Guest

Cisco IOS Software Releases 12.0 S

Cross-Platform Release Notes for Cisco IOS Release 12.0S, Part 6: Caveats for 12.0(6)S through 12.0(23)S6

  • Viewing Options

  • PDF (3.4 MB)
  • Feedback
Resolved Caveats—Cisco IOS Release 12.0(23)S6

Table Of Contents

Resolved Caveats—Cisco IOS Release 12.0(23)S6

Basic System Services

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(23)S5

Interfaces and Bridging

IP Routing Protocols

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(23)S4

Basic System Services

EXEC and Configuration Parser

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.0(23)S3

Basic System Services

IP Routing Protocols

ISO CLNS

Miscellaneous

TCP/IP Host-Mode Services

Resolved Caveats—Cisco IOS Release 12.0(23)S2

Resolved Caveats—Cisco IOS Release 12.0(23)S1

Resolved Caveats—Cisco IOS Release 12.0(23)S

Basic System Services

EXEC and Configuration Parser

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Novell IPX, XNS, and Apollo Domain

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(22)S6

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.0(22)S5

Basic System Services

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.0(22)S4

Basic System Services

EXEC and Configuration Parser

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

TCP/IP Host-Mode Services

Resolved Caveats—Cisco IOS Release 12.0(22)S3

Resolved Caveats—Cisco IOS Release 12.0(22)S2

Resolved Caveats—Cisco IOS Release 12.0(22)S1

Resolved Caveats—Cisco IOS Release 12.0(22)S

Basic System Services

EXEC and Configuration Parser

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(21)S8

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.0(21)S7

Basic System Services

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.0(21)S6

Resolved Caveats—Cisco IOS Release 12.0(21)S5

Resolved Caveats—Cisco IOS Release 12.0(21)S4

Resolved Caveats—Cisco IOS Release 12.0(21)S3

Resolved Caveats—Cisco IOS Release 12.0(21)S2

Resolved Caveats—Cisco IOS Release 12.0(21)S1

Resolved Caveats—Cisco IOS Release 12.0(21)S

Basic System Services

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(19)S4

Resolved Caveats—Cisco IOS Release 12.0(19)S3

Resolved Caveats—Cisco IOS Release 12.0(19)S2

Resolved Caveats—Cisco IOS Release 12.0(19)S1

Resolved Caveats—Cisco IOS Release 12.0(19)S

Basic System Services

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(18)S7

Resolved Caveats—Cisco IOS Release 12.0(18)S6

Resolved Caveats—Cisco IOS Release 12.0(18)S5

Resolved Caveats—Cisco IOS Release 12.0(18)S3

Resolved Caveats—Cisco IOS Release 12.0(18)S2

Resolved Caveats—Cisco IOS Release 12.0(18)S1

Resolved Caveats—Cisco IOS Release 12.0(18)S

Basic System Services

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.0(17)S7

Resolved Caveats—Cisco IOS Release 12.0(17)S6

Resolved Caveats—Cisco IOS Release 12.0(17)S5

Resolved Caveats—Cisco IOS Release 12.0(17)S4

Resolved Caveats—Cisco IOS Release 12.0(17)S3

Resolved Caveats—Cisco IOS Release 12.0(17)S2

Resolved Caveats—Cisco IOS Release 12.0(17)S1

Resolved Caveats—Cisco IOS Release 12.0(17)S

Basic System Services

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(16)S10

Resolved Caveats—Cisco IOS Release 12.0(16)S9

Resolved Caveats—Cisco IOS Release 12.0(16)S8

Resolved Caveats—Cisco IOS Release 12.0(16)S3

Resolved Caveats—Cisco IOS Release 12.0(16)S2

Resolved Caveats—Cisco IOS Release 12.0(16)S1

Resolved Caveats—Cisco IOS Release 12.0(16)S

Basic System Services

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.0(15)S7

Resolved Caveats—Cisco IOS Release 12.0(15)S6

Resolved Caveats—Cisco IOS Release 12.0(15)S3

Resolved Caveats—Cisco IOS Release 12.0(15)S1

Resolved Caveats—Cisco IOS Release 12.0(15)S

Basic System Services

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(14)S8

Resolved Caveats—Cisco IOS Release 12.0(14)S7

Resolved Caveats—Cisco IOS Release 12.0(14)S3

Resolved Caveats—Cisco IOS Release 12.0(14)S1

Resolved Caveats—Cisco IOS Release 12.0(14)S

Basic System Services

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

TCP/IP Host-Mode Services

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(13)S8

Resolved Caveats—Cisco IOS Release 12.0(13)S6

Resolved Caveats—Cisco IOS Release 12.0(13)S

Basic System Services

EXEC and Configuration Parser

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

TCP/IP Host-Mode Services

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(12)S4

Resolved Caveats—Cisco IOS Release 12.0(12)S3

Resolved Caveats—Cisco IOS Release 12.0(12)S

Basic System Services

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(11)S6

Resolved Caveats—Cisco IOS Release 12.0(11)S

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(10)S8

Resolved Caveats—Cisco IOS Release 12.0(10)S7

Resolved Caveats—Cisco IOS Release 12.0(10)S

Basic System Services

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

TCP/IP Host-Mode Services

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(9)S8

Resolved Caveats—Cisco IOS Release 12.0(9)S

Basic System Services

IBM Connectivity

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(8)S1

Resolved Caveats—Cisco IOS Release 12.0(8)S

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.0(7)S

IBM Connectivity

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.0(6)S

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Troubleshooting


Resolved Caveats—Cisco IOS Release 12.0(23)S6

Cisco IOS Release 12.0(23)S6 is a rebuild release for Cisco IOS Release 12.0(23)S. The caveats in this section are resolved in Cisco IOS Release 12.0(23)S6 but may be open in previous Cisco IOS releases.

Basic System Services

CSCeb66973

Symptoms: A Cisco router or switch may reload when it attempts to read the ifIndex information from an NVRAM file during the bootup process.

Conditions: This symptom is observed when the NVRAM file is corrupt.

Workaround: Disable the ifIndex persistence.

CSCed32794

Symptoms: Executing the tftp-server slaveslot0: global configuration command, or any configuration commands related to tftp-server being set to access flash devices on the slave, will cause the slave to reload.

Conditions: This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0(23)S5 but is not platform dependent.

Workaround: Configure the tftp-server to access flash devices on the master route switch processor (RSP) only.

Interfaces and Bridging

CSCin34068

Symptoms: Interfaces may not be created when a channel group is configured on a Cisco 7500 series or a Cisco 7600 series.

Conditions: This symptom is observed only if channel groups are created on an 8-port multichannel T1 port adapter (PA-MC-8T1) and the PA-MC-8T1 is replaced with an enhanced 8-port multichannel T1/E1 PRI port adapter (PA-MC-8TE1+) by performing an online insertion and removal (OIR). After the port adapters are switched, the channel-group configuration on the PA-MC-8TE1+ does not work as expected.

Workaround: Remove the channel-group configuration on a port adapter before performing an OIR and replacing the port adapter with another port adapter.

IP Routing Protocols

CSCea79487

Symptoms: A Cisco router that is configured with IP multicast may reload because of a bus error.

Conditions: This symptom is observed when a router sends (S,G) R join overrides to a neighbor, and the neighbor times out because of link flaps or because of another reason. The symptom is caused by a timing difficulty and is most likely to occur when you enter the ip pim spt-threshold infinity global configuration command on all routers in the network.

For a list of the affected releases, go to the following location: http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCds31596. Cisco IOS software releases that are not listed in the "First Fixed-in Version" field at this location are not affected.

Workaround: Delete the ip pim spt-threshold infinity global configuration command from all routers in the network to minimize the occurrence of the symptom.

CSCec29953

Symptoms: A retransmission counter may not be reset when a neighbor is terminated.

Conditions: This symptom is observed on a Cisco platform that is running Open Shortest Path First (OSPF) when the retransmission limit default (12 or 24) is added to the retransmission mechanism.

Workaround: Clear the OSPF process by entering the clear ip ospf process pid privileged EXEC command. Then, enter the limit retransmissions non-dc disable router configuration command.

CSCec51206

Symptoms: A memory allocation failure (MALLOCFAIL) from the I/O memory pool may occur.

Condition: This symptom is observed on a Cisco router that receives excessive multicast control traffic.

Workaround: Apply a quality of service (QoS) policy map to limit the rate of the multicast control traffic that can be received by the router.

CSCin52817

Symptoms: A Cisco router may reload unexpectedly when you manually reload the router.

Conditions: This symptom is observed when Open Shortest Path First (OSPF) LSAs are being "maxaged" while you manually reload the router. This situation may occur because of a fluctuating network and is an extreme corner case that cannot be reproduced on demand. The symptom is very unlikely to occur.

Workaround: There is no workaround.

Miscellaneous

CSCdw33267

Symptoms: The router may not resolve all dependent routes for a path again.

Conditions: This symptom is observed if the shutdown interface command followed by the no shutdown interface configuration command is issued on the next hop router on a Cisco router that has Multiprotocol Label Switching (MPLS) enabled.

Workaround: A clear ip route for the affected prefix would take down all the paths and ensure that they are rebuilt and hence reresolved. Also the problem does not arise if a shutdown is not performed.

CSCdx83297

Symptoms: A software-forced reload may occur due to an I/O memory corruption and redzone overrun.

Conditions: This symptom is observed on a Cisco 7200VXR or VIPs with the following Port Adaptors installed: PA-MC-2T1, PA-MC-4T1, PA-MC-8T1, PA-MC-8DSX1, PA-MC-2E1,PA-MC-8E1, PA-MCX-4TE1,PA-MCX-8TE1, PA-MCX-8TE1+, PA-MC-8TE1+.

Workaround: There is no workaround.

CSCea08050

Symptoms: A Cisco router may reload if the show ip access- list access-list-name command is performed on an existing reflexive access-list.

Conditions: This symptom is observed on a Cisco 3620 router that is running Cisco IOS Release 12.3(13).

Workaround: There is no workaround.

CSCea11455

Symptoms: After applying the maximum of 32 Committed Access Rate (CAR) rules and removing them, subsequent attempts to add any new input CAR (iCAR) rules may not be applied, and the router may generate an error message.

Conditions: This symptom is observed on a Cisco 12000 series Engine (E4) Packet-over-SONET (POS) line card.

Workaround: Reload the router.

CSCea72540

Symptoms: A Performance Route Processor (PRP) may reload after the following error message is displayed:

PRP-3-ASM_CORRUPT_PTR

Conditions: This symptom is observed on a Cisco 12000 series on which a defective 1-port OC-192 Packet-over-SONET (POS) Enhanced Services (ES) Engine line card is installed. The symptom occurs because error recovery does not function properly.

Workaround: There is no workaround.

CSCea87364

Symptoms: Distributed Cisco Express Forwarding (DCEF) may become disabled on a Versatile Interface Processor (VIP) or Cisco 12000 series line card (LC), and the following error message may appear on the console:

%FIB-3-FIBDISABLE: Fatal error, slot 12: Window did not open, LC to RP IPC is non-operationa

Conditions: This symptom is observed on a Cisco 7500 series VIP2-50 and VIP4- 80 in which ATM OC-3 port adapters such as the PA-A1-OC3 or PA-A3-OC3 are installed when the Cisco 7500 series is upgraded to Cisco IOS Release 12.0(24) S or Release 12.0(24)S1. This symptom is also observed on a Cisco 12000 series LC during significant, prolonged routing table churn.

Workaround: Reload CEF on the VIP or LC by entering the clear cef linecard slot-number EXEC command.

Alternate Workaround: Restart the VIP by performing an online insertion and removal (OIR). Restart the LC by executing the hw-module slot slot # reload command.

CSCeb22276

Symptoms: Some Simple Network Management Protocol (SNMP) packets may linger in the input queue while they are processed. However, the packets do exit the queue on their own without any intervention from the user. This fix allows these packets to be removed from the queue more quickly.

Conditions: This symptom is observed on a device that runs Cisco IOS software and that supports SNMP operations. In addition, the SNMP request must contain a valid community string.

Workaround: Protect the SNMP community strings with good password management. Permit SNMP traffic only from trusted devices.

CSCeb27452

Symptoms: A Cisco router that functions in a Multiprotocol Label Switching (MPLS) environment may reload unexpectedly with a bus error.

Conditions: This symptom is observed under rare circumstances when the router attempts to send an Internet Control Message Protocol (ICMP) packet that was triggered by an MPLS packet.

Workaround: There is no workaround.

CSCeb56909

Cisco Routers running Internetwork Operating System (IOS) that supports Multi Protocol Label Switching (MPLS) are vulnerable to a Denial of Service (DoS) attack on MPLS disabled interfaces.

The vulnerability is only present in Cisco IOS release trains based on 12.1T, 12.2, 12.2T, 12.3 and 12.3T. Releases based on 12.1 mainline, 12.1E and all releases prior to 12.1 are not vulnerable.

More details can be found in the security advisory which is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050126-les.shtml.

CSCeb75449

Symptoms: Cisco Express Forwarding (CEF) interface tables may become corrupted on a Cisco 12000 series line card, causing traffic to be dropped and the following error message to be logged by the affected line card:

%ADJ-3-ADJFIBIDB: Adjacency update with invalid fibidb(1)

This situation may cause some or all of the CEF interface information to be removed from the affected line card, which you can verify in the output of the show cef interface EXEC command for the affected line card.

Conditions: This symptom is observed on a Cisco 12000 series that runs Cisco IOS Release 12.0(26)S when a series of clear cef linecard EXEC commands are executed in quick succession.

Workaround: Enter the clear cef linecard EXEC command just once for the affected line card.

CSCeb79576

Symptoms: An outgoing label may not be installed in the Label Forwarding Information Base (LFIB) for an IP version 4 (IPv4) prefix.

Conditions: This symptom is observed when the prefix is learned via a Border Gateway Protocol (BGP) session. This situation may occur when the prefix is deleted in the Label Information Base (LIB) and not allocated to any local label binding.

Workaround: There is no workaround.

CSCec07487

Symptoms: An interface may not transmit traffic because the output may be stuck. When this symptom occurs, the console of the Route Switch Processor 4 (RSP4) may display the following error messages:

%ISDN-6-LAYER2DOWN: Layer 2 for Interface Se1/0/2:15, TEI0 changed to down %ISDN-6-LAYER2DOWN: Layer 2 for Interface Se1/0/1:15, TEI0 changed to down %ISDN-6-LAYER2DOWN: Layer 2 for Interface Se1/0/3:15, TEI0 changed to down %RSP-3-RESTART: interface Serial1/0/0:15, not transmitting

Output Stuck on Serial1/0/0:15

%RSP-3-RESTART: interface Serial1/0/1:15, output frozen

%RSP-3-RESTART: interface Serial1/0/2:15, not transmitting

%RSP-3-RESTART: cbus complex

Conditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.1(19)E1 when the compress stac caim interface configuration command is configured on the interface. The symptom may also occur in other releases.

Workaround: Remove the compress stac caim interface configuration command from the interface.

CSCec11122

Symptom: A Cbus Complex may occur and the packet memory may be recarved, causing a temporary disruption in service.

Conditions: This symptom is observed on a Cisco 7500 series when you install an 8-port multichannel T1/E1 PRI port adapter (PA-MC-8TE1+) or an enhanced 2-port T1/E1 high-capacity port adapter (PA-VXC-2TE1+) and when you configure the port adapter via the command-line interface (CLI) for E1 or T1.

Workaround: There is no workaround. Try to install the port adapter during a maintenance window.

CSCec32648

Symptoms: A Frame Relay interface line protocol and/or routing protocol states continually go down.

Conditions: The problem occurs on Frame Relay interfaces of 512 Kbps or lower bandwidth with a service-policy output command referring to a policy map that contains the priority command, whenever the interface is congested for more than 30 seconds with packets larger than 512 bytes.

Workaround: There is no workaround.

CSCec33028

Symptoms: A 1-port E3 serial port adapter (PA-E3) may fail to recover to the "up/up" state even when the original cause of the failure is corrected.

Conditions: This symptom is observed on a Cisco 7500 series.

Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the interface of the PA-E3.

CSCec34274

Symptoms: An Engine 4+ (E4+) Gigabit Ethernet (GE) line card in a Cisco 12000 series that is running Cisco IOS Release 12.0(26)S may reload and display one of the following sets of error messages:

1. %MCC192-3-CPUIF_ERR: Underrun Error: Read Pointer crosses Write Pointer.

2. %FIB-3-FIBDISABLE: Fatal error, slot #: IPC Failure: timeout %CPUIF-3-NO_MEM: sendreq_freeq is NULL.

Conditions: This symptom occurs when the line card receives a bad IP packet whose actual length does not match what the IP header indicates.

Workaround: There is no workaround.

CSCec45985

Symptoms: Fabric handling may fail because of unknown events.

%FABRIC-0-OPERATIONAL: Fabric handling failed: Unknown eventreceived by the fab process %SCHED-3-THRASHING: Process thrashing on watched boolean íFIA queyrí.

-Process= "Fabric", ipl= 6, pid= 11

-Traceback= 50235770 50235864 50407968 5021E644 5021E630

Conditions: This symptom is observed on a Cisco 12410 series Internet router that has an 8xOC3 ATM Engine 3 line card and a 4xOC12 POS Engine 3 line card that is configured with 150 VPN routing/forwarding (VRF) interfaces. The router is running Cisco IOS Release 12.0(23)S4.

Workaround: There is no workaround.

CSCec48008

Symptoms: An interface may have an ifIndex value of 4294967295 (-1) and some interfaces may not be in the ifTable.

Conditions: This symptom is observed when a system is in Stateful Switchover (SSO) mode and then is configured to change the redundancy mode to Route Processor Redundancy Plus (RPR+). The standby Performance Routing Engine (PRE) then restarts. If new interfaces are added to the system (the ifTable) at this point and the primary PRE is not reloaded, the symptom occurs.

Workaround: Perform a reload of both Route Processors (RPs).

Alternate workaround: Perform a forced switchover from SSO mode to RPR+ mode.

CSCec54090

Symptoms: The following message is observed after executing shutdown subinterface of ATM:

%GENERAL-3-EREVENT: c10k_atm_vc_state_change: No current_if_info

Conditions: This symptom is observed on a Cisco 10008 Internet router that is running the Cisco IOS image c10k-p10-mz.120-23.S3b under the following conditions:

1. ATM interface: down/down with pvc configuration on subinterface.

2. ATM interface: initializing/down with no LC and pvc configuration on subinterface.

This error message can be observed when executing no shut/shut subinterface in the above conditions.

Workaround: There is no workaround.

Further Problem Description: When main ATM interface is down (could be either admindown or down), create a point-to-point atm subinterface with vbr-nrt vc in shutdown state. Then deleting pvc underneath the atm subinterface, or deleting the atm subinterface itself, can cause the losing of bandwidth on ATM interface.

For more details, look at the Release-note for CSCed62971.

CSCec75189

Symptoms: Two interfaces may have the same Cisco Express Forwarding (CEF) interface description block (IDB) when the following configuration sequence occurs:

1) You create a subinterface.

2) You delete this subinterface.

3) You create another subinterface.

4) You recreate the first subinterface.

Conditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.0 S or Release 12.2 S.

Workaround: There is no workaround. Reload the router to clear the condition.

CSCec77478

Symptoms: When a Cisco IOS software image runs on a standby Performance Routing Engine (PRE) together with an older version of Cisco IOS software that runs on the primary PRE, the following error message may appear on the standby router:

%IDBINDEX_SYNC-3-IDBINDEX_ENTRY_LOOKUP: Cannot find IDB index table entry: "", 79

After a switchover from the primary PRE to the standby PRE occurs, the interfaces for which the above error messages appear may not be able to send or receive packets.

Conditions: This symptom is observed on a Cisco 10000 series during a Fast Software Upgrade (FSU) operation.

Workaround: There is no workaround.

CSCec79849

Symptoms: A line card may experience high CPU usage, and report alignment and spurious memory access error messages.

Conditions: This symptom is observed on the line card of a Cisco 12000 series Internet router.

Workaround: There is no workaround.

CSCec81198

Symptoms: A service policy may not attach to an interface. When you enter the show policy-map interface EXEC command, the output displays all counters at 0.

Conditions: This symptom is observed on a Cisco router when a policy map is configured on an IP Services Engine (ISE) line card for the Cisco 12000 series router with policing set to less than 64 kbps, and the Cisco IOS software is being upgraded from a release prior to 12.0(26)S up to Cisco IOS Release 12.0(26)S.

Workaround: Make sure that the policing rate is larger than 64 kbps. The service policy may then be attached to the interface.

CSCec82298

Symptoms: A software-forced reload may occur on a Cisco 12000 series router.

Conditions: This symptom is observed on a Cisco 12000 series router after a service policy is enabled.

Workaround: There is no workaround.

CSCec88027

Symptoms: An Engine 4 Plus (E4+) Gigabit Ethernet (GE) or Fast Ethernet (FE) line card that is configured with Any Transport over MPLS (AToM) may fail.

Conditions: This symptom is observed on an E4+ GE or FE line card on a Cisco 12000 series router that is running Cisco IOS Release 12.0(26)S as soon as a soft online insertion and removal (OIR) is performed on the primary clock scheduler card (CSC).

Workaround: There is no workaround.

CSCec89151

Symptoms: The link LED light of a Gigabit Ethernet (GE) line card on a Cisco 12000 series does not light if the port is shut down and brought back up (i.e., shutdown).

Conditions: This symptom is observed on a Cisco 12000 series when the no negotiation auto interface configuration command is entered on the router.

Workaround: Remove the optical RX cable, and then reconnect the cable.

CSCed02859

Symptoms: During installation of a router on an OC-48 DPT/RPR ring, the ring became unstable, and 5 Cisco 12000 series routers reloaded, one reloading twice.

Conditions: This symptom is observed on a mix of Cisco 12016 routers and Cisco 12416 routers that are running Cisco IOS Release 12.0(23)S3 3DES software.

Workaround: There is no workaround.

CSCed03356

Symptoms: The deletion of an ATM subinterface may occasionally cause a secondary Performance Routing Engine (PRE) to reload.

Conditions: This symptom is observed on a Cisco 10000 series that has two PREs that are configured for high availability.

Workaround: There is no workaround. However, the symptom does not affect performance. The primary PRE continues to forward traffic. The secondary PRE will reload if it is configured to do so.

CSCed10778

Symptoms: A failure of an active Route Processor (RP) may cause the standby RP to fail also.

Conditions: This symptom is observed in Cisco 12000 series Internet routers.

Workaround: There is no workaround.

CSCed14064

Symptoms: On a Cisco router that is configured with LLQ, there is queueing on the real time queue.

Conditions: This symptom is observed on a Cisco 10000 ESR that is configured with LLQ.

Workaround: There is no workaround.

CSCed15797

Symptoms: On Engine 2 (E2) n-port OC3 line cards for the Cisco 12000 series router, the pos delay triggers path router configuration command does not implement the specified delay. This results in the link being brought down for Path Alarm Indication Signal (PAIS) or Path Remote Defect Indication (PRDI) defects whose duration is smaller than the specified delay time.

Conditions: This symptom is observed in all releases of Cisco IOS Release 12.0 ST and in all releases of 12.0 S beginning with Release 12.0(22)S.

Workaround: There is no workaround.

CSCed20379

Symptoms: A 6-port CT3 line card crashed due to a Cache Parity Exception. The router will not reload.

Conditions: This symptom occurs on a Cisco 12000 series router that is running Cisco IOS Release 12.0(23)S3 image c12kprp-p-mz.

Workaround: There is no workaround.

CSCed27956

A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.

All Cisco products which contain TCP stack are susceptible to this vulnerability.

This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.

A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.

CSCed29752

Symptoms: On a Cisco 12000 series router that is performing the Label Edge Router (LER) functionality, packets may leave the outbound interface unlabeled if the ingress line card is an ISE even though the destination network appears as tagged in the CEF and TFIB table.

Conditions: This problem has been observed to IP destination addresses using a recursive route. If the problem occurs, the corresponding outputs of show ip cef prefix display an outbound label for the appropriate next-hop. But the output of show ip hardware-cef for this IP address does not display any label.

Further Problem Description: IP packets entering an MPLS network should be labeled if an LDP neighbor is established and the appropriate entries are in the RT, FIB and TFIB. The label imposition takes place in hardware of ISE on the ingress line card. Thereby the hardware information has to follow the control plane information. If the problem is present the control plane information looks consistent but it is not coincident with the hardware information of the ingress line card.

Workaround: There is no workaround.

CSCed33627

Symptoms: A 3-port Gigabit Ethernet (GE) line card may show BMA error, then run error recovery.

Conditions: This symptom is observed on a Cisco 12008/40 router that is running Cisco IOS 12.0(23)S5. It is configured as an MPLS inter-AS ASBR. It is also configured as a PE router. When entering the shut command followed by the no shut command on a POS interface on a 8POS LC, the 3GE LC will show BMA error.

Workaround: There is no workaround.

CSCed38527

A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.

All Cisco products which contain TCP stack are susceptible to this vulnerability.

This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.

A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.

CSCed39059

Symptoms: The tag forwarding table for a line card on Cisco platforms that have distributed (i.e. linecard based) forwarding, such as the Cisco 7500 Series and the Cisco 12000 Series, may not have complete entries even though the Route Processor (RP) does. This results in ingress tagged traffic being dropped for the missing tag forwarding entries.

Conditions: This symptom is observed on Cisco platforms that have distributed (i.e. linecard based) forwarding in a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) environment with a provider edge (PE) router to customer edge (CE) router link.

The problem is more likely to happen if the PE to CE link experiences quick flaps of an interface (i.e. goes down and come back up in a very small amount of time (e.g. 2 sec)). Although this can happen on any linecard, this situation is more likely to happen on the Engine 3(E3) channelized OC48 line cards due to its quick flapping behavior.

Note: There are additional prerequisites for this bug to happen. These are:

- The defect affects routers that are: (a) MPLS VPN PE routers or (b) routers that exchange labels for ipv4 BGP routes.

- For (a) there should be recursive routes on the PE that go over the PE-CE link (this could be either BGP learnt recursive routes or static recursive routes). Also, these recursive routes have the link's CE side ip address as their nexthop.

- There should be a less specific route to get to the nexthop (this can be a default route). This applies for (a) and (b).

Workaround: There is no workaround.

CSCed44319

Symptoms: A file that is copied to an ATA disk may become corrupted.

Conditions: This symptom is observed on any Cisco IOS image that contains the fix for CSCdz27200. The problem does not occur on a disk that is formatted with 16 or less sectors/cluster

Workaround: Use an ATA disk that is formatted with 16 or less sectors/cluster.

CSCed44793

This caveat consists of two separate systems, conditions, and workarounds.

Symptoms 1: A router may reload after a switchover to the standby processor.

Conditions 1: This symptom is observed on a Cisco Route Switch Processor (RSP).

Workaround1: There is no workaround.

Symptoms 2: After a switchover to a standby processor, the indices of the interfaces in the system may be changed by mistake. This may cause problems with forwarding packets and may cause other inconsistencies.

Conditions 2: This symptom is observed on a Cisco 12000 series router.

Workaround 2: There is no workaround.

CSCed47409

Symptoms: In Cisco IOS software that is running Multiprotocol Label Switching (MPLS), a router may reload after accessing a freed Label Information Base (LIB) entry. When the symptom occurs, an error message similar to the following is likely to precede the reload:

%TIB-3-LCLTAG: 10.10.10.10/10.10.10.10, tag advert; unexpected tag state=13

Conditions: This symptom is observed when a very uncommon timing of a Label Distribution Protocol (LDP) events occurs. The symptom may occur with LDP or Tag Switching Distribution Protocol (TDP).

Workaround: There is no workaround.

CSCed68575

Cisco Internetwork Operating System (IOS) Software releases trains 12.0S, 12.1E, 12.2, 12.2S, 12.3, 12.3B and 12.3T may contain a vulnerability in processing SNMP requests which, if exploited, could cause the device to reload.

The vulnerability is only present in certain IOS releases on Cisco routers and switches. This behavior was introduced via a code change and is resolved with CSCed68575.

This vulnerability can be remotely triggered. A successful exploitation of this vulnerability may cause a reload of the device and could be exploited repeatedly to produce a Denial of Service (DoS).

This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-snmp.shtml

CSCed68763

Symptoms: Engine 2 line cards may fail upon clearing BGP peers.

Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(27)S.

Workaround: There is no workaround.

CSCed72340

Symptoms: Some MQC commands on 4xOC3 and 8xOC3 ISE line cards on Cisco 12000 series routers may result in a message similar to the following:

% Service policy on FR sub-interface POS1/1.2 must be hierarchical.

Due to the error, no policy is applied to the interface. Even though the running configuration has the policy on the interface, the policy will not take effect.

Conditions: This symptom is observed on Cisco 12000 series routers.

Workaround: There is no workaround.

CSCin35896

Symptoms: The outgoing label for a prefix that is received through Border Gateway Protocol (BGP) IP version 4+ (IPv4+) labels may not be installed in the Tag Forwarding Information Base (TFIB).

Conditions: This symptom is observed if the router that performs a BGP IPv4+ label exchange receives a label withdraw request for an MPLS label from a BGP peer that is followed by a readvertisement of the label. This symptom occurs if the no mpls ip global configuration command followed by the mpls ip global configuration command is executed on the peer router; however, the label withdraw request may be triggered in other ways also.

Workaround: Enter the clear ip route prefix EXEC command to correct the symptom.

CSCin57765

Symptoms: A router may become unresponsive and may reload when you append a file whose size is not a multiple of 512 bytes to an Advanced Technology Attachment (ATA) flash card (for example, boot disk, disk0, disk1).

For example, this situation may occur when you enter the show command | tee /append url privileged EXEC command.

Conditions: This symptom is observed on a Cisco platform that runs a Cisco IOS image that contains the fix for caveat CSCdz27200 and that utilizes an ATA flash card. A list of the affected releases can be found at http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCdz27200. Cisco IOS software releases that are not listed in the "First Fixed-in Version" field at this location are not affected.

Workaround: Write the output of the show command to a new file instead of appending it to an existing file by entering the show command | tee url privileged EXEC command.

CSCuk41728

Symptoms: A router may reload.

Conditions: This symptom is observed when Web Cache Communication Protocol (WCCP) and Cisco Express Forwarding (CEF) are both enabled on the router.

Workaround: Disabling CEF is a possible workaround, but this workaround may impact the performance of the router.

CSCuk48314

Symptoms: During an SSO switchover, the newly active Route Processor (RP) may output the following error message:

%SCHED-7-WATCH: Attempt to monitor uninitialized watched queue (address 0).

-Process= "CEF LC IPC Background"

This error is harmless, and no functional problem will occur when this error is received.

Conditions: This symptom occurs during an SSO switchover.

Workaround: There is no workaround.

Wide-Area Networking

CSCec83030

Symptoms: A parity error on a Versatile Interface Processor (VIP) card may cause other VIPs to go to a wedged state.

Conditions: This symptom is observed on a Cisco 7500 series router.

Workaround: There is no workaround.

Resolved Caveats—Cisco IOS Release 12.0(23)S5

Cisco IOS Release 12.0(23)S5 is a rebuild release for Cisco IOS Release 12.0(23)S. The caveats in this section are resolved in Cisco IOS Release 12.0(23)S5 but may be open in previous Cisco IOS releases.

Interfaces and Bridging

CSCeb38393

Symptoms: A Cisco 7500 series may generate the following message on its console:

%VIP-3-BADMALUCMD: Unsupported MALU command 81/82

Conditions: This symptom is observed on a Cisco 7500 series that is running Cisco IOS Release 12.0(23)S1.

Workaround: There is no workaround.

IP Routing Protocols

CSCeb17467

Symptoms: A Cisco router may reload when Border Gateway Protocol (BGP) is configured to carry Virtual Private Network version 4 (VPNv4) routes.

Conditions: This symptom is observed when VPNv4 import processing occurs simultaneously with a BGP neighbor reset, for example, when a VPN routing and forwarding (VRF) instance is configured and you enter the clear ip bgp * privileged EXEC command.

Workaround: There is no workaround.

CSCeb22359

Symptoms: A Cisco 12000 series may reload when you enter the show bgp ipv6 unicast or show bgp ipv6 multicast user EXEC or privileged EXEC mode command.

Conditions: This symptom is observed when IP version 6 (IPv6) multicast is configured.

Workaround: There is no workaround.

CSCeb85136

Symptoms: After a Performance Routing Engine 1 (PRE1) cutover in Route Processing Redundancy Plus (RPR+) mode in a Stateful Switchover (SSO) image, no virtual circuit (VC) is recovered.

Conditions: This symptom is observed when the high availability (HA) configuration mode is changed to the RPR+ mode from the default SSO mode on an SSO image when the HA cutover is completed.

Workaround: There is no workaround.

CSCec23559

Symptom: A Cisco router running Multicast Source Discovery Protocol (MSDP) may reload when the show ip mdsp peer peer-address advertised-SAs user EXEC/privileged EXEC command is entered.

Condition: These symptoms are only observed on a router that is running MDSP.

Workaround: 1)Enter the no ip domain-lookup command in global configuration mode. 2)If the ip host {name} {address1} global configuration command is configured, the host name should not be more than 36 characters.

IP Routing Protocols

CSCec16481

A Cisco device running Internetwork Operating System (IOS) and enabled for the Open Shortest Path First (OSPF) Protocol is vulnerable to a Denial of Service (DoS) attack from a malformed OSPF packet. The OSPF protocol is not enabled by default.

The vulnerability is only present in IOS release trains based on 12.0S, 12.2, and 12.3. Releases based on 12.0, 12.1 mainlines and all IOS images prior to 12.0 are not affected. Refer to the Security Advisory for a complete list of affected release trains.

Further details and the workarounds to mitigate the effects are explained in the Security Advisory which is available at the following URL:

http://www.cisco.com/warp/public/707/cisco-sa-20040818-ospf.shtml.

ISO CLNS

CSCdz30118

Symptoms: On a Cisco router, Intermediate System-to-Intermediate System Version 6 (IS-ISv6) routes may not be inserted in the IPv6 routing table after a reload or after a neighbor's interface state changes. This symptom affects only configurations with level-2-only links.

Conditions: This symptom may be observed on Cisco routers that are running Cisco IOS Release 12.0(22)S.

Workaround: Use the clear isis * privileged EXEC command after a reload or after a topology change. Use level 1-2 links.

Miscellaneous

CSCdx59391

Symptoms: A Cisco 7500 series router that acts as the penultimate hop of the backup Label Switched Path (LSP) and that is configured with the mpls traffic-eng signalling interpret explicit-null verbatim router configuration command may have the primary LSP go down when Fast ReRoute (FRR) is enabled on the router.

Conditions: This symptom is observed on a Cisco 7500 series that has Multiprotocol Label Switching (MPLS) traffic engineering (TE) configured.

Work around: Do not configure the mpls traffic-eng signalling interpret explicit-null verbatim router configuration command.

CSCdy42383

Symptoms: A router may not load balance traffic properly between two OC-48 Packet over SONET (POS) Engine 2 (E2) line cards.

Conditions: This symptom is observed on a Cisco 12416 series Internet router that is running Cisco IOS Release 12.0(21)ST2 and that has two OC-48 POS E2 line cards.

This symptom is observed while the Cisco 12416 has incoming traffic from an Engine 4 (E4) line card and outgoing traffic is sent through the E2 line card via parallel links. This symptom does not occur if the incoming card is replaced with an E2 line card.

Workaround: There is no workaround.

CSCdy67021

Symptoms: When an hw-module slot <x> reload is issued on the server card, some error messages plus tracebacks appear. Sessions are also nonoperational.

Conditions: This symptom occurs on Cisco 12000 series routers that are running Cisco IOS Release 12.0(22)S.

Workaround: There is no workaround.

CSCdy74384

Symptoms: Per Interface Rate Control (PIRC) does not act on IP traffic that would have otherwise been tagged (MPLS) if the current hop was not the pin- ultimate hop for a given destination. PIRC does not act on IP traffic with destination addresses that have an implicit-null label as their label binding.

Conditions: This symptom is observed on a Cisco 12000 series router.

Workaround: There is no workaround.

CSCdz17192

Symptoms: A 4-port OC-3 Packet-over-SONET (POS) Engine 0 line card that is installed in slot 14 of a Cisco 12416 may reload because of a bus error. In the output of the show context all EXEC command, the value of the badVaddr field is 0x14.

Conditions: This symptom is observed on a Cisco 12416 that runs Cisco IOS Release 12.0(21)S1, Release 12.0(23)S2, or Release 12.0(23)S3. More 12.0 S releases may be affected.

Workaround: There is no workaround.

CSCdz30140

Symptoms: When creating IP version 6 (IPv6) Access Control Lists (ACLs), the following message is displayed several times:

%Access list already exists with these parameters

In some cases, looking at the ACL indicates unwanted commands that are added, such as the following:

permit ipv6 any any sequence 20

deny 0 any any sequence 30

These statements cannot be removed from the ACL. In other cases, lines of the ACL are modified. If a remark is added to the ACL once, then it will be repeated in ACL several times.

Conditions: These symptoms are observed in Cisco IOS releases from Cisco IOS Release 12.0(23)S to Cisco IOS Release 12.0(26)S. The symptoms are seen only when the router has dual gigabit route processors (GRPs) installed and with different redundancy modes configured.

Workaround: There is no workaround.

CSCdz35216

Symptoms: A router permanently pauses when removing certain types of policies from the interface.

Conditions: This symptom is observed on a Cisco router if the policy has bandwidth configured on class-default. When this policy is removed, the router permanently pauses.

Workaround: There is no workaround.

CSCdz35426

Symptoms: A primary Route Processor (RP) and a standby RP may not load the correct image when a Cisco 12000 series router is reloaded.

Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S2 or an earlier release when all of the following conditions are present:

- An Advanced Technology Attachment (ATA) disk or a Flash card such as a Personal Computer Memory Card International Association (PCMCIA) card is installed in both the primary RP and the standby RP.

- The Route Processor Redundancy (RPR) mode is enabled.

- The boot system tftp ip-address global configuration command is enabled in the configuration.

The symptom does not occur when the Route Processor Redundancy plus (RPR+) mode or the Stateful Switchover (SSO) feature is enabled.

Workaround: Use the RPR+ mode or the SSO feature.

Alternate Workaround for Cisco IOS Release 12.0(22)S2 only: After the RPs have booted up, remove the boot system tftp ip- address global configuration command from the configuration and execute the upgrade rom-monitor EXEC command to enable the ROM monitor to be upgraded.

CSCdz53693

Symptoms: The ip access-group interface configuration command does not function on a PortChannel interface.

Conditions: This symptom is observed in Cisco IOS Release 12.0(23)S1.

Workaround: There is no workaround.

CSCdz54497

This caveat consists of two symptoms, two conditions, and two workarounds:

Symptom 1: The interface index of a tunnel interface may be corrupt, and the output of the show running-config privileged EXEC command may display the following information:

%FIB-2-IFINDEXILLEGAL: An internal software error occurred. Argument ifindex is out of bounds at -1.

Condition 1: This symptom is observed on a Cisco 7500 series after a switchover has occurred and you first add a tunnel interface, then remove the tunnel interface, and then add the tunnel interface again.

Workaround 1: There is no workaround.

Symptom 2: Cisco Express Forwarding (CEF) may not form adjacencies across a 2-port multichannel T3 port adapter (PA-MC-2T3+) as is indicated in the output of the show cef interface type number EXEC command (in this example, serial interface 12/0/0/8:0 is used):

% CEF IDB corresponding to Serial12/0/0/8:0 is not found

Condition 2: This symptom is observed on a Cisco 7500 series after a switchover has occurred and you first add a serial interface, then remove the serial interface, and then add the serial interface again.

Workaround 2: There is no workaround.

CSCdz57717

Symptoms: When Stateful Switchover (SSO) is configured and you enter the hw-module reload privileged EXEC command on a 4-port OC3 ATM line card before the standby Route Processor (RP) has come up completely, the standby RP may reload.

Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(24)S.

Workaround: There is no workaround.

CSCdz63644

Symptoms: After a Performance Routing Engine 1 (PRE1) cutover in Route Processing Redundancy Plus (RPR+) mode in a Stateful Switchover (SSO) image, no virtual circuit (VC) is recovered.

Conditions: This symptom is observed when the high availability (HA) configuration mode is changed to the RPR+ mode from the default SSO mode on an SSO image when the HA cutover is completed.

Workaround: There is no workaround.

CSCdz66770

Symptoms: Tag Distribution Protocol (TDP) may not convey the label change information for a prefix that is learned via an exterior Border Gateway Protocol plus (EBGP+) label to its TDP peers.

Conditions: This symptom is observed on a Cisco 7500 series when TDP is used. The symptom does not occur when Label Distribution Protocol (LDP) is used.

Workaround: There is no workaround.

CSCea05010

Symptoms: An outgoing adjacency for a Virtual Private Network (VPN) routing/forwarding (VRF) prefix always points to a virtual interface in distributed Cisco Express Forwarding (dCEF).

Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S5.

Workaround: There is no workaround.

CSCea16628

Symptoms: An Engine 3 (E3) Gigabit Ethernet line card may reload or cause the router that it is installed on to reload.

Conditions: This symptom is observed when an E3 Gigabit Ethernet line card that has 1000 VLANs and that is sending line rate IP version 6 (IPv6) traffic on the VLANs is reloaded.

Workaround: There is no workaround.

CSCea52387

Symptoms: An Engine 3 (E3) line card may exhibit "ALPHA" errors and reload.

Conditions: This symptom is observed on a Cisco 12000 series that has per- prefix accounting configured when the clear ip route * privileged EXEC command is entered to delete IP routing table entries.

Workaround: Disable per-prefix accounting.

CSCea72654

Symptoms: A Cisco router that is running Multiprotocol Label Switching (MPLS) may reload after a message similar to the following is generated:

%SYS-3-OVERRUN: Block overrun at 5414B2C8 (red zone 00000000)

Conditions: This symptom is observed when more than 672 Label Distribution Protocol (LDP) sessions are established simultaneously and when LDP cannot perform some background tasks for an advertised Label Information Base (LIB) entry before the local label is changed or withdrawn.

Workaround: There is no workaround.

CSCea75184

Symptoms: A memory allocation (malloc) failure may occur during a Cisco Express Forwarding (CEF) process on a redundant Route Processor (RP) and may cause the redundant RP to stop processing queued CEF update messages that are sent by the active RP. This malloc failure may be observed in the output of the show cef linecard EXEC command.

Because the redundant RP no longer processes CEF update messages that are sent by the active RP, the message queue on the active RP continues to grow, causing the free memory of the active RP to decrease. The rate of this decrease depends on the rate of prefix changes in the network. The continued growth of the message queue eventually results in a malloc failure on the active RP, or results in CEF being disabled.

Conditions: This symptom is observed on a Cisco router that is configured with redundant RPs.

Workaround: Reload the redundant RP by entering the hw-module secondary-cpu reset EXEC command.

CSCea86724

Symptoms: A Cisco router that is configured for IP over Multiprotocol Label Switching (MPLS) may reload. CPUHOG messages may be displayed on the console before the router reloads.

Conditions: This symptom is observed in configurations with many interfaces or IP addresses, or with a very large number of labelled prefixes.

Workaround: There is no workaround.

CSCeb01400

Symptoms: At least 30 percent of the CPU of a Performance Routing Engine 1 (PRE-1) may be utilized to process flows, causing the number of packets that are processed per second to be much lower than you would expect.

Conditions: This symptom is observed on a Cisco 10000 series when NetFlow and NetFlow export are enabled and when there is a large number of flows (more than 10,000).

Workaround: Disable NetFlow.

Alternate Workaround: Reduce the number of entries in the NetFlow cache of the Route Processor (RP) by entering the ip flow-cache entries 1024 global configuration command. Doing so reduces the load of the CPU of the PRE-1. Note that the primary cache is located on the Parallel Express Forwarding (PXF) processor and supports a fixed number of 512 entries.

CSCeb06981

Symptoms: The traceroute privileged EXEC command may not work for the IP address of a generic routing encapsulation (GRE) tunnel in a Multiprotocol Label Switching (MPLS) network, and the router at the receiving end may generate traceback error messages.

Conditions: This symptom is observed in an MPLS network when you configure a generic routing encapsulation (GRE) tunnel between a Cisco 10000 series that is configured as a provider edge (PE) router and another PE router.

Workaround: To determine a path in the MPLS network, shut down the GRE tunnel and enter the traceroute privileged EXEC command for the IP address of the physical link.

Alternate Workaround: Reload the microcode onto the Parallel Express Forwarding (PXF) by entering the microcode reload pxf privileged EXEC command.

CSCeb28065

Symptoms: A Cisco router that is configured for IP over Multiprotocol Label Switching (MPLS) may reload.

Conditions: This symptom is observed when Label Distribution Protocol (LDP) peers of the Cisco router advertise a large number of IP addresses because interfaces flap or are configured.

Workaround: There is no workaround.

CSCeb58067

Symptoms: In a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) network, when primary traffic engineering (TE) tunnels are configured between provider edge (PE) routers, and these primary TE tunnels are configured for Fast Reroute (FRR) link protection, a 50-ms convergence time may not be achieved in the core of the network, even when very small VPN routing and forwarding (VRF) prefix tables are configured.

Conditions: This symptom is observed when the PE headend router is the point of local repair (PLR). The PE headend router is the router that performs VPN label imposition, that functions as the primary TE tunnel headend, and that functions as the uplink to a provider (P) router.

Workaround: There is no workaround. Note that FRR link protection functions correctly for IP version 4 (IPv4) traffic and for Any Transport over MPLS (AToM) traffic. Also, note that FRR link protection functions correctly for VPN traffic on PLRs other than the PE headend that is mentioned in the conditions, such as a P router that functions as a link to another P router, and a P router that functions as a downlink to a PE router.

CSCeb58214

Symptoms: An IP packet with multiple fragments sent through a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(23)S, 12.0(24)S, 12.0(25)S, or 12.0(26)S may drop small fragments of the packet when MPLS Label disposition takes place, which exposes the underlying IP packet.

Conditions: The egress line card must be an Engine 4+ variant for this to occur, and the fragment must have the MF bit set with an IP payload of 8, 16 or 24 bytes.

Workaround: Configure an explicit null label for the prefix, which creates a TAG to TAG switching path instead of a TAG to IP path.

CSCeb77582

Symptoms: A 1-port OC-12 ATM line card may reset after the Forwarding Information Base (FIB) is disabled because of interprocess communications (IPC) failures, as is shown by the following error messages:

%GRP-3-BAD_STATE: Slot:6 State:Launching Fabric Downloader -Traceback= 18BA90 3BC3E4 2C7E34 2C891C 2C8BEC

%GRP-3-BAD_STATE: Slot:6 State:Launching Fabric Downloader -Traceback= 18BA90 3BC3E4 2C7E34 2C891C 2C8BEC

%FIB-3-FIBDISABLE: Fatal error, slot 6: IPC Failure: timeout %GRP-4-RSTSLOT: Resetting the card in the slot: 6,Event: EV_AUTO_LC_RELOAD_ON_FIBDISABLE

%GRP-3-BAD_STATE: Slot:6 State:In Reset -Traceback= 18BA90 3BC3E4 305DA4 3067C4 306850 306FA8 3070C0

Conditions: This symptom is observed on a Cisco 12416 that runs the c12kprp-p-mz image of Cisco IOS Release 12.0(23)S3 and that is configured with the following line cards:

- One 1-port OC-12 ATM line card

- Two 4-port OC-3 Packet-over-SONET (POS) line cards

- Two 4-port OC-12 POS line cards

- Two 4-port OC-48 POS line cards

- Two 3-port Gigabit Ethernet line cards

Workaround: There is no workaround.

CSCeb81538

Symptoms: An Engine 4 line card may reload when an Engine 2 line card sends a corrupt Multiprotocol Label Switching (MPLS) packet.

Conditions: This symptom is observed on a Cisco 12000 series that is configured for MPLS.

Workaround: There is no workaround.

CSCeb85985

Symptoms: Simple Network Management Protocol (SNMP) values that are retrieved by the snmpget command may be inconsistent compared to the SNMP values that are shown on an interface.

Conditions: This symptom is observed on a Cisco 12000 series that runs in a Multiprotocol Label Switching (MPLS) environment when you use SNMP to retrieve various counter values from a Packet-over-SONET (POS) interface.

Workaround: There is no workaround.

CSCeb86270

Symptoms: In Cisco IOS software that is running Multiprotocol Label Switching (MPLS), the Label Distribution Protocol (LDP) peer address table may become corrupted and cause the router to reload.

Conditions: This symptom may be observed in situations where three or more routers have advertised the same IP address in LDP address messages. This normally happens when routers have been misconfigured but in very rare circumstances may be done deliberately.

The circumstance can be recognized by the presence of the following error message:

%TAGCON-3-DUP_ADDR_RCVD: Duplicate Address 10.0.0.1 advertised by peer 10.2.2.2:0 is already bound to 10.1.1.1:0

If only one such message is seen for a given IP address—10.0.0.1 in the above example—then only two routers have advertised the IP address, and only the second is being treated as a duplicate. At least one more such message should be seen if at least three routers have advertised the IP address in question.

Workaround: The problem does not happen in typical configurations because duplicate addresses are not configured. If such a configuration is accidentally done, the failure may be avoided if the configuration is corrected before the LDP session to any of the involved peers goes down. If the configuration is deliberate, there is no workaround.

CSCec00523

Symptoms: Under certain conditions, for example Stateful Switchover (SSO) or entering the clear cef linecard EXEC command, the Engine 3 line cards in a router reload with error messages related to ALPHA errors in the table look-up (TLU) stage. The following strings in the error message will be seen:

"%EE48-3-ALPHAPAIR: RX ALPHA: TLU PAIR registers"

Conditions: This symptom occurs only when there are loadbalance paths for Multiprotocol Label Switching (MPLS) traffic, and some route changes occur.

Workaround: Ensure that there are no loadbalance paths.

CSCec09193

Symptoms: When a subinterface is configured with a subinterface number value larger than 65535, the protocol enabled on this subinterface may not be in the proper state for correct operation after the switchover.

Conditions: These symptoms have been observed on Cisco platforms with redundant Route Processors operating in stateful switchover (SSO) redundancy mode.

Workaround: Limit the subinterface number value to an integer less than 65535 while configuring subinterfaces.

CSCec12991

Symptoms: The Sampled NetFlow (SNF) cache is empty on a 3-port Gigabit Ethernet (GE) interface card.

Conditions: This symptom is observed on a GE interface card when Multiprotocol Label Switching (MPLS) is configured on one port and SNF is on another port of the GE card.

Workaround: If MPLS is not configured, SNF functions correctly.

CSCec13559

Symptoms: On Packet-over-SONET (POS) Engine 2 line cards for a Cisco 12000 series router, IP2TAG traffic does not get rate limited by Per Interface Rate Control (PIRC).

Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S5.

Workaround: There is no workaround.

CSCec14259

Symptoms: Quality of service (QoS) multicast packets are not correctly marked on input.

Conditions: This symptom is observed on a Cisco router when ingress QoS multicast packets are classified. The precedence or Differentiated Services Code Point (DSCP) bit is ignored and misclassified.

Workaround: There is no workaround.

CSCec16725

Symptoms: Ethernet over Multiprotocol Label Switching (EoMPLS) disposition fails for egress Packet-over-SONET (POS) Engine 4 plus (E4+) line card. Tag bytes increment as traffic comes in, but nothing is sent out the egress 3-port Gigabit Ethernet (GE) interface.

Conditions: This symptom is observed on a Cisco 12416 router that is running Cisco IOS Release 12.0(22)S5.

Workaround: Use a different card or router for the EoMPLS disposition but do not use the E4+ line card.

CSCec17262

Symptoms: In a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) network, if a Cisco 10720 router receives an MPLS packet with an IP version 4 (IPv4) option underneath it, the MPLS packet has two or more labels, and the router attempts to untag all labels, the Parallel Express Forwarding (PXF) processor may reload.

When this symptom occurs in the MPLS VPN network, egress provider edge (PE) routers may reload. The packets that cause the routers to reload are Internet Control Message Protocol (ICMP) echo and echo reply packets with record route options. Other types of IPv4 options may also cause the routers to reload.

Conditions: The symptom is observed on a Cisco 10720 that functions as an MPLS VPN PE router. The symptom does not occur in a basic MPLS network without VPN, where there is only one label.

Workaround: There is no workaround.

CSCec18944

Symptoms: When the ROM of an active Performance Route Processor (PRP) is upgraded, the PRP may pause indefinitely. When the ROM of the standby PRP is upgraded, the upgrade may cause an exception and the standby PRP may reload.

Conditions: These symptoms have been observed when ROM upgrades are performed, and the up all all or up rom slot-number commands are configured on the active and standby PRPs.

Workaround: There is no workaround.

CSCec20473

Symptoms: A 3-port Gigabit Ethernet (GE) line card may stop transmitting traffic.

Conditions: This symptom is observed on a Cisco 12000 series that is configured as a Multiprotocol Label Switching (MPLS) provider edge (PE) router that is running Cisco IOS Release 12.0(25)S1.

Workaround: Use the hw-module slot x reload privileged EXEC command.

CSCec30795

Symptoms: If traffic passes on multiple ports of an 8-port Fast Ethernet (FE) card and the shutdown interface configuration command is entered on one of the traffic-flowing ports, all the other ports stop passing traffic.

Conditions: This symptom is observed on a Cisco 10000 series with an 8-port Fast Ethernet (FE) card that is running a Performance Routing Engine 1 (PRE1) image of Cisco IOS Release 12.0(23)S4. There is no special configuration required to experience this symptom. Ports that pass traffic with a basic default configuration will experience the symptom.

Workaround: Enter the no shutdown interface configuration command to free the other ports. Do not shut down any port on an 8-port Half Height (HH) FE line card until a fix is available.

CSCec31790

Symptoms: The following error may cause a Cisco 10000 series to reload:

%ERR-1-GT64120 (PCI-0): Fatal error, Memory parity error (external)

Conditions: This symptom is observed on a Cisco 10000 series when a single bit Error-Correcting Code (ECC) error is detected in the Synchronous Dynamic RAM (SDRAM).

Workaround: There is no workaround.

CSCec37164

Symptoms: The following symptoms occur with a traceroute from a remote Customer Edge (CE) router to a local CE router with TTL set to expire at the Provider Edge (PE) router attached to the local CE.

-If the IP packet length of the traceroute is equal to or less than 72 bytes, the Provider Edge (PE) router replies with an ICMP TTL expired message with the VPN interface address.

-If the IP packet length of the traceroute is equal to or more than 73 bytes, the PE replies with an ICMP TTL expired message with the MPLS core interface address.

Condition: These symptoms have been observed in an MPLS VPN environment, with a Cisco 12000 series Internet router running Cisco IOS Release 12.0(23)S4 used as the PE and a 3-Port Gigabit line card used as the MPLS and VPN interface.

Workaround: There is no workaround.

CSCec37416

Symptoms: An IP Services Engine (ISE) line card on a Cisco 12000 series Internet router running Cisco IOS Release 12.0(25)S1 or 12.0(24)S2 shows the following log messages that can lead to the line card being reset:

SLOT 4:Sep 20 22:59:46: %EE48-3-ALPHAERRSS: RX ALPHA: ALPHA_CPU_IF100_INT error 1400 control FFFF03FF

SLOT 4:Sep 20 22:59:46: %EE48-3-ALPHAERR: RX ALPHA: error: cpu int 1 mask 277FFFFF ...

SLOT 4:Sep 21 07:16:20: %LC-3-ERRRECOVER: Corrected a transient error on line card. ...

SLOT 4:Sep 21 07:16:40:: %EE48-3-ALPHAFLOW: rx alpha netflow: Out of order add-delete reports

Conditions: These symptoms are observed only under a load when full (non-sampled) aggregated Netflow (ip route-cache flow) is configured on an ISE line card interface.

This problem is not seen with Cisco IOS Release 12.0(25)S, 12.0(25)S2, 12.0(24)S1,and 12.0(26)S. It has been observed with Cisco IOS Release 12.0(25)S1 and 12.0(24)S2.

Workaround: There is no workaround, except to remove full aggregated Netflow.

CSCec38222

Symptoms: The OC192E/POS-VSR line card is reloaded with watchdog timeout (sig=23) by process = IPC Seat Manager on a Cisco 12416 router that is running Cisco IOS Release 12.0(23)S3. The log message displays the following:

SLOT 10:Sep 22 20:08:21.291: %MBUS_SYS-3-ENQUEUE: Failed to queue message from slot 6 stream 3

SLOT 10:Sep 22 20:09:22.287: %MBUS_SYS-3-ENQUEUE: Failed to queue message from slot 6 stream 3

SLOT 10:Sep 22 20:09:44.727: %SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = IPC Seat Manager.

-Traceback= 400EBCB4 400EF7F0 400E7534 405B620C 405B6438 40597C64 40558AD0 40559248 4011C728 405676F8 400C2874 400C286

Conditions: This symptom occurs because the watchdog timeout (sig=23) by process = IPC Seat Manager in OC192E/POS-VSR line card.

SLOT 10:Sep 22 20:09:44.727: %SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = IPC Seat Manager.

Workaround: There is no workaround. When this symptom occurs, the line card is automatically reloaded.

CSCec42012

Symptoms: A Cisco 12008 router displays the following error message:

"%FABRIC-0-INIT"

at boot up. Switch fabric card (SFC) incorrectly recognizes a "Primary Clock" as *CSC_0*.

Conditions: This symptom is observed on Cisco 12008 routers that are running Cisco IOS Release 12.0(21)ST5 or later releases.

Workaround: There is no workaround.

CSCec42163

Symptoms: While running Cisco IOS Release 12.0(22)S3, a Cisco 10720 router may reload with the following logs displayed:

%TOASTER-2-FAULT: T0 HW Exception: CPU[t0r3c3] NULLRD at 0x0C94 LR 0x0818 %TOASTER-2-FAULT: T0 Exception summary: CPU[t0r3c3] Stat=0x00000006 HW=0x00000800 LB=0x00000000 SW=0x00000000

Conditions: This symptom occurs only after adding a new subinterface to the router, and traffic starts passing on it.

Workaround: There is no workaround.

CSCec48925

Symptoms: When running in non-redundant PRE mode, after a crash, the line cards do not get reset. In rare cases, after Cisco IOS software reloads, there may be a mismatch between the Cisco IOS software and the line card so that the line card does not pass traffic.

Conditions: These symptoms have been observed after Cisco IOS is restarted after a crash when running in non-redundant PRE mode. Anything that goes through the formal reload path (with a single PRE1 in the system) will properly reset the line cards on the way down. This fix resets the cards on the way up as well in case they weren't reset on the way down.

Workaround: There is no workaround. However, after a Cisco IOS software crash, if a line card is not passing traffic, resetting the line card might fix the issue. A reload of the chassis will definitely fix the issue.

CSCec50935

Symptom: An Engine 2 line card crashes.

Condition: This symptom is observed when Traffic Engineering (TE) tunnels are configured.

Workaround: There is no workaround

CSCec59882

Symptoms: A Reverse Path Forwarding (RPF) check should be disabled for bootp packets with the source IP address 0.0.0.0 and the destination IP address 255.255.255.255. However, PXF currently disables RPF checks for all packets with the source IP address 0.0.0.0.

Conditions: These symptoms have been observed on Cisco IOS Release 12.0(22)S and later.

Workaround: There is no workaround.

Wide-Area Networking

CSCdx72556

Symptoms: Link Control Protocol (LCP) negotiations may fail, and a "failed to negotiate with peer" message may be displayed.

Conditions: This symptom is observed on a Cisco universal access server if the peer sends more than five Configure-Negative acknowledgments (CONFNAKs) or Configure-Rejects (CONFREJs) on the link for the current or previous LCP negotiation.

Workaround: Configure the ppp max-failure 10 command on the link to allow the remote peer to exhaust the Negative acknowledgment (NAK) or Reject acknowledgment (REJ) count and resume negotiations before the Cisco universal access server drops the link.

CSCec13050

Symptoms: A router may reload when doing a show running-config command after creating a channelized group interface.

Conditions: This symptom may be observed if channelized interfaces had previously been created, configured with Frame Relay encapsulation and subsequently deleted without removing the encapsulation first.

Workaround: Remove the Frame Relay encapsulation before deleting the channel group interface.

Resolved Caveats—Cisco IOS Release 12.0(23)S4

Cisco IOS Release 12.0(23)S4 is a rebuild release for Cisco IOS Release 12.0(23)S. The caveats in this section are resolved in Cisco IOS Release 12.0(23)S4 but may be open in previous Cisco IOS releases.

Basic System Services

CSCdv46906

Symptoms: A router may send linkUp traps with the loclfReason attribute set as "Down" and linkDown traps with the loclfReason attribute set as "Up."

Conditions: This symptom is observed on a Cisco router.

Workaround: Query the link status using the command-line interface (CLI) or Simple Network Management Protocol (SNMP).

CSCdz60890

Symptoms: The ifIndex may not synchronize when you use third-party vendor software with Cisco IOS software and a standby router comes up after a Stateful Switchover (SSO) has occurred.

Conditions: This symptom is observed on a Cisco 12416 that is running Cisco IOS Release 12.0(24)S and that has line cards that are configured with about 2000 Gigabit Ethernet (GE) subinterfaces.

Workaround: Reduce the number of GE subinterfaces. (For example, with only 10 GE subinterfaces, the symptom does not occur.)

CSCdz87017

Symptoms: Information about a port adapter (PA) may be missing from the output of a show diag command.

Conditions: This symptom is observed on a controller with a memory size of 128 MB DRAM and 8192 KB SRAM. The controller displays the following information:

PA Bay 0 Information: Fast-Ethernet PA, 1 ports, 100BaseTX-ISL EEPROM format version 0 HW rev 0.00, Board revision UNKNOWN Serial number: 00000000 Part number: 00-0000-00

PA Bay 1 Information: Fast-Ethernet PA, 1 ports, 100BaseTX-ISL EEPROM format version 1 HW rev 1.00, Board revision A0 Serial number: 08534388 Part number: 73-1688-04

Workaround: There is no workaround.

CSCeb11253

Symptoms: A Cisco router may reload because of a watchdog timeout condition when you poll the ciscoEnvMonTemperatureStatusValue MIB variable.

Conditions: This symptom is observed when the MIB variable has an index that is larger than 6. Indexes 0 to 6 are valid indexes; indexes that are larger than 6 are not valid indexes.

Workaround: There is no workaround.

CSCuk38757

Symptoms: The cardIfTable table is not correctly populated for channelized interfaces. All of the entries return a value of "-1".

Conditions: This symptom is observed on a Cisco 7500 series that is running Cisco IOS Release 12.0(22)S.

Workaround: There is no workaround.

EXEC and Configuration Parser

CSCeb29079

Symptoms: When any command that triggers the nonvolatile generation (NVGEN) process is executed through a new vty session, certain interface configuration commands that support the Best Effort Method, such as the ip vrf interface configuration command, the ntp disable interface configuration command, and the service-policy output interface configuration command, may not properly synchronize with a standby Route Processor (RP) or Performance Routing Engine (PRE) because of a failure in the post NVGEN process.

For example, when you enter the ip vrf interface configuration command while the show running-config privileged EXEC command is being executed in a Telnet session, the configuration of the ip vrf interface configuration command may not properly synchronize with the standby RP or PRE, and a "Post NVGEN failure" message may be generated.

Conditions: This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(23)S2 or a later release.

Workaround: Do not enter commands that trigger the NVGEN process while you configure commands that support the Best Effort Method.

IP Routing Protocols

CSCdy13646

Symptoms: A Cisco 12416 router may reload because of a watchdog timeout in the Border Gateway Protocol (BGP) I/O process.

Conditions: This symptom is observed when a Cisco 12416 router that is configured with 575 BGP peers and three 1-port OC-12 ATM line cards, each of which is configured with 500 ATM permanent virtual connection (PVC) subinterfaces, is booted with Cisco IOS Release 12.0(22)S.

Workaround: There is no workaround.

CSCdz14924

Symptoms: When the customer edge (CE) peer of a provider edge (PE) router has the neighbor default-originate router configuration command enabled, which enables the PE router to send the default route to the CE, the default route may be sent with the wrong mask (255). When this situation occurs, the CE router sends a notification that states that an illegal network entry has occurred and flaps the session.

Conditions: This symptom is observed on a Cisco 7200 series router that functions as a PE router but may also occur on another platform that functions as a PE router.

Workaround: There is no workaround.

CSCdz70283

Symptoms: A router may reload when a Virtual Private Network (VPN) neighbor is deleted.

Conditions: This symptom is observed on a Cisco router that has a VPN neighbor.

Workaround: There is no workaround.

CSCea01405

Symptoms: A customer edge (CE) router may reject next-hop routes to a provider edge (PE) router.

Conditions: This symptom is observed when the PE router does not advertise itself as the next hop to the CE router that is configured for external Border Gateway Protocol (eBGP).

Workaround: Configure the PE router as the BGP next hop for the CE router by entering the neighbor ip-address next-hop-self router configuration command on the PE router.

CSCea52921

Symptoms: A router may inadvertently remove link-state advertisements (LSAs) from the retransmission list and prevent the Open Shortest Path First (OSPF) neighbor from receiving the latest version of the LSA. This behavior may cause some prefixes to be unreachable.

Conditions: This behavior may occur when the LSA is not received by the neighboring router and the LSA must be retransmitted. While the LSA is waiting in the neighbor retransmission queue, certain events may cause a regeneration of the same LSA. If there is no change in the LSA, the router may mistakenly remove the LSA from the retransmission queues of all neighbors.

Workaround: This symptom normally stops occurring after the LSA is refreshed. If this symptom continues to occur, unconfigure and reconfigure the network global configuration command.

CSCea60188

Symptoms: A Border Gateway Protocol (BGP) next-hop router may not redistribute Virtual Private Network (VPN) routes.

Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.0 S or Release 12.2 S.

Workaround: There is no workaround.

CSCeb57086

Symptoms: A Cisco 10000 series that is configured with two Performance Routing Engine 1 (PRE-1) processors may stop functioning as a redundant system.

Conditions: This symptom is observed when you enter the bgp upgrade-cli router configuration command.

Workaround: Reload the standby PRE-1.

CSCin51310

Symptoms: You may not be able to configure the ip vrf receive interface configuration command.

Conditions: This symptom is observed when the interface on which you attempt to configure the ip vrf receive interface configuration command does not have an IP address configured.

Workaround: First configure an IP address on the interface, then enter the ip vrf receive interface configuration command on the interface.

Miscellaneous

CSCdy32809

Symptoms: Engine 4 plus (E4+) line cards may not fragment outgoing pings properly, causing pings of packets with a size that is larger than the maximum transmission unit (MTU) to fail.

Conditions: This symptom is observed on E4+ line cards (4-port OC-48 and 1- port OC-192 line cards) that are installed in a Cisco 12000 series.

Workaround: For pings, use packets with a size that is smaller than the MTU.

CSCdy41594

Symptoms: On a Cisco 10000 series edge services router (ESR) that has a Channelized OC-12 line card and is configured for Synchronous Digital Hierarchy (SDH) framing, the controllers and interfaces will not come up if you configure an "AU-4-TUG-3" other than number 1.

Conditions: These symptoms have been observed only when "AU-4-TUG-3" number 1 has not been configured. Once the number 1 controller has been configured, all other controllers function properly.

Workaround: Configure the number 1 "AU-4-TUG-3" controller before configuring any others. The controller needs to remain configured for the other controllers to work, even if it is not used.

CSCdz30278

Symptoms: A secondary Route Processor (RP) may reload.

Conditions: This symptom is observed on a Cisco router that is configured for Stateful Switchover (SSO) when a static route in the format "ip route 10.10.10.10 255.255.255.255 ethernet4/0/1" is configured on the primary RP.

Workaround: There is no workaround.

CSCdz42789

Symptoms: When you configure a Virtual Private Network (VPN) on a router that is configured with dual Route Processors (RPs), a VPN routing/forwarding (VRF) table ID that is associated with a particular VRF instance may have different values in the active RP and the standby RP. This situation causes failures in the processing of Cisco Express Forwarding (CEF) interprocess communication (IPC) messages on the standby RP for CEF IPC messages that contain an inconsistent VRF table ID, and CEF may be disabled.

Inconsistent VRF table IDs may also cause a memory loss on the standby RP, and when a switchover occurs from the active RP to the standby RP, more difficulties may occur.

Conditions: These symptoms are observed on router that is configured for Stateful Switchover (SSO) when VRF instances are deleted.

Workaround: There is no workaround; however, these actions minimize the occurrence of the symptoms:

Ensure that no VRF instances are deleted.

If VRF instances are deleted, wait for few minutes for the deletion to be completed on the active RP before you configure new VRF instances. The output of the show ip vrf EXEC command displays the deleted VRF instances (a "*" in front of a VRF instance indicates that the VRF instance is being deleted).

If you install a new RP and VRF instances have been deleted from the configuration of the active RP, reload the router.

CSCdz48366

Symptoms: The configuration of commands may cause additional memory to be held by an execute process.

Conditions: This symptom is observed when commands are configured on a Cisco router.

Workaround: If the execute process belongs to a terminal session or a console session, terminate the execute session by entering the exit command.

CSCdz69177

Symptoms: A spurious memory access may occur on the Versatile Interface Processor (VIP) of a Cisco 7500 series, even though the VIP does not reload.

Conditions: This symptom is observed when Multiprotocol Label Switching (MPLS) forwarding is enabled.

Workaround: There is no workaround.

CSCdz81721

Symptoms: If the no shutdown interface configuration command is entered on interfaces that are already in the "up" state, the interfaces enter the "down" state.

Conditions: This symptom is observed on the interfaces of a 16-port OC-3 Packet over SONET (POS) line card that is installed on a Cisco 12000 series.

Workaround: Reload the router to bring up the interfaces.

CSCea29102

This caveat consists of two symptoms, two conditions, and two workarounds:

1. Symptoms: A Route Processor (RP) may reload when you enter the clear ip bgp * privileged EXEC command while interfaces flap continuously.

Conditions: This symptom is observed when Virtual Private Network (VPN) routing/forwarding (VRF) forwarding is configured on the interfaces that flap.

Workaround: There is no workaround.

2. Symptoms: An RP may reload when you simultaneously enter the clear ip bgp * privileged EXEC command and perform an online insertion and removal (OIR) by entering the hw-reload reset EXEC command.

Conditions: This symptom is observed when you perform an OIR of an interface that has a VRF configuration in which the connected route is learned via a network statement. The connected route is removed when you perform the OIR.

Workaround: Do not simultaneously enter the clear ip bgp * privileged EXEC command and perform an OIR.

CSCea34003

Symptoms: A 4-port OC-48 Packet-over-SONET (POS) Engine 4 plus (E4+) line card may stop forwarding traffic after you reload microcode onto the line card.

Conditions: This symptom is observed on a Cisco 12000 series that is running the gsr-p-mz image of Cisco IOS Release 12.0(22)S, Release 12.0(23)S, Release 12.0(24)S, or Release 12.0(25)S and that is functioning as a provider edge (PE) router in a Carrier Supporting Carrier configuration when the 4-port OC- 48 POS E4+ line card interconnects the Cisco 12000 series and a customer edge (CE) router.

Workaround: Enter the clear ip bgp privileged EXEC command on the Cisco 12000 series.

CSCea42298

Symptoms: The E3 controller of a 1-port multichannel E3 port adapter (PA-MC-E3) card is missing from the IF-MIB and DS3-MIB MIBs.

Conditions: This symptom is observed when you run the IF-MIB MIB or DS3-MIB MIB for a PA-MC-E3. The symptom occurs in all Cisco IOS releases.

Workaround: There is no workaround.

CSCea42620

Symptoms: A Tag Forwarding Information Base (TFIB) Virtual Private Network version 4 (VPNv4) entry on an Autonomous System Boundary Router (ASBR) for a prefix may not be reinstalled, causing traffic for this prefix to continue to flow to a provider edge (PE) router via the previous best path.

Conditions: This symptom is observed in a Multiprotocol Label Switching (MPLS) VPN interautonomous system environment in which ASBRs are performing VPNv4 exchanges and in which a Border Gateway Protocol (BGP) session is active.

The ASBR on which the TFIB VPNv4 entry is not installed should receive a prefix from a Route Reflector (RR) that selects the best of two available paths between the RR and two PE routers. Both PE routers should allocate the same label for the prefix. The PE router to which the best path leads should withdraw the prefix.

Workaround: Clear the BGP session on the ASBR that is connected to the RR.

Alternate Workaround: Withdraw the prefix from the ASBR and readvertise the prefix by clearing the prefix on the PE router that advertises the prefix.

CSCea48741

Symptoms: After a single transmit buffer management (TBM) error occurs on an 8- port OC-3 ATM line card, the line card may stop forwarding inbound and outbound traffic.

Conditions: This symptom is observed on a Cisco 12000 series.

Workaround: There is no workaround.

CSCea56694

Symptoms: A Cisco 10000 series may reload because of a bus error exception.

Conditions: This symptom is observed if a label value of 500 or greater is entered in the label-value argument of the show hardware pxf cpu mpls labels label-value privileged EXEC command such as in the following examples:

Router# show hardware pxf cpu mpls labels 500

or

Router# show hardware pxf cpu mpls labels 2-500

The Cisco 10000 series does not reload if a label value of less than 500 is entered in the label-value argument of the show hardware pxf cpu mpls labels label-value privileged EXEC command such as in the following examples:

Router# show hardware pxf cpu mpls labels 499

or

Router# show hardware pxf cpu mpls labels 2-499

Workaround: There is no workaround.

CSCea60559

Symptoms: The Simple Network Management Protocol (SNMP) agent may use 99 percent of the CPU bandwidth of a Route Processor (RP) for an arbitrarily long time (hours or days), without necessarily generating CPUHOG errors. This situation causes other processes on the router to fail because these processes do not receive the CPU bandwidth that they require:

Routes may time out.

Tunnels may go down.

Accessing the router via a Telnet connection to a network port may become impossible.

The command-line interface (CLI) via the console line may become quite slow to respond.

The output of the show snmp summary EXEC command may indicate that the number of requests is "N" while the number of replies that were sent is "N-1." The output of the show processes cpu | include SN EXEC command may indicate that the SNMP process uses 99 percent of the CPU bandwidth of the RP.

Conditions: These symptoms are observed when the MPLS-LSR-MIB MIB is enabled, you query the mplsXCTable or a MIB walk occurs, and there are more than 10,000 Multiprotocol Label Switching (MPLS) labels active. The symptoms are platform independent.

Workaround: Perform the following steps:

1. Shut down interfaces to bring the total count of active MPLS labels down to far below 10,000.

2. Disable the MPLS-LSR-MIB MIB by entering the following sequence of commands:

snmp-server view nolsrmib mplsLsrMIB exclude

snmp-server community public view nolsrmib ro

snmp-server view nolsrmib iso include

3. Enter the no shutdown interface configuration command on all the interfaces that you shut down in Step 1.

CSCea80474

Symptoms: On a Cisco router that runs IP over Multiprotocol Label Switching (MPLS), the Route Processor (RP) on which Label Distribution Protocol (LDP) is configured may attempt to access freed memory, causing the router to reload.

Conditions: This symptom is observed in rare situations on a Cisco router when an interface with hundreds of associated IP addresses is administratively disabled.

Workaround: There is no workaround.

CSCea85463

Symptoms: When NetFlow data is processed at interrupt-level, the CPU utilization of a route processor (RP) may become high.

Conditions: This symptom is observed on a Cisco 10000 series when NetFlow is configured and many small data flows are processed on the router.

Workaround: There is no workaround.

CSCea87403

Symptoms: Any Transport over MPLS (AToM) traffic may be dropped at the disposition line card.

Conditions: This symptom is observed on a Cisco 12000 series when the Any Transport over MPLS (AToM): ATM Cell Relay over MPLS feature is enabled on an 8-port OC-3 ATM line card and the disposition line card is an Engine 3 line card, such as a 4-port OC-12 Packet-over-SONET (POS) line card or a 1-port OC-48 POS line card.

Workaround: There is no workaround.

CSCea91756

Symptoms: On a Cisco platform, free memory may decrease gradually during normal system operation. When network instability occurs, free memory may decrease in the order of tens of MBs over a short period of time.

The output of the show processes memory EXEC command indicates that the Border Gateway Protocol (BGP) router process holds an amount of memory that is increasing as the free memory is decreasing.

Conditions: This symptom is observed on a Cisco platform that is running Cisco IOS Release 12.0(23)S1 or a later release and that has the ip default-network network-number global configuration command enabled.

Workaround: Disable the ip default-network network-number global configuration command to stop the free memory from decreasing. However, to free up the held memory, reload the platform.

CSCeb01485

Symptoms: Interfaces on one Engine 4 (E4) 3-port Gigabit Ethernet (GE) port adapter (EPA-3GE-SX/LH-LC) may use the same interface description blocks (IDBs) as interfaces of an adjacent E4 3-port GE port adapter that is installed on the same GE modular baseboard (EPA-GE/FE-BBRD). This situation may cause forwarding difficulties and Cisco Express Forwarding (CEF) inconsistencies on other line cards that are installed in the same router. You can verify the symptoms in the output of the show cef interface EXEC command.

Conditions: This symptom is observed on a Cisco 12000 series that is configured with more than one GE modular baseboard when several E4 3-port GE port adapters are installed on a single GE modular baseboard.

Workaround: Reload the router.

CSCeb02623

Symptoms: A 3-port Gigabit Ethernet line card may stop processing traffic after the Gigabit Route Processor (GRP) has reloaded.

Conditions: This symptom is observed on a Cisco 12000 series when autonegotiation is enabled.

Workaround: Reload the microcode onto the line card.

CSCeb04441

Symptoms: When an ATM link flaps or a remote ATM platform reloads, a Fast Etherchannel may fail and Enhanced Interior Gateway Routing Protocol (EIGRP) neighbors that are connected via the Fast Etherchannel may be lost.

Conditions: This symptom is observed on a Cisco 7500 series that runs the rsp-pv-mz image of Cisco IOS Release 12.0(21)S5.

Workaround: There is no workaround.

CSCeb05628

Symptoms: The convergence time after a forced Stateful Switchover (SSO) may be longer than 10 seconds.

Conditions: This symptom is observed on a Cisco 10000 series that is configured for SSO.

Workaround: There is no workaround.

CSCeb06989

Symptoms: A value of 4,294,967,295 (hexadecimal 0xffffffff) may appear in the ifIndex field of the ifTable for the first channelized T3 controller (CT3) of a 6-port CT3 line card that is installed in a slot of a Cisco 10000 series. This situation causes the ifTable to lose its entries for all other CT3 (or T3 and DSX3) controllers, making them unavailable for Simple Network Management Protocol (SNMP) access.

In a situation in which some SNMP access tools treat the ifIndex values as signed integers, these SNMP access tools may interpret the ifIndex value of 4,294,967,295 as its signed value of -1. When a router walks tables that are indexed by an abnormal ifIndex value such as -1, loops may occur.

Conditions: This symptom is observed on a Cisco 10000 series that is configured for Route Processor Redundancy Plus (RPR+) when a switchover occurs. The symptom may also occur when a Stateful Switchover (SSO) occurs and the Cisco 10000 series software image that is loaded onto the secondary Route Processor (RP) is a newer version than the software image that is running on the primary RP, causing the router to default to RPR+ because of the mismatch between the two software images on the RPs.

At least one channelized interface must be defined on any CT3 controller in order for the symptom to occur.

You can reproduce the symptom in a simple configuration with two 6-port CT3 line cards in slots 6/0 and 7/0, when the only interface that is defined is a single T1 channel group, 6/0/3/1:0. Before an RPR+ switchover, the output of the snmpwalk command indicates the following controller indices:

interfaces.ifTable.ifEntry.ifIndex.3 = 3

interfaces.ifTable.ifEntry.ifIndex.4 = 4

interfaces.ifTable.ifEntry.ifIndex.5 = 5

interfaces.ifTable.ifEntry.ifIndex.6 = 6

interfaces.ifTable.ifEntry.ifIndex.7 = 7

interfaces.ifTable.ifEntry.ifIndex.8 = 8

interfaces.ifTable.ifEntry.ifIndex.9 = 9

interfaces.ifTable.ifEntry.ifIndex.10 = 10

interfaces.ifTable.ifEntry.ifIndex.11 = 11

interfaces.ifTable.ifEntry.ifIndex.12 = 12

interfaces.ifTable.ifEntry.ifIndex.13 = 13

interfaces.ifTable.ifEntry.ifIndex.14 = 14

The associated data objects are also shown:

interfaces.ifTable.ifEntry.ifDescr.3 = T3 6/0/0

interfaces.ifTable.ifEntry.ifDescr.4 = T3 6/0/1

interfaces.ifTable.ifEntry.ifDescr.5 = T3 6/0/2

interfaces.ifTable.ifEntry.ifDescr.6 = T3 6/0/3

interfaces.ifTable.ifEntry.ifDescr.7 = T3 6/0/4

interfaces.ifTable.ifEntry.ifDescr.8 = T3 6/0/5

interfaces.ifTable.ifEntry.ifDescr.9 = T3 7/0/0

interfaces.ifTable.ifEntry.ifDescr.10 = T3 7/0/1

interfaces.ifTable.ifEntry.ifDescr.11 = T3 7/0/2

interfaces.ifTable.ifEntry.ifDescr.12 = T3 7/0/3

interfaces.ifTable.ifEntry.ifDescr.13 = T3 7/0/4

interfaces.ifTable.ifEntry.ifDescr.14 = T3 7/0/5

After the RPR+ switchover, the index list for the CT3 controllers contains only the following entry:

interfaces.ifTable.ifEntry.ifIndex.4294967295 = -1

The associated data object is shown only for the controller that is assigned to this index (that is, the first controller on the line card on which an interface is assigned):

interfaces.ifTable.ifEntry.ifDescr.4294967295 = T3 6/0/0

Workaround: There is no workaround.

CSCeb10293

Symptoms: "IPC-3-APP_IPC_FAIL" error message may be printed when Active and Standby Route Processors (RPs) are running different Cisco IOS software versions.

Conditions: This symptom occurs when at least one of the Cisco IOS releases is Cisco IOS Release 12.0(23)S2 or an earlier release.

Workaround: Ensure that both images on Active and Standby RPs are running Cisco IOS Release 12.0(23)S3 or later releases.

CSCeb16876

Symptoms: A Cisco router may generate a "SYS-2-GETBUF" message during the "Tag Input" process and may subsequently reload unexpectedly.

Conditions: This symptom is observed when the router fragments a Multiprotocol Label Switching (MPLS) packet.

Workaround: There is no workaround.

CSCeb19690

Symptoms: Packets may drop from an Engine 2 (E2) line card on which an outbound access control list (ACL) is configured.

Conditions: This symptom is observed on a Cisco 12000 series when the access-list access-list-number deny protocol any any global configuration command is configured on the E2 line card and you have entered 0 for the protocol argument.

The symptom does not occur on an E2 line card on which an inbound ACL and the access-list access-list-number deny protocol any any global configuration command are configured and you have entered 0 for the protocol argument.

Workaround: There is no workaround.

CSCeb21103

Symptoms: Multiprotocol Label Switching (MPLS) labels may be imposed erroneously on multicast packets.

Conditions: This symptom is observed on a Cisco 10720 when multicast packets are transmitted via Packet-over-SONET interfaces that are configured for MPLS.

Workaround: There is no workaround.

CSCeb29070

Symptoms: When you enter the copy running-config startup-config EXEC command or any other command that affects the configuration, the copy process may not be successful or the configuration may not be saved, and a "File table overflow" error message may be generated. After this situation has occurred, any other file-operation attempts will fail too with a "File table overflow" error message.

Conditions: This symptom is observed on a Cisco router that is configured with dual Route Processors (RPs) and that runs Cisco IOS Release 12.0(23)S2 when you enter any command that affects the configuration while the show running-config EXEC command is being executed, which takes a relatively long time when the running configuration is large.

To clear the symptom, reload the router.

Workaround: Do not enter any command that affects the configuration while the show running-config EXEC command is being executed.

CSCeb35694

Symptoms: When a small packet (a layer-2 packet that is equal to or smaller than 52 bytes, including the layer-2 packet size, the layer-2 header, and the cyclic redundancy check [CRC]) enters a Cisco 10720 and is fed back, one buffer element of the 128-byte Parallel Express Forwarding (PXF) buffer pool is used but not released. This situation eventually causes the 128-byte buffer pool to be depleted entirely. Because most of the control packets such as the IP routing protocol packets are small packets and use the 128-byte buffer pool, most control plane functions stop working and routing-protocol adjacencies go down when the 128-byte buffer pool is depleted, and finally, the router stops forwarding traffic on all the interfaces.

Conditions: These symptoms are observed when a PXF feedback occurs, for example, when multicast traffic is configured, or when a policy map is configured to feed back packets.

Workaround: Avoid PXF feedback. For example, properly configure the policy map. If PXF feedback is inevitable, proactively monitor the 128-byte buffer pool via the output of the show hardware pxf cpu buffers privileged EXEC command:

Router# show hardware pxf cpu buffers

FP buffers

pool size # buffer available allocate failures low buffer drops

----------------------------------------------------------------------------

0 9344 1293 1293 0 0 1 1664 12930 12930 0 0 2 640 26746 26746 0 0 3 256 34072 34072 0 0 4 128 59934 49987 0 0 ^^^^^ Before the 128-byte buffer pool is depleted entirely, reset the 128-byte buffer pool. Reload the microcode onto the PXF by entering the microcode reload pxf privileged EXEC command. However, be careful, because by reloading microcode onto the PXF, you may cause routing- protocol adjacencies to be dropped and the PXF to stop forwarding traffic.

CSCeb43130

Symptoms: Packets may be dropped by a Cisco 12000 IP Services Engine (ISE) line card if they are locally generated or forwarded in the slow pass by the line card, and if they exit the router through an ATM Engine 0 line card (1-port OC-12 ATM or 4-port OC-3 ATM). For example, these packets may be locally generated by ISE line card NetFlow export packets, Internet Control Message Protocol (ICMP) echo replies, or ICMP unreachable messages that exit the router through an Engine 0 ATM line card.

Packets that match the conditions listed below may be dropped. If they are NetFlow export packets, they can be seen in the output of the show ip flow export command in the line "export packets were dropped due to output drops." If they are ICMP echo reply packets, pings will fail.

Conditions: The following three conditions exist simultaneously for the dropped packets:

The ingress line card is any ISE line card or the packets are locally generated by this line card.

The egress line card is any ATM Engine 0 line card (1-port OC-12 ATM or 4-port OC-3 ATM).

The packets are forwarded by the ingress line card CPU in the slow pass, not by the forwarding ASIC in the fast pass.

This caveat affects Cisco IOS Release12.0(21)S, Release 12.0(22)S, Release 12.0(23)S, and Release 12.0(24)S. It does not apply to Release 12.0(25)S and later releases.

Workaround: There is no workaround.

CSCeb43936

Symptoms: Line Remote Defect Indicators (LRDIs) may be transmitted on both the working line and the protect line after an automatic protection switching (APS) switchover has occurred.

Conditions: This symptom is observed when a 4-port OC-3 ATM line card is configured for APS and a Loss of Signal (LOS) occurs.

Workaround: There is no workaround.

CSCeb45912

Symptoms: Ports on an 8-port OC-3 ATM line card may fail to come up and may generate the following continuous SONET alarms:

%SONET-4-ALARM: ATM10/6: ~SLOF ~SLOS ~LAIS ~LRDI ~PAIS ~PRDI PLOP

Conditions: This symptom is observed on a Cisco 12000 series that runs Cisco IOS Release 12.0(23)S1.

Workaround: Reload the line card.

CSCeb50742

Symptoms: Layer 2 may forward an incorrect MAC address when a policed packet is rerouted to a next-hop address.

Conditions: This symptom is observed on a Cisco 12000 series that is configured with an Engine 4 plus line card when policy-based routing (PBR) is configured.

Workaround: There is no workaround.

CSCeb51428

Symptoms: A Cisco router may reload unexpectedly after you have modified an access control list (ACL) and have entered the clear pxf interface privileged EXEC command.

Conditions: This symptom is observed on a Cisco 10000 series.

Workaround: Do not enter the clear pxf interface privileged EXEC command.

CSCeb54951

Symptoms: A Performance Route Processor (PRP) on a Cisco 12000 series can reload with a SIGTRAP exception after receiving a 1612 bytes or longer frame on an Ethernet0 or Ethernet1 interface.

Conditions: This symptom is observed only on the PRP. The Gigabit Route Processor (GRP) is not affected.

Workaround: Isolate the PRP Ethernet ports to an isolated Ethernet segment.

CSCeb59097

Symptom: The interface index (ifIndex) values of the interfaces of a 4-port OC-48 Packet-over-SONET (POS) Engine 4 plus (E4+) line card may fail to be deregistered after an online insertion and removal (OIR) has been performed, and the following error messages may be generated:

%COPTMONMIB-3-ENTRYPRESENT: An entry is already present for the registering in terface with ifIndex 2

%COPTMONMIB-3-ENTRYPRESENT: An entry is already present for the registering in terface with ifIndex 3

%COPTMONMIB-3-ENTRYPRESENT: An entry is already present for the registering in terface with ifIndex 4

%COPTMONMIB-3-ENTRYPRESENT: An entry is already present for the registering in terface with ifIndex 5

Conditions: This symptom is observed on a Cisco 12410 that runs Cisco IOS Release 12.0(23)S3 and that is configured with the following line cards, neighbors, and peers:

One 1-port OC-48 POS Engine 2 line card.

One 4-port OC-48 POS E4+ line card that is configured for Multiprotocol Label Switching (MPLS) and that is using Label Distribution Protocol (LDP) on all but one of its ports.

Four Open Shortest Path First (OSPF) neighbors that advertise a total of 9000 label switched paths (LSPs).

Six Border Gateway Protocol (BGP) peers that advertise a total of 140,000 routes.

Workaround: There is no workaround.

CSCeb59165

Symptoms: A standby card may not be able to switch to the active state.

Conditions: This symptom is observed in a Redundancy Framework (RF) environment when ATM, High-Level Data Link Control (HDLC), or Frame Relay clients synchronize data during the "standby-bulk" state.

Workaround: There is no workaround.

CSCeb61694

Symptoms: A primary Performance Routing Engine 1 (PRE-1) may reload because of memory corruption.

Conditions: This symptom is observed on a Cisco 10000 series that is configured with redundant PREs when you enter the shutdown interface configuration command followed by the no shutdown interface configuration command on an interface of a 1-port Gigabit Ethernet line card.

Workaround: There is no workaround. Note that the symptom does not occur with a 1-port Gigabit Ethernet half-height line card.

CSCeb66997

Symptoms: A Cisco 10720 may reload.

Conditions: This symptom is observed under rare circumstances when a SONET bit error rate (BER) is reported.

Workaround: There is no workaround.

CSCeb67098

Symptoms: When a Weighted Random Early Detection (WRED) configuration is present and a policy map with WRED configuration is applied to any interface of a Cisco 10720 router, the Parallel Express Forwarding (PXF) Intelligent Protection Switching (IPS) buffer may leak. The "toaster IPC buffer" counter can be observed with the show buffer command.

When the buffer pool is empty, the following error message can be observed, attempts to Telnet into the router may fail, and the Cisco IOS software may reload:

%CAMR_QUEUE_CFG_GENERAL-3-EREVENT: Error @
../toaster/camr_rp/camr_tt_queue_cfg.c:463
-Traceback= 500DB204 500DB2BC 503954D8 503986EC 50330A58

%SYS-2-MALLOCFAIL: Memory allocation of 18196 bytes failed from
0x502C5BD0, alignment 32
Pool: I/O Free: 552 Cause: Not enough free memory
Alternate Pool: None Free: 0 Cause: No Alternate pool

-Process= "Pool Manager", ipl= 0, pid= 5
-Traceback= 50308EEC 5030A8E8 502C5BD8 5031DD3C 5031DE7C

Conditions: These symptoms occur only when a WRED configuration is present and a policy map with WRED configuration is applied to any interface of a Cisco 10720 router. The higher the rate at which the Route Processor (RP) sends packets to PXF, the faster the PXF IPC buffer leaks. The leaking is usually very slow, and it takes weeks to drain the buffer pool.

Workaround: Remove all policy maps that include the random-detect interface configuration command from all interfaces.

CSCeb68608

Symptoms: An Engine 2 line card that is configured with Virtual Private Network (VPN) routing/forwarding (VRF) instances and Sampled NetFlow (SNF) may reload.

Conditions: This symptom is observed on a Cisco 12000 series when you enter the no mpls ip global configuration command to remove Multiprotocol Label Switching (MPLS) from the configuration.

Workaround: Remove SNF from the configuration before you enter the no mpls ip global configuration command.

CSCeb68913

Symptoms: An Engine 4 line card may reload unexpectedly.

Conditions: This symptom is observed on a Cisco 12000 series when you enter the clear cef linecard EXEC command to clear Cisco Express Forwarding (CEF) from the line card.

Workaround: There is no workaround.

CSCeb70227

Symptoms: In a tag switching-to-IP switching scenario, the value of the precedence field of an IP header may change. This behavior is incorrect in Pipe mode.

Conditions: This symptom is observed on a Cisco 12000 series when the following conditions are present:

The router is part of an MPLS label-switched path (LSP).

The traffic through the LSP has its label removed from the packet (also referred to as "popping").

The traffic is received on an Enhanced Services (ES, also referred to as Engine 4 plus) line card.

Workaround: Deconfigure and reconfigure the tag switching-to-IP switching configuration and the MPLS traffic engineering (TE) tunnels on the interface of the ES line card.

CSCeb70527

Symptoms: Some policy-based routing (PBR) rules may cause a Route Processor (RP) to reload unexpectedly with a bus error. When a route map that causes the RP to reload is saved to the startup configuration, the router may not boot up.

Conditions: This symptom is observed on a Cisco 12000 series when the PBR rules are applied to the interfaces of an IP Services Engine (ISE) line card and occurs usually when the route map is modified after it has already been applied to the interfaces.

Workaround: Remove PBR from the interfaces of the ISE line card.

If you are unable to boot the router, enter a break signal on the console during the bootup procedure and configure the configuration register to ignore the startup configuration. To do so, follow the steps that are described in the Password Recovery Procedure for the Cisco 12000 Series Routers at the following location:

http://www.cisco.com/warp/public/474/pswdrec_12000.shtml

CSCeb70543

Symptoms: The command-line interface (CLI) may pause indefinitely after you perform a manual online insertion and removal (OIR) of the standby Performance Route Processor (PRP).

Conditions: This symptom is observed on a Cisco 12410 that runs the c12kprp-p-mz image of Cisco IOS Release 12.0(23)S3.

Workaround: Reload the active PRP.

CSCeb73758

Symptoms: When you configure a Cisco 10000 series, messages similar to the following ones may appear, and a VLAN may not be enabled:

%GENERAL-3-EREVENT: c10k_dot1q_vlan_enable: No tt_info

-Traceback= 60142770 60142A50 603AEC40 603AE06C 603ADCE0 6036EAD8 60193BA8 60380DD4 60B85BEC 60B861D4 603D6FAC 603D6F98

%GENERAL-3-EREVENT: get_injection_vcci: no info for VLAN ID 972

-Traceback= 600DF180 6009AF2C 6009B178 603A831C 604BB804 605013F0 605018A8 605014E0 602B8D84 602B94A4 604F2DC0 604F33F4 60504DB4 60504BA4 60504984 6052351C

%GENERAL-3-EREVENT: get_injection_vcci: no info for VLAN ID 972

-Traceback= 600DF180 6009AF2C 6009B178 603A831C 604BB804 605013F0 605018A8 60504E0 602B8D84 602B94A4 604F2DC0 604F33F4 60504DB4 60504BA4 60504984 6052351C

Conditions: This symptom is observed on a Cisco 10000 series when you change the encapsulation of a LAN subinterface to dot1q encapsulation while the subinterface is shut down.

When the symptom occurs, the output of the show hardware pxf cpu subblocks privileged EXEC command lists "noSB" for the affected subinterface, as is indicated in the following example:

Router# show hard pxf cpu sub | i GigabitEthernet4

GigabitEthernet4/0/0 up 12000 4 PXF 1 81C4A800 4

GigabitEthernet4/0/0.500 administ 12000 4 PXF 1 81C4A800 noSB

Workaround: Change the encapsulation of the subinterface to dot1q when the subinterface is not shut down. The state of the main interface is irrelevant. After you change the encapsulation, you can shut down the subinterface again.

When the subinterface is created while the main interface is shut down, the subinterface and the VLAN do not function properly. Perform the following steps to recover the VLAN:

1. Ensure that the subinterface is not shut down.

2. (Optional) Enter the no encapsulation dot1q native subinterface configuration command.

3. Remove the subinterface.

4. Recreate the subinterface.

5. Change the encapsulation back to dot1q.

CSCeb78329

Symptoms: After a Route Processor Redundancy Plus (RPR+) switchover occurs, the deletion of an existing permanent virtual circuit (PVC)/permanent virtual path (PVP) fails. This situation prevents you from recreating the same PVC/PVP. You can create a new PVC/PVP, but once you delete it, you cannot recreate it because the PVC remains in the active state.

Conditions: This symptom is observed on a Cisco 10000 series that runs Cisco IOS Release 12.0 S or Release 12.0 SX.

Workaround: There is no workaround. To enable the router to return to normal operation, reload the router.

CSCeb78610

Symptoms: The interface protocol may not come up for a 1-port OC-12 Packet-over-SONET (POS) line card when the encapsulation frame-relay interface configuration command is configured.

Conditions: This symptom is observed on a Cisco 10000 series when the 1-port OC-12 POS line card is connected back-to-back to another line card in another Cisco 10000 series.

Workaround: There is no workaround.

CSCeb82737

Symptoms: When you shut down the last port of an 8-port Fast Ethernet half-height line card (port 7), all the other ports on the line card may stop transmitting traffic.

Conditions: This symptom is observed on a Cisco 10000 series.

Workaround: Do not shut down port 7. If port 7 is shut down, enter the no shutdown interface configuration command on the interface to enable traffic to resume on the other interfaces.

CSCeb83784

Symptoms: The following error message may appear for a 3-port Gigabit Ethernet Engine 2 line card, and the line card may reset:

%LCGE-3-SOP_BAD_PACKET: Found corrupt pkts in tx-sop-sram.

Conditions: This symptom is observed on a Cisco 12000 series that runs Cisco IOS Release 12.0(23)S3.

Workaround: There is no workaround.

CSCeb86866

Symptoms: Traffic forwarding may not be fully restored when you remove a deny input access control list (ACL) from an interface of a 16-port OC-3 Packet-over-SONET (POS) IP Services Engine (ISE) line card.

Condition: This symptom is observed on a Cisco 12410 that is configured with a 16-port OC-3 POS ISE line card when unicast Reverse Path Forwarding (uRPF) is configured on the interface from which you remove the deny input ACL.

Workaround: There is no workaround. To restore traffic forwarding to its proper performance, reload the line card.

CSCec10557

Symptoms: When you configure unicast Reverse Path Forwarding (uRPF) on a 1-port OC-48 Packet-over-SONET (POS) Engine 2 line card while traffic is passing through the interface, traffic forwarding may stop.

Conditions: This symptom is observed on a Cisco 12416 that runs the gsr-p-mz image of Cisco IOS Release 12.0(23)S3, that is configured with three 1-port OC-48 POS Engine 2 line cards, and that is configured with three Border Gateway Protocol (BGP) peers.

Workaround: To restore traffic forwarding, reload the line card. To prevent the symptom from occurring, enter the shutdown interface configuration command on the interface before you configure uRPF. Then, enter the no shutdown interface configuration command on the interface.

Alternate Workaround: Ensure that uRPF is configured in the startup configuration file before you boot up the router.

CSCin30562

Symptoms: After a switchover occurs, an active Route Processor (RP) that is operating in the Route Processor Redundancy plus (RPR+) mode may not be able to switch Layer 2 Tunneling Protocol (L2TP) version 3 packets using distributed Cisco Express Forwarding (dCEF) (in the dCEF mode and may punt them to the RP CEF mode).

Conditions: This symptom is observed on the RP of a Cisco 7500 series that is running Cisco IOS Release 12.0(24)S.

Workaround: Disable and reenable dCEF.

CSCin39123

Symptoms: A Cisco router that is configured for Any Transport over Multiprotocol Label Switching (AToM) may send AToM packets that are missing control words, even though control-word imposition is enabled. When another Cisco router receives such malformed packets, the router does not handle these packets properly during disposition.

Conditions: This symptom may occur on all Cisco routers that employ software switching with AToM enabled. This symptom has specifically been observed on a Cisco 7200 series, Cisco 7400 series, and Cisco 7500 series that are configured for AToM.

On a Cisco 7200 series router that is processing a heavy traffic load, the reception of malformed packets may cause the router to pause indefinitely.

Workaround: There is no workaround.

Resolved Caveats—Cisco IOS Release 12.0(23)S3

Cisco IOS Release 12.0(23)S3 is a rebuild release for Cisco IOS Release 12.0(23)S. The caveats in this section are resolved in Cisco IOS Release 12.0(23)S3 but may be open in previous Cisco IOS releases.

Basic System Services

CSCdy74705

Symptoms: A memory corruption may occur on a Network Processing Engine 200 (NPE-200).

Conditions: This symptom is observed on the NPE-200 of a Cisco 7200 series router. This symptom is observed when a high amount of traffic is present on the router and when there are packet sizes that are greater than 1524 bytes in size. The occurrence of this symptom may be related to port adapter arrangements.

Workaround: Rearrange the port adapters or upgrade to Cisco IOS Release 12.0(24)S or a later release.

CSCea22886

Symptoms: When an entry in the ciscoPingTable MIB variable is set to be valid, high memory utilization may occur gradually because memory is not released by the "dead*" process of a Simple Network Management Protocol (SNMP) ping.

Conditions: This symptom is observed on a Cisco 12000 series after the router has been upgraded from an earlier Cisco IOS release to Cisco IOS Release 12.2(23)S.

Workaround: Exclude the ciscoPingTable MIB variable from the configuration by entering the snmp-server view view name ciscoPingTable excluded global configuration command.

CSCea36491

Symptoms: When a Telnet session is made to a router after a VTY session pauses indefinitely, the user in the Telnet session may not be able to enter the configuration mode. When these symptoms occur, interfaces may enter the wedged state with Simple Network Management Protocol (SNMP) traffic.

Conditions: This behavior is observed on ATM and Packet over SONET (POS) interfaces. This behavior is not platform-specific.

Workaround: Disable Simple Network Management Protocol (SNMP) configuration traps by entering the no snmp-server enable traps config global configuration command.

CSCeb08027

Symptoms: The snmp mib target list global configuration command is not displayed when the show running-config EXEC command is entered on the secondary Performance Routing Engine (PRE). However, the snmp mib target list global configuration command is displayed when the show startup-config EXEC command is entered on the PRE.

Conditions: This symptom is observed on the PRE of a Cisco 10000 series.

Workaround: There is no workaround.

IP Routing Protocols

CSCdu53656

A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet. BGP MD5 is a valid workaround for this problem.

Cisco has made free software available to address this problem. For more details, see the advisory at http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml.

CSCdw82270

Symptoms: When the default-information originate router configuration command is entered on a Cisco 12000 series via the Border Gateway Protocol (BGP), the default route is learned correctly but is entered incorrectly into the BGP routing table. This behavior may cause the Cisco 12000 series to have operating issues with other routers because the Cisco 12000 series does not have a correct default route.

Conditions: This symptom is observed on a Cisco 12000 series.

Workaround: Perform either of the following steps:

Enter a static default route.

Configure an access control list (ACL) to prevent packets from being propagated from the incorrect default route.

CSCdz09296

Symptoms: Transit traffic that uses Open Shortest Path First (OSPF) routes may be briefly interrupted after consecutive switch-over. This affects only OSPF configurations with message-digest authentication.

Conditions: This symptom is observed on Cisco routers that are running Cisco IOS Release 12.0(22)S when the following conditions are present:

The message-digest authentication is configured for OSPF.

More than one Route Processor (RP) switchover occurs within minutes of each other.

Workaround: There is no workaround. Traffic resumes without user intervention. To prevent future traffic interruptions on subsequent switchovers, disable the message-digest authentication for OSPF.

CSCdz10505

Symptoms: When a neighbor under virtual route forwarding (VRF) is configured using the bgp graceful-restart router configuration command, the session does not begin. A notification regarding wrong OPEN message is generated.

Conditions: This symptom is observed only when the router is configured using the bgp graceful-restart router configuration command.

Workaround: There is no workaround.

CSCdz24314

Symptoms: A Border Gateway Protocol (BGP) session reset occurs because of a notification that indicates a defective OPEN message.

Conditions: This symptom is observed when using the both option in the following command in router configuration mode:

neighbor ip-address [capability] orf prefix-filter [receive | send | both]

Workaround: Configure only the receive or send options of the neighbor-orf prefix-filter router configuration command.

CSCea13075

Symptoms: The Multi Exit Discriminator (MED) that is received from a confederation external peer may be ignored in best path selection. The output of the show ip bgp longer-prefixes EXEC command does not indicate that any MED values were received.

Conditions: This symptom is observed when Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) configurations are present.

Workaround: There is no workaround.

CSCea28131

A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet. BGP MD5 is a valid workaround for this problem.

Cisco has made free software available to address this problem. For more details, see the advisory at http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml.

CSCea32226

Symptoms: A router may reload when the show ip bgp neighbors EXEC command is entered.

Conditions: This symptom is observed if the show ip bgp neighbors EXEC command is entered while the neighbor soft-reconfiguration router configuration command is enabled, or when Border Gateway Protocol (BGP) paths are dampened.

Workaround: Disable the neighbor soft-reconfiguration router configuration command or avoid dampening the BGP paths.

CSCea42500

Symptoms: If the default-information originate router configuration command is entered on the Virtual Private Network (VPN) routing/forwarding (VRF) instance of a Cisco 12000 series that has the address-family ipv4 vrf vrf-name router configuration command configured using the Border Gateway Protocol (BGP), the default route is learned correctly but the default route is entered incorrectly in the BGP routing table. This behavior may result in unexpected behavior on the other router if the other router does not have a correct default route.

The default static route of the VRF is not advertised by BGP after the default static route is configured under the VRF, and BGP may advertise the incorrect default route that is in the BGP routing table.

Conditions: This symptom is observed on a Cisco 12000 series that is running BGP.

Workaround: Perform either of the following steps:

Enter a static default route under the VRF configuration.

Configure an access control list (ACL).

CSCea64725

Symptoms: If a peer group is slow to establish and comes up while other members of the peer group are converging, the recently established member may not advertise the routes that were sent to the other members.

Conditions: This symptom occurs only if the new peer group member comes up while the other members of a peer group are converging. This symptom does not occur if the new peer group member comes up after the other members of the peer group have finished converging.

Workaround: The routes can be readvertised by entering the clear ip bgp peer-group-name soft out privileged EXEC command for any peer that has missing routes.

CSCeb00172

Symptoms: When the neighbor {ip-address | peer-group-name} default-originate router configuration command is used with a peer group, peers that belong to that peer group come up at a different time from when the Border Gateway Protocol (BGP) is formatting updates. Because of this behavior, the router may not advertise all routes to members of the peer group.

Conditions: This symptom is observed with IP version 4 (IPv4) unicast and Virtual Private Network (VPN) routing/forwarding (VRF) address family (AF) packets.

Workaround: There is no workaround.

CSCeb00180

Symptoms: Border Gateway Protocol (BGP) update generation may pause indefinitely when BGP is converging.

Conditions: This symptom may occur under any of the following six conditions when BGP is converging:

1. When non-peer-group peer sessions flap or when the clear ip bgp  address privileged EXEC command is entered several times for a non-peer-group peer.

2. When the clear ip bgp * soft out privileged EXEC command is entered repeatedly in rapid succession.

3. When peers are moved in or out of peer groups.

4. When routers that are configured with unicast assured forwarding (AF) and AF only are reloaded.

5. When all members of a peer group are cleared by performing either a hard reset or a soft reset. In this situation, only the peer group is affected.

6. When some routes are advertised to or withdrawn from the router while the router is converging, some peers in a peer group may not receive all the updates.

Workaround: There is no workaround for conditions 1 through 5.

To recover from condition 6, enter the clear ip bgp neighbor-address soft out privileged EXEC command. For the neighbor-address argument, use the IP address of the peer that did not receive all of the updates.

ISO CLNS

CSCea00846

Symptoms: After a switchover, the Intermediate System-to-Intermediate System (IS-IS) takes about 10 minutes to fully recover and to install routes in the IP routing table.

Conditions: This symptom is observed on a Cisco 12000 series configured with IS-IS. The amount of time required for the Gigabit Ethernet (GE) interface to load after a switchover is very close to the amount of time of the IS-IS adjacency timeout. The device under test (DUT) is the designated router.

Workaround: There is no workaround.

Miscellaneous

CSCdx59003

Symptoms: A Cisco 12000 series router may report incorrect environmental values, as the following environmental logs display:

%ENV_MON-2-VOLTAGE: MBUS 5V supply (slot 1) volts has reached SHUTDOWN level at 5 m(V) %ENV_MON-2-TEMP: Hotpoint temp sensor (slot 17) temperature has reached SHUTDOWN level at 756(C)
%ENV_MON-2-VOLTAGE: Card 3.3v supply (slot 17) volts has reached CRITICAL level at 2560 m(V)

Although the environmental logs indicate that the shutdown level has been reached, the router does not shut down the line cards for which the incorrect environmental values are reported.

Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S3, Release 12.0(21)S5, Release 12.0(21)ST2, or Release 12.0(22)S.

Workaround: There is no workaround.

CSCdx61684

Symptoms: The traffic on a Cisco 12000 series 3-port Gigabit Ethernet line card (3GE-GBIC-SC) is stopped after the shutdown interface configuration command followed by the no shutdown interface configuration command is entered on the interface while there is a traffic load on the interface.

Conditions: This symptom is observed on a 3GE-GBIC-SC line card.

Workaround: Configure autorenegotiation, or reload the 3GE-GBIC-SC line card.

CSCdy51183

Symptoms: A router that is running cell-mode tag switching or Multiprotocol Label Switching (MPLS) on a label controlled ATM (LC-ATM) interface may reload when it receives a more specific prefix for a label mapping or binding than the one that is already allocated. For example, the router may reload when it receives the prefix 10.1.1.0/24 if a binding was already allocated for 10.1.1.1/32 on the basis of the routing entry 10.1.0.0/16.

Conditions: This symptom is observed on an Edge Label Switch Router (ELSR) or Label Switch Controller (LSC).

Workaround: There is no workaround for an ELSR. To prevent an LSC from reloading, disable the headend label virtual circuits (LVCs) by entering the tag-switching atm disable-headend-vcs global configuration command.

CSCdy56799

Symptoms: Spurious access errors may occur on a Cisco 7500 series router configured with distributed Cisco Express Forwarding (dCEF) and Web Cache Communication Protocol (WCCP).

Conditions: This symptom is observed on Cisco 7500 series router configured with dCEF and WCCP.

Workaround: Disable dCEF on the interfaces that are facing the web cache engines where the spurious access errors occur so that incoming WCCP generic routing encapsulation (GRE) packets are punted to the Route Processor (RP) and CEF switched.

For more information about spurious access errors, see the Cisco document at the following location:

http://www.cisco.com/warp/public/63/spuraccess.html

CSCdy67706

Symptoms: A switchover from the working interface to the protect interface may take a long time.

Conditions: This symptom is observed on a Cisco 10000 series router when the SONET Single Router APS (SR-APS) feature is enabled.

Workaround: A temporary solution is to configure the protect interface as the working interface.

CSCdy89749

Symptoms: A Gigabit Ethernet Interface Processor plus (GEIP+) may report many alignment errors and the CPU utilization may stay at 100 percent.

Conditions: This symptom is observed on a Cisco 7500 series router.

Workaround: There is no workaround.

CSCdz04297

Symptoms: A router may pause indefinitely instead of restarting.

Conditions: This symptom is observed when the router is handling invalid addresses in the cached address space.

Workaround: There is no workaround.

CSCdz22591

Symptoms: Resource Reservation Protocol (RSVP) hello may incorrectly declare lost communications with a neighbor, and fast reroute may be triggered.

Conditions: This symptom is observed when RSVP is configured on a Packet over SONET (POS) interface with a hello interval of 60 milliseconds or less on a Cisco router that is running Cisco IOS Release 12.0(24)S. This symptom does not exist when hello is configured on an Ethernet interface.

Workaround: Configure hello intervals longer than 60 milliseconds.

CSCdz37875

Symptoms: Traceback messages may be detected when a user checks the log file of a standby Performance Routing Engine (PRE).

Conditions: This symptom is observed on a router that has a 6-port OC-3 Packet over SONET (POS) line card.

Workaround: There is no workaround.

CSCdz46443

Symptoms: An ingress line card may reload after the no shutdown interface configuration command is entered on the line card while traffic is present.

Conditions: This symptom is observed in a Multiprotocol Label Switching (MPLS) tunnel head that has a 1-port edge service (ES) Packet-over-SONET (POS) OC- 192c/STM-64 line card configured on both the ingress and egress line cards. This symptom is observed when the ip cef accounting per-prefix non-recursive global configuration command is configured.

Workaround: There is no workaround.

CSCdz59683

Symptoms: After the ALPHA application-specific integrated circuit (ASIC) is reset because of error recovery (that may be caused by parity errors in ALPHA memory), the port or fetch descriptors that select correct threads in ALPHA microcode are not programmed correctly. This behavior may prevent certain configured features, such as IP version 6 (IPv6) or IP Virtual Private Network (VPN) routing/forwarding (VRF), from working correctly.

Conditions: This symptom is observed on the line card of a Cisco 12000 series.

Workaround: Reset the line card.

CSCdz63442

Symptoms: Link utilization may be lower than expected.

Conditions: This symptom is observed on a Cisco 10000 series router that is running Cisco IOS Release 12.0(23)S1 when class-based weighted fair queueing (CBWFQ) is configured on multiple VLANs.

Workaround: Try one or more of the following options to improve the link utilization:

1. Reduce the number of VLANs that are configured.

2. Send burstier traffic. (Doing so will most likely be more effective on higher bandwidth interfaces).

3. Do not configure maximum utilization parameters on any queues.

CSCdz66463

Symptoms: An ATM interface does not come up after a Cisco 10000 series router has reloaded.

Conditions: This symptom is observed on a Cisco 10000 series router that is running Cisco IOS Release 12.0(23)S1.

Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the affected interface.

CSCdz67600

Symptoms: An Engine 4 Plus (E4+) Packet-over-SONET (POS) line card may reload when the access control list (ACL) of a port is changed.

Conditions: This symptom is observed when the ACL of a port is changed when there already is an ACL configured on the port of an E4+ POS line card.

Workaround: There is no workaround.

CSCdz69846

Symptoms: An Engine 4 plus (E4+) line card may reload and display the following error messages in the log or crash info:

%TX192-3-CPUIF: Error=0x100

%TX192-3-CPUIF_ERR: Underrun Error: Read Pointer crosses Write Pointer.

Conditions: This symptom is observed on the E4+ line card of a Cisco 12400 series that is performing multicast packet fragmentation.

Workaround: There is no workaround.

CSCdz71127

Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.

Cisco has made software available, free of charge, to correct the problem.

This advisory is available at

http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml

CSCdz72673

Symptoms: A Cisco router that is functioning as a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) provider edge (PE) router may reload with an "address error" message.

Conditions: This symptom is observed at bootup time when the PE and customer edge (CE) interfaces are coming up. The symptom occurs when a locally learned VPN routing/forwarding (VRF) route temporarily loses its local label. This condition leads to some data structures being cleaned up but still retaining references to the local label. It may also occur after bootup in the case of interface flaps. The reload is not a common occurrence, however, and may need additional triggers.

A list of the affected releases can be found at http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCdv49909. Cisco IOS releases that are not listed in the "First Fixed-in Version" field at this location are not affected.

Workaround: There is no workaround.

CSCea00096

Symptoms: Packet throttling is activated because of congestion even when it is not configured. This behavior is indicated by the following error message:

%LC_CX3-4-THROTTLE: Packet throttling activated due to congestion

Conditions: This symptom is observed on a Cisco 12416 router that is configured with 200 Border Gateway Protocol (BGP) peers and that has three 6- port channelized T3 (6xCT3) line cards. Each of the line cards is configured with an even distribution of about 1500 Frame Relay subinterfaces.

Workaround: There is no workaround.

CSCea00954

Symptoms: IP multicast hardware counter memory is not freed on an Engine 4 (E4) or Engine 4 Plus (E4+) line card after multicast routes are cleared from the routing table.

Conditions: This symptom occurs only when the E4 or E4+ line card runs out of mtrie node memory. The line card will run out of mtrie memory when there are more routes on the router than the line card can handle.

Workaround: There is no workaround.

CSCea02355

Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.

Cisco has made software available, free of charge, to correct the problem.

This advisory is available at

http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml

CSCea03424

Symptoms: An OC-48 Packet-over-SONET (POS) interface may flap immediately after a high availability (HA) Fast Software Upgrade (FSU).

Conditions: This symptom is observed on a Cisco 10000 series when an HA FSU is performed from an image of Cisco IOS Release 12.0(23)S1 to an image of Release 12.0(23)S2.

Workaround: There is no workaround.

CSCea04762

Symptoms: Some export packets sent from an Engine 4+ (E4+) line card are not received by the NetFlow collector.

Conditions: This condition is observed on the E4+ line card when the export packets are exported out of a traffic engineering (TE) or tag interface and the router is running Cisco IOS Release 12.0(22)S2.

Workaround: Export the packets out of the non-TE or non-tag interface. This means that export packets must be sent out as IP packets from the E4+ line card.

CSCea10156

Symptoms: An Engine 4 plus (E4+) line card may reload unexpectedly.

Conditions: This symptom is observed when more than one adjacency is established across the interfaces of the E4+ line card while the ip cef accounting per-prefix non-recursive global configuration command is enabled. This symptom may occur when there is no traffic present on the line card.

Workaround: Disable the ip cef accounting per-prefix non-recursive global configuration command.

CSCea10890

Symptoms: The output of the show ip interface EXEC command does not display the number of Reverse Path Forwarding (RPF) packet drops but indicates a value of "0" for the number of RPF packet drops. However, the global RPF count in the output of the show ip traffic | inc drop EXEC command is correct.

Conditions: This symptom is observed on a Cisco 10000 series that has Parallel Express Forwarding (PXF) switching enabled.

Workaround: There is no workaround. This is caveat has been closed.

CSCea12157

Symptoms: The following error message may be observed on a line card:

%SLOT n: .... : %LC-3-ERRRECOVER: Corrected a transient error on line card.

This error may be observed even though an actual hardware error has not occurred on the line card. If a hardware error does occur, it will generate additional error messages to identify the source of the hardware error in addition to the error message listed above.

Conditions: This symptom may be observed on a Cisco Engine 0 line card when a feature that requires a micro code change is configured.

Workaround: There is no workaround. Ignore the error message.

CSCea14108

Symptoms: Pings from a customer edge (CE) router may fail in an Any Transport over Multiprotocol Label Switching (AToM) network.

Conditions: This symptom is observed when Ethernet over Multiprotocol Label Switching (EoMPLS) AToM is configured.

Workaround: There is no workaround.

CSCea14348

Symptoms: The integrity of the payload may not be retained on a Cisco 10700 series that is running Cisco IOS Release 12.0(24)S.

Conditions: This symptom is observed on Cisco 10700 series that is operating in the Ethernet over Multiprotocol Label Switching (EoMPLS) port mode with a Packet over SONET (POS) interface that is connected to a Multiprotocol Label Switching (MPLS) backbone.

Workaround: There is no workaround.

CSCea25707

Symptoms: A Cisco router may reload because of a software condition when running the LDP-MIB MIB. The router reloads because of a process watchdog timeout in the "SNMP ENGINE" process and logs an entry similar to the following one and logs a traceback:

%SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = SNMP ENGINE. %Software-forced reload

Unexpected exception, CPU signal 23, PC = 0x606F1FC4 ... Cause 00000024 (Code 0x9): Breakpoint exception

Conditions: This symptom is observed after the router ID has been changed and when Label Distribution Protocol (LDP) sessions have been added or removed.

Workaround: Do not change the router ID. If the router ID has been changed, do not run the LDP-MIB MIB.

CSCea27683

Symptoms: An Engine 4 (E4) line card may reload after it displays the following error messages:

%TX192-3-PAM_MODULE: status = 0x2, mask= 0x3F - MODULE: Error signal from PIM module. -Traceback=
%TX192-3-PAM_PIM: status = 0x3D6, mask= 0x1A1 - PIM: header start offset >= 16kB. -Traceback=

Conditions: These symptoms are observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(24)S under the following conditions:

IP traffic is sent from the IP Services Engine (ISE) Engine 3 (E3) line card to Engine 4 (E4) or Engine 4 plus (E4+) line cards.

The tag-switching ip interface configuration command is enabled on the E4 and E4+ line cards.

The IP packets are 78 bytes in size.

An Intermediate System-to-Intermediate System (IS-IS) link flap causes a change in the behavior of forwarded IP traffic that arrives at the ISE line card from one incoming link to two outgoing links or from two incoming links to one outgoing link in which one of the active outgoing links is an E4 or E4+ line card.

Workaround: There is no workaround.

CSCea28471

Symptoms: A Versatile Interface Processor (VIP) may reload.

Conditions: This symptom is observed on a VIP if Multiprotocol Label Switching (MPLS), Egress Netflow, and distributed Cisco Express Forwarding (dCEF) are configured.

Workaround: Disable DCEF or the Egress Netflow.

CSCea28914

Symptoms: A Fabric Interface ASIC (FIA) controller halt condition may be observed on the Engine 4 (E4) or Engine 4 plus (E4+) line card of a Cisco 12410.

Conditions: This symptom is observed when the hw-module slot 17 shut EXEC command is entered while a primary Clock Scheduler Card (CSC) is installed in slot 17 of the E4 or E4+ line card of a Cisco 12410. This symptom is observed when the Cisco 12410 is running Cisco IOS Release 12.0(21)S6.

Workaround: Avoid entering the hw-module slot 17 shut EXEC command.

CSCea32240

Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.

Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).

There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.

This advisory is available at

http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.

CSCea32479

Symptoms: It may take a long time for a Cisco 12000 series to remove 250,000 Virtual Private Network version 4 (VPNv4) entries from an Engine 3 (E3) line card. While the router removes the VPNv4 entries, new VPNv4 entries cannot be updated on the line card.

Conditions: This symptom is observed when the router handles a large number of VPNv4 entries on its line cards (more than 80,000) and when a Border Gateway Protocol (BGP) session flaps (the session remains down for a few minutes). This behavior causes the router to remove all VPNv4 entries and repopulate the VPNv4 entries a few minutes later.

Workaround: There is no workaround.

CSCea33501

Symptoms: Parallel Express Forwarding (PXF) reloads with the "0x680" software exception type in column 5 (T1RxC1).

Conditions: This symptom is observed on a Cisco 10000 series edge services router that is running Cisco IOS Release 12.0(21)ST5 but may also occur in Release 12.0 S.

Workaround: There is no workaround.

CSCea35292

Symptoms: When Multiprotocol Label Switching (MPLS) traffic or MPLS Virtual Private Network (VPN) traffic is being forwarded by a Cisco 10720 router, about 50 percent of multicast traffic will be punted to a Route Processor (RP) and forwarded by the RP. The expected behavior is that multicast traffic should be forwarded by Parallel Express Forwarding (PXF) as long as a multicast route (mroute) entry exists. If many packets are punted to the RP, and the RP queue is congested, some of the multicast traffic that is being punted to the RP will be dropped. For example, multicast traffic may be dropped from a multicast application such as video or TV broadcast.

Conditions: This symptom is observed on a Cisco 10720 router that is running Cisco IOS Release 12.0(22)S, Release 12.0(23)S1, or Release 12.0(24)S when the following conditions are met:

The router forwards MPLS or MPLS VPN traffic and multicast traffic.

The RP queue is congested.

Workaround: Stop the MPLS or MPLS VPN traffic.

CSCea38449

Symptoms: Traffic may not be forwarded to an egress line card if an uncorrected parity error is detected.

Conditions: This symptom is observed on an Engine 3 (E3) IP Services Engine (ISE) line card of a Cisco 12000 series.

Workaround: Reload the microcode of the line card after the error recovery process occurs.

CSCea42366

Symptoms: A corrupted VLAN ID may be created when a VLAN ID rewrite operation is configured on the VLAN interface of a Cisco 10720. When this symptom occurs, the Canonical Format Identifier (CFI) bit of the incoming 802.1q header is not preserved.

Conditions: These symptoms are observed with input packets that have the CFI bit of the 802.1q header set to a value of "1" (CFI=1) and when the new VLAN ID value has a value of "0" for bit 4 (when the count is made from the least significant bit position). The new VLAN ID value (that is produced by the VLAN ID rewrite operation) for the output packet will have an incorrect value of "1" for bit 4.

The CFI bit of the incoming packet is not preserved when the value of the CFI bit is "1" and the outgoing packet has a incorrect CFI bit value of "0".

Workaround: There is no workaround.

CSCea42527

Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.

Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).

There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.

This advisory is available at

http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.

CSCea42826

Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.

Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).

There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.

This advisory is available at

http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.

CSCea44309

Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.

Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).

There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.

This advisory is available at

http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.

CSCea45073

Symptoms: Traffic and routing outage may be observed on a router for several minutes.

Conditions: This symptom is observed on a Cisco 12000 series when a line card reload event is triggered by an uncorrected soft memory error and by a simultaneously bounding policy-based routing (PBR) policy that is on an IP Services Engine (ISE) interface.

The uncorrected soft memory error trigger is observed to occur before the trigger that is caused by the simultaneously bounding policy-based routing policy.

Workaround: There is no workaround.

CSCea45451

Symptoms: An active Performance Route Processor (PRP) may pause indefinitely and not enter the ROM monitor (ROMmon) mode after its firmware is upgraded. When this behavior occurs, the secondary PRP takes over as the primary PRP.

Conditions: This symptom is observed when the upgrade all EXEC command is entered on the active PRP of a router that is running Cisco IOS Release 12.0(23)S and that has a dual PRP configuration while both PRPs are enabled.

Workaround: Power-cycle the router to exit the indefinite pause state. To prevent the active PRP from pausing indefinitely, avoid booting up both of the PRPs simultaneously. Boot up only the first PRP to the enabled state and upgrade the PRP. Perform the same procedure with the second PRP.

CSCea52787

Symptoms: A memory leak may be observed on a line card with the Multicast Distributed Switching (MDS) line card process when the ip multicast-routing global configuration command is enabled while there are tunnel interfaces configured.

Conditions: This symptom occurs when the affected line card runs out of memory because of a memory leak and the MDFS process on the line card attempts to allocate memory. This symptom occurs only when multicast routing is enabled by entering the ip multicast-routing distributed global configuration command and when a traffic engineering (TE) tunnel is configured.

Workaround: There is no workaround.

CSCea53471

Symptoms: A Cisco 12000 series that is configured with a Performance Route Processor 1 (PRP-1) may pause indefinitely.

Conditions: This symptom is observed on a Cisco 12000 series that is configured with a PRP-1 when the configuration is being saved after it has previously received a break signal on the console. This symptom does not affect the Gigabit Route Processor (GRP).

The break signal can be received by the router when it is sent intentionally by a terminal or when it is unintentionally received as noise on the console connection. Unintentional noise may occur if a terminal or terminal server that is connected to the router is powered off or when certain terminals or personal computer terminal emulators are first connected. When the router pauses indefinitely, it must be power-cycled to be restored to a normal working condition.

Workaround: There is no workaround.

CSCea54482

Symptoms: A switch fabric card (SFC) switchover may occur, cyclic redundancy check (CRC) Fabric Interface ASIC (FIA) errors may occur, and the following error message may be displayed on a Cisco 12400 series:

FABRIC-3-ERR_HANDLE Due to CRC error from slot 8, shutdown the fabric card on slot 22

Note that the slot numbers (that is, 8 and 22) are just examples.

Conditions: These symptoms are observed after a Cisco 12400 series router that is configured with one or more Engine 4 plus line cards is reloaded with a new Cisco IOS release that causes a maintenance bus (MBus) download condition and while traffic is being processed on the router.

Workaround: After the router is reloaded with the new Cisco IOS release, reload the router for a second time.

CSCea61480

Symptoms: An Engine 4 10-port Gigabit Ethernet (GE) line card may reload or you may not be able to ping across the modular GE interfaces of the line card.

Conditions: This symptom is observed on a Cisco 12410 that has a redundant Clock Scheduler Card (CSC) after you have performed an online insertion and removal (OIR) of the master (CSC).

Workaround: There is no workaround.

CSCea62360

Symptoms: A Cisco 12000 series Engine 3 (E3) line card may log "EE48-2-GULF_TX_SRAM_ERROR" error messages if certain packet types are forwarded incorrectly.

Conditions: This symptom is observed on Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) provider edge (PE) routers when multicast traffic is destined for the customer edge (CE) router.

Workaround: There is no workaround.

CSCea62725

Symptoms: The Automatic Protection Switching (APS) function may not failover after a line card is reset.

Conditions: This symptom is observed when a line card is reset (either by entering the hw-module reset EXEC command or by manually resetting the line card).

Workaround: There is no workaround.

CSCea67032

Symptoms: Some interfaces of a Cisco 10000 series 6-port channelized T3 line card may not come up.

Conditions: This symptom is observed when you configure the T3 controller with any combination of time slots, but using more than 15 and fewer than 21 time slots.

Workaround: There is no workaround.

CSCea68251

Symptoms: A Cisco 10720 may reboot when you enter the no srp reject H.H.H interface configuration command on a Spatial Reuse Protocol (SRP) interface.

Conditions: This symptom is observed intermittently. If there is no valid entry to be removed for the srp reject H.H.H interface configuration command, the command negation has no impact.

Workaround: There is no workaround.

CSCea68657

Symptoms: A router may not boot to the configured Cisco IOS software version when the full path of the Cisco IOS image is specified in the boot system flash global configuration command, such as in the following example:

boot system flash disk0:c12kprp-p-mz

Conditions: This symptom is observed on a Cisco 12000 series router that is configured with dual Performance Route Processors (PRPs).

Workaround: Configure the boot system flash global configuration command without specifying the device name, such as in the following example:

boot system flash c12kprp-p-mz

CSCea77271

Symptoms: Packets may be dropped by a 3-port line card for a Cisco 12000 series Internet router.

Conditions: This symptom is observed on a Cisco 12000 series Internet router that is configured with a 3-port line card and that is running Cisco IOS Release 12.0(21)ST or Release 12.0(22)S when the following conditions are met:

Some subinterfaces are configured for Ethernet over Multiprotocol Label Switching (EoMPLS).

Some subinterfaces are configured for IP.

Any interface on the router is configured with an output access control list (ACL).

A packet is received on an IP subinterface and its 802.1p VLAN priority bits are different than the IP precedence bits and it is supposed to switch to the interface where the output ACL is applied.

Workaround: Remove the output ACL if possible or use Cisco IOS Release 12.0(23)S or a later release.

CSCea80322

Symptoms: All ports of an Engine 0 (E0) digital service 3 (DS3) card may remain in an "up/down" condition indefinitely.

Conditions: This symptom is observed on Engine 0 (E0) DS3 cards when one of the ports receives a "yellow" alarm.

Workaround: Enter the microcode reload global configuration command to microcode reload the DS3 card.

CSCea86678

Symptoms: Auto negotiation may not work as expected on a router.

Conditions: This symptom is observed when a Cisco 10720 router is used in a network that has a Cisco Catalyst 6500 switch and a vendor-specific optical repeater.

Workaround: There is no workaround.

CSCea87709

Symptoms: A standby Performance Routing Engine (PRE) may reload continuously, and the router may enter the "standby cold-bulk" redundancy state.

Conditions: This symptom is observed with certain configurations. The standby PRE may reload continuously when a new image is loaded after the hw-module reset standby-cpu reset global configuration command is entered or after a switchover occurs.

Workaround: There is no workaround.

CSCea89519

Symptoms: A standby Gigabit Route Processor (GRP) may reload with a bus error.

Conditions: This symptom is observed after the ATM interface of a Cisco 12000 series is shut down.

Workaround: There is no workaround.

CSCea91024

Symptoms: Line cards that are installed on a Cisco 12000 series may reload.

Conditions: This symptom is observed when a Virtual Private Network (VPN) routing/forwarding (VRF) instance is added or deleted, and a loopback interface is configured with one of the VRF instances.

Workaround: There is no workaround.

CSCea91692

Symptoms: On a Cisco 12000 series router that is configured with an Engine-2-based line card that carries both Multiprotocol Label Switching (MPLS) and IP traffic and that is forwarding packets to an output port (that has a committed access rate [CAR] rule configured on an Engine-0, Engine-1 or Engine-2-based output line card), the IP traffic may be dropped because of an incorrect packet switching application-specific integrated circuit (PSA) Cisco Express Forwarding (CEF) entry.

Conditions: This symptom is observed on a Cisco 12000 series that has been upgraded from Cisco IOS Release 12.0(21)S5 to Release 12.0(22)S or Release 12.0(23)S. This configuration requires that the traffic enter the router on an Engine 2 line card and leave the router on an Engine-0, Engine-1, or Engine 2-based line card that has an output CAR applied to its port.

Workaround: Remove the output CAR rule from the egress line card to restore traffic.

CSCeb00391

Symptoms: The following error message may be displayed on a router:

%ALIGN-3-SPURIOUS: Spurious memory access made at 0x50164CDC reading 0x0

Conditions: This symptom is observed on a Cisco 12000 series.

Workaround: There is no workaround.

CSCeb01992

Symptoms: Occasional ping failures may be observed over a VLAN interface.

Conditions: This symptom is observed on the VLAN interface of a Cisco 12000 series modular Gigabit Ethernet line card. The Cisco 12000 series modular Gigabit Ethernet line card is connected to Cisco Catalyst switches over VLAN interfaces.

Workaround: There is no workaround.

CSCeb05519

Symptoms: The core router Multiprotocol Label Switching (MPLS) forwarding entry has the correct outgoing interface but has an incorrect label to use for sending traffic to the edge router. The incorrect label is identical to the label that is sent by another core router for the same prefix through another interface.

Conditions: This symptom is observed in a service provider network when the route to the prefix that has the incorrect MPLS forwarding entry is configured using a static recursive route and the specific IP address that is specified in the ip route prefix mask ip-address global configuration command is changed by topology changes to go through a different adjacent router. The incorrect outgoing Label Distribution Protocol (LDP) or Tag Distribution Protocol (TDP) label corresponds to the router that was adjacent prior to the routing change.

Workaround: To clear this condition, enter the clear ip route {network [mask] | *} EXEC command to cause MPLS to create a new forwarding entry that has the correct interface and label for the prefix.

To prevent this condition from occurring, advertise the route to the prefix in question using an Interior Gateway Protocol (IGP).

Alternate Workaround: Configure a static nonrecursive route to the prefix and IP address of the next-hop router by entering the ip route prefix mask ip-address interface-type interface-number global configuration command.

CSCeb14687

Symptoms: Border Gateway Protocol (BGP) may send incomplete updates to the peer routers, and some routers may not send full routes to their peer routers. This behavior may cause some routes to be missing from the peer.

Conditions: This symptom is observed when a slow BGP peer in a peer group comes up while BGP is in the process of sending updates to the peer routers. This symptom is not platform specific.

Workaround: Enter the clear ip bgp peer-address soft out EXEC command to clear this condition. Avoid using a peer group if possible.

CSCeb14998

Symptoms: An Engine 2 line card that is configured with virtual routing and forwarding may reload.

Conditions: This symptom is observed under either one of the following conditions:

When the shutdown interface configuration command followed by the no shutdown interface configuration command is entered on a loopback interface.

When tag switching is removed globally and then reenabled.

The line card does not come back up after it reloads and must be manually reloaded.

Workaround: There is no workaround.

CSCuk39189

Symptoms: Leaks may be observed for some Virtual Private Network routing and forwarding (VRF) routes in the global Forwarding Information Base (FIB) table when a VRF is deleted and recreated.

Conditions: This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0 S or Release 12.2 T.

Workaround: There is no workaround.

CSCuk41552

Symptoms: When you enter the show cef idb EXEC command on a primary Route Processor (RP), the output of the command displays that for two subinterfaces of the same interface that should have the same interface number, one of the subinterfaces has a "-" sign in the "IIndex" column and both subinterfaces have the same number in the "FIndex" column.

Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(24)S and may also occur on a Cisco 7500 series and a Cisco 10000 series. The symptom occurs when there are multiple subinterfaces on one hardware interface, when a Stateful Switchover (SSO) occurs, and when the original active RP (that becomes the new standby RP) reloads.

Workaround: There is no workaround.

TCP/IP Host-Mode Services

CSCdz28034

Symptoms: A router may reload while you change the maximum transmission unit (MTU) size to 64 bytes on an OC-12 or OC-24 Packet-over-SONET (POS) interface.

Conditions: This symptom is observed on a Cisco 10000 series router or a Cisco 12000 series router when Multiprotocol Label Switching (MPLS) is enabled on the interface.

Workaround: There is no workaround.

CSCea60379

Symptoms: A Cisco router may leak memory at a rate of up to 100 KB per day, resulting in the gradual reduction of the available memory.

Conditions: This symptom is observed on a Cisco router that is running Label Distribution Protocol (LDP). The symptom may be caused by applications that use TCP as the transport protocol.

Workaround: There is no workaround.

Resolved Caveats—Cisco IOS Release 12.0(23)S2

Cisco IOS Release 12.0(23)S2 is a rebuild of Cisco IOS Release 12.0(23)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(23)S2 but may be open in previous Cisco IOS releases. This section describes only severity 1 and 2 caveats.

CSCdv51360

Symptoms: A data-link switching (DLSw) peer may be stuck in the "AB_PEND" state and a TCP session may be stuck in the "SYNSENT" state after an IP outage occurs between two DLSw routers.

Conditions: This symptom is observed on a Cisco router that is running Cisco IOS Release 12.1(3)T but may also occur in other releases such as Release 12.0 S or Release 12.2 S.

Workaround: Use the show tcp brief EXEC command to determine the Transmission Control Block (TCB) of the hung TCP session. Enter the clear tcp tcb address privileged EXEC command to clear the TCB of the hung TCP session. The DLSw peers will reconnect as long as there is IP connectivity between the DLSw peers.

CSCdw01726

Symptoms: A Simple Network Management Protocol version 3 (SNMPv3) user configuration is changed when a router is reloaded.

Conditions: This symptom is observed when an SNMPv3 user is created using message digest 5 (MD5) authentication by entering the following commands:

Router# snmp group groupy v3 auth

Router# snmp user abcdefghij groupy v3 auth md5 abcdefghij

The engine ID is then changed by entering the following command:

snmp-server engineID local 00000009020000024B0008FE

An SNMP walk is performed by entering the following command, the configuration is saved, and the router is reloaded:

Router# snmpwalk -v 3 -u abcdefghij -A abcdefghij -a MD5 -l AuthNoPriv device-name

The SNMP walk is successful and the following debug header output is displayed when the debug snmp EXEC command is entered:

Incoming SNMP packet: v3 packet security model: v3 security level: auth username: abcdefghij

The router is reloaded and a second SNMP walk is performed by entering the following command:

Router# snmpwalk -v 3 -u abcdefghij -A abcdefghij -a MD5 -l AuthNoPriv device-name

After the second SNMP walk is performed, the command does not generate any output and the following debug header output is displayed when the debug snmp EXEC command is entered:

Incoming SNMP packet: v3 packet security model: v3 security level: noauth: username: abcdefghij

Workaround: Do not change the default engine identity (ID).

CSCdx00274

Symptoms: A single-port Fast Ethernet 100BASE-TX port adapter (PA-FE-TX) may stop receiving burst traffic packets.

Conditions: This symptom is observed on a PA-FE-TX that is installed in a Cisco 7206VXR router.

Workaround: Clear the symptom by entering the shutdown interface configuration command followed by the no shutdown interface configuration command on the affected interface of the PA-FE-TX.

CSCdy23771

Symptoms: An incomplete adjacency is created between a provider edge (PE) router and a customer edge (CE) router. This situation causes a ping from one CE router to another CE router to fail.

Conditions: This symptom is observed in a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) environment.

Workaround: First send a ping from the PE router to the CE router. After that, you can send a ping from one CE router to the other CE router.

CSCdy36238

Symptoms: Group G (*,G) multicast route (mroute) state joins may no longer be sent. This situation may cause traffic to stop flowing after the group G mroute state times out.

Conditions: This symptom is observed after Protocol Independent Multicast (PIM) is disabled and then reenabled on an interface that serves as the only PIM interface on a router.

Workaround: There is no workaround.

CSCdy37606

Symptoms: A Cisco 12000 series may generate the following message:

%LINK-3-TOOSMALL: Interface POS3/0, Output runt packet of 0 bytes

Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(21)S5, when an error occurs on an Engine 2 line card and when both sampled NetFlow and Multiprotocol Label Switching (MPLS) are enabled.

Workaround: Disable sampled NetFlow. Note that this workaround affects service because disabling sampled NetFlow causes Cisco Express Forwarding (CEF) to reload on the line card.

CSCdy40742

Symptoms: After a Border Gateway Protocol (BGP) neighbor resets, CPU utilization may run very high on a Cisco 12000 series.

Conditions: This symptom is observed when the default-metric BGP command is enabled in the BGP router configuration.

Workaround: There is no workaround.

CSCdy41660

Symptoms: For a short period of time, a forwarding engine can continue to send traffic to an interface that has just been shut down. Depending on traffic rates, this may consume all of the output buffer on the line card, causing the other interfaces on that line card to go down.

Conditions: This symptom is observed under rare circumstances.

Workaround: There is no workaround.

CSCdy49411

Symptoms: Traffic policing may not function.

Conditions: This symptom is observed on the Network Processing Engine (NPE) of a Cisco 7200 series router.

Workaround: There is no workaround.

CSCdy51437

Symptoms: A Versatile Interface Processor (VIP) may reload because of a direct memory access (DMA) receive error and may display a message that is similar to the following:

CYASIC Error Interrupt register 0x2000000

DMA Receive Error

CYASIC Other Interrupt register 0x180

QE HIGH Priority Interrupt

Unknown CYA oisr bit 0x00000080

QE RX HIGH Priority Interrupt

QE TX HIGH Priority Interrupt

CYBUS Error Cmd/Addr 0x8000068, CYBUS Error Data 0x0

MPUIntfc/PacketBus Error register 0x0

Conditions: This symptom is observed while there is a large amount of Internet MIX (IMIX) traffic on a 2-port Fast Ethernet port adapter (PA-2FE) that is installed on the VIP of a Cisco 7500 series.

Workaround: There is no workaround.

CSCdy54493

Symptoms: A "%SNMP-3-CPUHOG: Processing GetNext of ciscoFlashDeviceEntry.5.8" error message is displayed during a Simple Network Management Protocol (SNMP) query on ciscoFlashDeviceEntry.

Conditions: These symptoms can occur on any Cisco router that is running Cisco IOS software.

Temporary Workaround: Exclude ciscoFlashMIB by entering the snmp-server global configuration command. If SNMP must be enabled on the Flash devices, then there is no workaround.

CSCdy60008

Symptoms: If you change the interface bandwidth or delay, a router may reload.

Conditions: This symptom is observed after Enhanced Interior Gateway Routing Protocol (EIGRP) is terminated via the no router eigrp as-number global configuration command or the no ip routing global configuration command, causing the EIGRP process list to be invalid.

Workaround: Reload the router after you have terminated EIGRP.

CSCdy61223

Symptoms: When an input access control list (ACL) is configured and multiple broadcast Address Resolution Protocol (ARP) requests are received, packet loss and performance degradation may occur because of a "format error" that is reported in the output of the show ip traffic EXEC command.

Conditions: This symptom is observed when you have enabled NetFlow on an interface of a 1-port Gigabit Ethernet line card that is installed in a Cisco 12000 series that is running Cisco IOS Release 12.0(16)S or Release 12.0 (22)S.

Workaround: Although the condition is triggered by multiple broadcast ARP requests, it only occurs if NetFlow, input ACLs, and ACL hardware checking are configured. Disabling any of these features will prevent the condition from occurring. For example, to remove the ACL hardware checking on the 1-port Gigabit Ethernet line card, enter the no access-list hardware salsa command.

CSCdy73551

Symptoms: Packets are not exported from a Cisco 12000 series 1-port Gigabit Ethernet line card.

Conditions: This symptom is observed when an input access control list (ACL) and Sampled NetFlow (SNF) are configured using the access-list hardware salsa command.

Workaround: There is no workaround.

CSCdz74925

Symptoms: A 4-port OC-48 Packet-over-SONET (POS) Engine 4 plus (E4+) line card may stop forwarding traffic after you have reloaded microcode onto the line card.

Conditions: This symptom is observed on a Cisco 12000 series that is running the gsr-p-mz image of Cisco IOS Release 12.0(24)S in a carrier supporting carrier configuration when the 4-port OC-48 POS E4+ line card interconnects a provider edge (PE) and a provider (P) router.

Workaround: Enter the clear ip bgp privileged EXEC command on the PE router.

CSCdy75434

Symptoms: A line card in a provider edge (PE) router that is running IP version 6 (IPv6) in a Multiprotocol Label Switching (MPLS) environment (also referred to as a 6PE router) or in any connected router may reload because of a fabric ping failure, and the following error message may be generated:

%FIB-3-FIBDISABLE: Fatal error, slot 1: IPC Failure: timeout
%GRP-3-COREDUMP: Core dump incident on slot 1, error: Fabric ping failure (seq:3279)
%GRP-4-RSTSLOT: Resetting the card in the slot: 1,Event: EV_LC_E4_CORE_DUMP_DECLINE_DUP

Conditions: This symptom is observed on a Cisco 12000 series that functions as a 6PE router or on any connected router when an IPv6 default route is removed from another 6PE router and traffic is flowing through the IPv6 default route while the route update following the route removal is being processed. When the IPv6 default route is removed, one or more line cards may reload on any router that receives the route update.

Workaround: There is no workaround.

CSCdy79494

Symptoms: An Engine 2 egress line card that is installed in a Cisco 12000 series that is functioning as a provider edge (PE) router reloads when a customer edge (CE) router starts sending traffic, and the following error messages are generated:

* %LCLOG-3-INVSTATE: LC logger in an invalid state (LC=3,state=WAITING FOR TEXT,msg=MSG START) -Traceback= 503583F8 502F6464 5021C54C 5021C538 SLOT 3: %LC-3-PSAERRS: PSA PSA_CPU_GS_INT error 4 SLOT 3:
%LC-3-PSAERR: PSA error: if_err 0 adr FC00002C cmd 5 data 0 pipe 0,fs 0,prep 0 (pc 1E5),pop 0 (pc 19C),plu 0,tlu 0,plu sdram 0 adr 0 synd 0 ch *
%GRP-3-FABRIC_UNI: Unicast send timed out (3). * %LCINFO-3-CRASH: Line card in slot 3 crashed

Conditions: This symptom is observed only when the ip cef accounting non-recursive per-prefix global configuration command is enabled.

Workaround: There is no workaround.

CSCdy80592

Symptoms: A Cisco 12000 series may reload because of a redzone corruption.

Conditions: This symptom is observed on a Cisco 12000 series that is running the gsr-k4p-mz image of Cisco IOS Release 12.0(21)S1.

Workaround: There is no workaround.

CSCdy87260

Symptoms: On a dual Route Processor (RP) router that has the Route Processor Redundancy Plus (RPR+) feature enabled, the configuration synchronization may fail when two break instances are sent on the standby RP.

Conditions: This symptom is observed on a Cisco 12000 series only if the user sends two break instances on the standby RP.

Workaround: There is no workaround.

CSCdy87479

Symptoms: An OC-12 Dynamic Packet Transport (DPT) line card may reload when IP version 6 (IPv6) is configured on the interface.

Conditions: This symptom is observed when IPv6 traffic enters the interface.

Workaround: Unconfigure IPv6 on the interface, and use tunnels instead.

CSCdz06100

Symptoms: A permanent virtual circuit (PVC) on a standby Route Processor (RP) may go down after the oam-pvc manage interface-ATM-VC configuration command is enabled. This behavior may cause the RP to take a longer time to be brought up after an RP switchover occurs. Traffic on a Cisco 12000 series or Cisco 10000 series Edge Services Router (ESR) may be interrupted for about 10 seconds when this behavior occurs.

Conditions: This symptom is observed on the standby RP of a Cisco 10000 series that is running Cisco IOS Release 12.0(23)S.

Workaround: Enter the no oam-pvc manage interface-ATM-VC configuration command to disable generation of Operation, Administration, and Maintenance (OAM) loopback cells and OAM management on the ATM PVC.

CSCdz07032

Symptoms: When you add a new Performance Routing Engine (PRE) to a Cisco 10000 series, the startup configuration may not be copied to the new PRE. Verify that the configuration exists by entering the dir sec- nvram: EXEC command or the dir standby-nvram: EXEC command, depending on the Cisco IOS software image that you are running.

Conditions: The conditions under which this symptom occurs are not known at this time.

Workaround: Cut over to the new PRE, and save the configuration.

CSCdz10165

Symptoms: A Tag Forwarding Information Base (TFIB) entry for a Virtual Private Network (VPN) routing/forwarding (VRF) static recursive route that is configured for multihop Border Gateway Protocol (BGP) may be lost.

Conditions: This symptom is observed after the egress interface flaps.

Workaround: There is no workaround.

CSCdz12745

Symptoms: When a Cisco 12000 series Engine 2 Packet-over-SONET (POS) line card collects statistics for locally assigned Multiple Protocol Label Switching (MPLS) label entries, it may lose the outgoing label entries for the associated prefixes. All the prefixes show up as untagged, and it may be difficult or impossible to reach the prefixes.

Conditions: This symptom is observed on a Cisco 12000 series Engine 2 POS line card.

Workaround: To recover from the situation, reset the line card.

CSCdz16897

Symptoms: The Path Remote Defect Indication (PRDI) may not be handled properly during an Automatic Protection Switching (APS) switchover. This situation does not affect service.

Conditions: This symptom is observed on a Cisco 10000 series OC-12 ATM line card when an APS switchover occurs because of poor line quality.

Workaround: There is no workaround.

CSCdz17230

Symptoms: Loadsharing may occur unevenly.

Conditions: This symptom is observed on a Cisco 12000 series line card that does not support 16 hash buckets for loadsharing when Cisco Express Forwarding still attempts to use 16 hash buckets instead of the maximum number of hash buckets that is supported by the hardware.

Workaround: There is no workaround.

CSCdz18497

Symptoms: A router may loop indefinitely when a Simple Network Management Protocol (SNMP) walk is performed against certain objects. The SNMP walk will not cycle if a specific interface is specified.

Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(21)S6.

Workaround: Reload the router.

CSCdz18851

Symptoms: A spurious memory error may occur when the microcode of an Engine 3 (E3) 16-port OC-3 (16xOC-3) Packet over SONET (POS) line card is reloaded.

Conditions: This symptom is observed on the E3 16xOC-3 POS line card of a Cisco 12000 series.

Workaround: There is no workaround.

CSCdz19320

Symptoms: A Cisco 12000 series Engine 4 plus line card may reload after a forced switchover.

Conditions: This symptom is observed when Stateful Switchover (SSO) and Intermediate System-to-Intermediate System (IS-IS) are configured.

Workaround: Disable IS-IS.

CSCdz21375

Symptoms: A memory leak may occur on a line card.

Conditions: This symptom is observed on the line card of a Cisco 12000 series after NetFlow is disabled on the last interface of a line card that has NetFlow enabled. This symptom is observed while there are more than 1900 flow records in the NetFlow cache of the line card.

Workaround: Keep NetFlow enabled on at least one interface on the line card.

CSCdz25228

Symptoms: An Engine 2 (E2) line card may reload after it reboots.

Conditions: This symptom is observed on the E2 line card of a Cisco 12000 series that is running the gsr-p-mz image of Cisco IOS Release 12.0(23)S. The E2 line card is configured with 128 line input access control list (ACLs), Virtual Private Network (VPN), and has Frame Relay configured on one of the interfaces.

Workaround: There is no workaround.

CSCdz25339

Symptoms: An unusually formatted Multicast Source Discovery Protocol (MSDP) packet may cause memory corruption and a router to reload.

Conditions: This symptom is observed on a Cisco router when it has a peer relationship with a specific third-party vendor router that is running a recent software release.

Workaround: Shut down the peer relationship by entering the ip msdp shutdown peer-address global configuration command.

CSCdz28113

Symptoms: Manual Layer 2 Tunneling Protocol (L2TP) version 3 tunnels fail when two or more tunnels are configured to different destination provider edge (PE) routers. All of the traffic that enters the tunnel is forwarded to the same PE regardless of the configured PE address. This symptom is also observed when the user starts off with one manual tunnel configuration that points to a particular PE router and later changes the configuration to point to a different PE router.

Assuming that PE router 1 (PE1) is the initial router that the manual configuration points to and PE router 2 (PE2) is the subsequent PE router that the configuration is subsequently configured to point to, traffic will be sent to PE1 even after the configuration has been altered to point to PE2.

Conditions: This symptom is observed when the user has more than one manual L2TP version 3 tunnel configured and when at least one of those tunnels is going to a different destination IP address than the other tunnels.

Workaround: Use negotiated L2TP sessions or enable keepalive processing on the manual L2TP version 3 tunnels.

CSCdz29044

Symptoms: An Engine 3 line card that connects a provider edge (PE) router and a customer edge router, both of which are running the Carrier Supporting Carrier feature, may reload.

Conditions: This symptom is observed on a Cisco 12000 series that is running the gsr-p-mz image of Cisco IOS Release 12.0(23)S, that is functioning as a PE router, and that is running the Carrier Supporting Carrier feature when you reload microcode on one of multiple line cards that connects the PE router to a provider (P) router.

Note that the symptom occurs on an Engine 3 line card that connects the PE router and the CE router, but the microcode is reloaded onto another line card that connects the PE router and the P router.

Workaround: There is no workaround.

CSCdz31376

Symptom: A Versatile Interface Processor (VIP) may reload unexpectedly if the following sequence is performed:

1) Enable distributed Cisco Express Forwarding (dCEF) by entering the ip cef distributed global configuration command.

2) Disable the NetFlow Flow-cache or NetFlow switching for IP routing (using the no ip route-cache flow global configuration command).

3) Configure Cisco Express Forwarding (CEF) using the ip cef global configuration command.

4) Re-enable dCEF by entering the ip cef distributed global configuration command.

5) Re-enable ip flow-cache commands, or enter the ip route-cache flow command.

6) Configure CEF using the ip cef global configuration command.

Conditions: This symptom was observed durning Cisco internal testing using VIP software, version 12.0(22.4)S.

Workaround: Re-enable ip flow-cache or ip route-cache flow commands before re-enabling dCEF, or upgrade to Release 12.0(23)S2 (recommended). This issue is resolved in 12.0(24)S.

CSCdz31864

Symptoms: The OC-48 Packet-over-SONET (POS) bandwidth on a Performance Routing Engine 1 (PRE1) may not exceed 1.2 Gbps. The bandwidth should be able to scale to 1.4 Gbps.

Conditions: This symptom is observed on a Cisco 10000 series.

Workaround: There is no workaround.

CSCdz32724

A line card that is facing the core of a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) may generate packet switch application-specific integrated circuit (ASIC) (PSA) error messages and may stop sending traffic to the core of the network. The following output may be observed when the show interface gigabit ethernet interface EXEC command is entered.

%LC-3-PSAERRS: PSA PSA_CPU_GS_INT error 4

%LC-3-PSAERR: PSA error: if_err 0 adr FC00002C c md 5 data 0 pipe 0,fs 0,prep 0 (pc 1EC),pop 0 (pc 19F),plu 0,tlu 0,plu sdram 0 a dr 0 synd 0 check 4D00,tlu sdram 0 adr 0 synd 0 check 0,ssdram 0 adr 0,gather 0, pl 1822D92,plmuxcnts 61, pludefpsr 22000, plupsr 22000, pludsr 0

Conditions: These symptoms are observed on a Cisco 12000 series 3-port Gigabit Ethernet line card when the line card flaps.

Workaround: There is no workaround.

CSCdz32988

Symptoms: The CPU on a Cisco 7500 series Versatile Interface Processor (VIP) or on a Cisco 12000 series line card may persistently show very high utilization (99 percent) reported against the "TAG Stats Background" process, as is displayed in the output of the show processes cpu EXEC command:

CPU utilization for five seconds: 100%/1%; one minute: 99%; five minutes: 99%

PID Runtime(ms) Invoked   uSecs 5Sec 1Min 5Min     TTY Process

53 31226460 603427    51748    98.39% 98.60% 97.08% 0 TAG Stats Backgr

This situation does not directly impact the router operation because the "TAG Stats Background" process is a low priority process. However, the show mpls forwarding-table EXEC command does not provide accurate counters when this situation occurs.

Conditions: This symptom, which is a rare race condition, may occur when parallel paths are configured.

Workaround: Enter the no tag ip aggregate hidden command on the route processor. Note that doing so will prevent the counters of the show mpls forwarding-table EXEC command from being updated.

To restore normal VIP or line card operation, reload microcode onto the affected VIP or line card.

CSCdz33176

Symptoms: A Cisco router that is functioning as a dedicated Border Gateway Protocol (BGP) Route Reflector (RR) in a network that is configured for BGP may display a message very similar to the following one on its console:

%SYS-3-CPUHOG: Task ran for 30020 msec (6/6), process = BGP Router, PC = 6080D21C.

When the message is displayed, the BGP router process causes the CPU utilization of the router to become high for one to several minutes, depending on the number of prefixes, neighbors, and updates.

Conditions: This symptom is observed when the router is running Cisco IOS Release 12.0(22)S or a later release, when it has a large number of neighbors that are configured in peer groups or update groups, when it has a large number of prefixes to send or receive, and when most of the neighbors start at the same time, or when the BGP sessions of the neighbors are reset at the same time using the clear ip bgp * EXEC command.

The symptom is also observed in the above-mentioned network topology when the client of a BGP RR is reset using the clear ip bgp * EXEC command.

Workaround: Do not reset all the BGP neighbor routers at the same time when RRs are used in a BGP configuration.

Alternate Workaround: Use Cisco IOS Release 12.0 ST.

CSCdz33882

Symptoms: A Route Processor (RP) may reload.

Conditions: This symptom is observed on a Cisco 12000 series that is configured with dual RPs in Stateful Switchover (SSO) mode and that has about 200 Intermediate System-to-Intermediate System (IS-IS) neighbors when Nonstop Forwarding (NSF) is configured under the IS-IS process.

Workaround: There is no workaround.

CSCdz34552

Symptoms: A Cisco 10720 router that is functioning as a provider (P) router may stop correctly performing Multiprotocol Label Switching (MPLS) label disposition, which can be verified in the output of the show hardware pxf cpu mpls label privileged EXEC command.

Conditions: This symptom is observed in a fully meshed network of provider edge (PE) routers that are connected via 802.1q links and occurs when a link breaks.

Workaround: There is no workaround. To clear the situation, enable explicit null labels or enter the clear ip bgp privileged EXEC command.

CSCdz35853

Symptoms: When a SONET link is not stable, the following error messages may be generated on a 1-port OC-48 Port Packet-over-SONET (POS)/Synchronous Digital Hierarchy (SDH) IP Services Engine (ISE) line card:

SLOT 1: %EE48-3-GULF_RX_MOFIFO: Overflow detected. Corrective action taken.
SLOT 1: %EE48-3-GULF_RX_BYTE_TO_WORD: Out of synchronization, bitmap= 0xE. Corrective action taken.

Conditions: This symptom is observed under rare circumstances on a Cisco 12000 series that is running Cisco IOS Release 12.0(22)S2.

Workaround: Reload the line card.

CSCdz35977

Symptoms: IP multicast routes (mroutes) may not be downloaded to some line cards when a router is reloaded. The show ip mroute EXEC command can be entered on the Route Processor (RP) and the show ip mds forwarding EXEC command on the line cards to verify if mroutes are missing from the line cards.

Conditions: This symptom is observed when hardware-assisted multicast forwarding is used on a line card and occurs only if two line cards are reloaded simultaneously.

Workaround: Enter the clear ip mroute EXEC command on the line card to clear this symptom.

CSCdz36445

Symptoms: Traffic does not resume after a Cisco 12000 series has reloaded.

Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(24)S in an IP version 6 (IPv6) environment and that is configured with Engine 3 line cards.

Workaround: There is no workaround.

CSCdz39645

Symptoms: Engine 4 (E4), Engine 4 Plus (E4+), Gigabit Ethernet, and Packet-over-SONET (POS) line cards on the transmit (TX) side may drop multicast packets. The multicast packets are meant to be fragmented by the Tx slow path.

Conditions: This symptom is observed on any incoming receive (RX) line card if the maximum transmission unit (MTU) of any outgoing interfaces is less than the size of the incoming packet. This symptom will not occur in the TX fast path or with non-fragmented packets.

Workaround: There is no workaround.

CSCdz42268

Symptoms: Virtual Router Redundancy Protocol (VRRP), Hot Standby Routing Protocol (HSRP), and other applications may not work as expected.

Conditions: This symptom is observed on an Ethernet line card after either an online insertion and removal (OIR) or a microcode reload procedure is performed.

Workaround: There is no workaround.

CSCdz42976

Symptoms: Open Shortest Path First (OSPF) or Intermediate System-to-Intermediate System (IS-IS) protocol adjacencies may be incomplete.

Conditions: This symptom is observed on a Cisco router after it is loaded with Cisco IOS Release 12.0(21)ST5 but may also occur in Cisco IOS Release 12.0 S. This symptom may affect connectivity across Engine 2 (E2) interfaces.

Workaround: There is no workaround.

CSCdz45031

Symptoms: The distance eigrp router configuration command may not be displayed in the configuration although the configured values are applied to the routes. After you reload the router, the distance for Enhanced Interior Gateway Routing Protocol (EIGRP) routes returns to its default value.

Conditions: This symptom is observed on a Cisco router when you use EIGRP between a provider edge (PE) and customer edge (CE) router in a Multiprotocol Label Switching (MPLS) environment.

Workaround: There is no workaround.

CSCdz45055

Symptoms: OPM (Optical Power Monitoring) may provide incorrect or nonrealistic values and may report that modules are down while they are functioning fine.

Conditions: This symptom is observed when you use small form-factor pluggable (SFP) optical modules that are externally calibrated.

Workaround: There is no workaround.

CSCdz45760

Symptoms: A useless partial Shortest Path First (SPF) calculation may occur.

Conditions: This symptom is observed when an Open Shortest Path First (OSPF) link-state advertisement (LSA) for a 0.0.0.0 destination is refreshed.

Workaround: Use a static default route.

CSCdz46604

Symptoms: Multilink adjacencies may show up as invalid.

Conditions: This symptom is observed on the Engine 3 (E3) Quad OC-12 line card of a Cisco 12000 series that is running Cisco IOS Release 12.0(21)S3. It may not be possible to clear this symptom by entering the clear cef line EXEC command or by reloading the microcode on the line card.

Workaround: There is no workaround.

CSCdz47189

Symptoms: An Engine 3 (E3) 4-port OC-12 (4xOC-12) or E3 OC-48 Packet over SONET (POS) line card may reload and generate traceback messages.

Conditions: This symptom is observed when the gsr-p-mz image of Cisco IOS Release 12.0(24)S is loaded on a Cisco 12406 router in an Inter Autonomous System Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) of an IP version 4 (IPv4) Border Gateway Protocol (BGP) label distribution environment. The E3 4xOC-12 line card may be operating either in the channelized mode or the POS mode.

Workaround: No workaround is necessary as the line cards will recover without user intervention.

CSCdz48235

Symptoms: A Cisco 12000 series may reload because of a bus error.

Conditions: This symptom is observed on a Cisco 12000 series that has dual Gigabit Route Processors (GRPs) and that is operating in the Route Processor Redundancy (RPR) mode. This symptom is observed after the Cisco 12000 series is upgraded to Cisco IOS Release 12.0(23)S.

Workaround: There is no workaround.

CSCdz52218

Symptoms: The VLAN ID may be rewritten to zero on an egress provider edge (PE) router.

Conditions: This symptom is observed in the Ethernet over Multiprotocol Label Switching (EoMPLS) Port Transport mode when the underlying packets are 802.1q packets with a nonzero class of service (CoS) value.

Workaround: There is no workaround.

CSCdz52438

Symptoms: The forwarding state change of a multicast route on a line card may affect the fast path forwarding state of another multicast route. This behavior may cause the latter stream to be punted to the CPU of the line card and lead to a high CPU utilization condition.

Conditions: This symptom is observed on the 2-port OC-48 (2xOC-48) Spatial Reuse Protocol (SRP) line card of a Cisco 12400 series.

Workaround: Enter the clear ip mroute * EXEC command on the router to refresh the forwarding states of all multicast routes.

CSCdz53743

Symptoms: A Cisco 12000 image may time out and fail to load via TFTP.

Conditions: This symptom is observed when a Cisco 12000 boot loader image is used to load the main Cisco IOS software image via TFTP. This symptom occurs because the boot loader image uses "00:00:00:00:00:00" as the MAC address for Ethernet 0. This symptom is observed in Cisco IOS Releases 12.0(20)S, 12.0(20)ST, and later releases.

Workaround: There is no workaround.

CSCdz53850

Symptoms: A standby Route Processor (RP) may reload.

Conditions: This symptom is observed on the standby RP of a dual RP Cisco 12000 series when a line card on the Cisco 12000 series or a neighboring router is reloaded. This symptom occurs when a line card has a large number of encapsulation entries (3000 entries).

Workaround: There is no workaround.

CSCdz54539

Symptoms: An Engine 4 plus line card that is installed in a Cisco 12400 series may be reset by the Route Processor (RP) because of interprocess communication (IPC) failures. The following errors may be displayed:

%CPUIF-3-NO_MEM: sendreq_freeq is NULL.

%MDS-2-LC_FAILED_IPC_ACK: RP failed in getting Ack for IPC message of size 148 to LC in slot 3 with sequence 58638, error = timeout

%FIB-3-FIBDISABLE: Fatal error, slot 3: IPC Failure: timeout

%GRP-4-RSTSLOT: Resetting the card in the slot: 3,Event: EV_AUTO_LC_RELOAD_ON_FIBDISABLE ]

Conditions: These symptoms are observed when route flapping occurs; route flapping may generate a high volume of IPC traffic.

Workaround: There is no workaround.

CSCdz55717

Symptoms: Configuring OSPF (Open Shortest Path First) sham links in a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) environment may cause a memory leak in the OSPF router process.

Conditions: This symptom is observed in a MPLS-VPN environment. The area area-id sham-link source-address destination-address cost number global configuration command is used and OSPF adjacency is formed over the sham-link. Each time an OSPF acknowledgment is sent over the sham-link, some memory is allocated that is never freed.

Workaround: There is no workaround.

CSCdz55944

Symptoms: Switch fabric cards (SFCs) may fail on a Cisco 12410 router.

Conditions: This symptom is observed when there is an upgrade to a Cisco IOS release.

Workaround: There is no workaround.

CSCdz55995

Symptoms: Packet or byte counters may not be accurate.

Conditions: This symptom is observed when a parity error occurs on a Cisco 12000 series Engine 4 or Engine 4 plus line card.

Workaround: There is no workaround.

CSCdz56010

Symptoms: A router may reload while it is booting up if a different line card is installed in place of a 4-port channelized OC-3 (4xOC-3) line card in the even slot.

Conditions: This symptom can be reproduced by performing the following steps:

a. Configure a Cisco 10000 series with two 4xOC-3 line cards in adjacent odd or even slots.

b. Save the running configuration to ensure that the card commands are saved in the running configuration.

c. Reload the router.

d. Remove and replace the 4xOC-3 line card in the even slot with a different line card.

e. Boot the router.

Workaround: The following steps may prevent the router from reloading:

a. Remove the 4xOC-3 line card from the even slot.

b. Enter the no card 4/0 command.

c. Copy the running configuration to the startup configuration.

d. Reload the router.

CSCdz56792

Symptoms: A Quad OC-12 ATM line card that is configured for the Carrier Supporting Carrier feature may reset or report an error.

Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(22)S3 and that is functioning as a customer carrier customer edge (CE) router, after you enter the no mpls ip global configuration command followed by the mpls ip global configuration command.

Workaround: There is no workaround.

CSCdz58674

Symptoms: When an area border router receives type-4 link-state advertisements (LSAs) via the nonbackbone, the router may incorrectly generate type-4 LSAs into the backbone. This situation may cause a routing loop to occur.

Conditions: This symptom is observed in Cisco IOS Release 12.0(22)S or a later release or Release 12.2(10) or a later release.

Workaround: Reset the Open Shortest Path First (OSPF) process by entering the clear ip ospf process privileged EXEC command.

CSCdz59591

Symptoms: The append modifier does not append data to named files on Advanced Technology Attachment (ATA) devices and the original contents of the named file remains unchanged.

Conditions: This symptom affects Cisco IOS releases that have the fix for CSCdz27200.

Workaround: There is no workaround.

CSCdz60152

Symptoms: When you configure additional access control entry (ACE) entries with Layer 4 fields on a 128-line input access control list (ACL) that is configured on an Engine 4 plus (E4+) line card, the line card may reload.

Conditions: This symptom is observed on a Cisco 12000 series 1-port 10-Gigabit Ethernet E4+ line card.

Workaround: Do not add more than 128 ACEs with Layer 4 fields. If more than 128 ACEs with Layer 4 fields are required, remove the ACL form the E4+ line card, add the ACEs with Layer 4 fields, and then reapply the ACL to the line card.

CSCdz60229

Cisco devices which run Cisco IOS software and contain support for the Secure Shell (SSH) server are vulnerable to a Denial of Service (DoS) if the SSH server is enabled on the device. A malformed SSH packet directed at the affected device can cause a reload of the device. No authentication is necessary for the packet to be received by the affected device. The SSH server in Cisco IOS software is disabled by default.

Cisco will be making free software available to correct the problem as soon as possible.

The malformed packets can be generated using the SSHredder test suite from Rapid7, Inc. Workarounds are available. The Cisco PSIRT is not aware of any malicious exploitation of this vulnerability.

This advisory is available at http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml

CSCdz63938

Symptoms: On a Cisco router that is configured for distributed Cisco Express Forwarding (dCEF) and Border Gateway Protocol (BGP) and that has a large number of BGP routes, the following messages may be displayed:

%SYS-2-MALLOCFAIL: Memory allocation of 32768 bytes failed from 0x5021F524, alignment 0
Pool: Processor Free: 23492 Cause: Not enough free memory
Alternate Pool: None Free: 0 Cause: No Alternate pool

-Process= "BGP Router", ipl= 0, pid= 153
-Traceback= 502243C8 50227438 5021F52C 5010E0A4 50124FF0 504F0F50 504C01B0 504C0868 50701408 50702614 50C5AF48 507026B0 506D1920 5021C80C 5021C7F8
%FIB-3-NORPXDRQELEMS: Exhausted XDR queuing elements while prep

In addition, CEF may be disabled and a message very similar to the following message may be displayed:

%FIB-2-FIBDOWN: CEF has been disabled due to a low memory condition.

If new BGP neighbors are peering at the same time, the following message may also be displayed:

%SYS-3-CPUHOG: Task ran for 29984 msec (4/0), process = BGP Router, PC = 506D0DF4.
-Traceback= 506D0DFC 5021C80C 5021C7F8

When this last message is displayed, the BGP router process may cause the CPU utilization of the router to become high for one to several minutes, depending on the number of prefixes and neighbors that are configured and the number of updates that are occurring.

Conditions: These symptoms are observed under rare conditions on a distributed platform router, such as the Cisco 12000 series, that is configured with line cards and that is running Cisco IOS Release 12.0 S when you run the router beyond its physical limitations, especially when you run the router for a long time under very low memory conditions and with, or along with, a large number of routes, peers, and line cards. All of these conditions may lead to abnormality in the steady state performance of the router.

If CEF is disabled because of low memory conditions, you can reenable it by entering the ip cef distributed global configuration command.

Workaround: Limit the number of BGP routes on the router in relation to the memory that is installed in the router. For example, on a Cisco 12000 series that is configured with 256 MB of memory and based on different parameter of the routes, limit the maximum number of routes that BGP installs to about 150,000 routes.

First Alternate Workaround: Increase the memory on the router and on the line cards to accommodate the large number of routes. For example, if a Cisco 12000 series is configured with 256 MB of memory, increase the memory to 512 MB to enable better performance with a large number of routes.

Second Alternate Workaround: Adjust the BGP parameters by applying aggregation features or enabling the auto-summary router configuration command for BGP, or by using the aggregate-address router configuration command to reduce the number of BGP routes. These actions can help to reduce the memory usage of BGP and CEF.

Closing Comments: This caveat is closed because it is related to the limitation that is posed by 256 MB of memory. Future releases may include changes to BGP to enable BGP to use less transient memory when it builds updates.

CSCdz65683

Symptoms: Interfaces that are configured on the 8xOC-3 Engine 2 line card or the 16xOC-3 Engine 2 line card may not be recovered from a down/down state.

Conditions: This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(24)S.

Workaround: There is no workaround.

CSCdz69295

Symptoms: A router may reload when a route that is learnt via Intermediate System-to-Intermediate System (IS-IS) IP version 6 (IPv6) has more than eight equal-cost paths.

Conditions: This symptom is observed when more than eight equal-cost links are configured between two IS-IS IPv6 routers. Depending on the network topology, the symptom may also occur when there are less then eight equal-cost links between an IS-IS IPv6 router and its neighbors.

Workaround: Ensure that there are less than eight equal-cost links configured between two IS-IS IPv6 routers.

CSCdz69362

Symptoms: Tag forwarding counter may no longer function when parity errors occur on an Engine 4 plus line card.

Conditions: This symptom is observed on a Cisco 12000 series.

Workaround: There is no workaround.

CSCdz71662

Symptoms: A Cisco router may fail because of a bus error while an online insertion and removal (OIR) is in progress.

Conditions: This symptom is observed on a Cisco 12000 series when the show environment command is being executed while an OIR is in progress.

Workaround: Do not perform an OIR when the show environment command is being executed.

CSCdz74588

Symptoms: Traffic on a load-sharing path may be switched to the wrong destination or dropped altogether.

Conditions: This symptom is observed when a Cisco 12000 series Engine 4 (E4) line card is on the ingress side, there is a load-sharing path or multiple paths on the egress side, and a hidden class of service (CoS) global configuration command is configured on the router.

Workaround: Remove the extra load-sharing paths, and make it one single outgoing path.

CSCdz81035

Symptoms: When you write a crashinfo file to an Advanced Technology Attachment (ATA) Flash disk, the file on the ATA Flash disk may be corrupt and unusable.

Conditions: This symptom is observed on any Cisco device that enables the crashinfo file to be written to an ATA Flash disk.

Workaround: There is no workaround.

CSCdz81906

Symptoms: A T1 or E1 link that is configured under AU-4-TUG-3 controllers 4 through 12 on a 1-port channelized OC-12 line card that is using Synchronous Digital Hierarchy (SDH) framing may not come up.

Conditions: This symptom is observed on a Cisco 10000 series when the 1-port channelized OC-12 line card is connected to a third-party vendor device. Note that the symptom does not occur when you use AU-4-TUG-3 controllers 1 through 3.

Workaround: There is no workaround.

CSCdz83304

Symptoms: T3 links on a 4-port channelized OC-3 line card may not come up under Synchronous Digital Hierarchy (SDH) framing.

Conditions: This symptom is observed on a Cisco 10000 series when the 4-port channelized OC-3 line card interoperates with a third-party vendor device.

Workaround: There is no workaround.

CSCdz88629

Symptoms: An interface of a 3-port Gigabit Ethernet line card may not come up.

Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(23)S1 after you enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the interface.

Workaround: Reload microcode onto the line card.

First Alternate Workaround: Unplug the cable of the line card, and then plug it in again.

Second Alternate Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the back-to-back interface.

CSCdz88744

Symptoms: A Gigabit Ethernet Engine 2 or an Engine 4 plus line card may reload when you perform an online insertion and removal (OIR) of the Clock and Scheduler Card (CSC).

Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0 S.

Workaround: There is no workaround.

CSCea00642

Symptoms: A 24-port channelized E1/T1 line card may produce a traceback, and the serial interface may not come up.

Conditions: This symptom is observed on a Cisco 10000 series when you change the mode on the line card from E1 to T1.

Workaround: There is no workaround.

CSCea01869

Symptoms: If a 3-port Gigabit Ethernet (GE) Engine 2 (E2) line card is configured for dot1q VLAN operation and an inbound access control list (ACL) is applied to the main interface, the line card will be paused by the Gigabit Route Processor (GRP), reporting Fabric Unicast timeout errors. Note that 3-port GE E2 line cards do not support per subinterface ACL processing.

Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(24)S or a later release with both normal and extended ACLs. The line card will continue to pause until the ACL is either removed from the interface configuration or ACL is removed from the configuration using the no access- list access-list-number global configuration command.

Workaround: There is no workaround.

CSCea04669

Symptoms: When you use the break key to reset the secondary Gigabit Route Processor (GRP) on a Cisco 12000 series that is configured with two GRPs, the primary GRP may first pause and then reload when the following watchdog timeout occurs:

%SYS-2-WATCHDOG: Process aborted on watchdog timeout process = Fabric ping

This situation may impact the process of replacing a defective secondary GRP.

Conditions: This symptom is observed regardless of the redundancy mode (Route Processor Redundancy [RPR], Route Processor Redundancy Plus [RPR+], or Stateful Switchover [SSO]).

Workaround: There is no workaround.

CSCea04756

Symptoms: "IBC divert PAK" and "Camr-3-INTPROC" errors may occur.

Conditions: This symptom is observed on a Cisco 10720 router.

Workaround: There is no workaround.

CSCea06591

This caveat is closed.

Symptoms: When you apply a 448-line access control list (ACL) on an Engine 2 (E2) line card to control outbound traffic, Cisco Express Forwarding (CEF) may be disabled on the E2 line card and on other E2 line cards in the chassis.

Conditions: This symptom is observed on a Cisco 12000 series when there are about 200,000 Border Gateway Protocol routes and is about 3,000 Interior Gateway Protocol (IGP) (or Intermediate System-to- Intermediate System [IS-IS]) routes. All E2 line cards have 256 MB of memory.

Workaround: To prevent CEF from being disabled, and to minimize usage of packet switch application-specific integrated circuit (ASIC) (PSA) memory, enter the access-list hardware psa limit 128 global configuration command. Doing so enables all ACL lines to be processed at the CPU of the line card.

CSCin14188

Symptoms: The ifIndex Persistence feature does not function after a switchover.

Conditions: This symptom is observed in a high availability (HA) Stateful Switchover (SSO) environment.

Workaround: To reenable the ifIndex Persistence feature, enter the write memory EXEC command after the switchover.

CSCin27782

Symptoms: Permanent virtual circuits (PVCs) that are managed by Operation, Administration, and Maintenance (OAM) cells may not come up.

Conditions: This symptom is observed on an 8-port ATM Inverse MUX T1 port adapter (PA-A3-8T1IMA) or an 8-port ATM Inverse MUX E1 port adapter (PA-A3-8E1IMA) that is installed in a Cisco 7200 series or Cisco 7500 series router that is running Cisco IOS Release 12.2(13)T or a later release, or Release 12.0 S.

Workaround: There is no workaround.

Resolved Caveats—Cisco IOS Release 12.0(23)S1

Cisco IOS Release 12.0(23)S1 is a rebuild of Cisco IOS Release 12.0(23)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(23)S1 but may be open in previous Cisco IOS releases. This section describes only severity 1 and 2 caveats.

CSCdp15126

Symptoms   A packet that is destined for a next hop may not be policy-routed.

Conditions   These symptoms are observed when you enable policy routing on a Fast Ethernet Inter-Switch Link (ISL) subinterface.

Workaround   There is no workaround.

CSCdt38855

Symptoms   A Cisco 7200 series router that has data-link switching (DLSw) configured may reload because of a software condition.

Conditions   This symptom is observed on a Cisco 7200 series router that is running Cisco IOS Release 12.0(15) when DLSw with TCP encapsulation is sent over an X.25 network and when an X.25 transmission attempt fails because packets are dropped.

Workaround   There is no workaround.

CSCdv49909

Symptoms   Parallel links may not be used efficiently on a Cisco router when Multiprotocol Label Switching (MPLS) traffic is load balanced over parallel links to a customer premises equipment (CPE) device.

Conditions   This symptom is observed when a Virtual Private Network (VPN) routing and forwarding (VRF) static route to a remote loopback interface is configured and both parallel links to the same CPE device are configured to the same loopback interface without an IP address using the ip unnumbered interface configuration command.

Possible Workaround   Define the following configurations on the provider edge (PE) and customer edge (CE) routers to achieve load balancing with static VRF routes.

PE Configuration

interface multilink250

 ip vrf forwarding YELLOWVPN

 ip address 10.0.0.1 255.255.255.0

interface multilink251

 ip vrf forwarding YELLOWVPN

 ip address 10.1.0.1 255.255.255.0

The links in the CE configuration must be configured with 10.0.0.2 and 10.1.0.2.
10.10.0.1/32 is the CE loopback and must be advertised to the PE via Routing Information Protocol (RIP) or with another router protocol. A static route may be used.

CE Configuration:

ip route vrf YELLOWVPN 10.10.0.1 255.255.255.255 10.0.0.2

ip route vrf YELLOWVPN 10.10.0.1 255.255.255.255 10.1.0.2

The following output defines static routes for the CE prefix:

ip route vrf YELLOWVPN 192.168.200.0 255.255.255 0 10.10.0.1

CSCdw67052

Symptoms   The ATM traffic in a Cisco 12000 series ATM Quad OC-3 line card with Segmentation and Reassembly (SAR) 3.1.3 may not work properly. Cell drops may occur in the background traffic because of the usage parameter control (UPC) configuration in the ATM switch. The ping timeout may be 15 out of 1000 pings, with a packet size of 18,000 bytes.

Conditions   These symptoms are observed on a Cisco 12000 series router with the UPC on the ATM switch set to "DROP." (The symptoms are not observed on a Cisco 7200 series routers or a Cisco 7500 series routers under the same scenario.)

The symptoms occur when the ATM variable bit rate-non-real time (VBR-NRT) permanent virtual circuit (PVC) has a peak cell rate (PCR) of 46, the sustainable cell rate (SCR) is set to 23, and the maximum burst size (MBS) is set to 100.

Workaround   Reduce the MBS by about 10 percent, for example, to 90.

CSCdx67497

Symptoms   Source/destination pairs may not be switched in hardware and may receive degraded service.

Conditions   This symptom is observed when IP version 6 (IPv6) load balancing is performed with 3 paths on a Cisco 12000 series Engine 3 line card and occurs on source/destination pairs that hash to 15. The symptom does not occur when load balancing is performed with 1, 2, 5, or 8 paths.

Workaround   There is no workaround.

CSCdx87577

Symptoms   Memory allocation failures occur on a Cisco router that has authentication, authorization, and accounting (AAA) configured, and "%SYS-2- MALLOCFAIL" messages are displayed. When you enter the show memory summary command, the command output shows that many small blocks are used by the AAA processes.

Conditions   This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(15)S3.

Workaround   There is no workaround.

CSCdx94479

Symptoms   The convergence time after four Stateful Switchovers (SSOs) on a Cisco 10000 series edge services router is 11 seconds but should never be longer than 10 seconds.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   There is no workaround.

CSCdy22528

Symptoms   Configuring 6000 Access Control Entry (ACE) entries or more in an access control list (ACL) causes Cisco IOS software to reload.

Conditions   This symptom is observed on a Cisco 10000 series router that is configured with a Performance Routing Engine 1 or 2 (PRE1 or PRE2).

Workaround   There is no workaround.

CSCdy27414

Symptoms   An interface of a Cisco 10000 series channelized T3 (CT3) line card may not dequeue packets. When the link on a CT3 card flaps, one or more interfaces may not recover. The output queue of the interface may become full with PPP/High-Level Data Link Control (HDLC) packets and may stay in the "Up/Down" state.

Conditions   These symptoms are observed when a chip of a third-party vendor on a Cisco 10000 series CT3 line card is defective.

Workaround   There is no workaround; return the CT3 line card for repair.

The fix for this caveat adds a software procedure that periodically checks if the pointers that link the partial packet buffer RAM blocks are becoming corrupted. When a corrupted pointer is detected, the associated interface is removed and then replaced, which may cause the interface to be incapable of transmitting traffic for up to 10 seconds. When this condition is detected and repaired, a message is logged to the Route Processor and the line card log to notify the user.

CSCdy33457

Symptoms   A Cisco 12000 series Engine 0 (E0) Packet-over-SONET (POS) line card reloads and causes the router to lose all its routes. A back-to-back ping on other line cards fails and causes Open Shortest Path First (OSPF) Border Gateway Protocol (BGP) to go down.

Conditions   These symptoms are observed when you change the maximum transmission unit (MTU) of a port channel while traffic is flowing.

Workaround   Reload the E0 POS line card.

CSCdy34113

Symptoms   A Cisco 7500 series router may reload at a packet enqueue utility.

Conditions   This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0(22)S when all of the following conditions are met:

A Frame Relay (FR) link is configured on a Versatile Interface Processor (VIP) interface.

Frame Relay Traffic Shaping (FRTS) is enabled for FR circuits via the map-class frame-relay global configuration command, and distributed traffic shaping is not enabled on the Route Switch Processor (RSP).

You deencapsulate the interface by using the no encapsulation frame-relay interface configuration command, and you unconfigure the interface by entering the no map-class frame-relay global configuration command.

While you unconfigure FRTS, FR encapsulation occurs, and the traffic load is still high so that the shaping function is activated and outbound packets on per-virtual circuit (VC) queues are throttled.

Workaround   Avoid the situation in which all of the above-mentioned conditions take place concurrently. For example, when an FR link is configured on a VIP interface and you require traffic shaping, use distributed FRTS, or unconfigure FRTS while user traffic is low so as not to activate the shaping function.

CSCdy36665

Symptoms   Operation, Administration, and Maintenance (OAM)-managed permanent virtual circuits (PVCs) on an 8-port T1 ATM port adapter with Inverse Multiplexing over ATM (IMA). (PA-A3-8T1IMA) or an 8-port E1 ATM port adapter with IMA (PA-A3-8E1IMA) may not come up as expected.

Conditions   This symptom is observed on a PA-A3-8T1IMA or a PA-A3-8E1IMA of a Cisco 7200 series or Cisco 7500 series router that is running Cisco IOS Release 12.2(11.5)T or a later release.

Workaround   There is no workaround.

CSCdy40021

Symptoms   Reassembly table entries may indicate incorrectly that they are still active following the removal of an associated Multilink PPP (MLP) configuration.

Conditions   This symptom is observed when you remove a large MLP configuration in a single step, that is, when you use a single configuration file to shut down the bundle and remove the bundle from the running configuration.

Workaround   Use one configuration file to shut down the bundle and another (separate and unique) configuration file to remove the bundle from the running configuration.

CSCdy43435

Symptoms   Virtual Private Network routing/forwarding (VRF) does not function properly on a Frame Relay link between a provider edge (PE) router and a customer edge (CE) router, and the CE router cannot ping the PE router.

Conditions   These symptoms are observed on a Frame Relay link between a Cisco 10000 series router that is functioning as a PE router and another Cisco 10000 series router that is functioning as a CE router.

Workaround   Reload the PE router to make the link between the PE router and the CE router function.

CSCdy51151

Symptoms   When a Cisco 12000 series Engine 3 line card receives a tag packet with an IP version 4 (IPv4) packet that has options underneath it or with a non-IPv4 packet such as an IP version 6 (IPv6) packet, the packet may be send to the line card CPU for processing.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)ST2.

Workaround   There is no workaround.

CSCdy54337

Symptoms   An interface on a 2-port Fast Ethernet port adapter (PA-2FE) may stop transmitting if this interface or the other interface on the same port adapter goes down or flaps under a heavy traffic load. The interface that stops transmitting may display the following messages:

%RSP-3-RESTART: interface FastEthernet3/0/0, not transmitting
%RSP-3-RESTART: interface FastEthernet3/0/0, output frozen
%RSP-3-RESTART: cbus complex

Conditions   This symptom is observed on the PA-2FE on a Cisco 7500 series Versatile Interface Processor 4 (VIP4) that is configured with Fast Ether Channel (FEC). This symptom is observed when the port adapter is carrying a heavy traffic load and when part of the traffic is originating from a port adapter (PA-A3) that is located on the same VIP.

Workaround   There is no workaround.

CSCdy57048

Symptoms   A Telnet session from a terminal over a vty connection to a Cisco 7206VXR router may pause indefinitely.

Conditions   This symptom is observed on a Cisco 7206VXR router that is running Cisco IOS Release 12.2(4)XZ5, that is configured with a Network Processing Engine 300 (NPE-300), and that is functioning as a Multiprotocol Label Switching Virtual Private Network (MPLS VPN) provider edge (PE) router when large text displays are dumped on the screen of the terminal.

The symptom is caused by a corrupt TCP Telnet packet that is generated by the router.

Workaround   There is no workaround.

CSCdy58872

Symptoms   Pins across a link bundle fail when the attached line cards are either 1-port or 3-port Gigabit Ethernet line cards.

Conditions   This symptom is observed on a connection between two Cisco 12000 series routers with at least one of the routers configured with a Next Generation Release Process (NGRP). The symptom occurs on the c12kprp-p-mz image of Cisco IOS Release 12.0(22.3)S and later releases.

Workaround   There is no workaround.

CSCdy61234

Symptoms   Many interprocess communications (IPC) messages are sent to a Cisco 12000 series Gigabit Ethernet (GE) line card, and the nonblocking IPC command queue becomes full.

Conditions   These symptoms are observed on a Cisco 12000 series router that is configured with a GE line card when you use TFTP to copy a configuration with many VLANS (that is, 800 or more VLANs) to the running configuration.

Workaround   Copy the configuration with many VLANS to the startup configuration, and reload the router.

CSCdy63771

Symptoms   Virtual Private Network (VPN) routing/forwarding (VRF) may not function on a High-Speed Serial Interface (HSSI) port adapter.

Conditions   This symptom is observed on a Cisco 7500 series router.

Workaround   Remove and reconfigure the affected subinterface on the HSSI port adapter.

CSCdy64917

Symptoms   A Cisco 12000 series Engine 2 line card may reload.

Conditions   This symptom is observed when traffic engineering (TE) metric is used.

Workaround   There is no workaround.

CSCdy65658

Symptoms   A policy map with multiple class maps does not synchronize correctly with a standby Route Processor (RP).

Conditions   This symptom is observed on a Cisco 12000 series router.

Workaround   Reload the standby RP.

CSCdy67945

Symptoms   When you enter a loopback remote line interface configuration command on a 6-port channelized T3 line card, the command may fail and may cause a T1 connection to flap.

Conditions   This symptom is observed on both American National Standards Institute (ANSI) and Bell Communications Research (Bellcore) loopbacks on networks that are sensitive to T1 framing errors.

When you enter the loopback remote line interface configuration command, the line card causes a brief change of frame alignment (COFA) error. Normally, this error goes unnoticed. However, some devices react to these errors with an alarm indication signal (AIS). Each time the loopback request is initiated (that is, if the T1 connection is configured for remote loopbacks each time the T1 connection comes up), the AIS brings the T1 connection down.

Workaround   There is no workaround.

CSCdy68292

Symptoms   The following error messages may be generated on a Cisco 12000 series Engine 4 plus (E4+) OC-192 line card:

SLOT 6: %RX192-3-HINTR: status = 0x4000000, mask = 0x7EFFFF FF - Parity error on rx_pbc_mem.
-Traceback= 4039CEF0 4044ECEC 400C85B0
SLOT 6: %SYS-2-INTSCHED: 'sleep for' at level 7
-Process= "CEF IPC Background", ipl= 7, pid= 52
-Traceback= 400CABB8 400B9D24 403F5EB0 4044E040 400CEAE4 400C7108
SLOT 6: %SYS-2-INTSCHED: 'sleep for' at level 7
-Process= "CEF IPC Background", ipl= 7, pid= 52
-Traceback= 400CABB8 400B9D24 403F5EB0 4044E040 400CEAE4 400C7108

Cisco Express Forwarding (CEF) on the E4+ OC-192 line card may become disabled, and the associated port stays in an "Up/Up" state.

Conditions   This symptom is observed on a Cisco 12000 series router that is running the gsr-k4p-mz image of Cisco IOS Release 12.0(21)S3 or the gsr-p-mz image of Cisco IOS Release 12.0(21)ST2.

Workaround   Enter the microcode reload slot-number global configuration command on the E4+ OC-192 line card.

CSCdy73102

Symptoms   When a primary Multiprotocol Label Switching traffic engineering (MPLS TE) tunnel reoptimizes over another link, a traffic drop may occur.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S1 following a Fast Reroute (FRR) operation.

Workaround   Configure the primary label switched path tunnel (LSP tunnel) as an explicit tunnel.

CSCdy73244

Symptoms   Guarantees may not be achieved for some classes for a certain combination of bandwidth assignments within a service policy.

Conditions   This symptom is observed when you use the following bandwidth allocation: class 1, 8 kbps; class 2 64 kbps; class 3 16 kbps; class 4 14 kbps; parent class, 120 kbps.

Workaround   Sightly adjust the bandwidth of one of the classes. In the above example, changing class 3 to 14 kbps or class 4 to 16 kbps would solve the situation.

CSCdy76986

Symptoms   Distributed switching may not function for packets.

Conditions   This symptom is observed on a distributed multilink interface on a Cisco 7500 series router that is running Cisco IOS Release 12.0(22.4)S1.

Workaround   There is no workaround.

CSCdy77591

Symptoms   On a Cisco 7500 router that is configured for High Availability, when you enter the shutdown interface configuration command on a serial interface, the following error message is displayed on the standby Route Processor (RP) and the standby RP reloads:

%HA-2-CCB_PLAYBACK_ERROR: CCB playback failed.

Conditions   This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0 S.

Workaround   There is no workaround.

CSCdy78371

Symptoms   An Engine 2 Quad OC-12 line card that has interfaces configured for Virtual Private Network (VPN) and that has a Frame Relay subinterface may reload.

Conditions   This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22.4)S1 when a microcode bundle is configured and loaded onto the Engine 2 Quad OC-12 line card.

Workaround   There is no workaround.

CSCdy78970

Symptoms   A Cisco 12000 series Engine 2 line card may generate the following error messages:

SLOT 14: %LCPOS-3-SOP: TX:BadLenCtr. Source=0x1 (Plim), halt_minor0=0x8001 (1000 0000 0000 00sl, s/l=TooShort/long)
SLOT 14: %GSR-3-INTPROC: Process Traceback= 400CCE60 400C90F0 40010A24
-Traceback= 4033F424 4044ED54 400C88B0

Conditions   This symptom is observed when you remove and reinsert switch fabric on a Cisco 12000 series router while traffic is flowing.

Workaround   There is no workaround.

CSCdy80866

Symptoms   When you configure more than 64 Inter-Switch Link (ISL) VLANs, a Versatile Interface Processor (VIP) may reload.

Conditions   This symptom is observed on a Cisco 7500 series router.

Workaround   Use only dot1q encapsulation.

CSCdy86210

Symptoms   NetFLow stops functioning after an online insertion and removal (OIR) of a switch fabric card (SFC).

Conditions   This symptom is observed on a Cisco 12000 series router.

Workaround   Disable and reenable the ip route-cache flow sampled interface configuration command.

CSCdy89001

Symptoms   An Engine 4 Packet-over-SONET (POS) line card reloads.

Conditions   This symptom is observed on an Engine 4 Packet-over-SONET (POS) line card in a Cisco 12000 series Internet router during several online insertion and removal (OIR) procedures on a Clock Scheduler Card (CSC).

Workaround   There is no workaround.

CSCdy89041

Symptoms   A memory leak of about 0.5 MB occurs in the "Pre Command NV Buffer" process.

Conditions   This symptom is observed when you connect to a Cisco 12000 series Route Processor (RP) through a vty.

Workaround   There is no workaround.

CSCdy89663

Symptoms   A Cisco 12000 series router may reload when an interface flaps.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S during multicast traffic.

Workaround   There is no workaround.

CSCdz00085

Symptoms  A Cisco router that is functioning as a provider edge (PE) router may install an outgoing point of presence (POP) label instead of an outgoing aggregate label for a connected Virtual Private Network (VPN) routing/forwarding (VRF) route.

Conditions   This symptom is observed in a carrier supporting carriers topology with a Cisco router that is running Cisco IOS Release 12.2(12.10)T1 and that is functioning as a PE router.

Temporary Workaround   Enter the shutdown interface configuration command followed by the no shutdown interface configuration on the VRF interface until the symptom occurs again.

Alternate Temporary Workaround   Reload the router. However, after having done so, when you enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the VRF interface the symptom will occur again.

CSCdz02817

Symptoms   The Binary Synchronous Communications (Bisync) IP (BIP) counter displays a value of 46623 instead of 5.

Conditions   This symptom is observed on a Cisco 10000 series 4-port channelized OC-3 line card.

Workaround   There is no workaround.

CSCdz07354

Symptoms   Enhanced Interior Gateway Routing Protocol (EIGRP) resets the routing table when you enter the write memory EXEC command, write terminal EXEC command, or show running-config privileged EXEC command.

Conditions   This symptom is observed on a Cisco 7505, Cisco 7507, and Cisco 7513 router.

Workaround   There is no workaround.

CSCdz07393

Symptoms   When you apply a combination of IP version 6 (IPv6), an access control list (ACL), and Sampled NetFlow to an interface on an Engine 4 plus line card, the line card may reload.

Conditions   This symptom is observed while IPv6 traffic is flowing.

Workaround   There is no workaround.

CSCdz08851

Symptoms   Resource Reservation Protocol (RSVP) Hello detection may not trigger a Fast Reroute (FRR) switchover.

Conditions   This symptom is observed when you use RSVP Hello detection to enable Multiprotocol Label Switching traffic engineering (MPLS TE) FRR protection on shared interfaces.

Workaround   There is no workaround.

CSCdz09657

Symptoms   An IP version 6 (IPv6) automatic tunnel cannot be created.

Conditions   This symptom is observed on a Cisco 12000 series router when you reload the router after you have enabled the tunnel mode ipv6ip auto-tunnel command and have saved the command in the startup configuration. The tunnel interface is not enabled for IPv6, and the routing table does not show the correct route nor a static route to the tunnel.

Workaround   Enter the no tunnel source type number interface configuration command followed by the tunnel source type number interface configuration command on the tunnel interface.

CSCdz11618

Symptoms   Counters for policy-based routing (PBR) update at an incorrect route map.

Conditions   This symptom is observed when matching conditions are not defined for a route map.

Workaround   When matching conditions are not defined for a route map, the situation is treated as a "permit ip any any" condition; assign the access-list access-list-number permit ip any any global configuration command as the matching condition for the route map.

CSCdz12053

Symptoms   The entPhysicalParentRelPos MIB object does not return the correct value for the physical slots in a Cisco 10000 series router chassis.

Conditions   This symptom is observed on a Cisco 10000 series router that is running the c10k-p10-mz image of Cisco IOS Release 12.0(23)S.

Workaround   There is no workaround.

CSCdz14160

Symptoms   A Cisco 12000 series Route Processor (RP) may reload.

Conditions   This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(23)S during Fast Reroute (FRR) testing.

Workaround   There is no workaround.

CSCdz14266

Symptoms   When you change a class queue from low latency queueing (LLQ) to non-LLQ, or the other way around, or when you simply remove and recreate a class queue, the queue of the next class disappears, as is displayed in the output of the show hardware pxf cpu queue interface privileged EXEC command.

Conditions   This symptom is observed on a Cisco 10000 series router when you change or create a class queue using the no priority policy-map class configuration command followed by the priority policy-map class configuration command or using the no bandwidth policy-map class configuration command followed by the bandwidth policy-map class configuration command.

Workaround   There is no workaround.

CSCdz18265

Symptoms   A static crossconnect setup may fail.

Conditions   This symptom is observed when you configure a static crossconnect that is using an interface that is down. When the interface comes up, the static crossconnect is not set up in the Label Forwarding Information Base table.

Workaround   Remove the static crossconnect using the no mpls static crossconnect global configuration command and reapply the static crossconnect using the mpls static crossconnect global configuration command.

CSCdz19881

Symptoms   An input access control list (ACL) may not take effect.

Conditions   This symptom is observed on a Cisco 12000 series Engine 4 plus interface on which the VRF Selection feature is enabled.

Workaround   There is no workaround.

CSCdz20079

Symptoms   Configuring the hw-module slot shutdown global configuration command in the startup configuration may cause a router to reload.

Conditions   This symptom is observed on a Cisco 10000 series router when you attempt to boot from an eboot image.

Workaround   Do not configure the hw-module slot shutdown global configuration command in the startup configuration.

Alternate Workaround   Change the configuration register to "0x40" to ignore the configuration during the bootup process.

CSCdz21278

Symptoms   A destination interface may not have a value in the NetFlow cache (that is, the destination interface may be null), but it should have a value.

Conditions   This symptom is observed when the egress interface is on a Cisco 12000 series Engine 0 line card and a rate limit access list is applied to the egress interface. The rate limit access list may not cause packets to be dropped, but the destination interface is null in the NetFlow cache.

Workaround   Disable the rate limit on the output interface.

CSCdz23286

Symptoms   A Cisco 12000 series router may reload during the bootup process.

Conditions   This symptom is observed when you attempt to boot up the Cisco 12000 series router with an image of Cisco IOS Release 12.0(23)S and occurs before the image is loaded onto the router.

Workaround   There is no workaround.

CSCdz27562

Symptoms   Executing an snmpwalk command on loopback interfaces does not yield any results.

Conditions   This symptom is observed on a Cisco 12000 series router.

Workaround   Execute the snmpwalk command on the physical interfaces instead.

CSCdz31778

Symptoms   Slow path forwarding on an Engine 3 line card of a provider edge (PE) router that is running IP version 6 (IPv6) in a Multiprotocol Label Switching (MPLS) environment (also referred to as a 6PE router) may not function.

Conditions   This symptom is observed on a Cisco 12000 series router that is functioning as a 6PE router and occurs because the 6PE disposition does not function for aggregate 6PE labels on the Engine 3 line card.

Workaround   There is no workaround.

CSCdz37224

Symptoms   "Alpha" error messages may be observed on the ingress or egress interface of a Cisco 12000 series 4-port OC-12c/STM-4c Packet over SONET (POS) synchronous digital hierarchy IP services engine line card. The following messages may be displayed on the egress interface of the Cisco 12000 series 4-port OC-12c/STM-4c POS synchronous digital hierarchy IP services engine line card:

%EE48-3-ALPHAERRS: TX ALPHA: ALPHA_CPU_PIPELINE_CTRL_INT error 1 SLOT 2: %EE48-3-ALPHAPAIR: TX ALPHA: POP PAIR

Conditions   This symptom is observed if the shape, bandwidth, random detect, or priority value is configured and if both the set ip-dscp-value quality of service (QoS) policy map configuration command and the set mpls experimental policy map configuration command are disabled. This symptom is observed on a Cisco 12016 router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21)S or Release 12.0(21)ST2a.

Workaround   Remove the transmit (TX) service policy and use Per Interface Rate Control (PIRC) instead.

Additional Notes   The same symptom may occur when an error recovery is performed for hardware failures such as data path parity errors. The symptom under those circumstances would be a failed recovery. There is no workaround for the occurrence of this symptom when an error recovery is performed.

CSCdz38742

Symptoms   There may not be any label bindings on a Label Switch Router (LSR), but a Label Distribution Protocol (LDP) session may not be impaired.

Conditions   This symptom is observed when an LDP session flaps quickly.

Workaround   After you have brought down the LDP session, remove all label bindings, and bring the session up again.

CSCdz39560

Symptoms   Multiprotocol Label Switching (MPLS) Fast Reroute (FRR) may not function properly on an Engine 2 ingress line card.

Conditions   This symptom is observed on a Cisco 12000 series router when a tunnel that is protected by FRR is a one-hop tunnel to a second router. A third router that is connected to the first and second router provides the backup path. When the primary path between the first and second router goes down, traffic is not redirected over the backup path.

Workaround   There is no workaround.

CSCin20514

Symptoms   A Cisco 7200 series or Cisco 7500 series router may reload because a packet is not cleaned up properly.

Conditions   This symptom is observed under rare circumstances when the Cisco 7200 series or Cisco 7500 series router is configured for Multiprotocol Label Switching (MPLS) through a 1-port Gigabit Ethernet port adapter (PA-GE) or an Enhanced Gigabit Ethernet Interface Processor (GEIP+).

Workaround   There is no workaround.

CSCin21259

Symptoms   The ENTITY MIB fails to recognize redundant power supplies and recognizes only one power supply. In addition, the power supply, fans, and chassis interface are displayed as non field-replaceable units (non-FRUs).

Conditions   This symptom is observed on a Cisco 7507 and a Cisco 7513 router.

Workaround   There is no workaround.

CSCuk37313

Symptoms   When you configure an IP version 6 (IPv6) access list to match Encapsulated Security Payload (esp) or Authentication Header Protocol (ahp) protocol literal values, the access list appears to be configured to match IPv6 only.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   There is no workaround.

CSCuk37975

Symptoms   A router may reload while applying an Access Control List (ACL) to forwarded traffic via the ipv6 traffic-filter interface configuration command.

Conditions   This symptom is observed when you enter illegal syntax in the submode of the ipv6 access-list global configuration command.

Workaround   Do not enter illegal syntax in the submode of the ipv6 access-list global configuration command.

CSCuk39337

Symptoms   Virtual Private Network routing/forwarding (VRF) does not function properly on a Frame Relay link between a provider edge (PE) router and a customer edge (CE) router, and the CE router cannot ping the PE router.

Conditions   These symptoms are observed on a Frame Relay link between a Cisco 10000 series router that is functioning as a PE router and another Cisco 10000 series router that is functioning as a CE router.

Workaround   Reload the PE router to make the link between the PE router and the CE router function.

Resolved Caveats—Cisco IOS Release 12.0(23)S

All the caveats listed in this section are resolved in Cisco IOS Release 12.0(23)S. This section describes only severity 1, severity 2, and select severity 3 caveats.

Basic System Services

CSCdw91761

Symptoms   A Cisco 7200 series router reloads because of a bus error, a watchdog timeout, or an unspecified error (that is, no reload error message is provided).

Conditions   This symptom is observed on a Cisco 7200 series router that is configured with a Network Processing Engine 200 (NPE-200), a PA-A1 port adapter, and a PA-FE port adapter when a medium to high traffic load occurs and the traffic load consists of large packet sizes.

Workaround   Reduce traffic.

Alternate Workaround   Use another model Network Processing Engine.

CSCdx39018

Symptoms   The ifOutOctets counter may decrease over a five-minute interval, but the counter is still accurate on a long term basis.

Conditions   This symptom is observed on a Cisco 7500 series router when quality of service (QoS) is configured on the egress Versatile Interface Processor (VIP)

Workaround   Disable QoS.

CSCdx47520

Symptoms   Simple Network Management Protocol (SNMP) ifIndexes may change after a switchover. This situation may occur when the bulk-synchronization of SNMP ifIndexes does not function.

Conditions   This symptom is observed on a Cisco 7500 series router, Cisco 10000 series router, and Cisco 12000 series router.

Workaround   There is no workaround.

CSCdx68230

Symptoms   A CPU hog condition may be observed on a router, and the router may reload.

Conditions   These symptoms are observed when the snmp-server community global configuration command is executed on a Cisco router that is running Cisco IOS Release 12.1 and that has several thousand logical entities configured.

Workaround   There is no workaround.

CSCdx76361

Symptoms   A router that is configured with a Route Switch Processor (RSP) drops multicast packets, which situation leads to a loss of connectivity.

Conditions   This symptom is observed in a bridging environment, when the router that is configured with the RSP is running the rsp-jsv-mz image of Cisco IOS Release 12.2(10.7)T1 or Release 12.2(11.2) and the subscriber trunk is configured with a multicast policy that is set to "permit."

Workaround   There is no workaround.

CSCdx94801

Symptoms   When you configure a Cisco 12000 series Internet router with ATM interfaces, the secondary Route Processor (RP) reloads.

Conditions   The conditions under which these symptoms occur are not known at this time.

Workaround   There is no workaround.

CSCdx96327

Symptoms   A router may reload if the no ip routing interface configuration command is configured on a router that has NetFlow configured.

Conditions   This symptom is observed on a router while traffic is flowing through the router on the interface that has NetFlow configured.

Workaround   Remove NetFlow before entering the no ip routing interface configuration command, or stop traffic from going through the interface that has NetFlow configured before entering the no ip routing interface configuration command.

CSCdy02831

Symptoms   A Multilayer Switch Feature Card 2 (MSFC2) may reload when the no ip routing global configuration command is entered.

Conditions   This symptom is observed on a Catalyst 6000 MSFC2 that is running Cisco IOS Release 12.1(12)E.

Workaround   Do not disable IP routing on the MSFC2.

CSCdy06086

Symptoms   The snmp-server host host-addr version 2c community-string global configuration command cannot be configured if the community-string argument is already configured via the snmp-server community string global configuration command.

Conditions   This symptom is observed in Cisco IOS Release 12.0 S and is related to the introduction of the SNMP Support for VPNs feature.

Workaround   There is no workaround.

CSCin15495

Symptoms   The output counters that are associated with an interface may remain zero, even though traffic is passed through the interface.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   There is no workaround.

CSCuk36939

Symptoms   Cisco IOS software fails to set up the Gigabit Ethernet Interface Processor (GEIP) MIBs correctly on a Cisco 7500 series router.

Conditions   This symptom is observed when the hierarchy on the GEIP is incorrect; the port adapter and interface are shown at the same level as the GEIP. The GEIP should be at the top of the hierarchy, followed by the port adapter, followed by the interface.

Workaround   There is no workaround.

EXEC and Configuration Parser

CSCdy27230

Symptoms  The router isis global configuration command is not properly synchronized to a standby Route Processor (RP). This situation prevents the standby RP from loading the correct configuration.

Conditions   This symptom is observed when a router is running in redundancy mode.

Workaround   There is no workaround.

CSCdy53980

Symptoms   The Open Shortest Path First (OSPF) network ip-address wildcard-mask area area-id router configuration command is accepted in an active Route Processor (RP) but not properly synchronized to the standby RP. The first command that you enter is synchronized correctly to the standby RP, but commands that are subsequently entered are not properly synchronized to the standby RP.

Conditions   This symptom is observed on a Cisco 12000 series router when Stateful Switchover (SSO) is enabled.

Workaround   There is no workaround.

Interfaces and Bridging

CSCdx53873

Symptoms   Multiprotocol Label Switching (MPLS) packets that are greater than 1498 bytes may not be received on a router.

Conditions   This symptom is observed on a Cisco 7500 router that is running Cisco IOS Release 12.2(10a) and that is using dot1q encapsulation.

Workaround   There is no workaround.

CSCdx84574

Symptoms   A Versatile Interface Processor (VIP) may reload and restart after a Fast Ethernet port adapter (PA-FE) is installed.

Conditions   This symptom is observed on a VIP that is installed in a Cisco 7500 series router.

Workaround   There is no workaround.

CSCdx87818

Symptoms  The following error message may be displayed on a router when a Cisco IOS software upgrade is performed:

%SYS-6-STACKLOW: Stack for process ATM PA Helper running low, 0/3000

Conditions   This symptom is observed on a Cisco 7500 series router when you upgrade from Cisco IOS Release 12.0(7)T to Release 12.1(14).

Workaround   There is no workaround.

CSCdx87965

Symptoms   A router that is configured with a multichannel port adapter reloads because of a bus error exception.

Conditions   This symptom is observed when link flaps occur or interfaces are reset on a router that is configured with PA-MC-T1, PA-MC-E1, PA-MC-E3, or PA- MCX port adapters.

Workaround   There is no workaround.

CSCdx91957

Symptoms   The mtu interface configuration command changes into the ip mtu interface configuration command when the VLAN ID changes on a subinterface of a Cisco 12000 series 3-port Gigabit Ethernet line card.

Conditions   This symptom is observed on a Cisco 12000 series Internet router.

Workaround   There is no workaround.

CSCdy03204

Symptoms   An Ethernet driver on an Ethernet interface may receive and forward packets that are not destined for itself.

Conditions   This symptom is observed on an Ethernet interface that has the promiscuous mode enabled in a network that has multiple Hot Standby Router Protocol (HSRP) groups. This symptom is also observed when no transparent bridging is occurring.

Workaround   There is no workaround.

CSCdy09509

Symptoms   A buffer leak may be observed in the small buffers on a router.

Conditions   This symptom is observed on a Cisco 7200 series router that is running Cisco IOS Release 12.2(10a) and that is using distributed Link Fragmentation and Interleaving (dLFI).

Workaround   There is no workaround.

CSCdy38335

Symptoms   A router that is configured with a 2-port Fast Ethernet 100BASE-FX port adapter (PA-2FE-TX) may reload when the packet cleanup is not performed properly in the interrupt path of the port adapter.

Conditions   This symptom is observed on a Cisco 7200 series router and a Cisco 7500 series router.

Workaround   There is no workaround.

CSCdy44854

Symptoms   A router may be able to send but not be able to receive traffic via a Fast Ethernet subinterface that is configured for dot1q encapsulation.

Conditions   This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0(21)ST3.

Workaround   Reload the router, or reload microcode onto the Versatile Interface Processor (VIP) by entering the microcode reload slot-number global configuration command. Both workarounds cause a traffic interruption.

CSCdy46927

Symptoms   When you reload a Cisco 7500 series Versatile Interface Processor (VIP) or a Cisco 12000 series line card that is configured with VLAN subinterfaces that are in a shutdown state, the VLAN interfaces become active again.

Conditions   This symptom is observed on distributed Cisco IOS platforms, such as the Cisco 7500 series router and the Cisco 12000 series router.

Workaround   After the VIP or the line card has reloaded, enter the no shutdown interface configuration command followed by the shutdown interface configuration command for the affected subinterfaces.

CSCdy51470

Symptoms   Label controlled ATM (LC-ATM) bindings may not come up after a Stateful Switchover (SSO) is performed.

Conditions   This symptom is observed on a Cisco 7500 series router that is configured with an LC-ATM interface.

Workaround   There is no workaround.

CSCdy51498

Symptoms   A 1-port ATM Enhanced OC12/STM4 port adapter (PA-A3-OC12) that is configured with multiple Low Latency Queueing (LLQ) streams that are running near peak cell rate (PCR) may drop packets. The output of the show interfaces command displays that packets are sent out but that no packets are coming in. Input or output packet drops are not displayed.

Conditions   This symptom is observed during a test on a Cisco 7500 series router that is running Cisco IOS Release 12.0(22)S.

Temporary Workaround   Enter the clear interface type number EXEC command each time the symptom occurs.

CSCin10839

Symptoms   A router may reload after a channelized T3 (CT3) port adapter that is configured as part of a Multilink PPP (MLP) bundle is removed, and the MLP bundle interface is shut down.

Conditions   This symptom is observed in a network in which two Cisco 7200 series routers are connected back-to-back via channelized T3 (CT3) port adapters. Channel groups are created and configured for MLP, and a bundle interface multilink is created on both of the routers in this setup.

Workaround   There is no workaround.

CSCin16706

Symptoms   Open Shortest Path First (OSPF) multicast packets are not received on a 1-port Fast Ethernet 100BASE-TX port adapter (PA-FE-TX).

Conditions   This symptom is observed on a PA-FE-TX port adapter on a Cisco 7500 router that is configured with OSPF. The PA-FE-TX does not receive OSPF multicast traffic because MAC multicast entries are not added to the MAC table.

Workaround   There is no workaround.

IP Routing Protocols

CSCdu43164

Symptoms   A memory leak may occur on a Cisco 7200 series router. The memory leak is caused by the Border Gateway Protocol (BGP) I/O process and occurs at the rate of 100 KB to 130 KB per hour (about 2.5 MB to 3 MB per day) after the show memory summary | incl BGP privileged EXEC command is entered. This situation occurs regardless of whether a BGP neighbor is flapping.

The output of the show processes memory | incl bgp privileged EXEC command shows the following:

Router# show processes memory | incl bgp

PID TTY Allocated Freed Holding Getbufs Retbufs Process ... 104 0 3522569548 2139398320 21965976 297916 5184 BGP I/O ...

The show memory summary | incl bgp privileged EXEC command indicates that the "BGP (1) update" function allocates memory without deallocating it again after the process is completed:

Router# show memory summary | incl bgp

Alloc PC Size Blocks Bytes What ... 0x607C42E0 65496 333 21810168 BGP (1) update ....

Conditions   This symptom is observed on a Cisco 7206VXR router that is functioning as a Provider Edge (PE) router and that is running Cisco IOS Release 12.1(5a) in a Multiprotocol Label Switching Virtual Private Network (MPLS VPN) network.

Workaround   Reload the router.

CSCdx32611

Symptoms   After you detach an interface from a Virtual Private Network (VPN) routing/forwarding (VRF) instance using the no ip vrf forwarding vrf-name command, the adjacency information that is associated with the removed interface still shows up in the VRF table.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   There is no workaround.

CSCdx48854

Symptoms   In a failover configuration of a designated router (DR) and a non-DR, the DR fails, does not clear its connected flag, and continues to send Protocol Independent Multicast (PIM) join messages upstream. This situation causes unnecessary traffic. Upon failback, the non-DR does not clear its connected flag and continues to sends join-packet messages upstream long after the outgoing interface list of the mroute entry becomes empty.

Conditions   This symptom is observed in a failover configuration of a DR and a non-DR that have directly connected receivers.

Workaround   Clear the mroute entry.

CSCdx53795

Symptoms  If a peer advertises a replacement path (with the same multi-exit discriminator [MED] as the original path), the new path is inserted in the previous position of the original path.

Conditions   This symptom may be observed on a Border Gateway Protocol (BGP) router that is using deterministic MED. When this symptom occurs, the replacement path may not be grouped with paths from the same autonomous system number (ASN). This ordering may result in incorrect routing and may cause routing loops.

Workaround   Disable and reenable deterministic MED on the router after the router enters the incorrect state.

CSCdx70216

Symptoms   A router may reload. Also, a Multilayer Switch Feature Card 2 (MSFC 2) may reload with a bus error in the not so stubby area (NSSA) part of the Open Shortest Path First (OSPF) code.

Conditions   This symptom is observed on any Cisco router that is running a Cisco IOS software release when a link-state advertisement (LSA) with an incontiguous mask is sent to a router.

Workaround   Do not send address LSAs with illegal masks, that is masks that are not contiguous, to a router.

CSCdx74432

Symptoms   Memory allocation (MALLOC) failures may be observed when Border Gateway Protocol (BGP) updates are generated, and the following error message may be displayed:

%SYS-2-MALLOCFAIL: Memory allocation of 2093048 bytes failed from 0x602BDB08, alignment 0 Pool: Processor Free: 1546596 Cause: Not enough free memory
Alternate Pool: None Free: 0 Cause: No Alternate pool

Conditions   This symptom is observed on a Cisco router.

Workaround   There is no workaround.

CSCdx74764

Symptoms   A Performance Route Processor (PRP) can cause exception when trying to reload the router.

Conditions   This symptom is observed on a PRP that is running Cisco IOS Release 12.0(21)3S and that has BGP/Interior Gateway Protocol (IGP) with Multiprotocol Label Switching-traffic engineering (MPLS-TE).

Workaround   There is no workaround.

CSCdx75987

Symptoms   Tracebacks may occur.

Conditions   This symptom is observed when you use the offset list router configuration command in Enhanced Interior Gateway Routing Protocol (EIGRP) and when you remove a summary address from an interface that has a Virtual Private Network (VPN) routing/forwarding (VRF) instance defined.

Workaround   There is no workaround.

CSCdx79227

Symptoms   A router may reload after the show ip mroute summary EXEC command is entered.

Conditions   This symptom is observed on Cisco router that is running Cisco IOS Release 12.2.

Workaround   There is no workaround.

CSCdx83393

Symptoms   A router may reload when the Sham-Link Support feature is configured.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   There is no workaround.

CSCdx84465

Symptoms   A router that has Fast Reroute (FRR) enabled may reload.

Conditions   This symptom is observed when the input interface for a label switched path goes down and the label switched path has not been fast rerouted at the previous hop (PHOP) or at a hop before the PHOP.

Workaround   There is no workaround.

CSCdx86622

Symptoms   Enhanced Interior Gateway Routing Protocol (EIGRP) may log a spurious access.

Conditions   This symptom is observed during a test on a Cisco 7500 series router that is running the rsp-pv-mz image of Cisco IOS Release 12.0(21.4)SY.

Workaround   There is no workaround.

CSCdx87316

Symptoms   In rare circumstances, a downstream multicast router may have a group in the mroute table, yet the upstream multicast router does not show the downstream multicast router in the outgoing interface list.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   Issue the clear ip mroute group interface configuration command.

CSCdx89413

Symptoms   Subnets in the /31 range may not be accepted.

Conditions   This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.4)S.

Workaround   There is no workaround.

CSCdy04712

Symptoms   A router that is configured with the neighbor address or the neighbor ibgp peer-group name nlri unicast multicast Border Gateway Protocol (BGP) commands does not automatically translate the no auto-summary command into the multicast address family.

Conditions   The symptom is observed on a Cisco router when more than one address family is used under BGP.

Workaround   Manually add the no auto-summary command into the multicast address family.

CSCdy28568

Symptoms   A route reflector does not change the nexthop to itself, even when it is set to do so via a route map.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   There is no workaround.

CSCdy42103

Symptoms   A watchdog timeout may cause a software-forced reload on a router.

Conditions   This symptom is observed on a Cisco 7500 router that is using the Border Gateway Protocol (BGP).

Workaround   There is no workaround.

CSCdy44251

Symptoms   The Forwarding Information Base (FIB) table on a Cisco 12000 series Gigabit Route Processor (GRP) may be missing entries for directly connected subnets.

Conditions   This symptom is observed on a Cisco 12000 series router after you have removed a large number of routes.

Workaround   Enter the clear ip route network EXEC command for the affected prefixes. The following is an example:

Router# show ip cef 10.2.0.4 255.255.255.224
%Prefix not found

Router# clear ip route 10.2.0.4 255.255.255.224

Router# show ip cef 10.2.0.4 255.255.255.224
10.2.0.4/30, version 285154, epoch 0, attached, connected, cached adjacency to POS1/0 0 packets, 0 bytes via POS1/0, 0 dependencies valid cached adjacency

CSCdy51434

Symptoms   A router may reload unexpectedly if MD5 authentication is used with Open Shortest Path First (OSPF). The following message may be displayed when you enter the show version EXEC command:

System returned to ROM by error - a Software forced crash, PC 0x12345678

Conditions   This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(22)S. The symptom occurs only when corrupted OSPF packets are present.

Workaround   Remove MD5 authentication for OSPF.

ISO CLNS

CSCdy38827

Symptoms   A Cisco router may install a suboptimal Intermediate System-to- Intermediate System (IS-IS) route into its routing table. Depending on the topology, this situation may create a routing loop.

Conditions   This symptom is observed on an IS-IS Level 1 - Level 2 (L1L2) router that is running Cisco IOS Release 12.0 S or Release 12.0 ST and that has prefixes configured that are allowed to be leaked into Level 1, that is, prefixes that match the access list that is specified within the redistribute isis ip level-2 into level-1 distribute-list command. When route leaking is not configured, this condition is not observed.

Workaround   There is no workaround. The condition resolves itself when the affected route is cleared by entering the clear ip route network EXEC command.

Miscellaneous

CSCdt41343

Symptoms   A Cisco router may reload during the bootup process.

Conditions   This symptom is observed when a syslog server and syslog source interface have been defined before the source interface has been parsed and the configuration of the router is directly written from TFTP to NVRAM memory or you upgrade from Cisco IOS Release 12.0 to Release 12.1 or Release 12.2.

Workaround   Place the syslog server and syslog source interface configurations after the source interface itself. To do this, you must edit the configuration offline, copy it to NVRAM memory, and then reboot the router.

CSCdv01994

Symptoms   Memory allocation failures (MALLOCFAIL) may be observed on a router after it is reloaded.

Conditions   This symptom is observed on a Cisco 7500 series router.

Workaround   There is no workaround.

CSCdv04641

Symptoms   When you apply a crypto map to a tunnel interface that has the ip cef distributed global configuration command enabled, a message very similar to the following one will appear:

Router(config)# interface Tunnel0
Router(config-if)#
crypto map testtag
ERROR: The VIP interface must be configured with cef distributed switching before enabling encryption.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   There is no workaround.

CSCdv11028

Symptoms   A queue may become stuck and display messages that are similar to the following:

%GRP-3-FABRIC_UNI: Unicast send timed out %QM-4-STUCK: Port 0 Queue mask 0x1

Conditions   This symptom is observed when an OC-48 Packet-over-SONET (POS) interface is flapping and when updates are received.

Workaround   Perform a microcode reload of the line card.

CSCdv23918

Symptoms  Pattern loss may occur on a T1 channel that is configured under a Virtual Tributary level 1.5 (VT1.5) stream on a router line card when you use the clock source internal controller configuration command.

Conditions   This symptom is observed on a Cisco 10000 series 1-port channelized OC-12 line card.

Workaround   Use the clock source line controller configuration command.

CSCdw16580

Symptoms   On a router that is configured as a provider edge (PE) router with multiple Virtual Private Network (VPN) routing/forwarding (VRF) instances, the VRF routing table may not be imported to the same PE router when routes are imported between the VRFs even when the PE router is displayed on the Border Gateway Protocol (BGP) VPN4 table.

Conditions   This symptom is observed on a PE router in a Multiprotocol Label Switching (MPLS) and VPN environment.

Workaround   There is no workaround.

CSCdw50585

This caveat describes two symptoms, two conditions, and two workarounds:

Symptoms A   The Egress NetFlow feature can be configured on a core Multiprotocol Label Switching (MPLS) interface by using the mpls netflow egress command-line interface (CLI) command. However, the Egress NetFlow feature is designed to work only on the outbound Virtual Private Network routing/forwarding (VRF) interfaces of an MPLS network. Enabling it in any other location should be considered a misconfiguration.

Conditions A   Conditions do not apply to this situation.

Workaround A   Do not configure the Egress NetFlow feature on any MPLS core interface. If the feature is enabled on any MPLS core interface, enter the no mpls netflow egress command to disable the feature.

Symptoms B   IP packets that are looped back are wrongly accounted for. A new flow in the opposite direction should be created for those IP packets.

Conditions B   This symptom is observed on an outgoing MPLS egress flow.

Workaround B   There is no workaround.

CSCdx01917

Symptoms   Serial interfaces on a Cisco 10000 series 1-port channelized OC-12 line cards remain in a Down/Down state after the router has reloaded and the interfaces are defined in the startup configuration.

Conditions   This symptom is observed when the startup configuration contains a large number of serial interfaces that are defined on multiple 1-port channelized OC-12 line cards.

Workaround   Delete and recreate the affected interfaces.

CSCdx35300

Symptoms   A Gigabit Ethernet input queue may become wedged.

Conditions   This symptom is observed on a Cisco 7400 router.

Workaround   There is no workaround.

CSCdx38125

Symptoms   Traceback messages may be displayed after the ip accounting mac-address input interface configuration command is configured on VLANs that have an input access control list (ACL) present. The counters that are based on the source and destination MAC address stop incrementing after the traceback messages are observed.

Conditions   These symptoms are observed on a 3-port Gigabit Ethernet line card when VLAN traffic is coming in.

Workaround   Remove the input ACL from the VLAN interface.

CSCdx42158

Symptoms   A Buffer Management ASIC (BMA) error may occur, and the following messages are displayed:

SLOT 2:00:10:20: %LC-3-BMAERRS: FrFab BMA PLIM error 100000
SLOT 2:00:10:20: %LC-3-BMAERR: FrFab BMA error: msstat 440340B2 dma0 800 dma1 0 dma2 0 qm 1FFFF8 plim 100000 fia 0 l3 0 ms 0 sdram 0

Conditions   This symptom is observed on a Cisco 12000 series 6-port channelized T3 line card and 2-port channelized OC-3 line card and occurs when a packet with zero length is received by the BMA.

Workaround   There is no workaround.

CSCdx45205

Symptoms   Open Shortest Path First (OSPF) fails across a multilink bundle.

Conditions   This symptom is observed when a Cisco 7500 series router is placed back-to-back with any other peer router in a distributed Multilink PPP (dMLP) configuration that has links in a multilink bundle. When any of the links are removed from the bundle on the side of the peer router, the OSPF connectivity is lost for few seconds on the Cisco 7500 series router side and then recovers immediately.

Workaround   There is no workaround.

CSCdx47884

Symptoms   When SONET level alarms occur, such as Loss of Signal (LOS), the SONET line active alarms field and the alarm indication signal (AIS) monitoring counter may indicate that no alarms are present when you are viewing the output from the show controllers sonet slot port line-number privileged EXEC command.

Conditions   This symptom is observed when the line summary in the output of the show controllers sonet slot port line-number privileged EXEC command for a SONET controller on a Cisco 10000 series line card neither properly displays nor counts the AIS when a line alarm condition is present.

Workaround   Use the section and path information in the output of the show controllers sonet slot port line-number privileged EXEC command to interpret whether a line alarm condition is present or not.

CSCdx47936

Symptoms   If you configure modular quality of service (QoS) using the command-line interface (CLI) on a 4-port OC-48 Dynamic Packet Transport (DPT) line card, a Cisco 12000 series Internet router fails.

Conditions   This symptom is observed on a Cisco 12000 series Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21)ST1.

Workaround   Configure QoS using the traditional method.

CSCdx59056

Symptoms   Label Distribution Protocol (LDP) and Border Gateway Protocol (BGP) with IPv4+labels could be applied to the same Virtual Private Network (VPN) routing/forwarding instance (VRF) on the same router, which is restricted in the current code. Hence, the feature cannot work properly.

Conditions   This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)3S1.

Workaround   There is no workaround.

CSCdx61632

Symptoms   If there is a sequence mismatch between peer routers that have an interconnected multilink interface, the recovery sequence for the router that is out of synchronization may take an extended period of time and may affect the traffic that is on the router.

Conditions   This symptom is observed on a Cisco 7500 series router that is running Multilink PPP (MLP).

Workaround   Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the affected multilink interface.

CSCdx62768

Symptoms   Traffic fails after a Performance Routing Engine (PRE) cutover on the provider edge (PE) router.

Conditions   This symptom is observed on a Cisco 10000 series edge services router.

Workaround   There is no workaround.

CSCdx65248

Symptoms   Cisco Express Forwarding (CEF) may be disabled on an ATM OC-3 line card after a memory leak occurs.

Conditions   This symptom is observed on an ATM OC-3 line card.

Workaround   There is no workaround.

CSCdx66281

Symptoms   A Cisco router that is running Cisco Express Forwarding (CEF) for IP version 6 (IPv6) may reload when you enter the show ipv6 cef internal EXEC command.

Conditions   This symptom is observed when the IPv6 CEF forwarding table is changed while you enter the show ipv6 cef internal EXEC command.

Workaround   There is no workaround.

CSCdx67602

Symptoms   An indefinite output pause may occur on a serial interface that is a member of a multilink group, and the following logs may be seen:

%RSP-3-RESTART: interface Serial3/0/0, not transmitting Serial3/0/0: microcode reload

Conditions   This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.2(10) with a PA-4T-V35 port adapter inserted in the Versatile Interface Processor (VIP)2-50 or in the VIP2-40 and where one physical interface is a member of a multilink group and another interface is configured for High-Level Data Link Control (HDLC), and where Cisco Express Forwarding (CEF) is enabled globally and disabled on the multilink interface (bundle master), and, lastly, where distributed weighted fair queuing (WFQ) is enabled on the interface configured for HDLC.

Workaround   There is no workaround.

CSCdx71843

Symptoms   A loopback fails on an Engine 2 line card.

Conditions   This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.3)S2.

Workaround   There is no workaround.

CSCdx72807

Symptoms   You may not be able to attach a service policy to an unspecified bit rate (UBR) ATM permanent virtual circuit (PVC). You can attach policies to variable bit rate (VBR) and available bit rate (ABR) PVCs if the bandwidth specified in the policy is lower than peak cell rate (PCR).

Conditions   This symptom is observed on a Cisco 7500 series router.

Workaround   There is no workaround.

CSCdx73104

Symptoms   An Engine 4 plus line card may perform Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) label disposition incorrectly and punt all packets that have sizes that are close to the maximum transmission unit (MTU) of the egress VPN interface to the line card CPU.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21.3)S2.

Workaround   Increase the MTU of the egress interface.

CSCdx73666

Symptoms   Some channelized devices may be left down. Via Cisco Discovery Protocol (CDP) you can see that these devices are connected to different E1 controllers and time slots than those that were initially configured.

Conditions   This symptom is observed on a Cisco 10000 series router that is running Cisco IOS Release 12.0(21)ST when the redundancy force-failover main-cpu command is used.

Workaround   A temporary workaround is to reconfigure the correct controller details.

CSCdx73672

Symptoms   Traffic may be dropped on a Cisco 12000 series router that is configured with an Engine 2 (E2) line card.

Conditions   This symptom is observed when the following conditions are present:

Traffic enters the router through the E2 line card.

The E2 line card performs hardware-accelerated multicast switching because the hw-module slot number ip multicast hw-accelerate global configuration command is enabled.

An output access control list (ACL) is configured on the egress interface.

Workaround   Remove the hardware-accelerated multicast configuration, and reload the line card.

CSCdx73857

Symptoms   A router may fail to warn you that a policy map oversubscribes link bandwidth.

Conditions   This symptom is observed when you use nested policies on Frame Relay or Gigabit Ethernet interfaces and the sum of the shape rate of all permanent virtual circuits (PVCs) or VLANs is greater than the interface bandwidth of the Frame Relay or Gigabit Ethernet interfaces.

Workaround   Enter the show policy-map interface EXEC command to ensure that the policy map is successfully applied.

CSCdx73916

Symptoms   The Multiprotocol Label Switching (MPLS) forwarding table does not display a label for an aggregate route.

Conditions   This symptom is observed on a Cisco 10720 Internet router and affects only the aggregate routes that are explicitly configured under the Border Gateway Protocol (BGP) configuration using the aggregate- address address mask summary- only command.

Workaround   There is no workaround.

CSCdx74709

Symptoms   The Ring Access Controller (RAC) watchdog timer expires and forces the RAC to enter the pass-through mode.

Conditions   This symptom typically occurs when CPU utilization remains at 100 percent for more than 90 seconds.

Workaround   There is no workaround.

CSCdx74864

Symptoms   A bus error may occur on a router and the router returns to the ROM monitor (ROMmon) prompt.

Conditions   This symptom is observed on a Cisco 10000 series edge services router when running an ATM test, atm_mult_card_mult_port_vbr_aggr_segm_and_reas_change_pcr. This error seems to happen on the unconfiguration part of the test.

Workaround   There is no workaround.

CSCdx76028

Symptoms   Spurious accesses and alignment errors may occur on a Versatile Interface Processor (VIP), which may cause routes or interfaces to go down.

Conditions   These symptoms are observed on a Cisco 7500 series router that has Multiprotocol Label Switching (MPLS) NetFlow enabled on the egress side through the mpls netflow egress interface configuration command.

Workaround   Configure the ip cef global configuration command or the no ip route-cache distributed interface configuration command.

CSCdx76085

Symptoms   A few out of 1000 interfaces are not up after a Trivial File Transfer Protocol (TFTP) loading configuration has occurred.

Conditions   This symptom is observed on a Cisco 10000 series edge services router.

Workaround   There is no workaround.

CSCdx76645

Symptoms   A backup Clock Switch Card 0 (CSC 0) may enter the "going on" state.

Conditions   This symptom is observed when an online insertion and removal (OIR) is performed on a Cisco 12406 router with the primary clock on CSC 1 (slot 17).

Workaround   There is no workaround.

CSCdx76907

Symptoms   A Versatile Interface Processor (VIP4-80) may reload with a bus error when distributed Multilink PPP (dMLP) is configured.

Conditions   This symptom occurs when traffic is passed through the dMLP bundle and occurs just after the interface comes up. This symptom is specific to the dMLP feature and will occur only if dMLP is configured on a platform. The dMLP feature is independent of other features and does not affect other features.

Workaround   There is no workaround.

CSCdx79262

Symptoms   Line cards may reload while trying to send traffic in a basic Virtual Private Network (VPN) setup.

Conditions   This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.4)S.

Workaround   There is no workaround.

CSCdx79282

Symptoms   NetFlow statistics may not be recorded for some packet flows.

Conditions   This symptom is observed on a Cisco 10000 series edge services router that is running Cisco IOS Release 12.0(20)ST3. If there are many active flows and they stop all at once, the NetFlow statistics for many of the flows may not be recorded.

Workaround   There is no workaround.

CSCdx79327

Symptoms   Under rare situations Parallel Express Forwarding (PXF) may reload with the following message:

%PXF-2-FAULT: T0 Local Bus Exception: CPU[t0r1c1] TBACB

Conditions   This symptom is observed on a Cisco 10000 series edge services router. The symptom persists while forwarding to a particular IP address. The address cannot readily be predetermined.

In Cisco IOS Release 12.0(20)ST, Release 12.0(21)ST, and Release 12.0(21)SX on Performance Routing Engine (PRE)-1, no reload occurs, but traffic for the affected IP address is not forwarded.

Workaround   There is no workaround.

CSCdx80546

Symptoms   A standby Route Processor (RP) may reload when a primary configuration is changed.

Conditions   This symptom is observed on a Cisco 12000 series Internet router.

Workaround   There is no workaround.

CSCdx80891

Symptoms   If policing is enabled using the modular quality of service QoS command-line interface CLI (MQC), it may not work with Class-Based Weighted Fair Queueing (CBWFQ) on a Frame Relay subinterface, although it may work properly with Low Latency Queueing (LLQ).

Conditions  This symptom is observed on a Cisco 7500 series router when packets are Cisco Express Forwarding (CEF) switched instead of distributed Cisco Express Forwarding (dCEF) switched. Also, if output policing is enabled on the router, output policing and output queueing may not work.

Workaround   Disable output policing, or make sure that packets are dCEF switched instead of non-dCEF switched.

CSCdx80911

Symptoms   An Ethernet over Multiprotocol Label Switching Ether Frame with a destination MAC address that starts from 0x4 may high drop on the egress provider edge (PE) router.

Conditions   This symptom is observed on a Cisco 12000 series Internet router.

Workaround   There is no workaround.

CSCdx80940

Symptoms   The Tag Forwarding Information Base (TFIB) is not enabled on a router.

Conditions   This symptom is observed on a Cisco 12000 series router if the tag-switching ip interface configuration command is not configured on any interface on a Carrier Supporting Carrier customer edge (CSC- CE) router or if the tag tdp discovery direct-hello accept global configuration command is not configured on a CSC-CE, and if there is only IP version 4 (IPv4) Border Gateway Protocol (BGP) label distribution between the Carrier Supporting Carrier provider edge (CSC-PE) router and the CSC-CE router.

Workaround   Configure the tag-switching ip interface configuration command on an interface on the router.

CSCdx81556

Symptoms   Virtual Private Network (VPN) routing/forwarding (VRF) VLAN packet switch ASIC (PSA) registry memory does not reinitialize when another PSA loads and then unloads because higher-priority PSA features are being configured and then unconfigured. This situation prevents VRF VLAN forwarding to function.

Conditions   This symptom is observed on a Cisco 12000 series Internet router.

Workaround   There is no workaround.

CSCdx81839

Symptoms   Routes from a remote customer edge (CE) router may not appear on another CE router. Or, routes from a remote CE router may appear on another CE router, but the addresses from the remote CE router cannot be pinged. Virtual Private Network (VPN) routes between the CEs may be lost.

Conditions   These symptoms are observed when the MPLS VPN Inter-AS—IPv4 BGP Label Distribution feature is enabled on two Multiprotocol Label Switching (MPLS) VPN autonomous systems that are separated by a non-MPLS VPN autonomous system, and when the interfaces on the autonomous system border routers (ASBRs) between the MPLS VPN autonomous systems and the non-MPLS VPN autonomous system are interfaces of 3-port Gigabit Ethernet line cards. The ASBR routers are Cisco 12406 routers that are running the gsr-p-mz image of Cisco IOS Release 12.0(22.1)S1.

In the above-mentioned topology, if you enter the clear ip route * EXEC command on any of the ASBRs or CE routers, VPN routes between the CEs may be lost.

Workaround   Do not enter the clear ip route * EXEC command on any of the ASBRs or CE routers.

If you need to enter the clear ip route * EXEC command, reload the ASBR router on each side of the Gigabit Ethernet link (that is, the ASBR at the side of the MPLS VPN autonomous system and the ASBR at the side of the non-MPLS VPN autonomous system).


Note Reloading a router may have a severe impact upon a network and its users, depending upon the topology and the time of day.


CSCdx82050

Symptoms   The Virtual Private Network (VPN) routing/forwarding (VRF) selection driver may not initialize the VRF selection registers when the VRF selection bundle is loaded.

Conditions   This symptom is observed on a Cisco 12000 series router.

Workaround   Reload microcode onto the line card.

CSCdx82381

Symptoms   Traceback may occur under certain instances when Border Gateway Protocol (BGP) invokes the Tag Forwarding Information Base (TFIB) module of a provider edge (PE) router that is running IPv6 in a Multiprotocol Label Switching (MPLS) environment (also referred to as a 6PE router) to add a router when nexthop is not set.

Conditions   This symptom is observed on a Cisco 12000 series Internet router.

Workaround   There is no workaround.

CSCdx82969

Symptoms   Adding multicast group entries via the ip igmp join-group group-address interface configuration command to a Cisco 10000 series Gigabit Ethernet Half-Height line card causes the line card to reset and eventually the router to reload.

Conditions   This symptom is observed when about 50 multicast group entries are added via the ip igmp join-group group-address interface configuration command.

Workaround   Add fewer multicast group entries, and add them gradually.

CSCdx83597

Symptoms   Label Distribution Protocol (LDP) may not come up. The show mpls ldp discovery command displays the following output message:

TDP running; needs TDP identifier ..

Conditions   This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0(21.4)S only if the router is capable of using Stateful Switchover (SSO) after a switchover.

Workaround   Reload the active Route Processor (RP).

CSCdx83707

Symptoms   Parallel Express Forwarding (PXF) may reload and restart.

Conditions   This symptom is observed on a Cisco 10000 series edge services router when deleting an attached policy map.

Workaround   Remove the policy from all interfaces before deleting the policy from the configuration.

CSCdx84445

Symptoms   A line card may be stuck in the off-for-download state.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S2. This symptom may be indicated in the output of the show cef linecard EXEC command.

Workaround   There is no workaround.

CSCdx84984

Symptoms   On a router that is configured with two Route Processors (RPs) and that has the Route Processor Redundancy Plus (RPR+) feature enabled, if the standby RP is reloaded before it is fully initialized, the global configuration on the active RP gets locked.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21.4)S. The symptom occurs only if the standby RP is reloaded by an operator command while a bulk synchronization is performed on the running configuration.

Workaround   There is no workaround.

CSCdx86498

Symptoms   A ping fails over a Multiprotocol Label Switching Traffic Engineering (MPLS-TE) tunnel.

Conditions   This symptom is observed on a Cisco 12000 series Internet router when the uplink interface is a Gigabit Ethernet line card.

Workaround   There is no workaround.

CSCdx86570

Symptoms   Spurious accesses occur on a per-packet basis on a Versatile Interface Processor (VIP). In addition, interfaces and routing protocols on the affected VIP and other interfaces on the router may flap.

Conditions   This symptom is observed on a Cisco 7500 series router when Multiprotocol Label Switching (MPLS) is enabled on one of the VIP interfaces.

Workaround   There is no workaround.

CSCdx86907

This caveat describes two symptoms, two conditions, and two workarounds:

Symptoms A   An access control list (ACL) does not operate correctly to match Layer 4 Operation (L4Op) entries. The ACL clears the logical operator unit (LOU) while it is still being used by other interfaces.

Conditions A   This symptom is observed when an ACL is removed from one interface after the ACL is applied to multiple interfaces.

Workaround A   Remove the ACL from all interfaces to which the ACL has been applied and reapply the ACL to the interfaces as needed.

Symptoms B   A ternary content addressable memory (TCAM) LOU capacity error may occur even though the number of used LOUs in the existing ACLs is less than the set limit.

Conditions B   This symptom is observed when two different ACLs are applied to two different interfaces (ACL A on interface A and ACL B on interface B). When ACL A is applied to interface B, the LOU from ACL B is not cleared. This behavior causes LOUs to be wasted in TCAM.

Workaround B   First remove ACL B from the interface, and then reapply ACL A to that interface.

CSCdx87271

Symptoms   A standby Route Processor (RP) may reload after a Route Processor Redundancy Plus (RPR+) switchover.

Conditions   This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.4)S.

Workaround   There is no workaround.

CSCdx87293

Symptoms   When Field Diagnostics are executed on a line card, Framer Loopback tests may fail if fiber is connected to the line card.

Conditions   This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.4)S.

Workaround   Do not run Field Diagnostics on line cards that have fiber connected to them.

CSCdx87951

Symptoms   When you configure a Packet-over-SONET interface, a call control block (CCB) playback error occurs, and a standby Route Processor (RP) reloads. The following error messages are generated:

%HA-3-SYNC_ERROR: CCB Playback error.
%HA-5-SYNC_RETRY: Reloading standby and retrying sync operation (retry 1).

Conditions   This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0 S after a Stateful Switchover (SSO) has occurred.

Workaround   There is no workaround.

CSCdx87998

Symptoms   Fast Reroute (FRR) does not fully deconfigure.

Conditions   This symptom is observed when the mpls traffic-eng signaling forwarding sync command is enabled.

Workaround   Do not use FRR when the mpls traffic-eng signaling forwarding sync command is enabled.

CSCdx88897

Symptoms   Label distribution protocol (LDP) cannot create a Tag Information Base (TIB) entry for 0.0.0.0, which prevents LDP from performing label switching on a packet that is routed using the default route.

Conditions   This symptom is observed in Cisco IOS Release 12.0(21.4)S, Release 12.0(21.4)SY, Release 12.2(11.3), Release 12.2(11.3)S, and Release 12.2(11.3)T.

Workaround   There is no workaround.

CSCdx90522

Symptoms   Multicast packets are not reaching the IP/Open Shortest Path First (OSPF) layer in a router.

Conditions   This symptom is observed on a Cisco 12000 series Internet router.

Workaround   There is no workaround.

CSCdx90908

Symptoms   The value of the ciscoEnvMonTemperatureThreshold variable is incorrectly reported as 7 degrees or 65,535 degrees. This condition causes the Device Fault Manager (DFM) to send high-temperature alarms for sensors that indicate that the value of the ciscoEnvMonTemperatureThreshold variable is equal to 7 degrees.

Conditions   These symptoms are observed on a Cisco 12016 router.

Workaround   There is no workaround.

CSCdx91397

Symptoms   The Multilink PPP (MLPPP) sequence number may not be updating correctly, and traffic is sent to the Route Processor (RP).

Conditions   This symptom is observed after a Performance Routing Engine (PRE) switchover on a Cisco 10000 series router that is running Cisco IOS Release 12.0(21.4)S and that is connected to a Cisco 7500 series router via a channelized T3 interface.

Workaround   Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the multilink interfaces after the cutover.

CSCdx91482

Symptoms   A master Route Switch Processor 8 (RSP8) may reload after an online insertion and removal (OIR) of a line card.

Conditions   This symptom is observed on a Cisco 7500 series router that is configured with dual RSP8s.

Avoiding an OIR following the bootup of the slave RSP8 reduces the chance that the master RSP8 will reload. The symptoms have not been observed on other RSPs (that is, other than the RSP8s).

Workaround   There is no workaround.

CSCdx92027

Symptoms   A Route Switch Processor 8 (RSP8) pauses indefinitely.

Conditions   This symptom is observed when you enter the ip cef global configuration command on a Cisco 7500 series router that is running Cisco IOS 12.1(12c)E.

Workaround   There is no workaround.

CSCdx92475

Symptoms   A Cisco IOS Versatile Interface Processor Software (SVIP) for a Cisco 7500 series router may fail to compile because of new function calls that are not included in its crypto-related subsystem.

Conditions   The conditions under which these symptoms occur are not known at this time.

Workaround   There is no workaround.

CSCdx92768

Symptoms   When a permanent virtual connection (PVC) that is configured on a Cisco 12000 series Engine 2 8-port OC-3 ATM line card is changed from a virtual circuit (VC) bundle to regular VC mode, the PVC stops forwarding traffic. In addition, the MacString appears to be broken and an error message indicates that there are spurious memory accesses.

Conditions   The conditions under which these symptoms occur are not known at this time.

Workaround   There is no workaround.

CSCdx93548

Symptoms   You may not be able to change the mode of a 24-port channelized E1/T1 line card from E1 to T1, from T1 to E1, or—as a test—from its present mode to its present mode.

In the examples below, line card 2/0 is already configured in the T1 mode:

Router(config)# card 2/0 24che1t1-1 mode e1
Card provisioning conflict

Router(config)# card 2/0 24che1t1-1 mode t1
Card provisioning conflict

Conditions   This symptom is observed on a Cisco 10000 series router that is running the c10k-p10-mz image of Cisco IOS Release 12.0 S.

Workaround   There is no workaround.

CSCdx93629

Symptoms   The following error messages may be displayed on a router:

SLOT 8:00:27:52: %EE48-5-TM_PROC: TCAM Delete Table not free(40), Alpha:RX Lbl:4099 Appl:2 fail: 40
-Traceback= 403503E0 403504FC 40356E34 4035779C 403579B0 400B3DFC400B3DE8
SLOT 8:00:28:00: %EE48-5-TM_PROC: TCAM Delete Invalid Parameters(35), Alpha:RX Lbl:4099 Appl:2 fail: 35
-Traceback= 403503E0 403504FC 40356E34 4035779C 403579B0 400B3DFC400B3DE8

The access control list (ACL) stops functioning properly after this symptom occurs.

Conditions   This symptom is observed if the same ACL is applied to multiple interfaces on an IP Service Engine (ISE) that is installed on a Cisco 12000 series Internet router.

Workaround   There is no workaround.

CSCdx94144

Symptoms   A Versatile Interface Processor (VIP) reloads after a Stateful Switchover (SSO) has occurred.

Conditions   This symptom is observed on a Cisco 7500 series router.

Workaround   There is no workaround.

CSCdx94390

Symptoms   The following error message appears on a Cisco 12000 series Internet router when you enable a turbo access control list (Turbo ACL):

%SYS-2-MALLOCFAIL: Memory allocation of 10980020 bytes failed from 0x400BE22C, alignment 32
Pool: Processor Free: 25912464 Cause: Memory fragmentation
Alternate Pool: None Free: 0 Cause: No Alternate pool

-Process= "TurboACL", ipl= 0, pid= 41
-Traceback= 400BB150 400BD4E4 400BE234 40BCDBE4 40BCDA70 40BCDAB8 40BCDAB8 40BCD97C 40BCFD00 40BD1650 400B3DFC 400B3DE8

Conditions   This symptom is observed on a a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.4)S2 and that is configured with an 8-port Fast Ethernet 100-Base-TX interface with 128 MB of route memory.

Workaround   Turn off compiled access lists using the no access-list compiled global configuration command.

CSCdx94409

Symptoms   Fast Reroute (FRR) tunnels that are created bidirectionally for each of two parallel links (that is, a total of four backup tunnels) fail to remain up when one or both of the links go down.

Conditions   This symptom is observed on a Cisco 12000 series Internet router.

Workaround   There is no workaround.

CSCdx94588

Symptoms   A CyBus 10 error and a QAERROR occur after a Stateful Switchover (SSO) has occurred.

Conditions   This symptom is observed on a Cisco 7500 series router when the standby Route Switch Processor (RSP) is being reloaded.

Workaround   There is no workaround.

CSCdx94633

Symptoms   A router may reload under a heavy packet load.

Conditions   This symptom is observed when large IP version 6 (IPv6) packets (of 18,008 bytes) are sent to an IPv6 nonbroadcast multiaccess (NBMA) tunnel source address.

The symptoms are caused by the use of a packet flag after the packet has been returned to the system. This is incorrect, but only causes a router with a heavy packet load to reload.

Workaround   Set the maximum transmission units (MTUs) correctly, both on the IPv6 tunnel interface and on the IP version 4 (IPv4) interfaces, to ensure that fragmentation of IPv6 packets occurs only at the IPv6 layer and not at the IPv4 layer.

CSCdx94730

Symptoms   An IronBus error occurs on a Cisco 10000 series 1-port channelized OC-12 line card. The console log shows the following information:

%C10KEVENTMGR-1-IRONBUS_FAULT: Ironbus Event 2/1, Restarting Ironbus %IPCGRP-3-SYSCALL: System call for command 203 (slot2/0): ipc_send_rpc_blocked failed (Cause: timeout)
-Traceback= 603C4208 603C4698 603C53E8 6013BFC0 60089C64 600248D4 60024C4C 6035270C 603526F8%IPCOIR-3-TIMEOUT: Timeout waiting for a response from slot 2/0. %IPCOIR-2-CARD_UP_DOWN: Card in slot 2/0 is down. Notifying 1choc12-1 driver. %C10K_ALARM-6-INFO: ASSERT CRITICAL slot 2 Card Stopped Responding OIR Alarm %IPCOIR-5-CARD_DETECTED: Card type 1choc12-1 (0x1BB) in slot 2/0 %IPCOIR-5-CARD_LOADING: Loading card in slot 2/0
%C10K-5-LC_NOTICE: Slot[2/0] 1choc12-1 Image Downloaded...Booting...
%PXF_DMA-3-IRONBUS_NOTRUNNING: Data path to slot 2/1 failed to synchronize (TIB Not Running)

Conditions   This symptom is observed on a Cisco 10000 series edge services router when you copy a configuration for creating 768 DS0 interfaces under a Virtual Tributary (VT) on the 1-port channelized OC-12 line card onto the running configuration.

Workaround   Limit the number of DS0 interfaces to 575 or fewer.

CSCdx96063

Symptoms   Missing Tag Forwarding Information Base (TFIB) entries may be observed after the clear ip route * privileged EXEC command is entered.

Conditions   This symptom is observed in a cell-based Multiprotocol Label Switching (MPLS) network while the multiple virtual circuit (VC) feature is enabled.

Workaround   Use the clear ip route prefix privileged EXEC command instead of the clear ip route * privileged EXEC command.

CSCdx96315

Symptoms   A line card reloads when you remove a static route from a Cisco 12000 series Internet router.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   There is no workaround.

CSCdx96410

Symptoms   Traffic that is travelling into the core from a autonomous system border router (ASBR) is dropped from an inter-autonomous system setup because some packets that are travelling out of the ASBR are corrupted in the hardware of a Cisco 12000 series Engine 2 line card.

Conditions   This symptom is observed on a Cisco 12000 series Internet router.

Workaround   There is no workaround.

CSCdy01077

Symptoms   The following error messages may be displayed on the console port of a Cisco Catalyst 6000 switch:

%TFIB-7-SCANSABORTED: TFIB scan not completing. MAC string updated. %TFIB-DFC8-7-SCANSABORTED: TFIB scan not completing. MAC string updated. *

The messages may continue to be displayed until the Cisco Catalyst 6000 switch is reloaded. The error messages are informational and indicate that an excessive amount of network or line transitions may cause an excessive number of Forwarding Information Base (FIB) scans. Processes that are attempting to converge on the network may cause the Route Processor (RP) and the Switch Processor (SP) CPU utilization to occasionally reach 100 percent.

Conditions   This symptom is observed on a Cisco Catalyst 6000 switch that is running Cisco IOS Release 12.2.

Workaround   There is no workaround.

CSCdy01678

Symptoms   Traffic is forwarded to the correct egress interface, but no labels are imposed on the traffic.

Conditions   This symptom is observed in a Multiprotocol Label Switching Virtual Private Network (MPLS VPN) inter-autonomous system when an Engine 4 plus line card receives traffic on a VPN routing/forwarding (VRF) interface on an autonomous system border router (ASBR).

Workaround   There is no workaround.

CSCdy02248

Symptoms   A standby Route Processor (RP) may reload.

Conditions   This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(22.1)S when a microcode reload occurs after Border Gateway Protocol (BGP) peers come up accompanied by high CPU utilization.

Workaround   There is no workaround.

CSCdy02479

Symptoms   Some Hot Standby Router Protocol (HSRP) hello packets may drop. The output of the debug standby command and the debug ip packet detail command shows if packets drop.

Conditions   This symptom is observed on a Cisco 12000 series router that is configured with an 8-port Fast Ethernet line card when HSRP is enabled.

Workaround   Enter the debug line card no-throttle EXEC command from the line card console, and verify that the HSRP packets no longer drop.

CSCdy03533

Symptoms   A Cisco 10720 router cannot forward full line-rate OC-48 Spatial Reuse Protocol (SRP) transit traffic on an inner ring, an outer ring, or on both rings if the SRP frame size (including the cyclic redundancy check [CRC]) is between 52 and 102 bytes. The transit performance can be as low as 1.6 Gbps in one direction. Any frame size that is larger than 102 bytes can be forwarded at full line rate.

Conditions   This symptom is observed on high-rate small-transit SRP frames on a Cisco 10720 router that is running Cisco IOS Release 12.0(19)SP, Release 12.0(20)SP, or Release 12.0(21)SP.

Workaround   There is no workaround.

CSCdy04039

Symptoms   A 3-port Gigabit Ethernet card may reload following the configuration of Border Gateway Protocol (BGP) Policy Accounting on either the main interface or a subinterface.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21.4)S2.

Workaround   There is no workaround.

CSCdy04062

Symptoms   A tunnel that is configured for IP version 6 (IPv6) does not pass traffic.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.1)S.

Workaround   There is no workaround.

CSCdy04143

Symptoms   The rate-limit output bps interface configuration command is not supported if the bps argument has a value of 80,000 or higher.

Conditions   This symptom is observed on a Cisco 12000 series router.

Workaround   There is no workaround.

CSCdy04218

Symptoms   You cannot set a maximum transmission unit (MTU) size other than the default size.

Conditions   This symptom is observed on a Packet-over-SONET interface that is configured on a Cisco 12000 series router.

Workaround   There is no workaround.

CSCdy04271

Symptoms   When Route Processor Redundancy Plus (RPR+) is enabled and you perform a microcode reload on an active Route Processor (RP) but the router is not configured with a standby RP, the configuration mode pauses indefinitely.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.01)S.

Workaround   There is no workaround.

CSCdy05218

Symptoms   On all components of a standby Route Processor (RP), dir, show, copy, and write commands may fail.

Conditions   This symptom is observed on a Cisco 12000 series router when the active RP is running a release earlier than Cisco IOS Release 12.0(21.1)S1 and the standby RP is running Cisco IOS Release 12.0(21.1)S1 or a later release.

Workaround   There is no workaround.

CSCdy09292

Symptoms   Physical inverse multiplexing over ATM (IMA) ports are not indexed in the IF-MIB.

Conditions   This symptom is observed on a Cisco router that has IMA interfaces. This symptom is resolved in Cisco IOS Release 12.2(3)T but may occur in Cisco IOS Release 12.2(8)T and Release 12.2(10.3)T2.

The following example of the IF-MIB shows ATM1/IMA0 (index 43), but the interface is not indexed:

ifDescr.40 = ATM1/7-aal5 layer
ifDescr.41 = ATM1/7.0-aal5 layer
ifDescr.42 = Null0
ifDescr.43 = ATM1/ima0 <----
ifDescr.44 = ATM1/ima0-atm layer
ifDescr.45 = ATM1/ima0.0-atm subif
ifDescr.46 = ATM1/ima0-aal5 layer
ifDescr.47 = ATM1/ima0.0-aal5 layer
ifDescr.48 = ATM1/ima0.40-atm subif
ifDescr.49 = ATM1/ima0.40-aal5 layer

Workaround   There is no workaround.

CSCdy09632

Symptoms   An access control list (ACL) may fail when there are more than 128 ACLs configured.

Conditions   This symptom is observed on any Engine 2 line card that is installed in a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.1)S.

Workaround   There is no workaround.

CSCdy09979

Symptoms   A Route Processor (RP) may reload when traffic engineering (TE) tunnels are configured.

Conditions   This symptom is observed on an RP that is running the gsr-p-mz image of Cisco IOS Release 12.0(22.1)S. The reload typically occurs after one or more tunnels are removed by entering the no interface interface-type interface-number global configuration command.

Workaround   Do not remove the tunnel interfaces.

CSCdy10293

Symptoms   A Versatile Interface Processor (VIP) on a Cisco 7500 series router may run out of memory and generate the following memory allocation (MALLOC) failure messages:

%SYS-2-MALLOCFAIL: Memory allocation of 65556 bytes failed from 0x6010EB8C, alignment 32 Pool: Processor Free: 173756 Cause: Memory fragmentation Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "CEF IPC Background", ipl= 0, pid= 31

The show process memory section in the output of the show tech EXEC command indicates that the Multiprotocol Label Switching (MPLS) Cisco Express Forwarding (CEF) interprocess communication (IPC) background process is holding up a large portion of the memory.

Conditions   This symptom is observed on the VIP of a Cisco 7500 series router.

Workaround   There is no workaround.

CSCdy11148

Symptoms   An active Route Processor (RP) is not able to access any of components of the standby RP, and the router cannot enable the Stateful Switchover (SSO) feature.

Conditions   These symptoms are observed when the active RP is running Cisco IOS Release 12.0(22)S on a Cisco 7500 series, Cisco 10000 series, or Cisco 12000 series router.

Workaround   There is no workaround.

CSCdy12694

Symptoms   The line protocol of several channels that are configured on several 24-port channelized E1/T1 line cards does not come up.

Conditions   This symptom is observed during scaling tests and occurs at a pseudorandom pattern when seven 24-port channelized E1/T1 line cards are installed in a Cisco 10000 series router and 168 ports are configured as 24 time-slot channels with PPP encapsulation. In this configuration, the line protocol of 8 out of 168 channels does not come up.

Workaround   To recover from the situation, enter the hw-module slot reload EXEC command.

CSCdy13460

Symptoms   Multiprotocol Label Switching (MPLS) packets that come in on a dense OC-48 Spatial Reuse Protocol (SRP) ring are not correctly handled and switched to the next hop. IP traffic works fine.

Conditions   The conditions under which these symptoms occur are not known at this time.

Workaround   There is no workaround.

CSCdy13504

Symptoms   Basic Frame Relay connectivity does not function on a Cisco 7200 series router.

Conditions   This symptom is observed on a Cisco 7200 series router that is running the c7200-p-mz image of Cisco IOS Release 12.0(22)S or Release 12.0(22.1)S1.

Workaround   There is no workaround.

CSCdy14361

Symptoms   When a Cisco 10720 router is forwarding Multiprotocol Label Switching (MPLS) packets at a very high rate, the Parallel Express Forwarding (PXF) data plane may reload.

Conditions   This symptom is observed when the Cisco 10720 router is forwarding MPLS traffic near the system limitation of 2 million packets per second and a routing change occurs that causes traffic to be forwarded to the Packet-over-SONET (POS)/Spatial Reuse Protocol (SRP) uplink interface instead of to an interface on the Fast Ethernet (FE) or Gigabit Ethernet (GE) line card, or the other way around, that is, to the interface on the FE or GE line card instead of to the POS/SRP uplink interface.

Workaround   There is no workaround.

CSCdy15610

Symptoms   IP traffic that leaves a Virtual Private Network routing/forwarding (VRF) interface that has dot1q encapsulation enabled may not have Address Resolution Protocol (ARP) entries and may fail.

Conditions   This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(22.01)S1.

Workaround   There is no workaround.

CSCdy15917

Symptoms   Policy-based routing commands on subinterfaces of an IP Service Engine (ISE) line card may not take effect properly.

Conditions   This symptom is observed on a Cisco 12000 series router when multiple Frame Relay subinterfaces are configured on an ISE line card.

Workaround   There is no workaround.

CSCdy17735

Symptoms   A single headend rewrite that is used by all prefixes that are routed over a tunnel is not updated properly when the label switched path tunnel state changes and there are no prefixes being routed over the tunnel.

In addition, the output of the show mpls traffic-eng fast-reroute database command inaccurately represents the entries that are contained within the Fast Reroute (FRR) database. Prefix information is not applicable to the headend tunnel rewrite and should be displayed separately.

The output of the show mpls traffic-eng fast-reroute database command does not display any tunnel data, but, as long as the headend tunnel is up, there should always be one entry for the headend tunnel.

Conditions   These symptoms are observed when FRR protection is enabled on a tunnel, when there are no prefixes being routed over this tunnel, and when Label Distribution Protocol (LDP) is not enabled.

Workaround   There is no workaround.

CSCdy18236

Symptoms   A Cisco 12000 series Engine 4 plus line card reloads during the bootup process.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   There is no workaround.

CSCdy18641

Symptoms   A router may reload unexpectedly when a Layer 2 Tunneling Protocol (L2TP) connection is established.

Conditions   This symptom is observed on a Cisco 7401ASR router that is used as a Layer 2 Tunneling Protocol (L2TP) network server (LNS).

Workaround   There is no workaround.

CSCdy19913

Symptoms   A virtual circuit (VC) bundle fails on an Virtual Private Network routing/forwarding (VRF) interface of an Engine 2 8-port OC-3 STM-1 ATM line card.

Conditions   This symptom is observed on a Cisco 12000 series router.

Workaround   Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the affected interface.

CSCdy20257

Symptoms   When customer edge (CE) routers are connected over a Layer 2 Tunneling Protocol version 3 (L2TPv3) tunnel, pings may not go through.

Conditions   This symptom is observed when the CE routers are connected to provider edge (PE) routers via Gigabit Ethernet links that have 802.1 encapsulation enabled. If the links are changed to Fast Ethernet, the symptom does not occur.

Workaround   There is no workaround.

CSCdy20461

Symptoms   After a standby Route Processor (RP) has fully initialized and you perform a microcode reload followed by a Route Processor Redundancy Plus (RPR+) switchover, both the active RP and the standby RP pause indefinitely when the line cards are coming back up.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.1)S1 in a configuration with 2000 ATM subinterfaces and 200 Border Gateway Protocol (BGP) peers that are advertising 180,000 BGP routes.

Workaround   There is no workaround. To recover from the situation, send a break.

CSCdy21549

Symptoms   When PPP encapsulation is enabled on Section Data Communications Channel (SDCC) interfaces on an OC-48 line card, connectivity is lost.

Conditions   This symptom is observed on a Cisco 10000 series router.

Workaround   Use only High-Level Data Link Control (HDLC) encapsulation.

CSCdy22453

Symptoms   When Multiprotocol Label Switching traffic engineering (MPLS TE) reoptimizes to a PPP link that just came up, traffic may be dropped for up to 1 minute.

Conditions   This symptom is observed when Label Distribution Protocol (LDP) is enabled.

Workaround   Use High-Level Data Link Control (HDLC).

Alternate Workaround   Disable LDP.

CSCdy22521

Symptoms   An Engine 4 (E4) Packet-over-SONET (POS) line card that is functioning as an ingress IP version 6 (IPv6) interface for traffic that is routed over IPv6 tunnels may reload.

Conditions   This symptom is observed on a Cisco 12000 series router when traffic is flowing through the E4 POS line card.

Workaround   There is no workaround.

CSCdy22744

Symptoms   The fix for CSCdx47695 that was integrated into Cisco IOS Release 12.0(21)S3 introduced a throttling mechanism that may be used when the physical layer interface module (PLIM) is congested. The throttling mechanism prevents interfaces or a bundle, or both, from flapping when bidirectional traffic with small packets is sent through either a 6-port channelized T3 line card or a 2-port channelized OC-3/STM-1 (DS1/E1) line card.

The throttling mechanism produces a severe performance impact, although no link flaps occur.

Conditions   This symptom is observed on a Cisco 12000 series router.

Workaround   There is no workaround. The fix for this caveat consists of a knob for the throttling.

CSCdy23912

Symptoms   A Cisco 7200 series router reloads when you enter the show access-list compiled EXEC command.

Conditions   This symptom is observed on Cisco 7200 series router that is configured with a Network Processing Engine G1 (NPE-G1) when there is an empty IP version 4 (IP4) or IP version 6 (IPv6) access control list (ACL).

Workaround   Ensure that the IPv4 or IPv6 ACL is not empty when you enter the show access-list compiled EXEC command.

CSCdy24263

Symptoms   If you perform an online insertion and removal (OIR) of a 4-port Packet-over-SONET OC-3c/STM-1 line card before a standby Route Processor (RP) is fully initialized, the line card disappears from the Cisco IOS configuration after the standby RP is fully initialized.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.2)S and that has the Route Processor Redundancy Plus (RPR+) feature enabled, 2000 ATM subinterfaces configured, and 200 Border Gateway Protocol (BGP) peers configured that are advertising 180,000 BGP routes.

Workaround   Boot both the active RP and the standby RP at the same time.

CSCdy25563

Symptoms   When a Cisco 12000 series router is booted up or when a 10-port 1-Gigabit Ethernet line cards is reloaded, a CPUHOG message may occur in the Cisco Express Forwarding (CEF) line card interprocess communication (IPC) background process, as is displayed in the following error message:

%SYS-3-CPUHOG: Task ran for 3120 msec (0/0), process = CEF LC IPC Background, PC = 40CEC7E0.
-Traceback= 40CEC7E8 40CDCDC0 40CF2498 40CEF65C 40CEF90C 40CEFBDC 40CF0604 40 0B9BCC 400B9BB8

Conditions   This symptom is observed on a Cisco 12416 router that is running Cisco IOS Release 12.0(22.1)S1 and that is configured with a Performance Route Processor (PRP), two 10-port 1-Gigabit Ethernet line cards, two 8/16-port OC-3 Packet-over-SONET (POS) line cards, each of which is configured with an even distribution of about 2000 Frame Relay permanent virtual circuit (PVC) subinterfaces, and 700 Border Gateway Protocol (BGP) peers.

Workaround   There is no workaround.

CSCdy25753

Symptoms   The Any Transport over Multiprotocol Label Switching (AToM) feature does not generate syslog messages that indicate if or when labels are being imposed or withdrawn on remote provider edge (PE) routers.

Conditions   This symptom is observed when AToM virtual circuit (VC) labels are imposed or withdrawn.

Workaround   If available in the software image that you are running, enable the debug logging commands.

CSCdy26487

Symptoms   An E1 interface may report that it is handling more than its maximum bandwidth of 1984 kbps.

Conditions   This symptom is observed on an E1 channel group that is configured with 31 time slots.

Workaround   There is no workaround.

CSCdy26606

Symptoms   A Versatile Interface Processor (VIP) that has a High-Speed Serial Interface (HSSI) reloads continuously after the router is reloaded.

Conditions   This symptom is observed when the HSSI interface is in the shutdown state and when it is configured for Frame Relay encapsulation while a quality of service (QoS) with priority feature is enabled.

Workaround   Enter the no shutdown interface configuration command on the interface or remove the QoS policy before reloading the router.

mechanism, for which the default position is "Off."

CSCdy27294

Symptoms   On a Cisco 12000 series router that is functioning as a provider edge (PE) router and that is configured with Engine 2 line cards in a Multiprotocol Label Switching Virtual Private Network (MPLS VPN) environment, route aggregation in Border Gateway Protocol (BGP) breaks connectivity because the more specific routes are not in the BGP VPN routing/forwarding (VRF) table.

Conditions   This symptom is observed when there are multiple customer edge (CE) routers attached to a 3-port Gigabit Ethernet line card, when route aggregation is used in the BGP IP version 4 (IPv4) VRF address family, and when more specific routes are suppressed.

Workaround   Ensure that the more specific routes are imported into the BGP VRF table by either redistribution or network statements.

CSCdy28243

Symptoms   After a Cisco 12000 series router performs a switchover, a Cisco Express Forwarding (CEF) CPUHOG message occurs and the router reloads.

Conditions   This symptom is observed when the Cisco 12000 series router is configured for IP routing and has IP CEF enabled and when the Address Resolution Protocol (ARP) table is filled with 50,000  entries.

Workaround   There is no workaround.

CSCdy28534

Symptoms   Attempting to perform a Fast Software Upgrade (FSU) causes a standby Route Switch Processor (RSP) to enter a continuous reboot cycle.

Conditions   This symptom is observed on a Cisco 7500 series router when you attempt to perform an FSU from Cisco IOS Release 12.0(22)S to Release 12.0(22.2)S or later releases.

Workaround   Perform a full software upgrade instead of an FSU.

CSCdy29545

Symptoms   Packets that are traversing an Engine 4 plus (E4+) OC-192 line card in a Cisco 12000 series router that has tag switching enabled may be dropped.

Conditions   This symptom is observed in a traffic engineering (TE) configuration and occurs when traffic is load balancing across multiple TE tunnels at the headend or when label imposition is performed over multiple paths.

Workaround   Enter the clear ip route network mask command on the ingress side of the OC-192 link. Use caution because entering the clear ip route * command may invoke the symptoms.

CSCdy29962

Symptoms   Traffic that is destined for a line card is forwarded to a Route Processor (RP).

Conditions   This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22.2)S when you apply an access control list (ACL) to a Virtual Private Network routing/forwarding (VRF) interface of an Engine 2 Packet-over-SONET line card.

Workaround   There is no workaround.

CSCdy29983

Symptoms   Border Gateway Protocol (BGP) policy accounting counters on a 3-port Gigabit Ethernet line card increment incorrectly.

The output of the show cef interface type number statistics EXEC command displays that the average rate of index 1 through 3 is about 200 to 300 Mbps while the actual traffic is about 400 kbps.

Conditions   This symptom is observed on a Cisco 12000 series router.

Workaround   There is no workaround.

CSCdy30438

Symptoms   An Engine 4 line card may reload and may become stuck in the REQ DUMP state.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.2)S when you enter the show controllers forwarding memory manager command.

Workaround   There is no workaround. The show controllers forwarding memory manager command is a line-card specific command. Although it is not a hidden command, in general, you should not use it.

CSCdy30484

Symptoms   An Engine 2 3-port Gigabit Ethernet line card that receives a tag packet with a Time to Live (TTL) value of 1 may reload.

Conditions   This symptom is observed on a Cisco 12000 series router.

Workaround   There is no workaround.

CSCdy30595

Symptoms   A Route Processor reloads and returns to the ROM monitor (ROMmon) prompt.

Conditions   This symptom is observed on a Cisco 12000 series router when you attach a Cell Loss Priority (CLP) bit setting hierarchical policy to an interface of an Engine 2 8-port OC-3 ATM line card.

Workaround   There is no workaround.

CSCdy30761

Symptoms  Extended pings fail to send packets in a mixed IP and Multiprotocol Label Switching (MPLS) network.

Conditions   This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22.2)S.

Workaround   There is no workaround.

CSCdy30797

Symptoms   A line card does not recover from a system interruption such as a router reload or a microcode reload onto the line card.

Conditions   This symptom is observed on a Cisco 12000 series router that is configured with an Engine 2 line card on which 100 Virtual Private Network (VPN) Frame Relay subinterfaces are configured.

Workaround   There is no workaround. However, in rare cases the line card may recover from an additional router reload.

CSCdy31191

Symptoms   Packets that enter a provider edge (PE) router over an Engine 4 plus (E4+) line card may not be filtered properly.

Conditions   This symptom is observed on a Cisco 12000 series router that is configured with an E4+ 1-port OC-192 or an E4+ 4-port OC-48 line card, when the packets are forwarded out of a Virtual Private Network routing/forwarding (VRF) customer-facing interface that has an output access control list (ACL) configured.

Workaround   There is no workaround.

CSCdy31315

Symptoms   A Cisco 12000 series router may reload in the ipc_open_port_by_name function.

Conditions   This symptom is observed on a Cisco 12416 router that is running Cisco IOS Release 12.0(22.1)S1 and that is configured with a Performance Route Processor (PRP), two 8/16-port OC-3 Packet-over-SONET (POS) line cards, each of which is configured with 1000 permanent virtual circuit (PVC) subinterfaces, and 700 Border Gateway Protocol (BGP) peers.

Workaround   There is no workaround.

CSCdy31765

Symptoms   The following symptoms may be observed on a Cisco 12000 series Engine 2 (E2) ingress line card that is installed in a provider edge (PE) router.

When traffic is destined for an IP address for which the Cisco Express Forwarding (CEF) adjacency is an Ethernet MAC address and the Address Resolution Protocol (ARP) cache is either empty or incomplete, traffic is punted to the CPU of the line card. The CPU attempts to resolve the adjacency and drops the traffic.

While the ARP cache for the Ethernet MAC address is incomplete but traffic is being received for the IP address, the CPU utilization of the line card may increase to 99 percent. This situation may lead to a loss of Interior Gateway Protocol (IGP) neighbors and fabric-unicast ping timeouts, which in turn may cause the line card to reload.

When the CEF adjacency moves from an incomplete state to a MAC address, buffer management application-specific integrated circuit (ASIC) (BMA) errors are triggered and packet switch ASIC (PSA) pipeline stall messages may be displayed:

%LC-3-BMAERRS: ToFab BMA BMA error status error 10
%QM-3-ERROR: ToFab Register 0x40007.
-Traceback= 403F0074 4036DBF4 40498814 400CCF98
%LC-3-BMAERRS: ToFab BMA QM error 1

Conditions   These symptoms are observed in a Multiprotocol Label Switching Virtual Private Network (MPLS VPN) in which a Cisco 12000 series router that is functioning as a PE router is connected to a provider (P) router through an E2 line card and the connection between the PE router and the customer edge (CE) router is a Gigabit Ethernet link.

Workaround   The following sequence of commands will prevent the loss of IGP neighbors and fabric-unicast ping timeouts:

a. Enter the attach slot-number privileged EXEC command for the E2 line card.

b. Enter the enable EXEC command.

c. Enter the configure terminal privileged EXEC command.

d. Enter the controller hw-throttle privileged EXEC (hidden) command.

This sequence of commands will not prevent BMA errors and PSA pipeline stall messages, but will prevent the IGP neighbors from being lost and the line card from reloading. Note that these commands will no longer be enabled if the line card or router reloads.

CSCdy32226

Symptoms   After a forced switchover, the new standby Route Processor (RP) does not come up properly. The startup configuration fails to synchronize to the new standby RP.

Conditions   These symptoms are observed on a Cisco 12000 series router after you have entered the redundancy force-switchover EXEC command.

Workaround   There is no workaround.

CSCdy33106

Symptoms   An IP Service Engine (ISE) line card reloads because of a software error.

Conditions   This symptom is observed after you have reloaded a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S or a later release while traffic was active, and the ISE line card has Virtual Private Networks (VPNs) configured on Frame Relay subinterfaces. After the router has reloaded, the line card comes up, reports a software error, and reloads.

Workaround   First terminate the traffic before you reload the router. After the router has reloaded, resume the traffic after the ISE line card has reached the Cisco IOS "Run" state.

CSCdy34017

Symptoms   An access control list (ACL) with an Internet Control Message Protocol (ICMP) entry may be incorrectly processed by (the packet switch ASIC [PSA] of) an Engine 2 line card.

Conditions   This symptom is observed on a Cisco 12000 series Engine line card when an ACL entry matches an ICMP packet that is specifying its type but not its code.

Workaround   Specify the code in all ICMP entries.

CSCdy35263

Symptoms   A Cisco 12000 series 4-port ATM line card repeatedly reloads after you have performed a microcode reload.

Conditions   This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22)S when the carrier supporting carrier feature configured on the 4-port ATM line card.

Workaround   There is no workaround.

CSCdy36370

Symptoms   Label controlled ATM (LC-ATM) bindings may not come up after a Stateful Switchover (SSO) is performed.

Conditions   This symptom is observed on a Cisco 7500 series router that is configured with an LC-ATM interface.

Workaround   There is no workaround.

CSCdy37630

Symptoms   A customer edge (CE) router cannot send Virtual Private Network (VPN) traffic to other CE routers that are connected to the same network core.

Conditions   This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22.3)S and that is functioning as a CE router that is attached to a provider edge (PE) router. The PE router is configured with an Engine 4 plus dense OC-48 line card that is facing the network core.

Workaround   There is no workaround.

CSCdy38681

Symptoms   A 1-port ATM Enhanced OC12/STM4 port adapter (PA-A3-OC12) that is configured with multiple Low Latency Queueing (LLQ) streams that are running near peak cell rate (PCR) may drop packets. The output of the show interfaces command displays that packets are sent out but no packets are coming in. Input or output packet drops are not displayed.

Conditions   This symptom is observed during a test on a Cisco 7500 series router that is running Cisco IOS Release 12.0(22)S.

Temporary Workaround   Enter the clear interface type number EXEC command each time the symptom occurs.

CSCdy39079

Symptoms   If a channel is shut down while there is a large amount of line-rate traffic flowing through a line card, the channel may stay down even after you enter the no shutdown interface configuration command on the interface on which the channel is configured. If you enter the shutdown interface configuration command followed by the no shutdown interface configuration command multiple times on the affected interface, the channel still does not come back up.

Conditions   This symptom is observed under rare situations.

Workaround   There is no workaround. To recover from the situation, reload the line card.

CSCdy39795

Symptoms   The CPUs of all line cards on a router may show very high utilization, and interprocess communication (IPC) between the Route Processor (RP) and the line cards may fail, which may disable the Forwarding Information Base (FIB) and Multicast Distributed Fast Switching (MDFS) and may cause line cards to reload.

Conditions   These symptoms are observed on a Cisco 12400 series router that is running Cisco IOS Release 12.0(22.3)S when there is a large number of Multiprotocol Label Switching traffic engineering (MPLS TE) tunnel interfaces configured and the ip multicast-routing distributed global configuration command is enabled.

Workaround   There is no workaround.

CSCdy40704

Symptoms   When you disable Link Bundling on the interfaces of a Cisco 12000 series Engine 2 line card, single-mode Link Bundling microcode is not unloaded.

Conditions   This symptom is observed when Link Bundling is configured on a Cisco 12000 series router.

Workaround   Reload default microcode onto the affected line cards.

CSCdy41363

Symptoms   Incoming traffic may be dropped because of giant packets.

Conditions   This symptom is observed when packets that are larger than 16,000 bytes come in and cause a significant memory leak in the packet memory.

Workaround   There is no workaround.

CSCdy41415

Symptoms   The global configuration mode becomes unlocked before a standby Route Processor (RP) is fully booted up.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.03)S and that is configured with two RPs.

Workaround   There is no workaround.

CSCdy41605

Symptoms   Traffic cannot pass out of a priority queue.

Conditions   This symptom is observed on a Cisco 10000 series router when a priority queue is configured on any interface.

Workaround   There is no workaround.

CSCdy41760

Symptoms   A standby Route Processor (RP) fails to come up to standby mode and reloads when a switchover occurs.

Conditions   This symptom is observed on a Cisco 12000 series router that is configured with two RPs. The LED shows that the secondary RP is in standby mode, but if you make a console connection to the standby RP, the standby RP fails to respond.

Workaround   There is no workaround.

CSCdy43056

Symptoms   Continuous fragmented generic routing encapsulation (GRE) packets in the core may cause a line card to reload.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S, Release 12.0(22)S, or Release 12.0(22.3)S.

Workaround   There is no workaround.

CSCdy43671

Symptoms   An Engine 0 ATM line card may reload.

Conditions   This symptom is observed under rare circumstances when a Cisco 12000 series router is booted up with Cisco IOS Release 12.0(21)ST3.

Workaround   There is no workaround.

CSCdy46586

Symptoms   "CBUS-4-FIXBADTXVC" tracebacks occur when traffic is being passed. These tracebacks have no operational side effects.

Conditions   This symptom is observed in Cisco IOS Release 12.0 S when Xconnect uses Layer 2 Tunneling Protocol version 3 (L2TPv3) for channelized interfaces with PPP or High-Level Data Link Control (HDLC) encapsulation.

Workaround   There is no workaround.

CSCdy46676

Symptoms   Performance degradation may occur on an Engine 4 plus line card when traffic engineering (TE) tunnel load balancing is enabled.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.3)S.

Workaround   There is no workaround.

CSCdy47173

Symptoms   A Route Processor (RP) may reload when you install a Flash card in slot 1 of the RP.

Conditions   This symptom is observed on a Cisco 12000 series router.

Workaround   There is no workaround.

CSCdy47439

Symptoms   The input queue on a Packet-over-SONET (POS) channel (that is, a physical interface in a channel group) may be wedged.

Conditions   This symptom is observed on a Cisco 12000 series router when you configure a POS channel.

Workaround   There is no workaround.

CSCdy47645

Symptoms   You cannot attach an output service policy with Class-Based Weighted Fair Queueing (CBWFQ) to an ATM subinterface that is configured for tag switching.

Conditions   This symptom is observed on a Cisco 7500 series router.

Workaround   There is no workaround.

CSCdy48075

Symptoms   If an active Performance Routing Engine (PRE) fails before a standby Performance Route Processor (PRP) is fully configured, the standby PRP may not perform a switchover correctly.

Conditions   This symptom is observed on a Cisco 10000 series router in a redundant configuration.

Workaround   Do not force a switchover until the standby PRP is fully initialized. If the active PRP fails and the standby PRP does not switch over correctly, reload the standby PRP.

CSCdy48985

Symptoms   During Intermediate System-to-Intermediate System (IS-IS) fragmentation through a Layer 2 Tunneling Protocol version 3 (L2TPv3) session, a "%LINK-4-TOOBIG" error may occur.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.3)S.

Workaround   There is no workaround.

CSCdy50509

Symptoms   An extended security access control list (ACL) that has the "lt 0" or "gt 65535" keyword should not match any port. However, when you use a Turbo ACL that has the access-list compiled global configuration command enabled, the "lt 0" or "gt 65535" keyword will match any port.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   Remove the "lt 0" or "gt 65535" keyword.

CSCdy51197

Symptoms   Fast Reroute (FRR) may fail to trigger if the cause of the failure is registered in the Route Processor (RP) when the link state is already down.

Conditions   This symptom may be observed when triggers are delayed, for example when the pos delay triggers interface configuration command is enabled.

Workaround   Disable the pos delay triggers interface configuration command.

CSCdy52055

Symptoms   The running configuration is no longer synchronized after you perform an online insertion and removal (OIR) of the line card followed by a Stateful Switchover (SSO).

Conditions   This symptom is observed on a Cisco 10000 series router that is functioning in a high availability (HA) environment and that is connected to a Cisco 12000 series router via an 8-port Fast Ethernet line card, a Gigabit Ethernet line card, or a Gigabit Ethernet Half-Height line card, when the following sequence of events occurs:

a. The IP address of the line card is configured and saved to the startup configuration.

b. The Cisco 12000 series router issues a continuous ping.

c. You perform and OIR on the line card that connects the Cisco 10000 series router to the Cisco 12000 series router.

d. When the continuous ping of the Cisco 12000 series router is registered again, you enter the redundancy force-failover main-cpu EXEC command on the Cisco 10000 series router.

The output of the show running-config EXEC command and the show ip interface brief EXEC command displays that the line card that connects the Cisco 10000 series router to the Cisco 12000 series router no longer has an IP address configured.

Workaround   To restore the proper configuration, enter the copy startup-config running-config EXEC command.

CSCdy52168

Symptoms   A standby Performance Routing Engine (PRE) may not detect all line cards, which causes traffic not to resume after a Stateful Switchover (SSO) has occurred.

Conditions   This symptom is observed on a Cisco 10000 series router.

Workaround   There is no workaround.

CSCdy52429

Symptoms   Label controlled ATM (LC-ATM) bindings may not come up after a Stateful Switchover (SSO) is performed.

Conditions   This symptom is observed on a Cisco 7500 series router that is configured with an LC-ATM interface.

Workaround   There is no workaround.

CSCdy53082

Symptoms   There is no local tag in the Label Forwarding Information Base (LFIB) for a prefix or tag that is learnt through IP version 4 (IPv4) Border Gateway Protocol (BGP).

Conditions   This symptom is observed when the prefix or tag is redistributed through Interior Gateway Protocol (IGP)/Label Distribution Protocol (LDP).

Workaround   There is no workaround.

CSCdy54559

Symptoms   If a policy map configuration is based on Multiprotocol Label Switching (MPLS) experimental (EXP) bits, the Weighted Random Early Detection (WRED) profile matching on the EXP bits is not accepted by the policy map.

Conditions   This symptom is observed on a Cisco 12000 series router.

Workaround   There is no workaround.

CSCdy54781

Symptoms   The software access control list (ACL) counter may not increase, but the hardware counter does.

Conditions   This symptom is observed when you apply an ACL to multiple interfaces and then update the ACL.

Workaround   First remove the ACL from the interfaces, update the ACL, and then apply the ACL again to the interfaces.

CSCdy55441

Symptoms   If a 128-line input access control list (ACL) is configured on an Engine 2 Quad OC-12 line card that has interfaces configured for Virtual Private Network (VPN) and one subinterface for Frame Relay, the line card may reload.

Conditions   This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22)S.

Workaround   There is no workaround.

CSCdy55672

Symptoms   Cisco Express Forwarding (CEF) entries are not installed correctly for loopback IP version 6 (IPv6) addresses.

Conditions   This symptom is observed on a Cisco 12000 series router.

Workaround   To enable the entries to be installed, enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the affected interface.

CSCdy57386

Symptoms   A router may reload when you change the router identity (ID).

Conditions   This symptom is observed when an Any Transport over Multiprotocol Label Switching (AToM) virtual circuit (VC) is operational.

Workaround   To ensure that the router ID is not changed, configure a loopback interface and enter the mpls ldp router-id loopback force command.

CSCdy59030

Symptoms   On an active Route Processor (RP), label virtual circuits (LVCs) are created, but on a standby RP, LVCs are not created and the control virtual circuit (VC) is blocked. When a switchover occurs, LVCs are still present on an ATM line card. Because the Multiprotocol Label Switching (MPLS) feature only deletes tag entries that time out, stray VCs may remain configured on the router without being noticed.

Conditions   These symptoms are observed when tag switching is configured over an ATM interface that is installed in a router that functions in an MPLS environment. When the control VC is set up, ATM LVCs are created automatically when routes are created, but they are only created on the active RP and not on the standby RP.

Workaround   There is no workaround.

CSCdy59340

Symptoms   Multiprotocol Label Switching Virtual Private Network (MPLS VPN) may not function on the subinterfaces of a 3-port Gigabit Ethernet (GE) line card. Border Gateway Protocol (BGP) becomes stuck in the "open sent" state on a provider edge (PR) router that is connected to one end of the GE link.

Conditions   These symptoms are observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22.4)S when Ethernet over MPLS (EoMPLS) microcode is loaded onto the 3-port GE line card.

Workaround   There is no workaround.

CSCdy59895

Symptoms   Traffic is not sent through a network when you use an ATM link between a Cisco customer edge (CE) router and a Cisco provider edge (PE) router.

Conditions   This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22.4.)S.

Workaround   There is no workaround.

CSCdy65452

Symptoms   A standby Route Processor (RP) reloads during initialization.

Conditions   This symptom is observed on a Cisco 12000 series router that is configured with two RPs when the Stateful Switchover (SSO) feature is enabled.

Workaround   There is no workaround.

CSCdy66571

Symptoms   The shadow state on a standby Route Processor (RP) remains down after you enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the router interfaces.

Conditions   This symptom is observed on a Cisco 12000 series router that is configured with two RPs when the Stateful Switchover (SSO) feature is enabled.

Workaround   There is no workaround.

CSCdy67004

Symptoms   The following error message may be displayed on the console of a standby Performance Routing Engine (PRE):

%CHSTM1-3-STATESYNC: Redundancy state synchronization failure slot 1/0 - (invalid parameters)

This message indicates that some of the redundancy features are not functioning correctly on a 1-port channelized OC-12 line card.

Conditions   This symptom is observed when at least one 1-port channelized OC-12 line card is installed in a Cisco 10000 series router that is configured with redundant PREs.

Workaround   There is no workaround.

CSCdy73001

Symptoms   If a primary Clock Scheduler Card (CSC) is pulled out and reinserted while traffic through an OC-48 line card is running, the inbound traffic will stop being forwarded and the line card may reload.

Conditions   This symptom is observed on a Cisco 12000 series router.

Workaround   There is no workaround.

CSCdy74457

Symptoms   The forwarding of IP version 6 (IPv6) packets from a Cisco 12000 series Engine 3 line card to a Cisco 12000 series Engine 0 line card does not function for certain directly connected hops.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S or Release 12.0(22)S1.

Workaround   There is no workaround.

CSCdy74512

Symptoms   Layer 2 Tunneling Protocol version 3 (L2TPv3) Ethernet Xconnect does not transport 802.3-encapsulated packets such as Systems Network Architecture (SNA) packets, Connectionless Network Protocol (CLNP) packets, and Intermediate System-to-Intermediate System (IS-IS) packets.

Conditions   This symptom is observed on Cisco 7200 series routers and low-end platforms. The symptom is also observed on Cisco 7500 series routers in nondistributed mode.

Workaround   There is no workaround.

CSCdy75485

Symptoms   All Layer 2 management packets are dropped, which causes all interfaces that depend upon keepalives to transition to the down state.

Conditions   This symptom is observed on a Cisco 10000 series router in a configuration with a large numbers of interfaces.

Workaround   There is no workaround.

CSCdy76964

Symptoms   When you configure Per-Packet Load Balancing (PPLB) and Layer 2 Tunneling Protocol version 3 (L2TPv3) on a 3-port Gigabit Ethernet line card, L2TPv3 may drop packets.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.4)S.

Workaround   Disable PPLB on the line card.

CSCdy78808

Symptoms   An Engine 2 line card may generate "QM-4-STUCK" messages and may stop forwarding traffic.

Conditions   This symptom is observed on a Cisco 12000 series router when an adjacent router is booted up.

Workaround   Reload microcode onto the Engine 2 line card.

CSCdy81016

Symptoms   An ATM interface may have some initialization difficulties. Although a ping can pass the ATM interface, when the ATM interface sends traffic and the traffic rate is more than 10 packets per second, the packets will be dropped.

Conditions   This symptom is observed randomly. After the router has booted up, some ATM subinterfaces function correctly, whereas some do not.

Workaround   Remove the virtual circuit (VC) under the affected subinterface, and reconfigure the VC.

CSCdy81098

Symptoms   A Cisco router may reload when a Multiprotocol Label Switching traffic engineering (MPLS TE) tunnel interface changes to the "Up" state.

Conditions   This symptom is observed when load-balanced Interior Gateway Protocol (IGP) paths are configured.

Workaround   There is no workaround.

CSCdy81738

Symptoms   The routes in a Cisco Express Forwarding (CEF) table may be mismatched between the Gigabit Route Processor (GRP) and the line cards. You can clear the mismatch by entering the clear cef linecard EXEC command, but if the routes are relearned, the situation will reoccur.

Conditions   This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21)S4 or Release 12.0(22)S when an access control list (ACL) is configured to deny Simple Network Management Protocol (SNMP) packets.

Workaround   Disable the ACL that denies the SNMP packets.

Alternate Workaround   Run Cisco IOS Release 12.0(21)S3.

CSCdy82049

Symptoms   Applying some features that are found in the Vanilla uCode bundle on interfaces that have Xconnect enabled may cause Internet Control Message Protocol (ICMP) to fail when the maximum transmission unit (MTU) is exceeded.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.4)S.

Workaround   Remove the above-mentioned features from interfaces that have Xconnect enabled.

CSCdy86230

Symptoms   The Small Form-Factor Plugable (SFP) command-line interface (CLI) is enabled on production images. It should be enabled on nonproduction images and disabled on production images.

Conditions   This symptom is observed in Cisco IOS Release 12.0 S.

Workaround   There is no workaround.

CSCdy87479

Symptoms   An OC-12 Dynamic Packet Transport (DPT) line card may reload when IP version 6 (IPv6) is configured on the interface.

Conditions   This symptom is observed when IPv6 traffic enters the interface.

Workaround   Unconfigure IPv6 on the interface, and use tunnels instead.

CSCdy87514

Symptoms   A Gigabit Route Processor (GRP) or line card may reload at tfib_frr_update_group_output_if.

Conditions   This symptom is observed on a Cisco 12000 series router that is configured for Multiprotocol Label Switching traffic engineering (MPLS TE) with Fast Reroute (FRR).

Workaround   There is no workaround.

CSCdy89077

Symptoms   A Cisco 12000 series Engine 2 line card may incorrectly drop all packets that are destined for the router. This condition may result in the loss of routing protocol packets, and the protocol connectivity with neighbors may reset.

Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(18)ST or a later release, or Release 12.0(22)S or a later release when heavy utilization of the CPU of the line card occurs.

Workaround   There is no workaround.

CSCdz00424

Symptoms   A line card reloads when you enter the shutdown PVC range configuration command followed by the no shutdown PVC range configuration command on a permanent virtual circuit (PVC) through which traffic flows.

Conditions   This symptom is observed only when there are multiple PVCs configured and does not occur when a single PVC is shut down and brought up again.

Workaround   There is no workaround.

CSCdz06149

Symptoms   When an input access control list (ACL) is configured and the ip unreachables interface configuration command is enabled (which is enabled by default) on an interface, a low rate of packet leakage occurs for those packets that are dropped by the ACL. The rate is the same or less than the expected rate of Internet Control Message Protocol (ICMP) unreachable packets that are sent back to the source. The leak occurs only for IP packets (without the IP Header [L3] option) that have a size that is smaller than 56 bytes.

Conditions   This symptom is observed in Cisco IOS Release 12.0 S on a Cisco 12000 series 4-port OC-48c/STM-16c Packet-over-SONET Enhanced Services line card and on a Cisco 12000 series 1-port OC-192c/STM-64 Packet-over-SONET Enhanced Services line card.

This symptom does not occur in Cisco IOS Release 12.0 ST.

Workaround   Enter the no ip unreachables interface configuration command on the interface to prevent the packet leakage. However, in this situation, ICMP unreachable packets are not sent back to the source when packets are dropped by the ACL.

CSCdz06300

Symptoms   The IP Source Tracker feature unexpectedly stops functioning on a line card, and packets for the source-tracked destination are not forwarded because the IP Source Tracker feature is stuck in the throttling mode.

Conditions   This symptom is observed on a Cisco 12000 series Engine 2 line card. To determine if the line card is in the above-mentioned condition, enable the debug lc hw-throttle hidden command; if the following message recurs every two seconds—even when there is low CPU utilization—the IP Source Tracker feature is stuck in the throttling mode:

SLOT 0: GLC_HW: Disabled HW DOS throttling (CPU at 0%, sched skew: -1%)

Workaround   Reload the line card.

CSCdz07976

Symptoms   An Engine 2 line card may reload continuously.

Conditions   This symptom is observed on a Cisco 12000 series router when a router that is adjacent to the Cisco 12000 series router is rebooted while Border Gateway Protocol (BGP) policy accounting is configured on the Engine 2 line card and traffic is flowing through the line card.

Workaround   There is no workaround. When this situation occurs, stop the traffic that is flowing through the Engine 2 line card until Cisco Express Forwarding (CEF) is loaded onto the line card.

CSCin10067

Symptoms   When member links are removed from a multilink bundle (M2) and configured as members of another multilink bundle (M5), the M5 multilink bundle does not come up.

Conditions   This symptom is observed only with the distributed Multilink PPP (MLP) feature when a member link is reconfigured to be a member link of another multilink bundle. This symptom is observed only on Cisco 7500 series and Cisco 7600 series routers.

Workaround   There is no workaround.

CSCin10568

Symptoms   Untagged entries appear in the Tag Forwarding Information Base (TFIB).

Conditions   This symptom is observed when you toggle a Label Distribution Protocol (LDP)/Tag Distribution Protocol (TDP) session by toggling the LDP router identification (ID). This situation occurs in Cisco IOS Release 12.0 (21.1)S2, Release 12.0(21.1)SY2, Release 12.2(8.4), Release 12.2(8.4)S, Release 12.2(8.5)T, or later versions of the above-mentioned releases.

Workaround   Enter the clear ip route network command to recover from the situation.

CSCdz10787

Symptoms   When a label switching router (LSR) reroutes some destinations and selects another interface, the upstream LSR for these destinations may lose the headend label bindings for them.

Conditions   This symptom is observed in a Multiprotocol Label Switching (MPLS) ATM network when Intermediate System-to-Intermediate System (IS-IS) is used as the routing protocol.

Temporary Workaround   Enter the clear ip route network EXEC command for the affected destinations until the symptom occurs again.

CSCin12742

Symptoms   The alarm indication signal (AIS) that is sent by a port adapter is not recognized. The AIS that is sent by the port adapter does not conform to existing standards.

Conditions   This symptom is observed in a network in which two T3 multichannel port adapters (PA-MC-2T3) are configured in a back-to-back configuration for M23 framing.

Workaround   There is no workaround.

CSCuk35272

Symptoms   A Cisco 12000 series Internet router may reload when the shutdown interface configuration command followed by the no shutdown interface configuration command is entered on a multilink bundle that is connected to a Cisco 7200 series router.

Conditions   This symptom is observed on a Cisco 12000 series Internet router that has a 2-port CHOC3/STM1 T1/E1 line card that is connected through an Add-Drop Multiplexor (ADM) to a Cisco 7200 series router that has a channelized E1 PRI port adapter. This symptom is observed in Cisco IOS Release 12.0(17)ST6 and Release 12.0(21)ST2.

Workaround   There is no workaround.

CSCuk35313

Symptoms   A Cisco 12000 series 8-port Packet-over-SONET OC-3c/STM-1 line card may reload.

Conditions   This symptom is observed when the encapsulation type of one of the interfaces of the line card is set to Frame Relay.

Workaround   There is no workaround.

CSCuk35848

Symptoms   Adjacencies that are required to forward packets to an IP Service Engine (ISE) line card are not created properly, and packets cannot be forwarded through a pseudowire or tunnel.

Conditions   This symptom is observed on a Cisco 12000 series router when Layer 2 Tunneling Protocol version 3 (L2TPv3) and generic routing encapsulation (GRE) are configured.

Workaround   There is no workaround.

CSCuk36097

Symptoms  The "receive" adjacency of an IP Service Engine (ISE) line card may not be created correctly on ingress line cards. This situation prevents a generic routing encapsulation (GRE) tunnel from forwarding packets.

Conditions   This symptom is observed when a Cisco 12000 series router is configured with an ISE line card and with more than one GRE tunnel.

Workaround   There is no workaround.

CSCuk36359

Symptoms  A Layer 2 Tunneling Protocol version 3 (L2TPv3) connection may not function because the tunnel endpoint cannot be learned.

Conditions   This symptom is observed in Cisco IOS Release 12.0(22.1)S.

Workaround   There is no workaround.

CSCuk37123

Symptoms   Traffic that is sent from an Engine 3 line card over the switch fabric to Multilink PPP (MLP) bundles that are configured on a 2-port channelized OC-3/STM-1 (DS1/E1) line card drops.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S2 or Release 12.0(22.3)S and that is configured with a 4-port IP Service Engine (ISE) OC-12c/STM-42 Packet-over-SONET line card and a 2-port channelized OC-3/STM-1 (DS1/E1) line card.

Workaround   There is no workaround.

CSCuk37799

Symptoms   A Cisco 12000 series IP Service Engine (ISE) line card reloads when you exceed the hardware limitation during the configuration of an access control list (ACL).

Conditions   This symptom is observed after you have first attached the ACL to several Frame Relay subinterfaces.

Workaround   First configure the ACL, and then attach it to the subinterfaces.

CSCuk38075

Symptoms   Web Cache Communication Protocol (WCCP) does not function properly when Cisco Express Forwarding (CEF) is enabled. Bypass packets from the cache engine are dropped instead of being forwarded.

Conditions   This symptom is observed when both WCCP and CEF are enabled.

Workaround   Disable CEF on the router, and rely on IP fast switching.

Novell IPX, XNS, and Apollo Domain

CSCdx83726

Symptoms   A router may display a bus error or, if a hard watchdog reset is performed, the router may display a hard watchdog reset_message.

Conditions   This symptom is observed on a router that is running Cisco IOS Release 12.2 PI when Internetwork Packet Exchange (IPX) Enhanced Interior Gateway Routing Protocol (EIGRP) is being used.

Workaround   There is no workaround.

Wide-Area Networking

CSCdv16842

Symptoms   A router may reload when it is performing heavy IP Control Protocol (IPCP) address negotiations such as those that occur when several hundred links are brought up simultaneously on an ATM or Frame Relay interface.

Conditions   This symptom is observed when several hundred IPCP sessions are renegotiated without a recycle of Link Control Protocol (LCP).

Workaround   There is no workaround.

CSCdw87830

Symptoms   If you copy the configuration to the running configuration using TFTP, not all of the multilink bundles may transition into the "Up" state.

Conditions   This symptom is observed on a Cisco 10000 series router that has a configuration with many multilink bundles.

Workaround   There is no workaround.

CSCdy16126

Symptoms   Frame Relay switching does not work on a router when distributed Cisco Express Forwarding (CEF) is configured.

Conditions   This symptom is observed if a switched data-link connection identifier (DLCI) is configured directly on a Local Management Interface (LMI) DTE interface on a Cisco 7500 router that has distributed Cisco Express Forwarding (DCEF) configured by entering the frame-relay interface-dlci dlci interface configuration command.

This symptom does not occur with an LMI DCE or a Network Node Interface (NNI).

Workaround   Use the frame-relay route interface configuration command on the DTE instead of the frame-relay interface-dlci dlci interface configuration command.

CSCdy17559

Symptoms   The frame-relay map interface configuration command may not synchronize correctly to a standby Route Processor (RP).

Conditions   This symptom is observed on a Cisco 12000 series router when Frame Relay switching occurs. The symptom is not observed when back-to-back Frame Relay encapsulation is configured.

Workaround   There is no workaround.

CSCdy27349

Symptoms   A locally switched Frame Relay connection that is enabled with the connect Frame Relay global configuration command may remain administratively down after a Stateful Switchover (SSO) has occurred, even though the permanent virtual circuit (PVC) state is "active."

Conditions   This symptom is observed on a Cisco 7500 series router. The symptom does not occur when you enable the locally switched Frame Relay connection with the frame-relay route interface configuration command.

Workaround   To reestablish the connection, enter the no shutdown interface configuration command in the connect submode.

Alternate Workaround   To reestablish the connection, enter the shutdown interface configuration command followed by the no shutdown interface configuration command on one of the Frame Relay interfaces.

CSCin15119

Symptoms   A router may reload because of an SSS memory allocation failure (MALLOCFAIL) during a session establishment.

Conditions   This symptom is observed on a Cisco router that functions as a Virtual Private Dialup Network (VPDN) home gateway (HGW) that is using Layer 2 Forwarding (L2F), Layer 2 Tunneling Protocol (L2TP), or PPP Tunnel Protocol (PPTP) as the tunneling protocol.

Workaround   There is no workaround.

Resolved Caveats—Cisco IOS Release 12.0(22)S6

Cisco IOS Release 12.0(22)S6 is a rebuild of Cisco IOS Release 12.0(22)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(22)S6 but may be open in previous Cisco IOS releases. This section describes only severity 1 and 2 caveats.

IP Routing Protocols

CSCec16481

A Cisco device running Internetwork Operating System (IOS) and enabled for the Open Shortest Path First (OSPF) Protocol is vulnerable to a Denial of Service (DoS) attack from a malformed OSPF packet. The OSPF protocol is not enabled by default.

The vulnerability is only present in IOS release trains based on 12.0S, 12.2, and 12.3. Releases based on 12.0, 12.1 mainlines and all IOS images prior to 12.0 are not affected. Refer to the Security Advisory for a complete list of affected release trains.

Further details and the workarounds to mitigate the effects are explained in the Security Advisory which is available at the following URL:

http://www.cisco.com/warp/public/707/cisco-sa-20040818-ospf.shtml.

Miscellaneous

CSCdy74384

Symptoms: Per Interface Rate Control (PIRC) does not act on IP traffic that would have otherwise been tagged (MPLS) if the current hop was not the penultimate hop for a given destination. PIRC does not act on IP traffic with destination addresses that have an implicit-null label as their label binding.

Conditions: This symptom is observed on a Cisco 12000 series router.

Workaround: There is no workaround.

CSCdz54497

This caveat consists of two symptoms, two conditions, and two workarounds:

Symptom 1: The interface index of a tunnel interface may be corrupt, and the output of the show running-config privileged EXEC command may display the following information:

%FIB-2-IFINDEXILLEGAL: An internal software error occurred. Argument ifindex is out of bounds at -1.

Condition 1: This symptom is observed on a Cisco 7500 series after a switchover has occurred and you first add a tunnel interface, then remove the tunnel interface, and then add the tunnel interface again.

Workaround 1: There is no workaround.

Symptom 2: Cisco Express Forwarding (CEF) may not form adjacencies across a 2-port multichannel T3 port adapter (PA-MC-2T3+) as is indicated in the output of the show cef interface type number EXEC command (in this example, serial interface 12/0/0/8:0 is used):

% CEF IDB corresponding to Serial12/0/0/8:0 is not found

Condition 2: This symptom is observed on a Cisco 7500 series after a switchover has occurred and you first add a serial interface, then remove the serial interface, and then add the serial interface again.

Workaround 2: There is no workaround.

CSCea05010

Symptoms: An outgoing adjacency for a Virtual Private Network (VPN) routing/forwarding (VRF) prefix always points to a virtual interface in distributed Cisco Express Forwarding (dCEF).

Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S5.

Workaround: There is no workaround.

CSCeb54951

Symptoms: A Performance Route Processor (PRP) on a Cisco 12000 series can reload with a SIGTRAP exception after receiving a 1612 bytes or longer frame on an Ethernet0 or Ethernet1 interface.

Conditions: This symptom is observed only on the PRP. The Gigabit Route Processor (GRP) is not affected.

Workaround: Isolate the PRP Ethernet ports to an isolated Ethernet segment.

CSCeb81538

Symptoms: An Engine 4 line card may reload when an Engine 2 line card sends a corrupt Multiprotocol Label Switching (MPLS) packet.

Conditions: This symptom is observed on a Cisco 12000 series that is configured for MPLS.

Workaround: There is no workaround.

CSCec13559

Symptoms: On Packet-over-SONET (POS) Engine 2 line cards for a Cisco 12000 series router, IP2TAG traffic does not get rate limited by Per Interface Rate Control (PIRC).

Conditions: This symptom is observed when PIRC is enabled on ingress interface, Multiprotocol Label Switching (MPLS) is enabled on egress interface, and the IP destination is more than one hop away. This symptom is also observed on Engine 2 Gigabit Ethernet line cards.

Workaround: There is no workaround.

CSCec16725

Symptoms: Ethernet over Multiprotocol Label Switching (EoMPLS) disposition fails for an egress Packet-over-SONET (POS) Engine 4 plus (E4+) line card. Tag bytes increment as traffic comes in, but nothing is sent out the egress 3-port Gigabit Ethernet (GE) interface.

Conditions: This symptom is observed on a Cisco 12416 router that is running Cisco IOS Release 12.0(22)S5.

Workaround: Use a different card or router for the EoMPLS disposition, but do not use the E4+ line card.

CSCec20473

Symptoms: A 3-port Gigabit Ethernet (GE) line card may stop transmitting traffic.

Conditions: This symptom is observed on a Cisco 12000 series that is configured as a Multiprotocol Label Switching (MPLS) provider edge (PE) router that is running Cisco IOS Release 12.0(25)S1.

Workaround: Use the hw-module slot x reload privileged EXEC command.

Resolved Caveats—Cisco IOS Release 12.0(22)S5

Cisco IOS Release 12.0(22)S5 is a rebuild of Cisco IOS Release 12.0(22)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(22)S5 but may be open in previous Cisco IOS releases. This section describes only severity 1 and 2 caveats.

Basic System Services

CSCdv75121

Symptoms: A master Route Switch Processor (RSP) may cause a router to pause indefinitely or reload.

Conditions: This symptom is observed on a Cisco 7500 series router that is configured with a line card when the write memory EXEC command is entered and when the line card reloads while the write memory EXEC command is being processed.

Workaround: There is no workaround.

CSCdz87017

Symptoms: Information about a port adapter (PA) may be missing from the output of a show diag EXEC command.

Conditions: This symptom is observed on a controller with a memory size of 128 MB DRAM and 8192 KB SRAM. The controller displays the following information:

PA Bay 0 Information: Fast-Ethernet PA, 1 ports, 100BaseTX-ISL EEPROM format version 0 HW rev 0.00, Board revision UNKNOWN Serial number: 00000000 Part number: 00-0000-00

PA Bay 1 Information: Fast-Ethernet PA, 1 ports, 100BaseTX-ISL EEPROM format version 1 HW rev 1.00, Board revision A0 Serial number: 08534388 Part number: 73-1688-04

This condition is seen after upgrading from Cisco IOS Release 12.2(11)T to Cisco IOS Release 12.2(13)T.

Workaround: There is no workaround.

IP Routing Protocols

CSCdu53656

A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet. BGP MD5 is a valid workaround for this problem.

Cisco has made free software available to address this problem. For more details, see the advisory at http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml.

CSCdx02283

Symptoms: A Cisco router does not register correctly with a Route Processor (RP) over a generic routing encapsulation (GRE) tunnel. The output of the debug ip pim [group] privileged EXEC command shows that the register is being sent but that the RP does not receive it.

Conditions: This symptom is observed on a Cisco router that has a directly connected source in a GRE tunnel environment.

Workaround: There is no workaround.

CSCdz10505

Symptoms: When a neighbor under virtual route forwarding (VRF) is configured using the bgp graceful-restart router configuration command, the session does not begin. A notification regarding the wrong OPEN message is generated.

Conditions: This symptom is observed only when the router is configured using the bgp graceful-restart router configuration command.

Workaround: There is no workaround.

CSCea28131

A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet. BGP MD5 is a valid workaround for this problem.

Cisco has made free software available to address this problem. For more details, see the advisory at http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml.

CSCea64725

Symptoms: If a peer group is slow to establish and comes up while other members of the peer group are converging, the recently established member may not advertise the routes that were sent to the other members.

Conditions: This symptom occurs only if the new peer group member comes up while the other members of a peer group are converging. This symptom does not occur if the new peer group member comes up after the other members of the peer group have finished converging.

Workaround: The routes can be readvertised by entering the clear ip bgp peer-group-name soft out privileged EXEC command for any peer that has missing routes.

CSCeb00172

Symptoms: When the neighbor {ip-address | peer-group-name} default-originate router configuration command is used with a peer group, peers that belong to that peer group come up at a different time from when the Border Gateway Protocol (BGP) is formatting updates. Because of this behavior, the router may not advertise all routes to members of the peer group.

Conditions: This symptom is observed with IP version 4 (IPv4) unicast and Virtual Private Network (VPN) routing/forwarding (VRF) address family (AF) packets.

Workaround: There is no workaround.

CSCeb00180

Symptoms: Border Gateway Protocol (BGP) update generation may pause indefinitely when BGP is converging.

Conditions: This symptom may occur under any of the following six conditions when BGP is converging:

1. When non-peer-group peer sessions flap or when the clear ip bgp address privileged EXEC command is entered several times for a non-peer-group peer.

2. When the clear ip bgp * soft out privileged EXEC command is entered repeatedly in rapid succession.

3. When peers are moved in or out of peer groups.

4. When routers that are configured with unicast assured forwarding (AF) and AF only are reloaded.

5. When all members of a peer group are cleared by performing either a hard reset or a soft reset. In this situation, only the peer group is affected.

6. When some routes are advertised to or withdrawn from the router while the router is converging, some peers in a peer group may not receive all the updates.

Workaround: There is no workaround for conditions 1 through 5.

To recover from condition 6, enter the clear ip bgp neighbor-address soft out privileged EXEC command. For the neighbor-address argument, use the IP address of the peer that did not receive all of the updates.

CSCeb14687

Symptoms: Border Gateway Protocol (BGP) may send incomplete updates to the peer routers, and some routers may not send full routes to their peer routers. This behavior may cause some routes to be missing from the peer.

Conditions: This symptom is observed when a slow BGP peer in a peer group comes up while BGP is in the process of sending updates to the peer routers. This symptom is not platform specific.

Workaround: Enter the clear ip bgp peer- address soft out EXEC command to clear this condition. Avoid using a peer group if possible.

Miscellaneous

CSCdx59003

Symptoms: A Cisco 12000 series Internet router may report incorrect environmental values, as the following environmental logs display:

%ENV_MON-2-VOLTAGE: MBUS 5V supply(slot 1) volts has reached SHUTDOWN level at 5 m(V) %ENV_MON-2-TEMP: Hotpoint temp sensor(slot 17) temperature has reached SHUTDOWN level at 756(C) %ENV_MON-2-VOLTAGE: Card 3.3v supply(slot 17) volts has reached CRITICAL level at 2560 m(V)

Although the environmental logs indicate that the shutdown level has been reached, the router does not shut down the line cards for which the incorrect environmental values are reported.

Conditions: This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S3, Release 12.0(21)S5, Release 12.0(21)ST2, or Release 12.0(22)S.

Workaround: There is no workaround.

CSCdy89749

Symptoms: A Gigabit Ethernet Interface Processor plus (GEIP+) may report many alignment errors and the CPU utilization may stay at 100 percent.

Conditions: This symptom is observed on a Cisco 7500 series router.

Workaround: There is no workaround.

CSCdz04297

Symptoms: A router may pause indefinitely instead of restarting.

Conditions: This symptom is observed when the router is handling invalid addresses in the cached address space.

Workaround: There is no workaround.

CSCdz22526

Symptoms: If distributed Cisco  Express Forwarding (dCEF) is configured on a generic routing encapsulation (GRE) provider edge (PE) router, IP packets are ignored and dropped on the Versatile Interface Processor (VIP) interface.

Conditions: This symptom is observed on a Cisco 7500 series that is running Cisco IOS Release 12.2(12.14)T.

Workaround: Use Cisco Express Forwarding (CEF).

CSCdz59683

Symptoms: After the ALPHA application-specific integrated circuit (ASIC) is reset because of error recovery (that may be caused by parity errors in ALPHA memory), the port or fetch descriptors that select correct threads in ALPHA microcode are not programmed correctly. This behavior may prevent certain configured features, such as IP version 6 (IPv6) or IP Virtual Private Network (VPN) routing/forwarding (VRF), from working correctly.

Conditions: This symptom is observed on the line card of a Cisco 12000 series.

Workaround: Reset the line card.

CSCdz71127

Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.

Cisco has made software available, free of charge, to correct the problem.

This advisory is available at

http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml

CSCdz72673

Symptoms: A Cisco router that is functioning as a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) provider edge (PE) router may reload with an "address error" message.

Conditions: This symptom is observed at bootup time when the PE and customer edge (CE) interfaces are coming up. The symptom occurs when a locally learned VPN routing/forwarding (VRF) route temporarily loses its local label. This condition leads to some data structures being cleaned up but still retaining references to the local label. It may also occur after bootup in the case of interface flaps. The reload is not a common occurrence, however, and may need additional triggers.

A list of the affected releases can be found at http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCdv49909. Cisco IOS releases that are not listed in the "First Fixed-in Version" field at this location are not affected.

Workaround: There is no workaround.

CSCea02355

Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.

Cisco has made software available, free of charge, to correct the problem.

This advisory is available at

http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml

CSCea14108

Symptoms: Pings from a customer edge (CE) router may fail in an Any Transport over Multiprotocol Label Switching (AToM) network.

Conditions: This symptom is observed when Ethernet over Multiprotocol Label Switching (EoMPLS) AToM is configured.

Workaround: There is no workaround.

CSCea23999

Symptoms: A router may reload during a class of service (CoS) update in a Weighted Random Early Detection (WRED) drops routine even though CoS and WRED are not configured on the router.

Conditions: This symptom is observed on a Cisco 12000 series.

Workaround: There is no workaround.

CSCea25707

Symptoms: A Cisco router may reload because of a software condition when running the LDP-MIB MIB. The router reloads because of a process watchdog timeout in the "SNMP ENGINE" process and logs an entry similar to the following one and logs a traceback:

%SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = SNMP ENGINE. %Software-forced reload

Unexpected exception, CPU signal 23, PC = 0x606F1FC4 ... Cause 00000024 (Code 0x9): Breakpoint exception

Conditions: This symptom is observed after the router ID has been changed and when Label Distribution Protocol (LDP) sessions have been added or removed.

Workaround: Do not change the router ID. If the router ID has been changed, do not run the LDP-MIB MIB.

CSCea28471

Symptoms: A Versatile Interface Processor (VIP) may reload.

Conditions: This symptom is observed on a VIP if Multiprotocol Label Switching (MPLS), Egress NetFlow, and distributed Cisco Express Forwarding (dCEF) are configured.

Workaround: Disable dCEF or Egress NetFlow.

CSCea28475

Symptoms: There is a mismatch between hardware and software Cisco Express Forwarding (CEF) entries. The following EXEC commands are used to identify this situation:

show ip cef prefix internal

show ip hardware-cef prefix

Conditions: This symptom is observed on Cisco 12000 series E2 line cards that are running Cisco IOS Release 12.0(22)S3 and that have about 100,000 prefixes in the routing table. The symptom is not observed in Cisco IOS Release 12.0(23)S.

Workaround: Use the clear ip route prefix EXEC command.

CSCea28914

Symptoms: On the chassis of a Cisco 12410 Internet router with the primary clock and scheduler card (CSC) located in slot 17, use of the hw- module slot 17 shutdown EXEC command may cause a FIA-HALT on the Engine 4 (E4) and Engine 4 Plus (E4+) line cards in the router.

Conditions: This symptom is observed on a Cisco 12410 router that is running Cisco IOS Release 12.0(21)S6.

Workaround: Do not use the hw-module slot 17 shutdown EXEC command.

CSCea32479

Symptoms: It may take a long time for a Cisco 12000 series to remove 250,000 Virtual Private Network version 4 (VPNv4) entries from an Engine 3 line card. While the router removes the VPNv4 entries, new VPNv4 entries cannot be updated on the line card.

Conditions: This symptom is observed when the router handles a large number (more than 80,000) of VPNv4 entries on its line cards and when a Border Gateway Protocol (BGP) session flaps (that is, the session remains down for a few minutes), causing the router to remove all VPNv4 entries and to repopulate these entries a few minutes later.

Workaround: There is no workaround.

CSCea35292

Symptoms: When Multiprotocol Label Switching (MPLS) traffic or MPLS Virtual Private Network (VPN) traffic is being forwarded by a Cisco 10720 router, about 50 percent of multicast traffic will be punted to a Route Processor (RP) and forwarded by the RP. The expected behavior is that multicast traffic should be forwarded by Parallel Express Forwarding (PXF) as long as a multicast route (mroute) entry exists. If many packets are punted to the RP, and the RP queue is congested, some of the multicast traffic that is being punted to the RP will be dropped. For example, multicast traffic may be dropped from a multicast application such as video or TV broadcast.

Conditions: This symptom is observed on a Cisco 10720 router that is running Cisco IOS Release 12.0(22)S, Release 12.0(23)S1, or Release 12.0(24)S when the following conditions are met:

The router forwards MPLS or MPLS VPN traffic and multicast traffic.

The RP queue is congested.

Workaround: Stop the MPLS or MPLS VPN traffic.

CSCea37882

Symptoms: It may take about 10 minutes before a Versatile Interface Processor (VIP) synchronizes with a Cisco Express Forwarding (CEF) table.

Conditions: This symptom is observed after you reload the VIP that has the Single Line Card Reload (SLCR) feature and distributed CEF (dCEF) enabled, when there are about 40,000 prefixes in the CEF table, and when Border Gateway Protocol (BGP) is in stable condition.

Workaround: Increase the interprocess communications (IPC) cache significantly; when there are about 40,000 prefixes, increase the IPC cache using the ipc cache 3000 command.

CSCea38449

Symptoms: Frame Relay (FR) interfaces and subinterfaces may stop forwarding traffic if a packet-queueing application-specific integrated circuit (ASIC) error is detected by Cisco IOS software. Error recovery is invoked, but FR interfaces do not recover properly.

Conditions: This symptom is observed on a Cisco router that is configured with FR.

Workaround: Reload the line card.

CSCea52787

Symptoms: A memory leak may be observed on a line card with the Multicast Distributed Switching (MDS) line card process when the ip multicast- routing global configuration command is enabled while there are tunnel interfaces configured.

Conditions: This symptom occurs when the affected line card runs out of memory because of a memory leak and the MDFS process on the line card attempts to allocate memory. This symptom occurs only when multicast routing is enabled by entering the ip multicast-routing distributed global configuration command and when a traffic engineering (TE) tunnel is configured.

Workaround: There is no workaround.

CSCea53471

Symptoms: A Cisco 12000 series that is configured with a Performance Route Processor 1 (PRP-1) may pause indefinitely.

Conditions: This symptom is observed on a Cisco 12000 series that is configured with a PRP-1 when the configuration is being saved after it has previously received a break signal on the console. This symptom does not affect the Gigabit Route Processor (GRP).

The break signal can be received by the router when it is sent intentionally by a terminal or when it is unintentionally received as noise on the console connection. Unintentional noise may occur when a terminal or terminal server that is connected to the router is powered off or when certain terminals or personal computer terminal emulators are first connected. When the router pauses indefinitely, it must be power-cycled to be restored to a normal working condition.

Workaround: There is no good workaround. Avoid use of the send break command during a Telnet session or the use of terminal connections that send a break signal.

CSCea54482

Symptoms: A switch fabric card (SFC) switchover may occur, cyclic redundancy check (CRC) Fabric Interface ASIC (FIA) errors may occur, and the following error message may be displayed on a Cisco 12400 series:

FABRIC-3-ERR_HANDLE Due to CRC error from slot 8, shutdown the fabric card on slot 22

Note that the slot numbers (that is, 8 and 22) are just examples.

Conditions: These symptoms are observed after a Cisco 12400 series router that is configured with one or more Engine 4 plus line cards is reloaded with a new Cisco IOS release that causes a maintenance bus (MBus) download condition and while traffic is being processed on the router.

Workaround: After the router is reloaded with the new Cisco IOS release, reload the router for a second time.

CSCea62360

Symptoms: A Cisco 12000 series Engine 3 (E3) line card may log "EE48-2- GULF_TX_SRAM_ERROR" error messages if certain packet types are forwarded incorrectly.

Conditions: This symptom is observed on Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) provider edge (PE) routers when multicast traffic is destined for the customer edge (CE) router.

Workaround: There is no workaround.

CSCea62745

Symptoms: The following error message may be generated often for slot 24 or 25 on a Cisco 12000 series:

%MBUS_SYS-3-NOBUFFER: Message from slot 25 in stream 0 dropped

Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(21)S5 or Release 12.0(21)S6.

Workaround: There is no workaround.

CSCea74092

Symptoms: A router may incorrectly encapsulate packets when Multicast Distributed Switching (MDS) is enabled. This situation causes traffic to be blackholed.

Conditions: This symptom is observed on a Cisco router that is configured with MDS and that has a generic routing encapsulation (GRE) tunnel interface.

Workaround: There is no workaround.

CSCea77271

Symptoms: Packets may be dropped by a 3-port Gigabit Ethernet line card that is installed in a Cisco 12000 series.

Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(21)ST or Release 12.0(22)S when the following conditions are met:

Some subinterfaces are configured for Ethernet over Multiprotocol Label Switching (EoMPLS).

Some subinterfaces are configured for IP.

Any interface on the router is configured with an output access control list (ACL).

A packet is received on an IP subinterface, its 802.1p VLAN priority bits are different than the IP precedence bits, and it is supposed to switch to the interface on which the output ACL is applied.

Workaround: If this is an option, remove the output ACL, or use Cisco IOS Release 12.0(23)S or a later release.

CSCea80322

Symptoms: All ports of an Engine 0 (E0) digital service 3 (DS3) card may remain in an "up/down" condition indefinitely.

Conditions: This symptom is observed on Engine 0 (E0) DS3 cards when one of the ports receives a "yellow" alarm.

Workaround: Enter the microcode reload global configuration command to microcode reload the DS3 card.

CSCea91692

Symptoms: On a Cisco 12000 series router that is configured with an Engine-2- based line card that carries both Multiprotocol Label Switching (MPLS) and IP traffic and that is forwarding packets to an output port (that has a committed access rate [CAR] rule configured on an Engine-0, Engine-1 or Engine-2-based output line card), the IP traffic may be dropped because of an incorrect packet switching application-specific integrated circuit (PSA) Cisco Express Forwarding (CEF) entry.

Conditions: This symptom is observed on a Cisco 12000 series that has been upgraded from Cisco IOS Release 12.0(21)S5 to Release 12.0(22)S or Release 12.0(23)S. This configuration requires that the traffic enter the router on an Engine 2 line card and leave the router on an Engine-0, Engine-1, or Engine 2-based line card that has an output CAR applied to its port.

Workaround: Remove the output CAR rule from the egress line card to restore traffic.

CSCeb00391

Symptoms: The following error message may be displayed on a router:

%ALIGN-3-SPURIOUS: Spurious memory access made at 0x50164CDC reading 0x0

Conditions: This symptom is observed on a Cisco 12000 series.

Workaround: There is no workaround.

CSCeb05519

Symptoms: The core router Multiprotocol Label Switching (MPLS) forwarding entry has the correct outgoing interface but has an incorrect label to use for sending traffic to the edge router. The incorrect label is identical to the label that is sent by another core router for the same prefix through another interface.

Conditions: This symptom is observed in a service provider network when the route to the prefix that has the incorrect MPLS forwarding entry is configured using a static recursive route and the specific IP address that is specified in the ip route prefix mask ip-address global configuration command is changed by topology changes to go through a different adjacent router. The incorrect outgoing Label Distribution Protocol (LDP) or Tag Distribution Protocol (TDP) label corresponds to the router that was adjacent prior to the routing change.

Workaround: To clear this condition, enter the clear ip route {network [mask] | *} EXEC command to cause MPLS to create a new forwarding entry that has the correct interface and label for the prefix.

To prevent this condition from occurring, advertise the route to the prefix in question using an Interior Gateway Protocol (IGP).

Alternate Workaround: Configure a static nonrecursive route to the prefix and IP address of the next-hop router by entering the ip route prefix mask ip-address interface-type interface-number global configuration command.

CSCeb07559

Symptoms: A Cisco 8xOC3 Engine 2 (E2) ATM line card may generate ToFab (Toward the Fabric) Buffer Management ASIC (BMA) data errors when an output access control list (ACL) is configured on the Engine 0 card.

Conditions: This symptom is observed on a Cisco 8xOC3 E2 ATM line card that is running Cisco IOS Release 12.0(22)S3. This release of Cisco IOS software does not support ACLs on a line card with this configuration.

Workaround: There is no workaround. Disable ACLs on the 8xOC3 E2 ATM line card to prevent this symptom.

Alternate Workaround: Upgrade to Cisco IOS Release 12.0(22)S5.

Resolved Caveats—Cisco IOS Release 12.0(22)S4

Cisco IOS Release 12.0(22)S4 is a rebuild of Cisco IOS Release 12.0(22)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(22)S4 but may be open in previous Cisco IOS releases. This section describes only severity 1 and 2 caveats.

Basic System Services

CSCdy74705

Symptoms: A NPE-200 network processing engine for Cisco 7200 series routers may experience memory corruption issues.

Conditions: This symptom may occur during periods of high traffic, with packet sizes greater than 1524 bytes, and may seemingly be associated with port adapter (PA) rearrangements.

Workaround: Attempt port adapter rearrangement, or upgrade to a Cisco IOS release that contains the software workaround (Release 12.0(23.03)S and later).

EXEC and Configuration Parser

CSCdy89041

Symptoms: A memory leak of about 0.5 MB occurs in the "Pre Command NV Buffer" process.

Conditions: This symptom is observed when you connect to a Cisco 12000 series Route Processor (RP) through a vty.

Workaround: There is no workaround.

Interfaces and Bridging

CSCdx00274

Symptoms: A single-port Fast Ethernet 100BASE-TX port adapter (PA-FE-TX) on a Cisco 7206VXR router may stop receiving burst traffic packets.

Conditions: This symptom is observed on a PA-FE-TX.

Workaround: To clear the symptom, enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the PA-FE-TX interface.

IP Routing Protocols

CSCdy60008

Symptoms: If the interface bandwidth or delay is changed, a router may reload.

Conditions: This symptom is observed after Enhanced Interior Gateway Routing Protocol (EIGRP) is terminated via the no router eigrp as-number global configuration command or the no ip routing global configuration command, causing the EIGRP process list to be invalid.

Workaround: Reload the router after terminating EIGRP.

CSCdz33176

Symptoms: A Cisco router that is functioning as a dedicated Border Gateway Protocol (BGP) route reflector in a network that is configured for BGP may display a message very similar to the following one on its console:

%SYS-3-CPUHOG: Task ran for 30020 msec (6/6), process = BGP Router, PC = 6080D21C.

When the message is displayed, the BGP router process causes the CPU utilization of the router to become high for one to several minutes, depending on the number of prefixes, neighbors, and updates.

Conditions: This symptom is observed when the router is running Cisco IOS Release 12.0(22)S or a later release, when it has a large number of neighbors that are configured in peer groups or update groups, when it has a large number of prefixes to send or receive, and when most of the neighbors start at the same time, or when the BGP sessions of the neighbors are reset at the same time using the clear ip bgp * EXEC command.

The symptom is also observed in the above-mentioned network topology when the client of a BGP route reflector is reset using the clear ip bgp* EXEC command.

In another network, the symptom is also observed on a Cisco router running 12.0(22)S1 using the clear ip bgp * soft EXEC command.

Workaround: Do not reset all the BGP neighbor routers at the same time that route reflectors are used in a BGP configuration.

Alternate Workaround: Use Cisco IOS Release 12.0 ST.

CSCdz39544

Symptoms: A Cisco router may discard a Multicast Source Discovery Protocol (MSDP) type length value (TLV) prematurely.

Conditions: This symptom is observed when an MSDP encapsulated packet receives a TLV with more than one Source-Active (SA) entry count.

Workaround: There is no workaround.

CSCdz45031

Symptoms: The distance eigrp router configuration command may not be displayed in the configuration although the configured values are applied to the routes. After reloading the router, the distance for Enhanced Interior Gateway Routing Protocol (EIGRP) routes returns to its default value.

Conditions: This symptom is observed on a Cisco router when using EIGRP between a provider edge (PE) and customer edge (CE) router in a Multiprotocol Label Switching (MPLS) environment.

Workaround: There is no workaround.

CSCdz45760

Symptoms: A useless partial Shortest Path First (SPF) calculation may occur.

Conditions: This symptom is observed when an Open Shortest Path First (OSPF) link-state advertisement (LSA) for a 0.0.0.0 destination is refreshed.

Workaround: Use a static default route.

CSCdz55717

Symptoms: Configuring OSPF (Open Shortest Path First) sham links in a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) environment may cause a memory leak in the OSPF router process.

Conditions: This symptom is observed in a MPLS-VPN environment. The area [area- id] sham-link [source-address] [destination-address] cost [number] global configuration command is used and OSPF adjacency is formed over the sham-link. Each time an OSPF acknowledgment is sent over the sham-link, some memory is allocated that is never freed.

Workaround: There is no workaround.

CSCdz58674

Symptoms: When an area border router receives type-4 link-state advertisements (LSAs) via the nonbackbone, the router may incorrectly generate type-4 LSAs into the backbone. This situation may cause a routing loop to occur.

Conditions: This symptom is observed in Cisco IOS Release 12.0(22)S or a later release or in Release 12.2(10) or a later release when the following conditions occur:

A router (referred to as Router 1) functions as an internal router in one particular area.

Router 1 has an interarea route to an Autonomous System Boundary Router (ASBR) through the same area.

Router 1 is connected with another router (referred to as Router 2) in the backbone area, causing Router 1 to become an ABR.

In this situation, Router 1 generates type-4 LSAs into the backbone area for the ASBR. This situation should not occur and may lead to a routing loop.

Workaround: Reset the Open Shortest Path First (OSPF) process by entering the clear ip ospf process privileged EXEC command.

CSCea03118

Symptoms: A provider edge (PE) router fails to advertise Border Gateway Protocol (BGP) routes to the dual customer edge (CE) routers that converge last.

Conditions: This symptom is observed only on routers that are running Cisco IOS Release 12.0(23) S1(012)) and causes compatibility issues with router convergence and update processing.

Workaround: Use Cisco IOS Release 12.0(23)S2 or a later release.

ISO CLNS

CSCdz30118

Symptoms: On a Cisco router, Intermediate System-to-Intermediate System (IS-IS) IP version 6 (IPv6) routes may not be inserted into the IPv6 routing table after a reload or after a neighbor's interface state changes.

Conditions: This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(22)S and affects only configurations with level-2-only links.

Workaround: Use the clear isis * configuration command after the reload or the topology change. Use level-1-2 links instead of level-2-only links.

CSCdz33882

Symptoms: A Route Processor (RP) may reload.

Conditions: This symptom is observed on a Cisco 12000 series that is configured with dual RPs in Stateful Switchover (SSO) mode and that has about 200 Intermediate System-to-Intermediate System (IS-IS) neighbors when Nonstop Forwarding (NSF) is configured under the IS-IS process.

Workaround: There is no workaround.

CSCdz61787

Symptoms: An SPF (shortest path first) loop may occur on a Cisco router.

Conditions: This symptom may be observed on a Cisco router that is running a Cisco IOS release image that does not support a fix for CSCdz61787, has "ip fast-convergence" configured and there are specific Intermediate System-to-Intermediate System (IS-IS) metrics.

The show isis spf-log EXEC command shows that the loop is triggered by BACKUPOVFL.

Following is an example of the SPF log output:

Router# show isis spf-log

Level 2 SPF log

01:25:10 0 18 1 BACKUPOVF

01:25:00 0 18 1 BACKUPOVFL

Workaround: Remove "ip fast-convergence" from every router where it is configured by using the no ip fast-convergence EXEC command.

Alternative workaround: Adjust the IS-IS metrics.

CSCea00846

Symptoms: After a switchover, the Intermediate System-to-Intermediate System (IS-IS) takes about 10 minutes to fully recover and to install routes in the IP routing table.

Conditions: This symptom is observed on a Cisco 12000 series configured with IS-IS. The amount of time required for the Gigabit Ethernet (GE) interface to load after a switchover is very close to the amount of time of the IS-IS adjacency timeout. The device under test (DUT) is the designated router.

Workaround: There is no workaround.

Miscellaneous

CSCdw10770

Symptoms: A Cisco 12000 series Internet router Engine 2 line card may experience errors, including CPUHOGs, Cisco Express Forwarding (CEF) shutdown, and unexpected reloads.

Conditions: This symptom is observed on a Cisco Engine 2 line card if a route with multiple paths is received when the forwarding table already includes more than 25,000 subnets.

It is important to note that Border Gateway Protocol (BGP) routes cannot have multiple paths unless BGP multipath is specifically configured. Basic BGP best practices can ensure that there is nothing to trigger this symptom. Workarounds are available to protect the network from Interior Gateway Protocol (IGP) problems.

Workaround: The following workarounds may be tried for routers at risk from their IGP:

Ensure that there are no more than 4000 load-balanced IGP (Open Shortest Path First [OSPF], Intermediate System-to-Intermediate System [IS-IS], Routing Information Protocol [RIP], Enhanced Interior Gateway Routing Protocol [EIGRP] routes in the routing table.

Ensure that there are no prefixes with a mask of /11 or shorter (/1 to /11) in the IGP.

Following are a few ways to end up with short-length prefixes in the IGP:

Summarize routes in the IGP (for example summarize routes from a non backbone area into area 0).

Configure an interface with a short-length mask and include that interface in the IGP.

Import such a route from another source (static, BGP).

If such a route is present in the IGP, it is recommended that it be broken up into its component /12 or longer prefix routes.

The best practices for routers with BGP implementations include the following:

Use filters to block all routes with /1 to /7 masks at BGP peer borders.

Use filters to prevent the routes from being advertised from outside the network.

Use filters at the customer border to prevent the customers from advertising anything that they have not explicitly requested.

These filters can be found at the following URL:

http://www.cisco.com/public/cons/isp/security/T-ip-prefix-filter-ingress-loose- check.txt

CSCdy22744

Symptoms: The fix for CSCdx47695 that was integrated into Cisco IOS Release 12.0(21)S3 introduced a throttling mechanism that may be used when the physical layer interface module (PLIM) is congested. The throttling mechanism prevents interfaces or a bundle, or both, from flapping when bidirectional traffic with small packets is sent through either a 6-port channelized T3 line card or a 2-port channelized OC-3/STM-1 (DS1/E1) line card.

The throttling mechanism produces a severe performance impact, although no link flaps occur.

Conditions: This symptom is observed on a Cisco 12000 series router.

Workaround: There is no workaround. The fix for this caveat consists of a knob for the throttling.

CSCdy37606

Symptoms: A Cisco 12000 series may generate the following message:

%LINK-3-TOOSMALL: Interface POS3/0, Output runt packet of 0 bytes

Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(21)S5, when an error occurs on an Engine 2 line card and when both sampled NetFlow and Multiprotocol Label Switching (MPLS) are enabled.

Workaround: Disable sampled NetFlow. Note that this workaround affects service because disabling sampled NetFlow causes Cisco Express Forwarding (CEF) to reload on the line card.

CSCdy42383

Symptoms: A Cisco 12416 router, that is running Cisco IOS Release 12.0(21)ST2 does not load-balance traffic properly between two OC-48 packet-over-SONET (POS) interfaces (Engine 2 line cards).

Conditions: It has been observed that when a Cisco 12000 series Internet router has incoming traffic from an Engine 4 card and outgoing traffic toward Engine 2 parallel links, load balancing does not work properly. The symptom does not seem to occur when the incoming card has been changed to an Engine 2 card.

Workaround: There is no workaround.

CSCdy46676

Symptoms: Performance degradation may occur on an Engine 4 plus line card when traffic engineering (TE) tunnel load balancing is enabled.

Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.3)S.

Workaround: There is no workaround.

CSCdy56799

Symptoms: Spurious access errors may occur on a Cisco 7500 series router.

Conditions: This symptom is observed on Cisco 7500 series that is configured with distributed Cisco Express Forwarding (dCEF) and Web Cache Communication Protocol (WCCP).

Workaround: Disable dCEF on the interfaces that face the web cache engines where the spurious access errors occur so that incoming WCCP generic routing encapsulation (GRE) packets are punted to the route processor and CEF-switched.

For more information about spurious access errors, see the Cisco document at the following location: http://www.cisco.com/warp/public/63/spuraccess.html.

CSCdy59895

Symptoms: Traffic is not sent through a network when an Asynchronous Transfer Mode (ATM) link is used between a Cisco customer edge (CE) router and a Cisco provider edge (PE) router.

Conditions: This symptom is observed on a Cisco 12000 series Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0(23)S.

Workaround: There is no workaround.

CSCdy61223

Symptoms: When an input access control list (ACL) is configured and multiple broadcast Address Resolution Protocol (ARP) requests are received, packet loss and performance degradation may occur because of a "format error" that is reported in the output of the show ip traffic EXEC command.

Conditions: This symptom is observed when NetFlow is enabled on an interface of a 1-port Gigabit Ethernet line card that is installed in a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(16)S or Release 12.0(22)S.

Workaround: Although the condition is triggered by multiple broadcast ARP requests, it only occurs if NetFlow, input ACLs, and ACL hardware checking are configured. Disabling any of these features will prevent the condition from occurring. For example, to remove the ACL hardware checking on the 1-port Gigabit Ethernet line card, enter the no access-list hardware salsa command.

CSCdy67945

Symptoms: When the loopback remote line interface configuration command is executed on a 6-port channelized T3 line card, the command may fail and may cause a T1 connection to flap.

Conditions: This symptom is observed on both American National Standards Institute (ANSI) and Bell Communications Research (Bellcore) loopbacks on networks that are sensitive to T1 framing errors.

When the loopback remote line configuration command is executed, the line card causes a brief change of frame alignment (COFA) error. Normally, this error goes unnoticed. However, some devices react to these errors with an alarm indication signal (AIS). Each time the loopback request is initiated (if the T1 connection is configured for remote loopbacks each time the T1 connection comes up), the AIS brings down the T1 connection.

The actual commands would be as follows:

t1 1 loopback remote line fdl ansi

t1 1 loopback remote line fdl bellcore

Workaround: There is no workaround.

CSCdy87260

Symptoms: The configuration synchronization on a standby Route Processor (RP) may fail if the break signal is sent twice.

Conditions: This symptom is observed on a Cisco 12000 series that has dual RPs and that has the Route Processor Redundancy Plus (RPR+) feature enabled. This symptom occurs only if the user sends the break signal twice on the standby RP.

Workaround: There is no workaround.

CSCdz12745

Symptoms: When a Cisco 12000 series Engine 2 Packet-over-SONET (POS) line card collects statistics for locally assigned Multiple Protocol Label Switching (MPLS) label entries, it may lose the outgoing label entries for the associated prefixes. All the prefixes show up as untagged, and it may be difficult or impossible to reach the prefixes.

Conditions: This symptom is observed on a Cisco 12000 series Engine 2 POS line card.

Workaround: To recover from the situation, reset the line card.

CSCdz16897

Symptoms: The Path Remote Defect Indication (PRDI) may not be handled properly during an Automatic Protection Switching (APS) switchover. This situation does not affect service.

Conditions: This symptom is observed on a Cisco 10000 series OC-12 ATM line card when an APS switchover occurs because of poor line quality.

Workaround: There is no workaround.

CSCdz18497

Symptoms: A router may loop indefinitely when a Simple Network Management Protocol (SNMP) walk is performed against certain objects. (Examples of these objects are ifDescr, ifMTU, and ifInOctets.) The SNMP walk will not cycle if a specific interface is specified, such as ifDescr.1.

Conditions: This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S2. This symptom occurs only in a situation where Multilink Frame Relay (MFR) interfaces are configured.

Workaround: Reload the router.

CSCdz19320

Symptoms: A Cisco 12000 series Engine 4 plus line card may reload after a forced switchover.

Conditions: This symptom is observed when Stateful Switchover (SSO) is configured and the line card is switching multicast traffic.

Workaround: There is no workaround.

CSCdz22591

Symptoms: Resource Reservation Protocol (RSVP) hello may incorrectly declare lost communications with a neighbor, and fast reroute may be triggered.

Conditions: This symptom is observed when RSVP is configured on a Packet over SONET (POS) interface with a hello interval of 60 milliseconds or less on a Cisco router that is running Cisco IOS Release 12.0(24)S. This symptom does not exist when hello is configured on an Ethernet interface.

Workaround: Configure hello intervals longer than 60 milliseconds.

CSCdz25228

Symptoms: An Engine 2 (E2) line card may reload after it reboots.

Conditions: This symptom is observed on the E2 line card of a Cisco 12000 series Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0(23)S. The E2 line card is configured with 128 line access control list (ACLs), Virtual Private Network (VPN), and has Frame Relay configured on one of the interfaces.

Workaround: There is no workaround.

CSCdz32724

A line card that is facing the core of a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) may generate packet switch application-specific integrated circuit (ASIC) (PSA) error messages and may stop sending traffic to the core of the network. The following output may be observed when the show interface gigabit ethernet interface EXEC command is entered.

%LC-3-PSAERRS: PSA PSA_CPU_GS_INT error 4

%LC-3-PSAERR: PSA error: if_err 0 adr FC00002C c md 5 data 0 pipe 0,fs 0,prep 0 (pc 1EC),pop 0 (pc 19F),plu 0,tlu 0,plu sdram 0 a dr 0 synd 0 check 4D00,tlu sdram 0 adr 0 synd 0 check 0,ssdram 0 adr 0,gather 0, pl 1822D92,plmuxcnts 61, pludefpsr 22000, plupsr 22000, pludsr 0

Conditions: These symptoms are observed on a Cisco 12000 series 3-port Gigabit Ethernet line card when the line card flaps.

Workaround: There is no workaround.

CSCdz32988

Symptoms: The CPU on a Cisco 7500 series Versatile Interface Processor (VIP) or on a Cisco 12000 series line card may persistently show very high utilization (99 percent) reported against the "TAG Stats Background" process, as is displayed in the output of the show processes cpu EXEC command:

CPU utilization for five seconds: 100%/1%; one minute: 99%; five minutes: 99% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 53 31226460 603427 51748 98.39% 98.60% 97.08% 0 TAG Stats Backgr

This situation does not directly impact the router operation because the "TAG Stats Background" process is a low priority process. However, the show mpls forwarding-table EXEC command does not provide accurate counters when this situation occurs.

Conditions: This symptom, which is a rare race condition, may occur when parallel paths are configured.

Workaround: Enter the no tag ip aggregate hidden command on the route processor. Note that doing so will prevent the counters of the show mpls forwarding-table EXEC command from being updated.

To restore normal VIP or line card operation, reload microcode onto the affected VIP or line card.

CSCdz36445

Symptoms: Traffic does not resume after a Cisco 12000 series Internet router has reloaded.

Conditions: This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(24)S in an IP version 6 (IPv6) environment and that is configured with Engine 3 line cards.

Workaround: There is no workaround.

CSCdz37228

Symptoms: Memory fragmentation may occur on Cisco routers with the MAC accounting feature enabled.

Conditions: This symptom may be observed on Cisco 12000 series Internet routers with the MAC accounting feature enabled that are under DOS attack.

Workaround: Disable the MAC accounting feature.

CSCdz37875

Symptoms: Traceback messages may be displayed in the log file of a router.

Conditions: This symptom is observed on the OC-3 Packet over SONET (POS) line card of a Cisco 10000 series that is running Cisco IOS Release 12.0(22)S.

Workaround: There is no workaround.

CSCdz42976

Symptoms: Open Shortest Path First (OSPF) or Intermediate System-to-Intermediate System (IS-IS) protocol adjacencies may be incomplete.

Conditions: This symptom is observed on a Cisco router after it is loaded with Cisco IOS Release 12.0(21)ST5. This symptom may affect connectivity across Engine 2 (E2) interfaces.

Workaround: There is no workaround.

CSCdz46604

Symptoms: Multilink adjacencies may show up as invalid.

Conditions: This symptom is observed on the Engine 3 (E3) Quad OC-12 line card of a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0 (21)S3. It may not be possible to clear this symptom by entering the clear cef linecard EXEC command or by reloading the microcode on the line card.

Workaround: There is no workaround.

CSCdz47189

Symptoms: An Engine 3 (E3) 4-port OC-12 (4xOC-12) or Engine 3 OC-48 Packet over SONET (POS) line card may reload and generate traceback messages.

Conditions: This symptom is observed when the gsr-p-mz image of Cisco IOS Release 12.0(24)S is loaded on a Cisco 12406 router in an Autonomous System Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) of an IP version 4 (IPv4) Border Gateway Protocol (BGP) label distribution environment. TheE3 4xOC-12 line card may be operating either in the channelized mode or the POS mode.

Workaround: No workaround is necessary as the line cards will recover without user intervention.

CSCdz48235

Symptoms: A Cisco 12000 series Internet router may reload because of a bus error.

Conditions: This symptom is observed on a Cisco 12000 series that has dual Gigabit Route Processors (GRP) and that is operating in the Route Processor Redundancy (RPR) mode. This symptom is observed after the Cisco 12000 series is upgraded to Cisco IOS Release 12.0(23)S.

Workaround: There is no workaround.

CSCdz49243

Symptoms: Multiprotocol Label Switching (MPLS) traffic engineering (TE) Fast Reroute (FRR) may lose all tag labels from a line card.

Conditions: This symptom is observed on a Cisco 12000 series Internet router when the primary tunnel router is reloaded.

Workaround: Power cycle the Cisco 12000 series Internet router.

Alternate workaround: Reload the line card.

CSCdz53850

Symptoms: A standby Route Processor (RP) may reload.

Conditions: This symptom is observed on the standby RP of a dual RP Cisco 12000 series Internet router when a line card on the Cisco 12000 series or a neighboring router is reloaded. This symptom occurs when a line card has a large number of encapsulation entries (3000 entries).

Workaround: There is no workaround.

CSCdz54539

Symptoms: An Engine 4 plus line card that is installed in a Cisco 12400 series may be reset by the Route Processor (RP) because of interprocess communication (IPC) failures. The following errors may be displayed:

%CPUIF-3-NO_MEM: sendreq_freeq is NULL.

%MDS-2-LC_FAILED_IPC_ACK: RP failed in getting Ack for IPC message of size 148 to LC in slot 3 with sequence 58638, error = timeout

%FIB-3-FIBDISABLE: Fatal error, slot 3: IPC Failure: timeout

%GRP-4-RSTSLOT: Resetting the card in the slot: 3,Event: EV_AUTO_LC_RELOAD_ON_FIBDISABLE ]

Conditions: These symptoms are observed when route flapping occurs; route flapping may generate a high volume of IPC traffic.

Workaround: There is no workaround.

CSCdz55944

Symptoms: Switch fabric cards (SFCs) may fail on a Cisco 12410 router.

Conditions: This symptom is observed when there is an upgrade to a Cisco IOS release.

Workaround: There is no workaround.

CSCdz55995

Symptoms: When a parity error occurs on an Engine 4/4P line card, the packet and byte counters may not be accurate.

Conditions: This symptom is observed on a Cisco 12000 series Internet router.

Workaround: There is no workaround.

CSCdz56792

Symptoms: A Cisco 12000 series 4-port OC-12 ATM line card that is configured for the Carrier Supporting Carrier (CSC) feature may reset or report an error.

Conditions: This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(22)S3 and that is functioning as a customer carrier customer edge (CE) router. This symptom occurs after entering the no mpls ip global configuration command followed by the mpls ip global configuration command.

Workaround: There is no workaround.

CSCdz57007

Symptoms: When NetFlow is enabled after configuring distributed switching, and traffic passes, a Versatile Interface Processor (VIP) may reload.

Conditions: This symptom is observed on a Cisco 7500 series router that functions in a Multiprotocol Label Switching Virtual Private Network (MPLS VPN) environment.

Workaround: There is no workaround.

CSCdz60229

Symptoms: Cisco devices which run IOS software and contain support for the Secure Shell (SSH) server are vulnerable to a Denial of Service (DoS) if the SSH server is enabled on the device. A malformed SSH packet directed at the affected device can cause a reload of the device. No authentication is necessary for the packet to be received by the affected device. The SSH server in Cisco IOS is disabled by default.

Conditions: This symptom is observed on all Cisco devices running IOS and containing support for the Secure Shell (SSH) server.

Workaround: Cisco will be making free software available to correct the problem as soon as possible.

The malformed packets can be generated using the SSHredder test suite from Rapid7, Inc. Workarounds are available. The Cisco PSIRT is not aware of any malicious exploitation of this vulnerability.

This advisory is available at http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml.

CSCdz69362

Symptoms: The tag forwarding counter may no longer function when parity errors occur on an Engine 4 plus (E4+)line card.

Conditions: This symptom is observed on a Cisco 12000 series Internet router.

Workaround: There is no workaround.

CSCdz71662

Symptoms: A router may fail because of a bus error.

Conditions: This symptom is observed if the show environment all EXEC command or the show environment internals EXEC command is entered while an online insertion and removal (OIR) procedure is in process.

Workaround: Do not enter the show environment all EXEC command or the show environment internals EXEC command while an OIR is in progress.

CSCdz73799

Symptoms: A traceback condition exists on an Engine 2 (E2) line card of a Cisco 12000 series Internet router with VPN Routing and Forwarding (VRF) configured on a regular Frame Relay (FR) packet-over-SONET (POS) interface.

Conditions: This symptom is observed on the E2 line card of a Cisco 12000 series Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21)ST5. With VRF configured on the same interface, traceback starts to show. It also becomes impossible to ping on this interface, and injecting traffic to this interface (FR sub VRF) causes a permanent pause.

Workaround: There is no workaround.

CSCdz74588

Symptoms: Traffic on a load-sharing path may be switched to the wrong destination or dropped altogether.

Conditions: This symptom is observed when a Cisco 12000 series Engine 4 (E4) line card is on the ingress side, there is a load-sharing path or multiple paths on the egress side, and a hidden class of service (CoS) global configuration command is configured on the router.

Workaround: Remove the extra load-sharing paths, and make it one single outgoing path.

CSCdz74925

Symptoms: A 4-port OC-48 Packet-over-SONET (POS) Engine 4 plus (E4+) line card may stop forwarding traffic after you have reloaded microcode onto the line card.

Conditions: This symptom is observed on a Cisco 12000 series that is running the gsr-p-mz image of Cisco IOS Release 12.0(24)S and that is functioning as a provider edge (PE) router in a carrier supporting carrier configuration when the 4-port OC-48 POS E4+ line card interconnects the Cisco 12000 series and a customer edge (CE) router.

Workaround: Enter the clear ip bgp privileged EXEC command on the Cisco 12000 series.

CSCdz85922

Symptoms: A Cisco 7500 series router or a Cisco 12000 Internet series router could experience a reload of either the Versatile Interface Processor (VIP) or the line card with the following message:

%SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = TFIB Stats Background

Conditions: Cisco IOS releases with the fix for the caveat CSCdz32988 may show these symptoms. These symptoms affect only platforms that perform distributed Multiprotocol Label Switching (MPLS) forwarding. Cisco IOS releases that may contain this symptom include 12.0(21)S, 12.0(22)S, 12.0(23)S, 12.1 and its derivatives and 12.2 mainline. Cisco IOS releases 12.2 T and the latest 12.0 S software are not susceptible to this symptom.

Workaround: Disable the stats aggregation using the no tag aggregate hidden command.

CSCdz88744

Symptoms: A Gigabit Ethernet Engine 2 (E2) or an Engine 4 plus (E4+) line card may reload when an online insertion and removal (OIR) of the Clock and Scheduler Card (CSC) is performed.

Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0 S.

Workaround: There is no workaround.

CSCea00096

Symptoms: Packet throttling is activated because of congestion, even when not configured as shown by the following error message:

%LC_CX3-4-THROTTLE: Packet throttling activated due to congestion

Conditions: This symptom is observed on a Cisco 12416 router that is configured with 200 Border Gateway Protocol (BGP) peers containing three 6xCT3 line cards, each configured with an even distribution of ~1500 frame relay subinterfaces.

Workaround: There is no workaround.

CSCea00954

Symptoms: IP Multicast hardware counter memory is not freed on an Engine 4/4Plus line card after multicast routes are cleared from the routing table.

Conditions: This only occurs when the Engine 4/4Plus line card runs out of mtrie node memory, for example when the routes in the router are more than the line card can handle.

Workaround: There is no workaround.

CSCea01869

Symptoms: If a 3-port Gigabit Ethernet (GE) Engine 2 (E2) line card is configured for dot1q VLAN operation and an inbound access control list (ACL) is applied to the main interface, the line card will be paused by the Gigabit Route Processor (GRP), reporting Fabric Unicast timeout errors. Note that 3-port GE E2 line cards do not support per subinterface ACL processing.

Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(24)S or a later release with both normal and extended ACLs. The line card will continue to pause until the ACL is either removed from the interface configuration or ACL is removed from the configuration using the no access- list access-list-number global configuration command.

Workaround: There is no workaround.

CSCea04669

Symptoms: When resetting the secondary gigabit route processor (GRP) with the break key on a Cisco 12000 series dual-RP (route processor) router, the primary GRP pauses, then permanently pauses on watchdog timeout:

Jan 30 00:11:15.216 PST:

%SYS-2-WATCHDOG: Process aborted on watchdog timeout

process = Fabric ping

Conditions: This symptom occurs regardless of the redundancy mode (Route Processor Redundancy [RPR], Route Processor Redundancy Plus [RPR+], or Stateful Switchover [SSO]) and may impact the process of replacing a defective slave GRP hardware.

Workaround: There is no workaround.

CSCea04762

Symptoms: Some export packets sent from an Engine 4+ (E4+) line card are not received by the NetFlow collector.

Conditions: This condition is observed on the E4+ line card when the export packets are exported out of a traffic engineering (TE) or tag interface and the router is running Cisco IOS Release 12.0(22)S2.

Workaround: Export the packets out of the non-TE or non-tag interface. This means that export packets must be sent out as IP packets from the E4+ line card.

CSCea12157

Symptoms: The following error message may be observed on a line card:

%SLOT n: .... : %LC-3-ERRRECOVER: Corrected a transient error on line card.

This error may be observed even though an actual hardware error has not occurred on the line card. If a hardware error does occur, it will generate additional error messages to identify the source of the hardware error in addition to the error message listed above.

Conditions: This symptom may be observed on a Cisco Engine 0 line card when a feature that requires a micro code change is configured.

Workaround: There is no workaround. Ignore the error message.

CSCea16176

Symptoms: On a Cisco 12000 series Internet router line card, the fabric error reporting message is not being turned on after system startup.

Conditions: This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S6, 12.0(21)ST6, or 12.0(23)S2.

Workaround: Physically remove and insert the backup Clock Scheduler Card (CSC) or any Switch Fabric Card (SFC). This will re enable the line card error reporting mechanism.

Alternate workaround: Enter the hw-module shutdown EXEC command on the backup CSC or on any SFC. This will also re enable the line card error reporting mechanism.

CSCea22288

Symptoms: An Engine 3 (E3) line card that connects a provider edge (PE) router and a customer edge (CE) router, both of which are running the Carrier Supporting Carrier feature with IPV4 BGP labels, may stop forwarding traffic.

Conditions: This symptom is observed on a Cisco 12000 series Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22)S, that is functioning as a PE router, and that is running the Carrier Supporting Carrier feature when the microcode is reloaded on one of the multiple line cards that connects the PE router to a provider (P) router.

Workaround: Traffic will resume after performing a micro reload on the E3 line card.

CSCea23437

Symptoms: A standby Route Processor (RP) fails to become active after the "test crash" on an active RP.

Conditions: This symptom is observed on a Cisco 12000 series Internet router that has two RPs with Route Processor Redundancy (RPR), RPR+, or Stateful Switchover (SSO) mode.

Workaround: Reload the router.

TCP/IP Host-Mode Services

CSCdy57048

Symptoms: TCP transmit packets that are sent from a router in some configurations may be corrupted. This behavior may cause a TCP session to pause indefinitely in one direction.

Conditions: These symptoms are observed with protocols that use TCP transport (Border Gateway Protocol [BGP] and Telnet are known to be affected). Configurations that may exhibit these symptoms include interfaces that are configured with Multiprotocol Label Switching (MPLS) or Multilink PPP (MLP) encapsulation.

Workaround: There is no workaround.

Resolved Caveats—Cisco IOS Release 12.0(22)S3

Cisco IOS Release 12.0(22)S3 is a rebuild of Cisco IOS Release 12.0(22)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(22)S3 but may be open in previous Cisco IOS releases. This section describes only severity 1 and 2 caveats.

CSCdv51360

Symptoms   A data-link switching (DLSw) peer may be stuck in the "AB_PEND" state and a TCP session may be stuck in the "SYNSENT" state after an IP outage occurs between two DLSw routers.

Conditions   This symptom is observed on a Cisco router that is running Cisco IOS Release 12.1(3)T.

Workaround   Use the show tcp brief EXEC command to determine the Transmission Control Block (TCB) of the hung TCP session. Enter the clear tcp tcb address privileged EXEC command to clear the TCB of the hung TCP session. The DLSw peers will reconnect as long as there is IP connectivity between the DLSw peers.

CSCdw01726

Symptoms   A Simple Network Management Protocol version 3 (SNMPv3) user configuration is changed when a router is reloaded.

Conditions   This symptom is observed when an SNMPv3 user is created using message digest 5 (MD5) authentication by entering the following commands:

Router# snmp group groupy v3 auth

Router# snmp user abcdefghij groupy v3 auth md5 abcdefghij

The engine ID is then changed by entering the following command:

snmp-server engineID local 00000009020000024B0008FE

An SNMP walk is performed by entering the following command, the configuration is saved, and the router is reloaded.

Router# snmpwalk -v 3 -u abcdefghij -A abcdefghij -a MD5 -l AuthNoPriv device-name

The SNMP walk is successful and the following debug header output is displayed when the debug snmp EXEC command is entered:

Incoming SNMP packet: v3 packet security model: v3 security level: auth username: abcdefghij

The router is reloaded and a second SNMP walk is performed by entering the following command:

Router# snmpwalk -v 3 -u abcdefghij -A abcdefghij -a MD5 -l AuthNoPriv device-name

After the second SNMP walk is performed, the command does not generate any output and the following debug header output is displayed when the debug snmp EXEC command is entered:

Incoming SNMP packet: v3 packet security model: v3 security level: noauth : username: abcdefghij

Workaround   Do not change the default engine identity (ID).

CSCdw16580

Symptoms   On a router that is configured as a provider edge (PE) router with multiple Virtual Private Network (VPN) routing/forwarding (VRF) instances, the VRF routing table may not be imported to the same PE router when routes are imported between the VRFs even when the PE router is displayed on the Border Gateway Protocol (BGP) VPN4 table.

Conditions   This symptom is observed on a PE router in a Multiprotocol Label Switching (MPLS) and VPN environment.

Workaround   There is no workaround.

CSCdx32611

Symptoms   After you detach an interface from a Virtual Private Network (VPN) routing/forwarding (VRF) instance using the no ip vrf forwarding vrf-name command, the adjacency information that is associated with the removed interface still shows up in the VRF table.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   There is no workaround.

CSCdx73857

Symptoms   A router may fail to warn you that a policy map oversubscribes link bandwidth.

Conditions   This symptom is observed when you use nested policies on Frame Relay or Gigabit Ethernet interfaces and the sum of the shape rate of all permanent virtual circuits (PVCs) or VLANs is greater than the interface bandwidth of the Frame Relay or Gigabit Ethernet interfaces.

Workaround   Enter the show policy-map interface EXEC command to ensure that the policy map is successfully applied.

CSCdx87577

Symptoms   Memory allocation failures occur on a Cisco router that has authentication, authorization, and accounting (AAA) configured, and "%SYS-2- MALLOCFAIL" messages are displayed. When you enter the show memory summary command, the command output shows that many small blocks are used by the AAA processes.

Conditions   This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(15)S3.

Workaround   There is no workaround.

CSCdx87818

Symptoms   The following error message may be displayed on a router when a Cisco IOS software upgrade is performed:

%SYS-6-STACKLOW: Stack for process ATM PA Helper running low, 0/3000

Conditions   This symptom is observed on a Cisco 7500 series router when you upgrade from Cisco IOS Release 12.0(7)T to Release 12.1(14).

Workaround   There is no workaround.

CSCdx94479

Symptoms   The convergence time after four Stateful Switchovers (SSOs) on a Cisco 10000 series edge services router is 11 seconds but should never be longer than 10 seconds.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   There is no workaround.

CSCdy02248

Symptoms   A standby Route Processor (RP) may reload.

Conditions   This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(22.1)S when a microcode reload occurs after Border Gateway Protocol (BGP) peers come up accompanied by high CPU utilization.

Workaround   There is no workaround.

CSCdy27414

Symptoms   An interface of a Cisco 10000 series channelized T3 (CT3) line card may not dequeue packets. When the link on a CT3 card flaps, one or more interfaces may not recover. The output queue of the interface may become full with PPP/High-Level Data Link Control (HDLC) packets and may stay in the "Up/Down" state.

Conditions   These symptoms are observed when a chip of a third-party vendor on a Cisco 10000 series CT3 line card is defective.

Workaround   There is no workaround; return the CT3 line card for repair.

The fix for this caveat adds a software procedure that periodically checks if the pointers that link the partial packet buffer RAM blocks are becoming corrupted. When a corrupted pointer is detected, the associated interface is removed and then replaced, which may cause the interface to be incapable of transmitting traffic for up to 10 seconds. When this condition is detected and repaired, a message is logged to the Route Processor and the line card log to notify the user.

CSCdy34113

Symptoms   A Cisco 7500 series router may reload at a packet enqueue utility.

Conditions   This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0(22)S when all of the following conditions are met:

A Frame Relay (FR) link is configured on a Versatile Interface Processor (VIP) interface.

Frame Relay Traffic Shaping (FRTS) is enabled for FR circuits via the map-class frame-relay global configuration command, and distributed traffic shaping is not enabled on the Route Switch Processor (RSP).

You deencapsulate the interface by using the no encapsulation frame-relay interface configuration command, and you unconfigure the interface by entering the no map-class frame-relay global configuration command.

While you unconfigure FRTS, FR encapsulation occurs, and the traffic load is still high so that the shaping function is activated and outbound packets on per-virtual circuit (VC) queues are throttled.

Workaround   Avoid the situation in which all of the above-mentioned conditions take place concurrently. For example, when an FR link is configured on a VIP interface and you require traffic shaping, use distributed FRTS, or unconfigure FRTS while user traffic is low so as not to activate the shaping function.

CSCdy38681

Symptoms   A 1-port ATM Enhanced OC12/STM4 port adapter (PA-A3-OC12) that is configured with multiple Low Latency Queueing (LLQ) streams that are running near peak cell rate (PCR) may drop packets. The output of the show interfaces command displays that packets are sent out but no packets are coming in. Input or output packet drops are not displayed.

Conditions   This symptom is observed during a test on a Cisco 7500 series router that is running Cisco IOS Release 12.0(22)S.

Temporary Workaround   Enter the clear interface type number EXEC command each time the symptom occurs.

CSCdy43435

Symptoms   Virtual Private Network routing/forwarding (VRF) does not function properly on a Frame Relay link between a provider edge (PE) router and a customer edge (CE) router, and the CE router cannot ping the PE router.

Conditions   These symptoms are observed on a Frame Relay link between a Cisco 10000 series router that is functioning as a PE router and another Cisco 10000 series router that is functioning as a CE router.

Workaround   Reload the PE router to make the link between the PE router and the CE router function.

CSCdy47631

Symptoms   Virtual Private Network version 4 (VPNv4) packet switch ASIC (PSA) traffic may be punted to a line card, which causes a CPU spike and Interior Gateway Protocol (IGP) instability.

Conditions   This symptom is observed in a Multiprotocol Label Switching (MPLS) VPN in which a Cisco 12000 series router is configured as a provider edge (PE) router, a Gigabit Ethernet link connects the customer edge (CE) router to the PE router, and the PE to provider (P) link is an Engine 2 line card. The following is also observed on the PE-P line card:

For traffic that is destined for an IP address for which the Cisco Express Forwarding (CEF) adjacency is an Ethernet MAC address and the Address Resolution Protocol (ARP) cache is either empty or "incomplete" for the destination, IP address traffic is punted to the ingress line card CPU, which tries to resolve the adjacency or drops the traffic.

Line card CPU utilization has been observed to spike to 99 percent when the MAC address is "incomplete" and traffic is being received for the IP address. This situation may cause IGP neighbors to be lost and cause fabric unicast timeouts, which may cause the line card to fail. This symptom occurs when a traffic stream that is destined to a prefix that is either directly connected or resolved via an IP address has an incomplete MAC address.

This caveat addresses the IGP instability. For more information about this symptom, see CSCdy31765.

Workaround   There is no workaround.

CSCdy51151

Symptoms   When a Cisco 12000 series Engine 3 line card receives a tag packet with an IP version 4 (IPv4) packet that has options underneath it or with a non-IPv4 packet such as an IP version 6 (IPv6) packet, the packet may be send to the line card CPU for processing.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)ST2.

Workaround   There is no workaround.

CSCdy51498

Symptoms   A 1-port ATM Enhanced OC12/STM4 port adapter (PA-A3-OC12) that is configured with multiple Low Latency Queueing (LLQ) streams that are running near peak cell rate (PCR) may drop packets. The output of the show interfaces command displays that packets are sent out but that no packets are coming in. Input or output packet drops are not displayed.

Conditions   This symptom is observed during a test on a Cisco 7500 series router that is running Cisco IOS Release 12.0(22)S.

Temporary Workaround   Enter the clear interface type number EXEC command each time the symptom occurs.

CSCdy55441

Symptoms   If a 128-line input access control list (ACL) is configured on an Engine 2 Quad OC-12 line card that has interfaces configured for Virtual Private Network (VPN) and one subinterface for Frame Relay, the line card may reload.

Conditions   This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22)S.

Workaround   There is no workaround.

CSCdy68292

Symptoms   The following error messages may be generated on a Cisco 12000 series Engine 4 plus (E4+) OC-192 line card:

SLOT 6: %RX192-3-HINTR: status = 0x4000000, mask = 0x7EFFFF FF - Parity error on rx_pbc_mem.
-Traceback= 4039CEF0 4044ECEC 400C85B0
SLOT 6: %SYS-2-INTSCHED: 'sleep for' at level 7
-Process= "CEF IPC Background", ipl= 7, pid= 52
-Traceback= 400CABB8 400B9D24 403F5EB0 4044E040 400CEAE4 400C7108
SLOT 6: %SYS-2-INTSCHED: 'sleep for' at level 7
-Process= "CEF IPC Background", ipl= 7, pid= 52
-Traceback= 400CABB8 400B9D24 403F5EB0 4044E040 400CEAE4 400C7108

Cisco Express Forwarding (CEF) on the E4+ OC-192 line card may become disabled, and the associated port stays in an "Up/Up" state.

Conditions   This symptom is observed on a Cisco 12000 series router that is running the gsr-k4p-mz image of Cisco IOS Release 12.0(21)S3 or the gsr-p-mz image of Cisco IOS Release 12.0(21)ST2.

Workaround   Enter the microcode reload slot-number global configuration command on the E4+ OC-192 line card.

CSCdy75434

Symptoms   A line card in a provider edge (PE) router that is running IP version 6 (IPv6) in a Multiprotocol Label Switching (MPLS) environment (also referred to as a 6PE router) or in any connected router may reload because of a fabric ping failure, and the following error message may be generated:

%FIB-3-FIBDISABLE: Fatal error, slot 1: IPC Failure: timeout
%GRP-3-COREDUMP: Core dump incident on slot 1, error: Fabric ping failure (seq:3279)
%GRP-4-RSTSLOT: Resetting the card in the slot: 1,Event: EV_LC_E4_CORE_DUMP_DECLINE_DUP

Conditions   This symptom is observed on a Cisco 12000 series router that functions as a 6PE router or on any connected router when an IPv6 default route is removed from another 6PE router and traffic is flowing through the IPv6 default route while the route update following the route removal is being processed. When the IPv6 default route is removed, one or more line cards may reload on any router that receives the route update.

Workaround   There is no workaround.

CSCdy78371

Symptoms   An Engine 2 Quad OC-12 line card that has interfaces configured for Virtual Private Network (VPN) and that has a Frame Relay subinterface may reload.

Conditions   This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22.4)S1 when a microcode bundle is configured and loaded onto the Engine 2 Quad OC-12 line card.

Workaround   There is no workaround.

CSCdy78808

Symptoms   An Engine 2 line card may generate "QM-4-STUCK" messages and may stop forwarding traffic.

Conditions   This symptom is observed on a Cisco 12000 series router when an adjacent router is booted up.

Workaround   Reload microcode onto the Engine 2 line card.

CSCdy78970

Symptoms   A Cisco 12000 series Engine 2 line card may generate the following error messages:

SLOT 14: %LCPOS-3-SOP: TX:BadLenCtr. Source=0x1 (Plim), halt_minor0=0x8001 (1000 0000 0000 00sl, s/l=TooShort/long)
SLOT 14: %GSR-3-INTPROC: Process Traceback= 400CCE60 400C90F0 40010A24
-Traceback= 4033F424 4044ED54 400C88B0

Conditions   This symptom is observed when you remove and reinsert switch fabric on a Cisco 12000 series router while traffic is flowing.

Workaround   There is no workaround.

CSCdy80690

Symptoms   A traceback may occur on a Cisco 10000 series router during a postrouter check.

Conditions   This symptom is observed during a test of a 1-port channelized OC-12 line card when data is sent across an Add-Drop Multiplexor (ADM).

Workaround   There is no workaround.

CSCdy81098

Symptoms   A Cisco router may reload when a Multiprotocol Label Switching traffic engineering (MPLS TE) tunnel interface changes to the "Up" state.

Conditions   This symptom is observed when load-balanced Interior Gateway Protocol (IGP) paths are configured.

Workaround   There is no workaround.

CSCdy81738

Symptoms   The routes in a Cisco Express Forwarding (CEF) table may be mismatched between the Gigabit Route Processor (GRP) and the line cards. You can clear the mismatch by entering the clear cef linecard EXEC command, but if the routes are relearned, the situation will reoccur.

Conditions   This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21)S4 or Release 12.0(22)S when an access control list (ACL) is configured to deny Simple Network Management Protocol (SNMP) packets.

Workaround   Disable the ACL that denies the SNMP packets.

Alternate Workaround   Run Cisco IOS Release 12.0(21)S3.

CSCdy86210

Symptoms   NetFLow stops functioning after an online insertion and removal (OIR) of a switch fabric card (SFC).

Conditions   This symptom is observed on a Cisco 12000 series router.

Workaround   Disable and reenable the ip route-cache flow sampled interface configuration command.

CSCdy89001

Symptoms   An Engine 4 Packet-over-SONET (POS) line card reloads.

Conditions   This symptom is observed on an Engine 4 Packet-over-SONET (POS) line card in a Cisco 12000 series Internet router during several online insertion and removal (OIR) procedures on a Clock Scheduler Card (CSC).

Workaround   There is no workaround.

CSCdy89663

Symptoms   A Cisco 12000 series router may reload when an interface flaps.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S during multicast traffic.

Workaround   There is no workaround.

CSCdz00085

Symptoms   A Cisco router that is functioning as a provider edge (PE) router may install an outgoing point of presence (POP) label instead of an outgoing aggregate label for a connected Virtual Private Network (VPN) routing/forwarding (VRF) route.

Conditions   This symptom is observed in a carrier supporting carriers topology with a Cisco router that is running Cisco IOS Release 12.2(12.10)T1 and that is functioning as a PE router.

Temporary Workaround   Enter the shutdown interface configuration command followed by the no shutdown interface configuration on the VRF interface until the symptom occurs again.

Alternate Temporary Workaround   Reload the router. However, after having done so, when you enter the shutdown interface configuration command followed by the no shutdown interface configuration on the VRF interface the symptom will occur again.

CSCdz06149

Symptoms   When an input access control list (ACL) is configured and the ip unreachables interface configuration command is enabled (which is enabled by default) on an interface, a low rate of packet leakage occurs for those packets that are dropped by the ACL. The rate is the same or less than the expected rate of Internet Control Message Protocol (ICMP) unreachable packets that are sent back to the source. The leak occurs only for IP packets (without the IP Header [L3] option) that have a size that is smaller than 56 bytes.

Conditions   This symptom is observed in Cisco IOS Release 12.0 S on a Cisco 12000 series 4-port OC-48c/STM-16c Packet-over-SONET Enhanced Services line card and on a Cisco 12000 series 1-port OC-192c/STM-64 Packet-over-SONET Enhanced Services line card.

This symptom does not occur in Cisco IOS Release 12.0 ST.

Workaround   Enter the no ip unreachables interface configuration command on the interface to prevent the packet leakage. However, in this situation, ICMP unreachable packets are not sent back to the source when packets are dropped by the ACL.

CSCdz06300

Symptoms   The IP Source Tracker feature unexpectedly stops functioning on a line card, and packets for the source-tracked destination are not forwarded because the IP Source Tracker feature is stuck in the throttling mode.

Conditions   This symptom is observed on a Cisco 12000 series Engine 2 line card. To determine if the line card is in the above-mentioned condition, enable the debug lc hw-throttle hidden command; if the following message recurs every two seconds—even when there is low CPU utilization—the IP Source Tracker feature is stuck in the throttling mode:

SLOT 0: GLC_HW: Disabled HW DOS throttling (CPU at 0%, sched skew: -1%)

Workaround   Reload the line card.

CSCdz07032

Symptoms   When you add a new Performance Routing Engine (PRE) to a Cisco 10000 series router, the startup configuration may not be copied to the new PRE. Verify that the configuration exists by entering the dir sec-nvram: EXEC command or the dir standby-nvram: EXEC command, depending on the Cisco IOS software image that you are running.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   Cut over to the new PRE, and save the configuration.

CSCdz07354

Symptoms   Enhanced Interior Gateway Routing Protocol (EIGRP) resets the routing table when you enter the write memory EXEC command, write terminal EXEC command, or show running-config privileged EXEC command.

Conditions   This symptom is observed on a Cisco 7505, Cisco 7507, and Cisco 7513 router.

Workaround   There is no workaround.

CSCdz07393

Symptoms   When you apply a combination of IP version 6 (IPv6), an access control list (ACL), and Sampled NetFlow to an interface on an Engine 4 plus line card, the line card may reload.

Conditions   This symptom is observed while IPv6 traffic is flowing.

Workaround   There is no workaround.

CSCdz07976

Symptoms   An Engine 2 line card may reload continuously.

Conditions   This symptom is observed on a Cisco 12000 series router when a router that is adjacent to the Cisco 12000 series router is rebooted while Border Gateway Protocol (BGP) policy accounting is configured on the Engine 2 line card and traffic is flowing through the line card.

Workaround   There is no workaround. When this situation occurs, stop the traffic that is flowing through the Engine 2 line card until Cisco Express Forwarding (CEF) is loaded onto the line card.

CSCdz08851

Symptoms   Resource Reservation Protocol (RSVP) Hello detection may not trigger a Fast Reroute (FRR) switchover.

Conditions   This symptom is observed when you use RSVP Hello detection to enable Multiprotocol Label Switching traffic engineering (MPLS TE) FRR protection on shared interfaces.

Workaround   There is no workaround.

CSCdz10165

Symptoms   A Tag Forwarding Information Base (TFIB) entry for a Virtual Private Network (VPN) routing and forwarding (VRF) static recursive route that is configured for multihop Border Gateway Protocol (BGP) may be lost.

Conditions   This symptom is observed after the egress interface flaps.

Workaround   There is no workaround.

CSCdz14924

Symptoms   When the customer edge (CE) peer of a provider edge (PE) router has the neighbor default-originate router configuration command enabled, which enables the PE router to send the default route to the CE, the default route may be sent with the wrong mask (255). When this situation occurs, the CE router sends a notification that states that an illegal network entry has occurred and flaps the session.

Conditions   This symptom is observed on a Cisco 7200 series router that functions as a PE router but may also occur on another platform that functions as a PE router.

Workaround   There is no workaround.

CSCdz19881

Symptoms   An input access control list (ACL) may not take effect.

Conditions   This symptom is observed on a Cisco 12000 series Engine 4 plus interface on which the VRF Selection feature is enabled.

Workaround   There is no workaround.

CSCdz20079

Symptoms   Configuring the hw-module slot shutdown global configuration command in the startup configuration may cause a router to reload.

Conditions   This symptom is observed on a Cisco 10000 series router when you attempt to boot from an eboot image.

Workaround   Do not configure the hw-module slot shutdown global configuration command in the startup configuration.

Alternate Workaround   Change the configuration register to "0x40" to ignore the configuration during the bootup process.

CSCdz21375

Symptoms   A memory leak may occur on a line card.

Conditions   This symptom is observed on the line card of a Cisco 12000 series after NetFlow is disabled on the last interface of a line card that has NetFlow enabled. This symptom is observed while there are more than 1900 flow records in the NetFlow cache of the line card.

Workaround   Keep NetFlow enabled on at least one interface on the line card.

CSCdz23286

Symptoms   A Cisco 12000 series router may reload during the bootup process.

Conditions   This symptom is observed when you attempt to boot up the Cisco 12000 series router with an image of Cisco IOS Release 12.0(23)S and occurs before the image is loaded onto the router.

Workaround   There is no workaround.

CSCdz25339

Symptoms   An unusually formatted Multicast Source Discovery Protocol (MSDP) packet may cause memory corruption and a router to reload.

Conditions   This symptom is observed on a Cisco router when it has a peer relationship with a specific third-party vendor router that is running a recent software release.

Workaround   Shut down the peer relationship by entering the ip msdp shutdown peer-address global configuration command.

CSCdz29044

Symptoms   An Engine 3 line card that connects a provider edge (PE) router and a customer edge router, both of which are running the Carrier Supporting Carrier feature, may reload.

Conditions   This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(23)S, that is functioning as a PE router, and that is running the Carrier Supporting Carrier feature when you reload microcode on one of multiple line cards that connects the PE router to a provider (P) router.

Note that the symptom occurs on an Engine 3 line card that connects the PE router and the CE router, but the microcode is reloaded onto another line card that connects the PE router and the P router.

Workaround   There is no workaround.

CSCdz31682

Symptoms   Packet drops may occur in the Cisco Express Forwarding (CEF) and distributed Cisco Express Forwarding (dCEF) paths after a router has been reloaded and a ping is sent (through the router) to the IP address of a directly-connected customer edge (CE) router.

Conditions   This symptom is observed on a Cisco 7500 series router. The CE router in this configuration is connected to a Fast Ethernet Virtual Private Network (VPN) routing/forwarding (VRF) dot1q subinterface on a PE router that has the mpls netflow egress interface configuration command enabled.

Workaround   On the PE router, manually ping the IP address of the directly-connected CE router and enable the relevant Address Resolution Protocol (ARP) entries to be populated.

First Alternate Workaround   Disable the mpls netflow egress interface configuration command on the subinterface.

Second Alternate Workaround   Add a static ARP entry for the VRF subinterface by entering the arp vrf ip mask mac arpa global configuration command.

Third Alternate Workaround   Enter the clear arp privileged EXEC command on the destination CE router.

CSCdz31778

Symptoms   Slow path forwarding on an Engine 3 line card of a provider edge (PE) router that is running IP version 6 (IPv6) in a Multiprotocol Label Switching (MPLS) environment (also referred to as a 6PE router) may not function.

Conditions   This symptom is observed on a Cisco 12000 series router that is functioning as a 6PE router and occurs because the 6PE disposition does not function for aggregate 6PE labels on the Engine 3 line card.

Workaround   There is no workaround.

CSCdz35426

Symptoms   A primary Route Processor (RP) and a standby RP may not load the correct image when a Cisco 12000 series router is reloaded.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S2 or an earlier release when all of the following conditions are present:

An Advanced Technology Attachment (ATA) disk or a Flash card such as a Personal Computer Memory Card International Association (PCMCIA) card is installed in both the primary RP and the standby RP.

The Route Processor Redundancy (RPR) mode is enabled.

The boot system tftp ip-address global configuration command is enabled in the configuration.

The symptom does not occur when the Route Processor Redundancy plus (RPR+) mode or the Stateful Switchover (SSO) feature is enabled.

Workaround   Use the RPR+ mode or the SSO feature.

Alternate Workaround for Cisco IOS Release 12.0(22)S2 only   After the RPs have booted up, remove the boot system tftp ip-address global configuration command from the configuration and execute the upgrade rom-monitor EXEC command to enable the ROM monitor to be upgraded.

CSCdz35853

Symptoms   When a SONET link is not stable, the following error messages may be generated on a 1-port OC-48 Port Packet-over-SONET (POS)/Synchronous Digital Hierarchy (SDH) IP Services Engine (ISE) line card:

SLOT 1: %EE48-3-GULF_RX_MOFIFO: Overflow detected. Corrective action taken.
SLOT 1: %EE48-3-GULF_RX_BYTE_TO_WORD: Out of synchronization, bitmap= 0xE. Corrective action taken.

Conditions   This symptom is observed under rare circumstances on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S2.

Workaround   Reload the line card.

CSCdz37224

Symptoms   "Alpha" error messages may be observed on the ingress or egress interface of a Cisco 12000 series 4-port OC-12c/STM-4c Packet over SONET (POS) synchronous digital hierarchy IP services engine line card. The following messages may be displayed on the egress interface of the Cisco 12000 series 4-port OC-12c/STM-4c POS synchronous digital hierarchy IP services engine line card:

%EE48-3-ALPHAERRS: TX ALPHA: ALPHA_CPU_PIPELINE_CTRL_INT error 1 SLOT 2: %EE48-3-ALPHAPAIR: TX ALPHA: POP PAIR

Conditions   This symptom is observed if the shape, bandwidth, random detect, or priority value is configured and if both the set ip-dscp-value quality of service (QoS) policy map configuration command and the set mpls experimental policy map configuration command are disabled. This symptom is observed on a Cisco 12016 router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21)S or Release 12.0(21)ST2a.

Workaround   Remove the transmit (TX) service policy and use Per Interface Rate Control (PIRC) instead.

Additional Notes   The same symptom may occur when an error recovery is performed for hardware failures such as data path parity errors. The symptom under those circumstances would be a failed recovery. There is no workaround for the occurrence of this symptom when an error recovery is performed.

CSCdz39560

Symptoms   Multiprotocol Label Switching (MPLS) Fast Reroute (FRR) may not function properly on an Engine 2 ingress line card.

Conditions   This symptom is observed on a Cisco 12000 series router when a tunnel that is protected by FRR is a one-hop tunnel to a second router. A third router that is connected to the first and second router provides the backup path. When the primary path between the first and second router goes down, traffic is not redirected over the backup path.

Workaround   There is no workaround.

CSCdz50959

Symptoms   The mechanism that checks the packet length may fail and cause the number of "ignore" errors to increase on an interface that is associated with an E1 controller on a 24-port channelized E1/T1 line card.

Conditions   This symptom is observed on a Cisco 10000 series router when the interface is connected to a remote device that is configured to send packets that are larger than 8000 bytes or that erroneously sends packets that are larger than 8000 bytes.

Workaround   There is no workaround.

CSCuk36939

Symptoms   Cisco IOS software fails to set up the Gigabit Ethernet Interface Processor (GEIP) MIBs correctly on a Cisco 7500 series router.

Conditions   This symptom is observed when the hierarchy on the GEIP is incorrect; the port adapter and interface are shown at the same level as the GEIP. The GEIP should be at the top of the hierarchy, followed by the port adapter, followed by the interface.

Workaround   There is no workaround.

CSCuk39337

Symptoms   Virtual Private Network routing/forwarding (VRF) does not function properly on a Frame Relay link between a provider edge (PE) router and a customer edge (CE) router, and the CE router cannot ping the PE router.

Conditions   These symptoms are observed on a Frame Relay link between a Cisco 10000 series router that is functioning as a PE router and another Cisco 10000 series router that is functioning as a CE router.

Workaround   Reload the PE router to make the link between the PE router and the CE router function.

Resolved Caveats—Cisco IOS Release 12.0(22)S2

Cisco IOS Release 12.0(22)S2 is a rebuild of Cisco IOS Release 12.0(22)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(22)S2 but may be open in previous Cisco IOS releases. This section describes only severity 1 and 2 caveats.

CSCdu00328

Symptoms   A Cisco 7500 series router may stop receiving packets on certain interfaces when a Cisco 6500 series switch that is connected through a port channel is reloaded.

Conditions   This symptom is observed on a Cisco 7500 router that is connected to a Cisco 6500 series switch through the port channel. This symptom does not occur if the port channel is removed.

Workaround   Run normal IP between the Cisco 7500 series router and the Cisco 6500 series switch without the port channel configuration.

CSCdu43164

Symptoms   A memory leak may occur on a Cisco 7200 series router. The memory leak is caused by the Border Gateway Protocol (BGP) I/O process and occurs at the rate of 100 KB to 130 KB per hour (about 2.5 MB to 3 MB per day) after the show memory summary | incl BGP privileged EXEC command is entered. This situation occurs regardless of whether a BGP neighbor is flapping.

The output of the show processes memory | incl bgp privileged EXEC command shows the following:

Router# show processes memory | incl bgp

PID TTY Allocated Freed Holding Getbufs Retbufs Process ... 104 0 3522569548 2139398320 21965976 297916 5184 BGP I/O ...

The show memory summary | incl bgp privileged EXEC command indicates that the "BGP (1) update" function allocates memory without deallocating it again after the process is completed:

Router# show memory summary | incl bgp

Alloc PC Size Blocks Bytes What ... 0x607C42E0 65496 333 21810168 BGP (1) update ....

Conditions   This symptom is observed on a Cisco 7206VXR router that is functioning as a Provider Edge (PE) router and that is running Cisco IOS Release 12.1(5a) in a Multiprotocol Label Switching Virtual Private Network (MPLS VPN) network.

Workaround   Reload the router.

CSCdv49909

Symptoms   Parallel links may not be used efficiently on a Cisco router when Multiprotocol Label Switching (MPLS) traffic is load balanced over parallel links to a customer premises equipment (CPE) device.

Conditions   This symptom is observed when a Virtual Private Network (VPN) routing/forwarding (VRF) static route to a remote loopback interface is configured and both parallel links to the same CPE device are configured to the same loopback interface without an IP address using the ip unnumbered interface configuration command.

Possible Workaround   Define the following configurations on the provider edge (PE) and customer edge (CE) routers to achieve load balancing with static VRF routes.

PE Configuration

interface multilink250

 ip vrf forwarding YELLOWVPN

 ip address 10.0.0.1 255.255.255.0

interface multilink251

 ip vrf forwarding YELLOWVPN

 ip address 10.1.0.1 255.255.255.0

The links in the CE configuration must be configured with 10.0.0.2 and 10.1.0.2.
10.10.0.1/32 is the CE loopback and must be advertised to the PE via Routing Information Protocol (RIP) or with another router protocol. A static route may be used.

CE Configuration

ip route vrf YELLOWVPN 10.10.0.1 255.255.255.255 10.0.0.2

ip route vrf YELLOWVPN 10.10.0.1 255.255.255.255 10.1.0.2

The following output defines static routes for the CE prefix:

ip route vrf YELLOWVPN 192.168.200.0 255.255.255 0 10.10.0.1

CSCdx46207

Symptoms   A ciscoEnvMonRedundantSupplyNotification trap is not generated when a power supply is shut down, and a notification message is not displayed on a Cisco 12000 series router.

Conditions   This symptom is observed in Cisco IOS Release 12.0(21)S2 on a Cisco 12008 router and a Cisco 12012 router.

Workaround   There is no workaround.

CSCdx87998

Symptoms   Fast Reroute (FRR) does not fully deconfigure.

Conditions   This symptom is observed when the mpls traffic-eng signaling forwarding sync command is enabled.

Workaround   Do not use FRR when the mpls traffic-eng signaling forwarding sync command is enabled.

CSCdx92027

Symptoms   A Route Switch Processor 8 (RSP8) pauses indefinitely.

Conditions   This symptom is observed when you enter the ip cef global configuration on a Cisco 7500 series router that is running Cisco IOS 12.1(12c)E.

Workaround   There is no workaround.

CSCdx94730

Symptoms   An IronBus error occurs on a Cisco 10000 series 1-port channelized OC-12 line card. The console log shows the following information:

%C10KEVENTMGR-1-IRONBUS_FAULT: Ironbus Event 2/1, Restarting Ironbus %IPCGRP-3-SYSCALL: System call for command 203 (slot2/0): ipc_send_rpc_blocked failed (Cause: timeout)
-Traceback= 603C4208 603C4698 603C53E8 6013BFC0 60089C64 600248D4 60024C4C 6035270C 603526F8 %IPCOIR-3-TIMEOUT: Timeout waiting for a response from slot 2/0. %IPCOIR-2-CARD_UP_DOWN: Card in slot 2/0 is down. Notifying 1choc12-1 driver. %C10K_ALARM-6-INFO: ASSERT CRITICAL slot 2 Card Stopped Responding OIR Alarm %IPCOIR-5-CARD_DETECTED: Card type 1choc12-1 (0x1BB) in slot 2/0 %IPCOIR-5-CARD_LOADING: Loading card in slot 2/0
%C10K-5-LC_NOTICE: Slot[2/0] 1choc12-1 Image Downloaded...Booting...
%PXF_DMA-3-IRONBUS_NOTRUNNING: Data path to slot 2/1 failed to synchronize (TIB Not Running)

Conditions   This symptom is observed on a Cisco 10000 series edge services router when you copy a configuration for creating 768 DS0 interfaces under a Virtual Tributary (VT) on the 1-port channelized OC-12 line card onto the running configuration.

Workaround   Limit the number of DS0 interfaces to 575 or fewer.

CSCdy04735

Symptoms   The standby Performance Routing Engine (PRE)-1 or Gigabit Route Processor (GRP) continuously reloads after the hw-module reset command is entered.

Conditions   This symptom is observed on a Cisco 12000 series Internet router or Cisco 10000 series edge services router during an upgrade to Cisco IOS Release 12.0(22.4)S from Cisco IOS Release 12.0(22)S using the Fast Software Upgrade (FSU) procedure.

Workaround   Install the new software image and reload the router without using the dual processor FSU capability.

CSCdy10293

Symptoms   A Versatile Interface Processor (VIP) on a Cisco 7500 series router may run out of memory and generate the following memory allocation (MALLOC) failure messages:

%SYS-2-MALLOCFAIL: Memory allocation of 65556 bytes failed from 0x6010EB8C, alignment 32 Pool: Processor Free: 173756 Cause: Memory fragmentation Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "CEF IPC Background", ipl= 0, pid= 31

The show process memory section in the output of the show tech EXEC command indicates that the Multiprotocol Label Switching (MPLS) Cisco Express Forwarding (CEF) interprocess communication (IPC) background process is holding up a large portion of the memory.

Conditions   This symptom is observed on the VIP of a Cisco 7500 series router.

Workaround   There is no workaround.

CSCdy17735

Symptoms   A single headend rewrite that is used by all prefixes that are routed over a tunnel is not updated properly when the label switched path tunnel state changes and there are no prefixes being routed over the tunnel.

In addition, the output of the show mpls traffic-eng fast-reroute database command inaccurately represents the entries that are contained within the Fast Reroute (FRR) database. Prefix information is not applicable to the headend tunnel rewrite and should be displayed separately. The output of the show mpls traffic-eng fast-reroute database command does not show any tunnel data, but, as long as the headend tunnel is up, there should always be one entry for the headend tunnel.

Conditions   These symptoms are observed when FRR protection is enabled on a tunnel, there are no prefixes being routed over this tunnel, and Label Distribution Protocol (LDP) is not enabled.

Workaround   There is no workaround.

CSCdy22453

Symptoms   Traffic may be dropped for up to 1 minute on a Multiprotocol Label Switching (MPLS) traffic engineering (TE) tunnel when the tunnel reoptimizes for a PPP link.

Conditions   This symptom is observed only when the MPLS TE tunnel is reoptimizing for a PPP link that was brought up with Label Distribution Protocol (LDP) enabled.

Workaround   Disable LDP or configure High-Level Data Link Control (HDLC).

CSCdy27220

Symptoms   A ciscoEnvMonRedundantSupplyNotification trap is not generated when a power supply is shut down, and a notification message is not displayed on a Cisco 12000 series Internet router.

Conditions   This symptom is observed on the following Cisco 12000 series routers that run Cisco IOS Release 12.0(21)S3:

Cisco 12016 router

Cisco 12404 router

Cisco 12406 router

Cisco 12410 router

Cisco 12416 router

Workaround   There is no workaround.

CSCdy27294

Symptoms   Virtual Routing and Forwarding (VRF) route aggregation under Border Gateway Protocol (BGP) fails causing a loss of end-to-end connectivity between Provider Edge routers if more specific routes are not installed in the BGP VRF table.

Conditions   This symptom is observed on a Cisco 12000 series Internet router under the following conditions:

The router is deployed as a Provider Edge (PE) router and has Engine 2 line cards that are running Multiprotocol Label Switching (MPLS) Virtual Private networks (VPNs).

Route aggregation is used in BGP IPv4 VRF address family and more specific routes are suppressed.

Multiple Customer Edge (CE) routers are connected to a 3-port Gigabit Ethernet line card.

Workaround   Ensure that the more specific routes are imported into the BGP VRF table by configuring redistribution or network statements.

CSCdy29545

Symptoms   Packets that are traversing an Engine 4 plus (E4+) OC-192 line card in a Cisco 12000 series router that has tag switching enabled may be dropped.

Conditions   This symptom is observed in a traffic engineering (TE) configuration and occurs when traffic is load balancing across multiple TE tunnels at the headend or when label imposition is performed over multiple paths.

Workaround   Enter the clear ip route network mask command on the ingress side of the OC-192 link. Use caution because entering the clear ip route * command may invoke the symptoms.

CSCdy29983

Symptoms   Border Gateway Protocol (BGP) policy accounting counters on a 3-port Gigabit Ethernet line card increment incorrectly.

The output of the show cef interface type number statistics EXEC command displays that the average rate of index 1 through 3 is about 200 to 300 Mbps while the actual traffic is about 400 kbps.

Conditions   This symptom is observed on a Cisco 12000 series router.

Workaround   There is no workaround.

CSCdy30484

Symptoms   An Engine 2 3-port Gigabit Ethernet line card that receives a tag packet with a Time to Live (TTL) value of 1 may reload.

Conditions   This symptom is observed on a Cisco 12000 series router.

Workaround   There is no workaround.

CSCdy31765

Symptoms   The following symptoms may be observed on a Cisco 12000 series Engine 2 (E2) ingress line card that is installed in a provider edge (PE) router.

When traffic is destined for an IP address for which the Cisco Express Forwarding (CEF) adjacency is an Ethernet MAC address and the Address Resolution Protocol (ARP) cache is either empty or incomplete, traffic is punted to the CPU of the line card. The CPU attempts to resolve the adjacency and drops the traffic.

While the ARP cache for the Ethernet MAC address is incomplete but traffic is being received for the IP address, the CPU utilization of the line card may increase to 99 percent. This situation may lead to a loss of Interior Gateway Protocol (IGP) neighbors and fabric-unicast ping timeouts, which in turn may cause the line card to reload.

When the CEF adjacency moves from an incomplete state to a MAC address, buffer management application-specific integrated circuit (ASIC) (BMA) errors are triggered and packet switch ASIC (PSA) pipeline stall messages may be displayed:

%LC-3-BMAERRS: ToFab BMA BMA error status error 10
%QM-3-ERROR: ToFab Register 0x40007.
-Traceback= 403F0074 4036DBF4 40498814 400CCF98
%LC-3-BMAERRS: ToFab BMA QM error 1

Conditions   These symptoms are observed in a Multiprotocol Label Switching Virtual Private Network (MPLS VPN) in which a Cisco 12000 series router that is functioning as a PE router is connected to a provider (P) router through an E2 line card and the connection between the PE router and the customer edge (CE) router is a Gigabit Ethernet link.

Workaround   The following sequence of commands will prevent the loss of IGP neighbors and fabric-unicast ping timeouts:

a. Enter the attach slot-number privileged EXEC command for the E2 line card.

b. Enter the enable EXEC command.

c. Enter the configure terminal privileged EXEC command.

d. Enter the controller hw-throttle privileged EXEC (hidden) command.

This sequence of commands will not prevent BMA errors and PSA pipeline stall messages, but will prevent the IGP neighbors from being lost and the line card from reloading. Note that these commands will no longer be enabled if the line card or router reloads.

CSCdy34017

Symptoms   An access control list (ACL) with an Internet Control Message Protocol (ICMP) entry may be incorrectly processed by (the packet switch ASIC [PSA] of) an Engine 2 line card.

Conditions   This symptom is observed on a Cisco 12000 series Engine line card when an ACL entry matches an ICMP packet that is specifying its type but not its code.

Workaround   Specify the code in all ICMP entries.

CSCdy35263

Symptoms   A Cisco 12000 series 4-port ATM line card repeatedly reloads after you have performed a microcode reload.

Conditions   This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22)S, and with the carrier supporting carrier feature configured on the 4-port ATM line card.

Workaround   There is no workaround.

CSCdy38827

Symptoms   A Cisco router may install a suboptimal Intermediate System-to-Intermediate System (IS-IS) route into its routing table. Depending on the topology, this situation may create a routing loop.

Conditions   This symptom is observed on an IS-IS Level 1 - Level 2 (L1L2) router that is running Cisco IOS Release 12.0 S or Release 12.0 ST and that has prefixes configured that are allowed to be leaked into Level 1, that is, prefixes that match the access list that is specified within the redistribute isis ip level-2 into level-1 distribute-list command. When route leaking is not configured, this condition is not observed.

Workaround   There is no workaround. The condition resolves itself when the affected route is cleared by entering the clear ip route network EXEC command.

CSCdy43671

Symptoms   An Engine 0 ATM line card may reload.

Conditions   This symptom is observed under rare circumstances when a Cisco 12000 series router is booted up with Cisco IOS Release 12.0(21)ST3.

Workaround   There is no workaround.

CSCdy44251

Symptoms   The Forwarding Information Base (FIB) table on a Cisco 12000 series Gigabit Route Processor (GRP) may be missing entries for directly connected subnets.

Conditions   This symptom is observed on a Cisco 12000 series router after you have removed a large number of routes.

Workaround   Enter the clear ip route network for the affected prefixes. The following is an example:

Router# show ip cef 10.2.0.4 255.255.255.224
%Prefix not found

Router# clear ip route 10.2.0.4 255.255.255.224

Router# show ip cef 10.2.0.4 255.255.255.224
10.2.0.4/30, version 285154, epoch 0, attached, connected, cached adjacency to POS1/0 0 packets, 0 bytes via POS1/0, 0 dependencies valid cached adjacency

CSCdy44790

Symptoms   When using Multiprotocol Label Switching traffic engineering (MPLS TE) Fast ReRoute (FRR), an FRR label switched path (LSP) tunnel may go down after being rerouted over the backup tunnel.

Conditions   This symptom is observed when the point of local repair is running an interim build of Cisco IOS Release 12.0(24)S and the merge point (MP) is running an interim build of Cisco IOS Release 12.0(23)S. The symptom occurs because the MP does not properly reflect the Logical Interface Handle (LIH) that it receives in the "Path" message. When the LIH changes after initial establishment of the LSP tunnel, it returns a corresponding "Resv" message (that is, corresponding to the "Path" message). This "Resv" message does not properly reflect the LIH. The only condition under which the LIH changes after establishment of the LSP tunnel is when fast rerouting is enabled on the LSP tunnel.

Workaround   There is no workaround.

CSCdy47173

Symptoms   A Route Processor (RP) may reload when you install a Flash card in slot 1 of the RP.

Conditions   This symptom is observed on a Cisco 12000 series router.

Workaround   There is no workaround.

CSCdy48075

Symptoms   If an active Performance Routing Engine (PRE) fails before a standby PRP is fully configured, the standby PRP may not perform a switchover correctly.

Conditions   This symptom is observed on a Cisco 10000 series router in a redundant configuration.

Workaround   Do not force a switchover until the standby PRP is fully initialized. If the active PRP fails and the standby PRP does not switchover correctly, reload the standby PRP.

CSCdy51197

Symptoms   Fast Reroute (FRR) may fail to trigger if the cause of the failure is registered in the Route Processor (RP) when the link state is already down.

Conditions   This symptom may be observed when triggers are delayed, for example when the pos delay triggers interface configuration command is enabled.

Workaround   Disable the pos delay triggers interface configuration command.

CSCdy51434

Symptoms   A router may reload unexpectedly if MD5 authentication is used with Open Shortest Path First (OSPF). The following message may be displayed when you enter the show version EXEC command:

System returned to ROM by error - a Software forced crash, PC 0x12345678

Conditions   This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(22)S. The symptom occurs only when corrupted OSPF packets are present.

Workaround   Remove MD5 authentication for OSPF.

CSCdy63771

Symptoms   Virtual Private Network (VPN) routing/forwarding (VRF) may not function on a High-Speed Serial Interface (HSSI) port adapter.

Conditions   This symptom is observed on a Cisco 7500 series router

Workaround   Remove and reconfigure the affected subinterface on the HSSI port adapter.

CSCdy66571

Symptoms   The shadow state on a standby router processor (RP) remains down after you enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the router interfaces.

Conditions   This symptom is observed on a Cisco 12000 series router that is configured with two RPs when the Stateful Switchover (SSO) feature is enabled.

Workaround   There is no workaround.

CSCdy68938

Symptoms   A Resource Reservation Protocol (RSVP) message containing a MESSAGE_ID object (as described in RFC 2961) is received multiple times.

Conditions   This symptom is observed when a router that is running a version of Cisco IOS software that does not support RSVP Refresh Overhead Reduction Extensions (RFC 2961) receives the RSVP message that contains a MESSAGE_ID object. The router fails to send a PathErr or ResvErr reply in response, causing the neighboring router to retransmit the RSVP (PathErr or ResvErr) message multiple times. The retransmissions can have a negative affect on Multiprotocol Label Switching traffic engineering (MPLS TE) tunnel scalability, convergence, or both convergence and scalability.

Workaround   There is no workaround.

CSCdy71240

Symptoms   A Parallel Express Forwarding (PXF) network processor reloads when traffic is destined for a Multiprotocol Label Switching traffic engineering (MPLS TE) tunnel.

Conditions   This symptom is observed in a configuration in which two Cisco 10000 series routers are connected back-to-back via an MPLS TE tunnel, when you ping the MPLS TE tunnel from a remote end.

Workaround   There is no workaround.

CSCdy73102

Symptoms   When a primary Multiprotocol Label Switching traffic engineering (MPLS TE) tunnel reoptimizes over another link, a traffic drop may occur.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S1 following a Fast Reroute (FRR) operation.

Workaround   Configure the primary label switched path tunnel (LSP tunnel) as an explicit tunnel.

CSCdy74457

Symptoms   The forwarding of IP version 6 (IPv6) packets from a Cisco 12000 series Engine 3 line card to a Cisco 12000 series Engine 0 line card does not function for certain directly connected hops.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S or Release 12.0(22)S1.

Workaround   There is no workaround.

CSCdy75485

Symptoms   All Layer 2 management packets are dropped, which causes all interfaces that depend upon keepalives to transition to the down state.

Conditions   This symptom is observed on a Cisco 10000 series router in a configuration with a large numbers of interfaces.

Workaround   There is no workaround.

Resolved Caveats—Cisco IOS Release 12.0(22)S1

Cisco IOS Release 12.0(22)S1 is a rebuild release for Cisco IOS Release 12.0(22)S. The caveats in this section are resolved in Cisco IOS Release 12.0(22)S1 but may be open in previous Cisco IOS releases.

CSCdu72708

Symptoms   The ip address negotiated interface configuration command must be applied to the configuration of an interface before any other PPP commands.

Conditions   This symptom is observed when the on-demand address pool (ODAP) on-board Dynamic Host Configuration Protocol (DHCP) server is used.

Workaround   There is no workaround.

CSCdv39804

Symptoms   A bus error may occur on a router, and the following message may be displayed:

%ALIGN-1-FATAL: Illegal access to a low address, addr=0x1A8, pc=xxxxxxxx, ra=xxxxxxxx, sp=xxxxxxxx

Conditions   This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0 S.

Workaround   There is no workaround.

CSCdw41164

Symptoms   A Versatile Interface Processor (VIP) may reload because of an error at the ct3sw_check_tx process.

Conditions   This symptom is observed on a Cisco 7000 series VIP that is running Cisco IOS Release 12.0(16)S4.

Workaround   There is no workaround.

CSCdx09745

Symptoms   A Cisco 7200 series router that is using Cisco Express Forwarding (CEF) switching may reload after you enter the show queue interface-name interface-number privileged EXEC command for a serial interface.

The output of the show ip interface EXEC command is very similar to the following message and indicates that the normal CEF switching vector is used:

IP CEF switching is enabled
IP Fast switching turbo vector
IP Normal CEF switching turbo vector

Conditions   This symptom is observed on a Cisco 7200 series router when CEF switching is used and there are packets in the queue when you enter the show queue interface-name interface-number privileged EXEC command.

Workaround   On any of the serial interfaces that has weighted fair queueing (WFQ) enabled, enter the following sequence of commands (note that in this example, interface "serial 4/1" is used):

Router(config)# interface s4/1

Router(config-if)# no fair-queue

Router(config-if)# fair-queue

This sequence of commands will set the correct switching vector as follows:

IP CEF switching is enabled
IP Fast switching turbo vector
IP Feature CEF switching turbo vector

This workaround must be applied each time the router reloads.

CSCdx45151

Symptoms   The Cisco Express Forwarding (CEF) table of a Cisco 12000 series Engine 0 Packet-over-SONNET (POS) line card gets almost completely cleared and then builds up again.

Conditions   This symptom is observed after a Stateful Switchover (SSO) on an Engine 0 POS line card that is configured with 110,000 routes and about 600 interfaces. After the protocol has converged, all the entries of the old epoch are purged and the entries of the new epoch take over.

Workaround   There is no workaround.

CSCdx63504

Symptoms   After a Cisco IOS software upgrade, redistribution may stop functioning on a router.

Conditions   This symptom is observed on a router that is configured with Border Gateway Protocol (BGP).

Workaround   Remove and reconfigure the BGP configuration, or reboot the router.

CSCdx68619

Symptoms   NetFlow aggregation does not function.

Conditions   This symptom is observed in Cisco IOS Release 12.0 S and Release 12.0 ST when either only the mpls netflow egress interface configuration command is configured on an interface or both the ip route-cache flow and mpls netflow egress interface configuration commands are configured on the same interface or on different interfaces, but the NetFlow cache is allocated through the mpls netflow egress interface configuration command.

Workaround   There is no workaround.

CSCdx69785

Symptoms   A Cisco 12000 series Engine 2 OC-48 Packet-over-SONET line card that is configured as a generic routing encapsulation (GRE) tunnel-server card enters an error state and reports the following error message:

QM-4-STUCK: Port 0 Queue mask 0x1

The line card should recover from this error state but fails to do so.

Conditions   These symptoms are observed when the line card is overloaded with tunnel traffic.

Workaround   There is no workaround. To recover from the error state, perform a microcode reload of the line card.

CSCdx71829

Symptoms   When you delete a subinterface from a router, the reserved bandwidth may not be returned, decreasing the total bandwidth of the interface under which the subinterface is configured.

Conditions   This symptom is observed when the subinterface has bandwidth reserved because of a service policy shape command.

Workaround   Remove the service policy before you delete the subinterface.

CSCdx80124

Symptoms   Gigabit Route Processor (GRP) and GRP-B temperatures are incorrectly reported as NA.

Conditions   This symptom is observed when the show environment [temperatures] privileged EXEC command is running on a Cisco 12000 series Internet router.

Workaround   There is no workaround.

CSCdx82485

Symptoms   Under rare circumstances, a router that is configured with Protocol-Independent Multicast (PIM) may pause indefinitely.

Conditions   This symptom is observed when an interface that has PIM enabled is shut down. This symptom may also occur when other configuration operations are performed on a PIM-enabled interface. This symptom affects only port adapters such as the 8-port 10BASE-T Ethernet port adapter (PA-8E) and the 8-port 10BASE-T Ethernet port adapter (PA-4E) that are using a particular third-party vendor chip.

Workaround   Use a different Ethernet card, or avoid using PIM.

CSCdx85342

Symptoms   A Route Processor (RP) may boot up with the boot helper image instead of the regular image, or a Cisco 12000 series line card that is configured under the primary RP may reset because of interprocess communications (IPC) failures and generate the following error message:

* UTC: %FIB-3-FIBDISABLE: Fatal error, slot 0: IPC Failure: timeout

The two above mentioned symptoms are mutually exclusive.

Conditions   These symptoms are observed on a Cisco 12000 series router when the router is configured with a primary RP and a standby RP and you load the gsr-boot-mz image from Bootflash using the boot system tftp global configuration command.

The symptoms affect only the gsr-boot-mz image (the gsr-p-mz image is not affected) and may occur in the following Cisco IOS releases:

12.0(20.3)S

12.0(20.3)S1

12.0(20.3)ST

12.0(20.3)ST1

12.0(20.3)ST2

12.0(20.3)ST3

12.0(20.4)S

12.0(20.4)S1

12.0(20.4)S2

12.0(20.4)ST

12.0(20.4)ST1

12.0(20)ST

12.0(20)ST1

12.0(20)ST2

12.0(20)ST3

12.0(20)ST4

12.0(20)ST5

12.0(21.1)S

12.0(21.1)S1

12.0(21.1)S2

12.0(21.1)S3

12.0(21.2)S

12.0(21.3)S

12.0(21.3)S1

12.0(21.3)S2

12.0(21.3)S3

12.0(21.4)S

12.0(21.4)S2

12.0(21.4)S3

12.0(21)S

12.0(21)S1

12.0(21)S2

12.0(21)S3

12.0(21)S4

12.0(21)ST

12.0(21)ST1

12.0(21)ST2

12.0(21)ST3

12.0(21)ST4

12.0(22)S

12.0(22.1)S

Workaround   Use a gsr-boot-mz boot image that was released earlier than Release 12.0(20.3)S or later than Release 12.0(22.1)S.

CSCdx86830

Symptoms   An end-to-end ping fails between a local customer edge (CE) router and a remote CE router if the local CE router is connected to a provider edge (PE) router. This PE router is connected to another CE router that runs the Carrier Supporting Carrier feature. The network path includes several other routers and eventually leads to the remote CE router.

Conditions   This symptom is observed in an internal Border Gateway Protocol (iBGP) IPv4 label distribution environment at the local CE router when there are three labels in the label stack of the PE router.

Workaround   Enter the neighbor next-hop-self router configuration command on the CE router that runs the Carrier Supporting Carrier feature to configure this CE router as the next hop for the PE router.

CSCdx87434

Symptoms   Large packet losses occur when a Stateful Switchover (SSO) Nonstop Forwarding (NSF) switchover occurs.

Conditions   This symptom is observed on a Cisco 7500 series router that is configured with Versatile Interface Processors (VIPs) and is caused by an improper configuration of distributed Cisco Express Forwarding (dCEF) and weighted fair queueing (WFQ).

Workaround   Follow these steps:

a. Verify what type of queueing is configured on a VIP interface by entering the show interfaces privileged EXEC command and verifying the "Queueing Strategy" field.

b. If the "Queueing Strategy" field indicates WFQ, change the field value to VIP-based WFQ by entering the fair-queue interface configuration command on the VIP interface.

CSCdx89425

Symptoms   When a line card reloads while multicast traffic is being sent to its ingress interface, the line card may reload again.

Conditions   This symptom is observed on a Cisco 12000 series Internet router.

Workaround   There is no workaround.

CSCdx89548

Symptoms   An interface on a Cisco 7500 series channelized T3 port adapter cannot ping a directly connected interface because of adjacency difficulties.

Conditions   The conditions under which these symptoms occur are not known at this time.

Workaround   Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the interface on the channelized T3 port adapter.

CSCdx93291

Symptoms   The Cisco 10000 series edge services router does not support the OperStatus and presence indicator for the fan and power modules: the ciscoEnvMonFanStatusTable and the ciscoEnvMonSupplyStatusTable in the CISCO-ENVMON-MIB are not supported.

Conditions   This symptom is observed in Cisco IOS Release 12.0(21)S and later releases.

Workaround   There is no workaround.

CSCdy00245

Symptoms   A Cisco 7500 series Packet-over-SONET (POS) port adapter that is installed in a Versatile Interface Processor (VIP) reloads at vip_ip_fib_fs_tag.

Conditions   This symptom is observed when a Cisco 7500 series router that serves as a Multiprotocol Label Switching Traffic Engineering (MPLS-TE) tunnel head with Fast Reroute (FRR) enabled performs a Stateful Switchover (SSO) while traffic is entering through the POS port adapter.

Workaround   There is no workaround.

CSCdy01211

Symptoms   A Multilink Frame Relay interface is rejected by the parser during bootup.

Conditions   This symptom is observed on a Cisco 12000 series Internet router.

Workaround   There is no workaround.

CSCdy01271

Symptoms   A Cisco 12000 series 6-port channelized T3 (6CT3-SMB) line card reloads when the encapsulation on a serial interface on the line card is changed from High-Level Data Link control (HDLC) to Frame Relay.

Conditions   This symptom is observed on a Cisco 12000 series Internet router after a Stateful Switchover (SSO).

Workaround   There is no workaround.

CSCdy02298

Symptoms   A line card may reload.

Conditions   This symptom is observed on a Cisco 12000 series Internet router when a policy map is configured with "priority" in one class, the policy map is attached to an interface of an Engine 4 plus line card, and "bandwidth percent" is added to another class on the same policy map.

Workaround   Do not configure "bandwith percent" on a policy map if the policy map already has "priority" configured in a class.

CSCdy03361

Symptoms   Packet drops may occur in the Cisco Express Forwarding (CEF) and distributed Cisco Express Forwarding (dCEF) paths after a router is reloaded when a ping is sent (through the router) to the IP address of a directly connected customer edge (CE) router.

Conditions   This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.2(6). The CE router in this setup is connected to a Fast Ethernet Virtual Private Network (VPN) routing/forwarding (VRF) dot1q subinterface that has the mpls netflow egress interface configuration command configured.

Workaround   The Cisco 7500 series router can ping the IP address of the directly connected CE router and cause the relevant Address Resolution Protocol (ARP) entries to be populated.

Alternate Workaround A   Remove the mpls netflow egress interface configuration command from the subinterface.

Alternate Workaround B   Add a static ARP entry for the VRF subinterface by entering the arp vrf ip mask mac arpa global configuration command.

Alternate Workaround C   Enter the clear arp privileged EXEC command on the destination CE router.

CSCdy04472

Symptoms   Polling for numbered ATM subinterfaces and unnumbered Frame Relay interfaces does not return any data. When the ifInNUcastPkts, ifOutNUcastPkts, and ifOutQLen variables are among the first of multiple objects that are bundled together in an snmpget command, some or all of these variables return the message "no such variable."

Conditions   This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(19)S2.

Workaround   Retrieve the variables individually or via an snmpwalk command.

CSCdy05017

Symptoms   An Engine 2 line card may reload.

Conditions   This symptom is observed when tag switching is enabled on a Cisco 12000 series Internet router that has Engine 2 line cards while load balancing is occurring in the Cisco Express Forwarding (CEF) path.

Workaround   There is no workaround.

CSCdy05963

Symptoms   A Cisco 12000 series standby Route Processor (RP) remains disabled in Route Processor Redundancy Plus (RPR+) or Stateful Switchover (SSO) mode. The standby RP boots up from the ROM monitor (ROMmon) mode but does not initialize completely.

Conditions   This symptom is observed when you use the send break EXEC command to return the standby RP to the ROMmon prompt, but not when you use the standby reload command for the same purpose.

Workaround   There is no workaround.

CSCdy06278

Symptoms   Multilink PPP (MLPPP) interfaces are in a "Down/Down" state after a Stateful Switchover (SSO) occurs.

Conditions   This symptom is observed on a Cisco 7500 series router.

Workaround   Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the MLPPP interfaces.

CSCdy06328

Symptoms   The memory usage of a Cisco 12000 series Route Processor (RP) is very high.

Conditions   This symptom is observed on a Cisco 12000 series Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21)S1 and that is configured with an IP Services Engine (ISE) line card with v8 NetFlow enabled.

Workaround   There is no workaround.

CSCdy09407

Symptoms   During a Stateful Switchover with Nonstop Forwarding (SSO/NSF), transit traffic may be interrupted for a brief period of time. This condition is temporary, is related to timing, and may be platform-dependent.

This condition occurs when the following sequence of events occurs:

a. The Open Shortest Path First (OSPF) loopback interface comes up first during the switchover.

b. A router link-state advertisement (LSA) is scheduled for the area associated with the loopback interface.

c. One or more other OSPF interfaces come up, and neighbors of those interfaces enter a "Full" state while the router LSA is scheduled.

d. The router LSA is finally generated and flooded to the neighbors that are in a "Full" state.

The end result is that the neighbors that are in a "Full" state cause some OSPF routes to be temporarily deleted. This condition is most easily observed when there are OSPF neighbors on a broadcast network segment with designated routers (DRs) and backup designated routers (BDRs).

Conditions   This symptom is observed on a Cisco 12000 series router, but could also occur on a Cisco 7500 series or Cisco 10000 series router.

Workaround   Ensure that the loopback interface address is not included in one of the OSPF network statements under the router ospf global configuration command. If the loopback address needs to be advertised into the OSPF, it can often be advertised by redistributing connected subnets with a route map that specifically permits the loopback interface.

CSCdy10448

Symptoms   Open Shortest Path First (OSPF) does not propagate the routes into a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN).

Conditions   This symptom is observed when VPN routing/forwarding (VRF) instances are configured on the neighboring router.

Workaround   There is no workaround.

CSCdy10739

Symptoms   Disassociating slots without removing ATM virtual circuits (VCs) causes the ATM VCs to go into an inactive state.

Conditions   This symptom is observed when the Automatic Protection System (APS) feature is enabled and you delete the ATM VCs after the slots are disassociated.

Workaround   Delete the ATM VCs before you disassociate the slots.

CSCdy11698

Symptoms   A Cisco 12000 series imposition line card does not handle the hop limit correctly.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.1)S and that is functioning as a provider edge (PE) router that is running IPv6 in a Multiprotocol Label Switching (MPLS) environment (also referred to as a 6PE router).

Workaround   There is no workaround.

CSCdy13708

Symptoms   Sampled NetFlow (SNF) may fail to sample the packets that have been denied by an access control list (ACL).

Conditions   This symptom is observed when an ACL and SNF are applied to the same interface on a Cisco 12000 series Engine 2 line card.

Workaround   There is no workaround.

CSCdy15862

Symptoms   A Gigabit Route Processor (GRP) may reload after a cache parity error occurs on a 1-port Gigabit Ethernet (GE) or 8-port Fast Ethernet (FE) line card.

Conditions   This symptom is observed a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S3 or Release 12.0(22)S and that is configured with an Engine 1 1-port GE or Engine 1 8-port FE line card.

The GRP will reload only in the rare event that the cache parity error occurs in a CPU cache line that contains a control packet.

Workaround   Deconfigure the Error-Correction Code (ECC) software feature by entering the no service cerf global configuration command.

For more information, see the document at the following location:

http://www.cisco.com/warp/public/770/fn16911.shtml

CSCdy15975

Symptoms   A Cisco 10000 series line card sends a "link up state" message before the interprocess communication (IPC) is established. This situation causes the Cisco IOS software to report the line card to be down.

Conditions   This symptom is observed when you enter the hw-module slot number reset EXEC command on a Cisco 10000 series router, and a large number (that is, 4000) point-to-point virtual circuits (VCs) are configured.

Workaround   There is no workaround.

CSCdy17360

Symptoms   With Route Processor Redundancy Plus (RPR+) enabled, when you send a break twice on an active Route Processor (RP), the second synchronization fails. The active RP does not attempt to reload the standby RP.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.1)S1 in a configuration with 2000 ATM subinterfaces and 200 Border Gateway Protocol (BGP) peers that are advertising 180,000 BGP routes.

Workaround   There is no workaround.

CSCdy18324

Symptoms   Per-packet load balancing does not function on an interface that is configured with basic Multiprotocol Label Switching (MPLS).

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S or a later release.

Workaround   There is no workaround.

CSCdy19736

Symptoms   A T3 (DS3) interface on a Cisco 10000 series 8-port E3/T3 line card fails to ping.

Conditions   This symptom is observed after a Cisco 10000 series router has reloaded.

Workaround   Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the line card.

CSCdy19877

Symptoms   A Cisco 12000 series Route Processor (RP) may reload because of a Resource Reservation Protocol (RSVP) database code error.

Conditions   This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.2(22)S when you attempt to configure a large number of Multiprotocol Label Switching Traffic Engineering (MPLS-TE) tunnels and memory allocation (MALLOC) errors occur.

Workaround   There is no workaround.

CSCdy21552

Symptoms   A Cisco 10000 series router may display an incorrect number of channelized OC-12 line cards in the output of the show version EXEC command. The number of channelized OC-12 line cards that is reported is usually double the number of the actual number of channelized OC-12 line cards.

Conditions   This symptom is observed on a Cisco 10000 series router that is configured with channelized OC-12 line cards. The condition is cosmetic and does not affect system operation.

Workaround   You can identify the correct number of channelized OC-12 line cards by entering the show diag summary EXEC command and determining the slots that contain these line cards. For example, for a line card in slot 5/0, the output of the show diag summary EXEC command will be as follows:

Slot/Subslot 5/0: 1choc12-1 card, 1 port

CSCdy22120

Symptoms   The sysUpTime MIB object, which reports the system uptime, periodically returns a value smaller than the previous value.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   There is no workaround.

CSCdy22596

Symptoms   Interprocessor communication (IPC) timeout flaps may occur on a Cisco 10000 series line card.

Conditions   This symptom is observed on a Cisco 10000 series router that is running Cisco IOS Release 12.0(21)ST2.

Workaround   There is no workaround.

CSCdy22725

Symptoms   The sustainable cell rate (SCR) value is lost and becomes zero when you reset an interface under which a permanent virtual connection (PVC) is defined with the old style syntax and that has variable bit rate (VBR) traffic parameters. The same PVC disappears completely from the configuration after the router is rebooted.

Conditions   These symptoms are observed on a Cisco 7500 series router.

Workaround   Use the new style syntax to define the PVC.

CSCdy25884

Symptoms   You cannot enable Sampled NetFlow and aggregated NetFlow simultaneously. If you allow a Sampled NetFlow configuration to overwrite an aggregated NetFlow configuration and then disable Sampled NetFlow, the aggregated NetFlow configuration is still present.

Conditions   This symptom is observed on an interface of a Cisco 7500 series router.

Workaround   Delete the aggregated NetFlow configuration before you configure Sampled NetFlow.

CSCdy27052

Symptoms   A Cisco 7500 series router may reload unexpectedly.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   There is no workaround.

CSCdy27126

Symptoms   When all eight ports of an 8-port unchannelized E3/T3 line card are in use, memory corruption may occur, which may cause random router reloads.

Conditions   These symptoms are observed on a Cisco 10000 series router.

Workaround   Use only seven ports of the line card.

CSCdy27385

Symptoms   A Cisco 7500 series router may reload because of an arithmetic exception when the traffic-shape rate bit-rate burst-size excess-burst-size interface configuration command is applied to a serial interface.

The output of the show version EXEC command includes the following line, in which "0xXXXXXXXX" is the address at which the router reloads:

System returned to ROM by error - an arithmetic exception, PC 0xXXXXXXXX

Conditions   This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0(13)S2 when the bit rate is smaller than 1000. The router may or may not have generic traffic shaping configured on its interfaces.

Workaround   Do not specify a bit rate that is smaller than or equal to 1000, even though the command-line interface (CLI) accepts it.

CSCdy27442

Symptoms   If a nonaggregated variable bit rate-non-real time (VBR-NRT) permanent virtual circuit (PVC) is created while the associated link is in a "Down" state and then deleted before the associated link ever transitions to the "Up" state (that is, the PVC spends its entire life with the associated link in a "Down" state), the per-link subscribed rate is not properly maintained (that is, the bandwidth is not returned to the pool). In rare situations, this situation may lead to an inability to create nonaggregated PVCs.

Conditions   This symptom is observed on a Cisco 10000 series router.

Workaround   Ensure that the associated link transitions to the "Up" state.

CSCdy30557

Symptoms   A Cisco 12000 series Engine 2 8-port OC-3 ATM line card reloads when an inappropriate value for the Modified Deficit Round Robin (MDRR) bandwidth is attached.

Conditions   This symptom is observed on a Cisco 12000 series router.

Workaround   There is no workaround.

CSCdy34152

Symptoms   The ifDescr MIB object continues to return information for a 24-port channelized E1/T1 line card after the line card is removed and the no card command is entered.

Conditions   This symptom is observed on a Cisco 10000 series router.

Workaround   Reload the router.

CSCdy34581

Symptoms   A Cisco 12000 series router may reload because of a memory corruption.

Conditions   This symptom is observed during the configuration of traffic shaping.

Workaround   There is no workaround.

CSCdy34771

Symptoms   All subinterfaces of a Cisco 10000 series OC-3 Packet-over-SONET (POS) line card are shown to be in a "Down/Down" state while the main POS interface is shown to be in an "Up/Down" state.

Conditions   This symptom is observed when you configure the OC-3 POS interface with 100 data-link connection identifiers (DLCIs).

Workaround   Saving the configuration and reloading the router will usually force all DLCIs to come up.

Alternate Workaround   Flapping the main POS interface may bring the line protocol up on the main interface.

CSCdy39282

Symptoms   A Cisco 12000 series 2-port channelized OC-3/STM-1 to DS1/E1 line card may fail.

Conditions   This symptom is observed in a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.3)S.

Workaround   There is no workaround.

CSCdy39839

Symptoms   A router may reload while calculating shortest path routes.

Conditions   This symptom is observed when you configure the metric-style wide global configuration command to enable Intermediate System-to-Intermediate System (IS-IS) in a Multiprotocol Label Switching (MPLS) traffic engineering (TE) environment.

Workaround   There is no workaround.

CSCdy41516

Symptoms   When you configure more than 256 Multilink PPP (MLP) interfaces on a Cisco 10000 series channelized T3 line card, the serial interfaces that belong to a bundle may no longer be accessible.

Conditions   This symptom is observed on a Cisco 10000 series router.

Workaround   There is no workaround.

CSCdy42349

This caveat consists of two symptoms, two conditions, and two workarounds.

Symptoms A  A Versatile Interface Processor (VIP) may reload when you enable the mpls netflow egress interface configuration command on a dot1q interface.

Conditions A   This symptom is observed on a VIP that is installed in a Cisco 7500 series router that has 802.1q trunking and Virtual Private Network (VPN) configured.

Workaround A   There is no workaround.

Symptoms B  Alignment errors may occur on Multiprotocol Label Switching (MPLS) packets that are traversing the feature path, such as the packets that encounter a service policy.

Conditions B   This symptom is observed on a Cisco 7200 series router that has 802.1q trunking and Virtual Private Network (VPN) configured.

Workaround A   There is no workaround.

CSCdy48247

Symptoms   When NetFlow is enabled on a Cisco 10000 series router, the Parallel Express Forwarding (PXF) network processor may reload, and the router may generate one of the following messages:

PXF DMA FTC Bad Address Error
TOASTER-2-FAULT: T1 XCM0 Address Error: R1
%TOASTER-2-FAULT: T1 SW Exception: CPU[t1r3c1] 0x00000680 at 0x0DFE LR 0x0934

Conditions   This symptom is observed on a Cisco 10000 series router that is running Cisco IOS Release 12.0(20)ST5, Release 12.0(21)ST4, or Release 12.0(22)S, and is more likely to occur when there have been buffer allocation failures on the PXF network processor.

Workaround   Disable NetFlow.

CSCdy50225

Symptoms   A Cisco 12000 series router may reload when a line card has failed and you perform a Simple Network Management Protocol (SNMP) query to cpmCPUTotalTable from a network management station (NMS).

Conditions   This symptom is observed under very rare situations.

Workaround   When a line card has failed, do not perform an SNMP query to cpmCPUTotalTable from an NMS.

CSCdy51751

Symptoms   A Cisco 10720 router may exchange labels incorrectly and rewrite a MAC header incorrectly. For example, the router is supposed to rewrite the MAC header with an Ethernet header but may rewrite the MAC header with a Packet-over-SONET header. The router may also exchange a label with one that is not consistent with the Multiprotocol Label Switching (MPLS) Tag Forwarding Information Base (TFIB).

Conditions   This symptom is observed on a Cisco 10720 router that functions as an MPLS provider (P) router, when all of the following conditions are met:

The router exchanges MPLS labels.

There are a huge number of labels in the router, for example, thousands of MPLS traffic engineering (TE) tunnel midpoints.

A link on which these tunnel midpoints transit flaps several times, which may cause more than 64,000 MAC rewrite indices.

Workaround   There is no workaround.

CSCdy54707

Symptoms   A line card that has the clock source line configuration command enabled by default nevertheless provides an internal clock signal, but the Cisco IOS software reports that an (external) line clock signal is provided.

This condition was discovered when pings to a local IP address were occasionally dropped at regular intervals. If you reset the line card by entering the hw-module slot shelf-id|slot-number reload EXEC command, the clock signal is set to internal by default.

Conditions   This symptom is observed when a Cisco 10000 series 24-port channelized E1/T1 line card is initialized through a Cisco IOS reload with the clock source line configuration command enabled by default.

Workaround   First explicitly configure the clock source internal configuration command on the line card and then configure the clock source line configuration command on the line card.

CSCuk35531

Symptoms   After an application-specific integrated circuit (ASIC) resets or a line card failure occurs, interfaces may come up, but the Forwarding Information Base (FIB) is disabled, and the following error message can be generated:

%FIB-3-FIBDISABLE: Fatal error, slot 2: IPC Failure: timeout

Conditions   These symptoms are observed on a 2-port channelized OC-3/STM-1 (DS1/E1) line card or a 6-port channelized T3 line card that is installed in a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)ST1.

Workaround   There is no workaround.

CSCuk36805

Symptoms   Deleting a traffic engineering (TE) tunnel by entering the no interface tunnel tunnel-number command may result in memory corruption and eventually may cause a router to reload.

Conditions   This symptom is observed on a Cisco 7200 series or Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S or Release 12.0(22.1)S and that has TE tunnel interfaces configured.

Workaround   There is no workaround.

Resolved Caveats—Cisco IOS Release 12.0(22)S

All the caveats listed in this section are resolved in Cisco IOS Release 12.0(22)S. This section describes only severity 1, severity 2, and select severity 3 caveats.

Basic System Services

CSCdt67183

Symptoms   Wrong NetFlow statistics may occur on all fast interfaces. Byte counter fields may overflow in 57 seconds at the OC12 line rate and in 15 seconds at the OC48 line rate. These counters have to be changed to 64 bit for the export of correct NetFlow statistics.

Conditions   This symptom is observed on all fast interfaces.

Workaround   There is no workaround.

CSCdv27333

Symptoms   Intermediate System-to-Intermediate System (IS-IS) hellos and PPP keepalives are treated like nonpriority packets and dropped by Selective Packet Dropping (SPD) in situations of congestion. In consequence, the router may loose its IS-IS adjacency or the Layer 2 connectivity, and the effect of SPD may fail.

Conditions   This symptom is observed on a Cisco 7500 series router. In theory, such a situation may occur only if the router is heavily loaded at the process level or if Cisco Express Forwarding (CEF) is disabled.

Workaround   Avoid using SPD if the input queue fills.

CSCdw02017

Symptoms   An EVENT-MIB set action may not work correctly.

Conditions   The Simple Network Management Protocol (SNMP) read-write community string may not be set correctly. For EVENT-MIB set actions to occur correctly the SNMP read-write community string must be set in mteEventSetContextName.

Workaround   Use mteEventSetContextName for specifying the community name.

CSCdw09442

Symptoms   The Route Processor Module (RPM) bootflash is corrupted and generates an invalid file header magic number. The dir command does not work. The Flash memory can be read only after a squeeze bootflash operation is performed but nothing can be copied onto the Flash memory.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   Format and copy files from the disk to recover the Flash memory.

CSCdw39619

Symptoms   An aggregate NetFlow cache may report a source mask even when the source address is not routable. The source prefix may show an incorrect mask in the aggregation cache and display a corresponding incorrect prefix.

Conditions   These symptoms are observed on a Cisco 12000 series Internet router. These symptoms occur because of an inconsistency in the Cisco Express Forwarding (CEF) write default routes for the line cards and Route Processor (RP).

Workaround   There is no workaround.

CSCdw50718

Symptoms   A router may reload because of a memory corruption.

Conditions   This symptom is observed when a Simple Network Management Protocol (SNMP) is set to the snmp-set smonVlanIdStatsTable elem 64-bit counter. The reload happens only when this counter is set to certain values.

Workaround   There is no workaround except to disable SNMP.

CSCdx15180

Symptoms   The snmp-server host global configuration command may not be accepted on a router. The snmp-server host global configuration command may also disappear from the configuration after the router is reloaded.

Conditions   This symptom is observed on a Cisco 2600 router that is running Cisco IOS Release 12.2(6) or Release 12.2(7).

Workaround   There is no workaround.

CSCdx25972

Symptoms   A router may reload.

Conditions   This symptom is observed on a Cisco 1000 series edge services router while a configuration is being loaded from a TFTP server.

Workaround   There is no workaround.

CSCdx27891

Symptoms   A router may indicate a watchdog timeout instead of a parity error.

Conditions   This symptom is observed on routers that have a different memory map compared to the Cisco 7200 router. In the case reported for a Cisco 12000 series Internet router, KuSeg addresses start at 0x50000000 instead of 0x60000000, which is where they start for a Cisco 7200 router.

Workaround   There is no workaround.

CSCdx35920

Symptoms   Service Assurance Agent (SAA) latency measurements may show unrealistic spikes.

Conditions   This symptom is observed when Border Gateway Protocol (BGP) is running on a router.

Workaround   Use the Jitter Probe, which requires the Response Time Reporter (RTR) responder to be running on the remote Cisco router.

CSCdx47520

Symptoms   Simple Network Management Protocol (SNMP) ifIndexes may be different after a switchover. This may be caused by bulk-sync of SNMP ifIndexes being broken.

Conditions   This symptom is observed on a Cisco 7500, series routers, Cisco 10000 series edge services routers, and on Cisco 12000 series Internet routers.

Workaround   There is no workaround.

CSCdx54922

Symptoms   A Performance Route Processor (PRP) having Border Gateway Protocol (BGP)/Interior Gateway Protocol (IGP) with Multiprotocol Label Switching Traffic Engineering (MPLS-TE) can cause exception when trying to reload the router. This leads to another reload.

Conditions   This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.3)S1.

Workaround   There is no workaround.

CSCdx58579

Symptoms   A Performance Route Processor (PRP) may reload when a previously unformatted bootflash is being formatted.

Conditions   This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.3)S1.

Workaround   There is no workaround.

CSCdx71842

Symptoms   Adding an extended Border Gateway Protocol (BGP) community-list statement with any illegal Regular Expression pattern into the global configuration on a router may cause the router to reload.

The following is an example of a community-list statement that may cause the router to reload:

config t ip community-list expanded test permit (6327:[1_)

Conditions   This symptom is observed when running Cisco IOS Release 12.0(19.1)S3 or a later release.

Workaround   Do not enter an extended BGP community-list statement that has an illegal Regular Expression pattern.


Note This symptom occurs on Cisco IOS Release 12.0(19.1)S3 and on later releases. It does not happen on Cisco IOS Release 12.0(19.1)S or on earlier releases. It is not specific to any platform.


CSCdx94801

Symptoms   When you configure a Cisco 12000 series Internet router with ATM interfaces, the secondary Route Processor (RP) reloads.

Conditions   The conditions under which these symptoms occur are not known at this time.

Workaround   There is no workaround.

EXEC and Configuration Parser

CSCdw53946

Symptoms   A router may reload unexpectedly.

Conditions   This symptom is observed on a Cisco router that is running Cisco IOS Release 12.1.(12) and that has Network Time Protocol (NTP) configured when a configuration change is made by a user whose username has a percent (%) sign in it.

Workaround   There is no workaround.

CSCdx18190

Symptoms   The configuration under the "controller" for channelized linecards reappears after removing it.

Conditions   This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.2)S in a dual Route Processor (RP) system. If the configuration under the "controller" for channelized linecards is removed, it is not synchronized to the standby. Hence, on a switchover, the configuration reappears.

Workaround   Remove the configuration followed by a switchover, and then remove the configuration again.

CSCdx32133

Symptoms   A router may reload with a bus error at address 0x500.

Conditions   This symptom is observed on a Cisco 7500 router that has a Route Switch Processor (RSP4) and that is running Cisco IOS Release 12.2(9.4a).

Workaround   There is no workaround.

Interfaces and Bridging

CSCdt30389

Symptoms   On a router, the PA-2CT1/PRI and PA-2CE1/PRI port adapters may cause occasional (every 5 seconds or more) packets to get delayed by 100 to 200milli-seconds (ms).

Conditions   This symptom is observed on a Cisco 7200 series router that is running Cisco IOS Release 12.1(5)T1. The symptom is not noticeable unless interpacket delay is monitored at the output ports or channels of these port adapters for a continuous stream of packets. Furthermore, this delay is observed for the PRI mode of operation.

Workaround   There is no workaround.

CSCdu78921

Symptoms   A Multilayer Switch Feature Card (MSFC) may reload.

Conditions   This symptom is observed after an upgrade from Cisco IOS Release 12.0(7)XE to Release 12.1(8)AE.

Workaround   There is no workaround.

CSCdu83983

Symptoms   The output rate of an unspecified bit rate (UBR) virtual circuit (VC) can exceed the configured peak cell rate (PCR) of the VC.

Conditions   This symptom is observed on a Cisco 7500 series router with a PA-A3-OC12 port adapter.

Workaround   Configure the VC as variable bit rate nonreal-time (VBR-nrt) on the router, set peak cell rate (PCR) equal to sustainable cell rate (SCR) and leave any network provisioning of the VC as UBR.


Note The ATM service category of a VC must not match on an ATM router endpoint and on ATM network switches as long as equivalent traffic parameters are used.


CSCdv81601

Symptoms   A very high negative value may be displayed on the out counters.

Conditions   This symptom is observed on a Cisco 7100 router that is running Cisco IOS Release 12.1(9E). This symptom occurs if the packets from the hold queue are dropped.

Workaround   There is no workaround.

CSCdw28119

Symptoms   On a port adapter, some of the permanent virtual connections (PVCs) may not work properly. Consequently, some of the switched virtual circuits (SVCs) may not come up properly.

Conditions   This symptom is observed on a PA-A1 port-adaptor on a Cisco 7500 series router that is running Cisco IOS Release 12.2(6.8)T.

Workaround   Issue the shutdown interface global command to shut down the ATM interface. Wait for approximately 40 seconds, and then issue the no shutdown interface global command to enable the ATM interface.

CSCdw32980

Symptoms   The following message may appear:

%ATMPA-3-SETUPVCFAILURE: ATM10/0/0: Platform Setup_vc failed for 0/100, vcd 7

Conditions   This symptom is observed on a Cisco 7500 series router with a PA-A3-OC12 port adapter.

Workaround   There is no workaround.

CSCdw60490

Symptoms   A router may use Cisco Express Forwarding (CEF) to switch IP packets that enter an Inter-Switch Link (ISL) subinterface, regardless of the (interior) destination MAC address.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   There is no workaround.

CSCdw65799

Symptoms   An ATM permanent virtual connection (PVC) may remain in the "INAC" state after it is configured.

Conditions   This symptom is observed on a Cisco router that is running the c7200-p-mz.122-7.4.S image of Cisco IOS Release 12.2(7.4)S.

Workaround   Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the ATM interface to restore the PVC.

CSCdw75291

Symptoms   An autoinstall feature may not function properly.

Conditions   This symptom is observed when a Cisco 7204VXR router is autoinstalled with a T3 connection.

Workaround   There is no workaround.

CSCdw93032

Symptoms   The s1s0 flag that is configured on Packet-over-SONET(POS) interfaces automatically may reset to 0 after a reload.

Conditions   This symptom is observed on a Cisco 7200 or a Cisco 7500 series router that is running Cisco IOS Release 12.1(9)E.

Workaround   There is no workaround.

CSCdx45485

Symptoms   A router may pause indefinitely when the Inter-Switch Link (ISL) encapsulation is unconfigured from a subinterface.

Conditions   This symptom is observed on a Cisco 7200 series router that is running Cisco IOS Release 12.0(21.3)S.

Workaround   Use the dot1Q encapsulation instead.

CSCdx49370

Symptoms   On configuring weighted fair queueing (WFQ) on a serial interface, the link starts flapping.

Conditions   This symptom is observed on a Cisco 7500 series router.

Workaround   Perform a microcode reload.

CSCdx49398

Symptoms   A router may reload.

Conditions   This symptom is observed on a Cisco 7500 series router when Cisco IOS Release 12.0(21.3)S is being loaded.

Workaround   There is no workaround.

CSCdx65955

Symptoms   When the last VLAN is removed on an interface, the interface maximum transmission unit (MTU) may be set to less than the default value of 1524.

Conditions   This symptom is observed only on Fast Ethernet and Gigabit Ethernet interfaces.

Workaround   There is no workaround.

CSCdx87965

Symptoms   A router that is configured with a multichannel port adapter reloads because of a bus error exception.

Conditions   This symptom is observed when link flaps occur or interfaces are reset on a router that is configured with PA-MC-T1, PA-MC-E1, PA-MC-E3, or PA-MCX port adapters.

Workaround   There is no workaround.

CSCin06773

Symptoms   A router reloads immediately after configuring the card type for PA-MC-8TE1+ port adapter.

Conditions   This symptom is observed on a Cisco 75xx router. This symptom occurs if the online insertion and removal (OIR) of the Versatile Interface Processor (VIP) that has the PA-MC-8TE1+ port adapter is performed before configuring the card type.

Workaround   There is no workaround.

IP Routing Protocols

CSCds57882

Symptoms   In a full mesh of route reflectors, one or two of the route reflectors may have a Border Gateway Protocol (BGP) table with multiple entries for the same route (there should be only one) with multiple tags. Clients of the route reflector still receive the correct BGP information. Virtual Private Network (VPN) routing/forwarding instance (VRF) interfaces on the route reflector may get an incorrect tag.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   Clear the BGP session. Clearing the route fixes the tag situation, but not the BGP table.

CSCdu08686

Symptoms   A router may generate router link states but may fail to generate network link states for a connected network. The Open Shortest Path First (OSPF) neighbors may come up correctly on all the routers in the network.

Conditions   This symptom is observed on a Cisco 7206VXR router that is running the OSPF Protocol and acting as a designated router (DR).

Workaround   Set the priority on the interface to 0 so that the router is not the DR for that link.

CSCdu43164

Symptoms   A router may experience a memory leak.

Conditions   This symptom is observed on a Cisco 7206VXR Provider Edge (PE) router that is running Cisco IOS Release 12.1(5a) in a Multiprotocol Label Switching (MPLS)/Virtual Private Network (VPN) network. The memory leak is caused by the Border Gateway Protocol (BGP) I/O process and occurs at the rate of 100 KB to 130 KB per hour (about 2.5 MB to 3 MB per day) after the show mem sum | incl BGP privileged EXEC command is entered. This situation occurs regardless of whether the BGP neighbor is flapping.

The following is command output from the show proc mem | incl BGP privileged EXEC command:

PID TTY Allocated Freed Holding Getbufs Retbufs Process ... 104 0 3522569548 2139398320 21965976 297916 5184 BGP I/O

...

The show mem sum | incl BGP privileged EXEC command shows that function "BGP (1) update" allocates memory without deallocating it again after the job is completed.

Router# show mem sum | incl BGP

Alloc PC Size Blocks Bytes What ... 0x607C42E0 65496 333 21810168 BGP (1) update ....

Workaround   Reload the provider edge (PE) router.

CSCdv89098

Symptoms   A Border Gateway Protocol (BGP) session may time out, and the router may display the following message:

%BGP-3-NOTIFICATION: received from neighbor x.x.x.x x/x (hold time expired) 0 bytes

Conditions   This symptom is observed on a Cisco router that is running Multiprotocol Label Switching (MPLS) on an outbound interface that is connected to the MPLS network core and occurs when a Border Gateway Protocol (BGP) session with a maximum segment size (MSS) which is computed from the maximum transmission unit (MTU) of the router's next-hop interface has been established and the IP Transmission Control Protocol (TCP) path-mtu-discovery command has been issued.

Workaround   Adjust the IP MTU on one of the BGP routers using the ip mtu value command.

For example, to enforce a BGP session with a TCP MSS of 4426 bytes, issue the following command:

Router(config-if)# ip mtu 4466

The MTU and the shim header add up in the following way: an MSS of 4426 bytes plus a 40-byte TCP/IP header plus a 4-byte shim header equals 4470 (Packet-over-SONET [POS] link).

CSCdw15323

Symptoms   The output of the show ip rsvp reservation EXEC command displays interface names that are truncated to five digits. This behavior may also occur with the following show commands:

show ip rsvp request

show ip rsvp sender

show ip rsvp host receivers

show ip rsvp host senders

show ip rsvp temp-psb

show ip rsvp temp-rsb

Conditions   This symptom is observed on a Cisco 7500 series router. This condition prevents port numbers, such as those on Versatile Interface Processor (VIP) cards, from being displayed fully. This condition occurs when the router is configured with the Resource Reservation Protocol (RSVP) using the ip rsvp bandwidth interface configuration command while there is at least one ongoing RSVP session.

Workaround   There is no workaround.

CSCdw35031

Symptoms   A buffer leak may occur in the small pool.

Conditions   This symptom is observed when the Internet Group Management Protocol (IGMP) is configured on a multilayer switch feature card.

Workaround   There is no workaround.

CSCdw35985

Symptoms   The Enhanced Interior Gateway Routing Protocol (EIGRP) may cause an unexpected system reload at the igrp2_bandwidth_changed process.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   There is no workaround.

CSCdw36746

Symptoms   A router may reload because of a bus error at an invalid address.

Conditions   This symptom is observed on a Cisco 12000 series Internet router when Open Shortest Path First (OSPF) is enabled and if the same interarea prefix is advertised from multiple areas and is more than the path argument of the maximum-path path router configuration command that exists in the interarea prefix.

Workaround   There is no workaround.

CSCdw47116

Symptoms   A router may reboot because of a memory allocation (MALLOC) error in the Border Gateway Protocol (BGP) router process.

Conditions   This symptom is observed on a Cisco 12000 series Internet router.

Workaround   There is no workaround.

CSCdw62875

Symptoms   Routes may not exist in the tag forwarding table.

Conditions   This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(20.3)ST on routes that exist in the Cisco Express Forwarding (CEF) table and in the route table.

Workaround   Reload the router.

CSCdw64457

Symptoms   A router may issue a spurious access in rsvp_update_explicit_route.

Conditions   This symptom is observed on a Cisco IOS router that is running Cisco IOS Release 12.0 ST and Release 12.0 S with Multiprotocol Label Switching (MPLS) traffic engineering (TE) tunnels and the Resource Reservation Protocol (RSVP) but only when memory allocation failures are occurring on the router.

Workaround   There is no workaround.

CSCdw83512

Symptoms   A system may reload.

Conditions   This symptom is observed when a write terminal EXEC command is issued.

Workaround   There is no workaround.

CSCdw83531

Symptoms   Border Gateway Protocol (BGP) updates may be corrupted. The following message may be displayed when this symptom occurs:

BGP-6-NEXTHOP: Invalid next hop (0.0.0.0) received from x.x.x.x: martian next hop BGP(0): x.x.x.x rcv UPDATE w/ attr: nexthop 0.0.0.0, origin ?, metric 0, originator 0.0.0.0, path YYYY, community, extended community 20.1.1.0/24 -- DENIED due to: martian NEXTHOP;

Conditions   This symptom is observed on a customer edge (CE) router when BGP updates are sent from a provider edge (PE) router to the CE router if peer groups are specified using the address-family ipv4 vrf vrf-name router configuration command. BGP routes may be lost on the CE router even though the BGP neighbors remain up.

Workaround   Remove the peer group configuration from the address-family ipv4 vrf vrf-name router configuration command.

CSCdx03185

Symptoms   A router may reload when it is searching the Resource Reservation Protocol (RSVP) database.

Conditions   This symptom is observed on a Cisco router that is running in the Route Processor Redundancy Plus (RPR+) or the Stateful Switchover (SSO) mode. The router reloads when a tunnel is up and when Multiprotocol Label Switching-traffic engineering (MPLS-TE), Cisco Express Forwarding (CEF), and IP routing are unconfigured using the following sequence of commands:

no tag advertise-tags

no mpls ip

no mpls label protocol ldp

no ip routing

no ip cef

no mpls traffic-eng tunnels

Workaround   Issue the no mpls traffic-eng tunnels router configuration command to shut down all tunnels before issuing the no ip routing global configuration command.

CSCdx06621

Symptoms   A router may reload with a bus error while the Shortest Path First (SPF) algorithm is computed.

Conditions   This symptom is observed if multiple routers are advertising the same prefix in Type-5 or Type-7 link-state advertisements (LSAs).

Workaround   There is no workaround.

CSCdx07305

Symptoms   Enhanced Interior Gateway Routing Protocol (EIGRP) can log a spurious access.

Conditions   This symptom is observed under unusual circumstances when removing or changing network statements.

Workaround   There is no workaround.

CSCdx07527

Symptoms   Border Gateway Protocol (BGP) peergroup statements are ignored.

Conditions   This symptom is observed on BGP peergroup statements with multicast network layer reachability information (NLRI) only after a reload.

Workaround   Reconfigure the router while it is running.

CSCdx17459

Symptoms   A software-forced reload may occur on a router.

Conditions   This symptom is observed on a Cisco 12008 router that has a Multiprotocol Label Switching (MPLS) traffic engineering (TE) tunnel that is configured with an absolute metric when the tunnel is used with the Open Shortest Path First (OSPF) protocol. A watchdog timer event may be triggered, and the router may reload after the shutdown interface configuration command followed by the no shutdown interface configuration command is issued on the tunnel interface.

Workaround   There is no workaround.

CSCdx17597

Symptoms   A Multilayer Switch Feature Card (MSFC) and Supervisor Engine may reload during an attempt to format a withdrawn routes message ("MP_UNREACH") for that address family.

Conditions   These symptoms are observed on an MSFC and Supervisor Engine that function in a multiprotocol Border Gateway Protocol (MP-BGP) environment with an address family other than the IPv4 unicast address family (such as the IPv4 multicast address family) and with a large number of prefixes in the corresponding BGP table.

Workaround   Remove the address family other than the IPv4 unicast address family.

CSCdx19804

Symptoms   The neighbor x.x.x.x translate-update router configuration command may break. Also, this command may not appear under the address-family ipv4 multicast family address submode command.

Conditions   This symptom is observed after the merge of the Cisco IOS Release 12.0 S and Release 12.0 ST.

Workaround   There is no workaround.

CSCdx25551

Symptoms   A software-forced reload may occur on a router.

Conditions   This symptom is observed on a Cisco router if an interface is shut down from another terminal while output from the show ip pim neighbor EXEC command is displayed.

Workaround   There is no workaround.

CSCdx25807

Symptoms   The redistribute static route-map router configuration command may not work correctly if it is issued under a multicast address family.

Conditions   This symptom occurs only if a static route is redistributed into IP version 4 (IPv4) unicast through the network statement and if the static routes are redistributed into multicast using a redistribute statement.

Workaround   Issue the redistribute static route-map router configuration command to redistribute the static routes for IPv4 unicast.

CSCdx32947

Symptoms   When the ip pim rp-address ip-address [group-access-list] [override] [bidir] global configuration command is configured, a conflict that is learned from an Auto Rendezvous Point (Auto-RP) announcement is still used even if the override keyword is specified.

Conditions   This symptom is observed on a Cisco router that is running Cisco IOS Release 12.2 S. The router still accepts information from the Auto-RP when this symptom occurs. This symptom does not occur if routers do not have conflicting information.

Workaround   There is no workaround.

CSCdx38760

Symptoms   A router may reload at the chunk_lock() point.

Conditions   This symptom is observed on a Cisco 7500 router that is running Cisco IOS Release 12.2(10.1)S.

Workaround   There is no workaround.

CSCdx42726

Symptoms   A router may reload, and pings may not pass through.

Conditions   This symptom is observed on a Cisco 10000 series edge services router that is running Cisco IOS Release 12.0(22)S during Address Resolution Protocol (ARP) processing routines.

Workaround   There is no workaround.

CSCdx46554

Symptoms   A route map that has the match nlri unicast multicast command is broken into two route maps, one with the original route-map tag and the other with "_mcast" extended.

Conditions   This symptom is observed on a Cisco router when an old route map format is changed to the new route map format and if a named community list or an extended community list is configured.

This translation can be automatically done or user-initiated if the bgp upgrade-cli router configuration command is available.

If a startup configuration has a route map that contains the match community community name route-map configuration command or the match extcommunity extended community-list number route-map configuration command, the router may reload if the write terminal privileged EXEC command, the show running-config privileged EXEC command, or the show route-map privileged EXEC command is issued after the original route map is deleted.

Workaround   Delete the match nlri unicast multicast route-map configuration command from the startup-config file or avoid deleting the original route map after the system is loaded.

Alternate Workaround   Do not issue the bgp upgrade-cli router configuration command.

CSCdx49181

Symptoms   When an additional new area is added to the provider edge (PE), all the type 3 link-state advertisements (LSAs) learned from other PEs via Border Gateway Protocol (BGP) do not get redistributed into this new area.

Conditions   The conditions under which this symptom occurs are not known at this time.

Workaround   Issue the clear ip ospf redistribution command.

CSCdx49744

Symptoms   A link-state advertisement (LSA) may not get flushed from the database.

Conditions   This symptom is observed when an LSA is changed from type 3 to type 5.

Workaround   Issue the clear ip ospf x process command.

CSCdx53795

Symptoms   If a peer advertises a replacement path (with the same MED as in the original path), the new path will be inserted in the original path's position. In other words, the replacement path may not be grouped with paths from the same autonomous system number (ASN) (as deterministic-med should). The ordering may result in incorrect routing, including routing loops.

Conditions   This symptom is observed on a Border Gateway Protocol (BGP) router using deterministic-med.

Workaround   There is no workaround. However, once the router is in the incorrect state, the situation can be corrected by disabling deterministic-med and then reenabling it.

CSCdx69165

Symptoms   When a provider edge (PE) router must advertise a large number of Virtual Private Network version 4 (VPNv4) prefixes to another PE router, the initial convergence time may be very long (more than 20 minutes), or convergence may never occur. One result of this defect is that the number of Border Gateway Protocol (BGP) messages used to propagate the VPNv4 prefixes may be greater than the number of prefixes.

Conditions   This symptom is observed on Cisco IOS Release 12.0(21.3)S.

Workaround   There is no workaround.