the following resources on the Cisco CMTS.

CPU utilization—SFAC monitors CPU utilization on the Cisco CMTS, and preserves QoS for existing service flows when new traffic would otherwise compromise CPU resources on the Cisco CMTS.

Memory resource utilization (I/O, Processor, and combined total)—SFAC monitors one or both memory resources and their consumption, and preserves QoS in the same way as with CPU utilization.

Bandwidth utilization for upstream and downstream—SFAC monitors upstream and downstream bandwidth utilization, and associated service classes, whether for data or dynamic service traffic.

For complete configuration and operation information, refer to the following documents on Cisco.com:

Service Flow Admission Control for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_sfac.html

Cisco CMTS MIB Specifications Guide

http://www.cisco.com/en/US/products/hw/cable/ps2217/prod_technical_reference_list.html

New Hardware Features in Cisco IOS Release 12.3(17b)BC9

There are no new hardware features supported in Cisco IOS Release 12.3(17b)BC9.

New Software Features in Cisco IOS Release 12.3(17b)BC9

There are no new software features supported in Cisco IOS Release 12.3(17b)BC9.

New Hardware Features in Cisco IOS Release 12.3(17b)BC8

There are no new hardware features supported in Cisco IOS Release 12.3(17b)BC8.

New Software Features in Cisco IOS Release 12.3(17b)BC8

There are no new software features supported in Cisco IOS Release 12.3(17b)BC8.

New Hardware Features in Cisco IOS Release 12.3(17b)BC7

There are no new hardware features supported in Cisco IOS Release 12.3(17b)BC7.

New Software Features in Cisco IOS Release 12.3(17b)BC7

There are no new software features supported in Cisco IOS Release 12.3(17b)BC7.

New Hardware Features in Cisco IOS Release 12.3(17b)BC6

There are no new hardware features supported in Cisco IOS Release 12.3(17b)BC6.

New Software Features in Cisco IOS Release 12.3(17b)BC6

There are no new software features supported in Cisco IOS Release 12.3(17b)BC6.

New Hardware Features in Cisco IOS Release 12.3(17b)BC5

There are no new hardware features supported in Cisco IOS Release 12.3(17b)BC5.

New Software Features in Cisco IOS Release 12.3(17b)BC5

There are no new software features supported in Cisco IOS Release 12.3(17b)BC5.

New Hardware Features in Cisco IOS Release 12.3(17b)BC4

There are no new hardware features supported in Cisco IOS Release 12.3(17b)BC4.

New Software Features in Cisco IOS Release 12.3(17b)BC4

Cisco IOS Release 12.3(17b)BC4 introduces the following new features or enhancements:

Downstream Load Balancing Distribution with Upstream Load Balancing

Cisco IOS Release 12.3(17b)BC4 introduces further enhancements to downstream load balancing, resulting in equalized upstream load balancing group members. This enhancement synchronizes the pending statistic between different cable interface line cards in the load balancing group.

This enhancement performs downstream load balancing that accounts for loads on upstream channels in the same upstream load balancing group, rather than on the basis of the entire downstream channel load. Prior Cisco IOS releases may not have distributed cable modems evenly over individual upstream channels, nor in a way that accounted for downstream and upstream segment loads that account for one another.

This enhancement applies when downstream load balancing occurs on a headend system with separate upstream load balancing segments; the upstream segments are spread over multiple downstreams segments. This enhancement provides an alternative downstream load balancing scheme that accounts and makes use of per-upstream loads rather than total downstream loads.

For additional information about Load Balancing on the Cisco CMTS, refer to the following documents on Cisco.com:

Load Balancing and Dynamic Channel Change on the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/troubleshooting_batch9/cmtslbg.html.

Cisco Broadband Cable Command Reference Guide

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_book.html

New Hardware Features in Cisco IOS Release 12.3(17b)BC3

There are no new hardware features supported in Cisco IOS Release 12.3(17b)BC3.

New Software Features in Cisco IOS Release 12.3(17b)BC3

There are no new software features supported in Cisco IOS Release 12.3(17b)BC3.

New Hardware Features in Cisco IOS Release 12.3(17a)BC2

There are no new hardware features supported in Cisco IOS Release 12.3(17a)BC2.

New Software Features in Cisco IOS Release 12.3(17a)BC2

Cisco IOS Release 12.3(17a)BC2 introduces the following new features or enhancements:

Advanced-Mode DOCSIS Set-Top Gateway Issue 1.2

Cisco IOS Release 12.3(17a)BC2 introduces certified support for DOCSIS Set-Top Gateway (DSG) Issue 1.2. Advanced-mode DSG Issue 1.2 introduces support for the latest DOCSIS Set-Top specification from CableLabs™:

DOCSIS Set-top Gateway (DSG) Interface Specification

Advanced-mode DSG 1.2 is certified by CableLabs™, and is a powerful tool in support of latest industry innovations. Advanced-mode DSG 1.2 offers substantial support for enhanced DOCSIS implementation in the Broadband Cable environment. The set-top box dynamically learns the overall environment from the Cisco Cable Modem Termination System (CMTS), to include MAC address, traffic management rules, and classifiers. DSG 1.2 supports the DOCS-DSG-IF-MIB as one component of this functionality:

For additional information about this feature, refer to the following document on Cisco.com:

Advanced-mode DOCSIS Set-Top Gateway 1.2 for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/ubrdsg12.html.

For additional information about the DOCS-DSG-IF-MIB, feature, refer to the following document on Cisco.com:

Cisco CMTS Universal Broadband Router MIB Specifications Guide, Rel 12.3(17a)BC2

http://www.cisco.com/en/US/products/hw/cable/ps2217/prod_technical_reference_list.html

DOCSIS1.0 ToS Overwrite

Currently, type-of-service (ToS) overwrite requires the creation of static cable quality if service (QoS) profiles, which are then assigned to the ToS fields. This implementation works well if only a few different service types are offered. However, scalability issues arise when large numbers of service types are presented; each requiring a static QoS profile in order to perform ToS overwrite.

The Default DOCSIS 1.0 ToS Overwrite feature eliminates the need to create multiple QoS profiles in order to perform ToS overwrite by automatically bounding all DOCSIS 1.0 Cable Modem (CM) created profiles to a default ToS overwrite.

New Hardware Features in Cisco IOS Release 12.3(17a)BC1

There are no new hardware features supported in Cisco IOS Release 12.3(17a)BC1:

New Software Features in Cisco IOS Release 12.3(17a)BC1

There are no new software features supported in Cisco IOS Release 12.3(17a)BC1.

New Hardware Features in Cisco IOS Release 12.3(17a)BC

There are no new hardware features supported in Cisco IOS Release 12.3(17a)BC.

New Software Features in Cisco OS Release 12.3(17a)BC

The Cisco IOS Release 12.3(17a)BC is the third major feature release in the Cisco 12.3 BC release train. This release introduces the following new features or enhancements:

Cable Monitor Enhancements

Configurable Leasequery Server

Dynamic Channel Change (DCC) for Load Balancing

DOCSIS 2.0 SAMIS ECR Data Set

DSX Messages and Synchronized PHS Information

High Availability Support for Encrypted IP Multicast

IPv6 over L2VPN

Management Information Base (MIB) Changes and Enhancements

Pre-equalization Control for Cable Modems

show cable modem Command Changes

Cable Monitor Enhancements

Cisco IOS Release 12.3(17a)BC introduces the following enhancements to the cable monitor feature:

Access Control Lists are now supported on the Cisco uBR-MC5X20U/D and Cisco uBR-MC28U cable interface line cards

Unconditional downstream sniffing now enables downstream packets to be monitored, either for MAC or data packets. This enhancement supports both DOCSIS and Ethernet packet encapsulation.

For additional information about this enhancements to the cable monitor feature, refer to the following documents on Cisco.com:

Cable Monitor and Intercept Features on the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_cmon.html.

Configurable Leasequery Server

Previously, lease query requests could only be sent to the Dynamic Host Configuration Protocol (DHCP) server. Beginning with Cisco IOS Release 12.3(17a)BC, an alternate server may be configured to receive the requests.

There are a few restrictions:

Lease queries are sent to the DHCP server unless an alternate server is configured.

Only one alternate server may be configured.

Users are responsible for the synchronization of the DHCP server and configured alternate server.

If the configured alternate server fails, lease query requests will not be diverted back to the DHCP server.

Regardless of which server is configured (DHCP or alternate), unknown IP addresses that are found in packets for customer premises equipment (CPE) devices that use the cable modems on the cable interface are verified. The DHCP server or configured alternate server returns a DHCP ACK message with the MAC address of the CPE device that has been assigned this IP address, if any.

To configure the Cisco CMTS router to send DHCP LEASEQUERY requests to an alternate server, use the cable source-verify dhcp server ipaddress and no cable arp commands. (To configure the DHCP server instead, use the cable source-verify dhcp and no cable arp commands.)

For additional information about this feature, refer to the following documents on Cisco.com:

Filtering Cable DHCP Lease Queries on Cisco CMTS Routers

http://www.cisco.com/en/US/docs/cable/cmts/feature/cblsrcvy.html.

Dynamic Channel Change (DCC) for Load Balancing

Cisco IOS Release 12.3(17a)BC introduces Dynamic Channel Change (DCC) and DCC for Load Balancing on the Cisco CMTS.

DCC in DOCSIS 1.1 dynamically changes cable modem upstream or downstream channels without forcing a cable modem to go offline, and without re-registration after the change. DCC supports four different initializations, instead of one, as in earlier DOCSIS support.

DCC and DCC for load balancing is supported on the Cisco uBR7246VXR router with distributed cable interface line cards, including the Cisco MC28U and the Cisco MC5X20S/U/H.

Load Balancing techniques allow for moving cable modems with DCC by using configurable initialization techniques.

DCC allows line card channel changes across separate downstream channels in the same cable interface line card, with the DCC initialization techniques ranging from 0 to 4.

DCC transfers cable modem state information from the originating downstream channel to the target downstream channel, and maintains synchronization of the cable modem information between the cable interface line card and the Network Processing Engine (NPE) or Route Processor (RP).

When the target channel is in ATDMA mode, only DOCSIS 2.0-capable modems can be successfully load balanced. (Only DOCSIS 2.0-capable modems can operate on an ATDMA-only upstream channel.) Cisco recommends identical channel configurations in a load balancing group.

Dynamic Channel Change for Load Balancing entails the following new or enhanced commands in Cisco IOS Release 12.3(17a)BC, and later releases:

Global Configuration Commands

cable load-balance group group-num dcc-init-technique <0-4>

cable load-balance group group-num policy { pcmm | ugs }

cable load-balance group group-num threshold {load | pcmm | stability | ugs} <1-100>

cable load-balance group group-num threshold load <1-100> {minimum}

cable load-balance group group-num threshold load <1-100> {enforce}

Testing Command

test cable dcc mac-addr {slot/port | slot/subslot/port} target-us-channel-id ranging-technique

For configuration, command reference, testing, and examples for DCC on the Cisco CMTS, refer to the following documents on Cisco.com:

Load Balancing and Dynamic Channel Change (DCC) on the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/troubleshooting_batch9/cmtslbg.html.

Cisco Broadband Cable Command Reference Guide

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_book.html

DOCSIS 2.0 SAMIS ECR Data Set

The Usage-Based Billing feature for the Cisco Cable Modem Termination System (CMTS) provides subscriber account and billing information in the Subscriber Account Management Interface Specification (SAMIS) format. The SAMIS format is specified by the Data-over-Cable Service Interface Specifications (DOCSIS) Operations Support System Interface (OSSI) specification.

Cisco IOS Release 12.3(17a)BC provides enhancements to the OSSI specifications, and billing reports (billing record format), added support to the CISCO-CABLE-METERING-MIB, which contains objects that provide subscriber account and billing information in the SAMIS format, added support for DCC and DCC for Load balancing and Downstream LLQ.

For additional information, refer to the following document on Cisco.com:

Usage-Based Billing for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/ubrsamis.html.

DSX Messages and Synchronized PHS Information

Cisco IOS Release 12.3(17a)BC introduces support for payload header suppression (PHS) rules in a High Availability environment. In this release, and later releases, PHS rules synchronize and are supported during a switchover event of these types:

Route Processor Redundancy Plus (RPR+), with Active and Standby Performance Routing Engines (PREs) on Cisco uBR10012 universal broadband routers.

Hot Standby Connection-to-Connection Protocol (HCCP) N+1 Redundancy, with Working and Protect cable interface line cards

For additional information about these enhancements, and related High Availability features, refer to the following documents on Cisco.com:

N+1 Redundancy for the Cisco Cable Modem Termination System

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/uFGnpls1.html.

High Availability Support for Encrypted IP Multicast

Cisco IOS Release 12.3(17a)BC introduces support for IP Multicast streams during switchover events in a High Availability environment. This feature is supported for Route Processor Redundancy Plus (RPR+), N+1 Redundancy, and encrypted Baseline Privacy Interface Plus (BPI+) streams.

For additional information about IP Multicast and High Availability, refer to these documents on Cisco.com:

Cisco CMTS Universal Broadband Router MIB Specifications Guide

http://www.cisco.com/en/US/products/hw/cable/ps2217/prod_technical_reference_list.html

Dynamic Shared Secret for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/ubrdmic.html.

IP Multicast in Cable Networks, White Paper

http://www.cisco.com/en/US/tech/tk828/technologies_case_study0900aecd802e2ce2.shtml

N+1 Redundancy for the Cisco Cable Modem Termination System

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/uFGnpls1.html.

IPv6 over L2VPN

Beginning with Cisco IOS Release 12.3(17a)BC, the Cisco uBR7246VXR router now supports IPv6 using Layer 2 VPNs based on SID to 802.1q mapping. The Cisco uBR7246VXR router already supported Transparent LAN service with Layer 2 VPNs in Cisco IOS Release 12.3(13a)BC and later releases. As more Internet users switch to IPv6, the Cisco IPv6 protocol support helps enable the transition. IPv6 fixes a number of limitations in IPv4, such as limited numbers of available IPv4 addresses in addition to improved routing and network autoconfiguration. This feature allows customers to introduce IPv6 into their network with minimal operational impact.

For additional information about this feature, refer to the following documents on Cisco.com:

IPv6 Documentation: overview, technology, design and configuration information

http://www.cisco.com/en/US/tech/tk872/tsd_technology_support_protocol_home.html

Management Information Base (MIB) Changes and Enhancements

MIB enhancements in Cisco IOS Release 12.3(17a)BC provide enhanced management features that enable the Cisco uBR 7246VXR router to be managed through the Simple Network Management Protocol (SNMP). These enhanced management features allow you to:

Use SNMP set and get requests to access information in Cisco CMTS universal broadband routers.

Reduce the amount of time and system resources required to perform functions like inventory management.

A standards-based technology (SNMP) for monitoring faults and performance on the router.

Support for SNMP versions (SNMPv1, SNMPv2c, and SNMPv3).

Notification of faults, alarms, and conditions that can affect services.

For additional information about these MIB changes, refer to the following document on Cisco.com:

Cisco CMTS Universal Broadband Router MIB Specifications Guide

http://www.cisco.com/en/US/products/hw/cable/ps2217/prod_technical_reference_list.html.

Pre-equalization Control for Cable Modems

Cisco IOS Release 12.3(17a)BC introduces pre-equalization control for cable modems on a per-modem basis. This feature enhances support for pre-equalization control on an interface basis with the Organizational Unique Identifier (OUI), which is also supported.

When pre-equalization is enabled on an upstream interface, this feature allows you to disable pre-equalization adjustment selectively, for a specific cable modem or a group of cable modems. This feature prevents cable modems from flapping when processing pre-equalization requests sent from the Cisco CMTS.

Restrictions

This feature observes the following restrictions in Cisco IOS Release 12.3(17a)BC:

For pre-equalization to be supported on a per-modem basis, the cable modem must send verification of pre-equalization after it registers with the Cisco CMTS.

The option of excluding the OUI is a global configuration. For the cable modem on which OUI is excluded, the excluded OUI is disabled for all interfaces. This method uses a list of OUI values, recording which modems are sent and not sent pre-equalization.

To remove this exclusion, use the no cable pre-equa exclude {modem|oui} form.

cable pre-equalization exclude

To exclude a cable modem from pre-equalization during registration with the Cisco CMTS, use the cable pre-equalization exclude command in global configuration mode. Exclusion is supported for a specified cable modem, or for a specified OUI value for the entire interface. To remove exclusion for the specified cable modem or interface, use the no form of this command. Removing this configuration returns the cable modem or interface to normal pre-equalization processes during cable modem registration.

cable pre-equalization exclude {oui | modem} mac-addr

no cable pre-equalization exclude {oui | modem} mac-addr

Syntax Description

oui

Organizational Unique identifier for the interface specified. Using this keyword excludes the specified OUI during cable modem registration for the associated interface.

modem

Cable Modem identifier for the cable modem specified. Using this keyword excludes the cable modem.

mac-addr

Identifier for the OUI or cable modem to be excluded.


Command Default

Pre-equalization is enabled by default on the Cisco router, and for cable modems that have a valid and operational DOCSIS configuration file. When enabled, pre-equalization sends ranging messages for the respective cable modems. When disabled with the new exclude command, pre-equalization is excluded for the respective cable modems.

Command Modes

Global configuration mode

Command History

Release
Modification

12.3(17a)BC

This command was introduced to the Cisco uBR10012 router and the Cisco uBR7246VXR router.


Usage Guidelines

The pre-equalization exclusion feature should be configured for the running configuration of the Network Processing Engine (NPE), the Performance Routing Engine (PRE), and the line card console.

Examples

The following example configures pre-equalization to be excluded for the specified cable modem. Pre-equalization data is not sent for the corresponding cable modem:

Router(config)# cable pre-equalization exclude modem mac-addr

The following example configures pre-equalization to be excluded for the specified OUI value of the entire interface. Pre-equalization data is not sent for the corresponding OUI value of the entire interface:

Router(config)# cable pre-equalization exclude oui mac-addr

The following series of commands configures pre-equalization on the Cisco uBR7246VXR router with MC5X20U BPEs. On the PRE Console, configure the following commands.

Router# conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)# cable pre-equalization exclude oui 00.09.04
Router(config)# end
Router# show run
Router# show running-config | inc oui
cable pre-equalization exclude oui 00.09.04

On the line card console for the same Cisco uBR7246VXR router, verify the configuration with the following command:

Router# show running-config | inc oui
cable pre-equalization exclude oui 00.09.04
 
   

The following example removes pre-equalization exclusion for the specified OUI and interface. This results in the cable modem or OUI to return to normal pre-equalization functions. Ranging messages resume sending pre-equalization data.

Router(config)# no cable pre-equalization exclude { oui | modem } mac-addr

Removal of this feature can be verified with the following debug command:

debug cable interface cx/x/x mac-ad—Verifies the ranging message for all non-excl modems include pre-eq data, and for the excluded modems ranging messages do not include pre-eq data.

For additional information about this feature, refer to the following documents on Cisco.com:

Cisco Broadband Cable Command Reference Guide

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_book.html

show cable modem Command Changes

Cisco IOS Release 12.3(17a)BC introduces changes for two versions of the show cable modem command.

show cable modem mac summary

The information displayed with this command is revised. The DOCSIS 2.0 column in the quality of service (QoS) Provision Mode field has been removed, as this field is not applicable to QoS provisioning in DOCSIS 2.0.

Command Output in Cisco IOS Release 12.3(17a)BC and Later Releases

Router# show cable modem mac summary 
                            Cable Modem Summary
                            -------------------
                         Mac Version                 QoS Provision Mode
Interface       Total   DOC2.0  DOC1.1  DOC1.0   Reg/Online   DOC1.1  DOC1.0
Cable5/1/0/U0   10      0       2       8        10           0       10

Command Output in Cisco IOS Release 12.3(13a)BC and Earlier Releases

Router# show cable modem mac summary
                            Cable Modem Summary
                            -------------------
                         Mac Version                 QoS Provision Mode
Interface       Total   DOC2.0  DOC1.1  DOC1.0   Reg/Online   DOC2.0  DOC1.1  DOC1.0
Cable8/0/0/U0   8       0       5       3        5            0       5       0

show cable modem phy

The information displayed with this command is revised. The MicroReflec column (MicroReflections) has been removed, and the DOCSIS Prov (DOCSIS Provider) column has been added in its place. This new column contains DOCSIS version information.

Command Output in Cisco IOS Release 12.3(17a)BC and Later Releases

Router# show cable modem phy 
MAC Address    I/F         Sid  USPwr  USSNR  Timing  DSPwr  DSSNR  Mode  DOCSIS
                                (dBmV) (dB)   Offset  (dBmV) (dB)         Prov 
0003.e350.9a3f C5/1/0/U0   1    0.00   30.23  2811    0.00   -----  tdma  1.0
0050.734e.c1a1 C5/1/0/U0   2    0.00   30.47  2811    0.00   -----  tdma  1.0
0007.0e01.1749 C5/1/0/U0   3    0.00   30.65  2808    0.00   -----  tdma  1.0
0007.0e00.90dd C5/1/0/U0   4    0.00   30.66  2806    0.00   -----  tdma  1.0
0003.e350.9ad3 C5/1/0/U0   5    0.00   30.47  2810    0.00   -----  tdma  1.0
0003.e38f.f4e5 C5/1/0/U0   6    0.00   30.36  2813    0.00   -----  tdma  1.0
0003.e350.9b97 C5/1/0/U0   7    0.00   30.44  2812    0.00   -----  tdma  1.0
0003.e350.9bed C5/1/0/U0   8    0.00   30.16  2814    0.00   -----  tdma  1.0
0003.e308.455d C5/1/0/U0   9    0.00   30.79  2811    0.00   -----  tdma  1.0
0003.6bd6.bfaf C5/1/0/U0   10   0.00   30.40  2813    0.00   -----  tdma  1.0

Command Output in Cisco IOS Release 12.3(13a)BC and Earlier Releases

Router# show cable modem phy
MAC Address    I/F         Sid  USPwr  USSNR  Timing MicroReflec DSPwr  DSSNR  Mode
                                (dBmV)  (dB)   Offset (dBc)      (dBmV)   (dB)     
0008.0e06.7b14 C8/0/0/U0   1    0.00   30.36  1938   0            0.00  -----  tdma 
0050.f112.5977 C8/0/0/U0   2    0.00   30.36  1695   0            0.00  -----  tdma 
0090.837b.b0b9 C8/0/0/U0   3    0.00   30.64  1187   0            0.00  -----  tdma 
0007.0e03.6e99 C8/0/0/U0   5    0.00   30.36  2747   0            0.00  -----  tdma 
0007.0e04.5091 C8/0/0/U0   6    0.00   30.94  2746   0            0.00  -----  tdma 
0006.5314.81d9 C8/0/0/U0   7    0.00   30.36  2745   0            0.00  -----  tdma 
0003.6b1b.ee63 C8/0/0/U0   8    0.00   31.26  2745   0            0.00  -----  tdma 
0030.eb15.84e7 C8/0/0/U0   12   0.00   30.36  1157   0            0.00  -----  tdma 

For additional information about either of these commands, refer to the following document on Cisco.com

Cisco Broadband Cable Command Reference Guide

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_book.html

New Hardware Features in Cisco IOS Release 12.3(13a)BC6

There are no new hardware features supported in Cisco IOS Release 12.3(13a)BC6.

New Software Features in Cisco IOS Release 12.3(13a)BC6

There are no new software features supported in Cisco IOS Release 12.3(13a)BC6.

New Hardware Features in Cisco IOS Release 12.3(13a)BC5

There are no new hardware features supported in Cisco IOS Release 12.3(13a)BC5.

New Software Features in Cisco IOS Release 12.3(13a)BC5

There are no new software features supported in Cisco IOS Release 12.3(13a)BC5.

New Hardware Features in Cisco IOS Release 12.3(13a)BC4

There are no new hardware features supported in Cisco IOS Release 12.3(13a)BC4.

New Software Features in Cisco IOS Release 12.3(13a)BC4

There are no new software features supported in Cisco IOS Release 12.3(13a)BC4.

New Hardware Features in Cisco IOS Release 12.3(13a)BC3

There are no new hardware features supported in Cisco IOS Release 12.3(13a)BC3.

New Software Features in Cisco IOS Release 12.3(13a)BC3

There are no new software features supported in Cisco IOS Release 12.3(13a)BC3.

New Hardware Features in Cisco IOS Release 12.3(13a)BC2

There are no new hardware features supported in Cisco IOS Release 12.3(13a)BC2.

New Software Features in Cisco IOS Release 12.3(13a)BC2

There are no new software features supported in Cisco IOS Release 12.3(13a)BC2.

New Hardware Features in Cisco  IOS Release 12.3(13a)BC1

There are no new hardware features supported in Cisco IOS Release 12.3(13a)BC1.

New Software Features in Cisco IOS Release 12.3(13a)BC1

There are no new software features supported in Cisco IOS Release 12.3(13a)BC1.

New Hardware Features in Cisco IOS Release 12.3(13a)BC

There are no new hardware features supported in Cisco IOS Release 12.3(13a)BC.

New Software Features in Cisco IOS Release 12.3(13a)BC

The Cisco IOS Release 12.3(13a)BC is the second major feature release in the Cisco 12.3BC release train. This release introduces the following new features or enhancements on the Cisco uBR7200 series routers:

Access Control List Support for COPS Intercept

Admission Control for the Cisco CMTS

Advanced-Mode DOCSIS Set-Top Gateway Issue 1.1

COPS TCP Support for the Cisco Cable Modem Termination System

DOCSIS 1.0 Concatenation Override Featurette

Dynamic SID/VRF Mapping Support

Enhanced Rate Bandwidth Allocation (ERBA) Support for DOCSIS 1.0 Cable Modems

High Availability Features in Cisco IOS Release 12.3(13a)BC

Multicast QoS Support

MLPPP Support

Optional Upstream Scheduler Modes

PacketCable Multimedia

Service Independent Intercept (SII) Support on the Cisco uBR7200 Series

Transparent LAN Service and Layer 2 Virtual Private Networks

Virtual Interface Bundling on the Cisco uBR-MC28/U BPE

Access Control List Support for COPS Intercept

Cisco IOS Release 12.3(13a)BC introduces enhanced command-line interface for the Common Open Policy Service (COPS) feature.

To configure access control lists (ACLs) for inbound connections to all COPS listener applications on the Cisco CMTS, user the cops listeners access-list command in global configuration mode. To remove this setting from the Cisco CMTS, us the no form of this command.

cops listeners access-list {acl-num | acl-name}

no cops listeners access-list {acl-num | acl-name}

Syntax Description

acl-num

Alphanumeric identifier of up to 30 characters, beginning with a letter that identifies the ACL to apply to the current interface.

acl-name

Numeric identifier that identifies the access list to apply to the current interface. For standard access lists, the valid range is 1 to 99; for extended access lists, the valid range is 100 to 199.


Additional Information

For additional information, see the "Service Independent Intercept (SII) Support on the Cisco uBR7200 Series" section.

For additional information, refer to the following documents on Cisco.com:

COPS Engine Operation on the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_cops.html.

Configuring COPS for RSVP, Cisco IOS Versions 12.2 and 12.3

http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfcops_ps1835_TSD_Products_Configuration_Guide_Chapter.html.

Cable Monitor and Intercept Features for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_cmon.html.

PacketCable and PacketCable Multimedia on the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_pkcb.html.

Cisco PacketCable Primer White Paper

http://www.cisco.com/en/US/products/hw/cable/ps2217/products_white_paper09186a0080179138.shtml

Admission Control for the Cisco CMTS

Admission Control for the Cisco Cable Modem Termination System (CMTS) is a multifaceted feature that implements a Quality of Service (QoS) policy on the CMTS Headend. Admission Control establishes efficient resource and bandwidth utilization in a way that was not possible in prior Cisco IOS releases.

Admission Control monitors multiple system-level resources on the Cisco CMTS, and performs automatic resource allocation on a service-request basis. Admission Control maintains optimal system-level operation by preventing resource consumption that would otherwise degrade the performance for the entire Cisco CMTS. Furthermore, Admission Control can allocate upstream or downstream bandwidth resources to specific DOCSIS traffic types, and maintain such prioritization amidst very dynamic traffic conditions.

Admission Control uses two event types for resource monitoring and management—cable modem registration and dynamic service (voice call) requests. When either of these two events occurs on the Cisco CMTS, Admission Control verifies that the associated resources conform to the configured limits prior to admitting and supporting the service call request.

Admission Control is not a mechanism to apply QOS to the traffic flows. Scheduling and queuing are some of the mechanisms used for implementing the QOS. The QOS is applied on per packet basis. Admission Control checks are performed before the flow is committed.

Admission Control in Cisco IOS Release 12.3(13)BC monitors the following resources on the Cisco CMTS.

CPU utilization—Admission Control monitors CPU utilization on the Cisco CMTS, and preserves QoS for existing service flows when new traffic would otherwise compromise CPU resources on the Cisco CMTS.

Memory resource utilization (I/O, Processor, and combined total)—Admission Control monitors one or both memory resources and their consumption, and preserves QoS in the same way as CPU utilization.

Bandwidth utilization for upstream and downstream—Admission Control monitors upstream and downstream bandwidth utilization, and associated service classes, whether for data or dynamic service traffic.

Cisco IOS Release 12.3(13a)BC introduces new configuration, debug and show commands for Admission Control on the Cisco CMTS. For additional information, refer to the following document on Cisco.com:

Admission Control for the Cisco Cable Modem Termination System

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_adm.html.

Advanced-Mode DOCSIS Set-Top Gateway Issue 1.1

Cisco IOS Release 12.3(13a)BC introduces support for DOCSIS Set-Top Gateway (DSG) Issue 1.1 on the Cisco uBR7246VXR router. DOCSIS Set-Top Gateway (DSG) 1.1 introduces Advanced mode DSG functionality based on Cablelabs specification CM-SP-DSG-I03-041124.

DSG 1.1 introduces support for several DOCSIS 1.1 networks and their multiple service operators (MSOs):

Supports advanced mode capabilities such as DCD, Regionalization, Fragmentation, and Quality of Service (QoS).

Retains the essential nature of out of band (OOB) messaging, but moves it to a modern technology base, offering enhanced security for Multicast delivery of OOB messages dynamically to Set-top boxes.

Replaces single-vendor, low-density, special-purpose equipment on the network, with significantly increased subscriber bandwidth and traffic.

Consolidates cable modem and STB data traffic on a shared DOCSIS channel.

Increases high-speed data (HSD) services to cable TV subscribers over the DOCSIS 1.1 infrastructure,

Extends support for DOCSIS 1.1 digital video broadcast traffic.

Enables shared or dedicated support for either HSD or video traffic.

Supports one- or two-way operations, and advanced, two-way interactive applications such as streaming video, Web browsing, email, real-time chat applications, and targeted advertising services.

These powerful advantages maximize the performance and return of hybrid fiber-coaxial (HFC) plant investments.

Changes from Cisco DSG 1.0

DSG Issue 1.0 is oriented to the DOCSIS DSG-I01 specifications, while DSG Issue 1.1 is oriented towards DOCSIS DSG-I02 specifications, to include the new Advanced Mode DSG (A-DSG).

The following DSG 1.1 features are supported in Cisco IOS Release 12.3(13a)BC while continuing support for Basic Mode DSG:

DSG 1.1 enables the learning of dynamic tunnel definitions. DSG 1.0 only had static tunnel definitions (programmed into the set-top box).

DSG 1.1 features new Cisco IOS command-line interface (CLI) configuration and show commands for A-DSG configuration and network information.

Unlike earlier issues of DSG, Advanced-mode DSG (A-DSG) uses a DOCSIS MAC Management Message called the Downstream Channel Descriptor (DCD) message, and this DCD message manages the DSG Tunnel traffic. The DCD message is sent once per second on each downstream and is used by the DSG Client to determine which tunnel and classifier to use.

The DCD has a DSG address table located in the DOCSIS MAC management message. The primary difference between DSG 1.0 (and earlier issues) and A-DSG 1.1 is that advanced mode uses DCD messages to manage the DSG tunnels.

The DCD message contains a group of DSG Rules and DSG Classifiers, including the following:

DSG rules and rule priority

DSG classifiers

DSG channel list type/length value (TLV)

DSG client identifier (whether broadcast, CA System, application, or MAC-level)

DSG timer list

DSG upstream channel ID (UCID) list

Vendor-specific information field

Prerequisites for DSG 1.1

Cisco IOS Release 12.3(13a)BC or a later release are required.

Restrictions and Caveats for DSG 1.1

Cisco DSG 1.1 has the following restrictions:

Cisco DSG 1.1 does not support Service Flow Quality of Service (QoS), which is available at Layer 3.

Cisco DSG 1.1 does not support tunnel security, but strictly access control lists (ACLs).

Cisco DSG 1.1 does not support subinterfaces.

Cisco DSG 1.1 does not support HCCP N+1 interoperability.

Cisco DSG 1.1 does not support SNMP MIBS for A-DSG.

Additional Information about DSG 1.1

For additional information, refer to the following documents on Cisco.com:

Advanced-mode DOCSIS Set-Top Gateway Issue 1.1 for the Cisco CMTS

http://www.cisco.com/en/US/docs/ios/cable/configuration/guide/cmts_docsis_gw12_ps2209_TSD_Products_Configuration_Guide_Chapter.html

DOCSIS Set-Top Gateway (DSG) for the Cisco CMTS

http://www.cisco.com/en/US/products/hw/cable/ps2217/products_feature_guide09186a00802065c8.html

Cisco DOCSIS Set-top Gateway White Paper

http://www.cisco.com/en/US/products/hw/cable/ps2217/products_white_paper09186a00801b3f0f.shtml

CableLabs DOCSIS Set-top Gateway (DSG) Interface Specification SP-DSG-I03

Cable Monitor Support for Cisco MC28U Broadband Processing Engines

Cisco IOS Release 12.3(13a)BC introduces support for the Cisco MC28U Broadband Processing Engines for the Cisco uBR7246VXR routers. This feature enables intercept and monitoring capabilities for DOCSIS-compliant frames. The Cable Monitor and Intercept features for Cisco Cable Modem Termination System (CMTS) routers provide a software solution for monitoring and intercepting traffic coming from a cable network. This feature also gives service providers Lawful Intercept capabilities, such as those required by the Communications Assistance for Law Enforcement Act (CALEA).


Note The cable monitor feature does not support access lists for intelligent cable interface line cards such as the Cisco MC28U or Cisco  MC16U in the Cisco uBR7246VXR router.


The Cable Monitor and Intercept features for Cisco Cable Modem Termination System (CMTS) routers provide a software solution for monitoring and intercepting traffic coming from a cable network that is based on monitoring and intercepting of DOCSIS frames. This feature can be used for Lawful Intercept capabilities, such as those required by the Communications Assistance for Law Enforcement Act (CALEA).

To enable the forwarding of selected packets on the cable interface to an external LAN analyzer, use the cable monitor command in cable interface configuration mode. To disable this function, use the no form of this command.

cable monitor [incoming | outbound] [timestamp]

interface interface {access-list {name | number} | mac-address address | sid sid-number} [packet-type {data docsis | data ethernet | mac [type type] } ]

no cable monitor

Syntax Description

incoming

Forwards only packets being received on the upstream.

outbound

Forwards only packets being transmitted on the downstream.

timestamp

Enables packet time-stamping by appending a four-byte value to the forwarded packets. The timestamp value is in hundredths of a second.

interface interface

Specifies the WAN interface to which an external LAN analyzer is attached, and to which packets should be forwarded. You can forward packets only to an Ethernet, Fast Ethernet, or Gigabit Ethernet interface.

access-list name| number

Specifies the IP access list name or number (1 to 2699).

mac-address address

Specifies the MAC address of the device being monitored.

sid sid-number

Specifies the service ID for the packets that should be forwarded (1 to 16384). NOTE This option is supported only in Cisco IOS releases that support DOCSIS 1.1 operations.

packet-type

(Optional) Specifies whether data or MAC packets are forwarded.

data docsis

Specifies that complete DOCSIS packets (both the DOCSIS header and the complete Ethernet frame) should be forwarded. Note Enabling this option can result in %LINK-4-TOOBIG messages being generated if the original Ethernet frame is at or near the maximum Ethernet size of 1500 bytes. This is because this option adds additional bytes (the DOCSIS header) to the Ethernet frame, which can result in a total frame size that exceeds the maximum size that is allowed for standard Ethernet frames.

data ethernet

Specifies that the DOCSIS header should be stripped from the packet and that only the Ethernet frame should be forwarded.

mac [type type]

Specifies that only DOCSIS MAC-layer packets should be forwarded. If you are using the sid option, you can also optionally specify the type option with one of the following keywords to indicate that only the specific type of MAC-layer traffic should be forwarded: dsa—Dynamic service addition dsc—Dynamic service change dsd—Dynamic service deletion map-grant—Grants map-req—Requests


The following example configures cable monitor for the specified interface and the associated MAC address:

Router(config)# interface Cable3/0
Router(config-if)# cable monitor interface GigabitEthernet0/1
mac-address 000e.5cc8.fa5f
packet-type data ethernet
Router(config-if)# 
mac-address 000e.5cac.59f8
packet-type data ethernet

To display cable monitor configuration and status information, use the show interfaces command in Privileged EXEC mode:

Router# show interfaces cable 3/0 monitor
US/ Time Outbound  Flow     Flow Type      Flow  Packet MAC   MAC	Encap
DS  Stmp Interface Type     Identifier     Extn. Type   Extn. Type	Type
all  no    Gi0/1   mac-addr 000e.5cc8.fa5f yes   data   no     -	ethernet
all  no    Gi0/1   mac-addr 000e.5cac.59f8 yes   data   no     -	ethernet

To display and monitor traffic statistics and counters over time, use the show cable modem counters and the show interfaces commands in Privileged EXEC mode, as illustrated:

Router# show interfaces cable 3/0 monitor
US/ Time Outbound  Flow     Flow Type      Flow  Packet MAC   MAC	Encap
DS  Stmp Interface Type     Identifier     Extn. Type   Extn. Type	Type
all  no    Gi0/1   mac-addr 000e.5cc8.fa5f yes   data   no     -	ethernet
all  no    Gi0/1   mac-addr 000e.5cac.59f8 yes   data   no     -	ethernet
Router# show cable modem 000e.5cac.59f8  counters
MAC Address    US Packets   US Bytes   DS Packets   DS Bytes
000e.5cac.59f8 7537986      3828867645 7199188      3711248288
Router# show interfaces GigabitEthernet 0/1
GigabitEthernet0/1 is up, line protocol is up 
  Hardware is BCM1250 Internal MAC, address is 000e.d6bd.2001 (bia 000e.d6bd.2001)
  Description: ***Sonde_analyse_trafic***
  Internet address is 82.216.52.1/30
  MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, 
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 100Mb/s, media type is RJ45
  output flow-control is XON, input flow-control is XON
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:08, output 00:00:01, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/5/0 (size/max/drops/flushes); Total output drops:361
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     1094862 packets input, 70425672 bytes, 0 no buffer
     Received 0 broadcasts, 5 runts, 0 giants, 0 throttles
     0 input errors, 10 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 37 multicast, 0 pause input
     0 input packets with dribble condition detected
     188665 packets output, 29355747 bytes, 0 underruns       <<< 188665 packets
     0 output errors, 0 collisions, 6 interface resets
     0 babbles, 0 late collision, 0 deferred
     12 lost carrier, 0 no carrier, 0 pause output
     0 output buffer failures, 0 output buffers swapped out

When cable monitor is active, counters for the above commands should increase over time. For additional information about cable monitoring on the Cisco CMTS, refer to these documents on Cisco.com:

Cable Monitor and Intercept Features for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_cmon.html.

Cisco Broadband Cable Command Reference Guide

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_book.html.

COPS TCP Support for the Cisco Cable Modem Termination System

Cisco IOS Release 12.3(13a)BC introduces optimized support for the Common Open Policy Service (COPS) feature for the Cisco uBR7200 series router. This feature supports two new configuration commands for enabling and setting COPS processes. The COPS feature in Cisco IOS Release 12.3(13a)BC enables the following COPS functions:

COPS DSCP Marking for the Cisco CMTS

This feature allows you to change the DSCP marking for COPS messages that are transmitted or received by the Cisco router. Differentiated Services Code Point (DSCP) values are used in Quality of Service (QoS) configurations on a Cisco router. DSCP summarizes the relationship between DSCP and IP precedence.

Cisco IOS Release 12.3(13a)BC supports this function with the cops ip dscp command in global configuration mode.

COPS TCP Window Size for the Cisco CMTS

This feature allows you to override the default TCP receive window size that is used by COPS processes. This setting can be used to prevent the COPS server from sending too much data at one time.

Cisco IOS Release 12.3(13a)BC supports this function with the cops tcp window-size command in global configuration mode.


Note These two commands affect all TCP connections with all COPS servers.


cops ip dscp

To specify the marking for COPS messages that are transmitted by the Cisco router, use the cops ip dscp command in global configuration mode. To remove this configuration, use the no form of this command.

cops ip dscp x

no cops ip dscp

Syntax Description

x

This value specifies the markings with which COPS messages are transmitted. The following values are supported:

0-63—DSCP value ranging from 0-63.

af11—Use AF11 dscp (001010)

af12—Use AF12 dscp (001100)

af13—Use AF13 dscp (001110)

af21—Use AF21 dscp (010010)

af22—Use AF22 dscp (010100)

af23—Use AF23 dscp (010110)

af31—Use AF31 dscp (011010)

af32—Use AF32 dscp (011100)

af33—Use AF33 dscp (011110)

af41—Use AF41 dscp (100010)

af42—Use AF42 dscp (100100)

af43—Use AF43 dscp (100110)

cs1—Use CS1 dscp (001000) [precedence 1]

cs2—Use CS2 dscp (010000) [precedence 2]

cs3—Use CS3 dscp (011000) [precedence 3]

cs4—Use CS4 dscp (100000) [precedence 4]

cs5—Use CS5 dscp (101000) [precedence 5]

cs6—Use CS6 dscp (110000) [precedence 6]

cs7—Use CS7 dscp (111000) [precedence 7]

default—Use default dscp (000000)

ef—Use EF dscp (101110)


Defaults

For messages transmitted by the Cisco router, the default DSCP value is 0.

For incoming connections to the Cisco router, by default, the COPS engine takes the DSCP value used by the COPS server that initiates the TCP connection.

Usage Guidelines

The cops ip dscp command allows the Cisco router to re-mark the COPS packets for either incoming or outbound connections.

This command affects all TCP connections with all COPS servers.

This command does not affect existing connections to COPS servers. Once you issue this command, this function is supported only for new connections after that point in time.

Examples

The following example illustrates the cops ip dscp command with supported command variations:

Router(config)# cops ip dscp ?
 <0-63>   DSCP value 
 af11     Use AF11 dscp (001010) 
 af12     Use AF12 dscp (001100) 
 af13     Use AF13 dscp (001110) 
 af21     Use AF21 dscp (010010) 
 af22     Use AF22 dscp (010100) 
 af23     Use AF23 dscp (010110) 
 af31     Use AF31 dscp (011010) 
 af32     Use AF32 dscp (011100) 
 af33     Use AF33 dscp (011110) 
 af41     Use AF41 dscp (100010) 
 af42     Use AF42 dscp (100100) 
 af43     Use AF43 dscp (100110) 
 cs1      Use CS1  dscp (001000) [precedence 1] 
 cs2      Use CS2  dscp (010000) [precedence 2] 
 cs3      Use CS3  dscp (011000) [precedence 3] 
 cs4      Use CS4  dscp (100000) [precedence 4] 
 cs5      Use CS5  dscp (101000) [precedence 5] 
 cs6      Use CS6  dscp (110000) [precedence 6] 
 cs7      Use CS7  dscp (111000) [precedence 7] 
 default  Use default dscp (000000) 
 ef       Use EF   dscp (101110) 

Additional COPS Information

Cisco IOS Release 12.3(13a)BC also supports Access Control Lists (ACLs) for use with COPS. Refer to the "Access Control List Support for COPS Intercept" section.

For additional information about configuring COPS on the Cisco CMTS, refer to the following documents on Cisco.com:

COPS Engine Operation on the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_cops.html.

Cable Monitor and Intercept Features for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_cmon.html.

Configuring COPS for RSVP

http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfcops_ps1835_TSD_Products_Configuration_Guide_Chapter.html.

cops tcp window-size

To override the default TCP receive window size on the Cisco CMTS, use the cops tcp window-size command in global configuration mode. This setting allows you to prevent the COPS server from sending too much data at one time. To return the TCP window size to a default setting of 4K, use the no form of this command.

cops tcp window-size bytes

no cops tcp window-size

Syntax Description

bytes

This is the TCP window size setting in bytes. This value can range from 516 to 65535 bytes.


Defaults

The default COPS TCP window size is 4000 bytes.

Usage Guidelines

This command does not affect existing connections to COPS servers. Once you issue this command, this function is supported only for new connections after that point in time.

Examples

The following example configures the TCP window size to be 64000 bytes.

Router(config)# cops tcp window-size 64000 

The following example illustrates online help for this command:

Router(config)# cops tcp window-size ? 
 <516-65535>  Size in bytes 

Additional COPS Information

Cisco IOS Release 12.3(13a)BC also supports Access Control Lists (ACLs) for use with COPS. Refer to the "Access Control List Support for COPS Intercept" section.

For additional information about configuring COPS on the Cisco CMTS, refer to the following documents on Cisco.com:

COPS Engine Operation on the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_cops.html

Cable Monitor and Intercept Features for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_cmon.html.

Configuring COPS for RSVP

http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfcops_ps1835_TSD_Products_Configuration_Guide_Chapter.html.

DOCSIS 1.0 Concatenation Override Featurette

Cisco IOS Release 12.3(13a)BC introduces support for the DOCSIS 1.0 concatenation override feature on the Cisco uBR7200 router. This feature provides the ability to disable concatenation on DOCSIS 1.0 cable modems, even in circumstances where concatenation is otherwise supported for the upstream channel.

DOCSIS 1.0 concatenation allows the cable modem to make a single-time slice request for multiple packets, and to send all packets in a single large burst on the upstream. Concatenation was introduced in the upstream receive driver in the previous Cisco IOS releases that supported DOCSIS 1.0 +. Per-SID counters were later added in Cisco IOS Release 12.1(4)CX for debugging concatenation activity.

In some circumstances, overriding concatenation on DOCSIS 1.0 cable modems may be preferable, and Cisco IOS Release 12.3(13a)BC supports either option.


Note Even when DOCSIS 1.0 concatenation is disabled with this feature, concatenation remains enabled for cable modems that are compliant with DOCSIS 1.1 or DOCSIS 2.0.


To enable DOCSIS 1.0 concatenation override with Cisco IOS Release 12.3(13a)BC and later releases, use the new docsis10 keyword with the previously supported cable upstream <n> concatenation command in privileged EXEC mode:

cable upstream <n> concatenation docsis10

Syntax Description

n

Specifies the upstream port number. Valid values start with 0 for the first upstream port on the cable interface line card.


Examples

The following example illustrates DOCSIS 1.0 concatenation override on the Cisco uBR7246VXR router:

Router# no cable upstream 0 concatenation docsis10

In this example, DOCSIS 1.0 cable modems are updated with REG-RSP so that they are not permitted to use concatenation.

For additional information about this command, refer to the following document on Cisco.com:

Cisco Broadband Cable Command Reference Guide

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_book.html

Dynamic SID/VRF Mapping Support

Cisco IOS Release 12.3(13a)BC introduces support for dynamic service ID (SID) and VRF mapping on the Cisco CMTS, to support VoIP with MPLS. Formerly, the MPLS SID mapping feature only applied to provisioned service flows. This feature enables the mapping of all PacketCable DQoS service flows to one particular VRF.

For additional information about dynamic SID to VRF mapping, refer to the following document on Cisco.com:

Mapping Service Flows to MPLS VPN on the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_serv.html

Enhanced Rate Bandwidth Allocation (ERBA) Support for DOCSIS 1.0 Cable Modems

Cisco IOS Release 12.3(13a)BC introduces Enhanced Rate Bandwidth Allocation (ERBA) support for DOCSIS 1.0 cable modems and the Cisco uBR7200 series router. ERBA allows DOCSIS1.0 modems to burst their temporary transmission rate up to the full line rate for short durations of time. This capability provides higher bandwidth for instantaneous bandwidth requests, such as those in Internet downloads, without having to make changes to existing service levels in the QoS Profile.

This feature enables MSOs to set the DOCSIS 1.0 cable modems burst transmissions, with mapping to overriding DOCSIS 1.1 QoS profile parameters on the Cisco CMTS. DOCSIS 1.0 cable modems require DOCSIS 1.0 parameters when registering to a matching QoS profile. This feature enables maximum downstream line rates, and the ERBA setting applies to all cable modems that register to the corresponding QoS profile.


Note QoS definitions must previously exist on the Cisco CMTS headend to support this feature.


ERBA for DOCSIS 1.0 cable modems is supported with these new or enhanced commands or keywords in Cisco IOS Release 12.3(13a)BC:

cable qos pro max-ds-burst burst-size

show cable qos profile n [verbose]

To define ERBA on the downstream for DOCSIS 1.0 cable modems, use the cable qos promax-ds-burst command in global configuration mode. To remove this ERBA setting from the QoS profile, use the no form of this command.

cable qos pro max-ds-burst burst-size

no cable qos pro max-ds-burst

Syntax Description

burst-size

The QoS profile's downstream burst size in bytes.


To display ERBA settings as applied to DOCSIS 1.0 cable modems and QoS profiles on the Cisco CMTS, use the show cable qos profile command in Privileged EXEC mode.

The following example of the cable qos profile command in global configuration mode illustrates changes to the cable qos profile command. Fields relating to the ERBA feature are shown in bold for illustration:

Router(config)# cable qos pro 10 ?
  grant-interval       Grant interval
  grant-size           Grant size
  guaranteed-upstream  Guaranteed Upstream
  max-burst            Max Upstream Tx Burst
  max-ds-burst        Max Downstream Tx burst (cisco specific) 
  max-downstream       Max Downstream
  max-upstream         Max Upstream
  name                 QoS Profile name string (cisco specific) 
  priority             Priority
  privacy              Cable Baseline Privacy Enable
tos-overwrite        Overwrite TOS byte by setting mask bits to value 

The following example of the show cable qos profile command illustrates that the maximum downstream burst has been defined, and is a management-created QoS profile:

Router# show cable qos pro
ID  Prio Max       Guarantee Max        Max   TOS  TOS   Create  B     IP prec.
         upstream  upstream  downstream tx    mask value by      priv  rate
         bandwidth bandwidth bandwidth  burst                    enab  enab
1   0    0         0         0          0     0xFF 0x0   cmts(r) no    no
2   0    64000     0         1000000    0     0xFF 0x0   cmts(r) no    no
3   7    31200     31200     0          0     0xFF 0x0   cmts    yes   no
4   7    87200     87200     0          0     0xFF 0x0   cmts    yes   no
6   1    90000     0         90000      1522  0xFF 0x0   mgmt    yes   no
10  1    90000     0         90000      1522  0x1  0xA0  mgmt    no    no
50  0    0         0         96000      0     0xFF 0x0   mgmt    no    no
51  0    0         0         97000      0     0xFF 0x0   mgmt    no    no

The following example illustrates the maximum downstream burst size in sample QoS profile 10 with the show cable qos prof verbose command in privileged EXEC mode:

Router# show cable qos pro 10 ver
Profile Index                           10
Name
Upstream Traffic Priority               1
Upstream Maximum Rate (bps)             90000
Upstream Guaranteed Rate (bps)          0
Unsolicited Grant Size (bytes)          0
Unsolicited Grant Interval (usecs)      0
Upstream Maximum Transmit Burst (bytes) 1522
Downstreamam Maximum Transmit Burst (bytes) 100000
IP Type of Service Overwrite Mask       0x1
IP Type of Service Overwrite Value      0xA0
Downstream Maximum Rate (bps)           90000
Created By                              mgmt
Baseline Privacy Enabled                no

Usage Guidelines

If a cable modem registers with a QoS profile that matches one of the existing QoS profiles on the Cisco CMTS, then the maximum downstream burst size, as defined for that profile, is used instead of the default DOCSIS QoS profile of 1522.

For example, a DOCSIS 1.0 configuration that matches QoS profile 10 in the previous examples would be as follows:

03 (Net Access Control)         = 1
04 (Class of Service Encodings Block)
   S01 (Class ID)               = 1
   S02 (Maximum DS rate)        = 90000
   S03 (Maximum US rate)        = 90000
   S06 (US burst)               = 1522
   S04 (US Channel Priority)    = 1
   S07 (Privacy Enable)         = 0

The maximum downstream burst size (as well as the ToS overwrite values) are not explicitly defined in the QoS configuration file because they are not defined in DOCSIS. However, because all other parameters are a perfect match to profile 10 in this example, then any cable modem that registers with these QoS parameters has a maximum downstream burst of 100000 bytes applied to it.

For further illustration, consider a scenario in which packets are set in lengths of 1000 bytes at 100 packets per second (pps). Therefore, the total rate is a multiplied total of 1000, 100, and 8, or 800kbps.

To change these settings, two or more traffic profiles are defined, with differing downstream QoS settings as desired. Table 6 provides two examples of such QoS profiles for illustration:

Table 6 Sample QoS Profiles with Differing ERBA (Maximum Downstream) Settings

QoS Profile Setting
QoS Profile 101
QoS Profile 102

Maximum Downstream Transmit Burst (bytes)

max-burst 4000

max-burst 4000

Maximum Downstream Burst (bps)

max-ds-burst 20000

max-ds-burst 5000

Maximum Downstream Bandwidth

max-downstream 100

max-downstream 100


In this scenario, both QoS profiles are identical except for the max-ds-burst size, which is set to 5000 in QoS profile 101 and 5000 in QoS profile 102.

Optimal Settings for DOCSIS 1.0 Downstream Powerburst

DOCSIS allows the setting different token bucket parameters for each service flow, including the token bucket burst size. When burst sizes are closer to 0, QoS is enforced in a stricter manner, allowing a more predictable sharing of network resources, and as a result easier network planning.

When burst sizes are larger, individual flows can transmit information faster (lower latency), although the latency variance can be larger as well.

For individual flows, a larger burst size is likely to be better. As long as the system is not congested, a large burst size reduces the chances of two flows transmitting at the same time, because each burst is likely to take less time to transmit. However, as channel bandwidth consumption increases, it is probably that large burst traffic would exceed the thresholds of buffer depths, and latency is longer than with well shaped traffic.

For additional information about the cable qos profile command and configuring QoS profiles, refer to the following documents on Cisco.com:

Cisco Broadband Cable Command Reference Guide

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_book.html.

DOCSIS 1.1 for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_docs.html.

High Availability Features in Cisco IOS Release 12.3(13a)BC

Cisco IOS Release 12.3(13a)BC removes support for HCCP N+1 Redundancy on the Cisco uBR7200 series routers. Associated configuration, show, and debug commands are not supported in this release.


Note The latest release to support HCCP N+1 Redundancy for the Cisco uBR7200 series is Cisco IOS Release 12.3(9a)BC. When upgrading from this or earlier supporting Cisco IOS releases to Cisco IOS Release 12.3(13a)BC, the HCCP configurations are discarded and not retained.


HCCP N+1 Redundancy for the Cisco CMTS is described for earlier releases in this and additional documents on Cisco.com:

N+1 Redundancy for the Cisco Cable Modem Termination System

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/uFGnpls1.html.

Multicast QoS Support

Cisco IOS Release 12.3(13a)BC introduces support for Multicast downstream QoS feature. This feature provides the ability to assign static mapping to a multicast group. The Multicast downstream QoS feature uses the existing infrastructure (DOCSIS 1.1 service flow) to assign a multicast service identifier (SID) to a multicast group used in the Baseline Privacy Interface (BPI) encryption feature.

When disabled, the Multicast downstream QoS feature does not impact any other features. The multicast packets to downstream cable interfaces are sent to the default service flow.

This feature is being implemented in response to CSCeg22989 which states, multicast traffic is not classified to any service flow, and therefore ends up queued on the default service flow. The default service flow has no specific QoS guarantees assigned to it. So once the interface approaches congestion level, multicast packets may be dropped.

Restrictions

The multicast definitions are per-bundle, not per interface. This means that all downstreams in a bundle share the same multicast to QoS association. The downstreams will create their own service flows according to the same QoS parameters.

Multicast to QoS definitions can not be assigned per sub-interface

Multicast SIDs are not deleted when a group becomes idle (no response to IGMP reports).

The QoS assignments for a multicast group can not be changed dynamically. If the user wishes to change them then a new "cable match" command must be configured.

New and Changed Commands

cable match address

Use the existing "cable match" command to assign QoS to a multicast group, with BPI either enabled or disabled.

Router# cable match address <number>|<name> [service-class <name> [bpi-enable]]
Router# no cable match address [<number>|<name> [service-class <name> [bpi-enable]]] 

debug cable mcast-qos

Use this command to turn on CMTS Multicast Qos debugging.

router# debug cable mcast-qos

MLPPP Support

The Cisco IOS Multilink Point-to-Point Protocol (MLPPP) feature is now supported for selected line cards and port adapters on the Cisco uBR7200 series. There is no new hardware or software for MLPPP in this release.


Note MLPPP combines one or more physical interfaces into a virtual "bundle" interface. The bandwidth of the bundle interface is equal to the sum of the component links' bandwidth. This allows service providers to make the step from T1 and E1 lines to affordable T3 and E3 speeds.

MLPPP is configured not on a cable interface, but on the T1/E1 link.


Line Cards and Port Adapters Supporting MLPPP on the Cisco uBR7200 Series

Table 7 lists the line cards and port adapters on the Cisco uBR7200 series, in conjunction with the applicable network processing engine (NPE), that are supported for MLPPP at the time Cisco IOS Release 12.3(13a)BC was released.

Table 7 Line Cards and Port Adapters Supporting MLPPP on the Cisco uBR7200 Series for Cisco IOS Release 12.3(13a)BC

Model
NPE
Line Card
Port Adapter

Cisco uBR7246VXR

NPE-400, NPE-G1

MC16C, MC16S, MC28C, MC28U

PA-4T+, PA-MC-2E1/120, PA-MC-4T1


PacketCable Multimedia

Cisco IOS Release 12.3(13a)BC introduces support for PacketCable Multimedia (PCMM) on the Cisco uBR7200 universal broadband router, and supports the CableLabs PacketCable Multimedia Specification, PKT-SP-MM-I02-040930. As described by CableLabs, some key features of the PCMM service delivery framework include the following:

Simple, powerful access to DOCSIS 1.1 QoS mechanisms supporting both time and volume-based network resource authorizations

Abstract, event-based network resource auditing and management mechanisms

A robust security infrastructure that provides integrity and appropriate levels of protection across all interfaces

Packet Cable Multimedia functionality on the Cisco CMTS enables Cable Operators to offer multimedia services over their cable networks by harnessing the power of Dynamic QoS (DQoS). When used in conjunction with compliant Policy Servers and Application Managers, PCMM gives operators the means of tailoring their networks to accomplish these advantages:

Deliver bandwidth dynamically and selectively

Support applications that require guaranteed bandwidth

Sustain a broad services mix and achieve optimal oversubscription

PCMM on the Cisco CMTS enhances several basic PacketCable functions, including the following:

Additional COPS Decision Messages—PCMM supports additional COPS decision messages, such as the following. The new objects for messages, such as Gate-Set, Gate-Set-Ack and Gate-Info, include different traffic profile definitions, different gate object formats, with additional objects for gate state reporting and flow utilization.

Gate-Set

Gate-Set-Ack

Gate-Set-Err

Gate-Info

Gate-Info-Ack

Gate-Info-Err

Gate-Delete

Gate-Delete-Ack

Gate-Delete-Err

State-Report

Different COPS client and UDP port for COPS sessions—PCMM uses a different COPS client type than does basic PacketCable, and PCMM uses a different UDP port for its COPS sessions. This can help to distinguish between PacketCable and PCMM COPS sessions on the Cisco CMTS.

MultiMedia State Machine—PCMM supports a different MultiMedia state machine than does PacketCable. The following are machine state changes introduced in PCMM with Cisco IOS Release 12.3(13a)BC:

PCMM gates are all unidirectional. In PacketCable, each gate is associated with both an upstream and downstream service flow. Although unidirectional flows are allowed, a bidirectional phone connection only has one gate.

PCMM differs in that each gate is now unidirectional, and is associated with only one service flow. As a result, the gate info element structure in PCMM differs significantly from that of PacketCable. PCMM only needs to maintain one set of service flow information, rather than maintaining both upstream and downstream information as does PacketCable.

DOCSIS DSX service flow information is now maintained on the Cisco CMTS. With PacketCable, gates are authorized, reserved, or committed first on the Cisco CMTS with a specific gate ID, and then the Cisco CMTS initiates a DSX exchange using the reserved or committed gate ID in the message. With PacketCable, the cable modem must issue the DSX message and create the service flows. However, with PCMM, when a gate is reserved or committed, the DSX message is generated and sent immediately by the Cisco CMTS. Therefore, the Policy Server sends all of the service flow information necessary to setup the service flow to the Cisco CMTS instead of the cable modem. This causes a major change in the state machine that controls the gate allocation procedures.

New timer definitions and event actions are supported on PCMM. New timer definitions and timer event actions are supported for proper behavior of the net state machine. Some of the timers used with PacketCable have been eliminated, while the events associated with other times have changed for PCMM.

New state transitions that did not exist in PacketCable 1.x have been added to PCMM. Specifically, a gate can now be transitioned back from Committed to Authorized or Reserved state.

Cable interface line cards and broadband processing engines perform distributed DOCSIS functions. The Cisco  MC28U cable interface line card on the Cisco uBR7200 series routers, are considered distributed, because the DOCSIS functionality is performed by the line card processor. The GCP signaling for PCMM and the gate state machine will executed on the NPE or RP processor. Because of the split in this functionality, IPC signaling resides between the gate state machine and the DOCSIS layer processing.

Event management—Event management messages have been modified to include information on the modified traffic profiles, and to match changes in the PCMM state machine. In addition, objects have been added to help support Gate usage and Gate commit time objects, used for usage limit based and time based gates.

For additional information about PacketCable and PacketCable Multimedia on the Cisco CMTS, refer to the following documents on Cisco.com:

PacketCable and PacketCable Multimedia on the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_pkcb.html.

Cisco PacketCable Primer White Paper

http://www.cisco.com/en/US/products/hw/cable/ps2217/products_white_paper09186a0080179138.shtml

"PacketCable is a CableLabs®-led initiative that is aimed at developing interoperable interface specifications for delivering advanced, real-time multimedia services over two-way cable plant. Built on top of the industry's highly successful cable modem infrastructure, PacketCable networks use Internet protocol (IP) technology to enable a wide range of multimedia services, such as IP telephony, multimedia conferencing, interactive gaming, and general multimedia applications." (PacketCable.com)

CableLabs® describes key features of the PacketCable Multimedia IP service delivery framework as follows:

Simple, powerful access to DOCSIS® 1.1 QoS mechanisms supporting both time and volume-based network resource authorizations

Abstract, event-based network resource auditing and management mechanisms

A robust security infrastructure that provides integrity and appropriate levels of protection across all interfaces

PacketCable™ is a registered trademark of CableLabs®. Additional information and specifications are available online at the following CableLabs websites:

CableLabs PacketCable website

http://www.cablelabs.com/packetcable/

CableLabs PacketCable Multimedia specifications

http://www.cablelabs.com/packetcable/specifications/multimedia.html

Service Independent Intercept (SII) Support on the Cisco uBR7200 Series

The Cisco CMTS supports the Communications Assistance for Law Enforcement Act (CALEA) for voice and data. Cisco IOS Release 12.3(13a)BC introduces support for Service Independent Intercept (SII) on the Cisco uBR7200 CMTS. Cisco SII provides a more robust level of the lawful intercept (LI) options offered in the Packet Intercept feature. Cisco SII is the next level of support for judicially authorized electronic intercept, to include dial access, mobile wireless, tunneled traffic, and Resilient Transport Protocol (RTP) for voice and data traffic on the Cisco CMTS.

SII on the Cisco CMTS in Cisco IOS Release 12.3(13a)BC includes these functions:

Packet intercept on specified or unspecified interfaces or ports, including port lists

Packet intercept on virtual interface bundles

Corresponding SNMP MIB enhancements for each of these functions, as intercept requests are initiated a mediation device (MD) using SNMPv3


Note At the time of publication, the Cisco IOS Release 12.3BC release train does not support virtual private networks with the SII feature. The CISCO-TAP-MIB does not specify any particular VPN, so this MIB is not assigned to a particular instance of VPN routing/forwarding (VRF). For restrictions on this platform, see "Overview of CISCO-TAP-MIB" in Cable Monitor and Intercept Features for the Cisco CMTS. See Related Documentation.



Note No new CLI commands are provided for this feature in Cisco IOS Release 12.3(13a)BC.


Cisco IOS Release 12.3(13a)BC enables full Multiple Service Operator (MSO) compliance with SII and LI regulations. Service providers worldwide are legally required to allow government agencies to conduct surveillance on the service provider's traditional telephony equipment. The objective of the SII feature is to enable service providers with New World networks that legally allow government agencies to conduct electronic network surveillance.

Lawful Intercept (LI) describes the process and judicial authority by which law enforcement agencies conduct electronic surveillance of circuit and packet-mode communications. LI is authorized by judicial or administrative order and implemented for either voice or data traffic on the Cisco CMTS.

Table 8 lists the differences between packet intercept and SII features

Table 8 Differences Between Packet Intercept and SII Features

Feature
Packet Intercept
Service Independent Intercept

Interface Type

Cable

Any

IP Masks

255.255.255.255 or 0.0.0.0

Any

L4 Ports

Any single port or 0-65535

Any port range

Protocol

UDP

Any

TOS/DSCP

Not supported

Supported


Additional Information

For additional information, refer to the following documents on Cisco.com:

Configuring COPS for RSVP, Cisco IOS Versions 12.2 and 12.3

http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfcops_ps1835_TSD_Products_Configuration_Guide_Chapter.html.

Cable Monitor and Intercept Features for the Cisco CMTS

hhttp://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_cmon.html.

PacketCable and PacketCable Multimedia on the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_pkcb.html.

Cisco PacketCable Primer White Paper

http://www.cisco.com/en/US/products/hw/cable/ps2217/products_white_paper09186a0080179138.shtml

Optional Upstream Scheduler Modes

With this feature, the user is able to select either Unsolicited Grant Services (UGS) or Real Time Polling Service (rtPS) scheduling types, as well as packet-based or TDM-based scheduling. Low latency queueing (LLQ) emulates a packet-mode-like operation over the Time Division Multiplex (TDM) infrastructure of DOCSIS. As such, the feature provides the typical trade-off between packets and TDM: with LLQ, the user has more flexibility in defining service parameters for UGS or rtPS, but with no guarantee (other than statistical distribution) regarding parameters such as delay and jitter.

Restrictions

To ensure proper operation, Call Admission Control (CAC) must be enabled. When the Low Latency Queueing (LLQ) option is enabled, it is possible for the upstream path to be filled with so many calls that it becomes unusable, making voice quality unacceptable. CAC must be used to limit the number of calls to ensure acceptable voice quality, as well as to ensure traffic other than voice traffic.

Even if CAC is not enabled, the default (DOCSIS) scheduling mode blocks traffic after a certain number of calls.

Unsolicited Grant Services with Activity Detection (UGS-AD) and Non Real Time Polling Service (nrtPS) are not supported.

cable upstream n scheduling type

Use this new command to turn the various scheduling modes on or off, where n specifies the upstream port.

Router(config-if)# [no] cable upstream n scheduling type [ugs | rtps] mode [llq | docsis]

For additional information about scheduler enhancements on the Cisco CMTS, refer to the following documents on Cisco.com:

Cisco CMTS Feature Guide — Configuring Upstream Scheduler Modes on the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/cmtsfg.html.

DOCSIS 1.1 for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/cmtsfg.html.

Transparent LAN Service and Layer 2 Virtual Private Networks

Cisco IOS Release 12.3(13a)BC introduces the following changes or requirements for the TLS feature with Layer 2 VPNs:

When the TLS feature is used with Layer 2 VPNs, the participating cable modems must have the Baseline Privacy Interface security feature (BPI) enabled. Otherwise, the Cisco CMTS drops such Layer 2 traffic in the upstream or downstream.

Information about customer premises equipment (CPE) does not display in the output of the show cable modem command.


Note Configuring ATM L2VPN or 802.1q for a particular cable modem removes any previous cable modem configuration on the Cisco uBR7246VXR router. For example, if TLS with 802.1q is configured on the router for a particular cable modem, and then you configure ATM L2VPN for the same cable modem, the Cisco uBR7246VXR router supports the latter and removes the former with no additional warning or system messages.


Refer to the following documents on Cisco.com for additional TLS information:

Transparent LAN Service Over Cable (configuration)

http://www.cisco.com/en/US/docs/cable/cmts/feature/tls-cmts.html.

TLS Over Cable (TAC Document #60027)

http://www.cisco.com/en/US/products/hw/cable/ps2217/products_configuration_example09186a008029160d.shtml

Virtual Interface Bundling on the Cisco uBR-MC28/U BPE

Cisco IOS Release 12.3(13a)BC introduces support for virtual interface bundling on the Cisco uBR72046VXR universal broadband router and the Cisco uBR-MC28/U Broadband Processing Engine (BPE).

In prior Cisco IOS releases, cable interface bundling was limited to physical interfaces as master or slave interfaces, and show commands did not supply bundle information.

Virtual interface bundling removes the prior concepts of master and slave interfaces, and introduces these additional changes:

Virtual interface bundling uses bundle interface and bundle members instead of master and slave interfaces.

The virtual bundle interface is virtually defined, as with IP loopback addresses, for example.

Virtual interface bundling supports bundle information in multiple show ip interface commands.

Virtual interface bundling prevents loss of connectivity on physical interfaces should there be a failure, problematic online insertion and removal (OIR) of one line card in the bundle, or erroneous removal of configuration on the master interface.

Virtual interface bundling supports and governs the following Layer 3 settings for the bundle member interfaces:

IP address

IP helper-address

source-verify and lease-timer functions

cable dhcp-giaddr (The giaddr field is set to the IP address of the DHCP client.)

Protocol Independent Multicast (PIM)

Access control lists (ACLs)

Sub-interfaces


Note This virtual interface for the bundle should always remain on (enabled with no shutdown), but the Cisco CMTS provides warning messages prior to execution of the shutdown command.


For configuration, examples, and general guidelines for virtual interface bundling on the Cisco CMTS, refer to the following documents on Cisco.com:

Cable Interface Bundling and Virtual Interface Bundling for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/tls-cmts.html.

Virtual Interfaces and Frequency Stacking Configuration on MC5x20S and MC28U Line Cards

http://www.cisco.com/en/US/tech/tk86/tk804/technologies_white_paper09186a0080232b49.shtml

New Hardware Features in Cisco IOS Release 12.3(9a)BC8

There are no new hardware features supported in Cisco IOS Release 12.3(9a)BC8.

New Software Features in Cisco IOS Release 12.3(9a)BC8

There are no new software features supported in Cisco IOS Release 12.3(9a)BC8.

New Hardware Features in Cisco IOS Release 12.3(9a)BC7

There are no new hardware features supported in Cisco IOS Release 12.3(9a)BC7.

New Software Features in Cisco IOS Release 12.3(9a)BC7

There are no new software features supported in Cisco IOS Release 12.3(9a)BC7.

New Hardware Features in Cisco IOS Release 12.3(9a)BC6

There are no new hardware features supported in Cisco IOS Release 12.3(9a)BC6.

New Software Features in Cisco IOS Release 12.3(9a)BC6

There are no new software features supported in Cisco IOS Release 12.3(9a)BC6.

New Hardware Features in Cisco IOS Release 12.3(9a)BC5

There are no new hardware features supported in Cisco IOS Release 12.3(9a)BC5.

New Software Features in Cisco IOS Release 12.3(9a)BC5

There are no new software features supported in Cisco IOS Release 12.3(9a)BC5.

New Hardware Features in Cisco IOS Release 12.3(9a)BC4

There are no new hardware features supported in Cisco IOS Release 12.3(9a)BC4.

New Software Features in Cisco IOS Release 12.3(9a)BC4

There are no new software features supported in Cisco IOS Release 12.3(9a)BC4.

New Hardware Features in Cisco IOS Release 12.3(9a)BC3

There are no new hardware features supported in Cisco IOS Release 12.3(9a)BC3.

New Software Features in Cisco IOS Release 12.3(9a)BC3

There are no new software features supported in Cisco IOS Release 12.3(9a)BC3.

New Hardware Features in Cisco IOS Release 12.3(9a)BC2

There are no new hardware features supported in Cisco IOS Release 12.3(9a)BC2.

New Software Features in Cisco IOS Release 12.3(9a)BC2

There are no new software features supported in Cisco IOS Release 12.3(9a)BC2.

New Hardware Features in Cisco IOS Release 12.3(9a)BC1

There are no new hardware features supported in Cisco IOS Release 12.3(9a)BC1.

New Software Features in Cisco IOS Release 12.3(9a)BC1

There are no new software features supported in Cisco IOS Release 12.3(9a)BC1.

New Hardware Features in Cisco IOS Release 12.3(9a)BC

There are no new hardware features in Cisco IOS Release 12.3(9a)BC.

New Software Features for Cisco IOS Release 12.3(9a)BC

This section describes the following new software features and CLI command changes for Cisco IOS Release 12.3(9a)BC and the Cisco uBR7246VXR router:

Cable ARP Filter Enhancement

Cisco Broadband Troubleshooter (CBT) 3.2

Cisco CMTS Static CPE Override

Cisco DDC (Dual DOCSIS Channel)

Cisco IOS Release 12.3(9a)BC Command-Line Interface (CLI) Enhancements

DOCSIS Set-top Gateway (DSG) 1.0

Dynamic Shared Secret (DMIC) with OUI Exclusion for DOCSIS

MIBs Changes and Updates in Cisco IOS Release 12.3(9a)BC

Load Balancing Support

Spectrum Management Enhancements in Cisco IOS Release 12.3(9a)BC

Subscriber Traffic Management (STM) Version 1.1

Transparent LAN Services (TLS) and L2 Tunneling ATM/SIDs

Usage Based Billing (SAMIS)

Virtual Interface Support and Frequency Stacking Support

Cable ARP Filter Enhancement

The cable arp filter command, introduced with Cisco IOS Release 12.2(15)BC2b, enables service providers to filter ARP request and reply packets. This prevents a large volume of such packets from interfering with the other traffic on the cable network.

Cisco IOS Release 12.3(9a)BC introduces enhanced command option syntax for the cable arp filter command, where number and window-size values are optional for reply-accept and request-send settings.

To control the number of Address Resolution Protocol (ARP) packets that are allowable for each Service ID (SID) on a cable interface, use the cable arp command in cable interface configuration mode. To stop the filtering of ARP broadcasts for CMs, use the no form of this command.

cable arp filter {reply-accept number window-size | request-send number window-size}

no cable arp filter {reply-accept | request-send}

default cable arp filter {reply-accept | request-send}

Syntax Description

reply-accept number window-size

Configures the cable interface to accept only the specified number of ARP reply packets every window-size seconds for each active Service ID (SID) on that interface. The cable interface drops ARP reply packets for a SID that would exceed this number.

number = (Optional) Number of ARP reply packets that is allowed for each SID within the window time period. The allowable range is 0 to 20 packets, with a default of 4 packets. If number is 0, the cable interface drops all ARP reply packets. If not specified, this value uses default.

window-size = (Optional) Size of the window time period, in seconds, in which to monitor ARP replies. The valid range is 1 to 5 seconds, with a default of 2 seconds.

request-send number window-size

Configures the cable interface to send only the specified number of ARP request packets every window-size seconds for each active SID on that interface. The cable interface drops ARP requests for a SID that would exceed this number.

number = (Optional) Number of ARP request packets that is allowed for each SID within the window time period. The allowable range is 0 to 20 packets, with a default of 4 packets. If number is 0, the cable interface does not send any ARP request packets.

window-size = (Optional) Size of the window time period, in seconds, in which to monitor ARP requests. The valid range is 1 to 5 seconds, with a default of 2 seconds.


Cisco IOS Release 12.3(9a)BC also removes a prior caveat with HCCP Protect interfaces. Previously, in the event of a revert-back HCCP N+1 switchover, manual removal of cable arp filter reply and cable arp filter request configurations may have been required afterward on Protect interfaces.

For more information about ARP Filtering, refer to the following document on Cisco.com:

Cable ARP Filtering

http://www.cisco.com/en/US/docs/cable/cmts/feature/cblarpfl.html.

Cisco Broadband Troubleshooter (CBT) 3.2

Multiple Service Operators (MSOs) provide a variety of services such as TV, video on demand, data, and voice telephony to subscribers. Cable companies provide a variety of services such as TV, video on demand, data, and voice telephony to subscribers. Network Administrators and radio frequency (RF) technicians need specialized tools to resolve RF problems in the cable plant. Cisco Broadband Troubleshooter 3.2 (CBT 3.2) is a simple, easy-to-use tool designed to accurately recognize and resolve such issues.

Cisco IOS Release 12.3(9a)BC enhances support for the Cisco Broadband Troubleshooter (CBT) Version 3.2 on the Cisco uBR7246VXR universal broadband, with newly supported interoperability for the following additional software features:

Spectrum Management Enhancements in Cisco IOS Release 12.3(9a)BC

Subscriber Traffic Management (STM) Version 1.1

CBT 3.2 offers the following enhancements on the Cisco uBR7246VXR router:

CBT 3.2 resolves the former caveat CSCee03388. This enable users to compare an upstream and cable modem on the same trace window.

Formerly, trace windows could support the selection of up to three upstream or cable modems, but the upstream(s) and cable modems could not be mixed. CBT 3.2 now supports three upstreams or cable modems to be selected and mixed in the trace window.

For additional information about CBT 3.2, spectrum management and STM 1.1, refer to the following documents on Cisco.com:

Release Notes for Cisco Broadband Troubleshooter Release 3.2

http://www.cisco.com/en/US/products/sw/netmgtsw/ps530/prod_release_notes_list.html.

Spectrum Management for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_spec.html.

Subscriber Traffic Management for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/ubsubmon.html.

Cisco CMTS Static CPE Override

The cable submgmt default command enables Multiple Service Operators (MSOs) to override network DHCP settings on CPE devices when performing troubleshooting with a laptop computer and console connection to the Cisco universal broadband router.

For additional information about using the cable submgmt default command, refer to these documents on Cisco.com:

Cisco CMTS Static CPE Override

http://www.cisco.com/en/US/docs/cable/cmts/feature/stat_cpe.html.

Cisco Broadband Cable Command Reference Guide

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_book.html.

Cisco DDC (Dual DOCSIS Channel)

The Cisco Dual DOCSIS Channel (DDC) feature provides redundancy to cable voice and data customers by using two or three CMTSs with connected RF upstreams and downstreams. Redundancy is provided by controlling each CMTS on which the cable modems register, and by allowing movement of the cable modems between the Cisco CMTS systems.

Cisco DDC provides redundancy during planned downtime, especially during software upgrades, with minimal configuration or control external to the Cisco CMTS.

For information about configuring, maintaining and troubleshooting DDC on the Cisco  uBR7246VXR router, refer to the following document on Cisco.com:

Cisco Dual DOCSIS Channel (DDC) on the Cisco uBR7246VXR Universal Broadband Router

http://www.cisco.com/en/US/docs/cable/cmts/feature/docs_DDC.html.

Cisco IOS Release 12.3(9a)BC Command-Line Interface (CLI) Enhancements

Cisco IOS Release 12.3(9a)BC supports the following new or enhanced command-line interface:

cable logging layer2events

cable source-verify

show cable tech-support

show controllers cable

show tech-support

For additional information about these command changes, refer to these resources:

"New and Changed Command Reference for Cisco IOS Release 12.3(9a)BC" section

Cisco Broadband Cable Command Reference Guide

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_book.html.

DOCSIS Set-top Gateway (DSG) 1.0

The following DSG 1.0 features were added for multiple Cisco CMTS platforms:

Vendor names are supported to 20 characters per SNMP requirements (all platforms).

SNMP MIB support introduced for the DSG-IF-MIB.

Multicast MAC addresses are supported for DSG tunnels. DSG tunnel MAC addresses are no longer limited only to unicast addresses.

DSG 1.0 prevents the configuration of any reserved or otherwise inappropriate IP multicast addresses.

For additional information about configuring and using DSG 1.0 on the Cisco uBR7246VXR router, refer to the following document on Cisco.com:

DOCSIS Set-Top Gateway for the Cisco CMTS

http://www.cisco.com/en/US/products/hw/cable/ps2217/products_feature_guide09186a00802065c8.html

Dynamic Shared Secret (DMIC) with OUI Exclusion for DOCSIS

Cisco IOS Release 12.3(9a)BC introduces the option of excluding the Organizational Unique Identifiers (OUIs) from being subjected to the DMIC check. The new cable dynamic-secret exclude command allow specific cable modems to be excluded from the Dynamic Shared Secret feature on the following Cisco CMTS platforms:

Cisco uBR7246VXR universal broadband router

The Dynamic Shared Secret feature automatically creates a unique DOCSIS shared secret on a per-modem basis, creating a one-time use DOCSIS configuration file that is valid only for the current session. This ensures that a DOCSIS configuration file that has been downloaded for one cable modem can never be used by any other modem, nor can the same modem reuse this configuration file at a later time.

This patent-pending feature is designed to guarantee that all registered modems are using only the quality of service (QoS) parameters that have been specified by the DOCSIS provisioning system for that particular modem at the time of its registration.

For additional command information, refer to the following documents on Cisco.com:

Configuring a Dynamic Shared Secret for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/ubrdmic.html

Cisco Broadband Cable Command Reference Guide

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_book.html

MIBs Changes and Updates in Cisco IOS Release 12.3(9a)BC

Cisco IOS Release 12.3(9a)BC adds the following new MIB support for the Cisco uBR7246VXR router.

CISCO-CABLE-QOS-MONITOR MIB

CISCO-CABLE-SPECTRUM-MIB

CISCO-PROCESS-MIB

DOCS-IF-MIB

DOCS-QOS-MIB

DSG-IF-MIB

For additional information about MIBs for the Cisco CMTS, refer to the following resources on Cisco.com:

Cisco CMTS Universal Broadband Router MIB Specifications Guide

http://www.cisco.com/en/US/docs/cable/cmts/mib/reference/guide/ubrmib3.html

SNMP Object Navigator

http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en

CISCO-CABLE-QOS-MONITOR MIB

Cisco IOS Release 12.3(9a)BC introduces additional features for the CISCO-CABLE-QOS-MONITOR MIB, including the following:

Clarified the descriptions of a number of objects.

Added a number of objects in the ccqmCmtsEnforceRuleTable to support DOCSIS 1.1 and DOCSIS 2.0 cable modems and to support peak and off-peak monitoring.

Added the ccqmCmtsIfBwUtilTable to provide thresholds for downstream/upstream bandwidth utilization.

Deprecated and removed ccqmCmtsEnfRuleByteCount.

CISCO-CABLE-SPECTRUM-MIB

Cisco IOS Release 12.3(9) introduces support for the CISCO-CABLE-SPECTRUM-MIB on the Cisco uBR7246VXR universal broadband router, with these additional MIB object enhancements:

ccsFlapListMaxSize and ccsFlapListCurrentSize SNMP objects provide additional description for cable flap lists.

Added the ccsCmFlapTable to replace the ccsFlapTable. The new object uses downstream, upstream and Mac as indices to replace the ccsFlapTable object.

The enhanced ccsSNRRequestTable object provides a table of SNR requests with modified description.

Added the ccsUpSpecMgmtUpperBoundFreq object to assist with spectrum management on the Cisco CMTS.

Added the ccsCompliance5 object.

Added ccsCmFlapResetNow to reset the flap list for a particular cable modem.

Updated the descriptions for ccsFlapListMaxSize, ccsFlapListCurrentSize, and ccsSNRRequestTable.

The following objects are also now deprecated:

ccsFlapPowerAdjustThreshold

ccsFlapMissThreshold

ccsFlapResetAll

ccsFlapClearAll

ccsFlapLastClearTime

The maximum number of entries in the flap-list was changed from a maximum of 8191 for the entire router, to the following:

8191 entries for each Broadband Processing Engine (BPE) cable interface, such as the Cisco uBR-MC16U/X, Cisco uBR-MC28U/X, and Cisco uBR-MC5X20S/U.

8191 maximum flap-list entries for all non-BPE cable interfaces, such as the Cisco uBR-MC16C, Cisco uBR-MC16S, and Cisco uBR-MC28C.

Two objects are now used to track the flap list size:

ccsFlapListMaxSize—Reflects the flap list size, as configured by the cable flap-list size command.

ccsFlapListCurrentSize—Reflects the current size of the flap list for each MAC domain (downstream).

CISCO-PROCESS-MIB

The CISCO-PROCESS-MIB enables you to monitor CPU and memory utilization for RF cards, cable interface line cards and broadband processing engines on the Cisco CMTS. This information is collected via SNMP.

DOCS-IF-MIB

The DOCS-IF-MIB (released as RFC 2670) has been updated to conform to the version 5 of the DOCSIS 2.0 RF MIB Specification (draft-ietf-ipcdn-docs-rfmibv2-05.txt).

DOCS-QOS-MIB

Cisco IOS Release 12.3(9a)BC introduces additional MIB object enhancements for the DOCS-QOS-MIB on the Cisco uBR7246VXR routers:

Updated with the DOCSIS operations support system interface (OSSI) v2.0-N-04.0139-2.

The default values of docsQosPktClassIpSourceMask and docsQosPktClassIpDestMask objects are set to 0xFFFFFFFF.

DSG-IF-MIB

The DSG-IF-MIB defines objects that are used to configure, control, and monitor the operation of the DOCSIS Set-top Gateway (DSG) 1.0 feature on Cisco uBR7200 series routers.


Note The MODULE-IDENTITY for the DSG-IF-MIB is dsgIfMib, and its top-level OID is 1.3.6.1.4.1.9.9.999 (iso.org.dod.internet.private.enterprises.cisco.ciscoMgmt.dsgIfMib). Because this is an experimental MIB, its top-level OID is expected to change when the DSG specifications are finalized.


MIB Constraints

The DSG-IF-MIB has the following constraints:

This is an experimental MIB that can be obsoleted and replaced without prior notice, when the DSG specification is finalized.

This MIB is supported only in Cisco IOS Release 12.3(9a)BC and later releases. It is not supported for the version of DSG that was implemented in Cisco IOS Release 12.2(15)BC1.

This MIB is not supported in Cisco IOS Release 12.1 EC.

Load Balancing Support

Cisco IOS Release 12.3(9a)BC introduces support for Load Balancing on the Cisco uBR7246VXR router. The Load Balancing feature allows system operators to distribute cable modems across radio frequency (RF) downstreams and upstreams, to maximize bandwidth and usage of the cable plant.

The Load Balancing feature allows service providers to optimally use both downstream and upstream bandwidth, enabling the deployment of new, high-speed services such as voice and video services. This feature also can help reduce network congestion due to the uneven distribution of cable modems across the cable network and due to different usage patterns of individual customers.

By default, the Cisco CMTS platforms use a form of load balancing that attempts to equally distribute the cable modems to different upstreams when the cable modems register. You can refine this form of load balancing by imposing a limit on the number of cable modems that can register on any particular upstream, using the cable upstream admission-control command.

However, this default form of load balancing affects the cable modems only when they initially register with the Cisco CMTS. It does not dynamically rebalance the cable modems at later times, such as when they might change upstream channels in response to RF noise problems, or when bandwidth conditions change rapidly because of real-time traffic such as Voice over IP (VoIP) and video services. It also does not affect how the cable modems are distributed among downstream channels.

For additional information about configuring Load Balancing on the Cisco CMTS, refer to the following document on Cisco.com:

Configuring Load Balancing for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/troubleshooting_batch9/cmtslbg.html.

Spectrum Management Enhancements in Cisco IOS Release 12.3(9a)BC

Cisco IOS Release 12.3(9a)BC introduces enhancements to spectrum management for the Cisco uBR7246VXR router:

Supports the Cisco Broadband Troubleshooter (CBT) 3.2 (with caveats)

Supports Subscriber Traffic Management (STM) Version 1.1 (with caveats)

For additional information about CBT 3.2, spectrum management and STM 1.1, refer to the following documents on Cisco.com:

Release Notes for Cisco Broadband Troubleshooter Release 3.2

http://www.cisco.com/en/US/products/sw/netmgtsw/ps530/prod_release_notes_list.html.

Spectrum Management for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_spec.html.

Subscriber Traffic Management for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/ubsubmon.html.

Subscriber Traffic Management (STM) Version 1.1

Cisco IOS Release 12.3(9a)BC introduces support for Subscriber Traffic Management (STM) Version 1.1 with the Cisco Broadband Troubleshooter (CBT) Version 3.2 on the Cisco uBR7246VXR universal broadband router.

STM 1.1 extends earlier STM functions to monitor a subscriber's traffic on DOCSIS 1.1 primary service flows and supports these additional features:

Cisco Broadband Troubleshooter (CBT) 3.2 supports STM 1.1.

DOCSIS 1.0-compliant and DOCSIS 1.1-compliant cable modem are supported.

Monitoring and application of traffic management policies are applied on a service-flow basis.

Monitoring window duration increased from seven to 30 days.

For additional information about STM 1.1 and Cisco CBT 3.2, refer to the following documents on Cisco.com:

Subscriber Traffic Management for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/ubsubmon.html.

Release Notes for Cisco Broadband Troubleshooter Release 3.2

hhttp://www.cisco.com/en/US/products/sw/netmgtsw/ps530/prod_release_notes_list.html.

Transparent LAN Services (TLS) and L2 Tunneling ATM/SIDs

Cisco IOS Release 12.3(9a)BC introduces support for the Transparent LAN Service over Cable feature on the Cisco uBR7246VXR router. This feature enhances existing Wide Area Network (WAN) support to provide more flexible Managed Access for multiple Internet service provider (ISP) support over a hybrid fiber-coaxial (HFC) cable network.

This feature allows service providers to create a Layer 2 tunnel by mapping an upstream service identifier (SID) to an ATM permanent virtual connection (PVC) or a Virtual Local Area Network (VLAN).

For additional information about configuring TLS on the Cisco uBR7246VXR router, refer to the following document on Cisco.com:

Transparent LAN Service over Cable

http://www.cisco.com/en/US/products/hw/cable/ps2217/products_configuration_example09186a008029160d.shtml

Usage Based Billing (SAMIS)

Cisco IOS Release 12.3(9a)BC introduces the Usage-Based Billing feature on the Cisco uBR7246VXR universal broadband router. This feature provides subscriber account and billing information in the Subscriber Account Management Interface Specification (SAMIS) format. SAMIS is specified by the Data-over-Cable Service Interface Specifications (DOCSIS) Operations Support System Interface (OSSI) specification.

For additional information about configuring and monitoring Usage-Based Billing (SAMIS) on the Cisco uBR7246VXR CMTS, refer to the following document on Cisco.com:

Usage Based Billing for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/ubrsamis.html.

Virtual Interface Support and Frequency Stacking Support

Cisco IOS Release 12.3(9a)BC supports virtual interfaces and frequency stacking on the Cisco uBR7246VXR router. Virtual interfaces allows a DS interface to be configured with up to 8 USs. Frequency stacking allows two frequencies to be configured on one physical connector.

For additional information about frequency stacking and virtual interfaces on the Cisco  uBR7246VXR router, refer to the following document on Cisco.com:

Virtual Interfaces and Frequency Stacking Configuration on MC5x20S and MC28U Linecards

http://www.cisco.com/en/US/tech/tk86/tk804/technologies_white_paper09186a0080232b49.shtml.

MIBs

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://tools.cisco.com/ITDIT/MIBS/servlet/index

If Cisco MIB Locator does not support the MIB information that you need, you can also obtain a list of supported MIBs and download MIBs from the Cisco MIBs page at the following URL:

http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml

To access Cisco MIB Locator, you must have an account on Cisco.com. If you have forgotten or lost your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will verify that your e-mail address is registered with Cisco.com. If the check is successful, account details with a new random password will be e-mailed to you. Qualified users can establish an account on Cisco.com by following the directions found at this URL:

http://tools.cisco.com/RPF/register/register.do

MIB Changes and Enhancements for Cisco IOS Release 12.3(17a)BC:

MIB enhancements in Cisco IOS Release 12.3(17a)BC provide enhanced management features that enable the Cisco uBR 7200 Series router to be managed through the Simple Network Management Protocol (SNMP). These enhanced management features allow you to:

Use SNMP set and get requests to access information in Cisco CMTS universal broadband routers

Reduce the amount of time and system resources required to perform functions like inventory management

A standards-based technology (SNMP) for monitoring faults and performance on the router

Support for SNMP versions (SNMPv1, SNMPv2c, and SNMPv3)

Notification of faults, alarms, and conditions that can affect services

To access the Cisco CMTS Universal Broadband Router MIB Specifications Guide, go to:

http://www.cisco.com/en/US/products/hw/cable/ps2217/prod_technical_reference_list.html.

Important Notes

The following sections contain important notes about Cisco IOS Release 12.3(23)BC6 that apply to Cisco uBR7200 series universal broadband routers.

How to Upgrade to Cisco IOS Release 12.3(21)BC

In circumstances in which non-volatile memory (NVRAM) becomes corrupted on the Cisco CMTS, configurations and feature behavior may become corrupted or lost, looping behavior in NVRAM may result, and additional measures to resolve corrupted NVRAM and lost configurations would be required.

This issue can be generated by upgrading to later Cisco IOS releases from prior Cisco IOS releases that do not contain resolution to a specific and known issue. This issue is not limited to Cisco IOS releases installed on the Cisco universal broadband routers.

Symptoms of Corrupted NVRAM

This issue is displayed with the following symptoms in the case of the Cisco CMTS:

A router may display the following error message:

NV: Invalid Pointer value(6357F3CC) in private configuration structure

This error message is displayed either when the router boots, or when you enter one of the following commands:

write memory

copy running-config startup-config

copy file

nvram:startup-config

Conditions of Corrupted NVRAM

This symptom is observed under the following conditions:

The Cisco router runs one of the following Cisco IOS Releases, as the outgoing image to be upgraded:

Interim Cisco IOS Release 12.3(19.7)

Interim Cisco IOS Release 12.4(6.5)

Interim Cisco IOS Release 12.4(6.5)T

Certain later releases

When upgrading to Cisco IOS Release 12.3(21)BC, the following upgrade procedure prevents corruption to NVRAM, retains configurations made in earlier releases, and successfully installs Cisco IOS Release 12.3(21)BC images. This procedure is subject to the feature restrictions and prerequisites of Cisco IOS Release 12.3(21)BC, described in these release notes.

Prerequisites

Cisco strongly recommends that you back up your configuration files prior to performing this upgrade, or any upgrade.

SUMMARY STEPS

Perform these steps to upgrade to Cisco IOS 12.3(21)BC, after TFTP file transfer operations are complete.

1. enable

2. configure terminal

3. erase /all nvram:

4. write memory

5. copy file

6. reload

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

erase /all nvram:

or

erase nvram:

or

write erase

Example:

Router# erase /all nvram:

The first command option for this step erases the entire NVRAM.

Either of the final two command options erase only the configuration files in NVRAM.

Step 4 

write memory

Example:

Router# write memory

(Optional) Copies the running configuration to startup configuration.

Step 5 

copy file

Example:

Router# copy ubr10k-k8p6-mz

This general step copies a saved configuration, if different from the running configuration, to the startup configuration.

file—Cisco IOS image file for Cisco IOS Release 12.3(21)BC

Step 6 

reload

Example:

Router# reload

Boots the router with the latest Cisco IOS release image.

New Command Information for Cisco IOS Release 12.3(21)BC3

Cisco IOS Release 12.3(21)BC introduces support and modifications to the following commands for Cisco Cable Modem Termination System (CMTS) universal broadband routers.

Refer to the following sections for more information:

controller modular-cable

clear cable modem reset

hw-module shutdown

show cable modem summary

controller modular-cable

To enter controller configuration mode to configure the Cisco 1-Gbps Wideband SPA controller, use the controller modular-cable command in global configuration mode.

controller modular-cable  slot/subslot/bay

Syntax Description

slot

The slot where the Wideband SIP resides. On the Cisco uBR10012 router, slots 1 and 3 can be used for the Wideband SIP.

subslot

The subslot where the Wideband SIP resides. On the Cisco uBR10012 router, subslot 0 is always specified.

bay

The bay in the Wideband SIP where the Wideband SPA is located. Valid values are 0 (upper bay) and 1 (lower bay).


Defaults

No Wideband SPA controller is configured.

Command Modes

Global configuration mode.

Command History

Release
Modification

12.3(21)BC

This command was introduced on the Cisco uBR10012 universal broadband router.


Usage Guidelines

This command indicates where the Wideband SPA that will be configured is located and enters controller configuration mode.

Examples

The following example shows how to enter controller configuration mode for the Wideband SPA in slot 1, subslot 0, and bay 0.

Router# configure terminal 
Router(config)# controller modular-cable 1/0/0
Router(config-controller)# 
Router# 

Related Commands

Command
Description

annex modulation

Sets the annex and modulation for the Wideband SPA.

ip-address

Sets the IP address of the Wideband SPA's FPGA

rf-channel

Configures an RF channel on a Wideband SPA.

rf-channel cable downstream channel-id

Assigns a downstream channel ID to an RF channel.

cable rf-channel

Associates an RF channel on a Wideband SPA with a wideband channel.

modular-host subslot

Specifies the modular-host line card for Wideband protocol operations.


clear cable modem reset

To remove one or more CMs from the Station Maintenance List and reset them, use the clear cable modem reset command in privileged EXEC mode.

clear cable modem {mac-addr | ip-addr | [cable slot/port] {all | oui string | reject} } reset

clear cable modem {mac-addr | ip-addr | [cable slot/subslot/port] {all | oui string | reject | wideband registered-traditional-docsis} } reset

Syntax Description

mac-addr

Specifies the 48-bit hardware address (MAC address) of an individual CM, or of any CPE devices or hosts behind that CM.

ip-addr

Specifies the IP address of an individual CM, or of any CPE devices or hosts behind that CM.

cable slot/port

(Optional) Identifies the a interface and downstream port on the Cisco uBR7100 series and Cisco uBR7200 series routers.

On the Cisco uBR7100 series router, the only valid value is 1/0. On the Cisco uBR7200 series router, slot can range from 3 to 6, and port can be 0 or 1, depending on the cable interface.

cable slot/subslot/port

(Optional) Identifies a cable interface on the Cisco uBR10012 router. The following are the valid values:

slot = 5 to 8

subslot = 0 or 1

port = 0 to 4 (depending on the cable interface)

all

Removes all the CMs from the Station Maintenance List. (This option is valid only on the Release 12.1 EC train.)

oui string

Removes and resets all CMs that match the specified Organization Unique Identifier (OUI). The string parameter can be either the three byte hexadecimal string (such as 00.00.0C) or a vendor name that has been defined using the cable modem vendor command.

reject

Removes and resets all CMs that are currently in one of the reject states (see the description of these states in the show cable modem command).

wideband registered-traditional-docsis

If you specify wideband, removes and resets all wideband CMs. If you specify wideband registered-traditional-docsis, removes and resets all wideband CMs that are registered as traditional DOCSIS modems.


Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(2) EC

This command was introduced.

12.2(4)BC1

Support was added to the Release 12.2 BC train.

12.2(11)BC2

Support was added for the oui and reject options.

12.2(11)BC3

The all option was removed from the Release 12.2 BC train, and replaced with the interface option.

12.2(15)BC1

The cable interface was made an optional keyword for this command.

12.3(21)BC

Support was added for the wideband and registered-traditional-docsis keywords.


Usage Guidelines

This command instructs the Cisco CMTS to stop sending DOCSIS station maintenance messages to one or more CMs, which effectively terminates the link to those CMs. A CM responds to this by resetting itself. Depending on when the CM received the last station maintenance message, it can take up to 30 seconds before the CM detects the missing station maintenance messages and resets itself.

In some circumstances, the customer premises equipment (CPE) devices behind a CM stops receiving traffic after the CM is reset. This is because the CMTS still has the CPE device listed in its address tables, but the CM does not after being reset, so the traffic passes through the CMTS but is dropped by the CM. To resolve this situation, the CPE device should simply send some type of traffic to the CM, such as a ping packet. (You can also resolve this situation by using the clear arp-cache command on the Cisco CMTS router to clear the router's address table, but this is not recommended, because it temporarily interrupts all traffic on the router.)


Note The clear cable modem all reset command can result in the CPU utilization temporarily reaching 100 percent for a couple of minutes, as the CPU processes the command for all CMs. The CPU utilization will return to normal within a couple of minutes.



Caution The clear cable modem all reset command should normally be used only on a test or lab network. If used on a large network, it could impact service for a significant period of time, as it would force all CMs to simultaneously reset and reregister with the Cisco CMTS.


Tip You can also specify the MAC address or IP address for a CPE device or host, and the Cisco CMTS resets the CM that is associated with that CPE device in its internal database.


Examples

The following example shows how to reset the CM at 172.23.45.67:

Router# clear cable modem 172.23.45.67 reset
Router#
 
   

The following example shows how to reset all CMs that have a OUI that has been defined as having the vendor name of Cisco using the cable modem vendor command:

Router# clear cable modem oui Cisco reset
Router#
 
   

The following example shows how to reset all CMs that are currently in one of the reject states:

Router# clear cable modem reject reset
Router#
 
   

The following example shows how to reset all wideband CMs that are registered as traditional DOCSIS modems.:

Router# clear cable modem wideband registered-traditional-docsis reset
MAC Address    IP Address      I/F       MAC            Prim  BG  DSID  MD-DS-SG
                                         State          Sid   ID
0018.6852.825c 80.18.0.9       C5/0/0/U0 online         1     0   256   N/A
0018.6852.8286 80.18.0.10      C5/0/0/U0 online         2     0   264   N/A
0016.92fb.55be 80.18.0.7       C5/0/0/U0 online         3     0   288   N/A
0016.92f0.9104 80.18.0.5       C5/0/0/U0 online         4     0   280   N/A
0016.92fb.55c0 80.18.0.6       C5/0/0/U0 online         5     0   272   N/A
 
   

Router#

Related Commands

Command
Description

clear cable flap-list

Resets the flap-list table for a specific CM or for all CMs.

clear cable modem counters

Resets the flapping counters of a CM to zero.

clear cable modem delete

Removes one or more CMs from the internal address and routing tables.

clear cable modem lock

Resets the lock on one or more CMs.

clear cable modem offline

Removes all offline CMs from the internal address and routing tables, or clears all flap list counters for offline CMs.

show cable modem

Displays the current status for one or more CMs.


hw-module shutdown

To shut down a particular Performance Routing Engine (PRE1) module, line card, Wideband SIP or Wideband SPA, use the hw-module shutdown command in global configuration mode. To activate a specific PRE1, line card, Wideband SIP or Wideband SPA, use the no form of this command.

hw-module {main-cpu | pre {A|B} | sec-cpu | slot slot-number | subslot slot/subslot |
bay slot/subslot/bay} shutdown [unpowered]

no hw-module {main-cpu | pre {A|B} | sec-cpu | slot slot-number | subslot slot/subslot |
bay slot/subslot/bay} shutdown

Syntax Description

main-cpu

Shuts down the PRE1 module that is currently acting as the active PRE1 module.

pre {A|B}

Shuts down the PRE1 module that is physically in either PRE slot A (left slot) or PRE slot B (right slot).

sec-cpu

Shuts down the PRE1 module that is currently acting as the standby PRE1 module.

slot slot-number

Shuts down the line cards that are physically present in the specified slot-number (valid range is 1 to 8).

subslot slot/subslot

Shuts down the line card or SIP that is physically present in the slot with the specified slot and subslot numbers. The following are the valid values:

slot = 1 to 8

subslot = 0 or 1

bay slot/subslot/bay

Shuts down the SPA in the location specified by the slot/subslot/bay argument. The following are the valid values:

slot = 1 to 3

subslot = 0 or 1 (0 is always specified)

bay = 0 (upper bay) or 1 (lower bay)

unpowered

Used with the Wideband SPA, shuts down the SPA and its interfaces, and leaves them in an administratively down state without power.


Defaults

No default behavior or values

Command Modes

Global configuration

Command History

Release
Modification

12.2(4)XF

This command was introduced for the Cisco uBR10012 router.

12.3(21)BC

Support was added for the Cisco Wideband SIP and Cisco 1-Gbps Wideband SPA.


Usage Guidelines

The hw-module shutdown command shuts down a particular Performance Routing Engine (PRE1) module, line card, Wideband SIP or Wideband SPA. To activate a specific PRE1, line card, Wideband SIP, or Wideband SPA, use the no form of this command.


Caution Shutting down the active PRE1 module will trigger a switchover, so that the standby PRE1 module becomes the active PRE1 module.

Examples

The following example shows the standby PRE1 module being shut down:

Router(config)# hw-module sec-cpu shutdown 
Router(config)#
 
   

The following example shows the active PRE1 module being shut down (which will trigger a switchover to the standby PRE1 module):

Router(config)# hw-module main-cpu shutdown 
Router(config)# 
 
   

The following example shows the PRE1 module in PRE1 slot B being shut down:

Router(config)# hw-module pre B shutdown 
Router(config)# 

Note The hw-module pre B shutdown command shuts down the PRE1 module that is physically present in slot B, regardless of whether the module is the active or standby PRE1 module.


The following example shows how to deactivate and verify deactivation for the Cisco Wideband SPA located in slot 1, subslot 0, bay 0. In the output of the show hw-module bay oir command, notice the "admin down" in the Operational Status field.

Router# configure terminal
Router(config)# hw-module bay 1/0/0 shutdown unpowered
%SPAWBCMTS-4-SFP_MISSING: Wideband-Cable 1/0/0, 1000BASE-SX SFP missing from port 0
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:1, changed state to down
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:2, changed state to down
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:3, changed state to down
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:4, changed state to down
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:5, changed state to down
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:6, changed state to down
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:7, changed state to down
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:8, changed state to down
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:9, changed state to down
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:10, changed state to down
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:11, changed state to down
...
Router# show hw-module bay 1/0/0 oir
 
   
Module         Model              Operational Status
-------------- ------------------ -------------------------
bay 1/0/0      SPA-24XDS-SFP      admin down
 
   

The following example shows how to activate and verify activation for the Cisco Wideband SPA located in slot 1, subslot 0, bay 0. In the output of the show hw-module bay oir command, notice the "ok" in the Operational Status field.

Router# configure terminal
Router(config)# no hw-module bay 1/0/0 shutdown
%SPAWBCMTS-4-SFP_OK: Wideband-Cable 1/0/0, 1000BASE-SX SFP inserted in port 0
%SPAWBCMTS-4-SFP_LINK_OK: Wideband-Cable 1/0/0, port 0 link changed state to up
%SNMP-5-LINK_UP: LinkUp:Interface Wideband-Cable1/0/0:0 changed state to up
%LINK-3-UPDOWN: Interface Cable1/0/0:0, changed state to up
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:1, changed state to up
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:2, changed state to up
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:3, changed state to up
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:4, changed state to up
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:5, changed state to up
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:6, changed state to up
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:7, changed state to up
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:8, changed state to up
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:9, changed state to up
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:10, changed state to up
%LINK-3-UPDOWN: Interface Wideband-Cable1/0/0:11, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Wideband-Cable1/0/0:0, changed state to up
...
Router# show hw-module bay 1/0/0 oir
 
   
Module         Model              Operational Status
-------------- ------------------ -------------------------
bay 1/0/0      SPA-24XDS-SFP      ok
 
   

Related Commands

Command
Description

hw-module reset

Resets a PRE1 module or line card.

hw-module reload

Reloads the software in and restarts a Cisco 1-Gbps Wideband SPA.

redundancy force-failover main-cpu

Forces a manual switchover between the active and standby PRE1 modules.


show cable modem summary

To display a summary of CMs on one or more cable interfaces, use the show cable modem command in privileged EXEC mode.

show cable modem summary [total]

show cable modem summary interface1 [interface2] total

show cable modem summary interface1 [interface2] upstream port1 port2 total

show cable modem cable slot/port [upstream port] summary

show cable modem cable slot/subslot/port [upstream port] summary

Syntax Description

total

(Optional) Displays a footer line showing the totals for each column.

interface1

(Optional) Cable interface to be summarized. The interface1 parameter can take the following forms:

cable slot/port—On the Cisco uBR7100 series router, the only valid value is 1/0. On the Cisco uBR7200 series router, slot can range from 3 to 6, and port can be 0 or 1, depending on the cable interface.

cable slot/subslot/port—On the Cisco uBR10012 router, slot can range from 5 to 8, subslot can be either 0 or 1, and port can range from 0 to 4 (depending on the interface).

interface2

(Optional) Second cable interface, specifying a range of cable interfaces to be summarized. The interface2 parameter has the same form as interface1.

Note When specifying a range of cable interfaces, interface1 must be the lower-numbered interface and interface2 must be the higher-numbered interface.

upstream port1 port2

(Optional) Specifies a range of upstream ports on the cable interfaces to be summarized. The port1 and port2 parameters can start at 0, and port2 must be a higher-numbered port than port1.

upstream port

(Optional) Specifies a specific upstream port to be summarized. This option can be specified only when summarizing a single cable interface.


Command Modes

Privileged EXEC

Command History

Release
Modification

11.3XA

This command was introduced.

12.1(4)CX and 12.2(4)BC1

Support was added for the Cisco uBR10012 router.

12.1(6)EC

The total option was supported for the Cisco uBR7100 series and Cisco uBR7200 series routers.

12.1(11b)EC

The upstream Description field was added to the show cable modem summary display in Cisco IOS Release 12.1 EC.

12.2(8)BC1

The total option was supported for the Cisco uBR10012 universal broadband router.

12.2(15)BC2

The upstream Description field was added to the show cable modem summary display in Cisco IOS Release 12.2 BC.

12.3(21)BC

Support was added for wideband modem output.


Usage Guidelines

This command displays a summary of CMs for a single cable interface or upstream, or for a range of cable interfaces or upstreams. The following possible combinations are possible for this command:

show cable modem summary total—Displays a summary and a total for all CMs on the chassis.

show cable modem summary cable x/0 total—Displays a summary of CMs on a specified card.

show cable modem summary cable x/0 upstream port1 port2 total—Displays a summary of CMs on the specified card and specified range of ports. The port1 value must be less than the port2 value.

show cable modem summary cable x/0 cable y/0 total—Displays a summary of CMs on the specified range of cards.

show cable modem summary cable x/0 cable y/0 upstream port1 port2 total—Displays a summary of CMs on the specified range of ports on the specified range of cards.

Examples

The following example shows typical output for the default form of the show cable modem summary command on a Cisco uBR7200 series router:

Router# show cable modem summary 
 
   
Interface     Total      Active      Registered   Description 
              Modems     Modems      Modems
Cable3/0/U0   165         141         141         Line 32/1
Cable3/0/U1   209         172         170         Line 32/2
Cable3/0/U2   262         207         203         Line 32/3
Cable3/0/U3   256         194         188         Line 32/4
Cable5/0/U0   746         714         711         Line 41/1
Cable6/0/U0   806         764         759         Line 42/2
 
   
Router# 

Note The Description field appears in Cisco IOS Release 12.1(11b)EC, 12.2(15)BC2, and later releases, and shows the string configured for the upstream using the cable upstream description command.


The following example shows typical output for the show cable modem summary command with the total option on a Cisco uBR7200 series router:

Router# show cable modem summary total 
 
   
Interface     Total      Active      Registered   Description 
              Modems     Modems      Modems
Cable5/0/U0     746        714         711        Node1 
Cable6/0/U1     806        764         759        Node3
 
   
Total:         1552       1478        1470
 
   
Router# 
 
   

The following example shows sample output for the show cable modem summary command with the total option for a Cisco uBR10012 router:

Router# show cable modem summary total
Interface                       Cable Modem                    Description
            Total Reg   Unreg Offline Wideband initRC initD initIO initO
C5/0/0/U0   84    84    0     0       84       0      0     0      0     
C5/0/0/U1   84    84    0     0       84       0      0     0      0     
C5/0/0/U2   83    83    0     0       83       0      0     0      0     
C5/0/0/U3   83    83    0     0       83       0      0     0      0     
<<output omitted>>
 
   
Total:      8020  8020  0     0       8016     0      0     0      0 
 
   
Router# 
 
   

The following example shows sample output for the show cable modem summary total command for a range of interfaces on the Cisco uBR10012 router:

Router# show cable modem summary c5/1/1 c5/1/2 total
Interface                       Cable Modem                    Description
            Total Reg   Unreg Offline Wideband initRC initD initIO initO
C5/1/1/U0   84    84    0     0       84       0      0     0      0     
C5/1/1/U1   84    84    0     0       83       0      0     0      0     
C5/1/1/U2   83    83    0     0       83       0      0     0      0     
C5/1/1/U3   83    83    0     0       83       0      0     0      0     
C5/1/2/U0   84    84    0     0       84       0      0     0      0     
C5/1/2/U1   84    84    0     0       84       0      0     0      0     
C5/1/2/U2   83    83    0     0       83       0      0     0      0     
C5/1/2/U3   83    83    0     0       83       0      0     0      0     
 
   
Total:      668   668   0     0       667      0      0     0      0     
 
   
Router# 
 
   

The following example shows sample output for the show cable modem summary total command for a range of interfaces and upstreams on the Cisco uBR10012 router:

Router# show cable modem summary c5/1/1 c5/1/2 upstream 0 1 total
Interface                       Cable Modem                    Description
            Total Reg   Unreg Offline Wideband initRC initD initIO initO
C5/1/1/U0   84    84    0     0       84       0      0     0      0     
C5/1/1/U1   84    84    0     0       83       0      0     0      0     
C5/1/2/U0   84    84    0     0       84       0      0     0      0     
C5/1/2/U1   84    84    0     0       84       0      0     0      0     
 
   
Total:      336   336   0     0       335      0      0     0      0     
 
   
 
   
Router# 
 
   

Note When displaying a summary for a range of ports or cable interfaces, the first port or cable interface (for example, u0 or c4/0) must be lower-numbered than the second port or interface (for example, u6 or c6/0). If you specify the higher-numbered port or interface first, the display shows no CMs connected.


Table 10 describes the fields shown in the show cable modem summary displays:

Table 9 Descriptions for the show cable modem summary Fields 

Field
Description

Interface

The cable interface line card providing the upstream for the CMs.

Total Modems or Total

Total number of CMs, registered, unregistered, and offline for this interface.

Registered Modems or Reg

Total number of CMs that have registered and are online on this interface. This number might be different from the Total Modems number if some modems are offline or not fully registered.

Unregistered Modems

Total number of CMs that are either offline and not currently communicating with the CMTS, or attempting to come online but are not yet registered.

Offline

Total number of CMs that were online or attempted to register but are no longer communicating with the CMTS.

Wideband

CM is registered as a wideband CM.

init(rc)

MAC state of CM is init(rc).

init(d)

MAC state of CM is init(d).

init(io)

MAC state of CM is init(io).

init(o)

MAC state of CM is init(o).

Description

Description entered for this upstream using the cable upstream description command.



Note For information on MAC states, see the show cable modem command.



Tip In Cisco IOS Release 12.1(12)EC, Release 12.2(8)BC1, and later releases, you can add a timestamp to show commands using the exec prompt timestamp command in line configuration mode.


Related Commands

Command
Description

show cable modem

Displays information for the registered and unregistered CMs.

show cable modem access-group

Displays the access groups for the CMs on a particular cable interface.

show cable modem calls

Displays voice call information for a particular CM, identified either by its IP address or MAC address.

show cable modem connectivity

Displays connectivity statistics for one or more CMs.

show cable modem counters

Displays downstream and upstream traffic counters for one or more CMs.

show cable modem cpe

Displays the CPE devices accessing the cable interface through a particular CM.

show cable modem offline

Displays a list of the CMs that are marked as offline with the Cisco CMTS.

show cable modem registered

Displays a list of the CMs that are marked as registered with the Cisco CMTS.

show cable modem remote-query

Displays information collected by the remote-query feature.

show cable modem unregistered

Displays a list of the CMs that are marked as unregistered with the Cisco CMTS.

show cable modem vendor

Displays the vendor name or Organizational Unique Identifier (OUI) for the CMs on each cable interface.

show interface cable modem

Displays information about the CMs connected to a particular cable interface.

show interface cable sid

Displays cable interface information.

show cable modem wideband

Displays information for a wideband CMs.


Restriction for Cisco IOS Release 12.3(17a)BC

Cisco IOS Release 12.3(17a)BC with the Cisco uBR7246VXR router does not support overlapping IP addresses with MPLS-VPN.

For additional information about the Cable Intercept feature, cable interface bundling, or virtual master interfaces in cable interface bundling, refer to the following documents on Cisco.com:

Cable Interface Bundling and Virtual Interface Bundling for the Cisco CMTS

http://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_bund.html.

Cable Monitor and Intercept Features for the Cisco CMTS

hhttp://www.cisco.com/en/US/docs/cable/cmts/feature/guide/ufg_cmon.html.

Cisco Broadband Cable Command Reference Guide

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_book.html

New Command Information for Cisco IOS Release 12.3(13a)BC3

Cisco IOS Release 12.3(13a)BC3 introduces support for the debug cable classifier command, which displays debugging information supporting DOCSIS packet classifiers.

debug cable classifiers

To display debugging messages for DOCSIS packet classifiers, use the debug cable classifiers command in privileged EXEC mode. To stop the display of debugging messages, use the no form of this command.

debug cable classifiers

no debug cable classifiers

Syntax Description

No additional keywords or syntax components are required.

Command Modes

Privileged EXEC mode

Defaults

DOCSIS packet classifier debugging is disabled by default.

Command History

Release
Modification

12.3(13a)BC3

This command was introduced on the Cisco uBR10012 and Cisco uBR7246VXR universal broadband routers.


Usage Guidelines

The debug cable classifiers command provides detailed information about the allocation, removal, activation and deactivation of packet classifiers. Generally, classifiers are used to identify IP packets by source port, destination port, or type of service. Classifiers are associated with service flows. For example, packet classifiers are dynamically created in most VOIP deployments and this debug command can be used to troubleshoot issues related to these classifiers as VOIP calls are created and torn down.

Because this command can produce a large volume of debug information, use this command only when you have also enabled debugging for a particular MAC address, set of MAC addresses, or a MAC address mask, using the debug cable mac-address command.

For additional debug command information, refer to the following document on Cisco.com:

Cisco Broadband Cable Command Reference Guide

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_book.html.

Examples

The following example enables classifier debugging for a single MAC address:

Router# debug cable mac-address 000a.73fa.dbaa
Router# debug cable classifiers
CMTS Packet Classifiers debugging is on

The following enables classifier debugging for all MAC addresses with Organizational Unique Identifier (OUI) OUI 0013.11:

Router# debug cable mac-addr 0013.1100.0000 ffff.ff00.0000
Router# debug cable classifiers                           
CMTS Packet Classifiers debugging is on

The following example illustrates sample output of the debug cable classifiers command for the given MAC addresses:

Feb  7 18:43:50.181: CFR cmts_deactivate_us_srv_flow_act_cfrs 000a.73fa.dbaa sid 1 sfid 3 
st 2 dir 0 prov 1 adm 1 act 1
Feb  7 18:43:50.181: CFR cmts_remove_cm_srv_flow_cfrs 000a.73fa.dbaa sid 1 sfid 3 st 2 dir 
0 prov 1 adm 0 act 0
Feb  7 18:43:50.181: CFR cmts_deactivate_ds_srv_flow_act_cfrs 000a.73fa.dbaa sid 0 sfid 4 
st 2 dir 1 prov 2 adm 2 act 2
Feb  7 18:43:50.181: CFR cmts_remove_cm_srv_flow_cfrs 000a.73fa.dbaa sid 0 sfid 4 st 2 dir 
1 prov 2 adm 0 act 0
Feb  7 18:43:50.181: CFR cmts_deactivate_us_srv_flow_act_cfrs 000a.73fa.dbaa sid 1 sfid 3 
st 2 dir 0 prov 3 adm 0 act 0
Feb  7 18:43:50.181: CFR cmts_deactivate_us_srv_flow_act_cfrs 000a.73fa.dbaa sid 1 sfid 3 
st 1 dir 0 prov 3 adm 3 act 0
Feb  7 18:43:50.181: CFR cmts_activate_us_srv_flow_act_cfrs 000a.73fa.dbaa sid 1 sfid 3 st 
2 dir 0 prov 3 adm 3 act 3
Feb  7 18:43:50.181: CFR cmts_deactivate_ds_srv_flow_act_cfrs 000a.73fa.dbaa sid 0 sfid 4 
st 2 dir 1 prov 4 adm 0 act 0
Feb  7 18:43:50.181: CFR cmts_deactivate_ds_srv_flow_act_cfrs 000a.73fa.dbaa sid 0 sfid 4 
st 1 dir 1 prov 4 adm 4 act 0
Feb  7 18:43:50.181: CFR cmts_activate_ds_srv_flow_act_cfrs 000a.73fa.dbaa sid 0 sfid 4 st 
2 dir 1 prov 4 adm 4 act 4
Feb  7 18:43:50.181: CFR cmts_set_cfr_params 000a.73fa.dbaa cfrid 1 pri 0 ord 0 dir 0 st 2 
phsi 0
Feb  7 18:43:50.181: CFR cmts_activate_cfr 000a.73fa.dbaa cfrid 1 pri 1 ord 0 dir 0 st 2
Feb  7 18:43:50.181: CFR cmts_add_pkt_cfr 000a.73fa.dbaa cfrid 1 pri 1 ord 0 dir 0 st 1 
phsi 0
Feb  7 18:43:50.181: CFR cmts_handle_cfr_parsed_data CFR_ADD 000a.73fa.dbaa sfid 0 action 
0 dir 0 type 0 cfrid 0 pri 1 ord 0 dir 0 st 1 phsi 0
Feb  7 18:43:50.181: CFR cmts_set_cfr_params 000a.73fa.dbaa cfrid 2 pri 0 ord 0 dir 1 st 2 
phsi 0
Feb  7 18:43:50.181: CFR cmts_activate_cfr 000a.73fa.dbaa cfrid 2 pri 1 ord 0 dir 1 st 2
Feb  7 18:43:50.181: CFR cmts_add_pkt_cfr 000a.73fa.dbaa cfrid 2 pri 1 ord 1 dir 1 st 1 
phsi 0
Feb  7 18:43:50.181: CFR cmts_handle_cfr_parsed_data CFR_ADD 000a.73fa.dbaa sfid 0 action 
0 dir 1 typ

Related Commands

Command
Description

debug cable dynsrv

Displays information about DOCSIS 1.1 dynamic service flow messages.

debug cable qos

Activates quality-of-service (QoS) debugging.


New and Changed Command Reference for Cisco IOS Release 12.3(9a)BC

Cisco IOS Release 12.3(9a)BC introduces support or enhanced performance for the following Cisco IOS command-line interface (CLI) commands on the Cisco uBR7246VXR router:

cable logging layer2events

cable source-verify

cable submgmt default

show cable tech-support

show controllers cable

show tech-support

cable logging layer2events

To save DOCSIS events that are specified in Cable Device MIB to the cable logging buffer (instead of to the general logging buffer), use the cable logging layer2events command in global configuration mode. To disable the logging of DOCSIS events to the cable logging buffer, use the no form of this command.

cable logging layer2events

no cable logging layer2events

Syntax Description

This command has no additional arguments or keywords.

Defaults

DOCSIS events are saved to the general logging buffer on the Cisco CMTS by default.

Command Modes

Global configuration mode

Command History

Release
Modification

12.3(9a)BC

This command was introduced on the Cisco uBR10012 and Cisco uBR7246VXR universal broadband routers.


Usage Guidelines

Use the show cable logging command to check whether the logging feature is enabled and the status of the logging buffer.

Examples

The following example shows how to clear the log buffer that contains a bad IP source address error messages:

Router# show cable logging summary
Cable logging: BADIPSOURCE Enabled
Total buffer size (bytes): 1000000
Used buffer size (bytes) : 36968
Logged messages : 231
Router# clear cable logging badipsource
Router# show cable logging summary
Cable logging: BADIPSOURCE Enabled
Total buffer size (bytes): 1000000
Used buffer size (bytes) : 0
Logged messages : 0

Related Commands

Command
Description

cable logging badipsource

Logs error messages about bad IP source addresses on the cable interfaces to a separate log buffer,

show cable logging

Indicates whether the logging feature is enabled and the status of the logging buffer.


For additional information about logging events on the Cisco CMTS, refer to the following document on Cisco.com:

Cisco Broadband Cable Command Reference Guide

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_book.html.

cable source-verify

To enable verification of IP addresses or service IDs (SIDs) for CMs and CPE devices on the upstream, use the cable source-verify command in global configuration, cable interface configuration or subinterface configuration modes. To disable verification, use the no form of this command.

Cable Interface and Subinterface Configuration Modes

cable source-verify [dhcp | leasetimer value | leasequery-filter upstream query-num interval]

no cable source-verify

Global Configuration Mode

cable source-verify leasequery-filter downstream query-num interval

no cable source-verify

Syntax Description

dhcp

(Optional) Specifies that queries will be sent to verify unknown source IP addresses in upstream data packets.

Note Do not enable the local DHCP server on the Cisco CMTS and configure local DHCP address pools, using the ip dhcp pool command, when using this option, because this prevents DHCP address validation.

leasetimer value

(Optional) Specifies the time, in minutes, for how often the router should check its internal CPE database for IP addresses whose lease times have expired. The valid range for value is 1 to 240 minutes, with a default of 60 minutes.

Note The leasetimer option takes effect only when the dhcp option is also used on an interface. Also, this option is supported only on the master interface and cannot be configured on subinterfaces. Configuring it for a master interface automatically applies it to all subinterfaces.

leasequery-filter upstream query-num interval

(Optional) Enables upstream lease queries to be defined on a per-SID basis to reduce the chance of Denial of Service attacks.

query-num— Number of leased queries per SID.

interval—Size of timer window in seconds.

leasequery-filter downstream query-num interval

(Optional) Enables downstream lease queries to be defined on a per-SID basis to reduce the chance of Denial of Service attacks.

query-num— Number of leased queries for an unknown SID.

interval—Size of timer window in seconds.


Defaults

Disabled. When the dhcp option is specified, the leasetimer option is set by default to 60 minutes.

Command Modes

Global configuration, Cable interface configuration or subinterface configuration


Note Configuring the cable source-verify command on the master interface of a bundle will configure it for all of the slave interfaces in the bundle as well.


Command History

Release
Modification

11.3 XA

This command was introduced.

12.0(7)T

The dhcp keyword was added.

12.0(10)SC, 12.1(2)EC

Support was added for these trains.

12.1(3a)EC

Subinterface support was added.

12.1(13)EC, 12.2(11)BC1

The leasetimer keyword was added.

12.2(15)BC1

The verification of CPE devices was changed when using the dhcp keyword.

12.2(15)BC2

Support for verifying CMs and CPE devices that are on a different subnet than the cable interface was enhanced to use Reverse Path Forwarding (RFP).

12.3(9a)BC

In order to protect the Cisco CMTS from denial of service attacks, Cisco IOS Release 12.3(9a)BC adds the option of using a per SID basis for deriving lease queries from CPE devices. This release also introduces a global rate limit for lease queries initiated by downstream traffic. These enhancements reduce the CPU utilization of DHCP Receive and ISR processes when the Cisco CMTS is configured with the cable source-verify dhcp and no cable arp commands.


For additional information about this and other commands, refer to the following document on Cisco.com:

Cisco Broadband Cable Command Reference Guide

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_book.html.

cable submgmt default

To enable the Cisco CMTS Static CPE Override feature on the Cisco CMTS, use the cable submgmt default command in global configuration mode. This command enables field technicians to add a temporary CPE device behind the subscriber's cable modem. The temporary CPE device shares the same SID settings as the original CPE device, even though the temporary CPE device has a different MAC address. The original CPE device automatically changes from dhcp cpe to static cpe in the CMTS host routing tables, and the CPE device continues to receive service with the same SID. To disable Cisco CMTS Static CPE Override on the Cisco CMTS, use the no form of this command. This automatically updates the routing tables and enables the MAC address from the technician's laptop for a future field service connection at a different location.

cable submgmt default {active | filter-group {cm | cpe} | learnable | max-cpe}

no cable submgmt default

Syntax Description

active

Keyword enables Cisco CMTS Static CPE Override, granting local CPE control for subscriber management filtering (as defined by existing SID settings).

filter-group {cm | cpe}

Keyword enables one ore more temporary CPE devices to inherit the characteristics of an existing filter group, either on the downstream or the upstream of the cable modem (cm) or the CPE device (cpe).

filter-group cm {downstream | upstream}—This keyword combination enables one or more temporary CPE devices to inherit and filter by the default downstream cable modem group, or by the default upstream cable modem group.

filter-group cpe {downstream | upstream}—This keyword combination enables one or more temporary CPE devices to inherit and filter by the default downstream CPE group, or by the default upstream CPE group.

learnable

Keyword automatically enables one or more temporary CPE devices to learn and to operate within the CPE IP address(es) in the Cisco CMTS routing table.

max-cpe

Keyword sets the maximum number of IP addresses to be permitted behind a cable modem while the Cisco CMTS Static CPE Override feature is enabled. This keyword enables multiple temporary CPE devices in the range of 0 to 1024.


Defaults

This command is disabled by default.

Command Modes

Global configuration mode.

Command History

Release
Modification

12.3(9a)BC

This feature was introduced on Cisco uBR10012 and Cisco uBR7200 series universal broadband routers.


Usage Guidelines

Prior to using this command, the first (existing) DHCP CPE device maintains its DHCP dynamic MAC address behind the cable modem. The SID is assigned to this IP address.

However, by enabling Static CPE override, you gain the following states and options on two CPE devices behind the cable modem.

The SID definition on the first CPE device is assigned a different static IP address. This enables you to change the existing (dynamic) DHCP IP address to a static IP address without first clearing the DHCP CPE host entries from the Cisco CMTS. The CPE IP state changes from dhcp to static cpe.

This static override allows a second CPE device with a second MAC address behind the same cable modem with SID1 to be assigned same IP address as the first CPE device.


Note The second CPE device changes from dhcp cpe to static CPE in the CMTS host tables.


Examples

The following example enables Cisco CMTS Static CPE Override in the field, enabling more or more additional CPE devices to be added behind a subscriber's cable modem:

Router(config)# cable submgmt default active

The following example configures the Cisco CMTS to accept a temporary CPE device, which inherits and filters by the subscriber's default downstream cable modem group:

Router(config)# cable submgmt default filter-group cm downstream

The following example configures the Cisco CMTS to accept a temporary CPE device, and to update the temporary CPE device with the current routing table from the Cisco CMTS:

Router(config)# cable submgmt default learnable

The following example configures the Cisco CMTS to accept a maximum of five temporary CPE devices behind a subscriber's cable modem:

Router(config)# cable submgmt default max-cpe 5

Related Commands

Command
Description

show cable host

Displays the CPE devices (hosts) residing behind a specified cable modem (MAC address).


show cable tech-support

Cisco IOS Release 12.3(9a)BC introduces changes to the output of the show cable tech-support command. This change allows users with large numbers of online cable modems to collect the necessary information without consuming the console session for a long period of time.

To display general information about the router when reporting a problem, use the show cable tech-support command in privileged EXEC mode.

show cable tech-support

Syntax Description

This command has no additional arguments or keywords.

Defaults

This command has no default behavior or values.

Command Modes

Privileged EXEC

Command History

Release
Modification

11.2

This command was introduced.

12.1(1a)T1

This command was modified to include information about the cable clock card.

12.2(15)BC2

This command added several show pxf commands to the display on the Cisco uBR10012 router.

12.3(9a)BC

The output of the command was significantly shortened by moving a number of show commands (the ones that display information about individual cable modems) to the show tech-support command. This release also adds support for an option to display information about only one specific cable interface.

 

The output of the command was significantly shortened by moving a number of show commands (the ones that display information about individual cable modems) to the show tech-support command. Also, added support for an option to display information about only one specific cable interface.


Examples

The following example illustrates the cable modem and interface information from a Cisco uBR7246VXR router on which Cisco IOS Release 12.3(9a)BC is installed.

Router# show cable tech-support

For additional information about this and other commands, refer to the following document on Cisco.com:

Cisco Broadband Cable Command Reference Guide

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_book.html.

show controllers cable

Cisco IOS Release 12.3(9a)BC removes the tech-support keyword from the show controllers cable command. This change allows users with large numbers of online cable modems to collect the necessary information without consuming the console session for a long period of time.

Additional and related improvements are also available for the show tech-support command.

To display information about the interface controllers for a cable interface on the Cisco CMTS router, use the show controllers cable command in user EXEC or privileged EXEC mode.

show controllers cable {slot/port | slot/subslot/port} [downstream | upstream [port] | [mem-stat] [memory] [proc-cpu] [tech-support]

Syntax Description

slot/port

Identifies the cable interface and downstream port on the Cisco uBR7100 series and Cisco uBR7200 series routers.

On the Cisco uBR7100 series router, the only valid value is 1/0. On the Cisco uBR7200 series router, slot can range from 3 to 6, and port can be 0 or 1, depending on the cable interface.

slot/port

Identifies the cable interface on the Cisco uBR7246VXR router.

The syntax for the Cisco uBR10012 router is slot/subslot/port, where the following are the valid values:

slot = 5 to 8

subslot = 0 or 1

port = 0 to 4 (depending on the cable interface)

downstream

(Optional) Displays downstream interface status.

upstream

(Optional) Displays upstream interface status.

port

(Optional) Specifies the desired upstream port. Valid values start with 0 for the first upstream port on the cable interface line card.

mem-stat

(Optional) Displays the output from the show memory statistics command to display a summary of memory statistics for a Broadband Processing Engine (BPE) cable interface line card.

memory

(Optional) Displays the output from the show memory command to display a summary of memory statistics, including the memory as it is allocated per process, for a Broadband Processing Engine (BPE) cable interface line card.

proc-cpu

(Optional) Displays the output from the show processes cpu command to display the processor status for a Broadband Processing Engine (BPE) cable interface line card.

tech-support

(Optional) Displays information from a number of different show commands for technical support purposes. The exact output depends on the platform, configuration, and type of protocols being used


Command Modes

User EXEC, Privileged EXEC

Command History

Release
Modification

11.3 NA

This command was introduced.

12.0(2)XC

This command was modified to show a number of additional fields.

12.1(5)EC1

Support was added for the Cisco uBR7100 series router, including information about the Cisco uBR7100 series integrated upconverter.

12.2(1)XF1

Support was added for the Cisco uBR10012 router.

12.0(16)SC2, 12.1(10)EC1, 12.2(4)BC1b

The algorithm for calculating the SNR value was enhanced for a more accurate value.

12.2(15)CX

Support was added for the Cisco uBR-MC28U/X cable interface line card, including the display of the number of packets dropped because they were for a Service Flow ID (SFID) of 0.

12.2(15)BC2b

The mem-stat, memory, and proc-cpu options were added to obtain processor information from the onboard processor on Broadband Processing Engine (BPE) cable interface line cards, such as the Cisco uBR-MC16U/X, Cisco uBR-MC28U/X, and Cisco uBR-MC5X20S/U cards.

12.3(9a)BC

Adds the tech-support option to improve information required during technical support.


Usage Guidelines

The mem-stat, memory, and proc-cpu keywords execute the related command on the processor that runs on added to obtain the relevant information from the onboard processor on Broadband Processing Engine (BPE) cable interface line cards, such as the Cisco uBR-MC16U/X, Cisco uBR-MC28U/X, and Cisco uBR-MC5X20S/U cards. This allows you to obtain information that is specific for that particular cable interface card, as opposed to having to run these commands on the entire router.


Note The mem-stat, memory, and proc-cpu options are not available for cable interface line cards that do not contain an onboard processor (for example, the Cisco uBR-MC16C card).


Examples

The following is sample output for the downstream connection for slot 3 on port 0 on Cisco CMTS router from the show controllers cable downstream command:

CMTS01# show controllers cable 3/0 downstream 
Cable 3/0 Downstream is up
Frequency not set, Channel Width 6 MHz, 64-QAM, Symbol Rate 5.056941 Msps
FEC ITU-T J.83 Annex A, R/S Interleave I=12, J=17

Table 10 describes the fields displayed by the show controllers cable downstream command.

Table 10 show controllers cable downstream Field Descriptions  

Field
Description

Cable

Slot number/port number indicating the location of the Cisco cable interface line card.

Downstream is up

Indicates that the RF downstream interface is enabled.

Frequency

Transmission frequency of the RF downstream. (This information may not match the current transmission frequency, which is external on CMTS platforms that use an external upconverter.)

Channel Width

Indicates the width of the RF downstream channel.

QAM

Indicates the modulation scheme.

Symbol Rate

Indicates the transmission rate (in number of symbols per second).

FEC ITU-T

Indicates the Motion Picture Experts Group (MPEG) framing standard.

R/S Interleave I/J

Indicates Reed Solomon framing based on ITU S.83-B.


Examples

The following example illustrates the information from the show controllers cable command on a Cisco uBR7246VXR router on which Cisco IOS Release 12.3(9a)BC is installed.

Router# show controllers cable x/y

For additional information about this and other commands, refer to the following document on Cisco.com:

Cisco Broadband Cable Command Reference Guide

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_book.html.

show tech-support

Cisco IOS Release 12.3(9a)BC shortens the output of the show tech-support command on the Cisco uBR7246VXR routers. This change allows users with large numbers of online cable modems to collect information without consuming the console session for a long period of time.

To display general information about the Cisco CMTS router when reporting a problem to Cisco technical support, use the show tech-support command in privileged EXEC mode.

show tech-support [page] [password] [cef | ipc | ipmulticast | isis | mpls | ospf | rsvp]


Note The show tech-support command automatically displays the output of a number of different show commands. The exact output depends on the platform, configuration, and type of protocols being used.



Note The show tech-support includes most of the information shown in the show cable tech-support command.


Syntax Description

page

(Optional) Causes the output to display a page of information at a time. Use the Return key to display the next line of output or use the space bar to display the next page of information. If not used, the output scrolls (that is, does not stop for page breaks).

password

(Optional) Leaves passwords and other security information in the output. If not used, passwords and other security-sensitive information in the output are replaced with the label "<removed>" (this is the default).

cef

(Optional) Displays information about the Cisco Express Forwarding (CEF) protocol configuration and status.

ipc

(Optional) Displays information about interprocess communications on the Cisco router.

ipmulticast

(Optional) Displays information about the IP multicast configuration and status.

isis

(Optional) Displays information about the Connectionless Network Service (CLNS) and Intermediate System-to-Intermediate System (IS-IS) routing protocol configuration and status.

Note IS-IS support is provided only on CMTS platforms running Cisco IOS images that have a "-p-" as part of the image name.

mpls

(Optional) Displays information about Multiprotocol Label Switching (MPLS) on the Cisco router, which instructs the routers and the switches in the network on where to forward the packets based on preestablished IP routing information.

ospf

(Optional) Displays information about the Open Shortest Path First (OSPF) routing algorithm and status on the Cisco router.

rsvp

(Optional) Displays information about the IP Resource Reservation Protocol (RSVP) configuration and status.


For additional information about this and other commands, refer to the following document on Cisco.com:

Cisco Broadband Cable Command Reference Guide

http://www.cisco.com/en/US/docs/ios/cable/command/reference/cbl_book.html.

Caveats for Cisco IOS Release 12.3 BC

Caveats describe unexpected behavior in Cisco IOS software releases. Severity 1 caveats are the most serious caveats; severity 2 caveats are less serious. Severity 3 caveats are moderate caveats, and only selected severity 3 caveats are included in the caveats document.

Caveat numbers and brief descriptions for each Cisco IOS Release  12.3(17b)BCx-, 12.3(21a)BCx-, and 12.3(23)BCx-based releases are listed in this section.

This section is updated with corresponding headings for open and closed caveats for each release.

Cisco IOS Release 12.3M is the parent release train for Cisco IOS Release 12.3(21a)BC9. Unless otherwise noted, Cisco IOS Release 12.3(21a)BC9 maintains support for the changes and caveat resolutions introduced in earlier releases of Cisco IOS Release 12.3M.


Note If you have an account on Cisco.com, you can use the Bug Toolkit to find select caveats of any severity. To reach the Bug Toolkit, log in to Cisco.com and click Technical Support: Tools & Utilities: Software BUG TOOLKIT (under Configuration Tools). Another option is http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl


Open Caveats for Cisco IOS Release 12.3(23)BC10

There are no open caveats for Cisco IOS Release 12.3(23)BC10.

Resolved Caveats for Cisco IOS Release 12.3(23)BC10

Table 12 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS Release 12.3(23)BC10.

Table 11 Resolved Caveats for Cisco IOS Release 12.3(23)BC10 

DDTS ID Number
Description

CSCsz45567

A device running Cisco IOS Software, Cisco IOS XE Software, or Cisco IOS XR Software is vulnerable to a remote denial of service condition if it is configured for Multiprotocol Label Switching (MPLS) and has support for Label Distribution Protocol (LDP).

A crafted LDP UDP packet can cause an affected device running Cisco IOS Software or Cisco IOS XE Software to reload. On devices running affected versions of Cisco IOS XR Software, such packets can cause the device to restart the mpls_ldp process.

A system is vulnerable if configured with either LDP or Tag Distribution Protocol (TDP).

Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

This advisory is posted at:

http://www.cisco.com/warp/public/707/cisco-sa-20100324-ldp.shtml

CSCsz75186

Cisco IOS Software is affected by a denial of service vulnerability that may allow a remote unauthenticated attacker to cause an affected device to reload or hang. The vulnerability may be triggered by a TCP segment containing crafted TCP options that is received during the TCP session establishment phase. In addition to specific, crafted TCP options, the device must have a special configuration to be affected by this vulnerability.

Cisco has released free software updates that address this vulnerability.

This advisory is posted at:

http://www.cisco.com/warp/public/707/cisco-sa-20100324-tcp.shtml

CSCtc44253

Symptoms: The accumulated timing offset of a modem goes to a negative value. The following error message is displayed on the CMTS:

"%UBR10000-4-BADTXOFFSET: Bad timing offset -182443 detected for cable modem 000a.73cc.c7b7. "

Conditions: This issue occurs on the Cisco uBR10-MC5X20 line card.

Workaround: There is no workaround.

CSCti25339

Symptoms: Cisco IOS device may experience a device reload.

Conditions: This issue occurs when the Cisco IOS device is configured for SNMP and receives certain SNMP packets from an authenticated user. Successful exploitation causes the affected device to reload. This vulnerability could be exploited repeatedly to cause an extended DoS condition.

Workaround: There is no workaround.

PSIRT Evaluation:

The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 6.8/5.6:

https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:L/Au:S/C:N/I:N/A:C/E:F/RL:OF/RC:C

CVE ID CVE-2010-3050 has been assigned to document this issue.

Additional information on Cisco's security vulnerability policy can be found at the following URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

CSCti81896

Symptoms: When the ingress cancellation feature is enabled, all modems on an upstream may momentarily go offline and then recover within minutes. This problem is not observed when the ingress cancellation feature is disabled.

Conditions: This issue occurs because the Rogue modems may transmit during ingress cancellation idle period. During this period, modems should not transmit. One or more modems consistently transmitting at this time period can create poor ingress cancellation performance for the burst receiver, and in the worst case situation, it can cause all modems to go offline momentarily until the upstream receiver re-adapts.

Workaround: Disable the ingress cancellation feature for that upstream, for which the rogue modems failures are encountered.


Open Caveats for Release 12.3(23)BC9

Table 12 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS Release 12.3(23)BC9.

Table 12 Open Caveats for Cisco IOS Release 12.3(23)BC9 

DDTS ID Number
Description

CSCta03480

Symptoms: A configuration synchronization issue is observed between the Cisco uBR7200-NPE-G1 processor and a line card.

Workaround: Execute the cable dynamic-secret exclude oui command.

CSCeh33888

Symptoms: The Cisco uBR7246VXR router reloads with a last reset from the watchdog reset.

Conditions: This issue occurs when the Cisco uBR7246VXR router has a Cisco uBR7200-NPE-G1 processor board and runs other Cisco IOS BC releases.

Workaround: There is no workaround.


Resolved Caveats for Release 12.3(23)BC9

Table 13 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS Release 12.3(23)BC9.

Table 13 Resolved Caveats for Cisco IOS Release 12.3(23)BC9 

DDTS ID Number
Description

CSCsg67817

Symptoms: Malformed H.245 packets crash the IOS-based H.323 gateway.

Conditions: This issue occurs when the H.323 gateway is configured.

Workaround: There is no workaround.

CSCsw14622

Symptoms: For deleted service flows, the last character in the "Service Class Name" field is dropped from the Subscriber Account Management Interface Specification (SAMIS) records and the "docsQosServiceFlowLogServiceClassName" SNMP MIB object.

Workaround: There is no workaround.

CSCsw26713

Symptoms: The Cisco uBR7200 series universal broadband router experiences cable line card memory leaks.

Workaround: There is no workaround.

CSCsx70889

Symptoms: Cisco devices running affected versions of Cisco IOS Software are vulnerable to a denial of service (DoS) attack if configured for IP tunnels and Cisco Express Forwarding.

Workaround: Cisco has released free software updates that address this vulnerability.

This advisory is posted at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20090923-tunnels.

CSCsz38104

Symptoms: The H.323 implementation in the Cisco IOS software contains a vulnerability that can be exploited remotely to cause a device running a Cisco IOS software to reload.

Workaround: Cisco has released free software updates that address this vulnerability. You can disable H.323, if the device that is running the Cisco IOS Software does not need it for VoIP services.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090923-h323.shtml

CSCsz44822

Symptoms: A Cisco uBR7200 series universal broadband router crashes indicating the following error:

*Apr 22 22:40:50.363: %SYS-2-CHUNKBADREFCOUNT: Bad chunk reference 
count, chunk 92B3A70 data 92BB3C4 refcount FFFFFFFF alloc pc 69AFF4. 
-Process= "CMTS SID mgmt task", ipl= 3, pid= 74 
-Traceback= B5CB14 B5D334 CAB9F0 CABE1C 69BC50 73A850 762C38 641FF4 
641C4C 641E80 646CE0 917318 
chunk_diagnose, code = 3 
chunk name is CMTSPCTYPE
 
        

Conditions: This issue occurs when the cable helper-address command is configured with the same IP address as the bundle IP address.

Workaround: There is no workaround.

CSCsz72547

Symptoms: The Cisco uBR7200 series universal broadband router reboots.

Conditions: This issue occurs on a Cisco uBR7246VXR router (with a Cisco uBR7200-NPE-G1 processor) running Cisco IOS Release 12.3(21a)BC4 and later releases.

Workaround: There is no workaround.

CSCta39725

Symptoms: After the Cisco CMTS reload, samis-cable metering source-interface configuration is removed from the running configuration.

Conditions: This issue occurs on the Cisco uBR7200 series broadband router running Cisco IOS Release 12.2(33)SCB.

Workaround: Reconfigure the samis-cable metering source-interface.

CSCtb23412

Symptoms: There are no known symptoms for this issue.

Conditions: This issue is very unlikely to occur. This issue occurs only if the device is in the wrong chain beyond the second position.

Workaround: There is no workaround for this issue.

CSCtb28349

Symptoms: If a cable modem sends a Dynamic Channel Change response (DCC-RSP) to confirm the Dynamic Channel Change request (DCC-REQ) indicating that the target channel is exactly the one that the modem gets online, and the technique is larger than 0, the line card crashes when it processes this DCC-RSP.

Conditions: This issue occurs only when the DPC3000 modem responds to the DCC_RSP to confirm the DCC-REQ.

Workaround: Do not use the test command on the DPC3000 modem to trigger this issue.

CSCtb66848

Symptoms: After an upgrade to Cisco IOS Release 12.3(23)BC8, Cisco uBR-MC28U line cards continue to crash.

Workaround: There is no workaround.

CSCtb82697

Symptoms: The CloseLogicalChannel (CLC) CPU revision is displayed in the output of the show tech command.

Workaround: There is no workaround.

CSCtc17575

Symptoms: The command cable privacy hotlist cm <a.a.a> command does not block CMs from coming online.

Conditions: This issue occurs when the modems do not have the appropriate certificates.

Workaround: There is no workaround.

CSCtc45156

Symptoms: The cable modem (CM) is found stuck in the reject(c) state. If you run the debug cable tlv and debug cable mac-address <cm-mac> verb commands, the log displays the following:

......
SLOT 4: Oct  8 15:19:59.098 CST:        Service Class Name : us_sc      
^D
......
SLOT 4: Oct  8 15:19:59.098 CST:        Service Class Name : ds_sc      
^D
......
SLOT 4: Oct  8 15:19:59.098 CST:  Can't find service class name.
SLOT 4: Oct  8 15:19:59.098 CST:  Can't find service class name.
SLOT 4: Oct  8 15:19:59.098 CST: MDF DISABLE for CM 0019.474e.e0b6
SLOT 4: Oct  8 15:19:59.098 CST: Registration failed for Cable Modem 
0019.474e.e0b6 on interface Cable4/0/U5:
CoS/Sflow/Cfr/PHS failed in REG-REQ
 
        

Conditions: This issue occurs when the CM configuration file includes the service class name command for upstream (US) and downstream (DS) service flows.

Workaround: There is no workaround.

CSCtc58147

Symptoms: The CM is found stuck in the reject(c) state. If you run the debug cable tlv and debug cable mac-address <cm-mac> verb commands, the log displays the following:

......
SLOT 4: Oct 15 13:16:23.379: Found Upstream Service Flow TLV
SLOT 4: Oct 15 13:16:23.379:    Service Flow Reference : 1
SLOT 4: Oct 15 13:16:23.379:    Service Class Name String Length 16, 
Exceeds Limit of 15
SLOT 4: Oct 15 13:16:23.379: PARSER-ERROR: TLV 4 has bad length 16
SLOT 4: Oct 15 13:16:23.379: Primary CoS/Sflow encodings missing. 
CoSs:0 Sflows[US, DS]: [1, 0]
SLOT 4: Oct 15 13:16:23.379: Registration failed for Cable Modem 
001a.c3ff.d77e on interface Cable4/0/U1:
CoS/Sflow/Cfr/PHS failed in REG-REQ-MP
 
        

Conditions: This issue occurs when the CM configuration file includes the service class name command with a value of 15 bytes for upstream (US) and downstream (DS) service flows.

Workaround: Change the service class name string to less than 15 bytes.


Open Caveats for Release 12.3(21a)BC9

Table 14 lists nly severity 1 and 2 caveats and select severity 3 caveats for the Cisco 12.3(21a)BC9 release.

Table 14 Open Caveats for Cisco IOS Release 12.3(21a)BC9

DDTS ID Number
Description

CSCsi43840

Symptom: In the Cisco uBR7246VXR, the Cisco uBR-MC28U line card resets and the crash file is not generated in the bootflash.

Condition: This occurs on a Cisco uBR7246VXR router with multiple Cisco uBR-MC28U line cards. The problem was first detected on a router running Cisco IOS Release 12.3(17b)BC4, but also exists in routers running later Cisco IOS software releases.

Workaround: There is no workaround.


Resolved Caveats for Release 12.3(21a)BC9

Table 15 lists nly severity 1 and 2 caveats and select severity 3 caveats for the Cisco 12.3(21a)BC9 release.

Table 15 Resolved Caveats for Cisco IOS Release 12.3(21a)BC9

DDTS ID Number
Description

CSCse85652

Symptom: Access to the Cisco IOS HTTP server is denied if the enable password is not configured.

Conditions: This issue is seen in the following conditions:

Enable password is not present in the device configuration

Cisco HTTP server or Cisco HTTPS server is enabled

No other authentication mechanism such as Remote Authentication Dial In User Service (RADIUS), or Terminal Access Controller Access-Control System (TACACS+)or is configured to access the Cisco HTTP or Cisco HTTPS servers

Workaround: The following workaround can be used:

Enable the authentication to the Cisco HTTp server or Cisco HTTPS server by configuring the enable password or enable secret commands to configure the password. Use the following steps the configure the enable password using the enable secret command:

1. Replace "mypassword" with the new password.

2. For information on the differences on configuring the enable secret and enable passwords, refer to the Cisco IOS Password Encryption Facts at http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a00809d38a7.shtml

Enable authentication mechanisms such as RADIUS or TACACS+. For information on configuration, refer to http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080094e99.shtml

Disable the Cisco HTTP server or the Cisco HTTPS server using no ip http server and no ip http secure-sever commands.

CSCsg00102

Symptoms: The SSLVPN service stops accepting any new SSLVPN connections.

Conditions: A device configured for SSLVPN may stop accepting any new SSLVPN connections, due to a vulnerability in the processing of new TCP connections for SSLVPN services. If "debug ip tcp transactions" is enabled and this vulnerability is triggered, debug messages with connection queue limit reached will be observed.

Workaround: Clear TCP connections using the clear tcp tcb command.

CSCsh97579

Cisco devices running affected versions of Cisco IOS Software are vulnerable to a denial of service (DoS) attack if configured for IP tunnels and Cisco Express Forwarding.

Cisco has released free software updates that address this vulnerability.

This advisory is posted at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20090923-tunnels.

CSCsi13344

Symptom: Three separate Cisco IOS Hypertext Transfer Protocol (HTTP) cross-site scripting (XSS) vulnerabilities and a cross-site request forgery (CSRF

vulnerability have been reported to Cisco by three independent researchers.

The Cisco Security Response is posted at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20090114-http

Conditions: See "Additional Information" section in the posted response for further details.

Workarounds: See "Workaround" section in the posted response for further details.

CSCsj10593

Symptom: A terminating gateway (TGW) that is configured for Cisco ISDN Interconnect for Voice Gateways Solution may crash.

Conditions: This occurs when the ISDN test call interface Serial1:23 22222 is issued at the Call Starter. This happens with Switch Types: OGW: primary-ni TGW: primary-dms100.

Workaround: There is no workaround.

CSCsk64158

Symptoms: Several features within Cisco IOS software are affected by a crafted UDP packet vulnerability. If any of the affected features are enabled, a successful attack will result in a blocked input queue on the inbound interface. Only crafted UDP packets destined for the device could result in the interface being blocked, transit traffic will not block the interface.

Cisco has released free software updates that address this vulnerability.

Workarounds that mitigate this vulnerability are available in the workarounds section of the advisory. This advisory is posted at the following link: http://www.cisco.com/warp/public/707/cisco-sa-20090325-udp.shtml.

CSCsm27071

A vulnerability in the handling of IP sockets can cause devices to be vulnerable to a denial of service attack when any of several features of Cisco IOS software are enabled. A sequence of specially crafted TCP/IP packets could cause any of the following results:

The configured feature may stop accepting new connections or sessions.

The memory of the device may be consumed.

The device may experience prolonged high CPU utilization.

The device may reload. Cisco has released free software updates that address this vulnerability.

Workarounds that mitigate this vulnerability are available in the "workarounds" section of the advisory. The advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090325-ip.shtml

CSCso04657

Symptoms: SSLVPN service stops accepting any new SSLVPN connections.

Conditions: A device configured for SSLVPN may stop accepting any new SSLVPN connections, due to a vulnerability in the processing of new TCP connections for SSLVPN services. If "debug ip tcp transactions" is enabled and this vulnerability is triggered, debug messages with connection queue limit reached will be observed.

Workaround: There is no workaround.

CSCso90058

Symptoms: The Multilayer Switch Feature Card (MSFC) crashes with RedZone memory corruption.

Conditions: This occurs while processing an Auto-RP packet with Network Address Translation (NAT) enabled.

Workaround: There is no workaround.

CSCsq31776

Cisco devices running affected versions of Cisco IOS Software are vulnerable to a denial of service (DoS) attack if configured for IP tunnels and Cisco Express Forwarding. Cisco has released free software updates that address this vulnerability. This advisory is posted at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20090923-tunnels.

CSCsr72301

Symptom: Three separate Cisco IOS Hypertext Transfer Protocol (HTTP) cross-site scripting (XSS) vulnerabilities and a cross-site request forgery (CSRF) vulnerability have been reported to Cisco by three independent researchers.

The Cisco Security Response is posted at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20090114-http

CSCsv30595

Symptoms: The OSPF process may crash.

Conditions: The OSPF crash may be seen when the router receives invalid OSPF messages.

Workaround: There is no workaround.

CSCsv34656

Symptom: A particular malformed OSPF message may cause the device to crash or operate unpredictably. The possible effects of this are:

The router may crash.

Routing loops may form in the network.

OSPF may controls the CPU and drop adjacencies.

The show ip ospf database net command output displays unwanted lines.

Conditions: This is seen when the OSPF receives a malformed OSPF message.

Workaround: None. Using OSPF authentication may help mitigate this issue.

CSCsv04836

Multiple Cisco products are affected by denial of service (DoS) vulnerabilities that manipulate the state of Transmission Control Protocol (TCP) connections. By manipulating the state of a TCP connection, an attacker could force the TCP connection to remain in a long-lived state, possibly indefinitely. If enough TCP connections are forced into a long-lived or indefinite state, resources on a system under attack may be consumed, preventing new TCP connections from being accepted. In some cases, a system reboot may be necessary to recover normal system operation. To exploit these vulnerabilities, an attacker must be able to complete a TCP three-way handshake with a vulnerable system.

In addition to these vulnerabilities, Cisco Nexus 5000 devices contain a TCP DoS vulnerability that may result in a system crash. This additional vulnerability was found as a result of testing the TCP state manipulation vulnerabilities.

Cisco has released free software updates for download from the Cisco website that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml.

CSCsv73509

Symptom: Terminal Access Controller Access-Control System (TACACS) or XTACACS is broken.

Conditions: This occurs when no aaa new-model command is configured and the authentication happens through the local when TACACS is configured. This happens for the exec users under vty configuration.

Workaround: There is no workaround.

CSCsw24700

Cisco IOS software contains two vulnerabilities within the Cisco IOS WebVPN or Cisco IOS SSLVPN feature (SSLVPN) that can be remotely exploited without authentication to cause a denial of service condition. Both vulnerabilities affect both Cisco IOS WebVPN and Cisco IOS SSLVPN features:

Crafted HTTPS packet will crash device - Cisco Bug ID CSCsk62253.

SSLVPN sessions cause a memory leak in the device - Cisco Bug ID CSCsw24700.

Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities. This advisory is posted at the following link: http://www.cisco.com/warp/public/707/cisco-sa-20090325-webvpn.shtml

CSCsx70889

Cisco devices running affected versions of Cisco IOS Software are vulnerable to a denial of service (DoS) attack if configured for IP tunnels and Cisco Express Forwarding.

Cisco has released free software updates that address this vulnerability.

This advisory is posted at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20090923-tunnels.

CSCsy15227

Cisco IOS Software configured with Authentication Proxy for HTTP(S), Web Authentication or the consent feature, contains a vulnerability that may allow an unauthenticated session to bypass the authentication proxy server or bypass the consent webpage.

There are no workarounds that mitigate this vulnerability.

This advisory is posted at the following link:

http://www.cisco.com/warp/public/707/cisco-sa-20090923-auth-proxy.shtml

CSCsy56311

Symptom: The CPE fails to acquire an IP address using Dynamic Host Configuration Protocol (DHCP).

Conditions: This issue is seen when the CPE host is first connected to a wrong CM and fails to acquire an DHCP address. If the CPE is connected later to the correct CM, the CPE still does not acquire the IP address.

Workaround: Execute clear cable host command on the MAC address of the CPE.


Open Caveats for Release 12.3(23)BC8

Table 16 lists nly severity 1 and 2 caveats and select severity 3 caveats for the Cisco 12.3(23)BC8 release.

Table 16 Open Caveats for Cisco IOS Release 12.3(23)BC8

DDTS ID Number
Description

CSCeh33888

Symptom: A Cisco uBR7246VXR router may reload with Last reset from the watchdog reset.

Condition: This issue may occur when the router has a UBR7200-NPE-G1 processor board and may run other BC releases.

Workaround: There is no workaround.

CSCsi43840

Symptom: In the Cisco uBR7246VXR, the Cisco uBR-MC28U line card resets and the crash file is not generated in the bootflash.

Condition: This occurs on a Cisco uBR7246VXR router with multiple Cisco uBR-MC28U line cards. The problem was first detected on a router running Cisco IOS Release 12.3(17b)BC4, but also exists in routers running later Cisco IOS software releases.

Workaround: There is no workaround.

CSCsv16701

Symptom: Power supply information is not displayed when running the show inventory command on the CiscouBR7200VXR series rotuers.

Conditions: This issue is observed in a Cisco uBR7200VXR series routers.

Workaround: Use show environment all command to view the power supply information.

CSCsv58913

Symptom: Address resolution fails for downstream packet when running cable source-verify dhcp command.

Condition: This issue occurs when a Cisco uBR Series router configured to verify a CPE device's IP address to MAC address resolution, through the use of DHCP LEASEQUERY messages instead of using ARP.

Workaround: Temporarily allow downstream ARP resolution using cable bundle interface commands cable arp and cable proxy-arp.

CSCsw14622

Symptom: For deleted service flows the last character in the Service Class Name field is dropped in SAMIS records as well as in the SNMP MIB docsQosServiceFlowLogServiceClassName.

Workaround: There is no workaround.

CSCsw49188

Symptom: Cable metering fails and enters a `hung' state.

Condition: This issue is observed when the ip tcp timestamp command is configured globally.

Workaround: Do not use the ip tcp timestamp command.

CSCsz72547

Symptom: The Cisco uBR7200 router reboots.

Conditions: This issue occurs in a Cisco uBR7246VXR (UBR7200-NPE-G1) router running Cisco IOS Release 12.3(21a)BC4 and later.

Workaround: There is no workaround.

CSCsz74979

Symptom: The Cisco uBR router may crash due to a bus error and reload on changing the Subscriber Traffic Management (STM) configuration.

Conditions: The issue has been reported on a Cisco uBR7246VXR (UBR7200-NPE-G1) router running Cisco IOS Release12.3(23)BC2.

Workaround: There is no workaround.

CSCta03480

Symptom: The modem is stuck in reject(m) state after removal of cable dynamic-secret exclude oui command

Conditions: There is no condition.

Workaround: Execute the command twice.


Resolved Caveats for Release 12.3(23)BC8

Table 17 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco 12.3(23)BC8 release.

Table 17 Resolved Caveats for Cisco IOS Release 12.3(23)BC8

DDTS ID Number
Description

CSCsh97579

Cisco devices running affected versions of Cisco IOS Software are vulnerable to a denial of service (DoS) attack if configured for IP tunnels and Cisco Express Forwarding.

Cisco has released free software updates that address this vulnerability.

This advisory is posted at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20090923-tunnels.

CSCsq31776

Cisco devices running affected versions of Cisco IOS Software are vulnerable to a denial of service (DoS) attack if configured for IP tunnels and Cisco Express Forwarding. Cisco has released free software updates that address this vulnerability. This advisory is posted at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20090923-tunnels.

CSCsx43002

Symptom: The output of show tech-support command contains snmp community string passwords.

Conditions: This issue occurs in the output of the show tech-support command.

Workaround: These passwords must be removed. Replace the show tech-support snmp community string show cable modem remote-query 30 mypassword with show cable modem remote-query 30.

CSCsx69395

Symptom: The Cisco uBR7246VXR router may keep crashing after an upgrade from Cisco IOS Release 12.2(15)BC to Cisco IOS Release 12.3(23)BC.

Conditions: This issue is seen after an upgrade.

Workaround:

1. Remove ip ftp username/password configuration lines.

2. Upgrade to an intermediate Cisco IOS version, say Cisco IOS Release 12.3(21)BC6 and then upgrade to Cisco IOS Release12.3(23)BC.

CSCsy15227

Cisco IOS Software configured with Authentication Proxy for HTTP(S), Web Authentication or the consent feature, contains a vulnerability that may allow an unauthenticated session to bypass the authentication proxy server or bypass the consent webpage.

There are no workarounds that mitigate this vulnerability.

This advisory is posted at the following link:

http://www.cisco.com/warp/public/707/cisco-sa-20090923-auth-proxy.shtml

CSCsy28426

Symptom: When a wideband interface has w-online modems on it and the primary channel is shut down, an error is seen in the modems counter in load-balancing, and the modems go offline. This issue has an affect on the load balancing.

Conditions: The issue is seen when a wideband interface with w-online modems and a primary channel is shut down.

Workaround: Configure the modem's primary channel such that it is not part of channels in wideband interface.

CSCsy56311

Symptom: The CPE fails to acquire the IP address using DHCP.

Conditions: This issue occurs if the CPE host is first connected to a wrong CM and it fails to get a DHCP address as the CPE is behind the wrong CM. The CPE fails to get an IP address after it is connected to the correct CM.

Workaround: Run clear cable host command on the MAC address of the CPE.

CSCsy73726

Symptoms: The cable metering options "flow-aggregate" and "cpe-list-suppress" get lost from the cable metering configuration if cable metering data-per-session x timer y is present.

Condition: This is seen in the cable metering command.

Workaround: Reconfigure the metering options "flow-aggregate" and "cpe-list-suppress" in the command.

CSCsy79541

Symptom: The Cisco uBR7200 router freeze when enabling the cable monitor command.

Conditions: This is seen when cable monitor command is configured for an unknown MAC address.

Workaround: Use cable intercept command.

CSCsy85008

Symptom: A "ifInOcters item" after a normal roll-over closely follows a abnormal roll-over.

2009-03-24 15:15:39 - 4076758789  
2009-03-24 15:20:39 - 524459145          <========== a normal 
roll-over
2009-03-24 15:25:46 - 726658247
2009-03-24 15:31:08 - 939124784
2009-03-24 15:35:39 - 583325062         <===========an abnormal 
roll-over
2009-03-24 15:41:11 - 801102043

Condition: This is seen when there is a roll-over between the first and second polls on this list. This is a normal roll-over for a 32-bit counter. However, there is another roll-over between the fourth and fifth polls.

Workaround: There is no workaround.

CSCsz05250

Symptom: When setting a CA certificate to `untrusted', any CM that uses an issuer of the same name is rejected, including the legitimate modems.

Conditions: The issue is found because of a newly created software "Haxorware" which generates these CA certificates that conflict with the existing CA certificates.

Workaround: The recommended method is always to not allow self-signed certificates on the CMTS and explicitly set specific self-signed certificates to trusted. This is the `opt-in' model, rather than the `opt-out' model.

CSCsz21661

Symptoms: The Gigabit Ethernet output for a 24 downstream wideband and narrowband SPA can get isolated from the port after repeated online insertion and removal (OIR) of the SPA within a short duration of time.

Conditions: This issue is seen with repeated OIR of the SPA within a short duration of time and with repeated line protocol off and on within a short duration of time.

Workaround: Reload the SPA using the hw-module bay reload command.

CSCsz22819

Symptoms: When using a wideband SIP, the total count for the SPA in slot 1/1/0 is a sum of both SPAs, rather than the sum of itself. This can be found using the show hw-module bay all counters rf-channel command.

Conditions: This issue is seen in a wideband SIP when more than one SPA is inserted in one SIP.

Workaround: There is no workaround.

CSCsz25465

Symptom: On an OIR or hw-module reset, some of the cable modems stuck at reject(pk) or w-reject(pk) permanently.

Conditions: This is seen when BPI is enabled.

Workaround: Power cycle the cable modem to bring the cable modem to online(pt) or w-online(pt) state.

CSCsz52508

Symptom: The test cable dcc frequencycommand to move one modem to target frequency does not work when the upstream channel id of the modem does not belong to the target downstream channel.

Conditions: This issue is seen in test cable dcc frequency command.

Workaround: Use the test cable dcc frequency command when the upstream channel id belongs to the target downstream channel.

CSCsz52617

Symptom: The cdxIfUpChannelAvgUtil reports incorrect numbers when rate adapt is enabled on router

Conditions: This is seen when using SNMP to poll cdxIfUpChannelAvgUtil with rate adapt enabled.

Workaround:

1) Use CLI to obtain numbers

2) Disable rate-adapt

CSCsz60620

Symptom: The cable line card silently reloads.

Conditions: The issue is seen when there is an endless loop in ISR.

Workaround: There is no workaround.

CSCta16416

Symptom: The Cisco uBR- MC28U cable line card crashes with data bus error exception.

Conditions: This issue is seen in Cisco uBR-MC28U line cards running with Cisco IOS Release 12.3(23)BC8.

Workaround: There is no workaround.


Open Caveats for Release 12.2(23)BC7

Table 18 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco 12.3(23)BC7 release.

Table 18 Open Caveats for Cisco IOS Release 12.3(23)BC7

DDTS ID Number
Description

CSCeh33888

Symptom: A Cisco uBR7246VXR router may reload with Last reset from the watchdog reset.

Condition: This issue may occur when the router has a UBR7200-NPE-G1 processor board and may run other BC releases.

Workaround: There is no workaround.

CSCsi43840

Symptom: In the Cisco uBR7246VXR, the Cisco uBR-MC28U line card resets and the crash file is not generated in the bootflash.

Condition: This occurs on a Cisco uBR7246VXR router with multiple Cisco uBR-MC28U line cards. The problem was first detected on a router running Cisco IOS Release 12.3(17b)BC4, but also exists in routers running later Cisco IOS software releases.

Workaround: There is no workaround.

CSCsv16701

Symptom: Power supply information is not displayed when running the show inventory command on the CiscouBR7200VXR series rotuers.

Conditions: This issue is observed in a Cisco uBR7200VXR series routers.

Workaround: Use show environment all command to view the power supply information.

CSCsv58913

Symptom: Address resolution fails for downstream packet when running cable source-verify dhcp command.

Condition: This issue occurs when a Cisco uBR Series router configured to verify a CPE device's IP address to MAC address resolution, through the use of DHCP LEASEQUERY messages instead of using ARP.

Workaround: Temporarily allow downstream ARP resolution using cable bundle interface commands cable arp and cable proxy-arp.

CSCsv82736

Symptom: The cable modem (CM) is unable to come online on the upstream port. The modem reach init(r1) and init(r2) but fails to initilaize further. Most of the polls to the CM fail on that upstream port.

Conditions: This issue first appeared at customer site in Cisco IOS Release 12.3(21a)BC6. It is a very rare conditon

Workaround: Use Shut/no shut command to fix the issue.

CSCsw14622

Symptom: For deleted service flows the last character in the Service Class Name field is dropped in SAMIS records as well as in the SNMP MIB docsQosServiceFlowLogServiceClassName.

Workaround: There is no workaround.

CSCsw49188

Symptom: Cable metering fails and enters a `hung' state.

Condition: This issue is observed when the ip tcp timestamp command is configured globally.

Workaround: Do not use the ip tcp timestamp command.


Resolved Caveats for Release 12.2(23)BC7

Table 19 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco 12.3(23)BC7 release.

Table 19 Resolved Cavests for Cisco IOS Release 12.2(23)BC7 

DDTS ID Number
Description

CSCei05676

Symptom: The interface goes down and back up again which results in an interruption of traffic for up to 5 seconds.

Condition: This issue occus when Cisco Discovery Protocol (CDP) is enabled or disabled on a 1-port Gigabit Ethernet half-height (ESR-HH-1GE) interface.

Workaround: There is no workaround.

CSCsj10593

Symptom: A Terminating Gateway (TGW) configured for Cisco ISDN Interconnect for Voice Gateways Solution may crash.

Conditions: This issue occurs in routers running Cisco IOS Release 12.4(15.6) and functions as a TGW with all PRI switch types from the user to the network side. This occurs when isdn test call interface command, serial1:23 22222 is issued at at the start of the call. It occurs in switch types such as Originating Gateway (OGW) configured as the primary-ni and TGWconfigured as the primary-dms100.

Workaround: There is no workaround.

CSCsk50429

Symptom: The Cisco uBR Series router crashes by an illegal access to a low address.

Conditions: The issue occurs in routers is running Cisco IOS Release 12.3BC and has Ospf configured.

Workaround: There is no known workaround.

CSCsm55365

Symptom: When configuring a new interface, either cable or Gigabit Ethernet, on a uBR10000 router with a PRE2 running Cisco IOS Release ubr10k2-k8p6u2-mz.123-17b.BC3, some of the secondary addresses fail to install in the RIP database, and as a result are not advertised by RIP.

Condition: This issue is seen on a uBR10000 router with a PRE2 running Cisco IOS Release ubr10k2-k8p6u2-mz.123-17b.BC3 and has configured secondary IP addresses and advertised major network under RIP v2.

Workaround: Remove and reconfigure secondary IP addresses under the interface, and flap the interface.

CSCso90058

Symptom: Multilayer Switch Feature Card (MSFC) crashes with RedZone memory corruption.

Conditions: This problem is seen when processing an auto-RP packet and Network Address Translation (NAT) is enabled.

Workaround: There is no known workaround.

CSCsr72301

Symptom: Three separate Cisco IOS Hypertext Transfer Protocol (HTTP) cross-site scripting (XSS) vulnerabilities and a cross-site request forgery (CSRF) vulnerability have been reported to Cisco by three independent researchers.

Condition: The Cisco Security Response is posted at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20090114-http

See "Additional Information" section in the posted response for further details.

Workaround: See "Workaround" section in the posted response for further details.

CSCsv73509

Symptom: User authentication is possible through a local server, although Terminal Access Controller Access Control System (TACACS) is configured.

Conditions: This issue occurs for the exec users under vty configuration.

Workaround: There is no workaround.

CSCsw52539

Symptom: Cable metering collection enters `write-error' state and doesn't recover.

Condition: Cable metering configured with default TCP parameters.

Workaround: Run the ip tcp path-mtu-discovery command to help prevent occurances of the issue. Run the test cable metering abort command to clear the "hung" state and to allow the next iteration of cable metering to occur.

CSCsw79768

Symptom: SNMP GetNext requests for docsQosServiceFlowPrimary (also known as 1.3.6.1.2.1.10.127.7.1.3.1.8 or docsQosServiceFlowEntry.8) are rejected. Still, if a certain docsQosServiceFlowPrimary entry is polled with SNMP Get directly (after some additional calculations are performed to determine the index value), the value is returned as expected.

Conditions: This issue first occured in Cisco uBR7114E running Cisco IOS Release 12.3(21a)BC3.

Workaround: Poll the individual values following the steps of the procedure suggested in SR 610144513.

CSCsx35612

Symptom: Cable metering is stuck in "in progress" state and no collection data is transmitted despite show cable meter verbose command displays the current export status as "in Progress" and the show tcp tcb xxxxx command displays the TCP session is "ESTAB".

Conditions: This issue first occured in Cisco uBR10000 roouter with ESR-PRE2 module running Cisco IOS Release 12.3(23)BC2 and cable metering enabled.

Workaround: Issue a test cable meter abort to clear the problem and force the cable meter process to restart.

CSCsx51619

Symptom : The MAC destination address based classifier acts like a default catch-all classifier on Cisco uBR7200 routers. That is, when this classifier is checked (after the ones with higher rule priority) it matches all the packets.

Condition: This problem exists since Cisco IOS Release 12.3(23)BC6 release on Cisco uBR7225 and Cisco uBR7100 platforms.

Workaround: There is no workaround except avoiding using the MAC classifier on the Cisco UBR720 router.

CSCsx64397

Symptom: L1 ISIS router does not install default route to a L1L2 router into its routing table.

Conditions: This issue first occured in Cisco IOS Release 12.3BC and in some later Cisco IOS 12.3 releases.

Workaround: Use clear ip route or clear isis commands.

CSCsx77978

Symptom: The downstream load is not balanced when downstream load balancing group is configured with us-across-ds policy.

Conditions: This issue occurs when us-groups-across-ds policy is configured on downstream load balancing group.

Workaround: Do not configure us-groups-across-ds policy on the downstream load balancing group.

CSCsx79863

Symptom: The calculated channel utilization percents can become inaccurate.

The short term utilization seen via the output of the command show interface cable X/Y/Z mac-scheduler, labelled "Avg upstream channel utilization" may show a value that is much larger than the actual channel usage. The longer term utilization used by the load-balancing module may also be much larger than the actual channel usage.

Conditions: When `rate-adapt' is configured for a particular upstream channel, under certain configurable conditions the MAC schedular for that upstream will allocate additional data grants to one or more cable modems in a given MAP message. When the data grants go unused by the cable modem(s), the utilization calculations made by the scheduler become skewed.

Workaround: There is no workaround for determining the correct utilizations.

The solution to the inaccuraccy of the upstream utilization calculations based upon calculating grants when rate-adapt is configured is to instead calcalute the data bytes received when rate-adapt is configured for a given upstream channel. The number of bytes received is divided by the number of bytes that could have been received (upstream channel capacity) in order to deterine the percentage of utilization.

Note Note that this new calculation will vary from the old calculation under certain conditions:

1. In the presence of upstream errors, the data bytes received will undermeasure the US utilization as compared to the previous calculation.

2. When an upstream is configured for mixed-mode (tdma-atdma), depending upon the mode in which a particular CM is capable of transmitting, the byte based calculation can undermeasure the US utilization as compared to the previous calculation.

This is due to the fact that the new calculation uses the faster of the two channel rates. Thus when only CMs capable of transmitting at the lower rates do so for an extended period of time, the CMs will not appear to utilize the upstream channel as fully as the previous calculation shown. While the above two issues will cause the byte-based US utilization percent to vary from the previous data grant based calculation, the variation is not expected to be significant under normal conditions.

CSCsy13636

Symptom: A silent reload occurred on the Cisco uBR-MC28X line card and no crash information was written on the boot flash.

Condition: This issue occurred on the Cisco uBR-MC28X line card.

Workaround: Unconfigure load balancing on the affected line card.


Open Caveats for Release 12.3(23)BC6

Table 20 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco 12.3(23)BC6 release.

Table 20 Open Caveats for Cisco IOS Release 12.3(23)BC6

DDTS ID Number
Description

CSCsv94276

Symptom: The Traffic Priority DOCSIS QoS parameter is not effective on the Cisco uBR7200 series router.

Condition: This parameter does not seem to take effect on a Cisco uBR7200 series router with Cisco uBR-MC28U or Cisco uBR-MC28C line cards.

Workaround: There is no workaround.

CSCsw35379

Symptom: Periodic 1-second delays between the CMTS transmission of SAMIS packets; enough of these are occurring to make a significant impact on overall SAMIS transfer time.

Workaround: There is no workaround.

CSCsi43840

Symptom: In the Cisco uBR7246VXR, the Cisco uBR-MC28U line card resets and the crash file is not generated in the bootflash.

Condition: This occurs on a Cisco uBR7246VXR router with multiple Cisco uBR-MC28U line cards. The problem was first detected on a router running Cisco IOS Release 12.3(17b)BC4, but also exists in routers running later Cisco IOS software releases.

Workaround: There is no workaround.

CSCsw49188

Symptom: Cable metering fails and enters a `hung' state.

Condition: This issue is observed when the ip tcp timestamp command is configured globally.

Workaround: Do not use the ip tcp timestamp command.

CSCsw52539

Symptom: Cable metering collection enters `write-error' state and doesn't recover.

Condition: Cable metering configured with default TCP parameters.

Workaround: Run the ip tcp path-mtu-discovery command to help prevent occurances of the issue. Run the test cable metering abort command to clear the "hung" state and to allow the next iteration of cable metering to occur.

CSCsv16701

Symptom: Power supply information is not displayed when running the show inventory command on the CiscouBR7200VXR series rotuers.

Conditions: This issue is observed in a Cisco uBR7200VXR series routers.

Workaround: Use show environment all command to view the power supply information.

CSCsl50455

Symptom: A customer premises equipment (CPE) is deleted from the cable modem termination systems (CMTS) database, and the network connectivity is lost.

Condition: This happens in an MPLS-VPN setup, where cable modem (CM) and CPE are in different virtual private network (VPN) routing/forwarding instances (VRF) and source verification with lease query is enabled.

If a legitimate CPE is removed from the CMTS database, and an upstream packet is initiated from CPE, a lease query is generated by the CMTS and sent to the dynamic host configuration protocol (DHCP) server. The lease query response is received from the DHCP server but, the CMTS fails to add the CPE into the database. As a result, the CPE loses its network connectivity.

Workaround: The CPE has to go through the DHCP cycle again. The CPE is added to the CMTS database and network connectivity at the CPE is restored.

CSCeh33888

Symptom: A Cisco uBR7246VXR router may reload with Last reset from the watchdog reset.

Condition: This issue may occur when the router has a UBR7200-NPE-G1 processor board and may run other BC releases.

Workaround: There is no workaround.

CSCsw14622

Symptom: For deleted service flows the last character in the Service Class Name field is dropped in SAMIS records as well as in the SNMP MIB docsQosServiceFlowLogServiceClassName.

Workaround: There is no workaround.


Resolved Caveats for Release 12.3(23)BC6

Table 21 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco 12.3(23)BC6 release.

Table 21 Resolved Caveats for Cisco IOS Release 12.3(23)BC6

DDTS ID Number
Description

CSCsu44606

Symptom: Duplicate traps are generated when configuring SNMP traps for cable billing operations.

Workaround: There is no workaround.

CSCsu84946

Symptom: Cisco uBR7200 series router crashes due to Block Overrun (Red Zone Corrupted).

Workaround: There is no workaround.

CSCsv11927

Symptom: The Cisco uBR7200 series router may hang when using the cable monitor command and inserting an unknown MAC address (the address not available in the CMTS database) as an argument.

Workaround: Use the correct MAC address.

CSCsv18798

Symptom: Changing the frequency stacking configuration causes the upstream minislot sizes to differ from running configuration.

Condition: When enabling or disabling the frequency stacking configuration, the upstream minislot sizes revert to system defaults based on the upstream DOCSIS mode.

Workaround: Reload the line card or chassis.

CSCsv04836

Multiple Cisco products are affected by denial of service (DoS) vulnerabilities that manipulate the state of Transmission Control Protocol (TCP) connections. By manipulating the state of a TCP connection, an attacker could force the TCP connection to remain in a long-lived state, possibly indefinitely. If enough TCP connections are forced into a long-lived or indefinite state, resources on a system under attack may be consumed, preventing new TCP connections from being accepted. In some cases, a system reboot may be necessary to recover normal system operation. To exploit these vulnerabilities, an attacker must be able to complete a TCP three-way handshake with a vulnerable system.

In addition to these vulnerabilities, Cisco Nexus 5000 devices contain a TCP DoS vulnerability that may result in a system crash. This additional vulnerability was found as a result of testing the TCP state manipulation vulnerabilities.

Cisco has released free software updates for download from the Cisco website that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml.

CSCsm27071

Symptom: Memory reduces over time with certain socket applications such as skinny socket server.

Conditions: An increasing memory hold is seen in the Skinny socket server process after repeated rejected ephone registrations.

Workaround: There is no workaround.

CSCsr74835

Symptom:There may be an overflow of destination buffer due to unspecified bounding length.

Workaround: There is no workaround.


Open Caveats for Release 12.3(23)BC5

Table 22 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco 12.3(23)BC5 release.

Table 22 Open Caveats for Cisco IOS Release 12.3(23)BC5

DDTS ID Number
Description

CSCsu44606

Symptom: Duplicate traps are generated when configuring SNMP traps for Cable billing operations.

Workaround: There is no workaround.

CSCsu84946

Symptom: Cisco uBR7200 series router crashes due to Block Overrun (Red Zone Corrupted).

Workaround: There is no workaround.

CSCsk86687

Symptom: The ARP filter functionality does not work and the IP ARP request counters do not increment.

Workaround: There is no workaround.

CSCsl50455

Symptom: A customer premises equipment (CPE) is deleted from the cable modem termination systems (CMTS) database, and the network connectivity is lost.

Condition: This happens in an MPLS-VPN setup, where cable modem (CM) and CPE are in different virtual private network (VPN) routing/forwarding instances (VRF) and source verification with lease query is enabled.

If a legitimate CPE is removed from the CMTS database, and an upstream packet is initiated from CPE, a lease query is generated by the CMTS and sent to the dynamic host configuration protocol (DHCP) server. The lease query response is received from the DHCP server but, the CMTS fails to add the CPE into the database. As a result, the CPE loses its network connectivity.

Workaround: The CPE has to go through the DHCP cycle again. The CPE is added to the CMTS database and network connectivity at the CPE is restored.

CSCsu74681

Symptom: The show cable load-balance command displays details of the wideband cable interfaces (upstream and downstream) twice in the command output.

Condition: This issue is observed in a wideband cable setup with 3.0 DOCSIS cable modems and non-DOCSIS 3.0 cable modems.

Workaround: You can keep track of the aggregate statistics for the interface manually.

CSCsu65409

Symptom: Cable modems are penalized at random for a few seconds into the maintenance window, much before they exceed the traffic limits.

Condition: This occurs in CMTS environments using Subscriber Traffic Management (STM).

Workaround: There is no workaround.


Resolved Caveats for Release 12.3(23)BC5

Table 23 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco 12.3(23)BC5 release.

Table 23 Resolved Caveats for Cisco IOS Release 12.3(23)BC5

DDTS ID Number
Description

CSCsr91209

Symptom: The value of SNMP MIB object DOCS-IF-MIB::docsIfCmtsChannelUtilizationInterval does not persist after a reload of a Cisco uBR7200 series CMTS.

Condition: The issue becomes apparent after the CMTS is reloaded or reset.

Workaround: There is no workaround.

CSCsg81770

Symptom: A subinterface with ifIndex=62 does not show up in ifMIB output.

Condition: This occurs during router configuration. If the ifIndex value=62 is assigned to a subinterface (non hardware interface descriptor block (HWIDB)), then the subinterface may not show up in the ifMIB output.

Workaround: Enabling snmp ifindex persist on the router such that ifIndex=62 is assigned to a HWIDB, or configuring the router's interfaces in an order such that ifIndex=62 is assigned to a HWIDB. The router remains in this state until a reload.

CSCek74598

Symptom: Following warning message is logged in the CMTS router log report:

%UBR10000-3-SEMLOCKFAIL: Unable to lock the semaphore

Condition: Changing the modulation or frequency often triggers this warning message.

Workaround: There is no workaround.

CSCsu27822

Symptom: While performing an online insertion and removal (OIR) operation on the Cisco uBR7246VXR router or the Cisco uBR7246 router, the Network Processing Engine (NPE) crashes.

This occurs since an Inter-Process Communication (IPC) is sent to a removed linecard.

Workaround: Add a flag to avoid sending IPC to the removed linecards.

CSCsu77134

Symptom: Service class name field is empty in SAMIS records for deleted PCMM flow. SNMP MIB docsQosServiceFlowLogServiceClassName is also empty for these flows.

Workaround: There is no workaround.


Open Caveats for Release 12.3(23)BC4

Table 24 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco 12.3(23)BC4 release.

Table 24 Open Caveats for Cisco IOS Release 12.3(23)BC4

DDTS ID Number
Description

CSCsi43840

Symptom: In the Cisco uBR7246VXR, the Cisco uBR-MC28U line card resets and the crash file is not generated in the bootflash.

Condition: This occurs on a Cisco uBR7246VXR router with multiple Cisco uBR-MC28U line cards. The problem was first detected on a router running Cisco IOS Release 12.3(17b)BC4, but also exists in routers running later Cisco IOS software releases.

Workaround: There is no workaround.

CSCsl50455

Symptom: A customer premises equipment (CPE) is deleted from the cable modem termination systems (CMTS) database, and the network connectivity is lost.

Condition: This happens in an MPLS-VPN setup, where cable modem (CM) and CPE are in different virtual private network (VPN) routing/forwarding instances (VRF) and source verification with lease query is enabled.

If a legitimate CPE is removed from the CMTS database, and an upstream packet is initiated from CPE, a lease query is generated by the CMTS and sent to the dynamic host configuration protocol (DHCP) server. The lease query response is received from the DHCP server but, the CMTS fails to add the CPE into the database. As a result, the CPE loses its network connectivity.

Workaround: The CPE has to go through the DHCP cycle again. The CPE is added to the CMTS database and network connectivity at the CPE is restored.

CSCsk97436

Symptom: Spurious memory access traceback is observed.

Condition: This is observed after changing the cable bundle command on a cable interface with a cable bundle that has ip vrf forwarding command configured.

Workaround: Disable multicast on the cable bundle interface.


Resolved Caveats for Release 12.3(23)BC4

There are no resolved caveats for Cisco IOS Release 12.3(23)BC4.

Open Caveats for Release 12.3(21a)BC8

Table 25 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco 12.3(21a)BC8 release.

Table 25 Open Caveats for Cisco IOS Release 12.3(21a)BC8

DDTS ID Number
Description

CSCsi43840

Symptom: In the Cisco uBR7246VXR, the Cisco uBR-MC28U line card resets and the crash file is not generated in the bootflash.

Condition: This occurs on a Cisco uBR7246VXR router with multiple Cisco uBR-MC28U line cards. The problem was first detected on a router running Cisco IOS Release 12.3(17b)BC4, but also exists in routers running later Cisco IOS software releases.

Workaround: There is no workaround.


Resolved Caveats for Release 12.3(21a)BC8

Table 26 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco 12.3(21a)BC8 release.

Table 26 Resolved Caveats for Cisco IOS release 12.3(21a)BC8

DDTS ID Number
Description

CSCso63914

Symptom: The Cisco uBR-MC28U cards are not sending SNMP cable modem on/off traps messages.

Condition: This issue only happens on Cisco uBR-MC28U cable cards and routers configured with bundle subinterface.

Workaround: Use bundle interface rather than subinterface.

CSCsk00618

Symptom: The cable interfaces are in shutdown state.

Condition: This occurs during booting. This issue was first detected in routers running Cisco IOS release 12.3(21a)BC7 and later found on routers running later Cisco IOS releases.

Workaround: There is no workaround.

CSCsl87023

Symptom: Different values of upstream center frequency are seen in the output of show running-config and show controllers commands. The 16 KHz resolution configured on the new line card is not correct.

Condition: This occurs when fixed upstream center frequency is configured.

Workaround: This error is cosmetic and has no effect on the behavior of the line card.

CSCso48916

Symptom: The Cisco uBR-MC28U cable interface line card reloads after every software upgrade.

Condition: This occurs during an upgrade.

Workaround: There is no workaround.

CSCsi05373

Symptom: A Cisco uBR7246VXR router may unexpectedly reload due to bus error (Signal = 10, Code = 0x10) and spurious accesses may be observed.

Condition: This issue may occur under the following conditions:

The router is running Cisco IOS Release 12.3(21)BC. This issue also exists on routers running later Cisco IOS releases

The cable modems used were exclusively "Scientific Atlanta EPC2203" and have issue to get grant from the router

Workaround: Do not ping or telnet to the modem while a phone call is crossing it.

CSCek52673

Symptom: A router reloads after receiving a malformed UDP packet.

Condition: Dynamic Host Configuration Protocol (DHCP) is enabled on the router.

Workaround: There is no workaround.

CSCsq05487

Symptom: DHCPDISCOVER message received from the client to the cable modem termination systems (CMTS) relay agent fails to reach the CMTS, and the Dynamic Host Configuration Protocol (DHCP) server. As a result, the cable modem fail to complete DHCP, and fails to get online.

Condition: Another router exists between the CMTS relay agent and server.

Workaround: Configure ip proxy-arp on the network interface of the router that faces the CMTS.

CSCso35102

Symptom: Cable modems may not go online on certain upstream interfaces on routers running Cisco IOS Release 12.3(21a)BC6. The modems do not reach the init(rc) state as well.

Condition: The issue is was first detected routers running Cisco IOS Release 12.3(21a)BC6 and later found on routers running later Cisco IOS Releases.

Workaround: Use the shut/no shut command to fix the issue.

CSCsg81770

Symptom: A subinterface with ifIndex=62 does not show up in ifMIB output.

Condition: This occurs during router configuration. If the ifIndex value=62 is assigned to a subinterface (non hardware interface descriptor block (HWIDB)), then the subinterface may not show up in the ifMIB output.

Workaround: Enabling snmp ifindex persist on the router such that ifIndex=62 is assigned to a HWIDB, or configuring the router's interfaces in an order such that ifIndex=62 is assigned to a HWIDB. The router remains in this state until a reload.

CSCsm77199

Symptom: If the HTTP secure server is configured on the switch, the error message "%DATACORRUPTION-1-DATAINCONSISTENCY: copy error" is displayed with tracebacks. This happens after the initialization of the supervisor.

Condition: This occurs when ip http server command is configured.

Workaround: Execute the no ip http server command. The switch functionality is not affected by this error message. The problem is cosmetic.

CSCsj46707

Symptom: Normal operation of the router is suspended during bootup.

Condition: This occurs as a result of a race condition caused by the order of operations in console_init(). The router hangs and gives traceback.

Workaround: There is no workaround.

CSCsq37824

Symptom: Memory overflow risk may occur with string overflow.

Condition: This occurs during source code analysis.

Workaround: There is no workaround.

CSCsh69471

Symptom: AAA accounting requests are being sent with empty user name. This user name is not displayed using the show command and the show accounting commands for the affected accounting traffic.

Condition: This occurs when commands are executed from a remote host using remote shell.

Workaround: There is no workaround.

CSCsg91306

Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS that can be exploited remotely to trigger a memory leak or to cause a reload of the Cisco IOS device.

Cisco has released free software updates that address these vulnerabilities. Fixed Cisco IOS software listed in the Software Versions and Fixes section contains fixes for all vulnerabilities addressed in this advisory.

There are no workarounds available to mitigate the effects of any of the vulnerabilities apart from disabling the protocol or feature itself, if administrators do not require the Cisco IOS device to provide voice over IP services.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080924-sip.shtml.

CSCsk42759

Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS that can be exploited remotely to trigger a memory leak or to cause a reload of the Cisco IOS device.

Cisco has released free software updates that address these vulnerabilities. Fixed Cisco IOS software listed in the Software Versions and Fixes section contains fixes for all vulnerabilities addressed in this advisory.

There are no workarounds available to mitigate the effects of any of the vulnerabilities apart from disabling the protocol or feature itself, if administrators do not require the Cisco IOS device to provide voice over IP services.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080924-sip.shtml.

CSCsg91306

Symptom: The access server may reload due to software forced crash, causing memory corruption in the processor memory pool of the router.

Condition: This occurs when SIP and VoIP protocols are configured on the router and the erroneous message is received.

Workaround: There is no workaround.


Open Caveats for Release 12.3(23)BC3

Table 27 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco 12.3(23)BC3 release.

Table 27 Open Caveats for Cisco IOS release 12.3(23)BC3

DDTS ID Number
Description

CSCsi43840

Symptom: In the Cisco uBR7246VXR, the Cisco uBR-MC28U line card resets and the crash file is not generated in the bootflash.

Condition: This occurs on a Cisco uBR7246VXR router with multiple Cisco uBR-MC28U line cards. The problem was first detected on a router running Cisco IOS Release 12.3(17b)BC4, but also exists in routers running later Cisco IOS software releases.

Workaround: There is no workaround.

CSCsl50455

Symptom: A customer premises equipment (CPE) is deleted from the cable modem termination systems (CMTS) database, and the network connectivity is lost.

Condition: This happens in an MPLS-VPN setup, where cable modem (CM) and CPE are in different virtual private network (VPN) routing/forwarding instances (VRF) and source verification with lease query is enabled.

If a legitimate CPE is removed from the CMTS database, and an upstream packet is initiated form the CPE, a lease query is generated by the CMTS and sent to the dynamic host configuration protocol (DHCP) server. The lease query response is received from the DHCP server but, the CMTS fails to add the CPE into the database. As a result, the CPE loses its network connectivity.

Workaround: The CPE has to go through the DHCP cycle again. The CPE is added to the CMTS database and network connectivity at the CPE is restored.

CSCsk97436

Symptom: Spurious memory access traceback is observed.

Condition: This is observed after changing the cable bundle command on a cable interface with a cable bundle that has ip vrf forwarding command configured.

Workaround: Disable multicast on the cable bundle interface.


Resolved Caveats for Release 12.3(23)BC3

Table 28 ists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco 12.3(23)BC3 release.

Table 28 Resolved Caveats for Cisco IOS release 12.3(23)BC3

DDTS ID Number
Description

CSCso63914

Symptom: The Cisco uBR-MC28U cards are not sending SNMP cable modem on/off traps messages.

Condition: This issue only happens on Cisco uBR-MC28U cable cards and routers configured with bundle subinterface.

Workaround: Use bundle interface rather than subinterface.

CSCsl87023

Symptom: Different values of upstream center frequency are seen in while executing show running-config and show controllers commands. The 16 KHz resolution configured on the new linecard is not correct.

Condition: This occurs when fixed upstream center frequency is configured.

Workaround: This error is cosmetic and has no effect on the behaviour of the line card.

CSCsm77199

Symptom: If the HTTP secure server is configured on the switch, the error message "%DATACORRUPTION-1-DATAINCONSISTENCY: copy error" is displayed with tracebacks. This happens after the initialization of the supervisor.

Condition: This occurs when ip http server command is configured.

Workaround: Execute the no ip http server command. The switch functionality is not affected by this error message. The problem is cosmetic.

CSCsq37824

Symptom: Memory overflow risk may occur with string overflow.

Condition: This occurs during source code analysis.

Workaround: There is no workaround for this.


Open Caveats for Release 12.3(23)BC2

Table 29 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(23)BC2 release.

Table 29 Open Caveats for Cisco IOS Release 12.3(23)BC2 

DDTS ID Number
Description

CSCso35102

Cable modems may not go online on certain upstream interfaces on routers running Cisco IOS Release 12.3(21a)BC6. The modems do not reach the init(rc) state as well.

The issue is found on routers running Cisco IOS Release 12.3(21a)BC6.

Workaround: Use the shut/no shut command to fix the issue.

CSCsl50455

A CPE loses network connectivity when it is deleted from the CMTS database.

This is observed in an MPLS-VPN setup, where cable modems and the CPE are in different VPN routing/ forwarding (VRF) route tables and source verification with lease query is enabled.

Workaround: If the CPE goes through the DHCP cycle again, it will be added to the CMTS database and the CPE's network connectivity is restored.

CSCso13213

The IP Detail Record (IPDR) document may contain corrupt characters at random locations and may parse incorrectly.

This is observed on theCisco uBR7246 router configured with the Subscriber Account Management Interface Specification (SAMIS) feature running Cisco IOS Release 12.3(17b)BC4.

There are no known workarounds.

CSCso63914

The Cisco uBR-MC28U cable interface line card does not send snmp cable modem on/off traps.

This issue occurs only on routers with the MC28U line cards.

There are no known workarounds.


Resolved Caveats for Release 12.3(23)BC2

Table 30 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(23)BC2 release.

Table 30 Resolved Caveats for Cisco IOS Release 12.3(23)BC2 

DDTS ID Number
Description

CSCso81854

Multiple Cisco products are vulnerable to DNS cache poisoning attacks due to their use of insufficiently randomized DNS transaction IDs and UDP source ports in the DNS queries that they produce, which may allow an attacker to more easily forge DNS answers that can poison DNS caches.

To exploit this vulnerability an attacker must be able to cause a vulnerable DNS server to perform recursive DNS queries. Therefore, DNS servers that are only authoritative, or servers where recursion is not allowed, are not affected.

Cisco has released free software updates that address these vulnerabilities.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml.

This security advisory is being published simultaneously with announcements from other affected organizations.

CSCsm50944

A high CPU value is observed when many host IP addresses of modems are registered with static IP addresses. This is observed when some subinterfaces are configured using cable source-verify command and other subinterfaces in the same bundle are configured using cable source-verify dhcp command.

Workaround: Use cable source-verify dhcp command on both the subinterfaces. As for the static IP addresses, reserve these addresses in the DHCP server.

CSCsg35077

A device that is running Cisco IOS software may crash during processing of an Internet Key Exchange (IKE) message.

Workaround: Customers that do not require IPsec functionality on their devices can use the no crypto isakmp enable command in global configuration mode to disable the processing of IKE messages and eliminate device exposure.

If IPsec is configured, this bug may be mitigated by applying access control lists that limit the hosts or IP networks that are allowed to establish IPsec sessions with affected devices. This assumes that IPsec peers are known. This workaround may not be feasible for remote access VPN gateways where the source IP addresses of VPN clients are not known in advance. ISAKMP uses port UDP/500 and can also use UDP/848 (the GDOI port) when GDOI is in use.

CSCsi05373

A Cisco UBR7246 router may unexpectedly reload due to bus error (Signal = 10, Code = 0x10) and spurious accesses may be observed.

This issue may occur under the following conditions:

The UBR is running Cisco IOS Release 12.3(21)BC

The Modems used were exclusively "Scientific Atlanta EPC2203" and have issue to get grant from the UBR

Workaround: Do not ping or telnet to the modem while a phone call is crossing it.

CSCsi95211

The Tunnel maximum transmission unit (MTU) value is reset to 1514 bytes.

This occurs when the ip mtu value that is configured on a tunnel interface is greater than 1514 bytes and an IP address is subsequently assigned to the Tunnel interface.

Workaround: Re-configuring the ip mtu value after the IP address has been configured restores the ip mtu value.

CSCsm87826

The SNMP polling ccqmEnfRuleViolateTable result is different from the output of the show cable subscriber over command. Both values should match.

Workaround: When the SF ID value is greater than 8000, use the command and not the ccqmEnfRuleViolateTable parameter.For SF ID values less than 8000, the SNMP parameter works fine.

CSCso48916

The Cisco uBR-MC28U cable interface line card reloads after every software upgrade.

There are no known workarounds.

CSCsj85065

A Cisco IOS device may crash while processing an SSL packet. This can happen during the termination of an SSL-based session. The offending packet is not malformed and is normally received as part of the packet exchange.

Cisco has released free software updates that address this vulnerability.

Aside from disabling affected services, there are no available workarounds to mitigate an exploit of this vulnerability.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080924-ssl.shtml.


Open Caveats for Release 12.3(21a)BC7

Table 31 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(21a)BC7 release.

Table 31 Open Caveats for Cisco IOS Release 12.3(21a)BC7 

DDTS ID Number
Description

CSCsi43840

Symptom: In the Cisco uBR7246VXR, the Cisco uBR-MC28U line card resets and the crash file is not generated in the bootflash.

Condition: This occurs on a Cisco uBR7246VXR router with multiple Cisco uBR-MC28U line cards. The problem was first detected on a router running Cisco IOS Release 12.3(17b)BC4, but also exists in routers running later Cisco IOS software releases.

Workaround: There is no workaround.

CSCsl50455

A CPE loses network connectivity when it is deleted from the CMTS database.

This is observed in an MPLS-VPN setup, where cable modems and the CPE are in different VPN routing/ forwarding (VRF) route tables and source verification with lease query is enabled.

Workaround: If the CPE goes through the DHCP cycle again, it will be added to the CMTS database and the CPE's network connectivity is restored.

CSCso13213

The IP Detail Record (IPDR) document may contain corrupt characters at random locations and may parse incorrectly.

This is observed on theCisco uBR7246 router configured with the Subscriber Account Management Interface Specification (SAMIS) feature running Cisco IOS Release 12.3(17b)BC4.

There are no known workarounds.


Resolved Caveats for Release 12.3(21a)BC7

Table 32 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(21a)BC7 release.

Table 32 Resolved Caveats for Cisco IOS Release 12.3(21a)BC7 

DDTS ID Number
Description

CSCsm50944

A high CPU value is observed when many host IP addresses of modems are registered with static IP addresses. This is observed when some subinterfaces are configured using cable source-verify command and other subinterfaces in the same bundle are configured using cable source-verify dhcp command.

Workaround: Use cable source-verify dhcp command on both the subinterfaces. As for the static IP addresses, reserve these addresses in the DHCP server.

CSCsl82266

Loop occurs between uBR and CNR during leasequery. At the loop condition, you can see several leasequeries per second and after a while, the loop ends automatically.

This issue occurs on following conditions:

source-verify dhcp is enabled.

CNR failover setup (Redundant CNR).

The target IP of the leasequery loop should be a CPE which is connected to currently offline CM and ARP entry for the CPE aged out.

There are no known workarounds.

CSCsk74962

Router is experiencing spurious memory access while running the show buffer assigned dump command.

This issue does not cause any operational problems.

There are no known workarounds.

CSCsl73391

CMTS sysUpTime parameter remains unchanged in IPDR document for all records thus making it unreliable for stop records. Similarly, IPDRcreationTime parameters are the same for interim records and are set to the data collection start time for the IPDR document. These may cause certain accounting issues.

This issue occurs when Subscriber Account Management Interface Specification (SAMIS) feature is used.

Workaround: Poll the DOCS-QOS-MIB object directly.

CSCsl61201

CMTS generates duplicate IPDR records for same service identifier (SID). This creates accounting issues for usage-based billing of cable modems.

This issue occurs on uBR10k and uBR7k platforms running Cisco IOS Release 12.3(17b)BC4 when Subscriber Account Management Interface Specification (SAMIS) feature is used.

CSCsm87826

The SNMP polling ccqmEnfRuleViolateTable result is different from the output of the show cable subscriber over command. Both values should match.

Workaround: When the SF ID value is greater than 8000, use the command and not the ccqmEnfRuleViolateTable parameter.For SF ID values less than 8000, the SNMP parameter works fine.

CSCsj85065

A Cisco IOS device may crash while processing an SSL packet. This can happen during the termination of an SSL-based session. The offending packet is not malformed and is normally received as part of the packet exchange.

Cisco has released free software updates that address this vulnerability.

Aside from disabling affected services, there are no available workarounds to mitigate an exploit of this vulnerability.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080924-ssl.shtml.


Open Caveats for Release 12.3(23)BC1

Table 33 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(23)BC1 release.

Table 33 Open Caveats for Cisco IOS Release 12.3(23)BC1 

DDTS ID Number
Description

CSCsm50944

A high CPU value is observed when many host IP addresses of modems are registered with static IP addresses. This is observed when some subinterfaces are configured using cable source-verify command and other subinterfaces in the same bundle are configured using cable source-verify dhcp command.

Workaround: Use cable source-verify dhcp command on both the subinterfaces. As for the static IP addresses, reserve these addresses in the DHCP server.

CSCsi43840

A 28u Card resets with no unexpected reloads file being generated in bootflash.

This may occur on a router with multiple 28u cards and running Cisco IOS Release 12.3(17b)BC4.

There are no known workarounds.

CSCsl50455

A CPE loses network connectivity when it is deleted from the CMTS database.

This is observed in an MPLS-VPN setup, where cable modems and the CPE are in different VPN routing/ forwarding (VRF) route tables and source verification with lease query is enabled.

Workaround: If the CPE goes through the DHCP cycle again, it will be added to the CMTS database and the CPE's network connectivity is restored.


Resolved Caveats for Release 12.3(23)BC1

Table 34 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(23)BC1 release.

Table 34 Resolved Caveats for Cisco IOS Release 12.3(23)BC1 

DDTS ID Number
Description

CSCsl73391

CMTS sysUpTime parameter remains unchanged in IPDR document for all records thus making it unreliable for stop records. Similarly, IPDRcreationTime parameters are the same for interim records and are set to the data collection start time for the IPDR document. These may cause certain accounting issues.

This issue occurs when Subscriber Account Management Interface Specification (SAMIS) feature is used.

Workaround: Poll the DOCS-QOS-MIB object directly.

CSCsl61201

CMTS generates duplicate IPDR records for same service identifier (SID). This creates accounting issues for usage-based billing of cable modems.

This issue occurs on uBR10k and uBR7k platforms running Cisco IOS Release 12.3(17b)BC4 when Subscriber Account Management Interface Specification (SAMIS) feature is used.

CSCsd71318

Cisco 2800 series router crashes when the connection to the URL filter server is reset, either due to network congestion or during a warm/cold reload.

This issue occurs with external Websense or N2H2 server.

Workaround: There are no known workarounds for cold/warm reload. For crash due to network congestion or WAN reset, remove the condition that causes the connection to the URL filter to flap.

CSCsk74962

Router is experiencing spurious memory access while running the show buffer assigned dump command.

This issue does not cause any operational problems.

There are no known workarounds.

CSCsh69471

AAA accounting requests are being sent with empty user name. This issue occurs while using the show command to see the executor of the show accounting commands for the affected accounting traffic.

Workaround: No workaround is required as it is only a display issue.

CSCsl32567

When executing show aaa attribute protocol radius command, the router running Cisco IOS may crash or display junk characters.

There are no known workarounds.

CSCsl82266

Loop occurs between uBR and CNR during leasequery. At the loop condition, you can see several leasequeries per second and after a while, the loop ends automatically.

This issue occurs on following conditions:

source-verify dhcp is enabled.

CNR failover setup (Redundant CNR).

The target IP of the leasequery loop should be a CPE which is connected to currently offline CM and ARP entry for the CPE aged out.

There are no known workarounds.

CSCsk70446

Traceback observed while using long URLs to configure a device using the Cisco IOS HTTP web parser.

This issue occurs while trying to configure commands that have a single keyword or parameter greater than N characters in length, where N is:

50 for Cisco IOS Release 12.0 and above

128 for Cisco IOS Release 12.2 and above

256 for Cisco IOS Release 12.2(25) and above

Workaround: Avoid using the Cisco IOS HTTP web parser for commands with long keywords or arguments.

CSCsj93719

A Cisco uBR7246VXR router with an NPE-G1 reboots. The system returns to ROM with the following error:

Software forced crash, PC 0x6094918C 
 
        

The crash occurs because the redzone is overwritten in the I/O memory pool.

There are no known workarounds.

CSCsk10579

A slow leak may occur on a UBR7200 in the CMTS MAC Parser process.

There are no known workarounds.

CSCsl73702

The uBR7246VXR CMTS router crashes with a bus error at 0x0 address.

There are no known workarounds.

CSCsh29217

Cisco 10000, uBR10012 and uBR7200 series devices use a User Datagram Protocol (UDP) based Inter-Process Communication (IPC) channel that is externally reachable. An attacker could exploit this vulnerability to cause a denial of service (DoS) condition on affected devices. No other platforms are affected.

Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080924-ipc.shtml.


Open Caveats for Release 12.3(21a)BC6

Table 35 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(21a)BC6 release.

Table 35 Open Caveats for Cisco IOS Release 12.3(21a)BC6 

DDTS ID Number
Description

CSCsl73391

CMTS sysUpTime parameter remains unchanged in IPDR document for all records thus making it unreliable for stop records. Similarly, IPDRcreationTime parameters are the same for interim records and are set to the data collection start time for the IPDR document. These may cause certain accounting issues.

This issue occurs when Subscriber Account Management Interface Specification (SAMIS) feature is used.

Workaround: Poll the DOCS-QOS-MIB object directly.

CSCsl61201

CMTS generates duplicate IPDR records for same service identifier (SID). This creates accounting issues for usage-based billing of cable modems.

This issue occurs on uBR10k and uBR7k platforms running Cisco IOS Release 12.3(17b)BC4 when Subscriber Account Management Interface Specification (SAMIS) feature is used.

CSCsi46184

IOS crashes, when you remove a PCMCIA card that is in use.

Workaround: Do NOT remove the flash card when it is in use.

CSCek76143

DOCSIS dynamic state queue can be corrupted and cause a CMTS RP or LC unexpected reload in cmts_get_dyn_transc_state. This is a suspected cause of unexpected reloads in CSCek70406.

This issue occurs with dynamic service flows created in packetcable or non-packetcable environment.

There are no known workarounds.

CSCsd26691

When tdma-atdma docsis mode is configured on the interface, the current reserved value shown on admission control CLI is incorrect.

This issue is observed whenever tdma-atdma is configured.

There are no known workarounds.

CSCsg46637

When an invalid DSX (DSA, DSD, or DSC) message is received, only a vague message is printed out.

There are no known workarounds.

CSCsh41532

PCMM volume-based-usage exceeded should send up a gate-report-state but this is not working as expected.

The volume-based-usage counter is supposed to be reset when a modification is made to it on an existing gate. This should send gate-report-state after the new value has been reached. The counter seems to be retaining the original value in a test case.

There are no known workarounds.

CSCsh68970

Samis tries to use bpe address as source address, which result in connection failure.

Neither cable metering source-interface configured, nor loopback interface available; moreover, the bpe address is the highest ip address among the interfaces.

Workaround: Set up the source interface via CLI cable metering source-interface.

CSCsi68543

TLS is working OK right after is configured originally. If TLS is deconfigured and then reactivated again, the corresponding Ethernet interface is not set to promiscuous mode

Before the configuration changes:

show run
cable l2-vpn-service dot1q
cable dot1q-vc-map <#>.<#>.<#> Ethernet<#> <#>
show controllers
Ethernet<#>
<..>
mac_adfilter_cfg = 0x0000000000000E29
Promiscuous mode ON
 
        

After the TLS configuration was reapplied:

show run
cable l2-vpn-service dot1q
cable dot1q-vc-map <#>.<#>.<#> Ethernet<#> <#>
show controllers
Ethernet<#>
<..>
mac_adfilter_cfg = 0x0000000000000E28
Promiscuous mode OFF
 
        

This issue occurs with TLS configuration.

Workaround: Do not disable TLS once it is enabled.

CSCsi59988

Downstream prioritization on cable interfaces during cable interface congestion is not working when the default downstream token bucket rate-limiting with shaping scheme is in use.

Workaround: Make use of token bucket limiting without shaping.

CSCsi44396

The maximum number of virtual bundle interfaces that can be created on a CMTS is 40. While trying to create the 41st virtual bundle interface via the CLI command, the following error message is displayed:

Vegas-VXR(config)#int bundle 41
Exceeding maximum number of virtual bundle interfaces allowed: 40                       
^
% Invalid input detected at '^' marker.
 
        
Vegas-VXR(config)#
 
        

However, by using the following procedure, the CMTS allowed 41 Virtual Bundle Interfaces. The expected result is the CMTS should not allow the 41st virtual bundle interface to be created.

1. Create virtual interface bundle 254 and then assign bundle254 to cable interface 3/0 and 3/1

2. Issue the following command hw-module slot 3 shutdown powered (This powers down the card)

3. Delete virtual interface bundle 254 (no interface bundle 254)

4. Create virtual interface bundle 1-40

5. Bring up the card that was shutdown in step 2 with no hw-module slot 3 shutdown powered

6. You will now see 41 interface bundles.

There are no known workarounds.

CSCsk60162

Voice assigned to an Unsolicited Grant Services (UGS) flow is not seen on the sniffer, intercepted packet.

This issue occurs sporadically on an MC28X card.

Workaround: Execute a shut/no shut of the cable interface.

CSCsl73298

On a uBR7246VXR CMTS router, the ifHCInUcastPkts (1.3.6.1.2.1.31.1.1.1.7) and ifInBroadcastPkts (1.3.6.1.2.1.31.1.1.1.3) MIB counters appear to be decrementing.

There are no known workarounds.

CSCsi43840

A 28u Card resets with no unexpected reloads file being generated in bootflash.

This may occur on a router with multiple 28u cards and running Cisco IOS Release 12.3(17b)BC4.

There are no known workarounds.

CSCsl73702

The uBR7246VXR CMTS router crashes with a bus error at 0x0 address.

There are no known workarounds.

CSCsl50133

A uBR7200 will reload with following:

No crashinfo
No tracebacks
Last reload reason: Unknown reason
Last reset from watchdog reset
 
        

There are no known workarounds.

CSCsk43650

SNMPwalk of docsIfCmtsCmStatusValue does not show results for all the available modems. The deviation can be identified by comparing the results from the command line interface with those from the SNMPwalk.

There are no known workarounds.


Resolved Caveats for Release 12.3(21a)BC6

There are no resolved caveats for the Cisco IOS 12.3(21a)BC6 release.

Open Caveats for Release 12.3(21a)BC5

Table 36 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(21a)BC5 release.

Table 36 Open Caveats for Cisco IOS Release 12.3(21a)BC5 

DDTS ID Number
Description

CSCsl73391

CMTS sysUpTime parameter remains unchanged in IPDR document for all records thus making it unreliable for stop records. Similarly, IPDRcreationTime parameters are the same for interim records and are set to the data collection start time for the IPDR document. These may cause certain accounting issues.

This issue occurs when Subscriber Account Management Interface Specification (SAMIS) feature is used.

Workaround: Poll the DOCS-QOS-MIB object directly.

CSCsl61201

CMTS generates duplicate IPDR records for same service identifier (SID). This creates accounting issues for usage-based billing of cable modems.

This issue occurs on uBR10k and uBR7k platforms running Cisco IOS Release 12.3(17b)BC4 when Subscriber Account Management Interface Specification (SAMIS) feature is used.

CSCsi46184

IOS crashes, when you remove a PCMCIA card that is in use.

Workaround: Do NOT remove the flash card when it is in use.

CSCek76143

DOCSIS dynamic state queue can be corrupted and cause a CMTS RP or LC unexpected reload in cmts_get_dyn_transc_state. This is a suspected cause of unexpected reloads in CSCek70406.

This issue occurs with dynamic service flows created in packetcable or non-packetcable environment.

There are no known workarounds.

CSCsd26691

When tdma-atdma docsis mode is configured on the interface, the current reserved value shown on admission control CLI is incorrect.

This issue is observed whenever tdma-atdma is configured.

There are no known workarounds.

CSCsg46637

When an invalid DSX (DSA, DSD, or DSC) message is received, only a vague message is printed out.

There are no known workarounds.

CSCsh41532

PCMM volume-based-usage exceeded should send up a gate-report-state but this is not working as expected.

The volume-based-usage counter is supposed to be reset when a modification is made to it on an existing gate. This should send gate-report-state after the new value has been reached. The counter seems to be retaining the original value in a test case.

There are no known workarounds.

CSCsh68970

SAMIS tries to use bpe address as source address, which result in connection failure.

Neither cable metering source-interface configured, nor loopback interface available; moreover, the bpe address is the highest ip address among the interfaces.

Workaround: Set up the source interface via CLI cable metering source-interface.

CSCsi68543

TLS is working OK right after is configured originally. If TLS is deconfigured and then reactivated again, the corresponding Ethernet interface is not set to promiscuous mode

Before the configuration changes:

show run
cable l2-vpn-service dot1q
cable dot1q-vc-map <#>.<#>.<#> Ethernet<#> <#>
show controllers
Ethernet<#>
<..>
mac_adfilter_cfg = 0x0000000000000E29
Promiscuous mode ON
 
        

After the TLS configuration was reapplied:

show run
cable l2-vpn-service dot1q
cable dot1q-vc-map <#>.<#>.<#> Ethernet<#> <#>
show controllers
Ethernet<#>
<..>
mac_adfilter_cfg = 0x0000000000000E28
Promiscuous mode OFF
 
        

This issue occurs with TLS configuration.

Workaround: Do not disable TLS once it is enabled.

CSCsi59988

Downstream prioritization on cable interfaces during cable interface congestion is not working when the default downstream token bucket rate-limiting with shaping scheme is in use.

Workaround: Make use of token bucket limiting without shaping.

CSCsi44396

The maximum number of virtual bundle interfaces that can be created on a CMTS is 40. While trying to create the 41st virtual bundle interface via the CLI command, the following error message is displayed:

Vegas-VXR(config)#int bundle 41
Exceeding maximum number of virtual bundle interfaces allowed: 40                       
^
% Invalid input detected at '^' marker.
 
        
Vegas-VXR(config)#
 
        

However, by using the following procedure, the CMTS allowed 41 Virtual Bundle Interfaces. The expected result is the CMTS should not allow the 41st virtual bundle interface to be created.

1. Create virtual interface bundle 254 and then assign bundle254 to cable interface 3/0 and 3/1

2. Issue the following command hw-module slot 3 shutdown powered (This powers down the card)

3. Delete virtual interface bundle 254 (no interface bundle 254)

4. Create virtual interface bundle 1-40

5. Bring up the card that was shutdown in step 2 with no hw-module slot 3 shutdown powered

6. You will now see 41 interface bundles.

There are no known workarounds.

CSCsk60162

Voice assigned to an Unsolicited Grant Services (UGS) flow is not seen on the sniffer, intercepted packet.

This issue occurs sporadically on an MC28X card.

Workaround: Execute a shut/no shut of the cable interface.

CSCsl73298

On a uBR7246VXR CMTS router, the ifHCInUcastPkts (1.3.6.1.2.1.31.1.1.1.7) and ifInBroadcastPkts (1.3.6.1.2.1.31.1.1.1.3) MIB counters appear to be decrementing.

There are no known workarounds.

CSCsi43840

A 28u Card resets with no unexpected reloads file being generated in bootflash.

This may occur on a router with multiple 28u cards and running Cisco IOS Release 12.3(17b)BC4.

There are no known workarounds.

CSCsl73702

The uBR7246VXR CMTS router crashes with a bus error at 0x0 address.

There are no known workarounds.

CSCsl50133

A uBR7200 will reload with following:

No crashinfo
No tracebacks
Last reload reason: Unknown reason
Last reset from watchdog reset
 
        

There are no known workarounds.

CSCsk43650

SNMPwalk of docsIfCmtsCmStatusValue does not show results for all the available modems. The deviation can be identified by comparing the results from the command line interface with those from the SNMPwalk.

There are no known workarounds.


Resolved Caveats for Release 12.3(21a)BC5

Table 37 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(21a)BC5 release.

Table 37 Resolved Caveats for Cisco IOS Release 12.3(21a)BC5 

DDTS ID Number
Description

CSCsj93719

A Cisco uBR7246VXR router with an NPE-G1 reboots. The system returns to ROM with the following error:

Software forced crash, PC 0x6094918C 
 
        

The crash occurs because the redzone is overwritten in the I/O memory pool.

There are no known workarounds.

CSCsk10579

A slow leak may occur on a UBR7200 in the CMTS MAC Parser process.

There are no known workarounds.

CSCsl32567

When executing show aaa attribute protocol radius command, the router running Cisco IOS may crash or display junk characters.

There are no known workarounds.

CSCsk70446

Traceback observed while using long URLs to configure a device using the Cisco IOS HTTP web parser.

This issue occurs while trying to configure commands that have a single keyword or parameter greater than N characters in length, where N is:

50 for Cisco IOS Release 12.0 and above

128 for Cisco IOS Release 12.2 and above

256 for Cisco IOS Release 12.2(25) and above

Workaround: Avoid using the Cisco IOS HTTP web parser for commands with long keywords or arguments.


Open Caveats for Release 12.3(23)BC

Table 38 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(23)BC release.

Table 38 Open Caveats for Cisco IOS Release 12.3(23)BC 

DDTS ID Number
Description

CSCsi43840

A 28u Card resets with no unexpected reloads file being generated in bootflash.

This may occur on a router with multiple 28u cards and running Cisco IOS Release 12.3(17b)BC4.

There are no known workarounds.

CSCsi59988

Downstream prioritization on cable interfaces during cable interface congestion is not working when the default downstream token bucket rate-limiting with shaping scheme is in use.

Workaround: Make use of token bucket limiting without shaping.

CSCsj14143

ifHCOutOctets and ifHCInOctets values retrieved from the IF-MIB are not correct.

There are no known workarounds.

CSCsj81080

Two Cisco uBR7246VXR routers with NPE-G1s both show negative input queue values on the cable interface. The two routers are passing traffic. The bundled virtual interfaces on the devices have a non-decreasing positive input queue.

Workaround: The negative input queue values issue is cosmetic; the interface still passes traffic. The continuously growing input queue on the bundled interface can be cleared by reloading the device.

CSCsk10579

A slow leak may occur on a UBR7200 in the CMTS MAC Parser process.

There are no known workarounds.

CSCsk59791

A Cisco router running Cisco IOS Release 12.3(17a)BC2 may have all CM connected on the cable interface go offline.

Workaround: Use the shut/no shut cable interface.

CSCsk60162

Voice assigned to an Unsolicited Grant Services (UGS) flow is not seen on the sniffer, intercepted packet.

This issue occurs sporadically on an MC28X card.

Workaround: Execute a shut/no shut of the cable interface.

CSCsk97436

After changing the cable bundle <x> command on a cable interface with a cable bundle that has ip vrf forwarding configured, a spurious memory access traceback was observed.

There are no known workarounds.

CSCsl49015

After replacing the MC16 card, they cannot see the interface values return through SNMP.

All the cable interfaces that was involved in hot-swapping had this issue. CU swapped the following:

MC16 to new MC16

MC16 to new MC28

This is different to the bug CSCsc07829 as only the upstream and downstream port indexes for a certain cable interface are not getting registered.

Workaround: Rebooting the device resolved the issue.

CSCsl50133

A uBR7200 will reload with following:

No crashinfo
No tracebacks
Last reload reason: Unknown reason
Last reset from watchdog reset
 
        

There are no known workarounds.

CSCsk86886

A Cisco router running IOS version 123(17b)BC8 may reload unexpectedly.

There are no known workarounds.


Resolved Caveats for Release 12.3(23)BC

Table 39 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(23)BC release.

Table 39 Resolved Caveats for Cisco IOS Release 12.3(23)BC 

DDTS ID Number
Description

CSCek76143

DOCSIS dynamic state queue can be corrupted and cause a CMTS RP or LC unexpected reload in cmts_get_dyn_transc_state. This is a suspected cause of unexpected reloads in CSCek70406.

This issue occurs with dynamic service flows created in packetcable or non-packetcable environment.

There are no known workarounds.

CSCsd26691

When tdma-atdma docsis mode is configured on the interface, the current reserved value shown on admission control CLI is incorrect.

This issue is observed whenever tdma-atdma is configured.

There are no known workarounds.

CSCsd65958

Packets per second is far greater than bytes per sec on some of the line cardinterfaces, which should not be possible.

This issue occurs when the layer 2 traffic contains broadcast traffic.

There are no known workarounds.

CSCsg46637

When an invalid DSX (DSA, DSD, or DSC) message is received, only a vague message is printed out.

There are no known workarounds.

CSCsh04686

With X25 over TCP (XOT) enabled on a router or catalyst switch, malformed traffic sent to TCP port 1998 will cause the device to reload. This was first observed in IOS 12.2(31)SB2.

Workarounds: Use IPSEC or other tunneling mechanisms to protect XOT traffic. Also, apply ACLs on affected devices so that traffic is only accepted from trusted tunnel endpoints.

CSCsh41532

PCMM volume-based-usage exceeded should send up a gate-report-state but this is not working as expected.

The volume-based-usage counter is supposed to be reset when a modification is made to it on an existing gate. This should send gate-report-state after the new value has been reached. The counter seems to be retaining the original value in a test case.

There are no known workarounds.

CSCsh68970

SAMIS tries to use bpe address as source address, which result in connection failure.

Neither cable metering source-interface configured, nor loopback interface available; moreover, the bpe address is the highest ip address among the interfaces.

Workaround: Set up the source interface via CLI cable metering source-interface.

CSCsi44396

The maximum number of virtual bundle interfaces that can be created on a CMTS is 40. While trying to create the 41st virtual bundle interface via the CLI command, the following error message is displayed:

Vegas-VXR(config)#int bundle 41
Exceeding maximum number of virtual bundle interfaces allowed: 40                       
^
% Invalid input detected at '^' marker.
 
        
Vegas-VXR(config)#
 
        

However, by using the following procedure, the CMTS allowed 41 Virtual Bundle Interfaces. The expected result is the CMTS should not allow the 41st virtual bundle interface to be created.

1. Create virtual interface bundle 254 and then assign bundle254 to cable interface 3/0 and 3/1

2. Issue the following command hw-module slot 3 shutdown powered (This powers down the card)

3. Delete virtual interface bundle 254 (no interface bundle 254)

4. Create virtual interface bundle 1-40

5. Bring up the card that was shutdown in step 2 with no hw-module slot 3 shutdown powered

6. You will now see 41 interface bundles.

There are no known workarounds.

CSCsi68543

TLS is working OK right after is configured originally. If TLS is deconfigured and then reactivated again, the corresponding Ethernet interface is not set to promiscuous mode

Before the configuration changes:

show run
cable l2-vpn-service dot1q
cable dot1q-vc-map <#>.<#>.<#> Ethernet<#> <#>
show controllers
Ethernet<#>
<..>
mac_adfilter_cfg = 0x0000000000000E29
Promiscuous mode ON
 
        

After the TLS configuration was reapplied:

show run
cable l2-vpn-service dot1q
cable dot1q-vc-map <#>.<#>.<#> Ethernet<#> <#>
show controllers
Ethernet<#>
<..>
mac_adfilter_cfg = 0x0000000000000E28
Promiscuous mode OFF
 
        

This issue occurs with TLS configuration.

Workaround: Do not disable TLS once it is enabled.

CSCsl34893

ARP table entries are incorrect for a CPE. This can result in CPE traffic being sent to the wrong modem.

The ARP table issue occurs for CPEs that move from one modem to another or when one CPE goes away and the IP address is allocated to another CPE by the DHCP server.

There are no known workarounds.

CSCsl23947

The MC11C, MC12C and MC14C cable line cards have been "End of software maintenance release" in July 2006 or earlier. These cards will not be recognized on the uBR7200 running a 12.3(23)BC image.

There are no known workarounds.

CSCsl61679

The MC16E and MC16S cards reached "End of software maintenance release" and "End of routine failure analysis" on July 5, 2006 as per the EOL notice:

http://www.cisco.com/en/US/partner/products/hw/modules/ps4302/prod_eol_
notice0900aecd801e8a41.html

Note that even though these cards will be recognized on the uBR7200 running a 12.3(23)BC image, these cards are no longer supported in the software and are subjected to minimal testing.

There are no known workarounds.

CSCsh29217

Cisco 10000, uBR10012 and uBR7200 series devices use a User Datagram Protocol (UDP) based Inter-Process Communication (IPC) channel that is externally reachable. An attacker could exploit this vulnerability to cause a denial of service (DoS) condition on affected devices. No other platforms are affected.

Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080924-ipc.shtml.


Open Caveats for Release 12.3(21a)BC4

Table 40 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(21a)BC4 release.

Table 40 Open Caveats for Cisco IOS Release 12.3(21a)BC4 

DDTS ID Number
Description

CSCsd26691

When tdma-atdma docsis mode is configured on the interface, the current reserved value shown on admission control CLI is incorrect.

This issue is observed whenever tdma-atdma is configured.

There are no known workarounds.

CSCsg46637

When an invalid DSX (DSA, DSD, or DSC) message is received, only a vague message is printed out.

There are no known workarounds.

CSCsh41532

PCMM volume-based-usage exceeded should send up a gate-report-state but this is not working as expected.

The volume-based-usage counter is supposed to be reset when a modification is made to it on an existing gate. This should send gate-report-state after the new value has been reached. The counter seems to be retaining the original value in a test case.

There are no known workarounds.

CSCsh68970

Samis tries to use bpe address as source address, which result in connection failure.

Neither cable metering source-interface configured, nor loopback interface available; moreover, the bpe address is the highest ip address among the interfaces.

Workaround: Set up the source interface via CLI cable metering source-interface.

CSCsi43840

A 28u Card resets with no unexpected reloads file being generated in bootflash.

This may occur on a router with multiple 28u cards and running Cisco IOS Release 12.3(17b)BC4.

There are no known workarounds.

CSCsi44396

The maximum number of virtual bundle interfaces that can be created on a CMTS is 40. While trying to create the 41st virtual bundle interface via the CLI command, the following error message is displayed:

Vegas-VXR(config)#int bundle 41
Exceeding maximum number of virtual bundle interfaces allowed: 40                       
^
% Invalid input detected at '^' marker.
 
        
Vegas-VXR(config)#
 
        

However, by using the following procedure, the CMTS allowed 41 Virtual Bundle Interfaces. The expected result is the CMTS should not allow the 41st virtual bundle interface to be created.

1. Create virtual interface bundle 254 and then assign bundle254 to cable interface 3/0 and 3/1

2. Issue the following command hw-module slot 3 shutdown powered (This powers down the card)

3. Delete virtual interface bundle 254 (no interface bundle 254)

4. Create virtual interface bundle 1-40

5. Bring up the card that was shutdown in step 2 with no hw-module slot 3 shutdown powered

6. You will now see 41 interface bundles.

There are no known workarounds.

CSCsi59988

Downstream prioritization on cable interfaces during cable interface congestion is not working when the default downstream token bucket rate-limiting with shaping scheme is in use.

Workaround: Make use of token bucket limiting without shaping.

CSCsi68543

TLS is working OK right after is configured originally. If TLS is deconfigured and then reactivated again, the corresponding Ethernet interface is not set to promiscuous mode

Before the configuration changes:

show run
cable l2-vpn-service dot1q
cable dot1q-vc-map <#>.<#>.<#> Ethernet<#> <#>
show controllers
Ethernet<#>
<..>
mac_adfilter_cfg = 0x0000000000000E29
Promiscuous mode ON
 
        

After the TLS configuration was reapplied:

show run
cable l2-vpn-service dot1q
cable dot1q-vc-map <#>.<#>.<#> Ethernet<#> <#>
show controllers
Ethernet<#>
<..>
mac_adfilter_cfg = 0x0000000000000E28
Promiscuous mode OFF
 
        

This issue occurs with TLS configuration.

Workaround: Do not disable TLS once it is enabled.

CSCsi83966

Multiple tracebacks are observed:

313861: Apr 10 07:16:06.784 UTC: %REQGRP-3-SYSCALL: System call for 
command 72 (slot4/0) : Could not send blocked IPC message (Cause: 
timeout)
-Traceback= 6069F510 606B35B0 60C5A09C 60C5B7E0 60C58980 61005A70 
610093CC 60FF9910 6101FE0C 60916AC4 60916AA8
 
        
314045: Apr 10 08:16:39.940 UTC: %REQGRP-3-SYSCALL: System call for 
command 42 (slot4/0) : Could not send blocked IPC message (Cause: 
timeout)
-Traceback= 6069F510 606AC4A8 606AEED4 60C898A0 60C89B34 60C5AD40 
60C5B188 60C5B834 60C58980 61005A70 610093CC 60FF9910 6101FE0C 60916AC4 
60916AA8
 
        
313868: Apr 10 07:18:35.833 UTC: %REQGRP-3-SYSCALL: System call for 
command 47 (slot4/0) : Could not send blocked IPC message (Cause: 
timeout)
-Traceback= 6069F510 606B3D0C 606B4930 6069D1EC 6053BEC4 60886370 
60897D40 60916AC4 60916AA8
 
        

This issue occurs on a Cisco uBR7246VXR router with an MC28U card. BPI and VPN are not configured. No crashinfo is seen on PRE or line card.

Workaround: Reset affected line card with hardware module stop/start.

CSCsj81080

Two Cisco uBR7246VXR routers with NPE-G1s both show negative input queue values on the cable interface. The two routers are passing traffic. The bundled virtual interfaces on the devices have a non-decreasing positive input queue.

Workaround: The negative input queue values issue is cosmetic; the interface still passes traffic. The continuously growing input queue on the bundled interface can be cleared by reloading the device.

CSCsk10579

A slow leak may occur on a UBR7200 in the CMTS MAC Parser process.

There are no known workarounds.

CSCsk17493

A slow memory leak exists in Request di and SNMP ENGINE.

This issue occurs on a router running Cisco IOS Release 12.3(17b)BC4 and the Simple Network Management Protocol (SNMP).

There are no known workarounds.

CSCsk43650

SNMPwalk of docsIfCmtsCmStatusValue does not show results for all the available modems. The deviation can be identified by comparing the results from the command line interface with those from the SNMPwalk.

There are no known workarounds.

CSCsk49540

A line card memory allocation failure is causing a system slowdown. The show cable modem, show run, and show tech commands all experience noticeable performance slowdowns.

This issue occurs because a cable line card is running out of memory; Pool Manager Free shows as 0, and holdong shows a large value.

There are no known workarounds.

CSCsk59791

A Cisco router running Cisco IOS Release 12.3(17a)BC2 may have all CM connected on the cable interface go offline.

Workaround: Use the shut/no shut cable interface.

CSCsk60162

Voice assigned to an Unsolicited Grant Services (UGS) flow is not seen on the sniffer, intercepted packet.

This issue occurs sporadically on an MC28X card.

Workaround: Execute a shut/no shut of the cable interface.

CSCsk86886

A Cisco router running IOS version 123(17b)BC8 may reload unexpectedly.

There are no known workarounds.


Resolved Caveats for Release 12.3(21a)BC4

Table 41 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(21a)BC4 release.

Table 41 Resolved Caveats for Cisco IOS Release 12.3(21a)BC4 

DDTS ID Number
Description

CSCsa79984

When using the line subcommand login, it may be possible for a vty to get into a state where the user will not be able to log in to the IOS router. The user will be presented with password followed immediately by "Bad passwords".

The line in this state can be seen with the exec command show line <line number>. In the "Status" line, if "Ctrl-c Enabled" appears, then you may see this problem on that line.

Workaround: To clear this condition follow these sequence of steps.

1. First remove the login from the line.

2. Telnet into the router on the line which is in this state.

3. From enable mode, run the command setup. When prompted with "Continue with configuration dialog", type no.

4. Add the login back to the vty line.

CSCsd65958

Packets per second is far greater than bytes per sec on some of the line card interfaces, which should not be possible.

This issue occurs when the layer 2 traffic contains broadcast traffic.

There are no known workarounds.

CSCsg39295

Password information may be displayed in a Syslog message as follows:

%SYS-5-CONFIG_I: Configured from 
scp://userid:password@10.1.1.1/config.txt by console
 

This issue occurs when using SNMP to modify a configuration by means of the CISCO-CONFIG-COPY-MIB, selection of ConfigCopyProtocol of SCP or FTP may result in the password being exposed in a syslog message.

Workaround: When using SNMP to modify a configuration by means of the CISCO-CONFIG-COPY-MIB, use the ConfigCopyProtocol of RCP to avoid

exposure of the password.

CSCsg58537

The CLI show cable modem <mac/ip> cnr output does not have snr/cnr values. The output shows "-----" instead of snr/cnr, even though traffic is passed through modem.

This issue occurs in when spectrum-group is not configured on Cisco IOS Release 12.3(13a)BC or later.

Workaround: Use show cable modem <mac/ip> phy command to monitor the snr value.

CSCsi91974

With STM1.0, the cable modem can be set in penalty even during Offpeak periods.

This issue occurs on a Cisco router running Cisco IOS Release 12.3(17b)BC5. This issue is not seen in Cisco IOS Release 12.3(13)BC.

There are no known workarounds.

CSCsj14143

ifHCOutOctets and ifHCInOctets values retrieved from the IF-MIB are not correct.

There are no known workarounds.

CSCsj43368

IP connectivity issues or observed when running Baseline Privacy Interface (BPI).

This issue occurs when running Cisco IOS Release 12.3(21a)BC1 using an MC16U card.

Workaround: Downgrade to Cisco IOS Release 12.3(13a)BC6.

CSCsj66692

Data corruption copy error tracebacks are seen on the console or output from the show logging command:

%DATACORRUPTION-1-DATAINCONSISTENCY: copy error,  -PC= 0x41224EFC,  -
Traceback= 0x4153A7D0 0x4155BA0C 0x4157FAF0 0x41224EFC 0x41DDC0A8 
0x41DDC198 
0x41DC6D84 0x41DF3B0C 0x41DC506C 0x41DCE5A4 0x41D91AF8 0x41D90F88 
0x41D9BEFC 
0x41D9C0C0 0x41DAEA68 
 
        

Refer to CSCsj44081 for more information.

There are no known workarounds.

CSCsj74381

A UBR that uses 127.x.x.x prefixes for internal management will include these prefixes in its LDP/TDP address and label mapping messages. Peering routers that have a fix for CSCdx08804 or CSCdx88897 will display error messages such as the following:

%TAGCON-3-TDPID: peer 192.168.254.253:0, TDP Id/Addr mapping problem 
(rcvd invalid address in TDP
address PIE, ignored)
%TAGCON-3-TDPID: peer 192.168.254.253:0, TDP Id/Addr mapping problem 
(rcvd TDP address PIE, bind failed)
%TIB-3-REMOTETAG: 127.3.0.0/255.255.0.0, peer 192.168.254.253:0; tag 1; 
add tag failure
 
        

The error messages are harmless. They indicate that the peer has advertised invalid host/network IP addresses, and the receiving router has accordingly ignored the associated advertisements.

There are no known workarounds.

CSCsk10639

CMTS router received an ARP packet with zero mac-addr for source. CMTS asked IOS software not to create an ARP entry. IOS software still goes ahead and creates an ARP entry with zero mac-addr.

This issue occurs when a virus attack has been mounted on the CMTS.

There are no known workarounds.

CSCsk19693

When cable source-verify dhcp is configured on the bundle interface and a static IP is assigned to a CPE behind a cable modem, the CMTS fails to send a dhcp lease-query and the CPE is able to get network access

Workaround: Move layer 3 configuration from a bundle interface to a subinterface. For example, remove ip address, dhcp, and cable source-verify configuration from "interface bundle 1" to "interface bundle 1.1".

CSCsk27453

The show cable modem vendor summary total clc command does not display any totals.

There are no known workarounds.

CSCsk85060

Replicated packets for LI so that when configured by the cable intercept CLI command, it will not always have the same number of bytes included in the MAC header.

This issue occurs when Mediation Devices and collection functions at law enforcement cannot decode replicated packets when packet replication is done using the cable intercept command. Depending upon the VoIP call, different numbers of bytes are included in the MAC header portion.

There are no known workarounds.


Open Caveats for Release 12.3(21a)BC3

Table 42 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(21a)BC3 release.

Table 42 Open Caveats for Cisco IOS Release 12.3(21a)BC3 

DDTS ID Number
Description

CSCeh33888

A Cisco uBR7246VXR router may reload with Last reset from the watchdog reset.

This issue may occur when the router has a UBR7200-NPE-G1 processor board and is running Cisco IOS 12.3(9a)BC.

There are no known workarounds.

CSCek70406

MC28U line cards can unexpectedly reload in cmts_get_dyn_transc_state.

This issue occurs when dynamic service flows are created in packetcable or non-packetcable environment.

There are no known workarounds.

CSCek76143

DOCSIS dynamic state queue can be corrupted and cause a CMTS RP or LC unexpected reload in cmts_get_dyn_transc_state. This is a suspected cause of unexpected reloads in CSCek70406.

This issue occurs with dynamic service flows created in packetcable or non-packetcable environment.

There are no known workarounds.

CSCsd26691

When tdma-atdma docsis mode is configured on the interface, the current reserved value shown on admission control CLI is incorrect.

This issue is observed whenever tdma-atdma is configured.

There are no known workarounds.

CSCsg13683

Dynamic Service Change (DSC) refresh messages cause out-of-order downstream (DS) voice packets.

There are no known workarounds.

CSCsg46637

When an invalid DSX (DSA, DSD, or DSC) message is received, only a vague message is printed out.

There are no known workarounds.

CSCsg58537

The CLI show cable modem <mac/ip> cnr output does not have snr/cnr values. The output shows "-----" instead of snr/cnr, even though traffic is passed through modem.

This issue occurs in when spectrum-group is not configured on Cisco IOS Release 12.3(13a)BC or later.

Workaround: Use show cable modem <mac/ip> phy command to monitor the snr value.

CSCsh41532

PCMM volume-based-usage exceeded should send up a gate-report-state but this is not working as expected.

The volume-based-usage counter is supposed to be reset when a modification is made to it on an existing gate. This should send gate-report-state after the new value has been reached. The counter seems to be retaining the original value in a test case.

There are no known workarounds.

CSCsh68970

Samis tries to use bpe address as source address, which result in connection failure.

Neither cable metering source-interface configured, nor loopback interface available; moreover, the bpe address is the highest ip address among the interfaces.

Workaround: Set up the source interface via CLI cable metering source-interface.

CSCsi44396

The maximum number of virtual bundle interfaces that can be created on a CMTS is 40. While trying to create the 41st virtual bundle interface via the CLI command, the following error message is displayed:

Vegas-VXR(config)#int bundle 41
Exceeding maximum number of virtual bundle interfaces allowed: 40                       
^
% Invalid input detected at '^' marker.
 
        
Vegas-VXR(config)#
 
        

However, by using the following procedure, the CMTS allowed 41 Virtual Bundle Interfaces. The expected result is the CMTS should not allow the 41st virtual bundle interface to be created.

1. Create virtual interface bundle 254 and then assign bundle254 to cable interface 3/0 and 3/1

2. Issue the following command hw-module slot 3 shutdown powered (This powers down the card)

3. Delete virtual interface bundle 254 (no interface bundle 254)

4. Create virtual interface bundle 1-40

5. Bring up the card that was shutdown in step 2 with no hw-module slot 3 shutdown powered

6. You will now see 41 interface bundles.

There are no known workarounds.

CSCsi59988

Downstream prioritization on cable interfaces during cable interface congestion is not working when the default downstream token bucket rate-limiting with shaping scheme is in use.

Workaround: Make use of token bucket limiting without shaping.

CSCsi68543

TLS is working OK right after is configured originally. If TLS is deconfigured and then reactivated again, the corresponding Ethernet interface is not set to promiscuous mode

Before the configuration changes:

show run
cable l2-vpn-service dot1q
cable dot1q-vc-map <#>.<#>.<#> Ethernet<#> <#>
show controllers
Ethernet<#>
<..>
mac_adfilter_cfg = 0x0000000000000E29
Promiscuous mode ON
 
        

After the TLS configuration was reapplied:

show run
cable l2-vpn-service dot1q
cable dot1q-vc-map <#>.<#>.<#> Ethernet<#> <#>
show controllers
Ethernet<#>
<..>
mac_adfilter_cfg = 0x0000000000000E28
Promiscuous mode OFF
 
        

This issue occurs with TLS configuration.

Workaround: Do not disable TLS once it is enabled.

CSCsi78768

ubr7246VXR modems that are online may not be able to be polled through the CLI show cable modem.

The following message may be seen:

System called for common <xx>; slot <x/y>, could not send blocked IPC 
message
 
        
%REQGRP-3-SYSCALL: System call for command <xx> (slotx/y)
: Could not send blocked IPC message (Cause: timeout)
 
        
-Traceback= <values omitted>
 
        

If the CMTS tries to reload the router through the CLI, a message will indicate that it cannot reload because it is updating the startup configuration:

CMTS1#reload
Proceed with reload? [confirm]
The startup configuration is currently being updated. Try again.
 
        

This issue has been observed on 12.3(17b)BC4 & 12.3(21)BC.

Workaround: Reload the CMTS on sight.

CSCsi83966

Multiple tracebacks are observed:

313861: Apr 10 07:16:06.784 UTC: %REQGRP-3-SYSCALL: System call for 
command 72 (slot4/0) : Could not send blocked IPC message (Cause: 
timeout)
-Traceback= 6069F510 606B35B0 60C5A09C 60C5B7E0 60C58980 61005A70 
610093CC 60FF9910 6101FE0C 60916AC4 60916AA8
 
        
314045: Apr 10 08:16:39.940 UTC: %REQGRP-3-SYSCALL: System call for 
command 42 (slot4/0) : Could not send blocked IPC message (Cause: 
timeout)
-Traceback= 6069F510 606AC4A8 606AEED4 60C898A0 60C89B34 60C5AD40 
60C5B188 60C5B834 60C58980 61005A70 610093CC 60FF9910 6101FE0C 60916AC4 
60916AA8
 
        
313868: Apr 10 07:18:35.833 UTC: %REQGRP-3-SYSCALL: System call for 
command 47 (slot4/0) : Could not send blocked IPC message (Cause: 
timeout)
-Traceback= 6069F510 606B3D0C 606B4930 6069D1EC 6053BEC4 60886370 
60897D40 60916AC4 60916AA8
 
        

This issue occurs on a UBR7246VXR with MC28U card. BPI and VPN are not configured. No crashinfo is seen on PRE or line card.

Workaround: Reset affected line card with hardware module stop/start.

CSCsi91974

With STM1.0, the CM can be set in penalty even during Offpeak period.

This issue occurs on a uBR7200 running 12.3(17b)BC5. This issue is not seen in 12.3(13)BC.

There are no known workarounds.

CSCsj43368

IP connectivity issues or observed when running BPI.

This issue occurs when running Cisco IOS Release 12.3(21a)BC1 using MC16U.

Workaround: Downgrade to Cisco IOS Release 12.3(13a)BC6.

CSCsj56573

A Cisco uBR7246VXR (UBR7200-NPE-G1) with disk2:ubr7200-ik9su2-mz.123-17b.BC4.bin Crashed with the following:

IOS (tm) 7200 Software (UBR7200-IK9SU2-M), Version 12.3(17b)BC4, 
RELEASE
SOFTWARE (fc1)
074243: Jul  1 03:41:27.042 UTC: %SYS-3-OVERRUN: Block overrun at
634F8418 (red zone 00000000)
-Traceback= 6092C0D4 6092CCE4 6092E554 6092E7A4
074244: Jul  1 03:41:27.042 UTC: %SYS-6-MTRACE: mallocfree: addr, pc
 669319D4,60939814 669319D4,30000052 669319D4,60939D80 
669319D4,60939814
 669319D4,30000052 669319D4,60939D80 6693232C,60AD5728 
66932708,60000638
074245: Jul  1 03:41:27.042 UTC: %SYS-6-MTRACE: mallocfree: addr, pc
 669326A0,60AD5720 669327FC,600005BE 66932708,5000003C 
669327A8,60FFA024
 6693293C,6000051E 669327FC,50000062 669328E8,60FFA024 
66934CD0,60000288
074246: Jul  1 03:41:27.042 UTC: %SYS-6-BLKINFO: Corrupted redzone blk
634F8418, words 131072, alloc 604FC9D4, InUse, dealloc 0, rfc
nt 1
-Traceback= 60922818 6092C0E8 6092CCE4 6092E554 6092E7A4
074247: Jul  1 03:41:27.042 UTC: %SYS-6-MEMDUMP: 0x634F8418: 0xAB1234CD
0xFFFFFFFE 0x0 0x61A5B1C0
074248: Jul  1 03:41:27.042 UTC: %SYS-6-MEMDUMP: 0x634F8428: 0x604FC9D4
0x63538440 0x634B8400 0x80020000
074249: Jul  1 03:41:27.042 UTC: %SYS-6-MEMDUMP: 0x634F8438: 0x1 0x0 
0x0
0x0
%Software-forced reload
03:41:27 UTC Sun Jul 1 2007: Breakpoint exception, CPU signal 23, PC =
0x6094872C
--------------------------------------------------------------------
   Possible software fault. Upon reccurence,  please collect
   crashinfo, "show tech" and contact Cisco Technical Support.
--------------------------------------------------------------------
PC Value for redzone is: cmts_bundle_mcast_init(0x604fc998)+0x3c
 
        

This issue occurs under the following conditions:

cisco uBR7246VXR (UBR7200-NPE-G1) with
ubr7200-ik9su2-mz.123-17b.BC4.bin
CRASH : 
074243: Jul  1 03:41:27.042 UTC: %SYS-3-OVERRUN: Block overrun at
634F8418 (red zone 00000000)
-Traceback= 6092C0D4 6092CCE4 6092E554 6092E7A4
 
        

There are no known workarounds.

CSCsj74381

A UBR that uses 127.x.x.x prefixes for internal management will include these prefixes in its LDP/TDP address and label mapping messages. Peering routers that have a fix for CSCdx08804 or CSCdx88897 will display error messages such as the following:

%TAGCON-3-TDPID: peer 192.168.254.253:0, TDP Id/Addr mapping problem 
(rcvd invalid address in TDP
address PIE, ignored)
%TAGCON-3-TDPID: peer 192.168.254.253:0, TDP Id/Addr mapping problem 
(rcvd TDP address PIE, bind failed)
%TIB-3-REMOTETAG: 127.3.0.0/255.255.0.0, peer 192.168.254.253:0; tag 1; 
add tag failure
 
        

The error messages are harmless. They indicate that the peer has advertised invalid host/network IP addresses, and the receiving router has accordingly ignored the associated advertisements.

There are no known workarounds.


Resolved Caveats for Release 12.3(21a)BC3

Table 43 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(21a)BC3 release.

Table 43 Resolved Caveats for Cisco IOS Release 12.3(21a)BC3 

DDTS ID Number
Description

CSCed95187

RST packets may contain a non-randomized identification value on the IP header.

This issue is observed on a Cisco platform that receives a TCP SYN packet on a non-listening port.

There are no known workarounds.

CSCeh48684

Identification field is always 0 in the tacacs+ packet with SYN flag. The tacacs packet goes from a cat6509 through a FW to the AAA server. The FW construes this as a Fragment Overlap Attack and drops additional new connections.

There are no known workarounds.

CSCsb79076

%SYS-3-TIMERNEG errors and tracebacks are observed while making MGCP RSVP calls on a analog (RGW) setups.

This is observed in 12.4(3.9)T1 IOS version.

There are no known workarounds.

CSCsh92986

The latency for the RSH command could increase when they are flowing through an FWSM module.

The following issue was observed on an FWSM that is running 2.2 software: (1) The long delay was triggered by using either Cisco IOS Release 12.3(13a)BC1 or (2) Release 12.3(17a)BC1 on routers toward which those RSH commands were sent.

Workaround: Either bypass the FWSM module or downgrade to Cisco IOS Release 12.3(9a)BC3, which is not affected by this extra delay issue.

CSCsi69173

A certain sequence of upstream connector commands appears to be able to put an upstream channel in a state where it will not come "up" until the cable line card or CMTS is reset.

Workaround: Always ensure that before any manipulation of cable upstream connector commands takes place, that any involved connectors are totally disassociated from upstream channels before configurations changes occur.

CSCsi70106

In some circumstances the "Curr Resv" / Current Reservation counter for Best Effort traffic does not decrease when modems with a reservation are moved away from an upstream channel by dynamic load balancing.

There are no known workarounds.

CSCsi78162

A router that has the SNASwitch feature enabled may generate several of the following messages along with tracebacks:

%DATACORRUPTION-1-DATAINCONSISTENCY: copy of xx bytes should be xx 
bytes
 
        

This issue is observed on a Cisco router that runs a Cisco IOS software image that contains the fix for caveat CSCsh87705. A list of the affected releases can be found at: http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl

Cisco IOS software releases that are not listed in the "First Fixed-in Version" field at this location are not affected.

There are no known workarounds.

CSCsj05744

System crash when the piggy back, fragmentation, multi grants and rate limit are enabled on the upstream.

Workaround: As the test piggy back and multi grants are only be enabled by the test command, and those commands are not documented in the user documents, keep them not be used in the field.

CSCsj06951

Traceback is seen on the terminal.

This issue is seen when configuring user-locale and generating a CNF file under telephony-service.

There are no known workarounds.

CSCsj13380

Data corruption messages may be displayed, and show isdn active may show incorrect information for calling number on outgoing calls.

This problem is inconsistent, and shows up most frequently with the isdn test call command.

There are no known workarounds.

CSCsj16292

Following an upgrade to 12.2(18)SXF9, the following message may be displayed:

%DATACORRUPTION-1-DATAINCONSISTENCY: copy error
-Traceback= 
 
        

This message may appear as a result of SNMP polling of PAgP variables, but does not appear to be service impacting.

There are no known workarounds.

CSCsj18014

A caller ID may be received with extra characters.

This issue is observed when caller ID is enabled on both routers and when the station ID and station name are configured on the FXS side.

There are no known workarounds.

CSCsj26808

When trying to snmpwalk docsIfCmtsCmStatusMacAddress, the device does not get the MAC address associated with the node.

The port the node is on is:

UBR 1 card 5
Downstream 0
Upstream 0, 1, & 2
 
        

This issue occurs during normal customer use.

Root cause of the issue is the erratic "total active devices" of 
Cable5/0.
------------------ show interface Cable5/0 downstream 
------------------
 
        
Cable5/0: Downstream is up
     3810767406 packets output, 2447284803 bytes, 3584 discarded
     0 output errors
     -594 total active devices, 311 active modems      <=========== The 
negtive devices counter will make the snmp code skip all entries on 
C5/0.
        Total downstream bandwidth: 42884 Kbps
        Total downstream reserved/reservable bandwidth: 1177/38595 Kbps
        Estimated usable bandwidth: 37500 Kbps
        Worst case latency for low latency queue: 0 usecs
        Current Upper limit for worst case latency: 0 usecs
        Ranging lists counts
     Maintainence list 310, max 312
     Continous list 1, max 10
     Pending list 0, max 3
 
        

There are no known workarounds.

CSCsj43430

DS PHS suppression does not occur on the uBR7200.

There are no known workarounds.


Open Caveats for Release 12.3(21a)BC2

Table 44 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(21a)BC2 release.

Table 44 Open Caveats for Cisco IOS Release 12.3(21a)BC2 

DDTS ID Number
Description

CSCeh33888

A Cisco uBR7246VXR router may reload with Last reset from the watchdog reset.

This issue may occur when the router has a UBR7200-NPE-G1 processor board and is running Cisco IOS 12.3(9a)BC.

There are no known workarounds.

CSCek70406

MC28U line cards can unexpectedly reload in cmts_get_dyn_transc_state.

This issue occurs when dynamic service flows are created in packetcable or non-packetcable environment.

There are no known workarounds.

CSCek76143

DOCSIS dynamic state queue can be corrupted and cause a CMTS RP or LC unexpected reload in cmts_get_dyn_transc_state. This is a suspected cause of unexpected reloads in CSCek70406.

This issue occurs with dynamic service flows created in packetcable or non-packetcable environment.

There are no known workarounds.

CSCsd26691

When tdma-atdma docsis mode is configured on the interface, the current reserved value shown on admission control CLI is incorrect.

This issue is observed whenever tdma-atdma is configured.

There are no known workarounds.

CSCsg46637

When an invalid DSX (DSA, DSD, or DSC) message is received, only a vague message is printed out.

There are no known workarounds.

CSCsh41532

PCMM volume-based-usage exceeded should send up a gate-report-state but this is not working as expected.

The volume-based-usage counter is supposed to be reset when a modification is made to it on an existing gate. This should send gate-report-state after the new value has been reached. The counter seems to be retaining the original value in a test case.

There are no known workarounds.

CSCsh68970

Samis tries to use bpe address as source address, which result in connection failure.

Neither cable metering source-interface configured, nor loopback interface available; moreover, the bpe address is the highest ip address among the interfaces.

Workaround: Set up the source interface via CLI cable metering source-interface.

CSCsi06219

Modems with UGS flows are moved after a while, even though the default of no move in 123(17)BC was not changed.

There are no known workarounds.

CSCsi43840

A 28u Card resets with no unexpected reloads file being generated in bootflash.

This may occur on a router with multiple 28u cards and running Cisco IOS Release 12.3(17b)BC4.

There are no known workarounds.

CSCsi44396

The maximum number of virtual bundle interfaces that can be created on a CMTS is 40. While trying to create the 41st virtual bundle interface via the CLI command, the following error message is displayed:

Vegas-VXR(config)#int bundle 41
Exceeding maximum number of virtual bundle interfaces allowed: 40                       
^
% Invalid input detected at '^' marker.
 
        
Vegas-VXR(config)#
 
        

However, by using the following procedure, the CMTS allowed 41 Virtual Bundle Interfaces. The expected result is the CMTS should not allow the 41st virtual bundle interface to be created.

1. Create virtual interface bundle 254 and then assign bundle254 to cable interface 3/0 and 3/1

2. Issue the following command hw-module slot 3 shutdown powered (This powers down the card)

3. Delete virtual interface bundle 254 (no interface bundle 254)

4. Create virtual interface bundle 1-40

5. Bring up the card that was shutdown in step 2 with no hw-module slot 3 shutdown powered

6. You will now see 41 interface bundles.

There are no known workarounds.

CSCsi48575

A mc28u card unexpected reload is related to the pointer in the IOS related to arp filters.

This issue occurs on a uBR7246VXR running 12.3(17b)BC4 with 28u cards.

There are no known workarounds.

CSCsi59988

Downstream prioritization on cable interfaces during cable interface congestion is not working when the default downstream token bucket rate-limiting with shaping scheme is in use.

Workaround: Make use of token bucket limiting without shaping.

CSCsi68543

TLS is working OK right after is configured originally. If TLS is deconfigured and then reactivated again, the corresponding Ethernet interface is not set to promiscuous mode

Before the configuration changes:

show run
cable l2-vpn-service dot1q
cable dot1q-vc-map <#>.<#>.<#> Ethernet<#> <#>
show controllers
Ethernet<#>
<..>
mac_adfilter_cfg = 0x0000000000000E29
Promiscuous mode ON
 
        

After the TLS configuration was reapplied:

show run
cable l2-vpn-service dot1q
cable dot1q-vc-map <#>.<#>.<#> Ethernet<#> <#>
show controllers
Ethernet<#>
<..>
mac_adfilter_cfg = 0x0000000000000E28
Promiscuous mode OFF
 
        

This issue occurs with TLS configuration.

Workaround: Do not disable TLS once it is enabled.

CSCsi69173

A certain sequence of upstream connector commands appears to be able to put an upstream channel in a state where it will not come "up" until the cable line card or CMTS is reset.

Workaround: Always ensure that before any manipulation of cable upstream connector commands takes place, that any involved connectors are totally disassociated from upstream channels before configurations changes occur.

CSCsi78768

ubr7246VXR modems that are online may not be able to be polled through the CLI show cable modem.

The following message may be seen:

System called for common <xx>; slot <x/y>, could not send blocked IPC 
message
 
        
%REQGRP-3-SYSCALL: System call for command <xx> (slotx/y)
: Could not send blocked IPC message (Cause: timeout)
 
        
-Traceback= <values omitted>
 
        

If the CMTS tries to reload the router through the CLI, a message will indicate that it cannot reload because it is updating the startup configuration:

CMTS1#reload
Proceed with reload? [confirm]
The startup configuration is currently being updated. Try again.
 
        

This issue has been observed on 12.3(17b)BC4 & 12.3(21)BC.

Workaround: Reload the CMTS on sight.

CSCsi83966

Multiple tracebacks are observed:

313861: Apr 10 07:16:06.784 UTC: %REQGRP-3-SYSCALL: System call for 
command 72 (slot4/0) : Could not send blocked IPC message (Cause: 
timeout)
-Traceback= 6069F510 606B35B0 60C5A09C 60C5B7E0 60C58980 61005A70 
610093CC 60FF9910 6101FE0C 60916AC4 60916AA8
 
        
314045: Apr 10 08:16:39.940 UTC: %REQGRP-3-SYSCALL: System call for 
command 42 (slot4/0) : Could not send blocked IPC message (Cause: 
timeout)
-Traceback= 6069F510 606AC4A8 606AEED4 60C898A0 60C89B34 60C5AD40 
60C5B188 60C5B834 60C58980 61005A70 610093CC 60FF9910 6101FE0C 60916AC4 
60916AA8
 
        
313868: Apr 10 07:18:35.833 UTC: %REQGRP-3-SYSCALL: System call for 
command 47 (slot4/0) : Could not send blocked IPC message (Cause: 
timeout)
-Traceback= 6069F510 606B3D0C 606B4930 6069D1EC 6053BEC4 60886370 
60897D40 60916AC4 60916AA8
 
        

This issue occurs on a UBR7246VXR with MC28U card. BPI and VPN are not configured. No crashinfo is seen on PRE or line card.

Workaround: Reset affected line card with hardware module stop/start.

CSCsi91974

With STM1.0, the CM can be set in penalty even during Offpeak period.

This issue occurs on a uBR7200 running 12.3(17b)BC5. This issue is not seen in 12.3(13)BC.

There are no known workarounds.

CSCsi96501

Objects from docsQosParamSetEntry are causing loop when polling the table with snmpwalk. The RESPONSE to a GET-NEXT gives a lower index.

This issue has been seen for the objects docsQosParamSetServiceClassName and docsQosParamSetMaxTrafficRate

This has been seen on a uBR7246VXR running Cisco IOS Software version 12.3(21)BC

There are no known workarounds.


Resolved Caveats for Release 12.3(21a)BC2

Table 45 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(21a)BC2 release.

Table 45 Resolved Caveats for Cisco IOS Release 12.3(21a)BC2 

DDTS ID Number
Description

CSCsd81407

Multiple voice-related vulnerabilities are identified in Cisco IOS software, one of which is also shared with Cisco Unified Communications Manager. These vulnerabilities pertain to the following protocols or features:

Session Initiation Protocol (SIP)

Media Gateway Control Protocol (MGCP)

Signaling protocols H.323, H.254

Real-time Transport Protocol (RTP)

Facsimile reception

Cisco has made free software available to address these vulnerabilities for affected customers. Fixed Cisco IOS software listed in the Software Versions and Fixes section contains fixes for all vulnerabilities mentioned in this advisory.

There are no workarounds available to mitigate the effects of any of the vulnerabilities apart from disabling the protocol or feature itself.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20070808-IOS-voice.shtml

CSCeg62070

Tracebacks or unexpected reloads are seen during a HTTP transactions with long URLs.

The unexpected reload is seen when the length of any token in the URL of the request is excessively long.

Workaround: Disable HTTP server using the no ip http server command.

CSCse56501

A device running Cisco IOS software that has Internet Protocol version 6 (IPv6) enabled may be subject to a denial of service (DoS) attack. For the device to be affected by this vulnerability the device also has to have certain Internet Protocol version 4 (IPv4) User Datagram Protocol (UDP) services enabled. To exploit this vulnerability an offending IPv6 packet must be targeted to the device. Packets that are routed throughout the router can not trigger this vulnerability. Successful exploitation will prevent the interface from receiving any additional traffic. The only exception is Resource Reservation Protocol (RSVP) service, which if exploited, will cause the device to crash. Only the interface on which the vulnerability was exploited will be affected.

Cisco is providing fixed software to address this issue. There are workarounds available to mitigate the effects of the vulnerability.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080326-IPv4IPv6.shtml.

CSCsf08998

Multiple voice-related vulnerabilities are identified in Cisco IOS software, one of which is also shared with Cisco Unified Communications Manager. These vulnerabilities pertain to the following protocols or features:

Session Initiation Protocol (SIP)

Media Gateway Control Protocol (MGCP)

Signaling protocols H.323, H.254

Real-time Transport Protocol (RTP)

Facsimile reception

Cisco has made free software available to address these vulnerabilities for affected customers. Fixed Cisco IOS software listed in the Software Versions and Fixes section contains fixes for all vulnerabilities mentioned in this advisory.

There are no workarounds available to mitigate the effects of any of the vulnerabilities apart from disabling the protocol or feature itself.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20070808-IOS-voice.shtml

CSCsg40567

Malformed SSL packets may cause a router to leak multiple memory blocks.

This issue is observed on a Cisco router that has the ip http secure server command enabled.

Workaround: Disable the ip http secure server command.

CSCsh14796

Under the DOCSIS1.1 or DOCSISI 2.0 model, the CMTS cannot trigger the CM to re-send SA-MAP/TEK request unless the CM is reset or the CPE re-starts the multicast session by IGMP-leave and IGMP-join again.

There are no known workarounds.

CSCsh59672

Cable filter groups are not correctly updated in the MC28U CLC if changes are made in the CLI.

Specific test cases concerned the IP TOS filtering capabilities:

1) Cable filter group 2 is initially configured to block IP TOS 0x40.

2) The cable filter is then changed to filter based on IP TOS 0x20.

3) Show cable filter group command from CLI indicates that the changed has been made.

4) Same command on the MC28U indicates that is was not changed. The original value of 0x40 remains.

5) To complicate matters more, the filter group work correctly in 12.3(17b)BC4 despite the discrepancy between CLI and CLC. However, in the upcoming 12.3(21)BC release, they do not. The filter behaves based on the CLC config, which never updates unless the CMTS is rebooted after config change is made.

There are no known workarounds.

CSCsi01470

A vulnerability in the Cisco implementation of Multicast Virtual Private Network (MVPN) is subject to exploitation that can allow a malicious user to create extra multicast states on the core routers or receive multicast traffic from other Multiprotocol Label Switching (MPLS) based Virtual Private Networks (VPN) by sending specially crafted messages.

Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080326-mvpn.shtml.

CSCsi01961

A slow leak may occur on a UBR7200 in the CMTS MAC Parser process.

There are no known workarounds.

CSCsi17390

Certain Cable commands are unavailable underneath the cable interface:

no cable arp

no cable proxy

cable arp filters

cable dhcp-giaddr policy/primary

The IOS will not print out that the commands have been removed or a unsupported after bootup. The commands will just be missing.

This issue occurs on a uBR7100 running 12.3(21)BC.

Workaround: Configuring sub-interfaces will allow you to configure:

no cable arp

no cable proxy

cable dhcp-giaddr policy/primary

Cable bundle interface- virtual interfaces are not supported.

CSCsi32107

During normal operations, a bus error forced reload occurs due to SNMP activity on the router.

There are no known workarounds.

CSCsi33899

The CMTS unexpected reloads when snmp set the cdxCmtsCmQosProfile.

This issue occurs when setting the cdxCmtsCmQosProfile with boundary value 16383.

Workaround: Do not set the cdxCmtsCmQosProfile with value bigger than 255.

CSCsi41855

ubr7200 unexpected reloads when 28U card OIR/test reloads while polling ccsFlapEntry.

This issue occurs when the OIR/LC unexpected reloads.

There are no known workarounds.

CSCsi74305

GigE promiscuous mode reset.

This issue is seen when removing and re-adding a TLS configuration.

There are no known workarounds.


Open Caveats for Release 12.3(21a)BC1

Table 46 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(21a)BC1 release.

Table 46 Open Caveats for Cisco IOS Release 12.3(21a)BC1 

DDTS ID Number
Description

CSCeh33888

A Cisco uBR7246VXR router may reload with Last reset from the watchdog reset.

This issue may occur when the router has a UBR7200-NPE-G1 processor board and is running Cisco IOS 12.3(9a)BC.

There are no known workarounds.

CSCej89390

On an ubr7200 CMTS platform with MC28U/MC16U cable line cards, if a CLC interface has bundle slave configured, and the interface bundle slave is brought in/out of bundle slave cfg, CMTS features like "cable source-verify dhcp" and "cable arp" will not work properly.

There are no known workarounds.

CSCek70406

MC28U line cards can unexpectedly reload in cmts_get_dyn_transc_state.

This issue occurs when dynamic service flows are created in packetcable or non-packetcable environment.

There are no known workarounds.

CSCsd26691

When tdma-atdma docsis mode is configured on the interface, the current reserved value shown on admission control CLI is incorrect.

This issue is observed whenever tdma-atdma is configured.

There are no known workarounds.

CSCsd92405

A router crashes when receiving multiple malformed Transparent LAN Service (TLS) and/or Secure Socket Layer (SSL) 3 finished messages. A valid username and password are not required for the crash to occur.

This issue occurs when a router has an Hypertext Transport Protocol (HTTP) secure server enabled and has an open, unprotected HTTP port.

Workaround: There are no known workarounds. You can minimize the chances of the condition occurring by permitting only legitimate hosts to access HTTP on the router.

CSCse11646

Spurious memory access are produced when monitoring MAC packets with the DSG configuration.

There are no known workarounds.

CSCsg46637

When an invalid DSX (DSA, DSD, or DSC) message is received, only a vague message is printed out.

There are no known workarounds.

CSCsh14796

Under the DOCSIS1.1 or DOCSISI 2.0 model, the CMTS cannot trigger the CM to resend SA-MAP/TEK request unless the CM is reset or the CPE re-starts the multicast session by IGMP-leave and IGMP-join again.

There are no known workarounds.

CSCsh41532

PCMM volume-based-usage exceeded should send up a gate-report-state but this is not working as expected.

The volume-based-usage counter is supposed to be reset when a modification is made to it on an existing gate. This should send gate-report-state after the new value has been reached. The counter seems to be retaining the original value in a test case.

There are no known workarounds.

CSCsh59672

Cable filter groups are not correctly updated in the MC28U CLC if changes are made in the CLI.

Specific test cases concerned the IP TOS filtering capabilities:

1) Cable filter group 2 is initially configured to block IP TOS 0x40.

2) The cable filter is then changed to filter based on IP TOS 0x20.

3) Show cable filter group command from CLI indicates that the changed has been made.

4) Same command on the MC28U indicates that is was not changed. The original value of 0x40 remains.

5) To complicate matters more, the filter group work correctly in 12.3(17b)BC4 despite the discrepancy between CLI and CLC. However, in the upcoming 12.3(21)BC release, they do not. The filter behaves based on the CLC config, which never updates unless the CMTS is rebooted after config change is made.

There are no known workarounds.

CSCsh68970

Samis tries to use bpe address as source address, which result in connection failure.

Neither cable metering source-interface configured, nor loopback interface available; moreover, the bpe address is the highest ip address among the interfaces.

Workaround: Set up the source interface via CLI cable metering source-interface.

CSCsh70337

When upgrading from 12.3(13a)BC4 to 12.3(17b)BC5, the tunnel group and tunnel numbers are not preserved and are re-numbered starting from 1.

This issue occurs when upgrading from 12.3(13a)BC4 to 12.3(17b)BC5.

Workaround: Renumber the tunnel numbers.

CSCsh95155

Deleting snmp private RW from 10K still allows RF Switch to Toggle.

This issue occurs when using the RF switch for line card high availability, and the private RW string is removed from the CMTS.

Workaround: Do not delete/remove the private rw snmp string from the CMTS, or be sure to configure the same RW string on the RF S witch(s) and 10K. The HCCP/SNMP string can be changed on the 10K with 12.3(13) code and >.

CSCsi01961

A slow leak may occur on a UBR7200 in the CMTS MAC Parser process.

There are no known workarounds.

CSCsi05373

A CiscoUBR7246 may unexpectedly reload due to bus error (Signal = 10, Code = 0x10) and spurious accesses may be observed.

This issue may occur under the following conditions:

The UBR is running Cisco IOS Release 12.3(21)BC

The Modems used were exclusively "Scientific Atlanta EPC2203" and have issue to get grant from the UBR

Workaround: Do not ping or telnet to the modem while a phone call is crossing it.

CSCsi06219

Modems with UGS flows are moved after a while, even though the default of no move in 123(17)BC was not changed.

There are no known workarounds.


Resolved Caveats for Release 12.3(21a)BC1

Table 47 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(21a)BC1 release.

Table 47 Resolved Caveats for Cisco IOS Release 12.3(21a)BC1 

DDTS ID Number
Description

CSCek70834

CMTS Cable Line Card (CLC) can unexpectedly reload due to a dangling pointer reference in SID database of the CMTS on CLC. In particular, it has been seen on a 520 CLC in a ubr10000 CMTS chassis.

No HA or multicast needs to be configured on the CMTS to see this issue.

There are no known workarounds.

CSCsd30267

The Authentication, Authorization, and Accounting (AAA) per user process is holding memory, and the router is running out of memory.

This issue occurs on a Cisco uBR7114E router running Cisco IOS Release 12.3(13a)BC2 with PPP over Ethernet (PPPOE) dialing and dynamic access control lists (ACLs).

There are no known workarounds

CSCsd85587

A vulnerability has been discovered in a third party cryptographic library which is used by a number of Cisco products. This vulnerability may be triggered when a malformed Abstract Syntax Notation One (ASN.1) object is parsed. Due to the nature of the vulnerability it may be possible, in some cases, to trigger this vulnerability without a valid certificate or valid application-layer credentials (such as a valid username or password).

Successful repeated exploitation of any of these vulnerabilities may lead to a sustained Denial-of-Service (DoS); however, vulnerabilities are not known to compromise either the confidentiality or integrity of the data or the device. These vulnerabilities are not believed to allow an attacker will not be able to decrypt any previously encrypted information.

The vulnerable cryptographic library is used in the following Cisco products:

Cisco IOS, documented as Cisco bug ID CSCsd85587

Cisco IOS XR, documented as Cisco bug ID CSCsg41084

Cisco PIX and ASA Security Appliances, documented as Cisco bug ID CSCse91999

Cisco Unified CallManager, documented as Cisco bug ID CSCsg44348

Cisco Firewall Service Module (FWSM)

This vulnerability is also being tracked by CERT/CC as VU#754281.

Cisco has made free software available to address this vulnerability for affected customers. There are no workarounds available to mitigate the effects of the vulnerability.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20070522-crypto.shtml.


Note Another related advisory is posted together with this Advisory. It also describes vulnerabilities related to cryptography that affect Cisco IOS. A combined software table for Cisco IOS only is available at http://www.cisco.com/warp/public/707/cisco-sa-20070522-cry-bundle.shtml and can be used to choose a software release which fixes all security vulnerabilities published as of May 22, 2007. The related advisory is published at http://www.cisco.com/warp/public/707/cisco-sa-20070522-SSL.shtml.


CSCse05736

A router running RCP can be reloaded by a specific packet.

This issue is seen under the following conditions:

The router must have RCP enabled.

The packet must come from the source address of the designated system configured to send RCP packets to the router.

The packet must have a specific data content.

Workaround: Put access lists on the edge of your network blocking RCP packets to prevent spoofed RSH packets. Use another protocol such as SCP. Use VTY ACLs.

CSCsg48884

When Subscriber Account Management Interface Specification (SAMIS) cable metering is configured for streaming every 15 minutes, the Cisco uBR router streams twice within a 15 minutes period.

This issue occurs in Cisco OS Release 12.3(17a)BC2.

There are no known workarounds.

CSCsh11476

The Cisco uBR7100 series router crashes with the following the watchdog timeout message:

%SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = CMTS 
METERING EXPORT Process. 

The issue occurs after a Subscriber Account Management Interface Specification (SAMIS) outage. When the SAMIS server is down, the Cisco uBR router is supposed to hold a file in flash and then send one update when the server is back online. However, when the server came back online, the router crashed when reading/writing a file to flash.

There are no known workarounds.

CSCsh30009

A Cisco Router running an IOS version that has contains the bug fix for CSCsg21394 may fail to resolve Canonical Names (CNAME) DNS queries.

Router#ping http://www.google.com                                                                                    
 
        
Translating "http://www.google.com"...domain server (x.x.x.x)       
 
        
Translating "http://www.google.com"...domain server (x.x.x.x)                          
Domain: Using source interface FastEthernet4             
Domain: query for http://www.google.com type 1 to x.x.x.x    
DOM: dom2cache: hostname is http://www.google.com, RR type=5, class=1, 
ttl=0, n=8  
DOM: Answer hostname doesn't match query hostnameReply received empty 
Domain: query for http://www.google.com.domain.com type 1 to 
x.x.x.xReply received no such name  
Domain: Using source interface FastEthernet4                
Domain: query for h
 
        

There are no known workarounds.

CSCsh73925

A Cisco uBR7200 or uBR10000 series CMTS may lose ip connectivity to CM/CPE devices after removing a secondary IP address on a cable or bundle interface.

Removing a secondary ip address causes all ARP entries (associated with primary ip address and remaining secondary ip addresses) on that bundle interface to be deleted. Until the ARP table is rebuilt there could be loss of ip connectivity.

Workaround: Ensure that secondary IP addresses are removed during a maintenance window.

Another potential workaround would be to segment the CMTS into smaller cable interface bundle groups or to use separate subinterfaces so that a lower number of modems and CPE ARP entries are linked to each subinterface.

CSCsh86171

Source verification does not work for packets received on MC28U line cards on uBR7200 running 12.3(21)BC image.

If source verification is enabled on the bundle interface including the MC28C line card, using cable source-verify ..., the packets are not source verified.

There are no known workarounds.


Open Caveats for Release 12.3(21)BC

Table 48 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(21)BC release.

Table 48 Open Caveats for Cisco IOS Release 12.3(21)BC 

DDTS ID Number
Description

CSCeh33888

A Cisco uBR7246VXR router may reload with Last reset from the watchdog reset.

This issue may occur when the router has a UBR7200-NPE-G1 processor board and is running Cisco IOS 12.3(9a)BC.

There are no known workarounds.

CSCej89390

On an ubr7200 CMTS platform with MC28U/MC16U cable line cards, if a CLC interface has bundle slave configured, and the interface bundle slave is brought in/out of bundle slave cfg, CMTS features like "cable source-verify dhcp" and "cable arp" will not work properly.

There are no known workarounds.

CSCsd26691

When tdma-atdma docsis mode is configured on the interface, the current reserved value shown on admission control CLI is incorrect.

This issue is observed whenever tdma-atdma is configured.

There are no known workarounds.

CSCse11646

Spurious memory access are produced when monitoring MAC packets with the DSG configuration.

There are no known workarounds.

CSCse33368

A reloaded router reloaded may display the following message:

Last reset from watchdog nmi
 
        
 
        
System was restarted by watchdog timer expired
7200 Software (UBR7200-IK9S-M), Experimental Version 
12.3(20051018:202204) [kishoreg-cassatt-bc7 111]
Compiled Mon 31-Oct-05 23:27 by kishoreg
Image text-base: 0x60008E3C, data-base: 0x6172E00
 
        

There are no known workarounds.

CSCsg46637

When an invalid DSX (DSA, DSD, or DSC) message is received, only a vague message is printed out.

There are no known workarounds.

CSCsg84570

The CMTS (UBR) may unexpectedly reload.

This issue occurs when the "interface bundleX" is used in configuration mode.

There are no known workarounds.

CSCsg84837

When IPX packets are sent to cable upstream, the ifInUnknownPkts for upstream remains at 0.

There are no known workarounds.

CSCsh14796

Under the DOCSIS1.1 or DOCSISI 2.0 model, the CMTS cannot trigger the CM to resend SA-MAP/TEK request unless the CM is reset or the CPE re-starts the multicast session by IGMP-leave and IGMP-join again.

There are no known workarounds.

CSCsh40987

Under certain conditions, UBR7200 with NPE-G1 may unexpectedly reload with a software forced reload after memory corruptions.

There are no known workarounds.


Resolved Caveats for Release 12.3(21)BC

Table 49 lists only severity 1 and 2 caveats and select severity 3 caveats for the Cisco IOS 12.3(21)BC release.

Table 49 Resolved Caveats for Cisco IOS Release 12.3(21)BC 

DDTS ID Number
Description

CSCed62867

After a CMTS reload, a BAD/WRONG BCM3138 FFT error message is logged.

This issue occurs with Spectrum management configuration on MC28U card.

Workaround: FFT data collection is working after the error is logged, so no manual workaround is required.

CSCej87157

If only DS BW is saturated while there is s still US BW available, e911 calls will be rejected.

Workaround: Stop running applications manually to free up DS BW. and turn off automatic DS BW for preemption to occur.

CSCek43268

A QoS profile being used by a CM is able to be deleted.

There are no known workarounds.

CSCek43887

When src-ip of a cfr is edited, the tunnel stats does reset and retain the stats of the previous flow.

There are no known workarounds.

CSCsb27648

Multiple Qos_reserve Qos_commit are seen on radius packet while intercepting packet in packetcable.

The cmts needs to be configure for packetcable and an Gate_set needs to be receive.

There are no known workarounds.

CSCsc27292

Integrated Customer Premise Equipment (CPE) inside of certain brands of Cable Modem and Set Top Box units are unable to acquire an IP address via a Cisco uBR CMTS.

The issue tends to occur when cable interface bundling is configured. The issue occurs in 12.3(13a)BC IOS but not in earlier IOS releases.

Workaround: Revert to an earlier release of IOS for the Cisco uBR CMTS or unconfigure cable interface bundling.

CSCsc63687

When service flows are generated for multicast traffic through the use of the cable and bundle interface command cable match address n a Cisco uBR series CMTS, the docsQosMIBObjects SNMP objects do not report details of the multicast service flows.

Workaround: Revert to the use of the IOS Command Line Interface to gather statistics on multicast service flows.

CSCsc86355

When CPEs are joining and leaving multicast groups on a bundle interface at a very fast rate, and the show interface bundle x multicast command is issued, it is possible that an alignment error or a bus error reload may occur.

There are no known workarounds.

CSCsd30319

Modems get stuck in the init(o) state following an OIR operation if the replacement card type is not identical to the original card.

This issue is related to virtual interface bundling and only occurs on interfaces that are members of a cable bundle.

Workaround: Reboot the router.

CSCsd39821

The VID data in entPhysicalHardwareRev MIB displays the wrong value if the data field in EEPROM is missing.

This issue will affect the Entity MIB in all uBR7246 and uBR10000 software releases if the VID data field is not programmed.

There are no known workarounds.

CSCsd39843

The MIBs entPhysicalSoftwareRev and entPhysicalMfgName for the UBR7200-I/O-2FE/E controller card displays the wrong data.

This issue will affect the Entity MIB for the uBR7200 software releases.

There are no known workarounds.

CSCsd40636

The show ip vrf ? command does not display the WORD option. The show inventory raw ? command does not display options.

There are no known workarounds.

CSCsd59963

The IP ToS/DSCP byte is always set to 0x00 for PacketCable CALEA replicated packets, even when the original packets have a higher value.

There are no known workarounds.

CSCsd80421

The cdxBWQueueTable and cdxBWQueueEntry MIB variables should be able to return information about all upstream bandwidth request queues on a cisco uBR series CMTS. however, only information about the Committed Information Rate (CIR) and the non-exist are shown.

There are no known workarounds.

CSCse06619

When changing a bundle member from one bundle to another, the se