Guest

Cisco IOS Software Releases 12.0 S

Cross-Platform Release Notes for Cisco IOS Release 12.0S, Part 3: Caveats for 12.0(30)S through 12.0(33)S11

  • Viewing Options

  • PDF (4.8 MB)
  • Feedback
Caveats

Table Of Contents

Caveats

Resolved Caveats—Cisco IOS Release 12.0(33)S11

Resolved Caveats—Cisco IOS Release 12.0(33)S10

Resolved Caveats—Cisco IOS Release 12.0(33)S9

Resolved Caveats—Cisco IOS Release 12.0(33)S8

Resolved Caveats—Cisco IOS Release 12.0(33)S7

Resolved Caveats—Cisco IOS Release 12.0(33)S6

Resolved Caveats—Cisco IOS Release 12.0(33)S5

Resolved Caveats—Cisco IOS Release 12.0(33)S4

Basic System Services

Resolved Caveats—Cisco IOS Release 12.0(33)S3

Resolved Caveats—Cisco IOS Release 12.0(33)S2

Resolved Caveats—Cisco IOS Release 12.0(33)S1

Resolved Caveats—Cisco IOS Release 12.0(33)S

ISO CLNS

Miscellaneous

Open Caveats—Cisco IOS Release 12.0(33)S

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(32)S15

Resolved Caveats—Cisco IOS Release 12.0(32)S14

Resolved Caveats—Cisco IOS Release 12.0(32)S13

Resolved Caveats—Cisco IOS Release 12.0(32)S12

Resolved Caveats—Cisco IOS Release 12.0(32)S11

Resolved Caveats—Cisco IOS Release 12.0(32)S10

Resolved Caveats—Cisco IOS Release 12.0(32)S9

Basic System Services

EXEC and Configuration Parser

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(32)S8

Basic System Services

IBM Connectivity

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(32)S7

Basic System Services

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.0(32)S6

Basic System Services

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(32)S5

Basic System Services

IP Routing Protocols

Miscellaneous

TCP/IP Host-Mode Services

Resolved Caveats—Cisco IOS Release 12.0(32)S4

Basic System Services

IP Routing Protocols

Miscellaneous

TCP/IP Host-Mode Services

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(32)S3

Basic System Services

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.0(32)S2

Basic System Services

EXEC and Configuration Parser

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(32)S1

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(32)S

Basic System Services

IBM Connectivity

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

TCP/IP Host-Mode Services

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(31)S6

Basic System Services

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.0(31)S5

Basic System Services

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(31)S4

Basic System Services

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(31)S3

Basic System Services

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

TCP/IP Host-Mode Services

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(31)S2

Basic System Services

IP Routing Protocols

ISO CLNS

Miscellaneous

TCP/IP Host-Mode Services

Resolved Caveats—Cisco IOS Release 12.0(31)S1

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(31)S

Basic System Services

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

TCP/IP Host-Mode Services

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(30)S5

Basic System Services

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(30)S4

Basic System Services

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(30)S3

Basic System Services

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(30)S2

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.0(30)S1

Basic System Services

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

TCP/IP Host-Mode Services

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.0(30)S

Basic System Services

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

TCP/IP Host-Mode Services

Wide-Area Networking


Caveats

Caveats describe unexpected behavior in Cisco IOS software releases. Severity1 caveats are the most serious caveats; severity 2 caveats are less serious. Severity 3 caveats are moderate caveats, and only select severity 3 caveats are included in the caveats document.

Because Cisco IOS Release 12.0S is based on Cisco IOS Release 12.0, many caveats that apply to Cisco IOS Release 12.0 will also apply to Cisco IOS Release 12.0S. For information on severity 1 and severity 2 caveats in Cisco IOS Release 12.0, see the Caveats for Cisco IOS Release 12.0 document located on Cisco.com.


Note If you have an account on Cisco.com, you can also use the Bug Toolkit to find select caveats of any severity. To reach the Bug Toolkit, log in to Cisco.com and click Technical Support: Tools & Resources: Bug Toolkit. (The Bug Toolkit is listed under Troubleshooting.) Another option is to go to http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl. (If the defect that you have requested cannot be displayed, this may be due to one or more of the following reasons: the defect number does not exist, the defect does not have a customer-visible description yet, or the defect has been marked Cisco Confidential.)


These caveats are documented in the following format:

Symptoms: A description of what is observed when the caveat occurs.

Conditions: The conditions under which the caveat has been known to occur.

Workaround: Solutions, if available, to counteract the caveat.

The caveats section consists of the following subsections:

Cross-Platform Release Notes for Cisco IOS Release 12.0S, Part 3:
Caveats for 12.0(33)S11 through 12.0(30)S


Resolved Caveats—Cisco IOS Release 12.0(33)S11

Resolved Caveats—Cisco IOS Release 12.0(33)S10

Resolved Caveats—Cisco IOS Release 12.0(33)S9

Resolved Caveats—Cisco IOS Release 12.0(33)S8

Resolved Caveats—Cisco IOS Release 12.0(33)S7

Resolved Caveats—Cisco IOS Release 12.0(33)S6

Resolved Caveats—Cisco IOS Release 12.0(33)S5

Resolved Caveats—Cisco IOS Release 12.0(33)S4

Resolved Caveats—Cisco IOS Release 12.0(33)S3

Resolved Caveats—Cisco IOS Release 12.0(33)S2

Resolved Caveats—Cisco IOS Release 12.0(33)S1

Resolved Caveats—Cisco IOS Release 12.0(33)S

Open Caveats—Cisco IOS Release 12.0(33)S


Resolved Caveats—Cisco IOS Release 12.0(32)S15

Resolved Caveats—Cisco IOS Release 12.0(32)S14

Resolved Caveats—Cisco IOS Release 12.0(32)S13

Resolved Caveats—Cisco IOS Release 12.0(32)S12

Resolved Caveats—Cisco IOS Release 12.0(32)S11

Resolved Caveats—Cisco IOS Release 12.0(32)S10

Resolved Caveats—Cisco IOS Release 12.0(32)S9

Resolved Caveats—Cisco IOS Release 12.0(32)S8

Resolved Caveats—Cisco IOS Release 12.0(32)S7

Resolved Caveats—Cisco IOS Release 12.0(32)S6

Resolved Caveats—Cisco IOS Release 12.0(32)S5

Resolved Caveats—Cisco IOS Release 12.0(32)S4

Resolved Caveats—Cisco IOS Release 12.0(32)S3

Resolved Caveats—Cisco IOS Release 12.0(32)S2

Resolved Caveats—Cisco IOS Release 12.0(32)S1

Resolved Caveats—Cisco IOS Release 12.0(32)S


Resolved Caveats—Cisco IOS Release 12.0(31)S6

Resolved Caveats—Cisco IOS Release 12.0(31)S5

Resolved Caveats—Cisco IOS Release 12.0(31)S4

Resolved Caveats—Cisco IOS Release 12.0(31)S3

Resolved Caveats—Cisco IOS Release 12.0(31)S2

Resolved Caveats—Cisco IOS Release 12.0(31)S1

Resolved Caveats—Cisco IOS Release 12.0(31)S


Resolved Caveats—Cisco IOS Release 12.0(30)S5

Resolved Caveats—Cisco IOS Release 12.0(30)S4

Resolved Caveats—Cisco IOS Release 12.0(30)S3

Resolved Caveats—Cisco IOS Release 12.0(30)S2

Resolved Caveats—Cisco IOS Release 12.0(30)S1

Resolved Caveats—Cisco IOS Release 12.0(30)S


Cross-Platform Release Notes for Cisco IOS Release 12.0S, Part 4:
Caveats for 12.0(29)S1 through 12.0(27)S


Resolved Caveats—Cisco IOS Release 12.0(29)S1

Resolved Caveats—Cisco IOS Release 12.0(29)S


Resolved Caveats—Cisco IOS Release 12.0(28)S6

Resolved Caveats—Cisco IOS Release 12.0(28)S5

Resolved Caveats—Cisco IOS Release 12.0(28)S4

Resolved Caveats—Cisco IOS Release 12.0(28)S3

Resolved Caveats—Cisco IOS Release 12.0(28)S2

Resolved Caveats—Cisco IOS Release 12.0(28)S1

Resolved Caveats—Cisco IOS Release 12.0(28)S


Resolved Caveats—Cisco IOS Release 12.0(27)S5

Resolved Caveats—Cisco IOS Release 12.0(27)S4

Resolved Caveats—Cisco IOS Release 12.0(27)S3

Resolved Caveats—Cisco IOS Release 12.0(27)S2

Resolved Caveats—Cisco IOS Release 12.0(27)S1

Resolved Caveats—Cisco IOS Release 12.0(27)S


Cross-Platform Release Notes for Cisco IOS Release 12.0S, Part 5:
Caveats for 12.0(26)S6 through 12.0(24)S


Resolved Caveats—Cisco IOS Release 12.0(26)S6

Resolved Caveats—Cisco IOS Release 12.0(26)S5

Resolved Caveats—Cisco IOS Release 12.0(26)S4

Resolved Caveats—Cisco IOS Release 12.0(26)S3

Resolved Caveats—Cisco IOS Release 12.0(26)S2

Resolved Caveats—Cisco IOS Release 12.0(26)S1

Resolved Caveats—Cisco IOS Release 12.0(26)S


Resolved Caveats—Cisco IOS Release 12.0(25)S4

Resolved Caveats—Cisco IOS Release 12.0(25)S3

Resolved Caveats—Cisco IOS Release 12.0(25)S2

Resolved Caveats—Cisco IOS Release 12.0(25)S1

Resolved Caveats—Cisco IOS Release 12.0(25)S


Resolved Caveats—Cisco IOS Release 12.0(24)S6

Resolved Caveats—Cisco IOS Release 12.0(24)S5

Resolved Caveats—Cisco IOS Release 12.0(24)S4

Resolved Caveats—Cisco IOS Release 12.0(24)S3

Resolved Caveats—Cisco IOS Release 12.0(24)S2

Resolved Caveats—Cisco IOS Release 12.0(24)S1

Resolved Caveats—Cisco IOS Release 12.0(24)S


Cross-Platform Release Notes for Cisco IOS Release 12.0S, Part 6:
Caveats for 12.0(23)S6 through 12.0(6)S


Resolved Caveats—Cisco IOS Release 12.0(23)S6

Resolved Caveats—Cisco IOS Release 12.0(23)S5

Resolved Caveats—Cisco IOS Release 12.0(23)S4

Resolved Caveats—Cisco IOS Release 12.0(23)S3

Resolved Caveats—Cisco IOS Release 12.0(23)S2

Resolved Caveats—Cisco IOS Release 12.0(23)S1

Resolved Caveats—Cisco IOS Release 12.0(23)S


Resolved Caveats—Cisco IOS Release 12.0(22)S6

Resolved Caveats—Cisco IOS Release 12.0(22)S5

Resolved Caveats—Cisco IOS Release 12.0(22)S4

Resolved Caveats—Cisco IOS Release 12.0(22)S3

Resolved Caveats—Cisco IOS Release 12.0(22)S2

Resolved Caveats—Cisco IOS Release 12.0(22)S1

Resolved Caveats—Cisco IOS Release 12.0(22)S


Resolved Caveats—Cisco IOS Release 12.0(21)S8

Resolved Caveats—Cisco IOS Release 12.0(21)S7

Resolved Caveats—Cisco IOS Release 12.0(21)S6

Resolved Caveats—Cisco IOS Release 12.0(21)S5

Resolved Caveats—Cisco IOS Release 12.0(21)S4

Resolved Caveats—Cisco IOS Release 12.0(21)S3

Resolved Caveats—Cisco IOS Release 12.0(21)S2

Resolved Caveats—Cisco IOS Release 12.0(21)S1

Resolved Caveats—Cisco IOS Release 12.0(21)S


Resolved Caveats—Cisco IOS Release 12.0(19)S4

Resolved Caveats—Cisco IOS Release 12.0(19)S3

Resolved Caveats—Cisco IOS Release 12.0(19)S2

Resolved Caveats—Cisco IOS Release 12.0(19)S1

Resolved Caveats—Cisco IOS Release 12.0(19)S


Resolved Caveats—Cisco IOS Release 12.0(18)S7

Resolved Caveats—Cisco IOS Release 12.0(18)S6

Resolved Caveats—Cisco IOS Release 12.0(18)S5

Resolved Caveats—Cisco IOS Release 12.0(18)S3

Resolved Caveats—Cisco IOS Release 12.0(18)S2

Resolved Caveats—Cisco IOS Release 12.0(18)S1

Resolved Caveats—Cisco IOS Release 12.0(18)S


Resolved Caveats—Cisco IOS Release 12.0(17)S7

Resolved Caveats—Cisco IOS Release 12.0(17)S6

Resolved Caveats—Cisco IOS Release 12.0(17)S5

Resolved Caveats—Cisco IOS Release 12.0(17)S4

Resolved Caveats—Cisco IOS Release 12.0(17)S3

Resolved Caveats—Cisco IOS Release 12.0(17)S2

Resolved Caveats—Cisco IOS Release 12.0(17)S1

Resolved Caveats—Cisco IOS Release 12.0(17)S


Resolved Caveats—Cisco IOS Release 12.0(16)S10

Resolved Caveats—Cisco IOS Release 12.0(16)S9

Resolved Caveats—Cisco IOS Release 12.0(16)S8

Resolved Caveats—Cisco IOS Release 12.0(16)S3

Resolved Caveats—Cisco IOS Release 12.0(16)S2

Resolved Caveats—Cisco IOS Release 12.0(16)S1

Resolved Caveats—Cisco IOS Release 12.0(16)S


Resolved Caveats—Cisco IOS Release 12.0(15)S7

Resolved Caveats—Cisco IOS Release 12.0(15)S6

Resolved Caveats—Cisco IOS Release 12.0(15)S3

Resolved Caveats—Cisco IOS Release 12.0(15)S1

Resolved Caveats—Cisco IOS Release 12.0(15)S


Resolved Caveats—Cisco IOS Release 12.0(14)S8

Resolved Caveats—Cisco IOS Release 12.0(14)S7

Resolved Caveats—Cisco IOS Release 12.0(14)S3

Resolved Caveats—Cisco IOS Release 12.0(14)S1

Resolved Caveats—Cisco IOS Release 12.0(14)S


Resolved Caveats—Cisco IOS Release 12.0(13)S8

Resolved Caveats—Cisco IOS Release 12.0(13)S6

Resolved Caveats—Cisco IOS Release 12.0(13)S


Resolved Caveats—Cisco IOS Release 12.0(12)S4

Resolved Caveats—Cisco IOS Release 12.0(12)S3

Resolved Caveats—Cisco IOS Release 12.0(12)S


Resolved Caveats—Cisco IOS Release 12.0(11)S6

Resolved Caveats—Cisco IOS Release 12.0(11)S


Resolved Caveats—Cisco IOS Release 12.0(10)S8

Resolved Caveats—Cisco IOS Release 12.0(10)S7

Resolved Caveats—Cisco IOS Release 12.0(10)S


Resolved Caveats—Cisco IOS Release 12.0(9)S8

Resolved Caveats—Cisco IOS Release 12.0(9)S


Resolved Caveats—Cisco IOS Release 12.0(8)S1

Resolved Caveats—Cisco IOS Release 12.0(8)S


Resolved Caveats—Cisco IOS Release 12.0(7)S


Resolved Caveats—Cisco IOS Release 12.0(6)S


Resolved Caveats—Cisco IOS Release 12.0(33)S11

All the caveats listed in this section are resolved in Cisco IOS Release 12.0(33)S11. This section describes only severity 1, severity 2, and select severity 3 caveats

CSCtw53776

Symptoms: A Cisco 12000 linecard crashes when NetFlow version 1 is configured on the router.

Conditions: The crash occurs if the "ip flow export x.x.x.x <port>" command is used instead of the "ip flow export destination x.x.x.x <port>" command.

Workaround: Configure NetFlow version 5 or version 9.

CSCty77445

Symptoms: The SPA-2X1GE-V2 interface is in down/down status on RJ45 connection after moving the cable from RJ45 to SFP and back to RJ45 (SFP removed at the end).

Conditions: This symptom is observed when following these steps:

1. Make the interface up in RJ-45 mode (configure interface to RJ-45 mode with "media rj45" and you may also need to reboot the router without the SFP installed, if it is already in faulty condition).

2. Have the transceiver inserted into the corresponding SFP port and move the cable to the SFP.

3. Now, remove the transceiver and the cable together. Then move the cable to the RJ-45 port and that should trigger the problem. Port will not come up. Make sure that before you insert the cable into the RJ-45 port, the transceiver should be removed from the corresponding SFP port.

Workaround:

1. Use the SFP port.

2. Reload the router.

CSCud28759

Symptoms: SPA crash is seen when invoking spa_choc_dsx_cleanup_atlas_ci_config with no data packed.

Conditions: This symptom is observed when the packed data size should be 1 and the status should be success.

Workaround: There is no workaround.

CSCud28937

Symptoms: Two issues are observed:

1. Fasttag rewrite is not updated with new label after a route flap.

2. There are 2 load-shared paths and when one of the paths (say path2) goes down, the fasttag rewrite is not being set using path1. The clear ip route affected prefix command is needed to set the fasttag rewrite. Now if the path2 comes up, fasttag rewrite is not removed until you do a clear ip route affected prefix command.

Conditions: These symptoms are seen under the following conditions:

1. For the first issue, a Cisco 12000 series router connected to a non-Cisco device, which will send a new MPLS label to the Cisco 12000 series router after each session flap.

2. For the second issue, there should be two load-shared MPLS paths for a recursive destination prefix.

For both cases, the prefix should be a recursive prefix.

Workaround: Use the clear ip route affected prefix command for both issues.

CSCue51713

Symptoms: Prefix changes its path from iBGP to eBGP.

Conditions: This symptom occurs when the same prefix is learned through two paths, iBGP and eBGP.

Workaround: Use the clear ip route affected prefix command.

Resolved Caveats—Cisco IOS Release 12.0(33)S10

All the caveats listed in this section are resolved in Cisco IOS Release 12.0(33)S10. This section describes only severity 1, severity 2, and select severity 3 caveats.

CSCed68723

Symptoms: Packets that are destined for an MPLS VPN may not reach their destination. The output of the show ip cef vrf vrf-name detail command may show the following tag information:

10.0.0.0/16, version 437, epoch 0, cached adjacency to POS4/0
0 packets, 0 bytes
    Flow: AS 0, mask 16
    tag information set, all rewrites inherited <---------
        local tag: assigned-when-resolved-later <---------
    via 10.1.1.1, 0, 0 dependencies, recursive
       next hop 10.2.2.2, POS4/0 via 10.1.1.1/32
        valid cached adjacency

Conditions: This symptom is observed on a Cisco router that is configured for MPLS VPN forwarding and CEF.

Workaround: Clear the affected route by entering the clear ip route vrf vrf-name network mask command.

CSCsa49922

Symptoms: When an EIGRP internal route goes down, it may remain in the routing table although it is deleted from the EIGRP topology table.

Conditions: This symptom may occur when a router has an EIGRP internal route and an external route as the Successor and the Feasible Successor, respectively, for the same network and then the internal route goes down.

Workaround: Use either the internal route or the external route for the same network.

CSCso88138

Symptoms: When there is a link flap or a reload, RSVP shows that the interface is down while actually the interface is up. Because of this, the tunnel may take a backup path even when the interface is up.

Conditions: Unknown at this time.

Workaround: Perform a shut/no shut on the interface.

CSCsx08294

Symptoms: A Cisco 6500 running Cisco IOS Release 12.2(33)SXH may encounter a bus error due to OSPF processes.

Conditions: Occurs when the device is configured for OSPF Incremental SPF and Virtual Links.

Workaround: Do not use Incremental SPF.

CSCtc90579

Symptoms: Router crashes due to memory corruption during MPLS TE auto backup tunnel deletion.

Conditions: Caused by topology changes triggering backup tunnel deletion and RSVP hello mechanism.

Workaround: Globally, disable RSVP hello and enable BFD hello:

Router(config)# no ip rsvp signalling hello  
Router(config)# ip rsvp signalling hello bfd  
Per MPLS TE enabled interface:  
Router(config-if)# no ip rsvp signalling hello  
Router(config-if)# ip rsvp signalling hello bfd 
 
   

CSCte80997

Symptoms: When a linecard is reloaded, the LFIB entries do not match the RP CEF entries. Reloading the linecard and clearing CEF and CEF adjacencies on the linecard do not clear the problem.

Conditions: eiBGP enabled so the routes are learned through an iBGP path and an eBGP path, multipath, CEF enabled.

Workaround: Add static default routes, one via the directly connected CE router with outgoing information as eBGP path and the other for the remote CE router with outgoing information as iBGP path.

CSCtl82483

Symptoms: When there is a parent policy map on the main interface with "match vlan" and subinterfaces that have IPv6 traffic, after a shut and no shut of the main interface, the QoS for IPv6 traffic stops working.

Conditions: Using "match vlan" with the parent policy.

Workaround: Remove and reapply the policy map on the main interface. Also, if you enable the "debug eelc qos" command on the linecard, the problem goes away.

CSCtn58005

Symptoms: The prefix-list does not filter local routes configured in the L1-L2 domain.

Conditions: The symptom is observed on a router running IPv6 ISIS L1-L2 domain and when L1 routes are redistributed into L2 routes.

Workaround: There is no workaround.

CSCtq97113

Symptoms: High CPU utilization is observed on the linecard with the "CEF LC IPC Backg" process. It is followed by memory depletion in the RP, which results in the FIB being disabled.

Conditions: This symptom is observed when multipath load balancing is configured in the core network and these paths keep flapping.

Workaround: Stop the path flaps in the core network.

CSCtr88610

Symptoms: Five Cisco 12000 series Internet routers have similar problems. Few free buffers are seen in the Tofab Q, and linecard fish_status stuck or ToFab Q stuck is seen. The E5 card crashes due to a ToFab FIA FIFO overflow.

SLOT 2:Aug 10 15:17:19.984 PRC: %FIA-3-FIFOERRS: To Fabric FIFO Error was detected. Cell FIFO Overflow, Data = 0x400, 0x2, 0x0, 0x0. SLOT 2:Aug 10 15:17:19.984 PRC: TFIA is halted. Waiting for RP to initiate recovery 044884: Aug 10 15:17:22.202 PRC: %FABRIC-3-ERR_HANDLE: Due to FIA HALT error, reconfigure FIA on slot 2

Conditions: On E5 cards with oversubscribed traffic to an egress linecard.

Workaround: Change the FIA FIFO threshold value to 33 from default value of 37.

Attach<Failed slot #>

test write 2 11400020 0x21
test write 2 11400022 0x21
test write 2 11400024 0x21
test write 2 11400026 0x21
test write 2 11400028 0x21
test write 2 1140002A 0x21
test write 2 1140002C 0x21
test write 2 1140002E 0x21
test write 2 11400030 0x21
test write 2 11400032 0x21
test write 2 11400034 0x21
test write 2 11400036 0x21
test write 2 11400038 0x21
test write 2 1140003A 0x21
test write 2 1140003C 0x21
test write 2 1140003E 0x21

CSCts60315

Symptoms: Even after a TE tunnel goes down, CEF is stuck at "due for deletion".

Router3# show ip cef x.x.x.0  
x.x.x.0/29, version 24108960, epoch 0, cached adjacency x.x.x.x  
0 packets, 0 bytes  
    tag information from x.x.x.x/32, due for deletion, shared, all rewrites inherited  
        local tag: tunnel head  
        fast tag rewrite with Tu11111, point2point, tags imposed {360}  
    Flow: AS 0, mask 29  
    via x.x.x.x, 0 dependencies, recursive  
        next hop x.x.x.x, GigabitEthernet2/1/0.z via x.x.x.x/32 (Default)  
         valid cached adjacency
 
   

Conditions: Happens in customer environment only. Customer and TAC tried to recreate in the lab but failed.

Workaround: Issuing the clear ip route <prefix> command can help in some devices but not all.

CSCtt03653

Symptoms: Packets that are destined to router local IP addresses (including routing protocol packets) are dropped when under observation.

Conditions: The source or destination IP address of the dropped packet is provisioned for Lawful Intercept.

Workaround: There is no workaround.

CSCtt10671

Symptoms: At the customer site, it was seen that if the power manager is enabled, the 4-slot Cisco 12000 series chassis displays that the power is not sufficient to support three SIPs. This issue is not specific to the 4-slot chassis. Other chassis can also face this issue.

Conditions: This issue may occur if the chassis is running with a specific type of CSC/SFCs.

Workaround: There is no workaround.

CSCtu19667

Symptoms: A router reports an lbl configuration sync failure similar to:

%REDUNDANCY-3-CONFIG_SYNC: Active and Standby lbl configuration out of sync

Conditions: This symptom is seen when "ip host" commands are modified.

Workaround: The errors are cosmetic and do not accurately reflect the state of the configuration sync.

CSCtw53776

Symptoms: A Cisco 12000 linecard crashes when NetFlow version 1 is configured on the router.

Conditions: The crash occurs if the "ip flow export x.x.x.x <port>" command is used instead of the "ip flow export destination x.x.x.x <port>" command.

Workaround: Configure NetFlow version 5 or version 9.

CSCtw61050

Symptoms: A ping with a large packet size fails.

Conditions: When there are more than seven buffer pools.

Workaround: Configure a carve-level default or reduce the set of MTUs so that none of the pools is reduced.

CSCtx19461

Symptoms: If the BGP IPv6 table has a ::/X prefix present that is learned from another 6PE router, we see the following issues.

1. The 6PE router stops advertising the ::/0 prefix. Instead, it advertises the ::/X prefix that is present in the BGP table.

2. The 6PE router does not withdraw the ::/0 prefix.

3. Output from the "show bgp ipv6 unicast" command does not show prefix ::/0. Instead, it shows prefix ::/X.

Conditions: If the BGP IPv6 table has a ::/X prefix present that is learned from another 6PE router and you are advertising ::/0.

Workaround: There is no workaround.

CSCtx36490

Symptoms: There is a stuck stale nexthop 0.0.0.0 for routes that are redistributed into EIGRP from BGP. This stale nexthop gets promoted to the top of the EIGRP topology table upon a route/router flap. This will result in a redistribution loop in the RIB.

Conditions: The redistribution loop in the RIB causes the route to be continuously installed in the RIB from BGP and EIGRP, resulting in a high number of CEF updates. This high number of CEF updates results in the RP running out of memory due to CSCtq97113.

Workaround: Clear out the stale nexthop 0.0.0.0 from the EIGRP topology table by issuing the "clear ip eigrp [vrf <vrf-name>] <AS-number> topology <prefix> <mask>" command.

In a PE-CE environment, if there is a peering between two PEs that are learning the prefix from the same CE site, the stale nexthop 0.0.0.0 could get promoted in the EIGRP topology table upon a route flap. This could, in turn, trigger the looping. To avoid this, you may remove any such redundant peering.

A detailed explanation of this workaround is provided in the enclosure "explanation of workaround".

CSCtx63661

Symptoms: When you configure "isis metric xxx" (xxx > 63) before "ip router isis ...", the "isis metric xxx" command will not be synced to the standby RP.

Conditions:

1. xxx > 63

2. command sequence: "isis metric xxx" and then "ip router isis ..."

Workaround: Always configure "isis metric xxx" after "ip router isis ..."

CSCuk31498

Symptoms: HSRP packets are sent with the IP TTL field set to 2 instead of 1.

Conditions: Unknown.

Workaround: There is no workaround.

Further Problem Description: This has no detrimental effect on the operation of HSRP. This will not cause HSRP packets to be forwarded since they are sent to a link-local multicast address.

Resolved Caveats—Cisco IOS Release 12.0(33)S9

All the caveats listed in this section are resolved in Cisco IOS Release 12.0(33)S9. This section describes only severity 1, severity 2, and select severity 3 caveats.

CSCsa43815

Symptoms: The following error message is seen:

%SCHED-7-WATCH: Attempt to lock uninitialized watched semaphore (address 0)

Conditions: This symptom is observed when memory is reserved using the memory reserve critical 1000 configuration command, and a preemptive process is configured to run on the system.

Workaround: There is no known workaround yet.

CSCsy73123

Symptoms: Connected route on port-channel subinterface is not removed when port-channel is down.

It can also happen whenever we have Superfund an IP address.

Conditions:

R1(config-if)# do show ip route 192.168.0.0  
Routing entry for 192.168.0.0/23, supernet Known via "connected", distance 0, metric 0 
(connected, via interface) Routing Descriptor Blocks: * directly connected, via 
Ethernet0/0 Route metric is 0, traffic share count is 1 

R1(config-if)# do show ip route  
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX 
- EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - 
OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - 
EGP i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS 
inter area, * - candidate default, U - per-user static route o - ODR
Gateway of last resort is not set
C 192.168.0.0/23 is directly connected, Ethernet0/0 C 192.168.0.0/22 is directly 
connected, Ethernet0/0 >> C 192.168.0.0/21 is directly connected, Ethernet0/0 >> C 
192.168.0.0/20 is directly connected, Ethernet0/0 >> C 192.168.0.0/19 is directly 
connected, Ethernet0/0 >>
 
   

In this case, we have superneted an IP address.

Workaround: If we have this scenario [superneted IP address], workaround is to use the clear ip route * command.

CSCtc72553

Symptoms: An E5 linecard on a Cisco 12000 crashes.

Conditions: This symptom occurs with high traffic on OC48, E5, and possibly corrupt packets (MPLS packets without an MPLS label) received on the linecard.

The logs show the following:

Sep 30 01:41:01.958 PRC: %MBUS_SYS-3-NOBUFFER: Message from slot 1 in stream 1 dropped Sep 30 01:41:02.062 PRC: %FIB-2-FIBDISABLE: Fatal error, slot 1: IPC Failure: timeout Sep 30 01:41:02.062 PRC: %RP-4-RSTSLOT: Resetting the card in the slot: 1,Event: CEF failure

Workaround: There is no workaround.

Further Problem Description: The crash is seen on E5 OC48. Forwarding engine error interrupts are observed.

There is a basic configuration on the interface; a plain IPv4 configuration without MPLS.

CSCtg22674

Symptoms: The router experiences high CPU for several minutes due to "MPLS TE LM" process.

Conditions: This symptom occurs when a router has many (perhaps as few as 100) MPLS TE tunnels that traverse over a link which experiences repeated flapping in a short duration.

Workaround: There is no workaround.

Further Problem Description: Use the show process cpu command to determine CPU utilization. If this problem exists, the MPLS TE LM process holds greater than 90-percent resources for 5 minutes or more.

CPU utilization for five seconds: 100%/0%; one minute: 100%; five minutes: 100% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 216 867694836 18357673 47266 99.67% 99.09% 99.11% 0 MPLS TE LM

CSCth87458

Symptoms: Memory leak detected in SSH process during internal testing. Authentication is required in order for a user to cause the memory leak.

Conditions: This was experienced during internal protocol robustness testing.

Workaround: Allow SSH connections only from trusted hosts.

PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 6.8/5.6:

https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:L/Au:S/C:N/I:N/A:C/E:F/RL:OF/RC:C CVE ID CVE-2011-2568

Has been assigned to document this issue. Additional information on Cisco's security vulnerability policy can be found at the following URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

CSCtj44454

Symptoms: The "SCP Read" process is at 99 percent, and the SCP session is stuck or not responding to commands.

Conditions: This symptom is seen when a secure copy session is started on a Cisco router running Cisco IOS Release 12.0(32)SY8 and later and the TCP session is closed—for whatever reason—on the client or server. After the TCP session is closed, the CPU spikes indefinitely.

Workaround: There is no workaround.

CSCtj57910

Symptoms: A serial interface on a Cisco 12000 is Up/Down after a PRP switchover.

Conditions: This symptom can occur after a PRP switchover. Any Layer 2 encapsulation type (PPP, Frame Relay, and HDLC) is affected.

Workaround: Delete the interface (no channel-group) and recreate the interface (channel-group).

CSCtk13378

Symptoms: High CPU utilization is experienced by the "CEF LC IPC Backg" process on the E5 card.

Conditions: When there are multiple loadbalancing paths and a "cef clear linecard" command is issued on the peer router or a shut/no shut is performed on one interface of this router, high CPU utilization occurs from the CEF process.

Workaround: There is no workaround.

CSCtl04159

Symptoms: A BGP route map that is using a prefix list is not filtering outbound routes.

Conditions: A route map with a next hop and prefix list does not work.

Workaround: There is no workaround. You can use an access list if required.

CSCto83346

Symptoms: After reloading a CE device connected via ATM to a Cisco 12000 series Internet router with an ATMoMPLS circuit, the CE device starts experiencing cell lost.

Conditions: PVP mode ATMoMPLS.

Workaround: Remove and re-add the xconnect configuration under the attachment circuit.

CSCtq33005

Symptoms: When BFD goes down on a Cisco 12000 series router that is running Cisco IOS Release 12.0S, BGP may not tear the session down until the hold timer expires.

Conditions: This problem is seen on a subinterface that has been deleted and re-added.

Workaround: Create a new, unused subinterface and move the BFD session to the subinterface.

CSCtq33480

Symptoms: New link bundling entries may stop forwarding traffic.

Conditions: This symptom is seen with CEF link bundling entries on Engine 3 line card. The entries appear corrupted.

Workaround: Reload line card.

CSCtr89883

Symptoms: SPA IPC packets are getting corrupted due to MPLS packets received on the slow path.

Conditions: This symptom occurs only with IP options packets that are received from the MPLS core.

Workaround: Block the IP options packets.

CSCtr98532

Symptoms: A Cisco 12000 series router that is running a Cisco IOS 12.0(32) SY6 image or later and that has an Engine 5 linecard and channelized SPAs might occasionally see a spurious SPA reload or linecard reload.

Conditions: This issue is seen only with channelized SPAs (1xCHOC3, 4xCT3, or 8xCHT1/E1) and when the Control Plane Policing feature is configured. If the CoPP configuration is configured to examine Layer 4 headers (for example, TCP, UDP, or ICMP), the issue might be seen. The issue is seen along with the L3VPN over IP feature.

Workaround: There is no workaround. The issue is very random in nature and is dependent on network configuration.

Resolved Caveats—Cisco IOS Release 12.0(33)S8

All the caveats listed in this section are resolved in Cisco IOS Release 12.0(33)S8. This section describes only severity 1, severity 2, and select severity 3 caveats.

CSCtg41086

Symptoms: A customer observed multiple errors on the E1 on the Cisco 7206 side, which caused the interface to bounce continuously. The customer created a test VC on the Cisco 12000 SPA and measured its clocking in comparison to the ethalon. The difference was with an accuracy of 10^-3, but it should be at least 10^-6. Further tests showed that the E1 on the Cisco 12000 takes clocking from the SPA card, although it should take clocking from the SIP linecard backplane.

Conditions: A Cisco 12000 with an SPA-1XCHSTM1/OC3 that is used for channelized E1.

Workaround: Turn the synchronization around in order for the other side to be the clocking source.

CSCtg72961

Symptoms: A Cisco 12000 router may retain the old label for a VPNv4 route when the primary route has disappeared.

Conditions: This problem occurs when multiple routes for the same VPNv4 prefix exist and they all have the same next hop. You also need to have the ip cef table loadinfo force command configured on the router.

Workaround: Clear the affected route to recover from the problem.

CSCth90331

Symptoms: Interface flaps on an ISE ATM LC running Cisco IOS Release 12.0(32) SY11 cause a leak in the encapsulation table ("show gsr ha encap-table slot3" for that LC, and the encapsulation table will fill up). When that happens, any interface that flaps or is bounced will not be able to pass outbound traffic.

To see the encapsulation table, issue the "show gsr ha encap-table slot#" command. If the table is full, every entry will be FFFFFFFF.

SNIP.... 09BC9E60: FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ................ 09BC9E70: FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ................ 09BC9E80: FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ................ 09BC9E90: FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ................ 09BC9EA0: FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ................ 09BC9EB0: FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ................ 09BC9EC0: FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ................ 09BC9ED0: FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ................ 09BC9EE0: FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ................ 09BC9EF0: FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ................

Conditions: This symptom is observed on an ISE ATM LC that is running Cisco IOS Release 12.0(32)SY11.

Workaround: Stop any excessive interface flapping to prevent the encapsulation table from filling up. If it is full, a microcode reload of the affected LC will clear the table.

CSCth95192

Symptoms: On a Cisco router loaded with Cisco IOS Release 12.0(33)S6, when LSP changes, the CEF table may become stuck with old label information.

Conditions: This symptom occurs when there are two outgoing links to the BGP next hop for the prefix received via BGP.

The following is a snapshot of how the CEF table will be during the time of the issue:

R1# show ip cef 10.150.150.150 detail 
 
   
10.150.150.150/32, version 26, epoch 0, cached adjacency 10.1.15.5 0 packets, 0 bytes 
tag information from 10.100.100.0/30, shared, all rewrites owned local tag: 33 fast 
tag rewrite with Et0/0.12, 10.1.1.1, tags imposed {16} via 10.100.100.2, 0 
dependencies, recursive next hop 10.1.15.5, Ethernet0/0.15 via 10.100.100.0/30 
(Default) valid cached adjacency tag rewrite with Et0/0.15, 10.1.15.5, tags imposed 
{502}
 
   

Workaround: Issue the "clear ip route" command.

CSCti08185

Symptoms: WRED Min and Max threshold values appear as "0" in "show policy-map interface" output on an RP.

Conditions:

1. There are many multilink interfaces on a Cisco 12000 node bearing policies that have class maps sharing the same WRED min/max threshold configuration.

2. The multilink interfaces must have multiple members (the more members, the more the probability to hit the issue).

3. There must be a series of member addition/deletion events at the same time, such as during a reload.

4. The order in which the interfaces (the members of these multilink interfaces) come up also plays a role in hitting the issue.

Workaround:

1. Remove and re-apply the service policy (this will surely resolve the issue; however this is more of a recovery procedure).

2. Perform a shut/no shut on the interface (again, a recovery procedure; traffic impacting as well).

3. Before the upgrade, you can identify the policy (with the WRED configuration) that is attached to more than one multilink interface (with more than one member link). Remove that policy from the interface and apply it back after the upgrade after all member links of the interface have come up.

CSCti24849

Symptoms: Available interface bandwidth goes down for the Jag48/FB type of interfaces even when there is no policy on the main or subinterfaces.

Conditions:

1. The Jag48/FB card which will fall in to types which share same conga port per main interface and its subinterfaces.

2. Apply BT QoS (parent with dummy child) on the main interface.

3. Apply flat policy (with priority + police) on the subinterface.

4. Remove flat policy from the subinterface.

Workaround: Apply, again, policies to the main and subinterface. Remove the BT QoS from the main interface first and then remove the policy from the subinterface.

CSCti55312

Symptoms: When multilink interfaces (connected to CE device) are flapped on a Cisco 12000, the Cisco 12000 hardware does not set the HW adjacency correctly. It happens because LDP assigns imp-null instead of a real local label after multilink comes up.

Conditions: Static route pointing to multilink interfaces.

Workaround: Force LDP to assign a real local label instead of an imp-null after multilink comes up with shut/no shut on affected multilink interface.

Further Problem Description: Hardware CEF adjacency is NULL at ingress LC, for few static route prefixes going through multilink interfaces. It seems to occur when LDP does not assign a real label for a prefix, but this is a coincidence, not the root cause of the HW IP entry being NULL.

CSCti88244

Symptoms: Frequent flapping of Serial interfaces (E1) that are part of an MLPPP bundle may cause a PLIM Cause 0 reset. After the PLIM RESET recovery, some interfaces remain in the Up/Down state.

Conditions: Frequent flapping of Serial links that are part of an MLPPP bundle in Cisco IOS Release 12.0(33)S6.

Workaround: A PLIM RESET due to cause 1 is a recovery mechanism to reset the PLIM provisioning ASIC from its stuck condition. For interfaces that are in the Up/Down state after the PLIM recovery, a shut/no shut on Serial interfaces has to be done to recover the interfaces to operational status.

Resolved Caveats—Cisco IOS Release 12.0(33)S7

All the caveats listed in this section are resolved in Cisco IOS Release 12.0(33)S7. This section describes only severity 1, severity 2, and select severity 3 caveats.

CSCsv73754

Symptoms: A router crashes during VRF configuration. A traceback decode points to a function bgp_vpn_impq_add_vrfs_cfg_changes.

Conditions: The symptom is observed while unconfiguring VRFs. It is most likely to be seen when 100 VRFs or more are unconfigured.

Workaround: There is no workaround.

CSCsw63003

Symptoms: Memory increase occurs in "BGP Router" process due to BGP path attributes. Memory used by this process increase every day and so do the BGP path attributes while the number of routes is not increasing.

Conditions: This occurs on a provider edge (PE) router running Cisco IOS Release 12.2(31)SB, 12.2(33)SB, 12.2(33)SRB, 12.2(33)SRC, 12.2(33)SRD, 12.4, and 12.4T. Problem is seen with continuous churn in the network such that BGP never manages to converge and when the paths churning are not reusing existing path attributes. That will cause those paths to allocate new paths attributes.

Workaround: Reload the router if low memory conditions are reached or identify the root cause of the churn and attempt to fix that is possible.

CSCsy58115

Symptoms: In a router that is running BGP, the BGP process may hold increased amounts of memory over time without freeing any memory. This symptom may also be seen in the output of the show proc mem sort command and in the output of the show ip bgp sum or show ip bgp vpnv4 all sum commands and by looking at the number of BGP attributes, which may be increasing over time in relation to the BGP prefixes and paths, which may remain roughly the same.

Conditions: Some BGP neighbors are not in an established state and are not exchanging prefixes.

Workaround: Remove the configuration lines related to the inactive neighbors (neighbors in the Idle or Active states).

CSCsy83266

Symptoms: A router experiences CPU hog or crashes when doing snmpwalk.

Conditions: This symptom is observed when interfaces are attached with a large-scale police configuration (for example, a two-level policy map, 200 (parent classes) x 15 (child classes) = 3000 policers).

Workaround: There is no workaround for walking the table. To get a specific entry, use snmpget.

CSCsz12469

Symptoms: It was observed on a Cisco 12816 router that was running Cisco IOS Release 12.0(32)S6r that some linecard would not fully load to STRTIOS. Some slot would not completely boot a linecard, which would be stuck in WAITTRY.

Conditions: The following can be observed in the log when this symptom occurs on slot 11:

%MBUS_SYS-3-NOBUFFER: Message from slot 11 in stream 1 dropped %PRP-3-CHP_DESCQ_FULL: Chopper desc queue 11 full - enq 3383072 deq 3382050 blog 1022 -Traceback= 2044B0 2045B8 534840 535218 5353A4 351284 351350 5F6BE8 60AD34 5FA7D0 5FB24C 2EDFBC

Workaround: If route-processor redundancy exists, an RP forced switchover can reset the Chopper queue and clear the issue. If there is not a redundant RP, an RP reload will also clear the Chopper queue.

CSCtb03758

Symptoms: Traffic drops are observed on serial interfaces that are configured with L2VPNs.

Conditions: This symptom is observed when a microcode reload is performed on the linecard.

Workaround: Perform a shut/no shut on the serial interface on PE1.

CSCtb25496

Symptoms: New Excellight SFP part was being tested as part of Manufacturing change process MCN-22773. A few SFP parts failed security check in Cisco IOS software because the data read from the EEPROM in SFP was FF in some locations. This was further root-caused to the fact that there is some timing violation on I2C bus to SFP for reading the EPROM data. The I2C interface is register-mapped on the FPGA, and the software toggles two bits in the register to control the I2C protocol. Read is the only operation performed on the bus. During a read operation, after every data byte is read from the I2C slave (SFP), the bus floats for I2C master (FPGA) to return ACK to slave. This is the ninth clock cycle of SCL. SDA driven low during SCL's rising edge is detected as ACK. But here, the SDA is driven low during falling edge of SCL. That means, SDA's falling edge coincides with SCL's falling edge. This may sometimes be detected as a START condition by the slave (the START condition is a LOW on SCL during falling edge of SDA). The SFP state machine is disturbed with this, and it probably goes into START mode. So, the SFP does not drive any data onto the bus, whereas the master reads FF on the bus because the default state of SDA is HIGH.

Conditions: An SFP OIR.

Workaround: There is no workaround.

CSCtb73450

Symptoms: Start-Control-Connection-Request (SCCRQ) packets may cause a tunnel to reset after digest failure.

Conditions: This symptom occurs when the SCCRQ packets are sent with a wrong hash.

Workaround: There is no workaround.

CSCtc14824

Symptoms: Interface flapping in a link bundling may cause the linecards to crash.

Conditions: When an Engine 5 linecard and a Gigabit SPA are configured as part of a LB member and when bidirectional multicast traffic is sent through the LB interface that goes down, the linecard may crash.

Workaround: Perform one of the following two options:

Option 1: Where possible, consider building a port-channel from the same slot. For example, if your present configuration has the following:

!
interface GigabitEthernet0/1/1
 channel-group 1
!
interface GigabitEthernet1/0/0
 channel-group 1
!

Then consider the following, if feasible:

!
interface GigabitEthernet0/1/1
 channel-group 1
!
interface GigabitEthernet0/2/0 <=== (channel-gr 1 from Gi 1/0/0 to Gi 0/2/0)
 channel-group 1
!

Option 2: This crash is seen when there is user intervention that leads to physical interaction with the module/interface hardware, when traffic is actively flowing. Consider shutting the interfaces down before touching the hardware/interfaces.

CSCtc45384

Symptoms: IPv6 packets stop matching Class in the service policy when a shut/no shut of the interface is performed.

Conditions: This symptom is observed when a shut/no shut is performed on the interface.

Workaround: Remove and reapply the service policy.

CSCtc61836

Symptoms: MLPPP sequence numbers received by the remote end have missing sequences and/or interrupted multicast traffic with the MLPPP interface as the outgoing link.

Conditions: This symptom is observed under the following conditions:

The MLPPP interface is configured with multicast. - Physical errors exist in the line that trigger autoDNR.

Workaround:

Disable multicast on the MLPPP link.

Recovery:

Shut/unshut a member link.

Clear the mroute table using the clear up mroute vrf <vrf name> * command.

CSCtc79299

Symptoms: Sending IPv6 traffic with hop-by-hop headers causes the RP CPU utilization to spike up to 40 percent.

Conditions: This symptom is observed in IPv6 traffic with hop-by-hop headers.

Workaround: There is no workaround.

CSCtd18657

Symptoms: The following message appears:

%TFIB-7-SCANSABORTED: TFIB scan not completing. MAC string updated.

Conditions: This symptom is observed on a Cisco 12000 series router. The router has a great number of prefixes for which the output interface is an MPLS Traffic Engineering tunnel.

Workaround: There is no workaround.

CSCtd29170

Symptoms: A Cisco router may unexpectedly reload due to a bus error when removing a route map.

Conditions: The route map must have more than one sequence number, and under one of the route-map sequence numbers there must be a "match ipv6 address <acl>" entry in which the ACL does not exist.

Workaround: Remove the "match ipv6 address" statement from the route map before removing the route map itself.

CSCtd46318

Symptoms: Multiple tracebacks are seen on the standby route processor.

Conditions: This symptom is observed during router bootup.

Workaround: Reload the router again.

CSCtd46847

Symptoms: In an APS setup involving CHOC12 linecards, the APS switches over from the Working line to the Protect line for different reasons like LAIS, LOF/LOS, and SF and SD conditions.

Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(32)S11q. The issue is applicable only to CHOC12 linecards.

Workaround: There is no workaround.

Further Problem Description: The alarms that are responsible for APS switchover are spurious. The alarm counters on the SONET controller could be huge in successive show controller captures.

CSCtd54941

Symptoms: Increased PLIM resets on the CHOC12 Line cards might be seen on some nodes.

Conditions: This symptom is observed in a normal production environment when running images post 12.0(32)S9, 12.0(32)SY05, 12.0(33)S.

Workaround: There is no workaround

CSCtd62350

Symptoms: Exporting with the VRF aware feature is not working, except if we export to a device that is reachable via the global routing table.

ip flow-export version 9
ip flow-export destination 10.116.244.61 63636 vrf gestion ip flow- aggregation cache
protocol-port export destination 10.116.244.61 63636 vrf gestion

Sourced from global loopback interface, same

Sourced from same VRF interface where to export, same

Changed sample interval to minimum, same

The output looks fine. You can see the packets being sent from the Cisco 12000, and there are no IPC drops; however the sniffer is not showing anything.

Conditions: This symptom is observed on a Cisco 12000 that is using NetFlow with VRF support.

Workaround: Use the global routing table.

CSCtd75033

Symptoms: Cisco IOS Software is affected by NTP mode 7 denial-of-service vulnerability. Note: The fix for this vulnerability has a behavior change affect on Cisco IOS Operations for Mode 7 packets. See the section Further Problem Description of this release note enclosure.

Conditions: Cisco IOS Software with support for Network Time Protocol (NTP) contains a vulnerability processing specific NTP Control Mode 7 packets. This results in increased CPU on the device and increased traffic on the network segments.

This is the same as the vulnerability which is described in http://www.kb.cert.org/vuls/id/568372.

Cisco has release a public facing vulnerability alert at the following link:

http://tools.cisco.com/security/center/viewAlert.x?alertId=19540

Cisco IOS Software that has support for NTPv4 is NOT affected. NTPv4 was introduced into Cisco IOS Software: 12.4(15)XZ, 12.4(20)MR, 12.4(20)T, 12.4(20)YA, 12.4(22)GC1, 12.4(22)MD, 12.4(22)YB, 12.4(22)YD, 12.4(22)YE, and 15.0(1)M.

All other versions of Cisco IOS and Cisco IOS XE Software are affected.

To see if a device is configured with NTP, log into the device and issue the CLI command show running-config | include ntp. If the output returns either of the following commands listed then the device is vulnerable:

ntp master <any following commands>
ntp peer <any following commands>
ntp server <any following commands>
ntp broadcast client ntp multicast client

The following example identifies a Cisco device that is configured with NTP:

Router# show running-config | include ntp ntp peer 192.168.0.12 
 
   

The following example identifies a Cisco device that is not configured with NTP:

Router# show running-config | include ntp 
 
   

To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the show version command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to "Cisco Internetwork Operating System Software" or "Cisco IOS Software." The image name displays in parentheses, followed by "Version" and the Cisco IOS Software release name. Other Cisco devices do not have the show version command or may provide different output.

The following example identifies a Cisco product that is running Cisco IOS Software Release 12.3(26) with an installed image name of C2500-IS-L:

Router # show version 
 
   
Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-IS-L), 
Version 12.3(26), RELEASE SOFTWARE (fc2) Technical Support: 
http://www.cisco.com/techsupport Copyright ) 1986-2008 by cisco Systems, Inc.  
Compiled Mon 17-Mar-08 14:39 by abcde 
<output truncated>
 
   

The following example shows a product that is running Cisco IOS Software release 12.4(20)T with an image name of C1841-ADVENTERPRISEK9-M:

Router# show version 
 
   
Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(20)T, 
RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright ) 
1986-2008 by Cisco Systems, Inc. Compiled Thu 10-Jul-08 20:25 by prod_rel_team
<output truncated>
 
   

Additional information about Cisco IOS Software release naming conventions is available in "White Paper: Cisco IOS and NX-OS Software Reference Guide" at the following link:

http://www.cisco.com/web/about/security/intelligence/ios-ref.html

Workaround: There are no workarounds other than disabling NTP on the device. The following mitigations have been identified for this vulnerability; only packets destined for any configured IP address on the device can exploit this vulnerability. Transit traffic will not exploit this vulnerability.

Note: NTP peer authentication is not a workaround and is still a vulnerable configuration.

* NTP Access Group

Warning: Because the feature in this vulnerability utilizes UDP as a transport, it is possible to spoof the sender's IP address, which may defeat access control lists (ACLs) that permit communication to these ports from trusted IP addresses. Unicast Reverse Path Forwarding (Unicast RPF) should be considered to be used in conjunction to offer a better mitigation solution.

! Configure trusted peers for allowed access.

access-list 1 permit 171.70.173.55

! Apply ACE to the NTP configuration.

ntp access-group peer 1

For additional information on NTP access control groups, consult the document titled "Performing Basic System Management" at the following link:

http://www.cisco.com/en/US/docs/ios/netmgmt/configuration/guide/nm_basic_sys_manage.html#wp1034942

* Infrastructure Access Control Lists

Warning: Because the feature in this vulnerability utilizes UDP as a transport, it is possible to spoof the sender's IP address, which may defeat ACLs that permit communication to these ports from trusted IP addresses. Unicast RPF should be considered to be used in conjunction to offer a better mitigation solution.

Although it is often difficult to block traffic that transits a network, it is possible to identify traffic that should never be allowed to target infrastructure devices and block that traffic at the border of networks.

Infrastructure ACLs (iACLs) are a network security best practice and should be considered as a long-term addition to good network security as well as a workaround for this specific vulnerability. The iACL example below should be included as part of the deployed infrastructure access-list, which will help protect all devices with IP addresses in the infrastructure IP address range:

! Feature: Network Time Protocol (NTP)

access-list 150 permit udp TRUSTED_SOURCE_ADDRESSES WILDCARD INFRASTRUCTURE_ADDRESSES WILDCARD eq 123

Note: If the router is acting as a NTP broadcast client via the interface command "ntp broadcast client" then broadcast and directed broadcasts must be filtered as well. The following example covers an infrastructure address space of 192.168.0.X.

access-list 150 permit udp TRUSTED_SOURCE_ADDRESSES WILDCARD host 192.168.0.255 eq ntp access-list 150 permit udp TRUSTED_SOURCE_ADDRESSES WILDCARD host 255.255.255.255 eq ntp

Note: If the router is acting as a NTP multicast client via the interface command "ntp multicast client" then multicast IP packets to the multicast group must be filtered as well. The following example covers a NTP multicast group of 239.0.0.1 (default is 224.0.1.1).

access-list 150 permit udp TRUSTED_SOURCE_ADDRESSES WILDCARD host 239.0.0.1 eq ntp

! Deny NTP traffic from all other sources destined to infrastructure addresses.

access-list 150 deny udp any INFRASTRUCTURE_ADDRESSES WILDCARD eq 123

! Permit/deny all other Layer 3 and Layer 4 traffic in accordance with existing security policies and configurations. Permit all other traffic to transit the device.

access-list 150 permit ip any any

! Apply access-list to all interfaces (only one example shown).

interface fastEthernet 2/0 ip access-group 150 in

The white paper entitled "Protecting Your Core: Infrastructure Protection Access Control Lists" presents guidelines and recommended deployment techniques for infrastructure protection access lists and is available at the following link:

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a00801a1a55.
shtml

* Control Plane Policing

Provided under Control Plane Policing there are two examples. The first aims at preventing the injection of malicious traffic from untrusted sources, whilst the second looks at rate limiting NTP traffic to the box.

- Filtering untrusted sources to the device.

Warning: Because the feature in this vulnerability utilizes UDP as a transport, it is possible to spoof the sender's IP address, which may defeat ACLs that permit communication to these ports from trusted IP addresses. Unicast RPF should be considered to be used in conjunction to offer a better mitigation solution.

Control Plane Policing (CoPP) can be used to block untrusted UDP traffic to the device. Cisco IOS software releases 12.0S, 12.2SX, 12.2S, 12.3T, 12.4, and 12.4T support the CoPP feature. CoPP can be configured on a device to help protect the management and control planes and minimize the risk and effectiveness of direct infrastructure attacks by explicitly permitting only authorized traffic that is sent to infrastructure devices in accordance with existing security policies and configurations. The CoPP example below should be included as part of the deployed CoPP, which will help protect all devices with IP addresses in the infrastructure IP address range.

! Feature: Network Time Protocol (NTP).

access-list 150 deny udp TRUSTED_SOURCE_ADDRESSES WILDCARD any eq 123

! Deny NTP traffic from all other sources destined to the device control plane.

access-list 150 permit udp any any eq 123

! Permit (Police or Drop)/Deny (Allow) all other Layer3 and Layer4 traffic in accordance with existing security policies and configurations for traffic that is authorized to be sent to infrastructure devices. Create a Class-Map for traffic to be policed by the CoPP feature.

class-map match-all drop-udp-class match access-group 150

! Create a Policy-Map that will be applied to the Control-Plane of the device.

policy-map drop-udp-traffic class drop-udp-class drop

! Apply the Policy-Map to the Control-Plane of the device.

control-plane service-policy input drop-udp-traffic

In the above CoPP example, the access control list entries (ACEs) that match the potential exploit packets with the "permit" action result in these packets being discarded by the policy-map "drop" function, while packets that match the "deny" action (not shown) are not affected by the policy-map drop function.

- Rate Limiting the traffic to the device The CoPP example below could be included as part of the deployed CoPP, which will help protect targeted devices from processing large amounts of NTP traffic.

Warning: If the rate-limits are exceeded valid NTP traffic may also be dropped.

! Feature: Network Time Protocol (NTP).

access-list 150 permit udp any any eq 123

! Create a Class-Map for traffic to be policed by the CoPP feature.

class-map match-all rate-udp-class match access-group 150

! Create a Policy-Map that will be applied to the Control-Plane of the device. NOTE: See section "4. Tuning the CoPP Policy" of http://www.cisco.com/web/about/security/intelligence/coppwp_gs.html#5 for more information on choosing the most appropriate traffic rates.

policy-map rate-udp-traffic class rate-udp-class police 10000 1500 1500 conform-action transmit exceed-action drop violate-action drop

! Apply the Policy-Map to the Control-Plane of the device.

control-plane service-policy input drop-udp-traffic

Additional information on the configuration and use of the CoPP feature can be found in the documents, "Control Plane Policing Implementation Best Practices" and "Cisco IOS Software Releases 12.2 S - Control Plane Policing" at the following links:

http://www.cisco.com/web/about/security/intelligence/coppwp_gs.html

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtrtlimt.html

Further Problem Description: Cisco IOS Software releases that have the fix for this Cisco bug ID, have a behavior change for mode 7 private mode packets.

Cisco IOS Software release with the fix for this Cisco bug ID, will not process NTP mode 7 packets, and will display a message "NTP: Receive: dropping message: Received NTP private mode packet. 7" if debugs for NTP are enabled.

To have Cisco IOS Software process mode 7 packets, the CLI command ntp allow mode private should be configured. This is disabled by default.

CSCtd90953

Symptoms: A ping delay is observed on E5 interfaces.

Conditions: This symptom is observed after a CSC switchover is performed.

Workaround: Reload the linecard.

CSCtd93825

Symptoms: When the E4+ linecard is inserted into a blank slot of a Cisco 12000 series router, the MAC addresses of that linecard becomes 0000.0000.0000.

Conditions: This symptom does not occur if the system boots with the linecard; this symptom occurs only when the E4+ linecard is inserted into a blank slot after booting is complete.

Workaround: Reload the system.

CSCte45025

Symptoms: The main Gigabit interface flaps.

Conditions: This symptom occurs when a Gigabit subinterface with an IPv6 address is deleted.

Workaround: There is no workaround.

CSCte83282

Symptoms: Submillisecond drops of ATM cells going over AToM pseudo-wire MPLS are observed.

Conditions: This symptom occurs whenever the TE tunnel used by the pseudo-wire is reoptimized.

Workaround: If possible, avoid the trigger for reoptimization (such as auto-bw or loose path).

CSCte83622

Symptoms: High CPU utilization is seen on Cisco IOS Release 12.0(33)S5 code due to "RIP Send" and "BGP Scanner."

Conditions: RIP in Cisco IOS Release 12.0(33)S does not have a separate database about the routes. When RIP has to send update packets, it will scan the whole routing table, validate each prefix and create the update packets and send out. Above event will have to happen every 15 seconds as per the timers configuration.

With a network where there are 150,000 routes learned by BGP, it is quite possible the routing table scan during update generation can be CPU intensive.

We will see the problem of continuous rip updates and high CPU until an RIP Send process.

Please note that a Supernet prefix needs to be installed in the RIB, and RIP has to include them in its updates. If it is originated by static or other routing protocols, we will see the symptom if they are redistributed into RIP.

Workaround: Filter the supernet redistribution. See the following example:

access-list 20 deny X.X.X.X 0.0.3.255 >>> Need to add all the prefixes to this ACL.
access-list 20 permit any
!
route-map supernet
match ip address 20
!
router rip
address-family ipv4 vrf <vrf>
redistribute <protocol> route-map supernet metric <metric>

CSCtf05860

Symptoms: A connected route in VRF does not show up in the BGP VRF table, even though the redistribute connected is present.

There were no specific events before the issue. The customer configured a new subinterface, put it in the VRF, and configured a prefix on it. They discovered that it was not present in the BGP VRF table.

Note that when the show ip bgp vpnv4 RD x:x <prefix> <mask> command is entered, that prefix shows up as imported in a VRF that has nothing to do with the original one, not even importing its route-targets.

Conditions: This symptom is observed on a Cisco 12000 series router. VRF configuration/reconfiguration was done.

Workaround: Perform a standby switchover.

CSCtf08444

Symptoms: A Cisco 12010/PRP-2 that is running Cisco IOS Release 12.0(33)S3/S4 linecards crashes.

Conditions: This symptom is observed after "ip flow monitor" is applied to the interface.

Workaround: There is no workaround.

CSCtf14397

Symptoms: When "bgp send-label" is used along with LDP along the path, the label information for a prefix learned via iBGP multipath is not updated in the FIB and LFIB table after the route flaps. This symptom happens intermittently.

Conditions: This symptom is observed when "bgp send-label" is used along with LDP along the path.

Workaround: Enter the clear ip route x.x.x.x command for the prefix in question.

CSCtf65144

Symptoms: The local LDP binding is not updated with the imp-null label for a summary route after the summary address is added in OSPF.

Conditions: This symptom occurs when the summary prefix is already learned from an OSPF neighbor, and the local label for the summary prefix is assigned.

Workaround: Enter the clear ip route <summary-prefix> command.

CSCtg52659

Symptoms: An active RP crashes in the APS - PGP Message HA Sync to Standby event.

Conditions:

1. The standby RP does not respond to IPC communication during its reload.

2. APS is configured.

3. RPR+ or SSO mode is configured.

Workaround: It is a rare timing issue in the base code. To reduce the probability of occurrence, one can increase the APS PGP hello/hold timers before a scheduled standby RP reload.

Resolved Caveats—Cisco IOS Release 12.0(33)S6

All the caveats listed in this section are resolved in Cisco IOS Release 12.0(33)S6. This section describes only severity 1, severity 2, and select severity 3 caveats.

CSCeb53438

Symptoms: When you manually set the value of the ring-limit argument in the tx-ring-limit ring- limit interface configuration command, the value is lost when you reload the router, even though the value is properly saved in the running configuration and in the startup configuration.

Conditions: This symptom is observed only when you manually set the value of the ring-limit argument for an 8-port multichannel T1/E1 PRI port adapter (PA-MC-8TE1+) and you reload the router.

Workaround: There is no workaround.

CSCef02332

Symptoms: A Cisco 7200 series with high-speed serial interfaces such as HSSI interfaces or PA-2T3+ interfaces may reload unexpectedly.

Conditions: This symptom is observed after you have performed an OIR of the HSSI or PA-2T3+ port adapter while traffic was being processed.

Workaround: Stop the traffic while you perform the OIR or shut down the port adapter before you perform the OIR.

CSCej00344

Symptoms: A router may reload unexpectedly when opening a terminal session.

Conditions: This can be seen on any platform. It can be seen when starting any terminal session from the router, including a mistyped command which the router by default will try to resolve as an address to telnet to.

Workaround: There is no workaround.

CSCin11687

Symptoms: When primary and backup Non-Facility Associated Signaling (NFAS) controllers are configured on a PA-MCX port adapter, upon shutting down the primary controller, Layer 1 of both the backup and primary controllers becomes deactivated. The backup D channel does not take over.

Conditions: This symptom is observed on a Cisco 7200 series router that is running Cisco IOS Release 12.2(10.5)T.

Workaround: Enter the no shutdown interface configuration command, followed by the shutdown interface configuration command, followed again by the no shutdown interface configuration command on the serial interface of the primary controller.

Alternate Workaround: Configure primary and backup NFAS members on a PA-VXC port adapter and do not configure NFAS members on the PA-MCX port adapter.

CSCsa58277

Symptoms: All packets toward a specific adjacency get black-holed. The output of show controllers rewrites command on the output E4 linecard indicates that a bad destination MAC is being used for the rewrite.

For example:

LC-Slot1# show controllers rewrites | b 192.168.2.1 
Port-channel2 192.168.2.1 0x0E0307CC GigabitEthernet1/2/1 00E0812B28E5000E393CF5010800 
------------ incorrect
 
   

Conditions: This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(30)S and that is connected via a link-bundling interface (E4 LC) through a switch to numerous BGP peers, after one of the peers went down because of a long maintenance window.

Workaround: Clearing the adjacencies does not help; the only workaround possible is to remove link-bundling.

CSCsd95545

Symptoms: Long unconfiguration times are seen for very large QoS configurations (in excess of 40,000 policy maps).

Conditions: This symptom is observed in Cisco IOS Releases 12.2SB and 12.4T.

Workaround: There is no workaround.

CSCsi61988

Symptoms: On a Cisco 12000 series router that is running Cisco IOS Release 12.0(31)S6, a Malloc failure is seen on "L3 Engine: 6 - Backbone 2P OC192/ 8P OC48 (20 Gbps)":

SLOT 10:Mar 29 12:41:01: %SYS-2-MALLOCFAIL: Memory allocation of 65556 bytes failed from 0x400DD7C8, alignment 32 Pool: Processor Free: 152456 Cause: Memory fragmentation Alternate Pool: None Free: 0 Cause: No Alternate pool

Conditions: Multicast should be enabled because the memory leak happens from "MDFS LC Process."

Workaround: Reload the linecard.

CSCsk35688

Symptoms: Aggregate routes are not processed if all aggregated child routes are deleted prematurely.

Conditions: The symptom is observed when all aggregated child routes are marked for deletion and the periodic function which processes the routes to be deleted deletes the route before the aggregate processing function gets a chance to process them and the aggregate route to which they belong.

Workaround: Configuring "bgp aggregate-timer" to 0 or the lowest value would considerably reduce the chances of hitting this problem. In case this problem does occur, in order to delete the stale aggregate route, configure a temporary local BGP route (say, redistribute a static route or network a loopback) with its address being a subnet of the stale aggregate address and then remove the aggregate address and the added route. This should delete the route from table and send withdraws to the other routes also.

Further Problem Description: The periodic function is by default called at 60-second intervals. The aggregate processing is normally done based on the CPU load. If there is no CPU load, then the aggregate processing function would be triggered within one second. As the CPU load increases, this function call will be triggered at higher intervals and if the CPU load is very high it could go as high as the maximum aggregate timer value configured via command. By default this maximum value is 30 seconds and is configurable with a range of 6 to 60 seconds and in some trains 0. So, if default values are configured, then as the CPU load increases, the chances of hitting this defect is higher.

CSCsq73479

Symptoms: A Cisco 7200 series router that is loaded with Cisco IOS Release 12.0(33)S1 crashes while sending traffic through a PA-POS-1OC3 interface.

Conditions: A traffic-shaping service policy is attached to the PA-POS-1OC3 interface.

Workaround: There is no workaround.

CSCsr24425

Symptoms: There were two symptoms reported for this problem:

1. Continuous increment in the mdfs reload count for some linecards.

2. Clearing of all entries in the global multicast routing table.

This leads to the loss of PIM neighborship with some peer routers.

Conditions: This problem is seen when the number of swidb or hwidb interfaces is at least 1638 in number, and the traffic is active.

Workaround: Configure additional interfaces, like a loopback interface, to resolve the reported issue. But there could still be wrong statistic updates and wrong show interface output.

CSCsr97753

Symptoms: Pinging an interface fails.

Conditions: Occurs when unconfiguring xconnect on the interface.

Workaround: Perform a shut/no shut on the interface.

CSCsu06930

Symptoms: A traceback and an error message are observed while provisioning/unprovisioning MFR on a CT3 SPA.

Conditions: A script is used that performs a sequence of events. MFR is configured for mVRF.

Workaround: There is no workaround.

CSCsu24425

Symptoms: Standby RP can crash upon boot up.

Conditions: The symptom is observed under the following conditions:

1. "clock timezone . . ." is configured.

2. config-register = 0x2142.

3. The router is running Cisco IOS Release 12.0S based code.

Workaround: Use config-register 0x2102 and unconfigure the clock timezone.

CSCsu45758

Symptoms: On a Cisco 12000 series router with a dual-RP chassis, the following error message might be raised.

Aug 26 04:57:06.885: %REDUNDANCY-3-CONFIG_SYNC: Active and Standby lbl configuration out of sync

Conditions: This symptom is observed when trying to modify the ip multicast vrf route-limit commands.

Router(config)# ip multicast vrf 13979:6253 route-limit 25 
Router(config)# end 
Aug 26 04:57:06.885: %REDUNDANCY-3-CONFIG_SYNC: Active and Standby lbl configuration 
out of sync
 
   

Workaround: There is no workaround.

CSCsu96698

Symptoms: More specific routes are advertised and withdrawn later even if config aggregate-address net mask summary-only is configured. The BGP table shows the specific prefixes as suppressed with s>.

Conditions: This symptom occurs only with very large configurations.

Workaround: Configure a distribute-list in the BGP process that denies all of the aggregation child routes.

CSCsv15835

Symptoms: Traffic running, cell-packing of 5 or more cells, and changing shaping to CBR/VBR-RT on an Engine 3 ATM L2 interface cause the port to exhaust its buffers and all ingress traffic to be dropped.

Conditions: This symptom is observed on a Cisco 12000 router.

Workaround: There is no workaround (you must reload the linecard).

CSCsv89643

Symptoms: If Ethernet interface configured as Open Shortest Path First (OSPF) point-to-point network then adjacency is being established using only multicast packets. As a result routes calculated over the link do not have MAC address of next-hop's IP resolved prior to routes being installed into the routing table. This leads to delay for routes to become usable as lower-level protocols have to trigger MAC resolution. During short period of time traffic sent over the interface is lost when routes are just installed for the first time.

Conditions: Occurs when Ethernet interface is configured for OSPF point-to-point.

Workaround: Problem will self-correct because passing traffic triggers MAC address resolution.

CSCsw50410

Symptoms: The following traceback is seen on the console, and all the channelized serial links on the E3 LC flap.

SLOT 5:1d00h: %EE48-3-INVALID_CFG_DATA: Channel 4: Invalid configuration data. Channel type= 5 -Traceback= 40030F00 40417F44 40418208 40418444 404184B4 40418588 SLOT 5:1d00h: %EE48-3-INVALID_CFG_DATA: Channel 5: Invalid configuration data. Channel type= 5 -Traceback= 40030F00 40417F44 40418208 40418444 404184B4 40418588

Conditions: This symptom occurs with all the serial links configured on a Channelized OC48-DS3/Engine 3 card. Serial interfaces flap, bringing down BGP/OSPF for no apparent reason. No configs were done.

Workaround: There is no workaround.

CSCsw82176

Symptoms: A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(32)SY7 crashes by Unexpected exception to CPUvector 300.

Conditions: This crash occurs after deleting a couple of subinterfaces that belong to different VRFs. There are many different VRFs and different subinterfaces configured on the router that runs Cisco IOS Release 12.0(32) SY7.

Workaround: Make sure to always shut down the subinterfaces before deleting them.

CSCsw98681

Symptoms: Given the following topology:

CE1<-->PE1 <---->P<---->PE2<------>CE2

Xconnect is configured on the serial link, and after the following steps are performed, a ping fails for the xconnect interface.

1) Configure xconnect with HDLC encapsulation.

2) Remove the encapsulation and add PPP encapsulation.

Conditions: All interfaces should be up and running.

Workaround: Remove and add the xconnect configuration.

CSCsx03504

Symptoms: A router CPU stays high (98 to 99 percent) for more than 6 minutes after oif-per-mvrf-limit is set to 2000 lower than the actual total number of OIFs (14000), and all mroute states are re-formed.

Conditions: When oif-per-mvrf-limit is set to a certain number lower than the total number of OIFs in the MVRF.

Workaround: There is no workaround.

CSCsx06756

Symptoms: Linecards crash.

Conditions: This symptom occurs when a shut/no shut is performed on the SFC card.

Workaround: There is no workaround.

CSCsx20177

Symptoms: "no int loopback" with "advertise passive-only" causes a stuck prefix.

Conditions: This symptom is observed on a Cisco 7600 series router that is using an RSP720 with Cisco IOS Release 12.2(33)SRD.

Workaround:

Do not use "advertise passive-only". Unconfiguring and reconfiguring this command clears the stuck prefix.

Or with "advertise passive-only":

First remove "passive-interface loopback" from router isis.

Then remove the interface via "no int loopback".

CSCsx32958

Symptoms: VRF traffic incorrectly routed using default route in global routing table.

Conditions: This problem may occur if a BGP update is received from different route reflectors at different times.

Workaround: There is no workaround.

CSCsx34297

Symptoms: Watchdog reset seen with combination of NPEG1+PA-POS-1OC3/PA-POS-2OC3.

Conditions: The symptom is observed on a Cisco 7200 series router and on a Cisco 7301 router with an NPEG1 processor.

Workaround: Change the MDL of operation to PULL using the dma enable pull model command.

CSCsx52525

Symptoms: Given a topology as follows:

TGN2<---->CE1<--->PE1<---->P<--->PE2<--->CE2<---->TGN2

FRoMPLS is configured; PE1 has a dual RP with redundancy mode set to RPR- PLUS. After an RPR + switchover, a few interfaces stop forwarding traffic.

Conditions: All interfaces should be up and running.

Workaround: There is no workaround.

CSCsx75004

Symptoms: In a Carriers Carrier, the CSC-PE router advertises wrong out-label. This causes the end-to-end LSP to be broken in the CSC network, and all traffic is dropped.

This problem is observed by enabling the show ip bgp label command on CSC-CE. See "Out Label" of the route is "imp-null".

Conditions: This condition is observed in routers that are running Cisco IOS Release 12.0(32)SY6.

Workaround: Configure neighbor {ip-address | peer- group-name} next-hop-self on CSC-PE.

CSCsx78370

Symptoms: Traffic falling into a class where WRED is configured is tail- dropped for no reason. Only PXF traffic is affected; process-switched traffic is not affected (a ping with IP options works).

Conditions: This symptom is observed on a Cisco 10720. It occurs only with Gigabit Ethernet interfaces.

Workaround: Remove the WRED configuration from the policy map.

CSCsx93485

Symptoms: While redistributing OSPFv3 into BGP, the redistributed route flaps when the OSPFv3 topology changes.

Conditions: This symptom is observed when the cost of the redistributed route becomes better.

Workaround: There is no workaround.

Further Problem Description: As seen from the BGP debugs, RIB sends a DEL and ADD instead of a MODIFY.

CSCsx94290

Symptoms:

1) In case of a config where police rate is not taking effect on priority command, as we saw it go through default queue. This occurs in a QoS policy with a priority queue where the "police" statement occurs before the priority statement in the policy. Additionally, this occurs only upon the initial configuration of the policy-map. Editing the policy-map will correct the issue.

2) In case of a config where class is configured as only strict priority (no police) and then modified, packets go through non-default and non-priority queue.

Conditions: The initial configuration of policy-map was modified.

Workaround: Detach and re-attach the policy-map.

CSCsx96402

Symptoms: The LC (E3/E5) crashes upon executing certain show controller... commands 3 to 4 times.

Conditions: The symptom is observed with scale configurations on MLPPP, MFR, serial interfaces with features like VRF, VPN, basic QOS, ACL, and NetFlow.

Workaround: There is no workaround.

CSCsx96600

Symptoms: Policy counters are not updated on the egress of the E5 linecard.

Conditions: This symptom is observed with IPv6 traffic using a Cisco IOS Release 12.0(33)S image. This symptom is not observed with IPv4 traffic.

Workaround: There is no workaround.

CSCsx97992

Symptoms: An ATM VPWS is configured with an input service policy. While still attached, the service policy (child and parent) is modified. Exiting (Ctrl z) that configuration level results in a crash and a switchover.

Conditions: This symptom is observed under the following conditions:

You must use SSH (not Telnet) connecting to the router to make the configuration.

You must attach the input policy to the VC while making the policy-map change.

Workaround: There is no workaround.

CSCsy22281

Symptoms: Traffic is dropped on an ATM-Redundancy (SR-APS configured) ingress interface.

Conditions: This symptom is observed after an RPR+ switchover is performed.

Workaround: Reload both linecards that are involved in ATM redundancy.

CSCsy42615

Symptoms: Entries for ABRs and ASBRs are missing from the OSPF route table. This results in inter-area and external routes being omitted from the Routing Information Base (RIB).

Conditions: The bug will only be seen when MPLS-TE tunnels are being used. Also, specifying non-default SPF timer values with timers throttle spf will increase the risk of hitting this bug.

Workaround: There is no workaround.

CSCsy45838

Symptoms: The show ip ospf border-router command may cause a router to crash.

Conditions: Occurs if the border table is recalculated in a significant way while the output is being printed on the console. The risk of a crash is reduced if you avoid using the auto-more feature and allow the entire output to display at once.

Workaround: There is no workaround.

CSCsy60668

Symptoms: On a router in which MPLS Traffic Engineering (TE) is configured, toggling the router-id in the router configuration can cause the router to reload. For example, configuring "router ospf 100 mpls traffic-eng router-id loopback 0" quickly followed by "mpls traffic-eng router-id loopback 1" may trigger this symptom.

Conditions: It is necessary that "mpls traffic-eng tunnel automesh" is running in the OSPF area of the router, although automesh need not be configured on the affected router.

Workaround: There is no workaround.

CSCsy74390

Symptoms: ISIS adjacency is not established with an E4 SRP linecard.

Conditions: This symptom is observed when ISIS is configured between SRP interfaces with at least one end having an E4 SRP linecard.

Workaround: There is no workaround.

CSCsy82104

Symptoms: I/O memory leaks after several days. The output of the E1 serial interface may be blocked as well.

Conditions: The symptoms are observed on a Cisco 7200 series router that is running Cisco IOS Release 12.0(33)S and when an E1 interface serial flaps. The QoS outgoing service-policy needs to be provisioned on this serial interface.

Workaround: Remove the outgoing QoS service-policy from the flapped/blocked serial interface.

CSCsy92142

Symptoms: The serial interface on a channelized OC48 linecard stays in the UP/DOWN state after encountering Layer 1 alarms (PRID or PAIS). The interface continues to be in the UP/DOWN state even after the Layer 1 alarms are cleared.

The interface is configured for PPP encapsulation, and path level delay triggers are enabled on this interface. The link shows UP, but the PPP negotiation will be stuck in Echo Request Sent.

Conditions: This symptom is observed with a 12.0(32)S11o-based image for channelized DS3 Engine 3 linecards with alarm delay triggers configured. The problem will be seen only with momentary path level alarms.

Workaround:

1. Perform a shut/no shut on the serial interface that is in the UP/DOWN state. However, this needs manual intervention every time.

2. Remove the alarm-delay triggers path 2500 command from the serial interface configuration. However, the side effect of this would cause the serial interface to flap.

CSCsy94776

Symptoms: A Cisco 12000 series Internet router may have missing lfib entries on linecards.

Conditions: This symptom is observed in Cisco IOS Release 12.0(32)s11o.

Workaround: Reload the linecard.

CSCsy96287

Symptoms: A customer experienced a single T1 flapping on controller 0/3/0. It would take between 2,500 and 3,000 path code violations and then drop and come back. It would do this about once every 15 minutes. Problems with our phones losing connectivity to a central call manager when a WAN circuit experiences a problem.

We use Multilink PPP to bundle three T1s for a 4.5-Mb circuit. If any one of the three T1s experiences even a minor issue, phones are resetting. However, we never lose Layer 3 connectivity. The edge router maintains its BGP peering across the Multilink PPP bundle, and none of our management applications ever sees a loss in connectivity.

We recently switched over to Multilink PPP from Multilink Frame due to a requirement by our MPLS provider. We did not have an issue using Multilink Frame; hence, we believe it is an issue with our configuration for Multilink PPP.

Conditions: This issue was first noticed in a 32S6r image, and some nodes running 32s11 showed similar symptoms.

Workaround: Perform a shut/no shut on the serial interface on the Cisco 12000 series side.

Further Problem Description: The root cause of this issue is that the customer was getting exposed to an inherent limitation of a timer that was being used in the T1/E1 line-state processing routine at the PLIM level. The malfunctioning of the timer would result in the PLIM not sending a line-state update message to the linecard and the route processor when a link flapped, and therefore the route processor would not bring the link down even when an alarm was present on the line. This would cause blackholing of traffic for some time until the L2 times out and the protocol comes down.

CSCsz11893

Symptoms: Some packet loss is observed when traffic is fragmented on a Cisco 12000 series linecard. The issue has been reported using ping packets with a packet size larger than the egress interface MTU size.

Conditions: This symptom is observed on:

Packets received by the Cisco 12000 series that would require fragmentation on the egress linecard.

E5 linecards.

Workaround: Change the MTU size to prevent fragmentation from happening on the linecard.

CSCsz12423

Symptoms: IP-to-MPLS packets that need to be fragmented might be dropped.

Conditions: This symptom is observed when an E4+ line card is used as ingress and an E4+, E5, or E3 line card is used as egress.

Workaround: There is no workaround.

CSCsz18371

Symptoms: A ping fails for bridging, and spurious access is seen upon reload.

Conditions: This symptom is observed when bridging is configured with HDLC encapsulation on a Cisco 7200 router.

Workaround: There is no workaround.

CSCsz19255

Symptoms: Tag rewrites are missing on linecards for one of the load-shareable interfaces.

Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(32)S11o.

Workaround: Shut/no-shut the interface.

CSCsz28121

Symptoms: A router crashes when NetFlow export configurations are applied and removed.

Conditions: This symptom is observed only when NetFlow export version 9 configurations are toggled.

Workaround: Use NetFlow export version 5 to export the flows.

CSCsz33193

Symptoms: For some VCs, traffic is not flowing through the SR-APS interface.

Conditions: This symptom is observed after a linecard reload and router reload.

Workaround: Perform a shut/no shut of the SR-APS interface.

CSCsz33704

Symptoms: In an FB APS setup, if the protect link has errors and hence signal failure, the APS switches to it when the work link also gets an error.

Conditions: This symptom is observed with a 12.0(32)s11o-based image.

Workaround: There is no workaround.

CSCsz43391

Symptoms: Traffic stops flowing.

Conditions: This symptom is observed after the following procedure is performed:

1) First try ETH (vlan) to FR over MPLS (traffic is fine).

2) Change the dot1q interface to a QINQ interface on both the PE and the CE.

3) Then change back to dot1q on both the PE and the CE (traffic fails).

Workaround: Reload the linecard.

CSCsz45567

A device running Cisco IOS Software, Cisco IOS XE Software, or Cisco IOS XR Software is vulnerable to a remote denial of service condition if it is configured for Multiprotocol Label Switching (MPLS) and has support for Label Distribution Protocol (LDP).

A crafted LDP UDP packet can cause an affected device running Cisco IOS Software or Cisco IOS XE Software to reload. On devices running affected versions of Cisco IOS XR Software, such packets can cause the device to restart the mpls_ldp process.

A system is vulnerable if configured with either LDP or Tag Distribution Protocol (TDP).

Cisco has released free software updates that address this vulnerability.

Workarounds that mitigate this vulnerability are available.

This advisory is posted at:

http://www.cisco.com/warp/public/707/cisco-sa-20100324-ldp.shtml

CSCsz46285

Symptoms: MVPN traffic is punted to the line-card CPU.

Conditions: This symptom is observed on the decap side of data mdt traffic.

Workaround: There is no workaround.

CSCsz58546

Symptoms: In APS, in Choc48 LC, APS switching from protect to work is not happening when SF is present on a protect link and SD is present on a work link.

Conditions: All interfaces should be up and running.

Workaround: There is no workaround.

CSCsz70552

Symptoms: On the "P" router with four POS links, where two links are working as the primary and two links are working for redundancy; after a telco issue, both POS links go down due to transmission problems. The trigger for this issue is both links going down.

The P router sets LIB local binding changes to implicit null for several prefixes. After that, the PE routers have connectivity issues in some VRFs and do not go through a backup path using POS interface.

Looking into the PE routers that are connected to this P router, the following deviation was observed in their LFIB tables:

Router_PE# sh mpls for 10.38.193.192 de 
 
   
Local Outgoing Prefix Bytes tag Outgoing Next Hop tag tag or VC or Tunnel Id switched 
interface 37 Pop tag 10.38.193.192/32 0 Gi3/0 10.125.93.222 MAC/Encaps=30/30, 
MRU=1530, Tag Stack{} 0000000000000000000000010100000000055FFF99FE000197D0ED808847 No 
output feature configured
 
   
Router_PE# sh ip cef 10.38.193.192 de 
 
   
10.38.193.192/32, version 72378, epoch 0, cached adjacency 10.125.93.222 0 packets, 0 
bytes tag information set, shared, all rewrites owned local tag: 37 via 10.125.93.222, 
GigabitEthernet3/0, 3 dependencies next hop 10.125.93.222, GigabitEthernet3/0 valid 
cached adjacency tag rewrite with Gi3/0, 10.125.93.222, tags imposed {}
 
   

It looks as though the P router sends a pop to the PE routers.

Conditions: This symptom is observed under the following conditions:

The P router has two links to the primary path and two links to the backup path.

PPP encapsulation is used.

Workaround:

Change from PPP to HDLC encapsulation on the POS links.

Enter the "clear ip route <prefix>" command.

Or

Enter the "clear ip route *" command.

CSCsz71787

Symptoms: A router crashes when it is configured with DLSw.

Conditions: A vulnerability exists in Cisco IOS software when processing UDP and IP protocol 91 packets. This vulnerability does not affect TCP packet processing. A successful exploitation may result in a reload of the system, leading to a denial of service (DoS) condition.

Cisco IOS devices that are configured for DLSw with the <cmd>dlsw local- peer</cmd> automatically listen for IP protocol 91 packets. A Cisco IOS device that is configured for DLSw with the <cmd>dlsw local-peer peer-id <IP- address></cmd> command listen for IP protocol 91 packets and UDP port 2067.

Cisco IOS devices listen to IP protocol 91 packets when DLSw is configured. However, it is only used if DLSw is configured for Fast Sequenced Transport (FST). A DLSw FST peer configuration will contain the following line:

<cmd>dlsw remote-peer 0 fst <ip-address></cmd>

It is possible to disable UDP processing in DLSw with the dlsw udp-disable command. However, disabling UDP only prevents the sending of UDP packets; it does not prevent the device from receiving and processing incoming UDP packets.

Workaround: The workaround consists of filtering UDP packets to port 2067 and IP protocol 91 packets. Filters can be applied at network boundaries to filter all IP protocol 91 packets and UDP packets to port 2067, or filters can be applied on individual affected devices to permit such traffic only from trusted peer IP addresses. However, since both of the protocols are connectionless, it is possible for an attacker to spoof malformed packets from legitimate peer IP addresses.

As soon as DLSw is configured, the Cisco IOS device begins listening on IP protocol 91. However, this protocol is used only if DLSw is configured for Fast Sequenced Transport (FST). A DLSw FST peer configuration will contain the following line:

<cmd>dlsw remote-peer 0 fst <ip-address></cmd>

If FST is used, filtering IP protocol 91 will break the operation, so filters need to permit protocol 91 traffic from legitimate peer IP addresses.

It is possible to disable UDP processing in DLSw with the dlsw udp-disable command. However, disabling UDP only prevents the sending of UDP packets; it does not prevent the receiving and processing of incoming UDP packets. To protect a vulnerable device from malicious packets via UDP port 2067, both of the following actions must be taken:

1. Disable UDP outgoing packets with the dlsw udp-disable command. And

2. Filter UDP 2067 in the vulnerable device using infrastructure ACL.

* Using Control Plane Policing on Affected Devices

Control Plane Policing (CoPP) can be used to block untrusted DLSw traffic to the device. Cisco IOS software releases 12.0S, 12.2SX, 12.2S, 12.3T, 12.4, and 12.4T support the CoPP feature. CoPP may be configured on a device to protect the management and control planes to minimize the risk and effectiveness of direct infrastructure attacks by explicitly permitting only authorized traffic sent to infrastructure devices in accordance with existing security policies and configurations. The following example, which uses 192.168.100.1 to represent a trusted host, can be adapted to your network. If FST is not used, protocol 91 may be completely filtered. Additionally, if UDP is disabled with the dlsw udp-disable command, UDP port 2067 may also be completely filtered.

!--- Deny DLSw traffic from trusted hosts to all IP addresses
!--- configured on all interfaces of the affected device so that
!--- it will be allowed by the CoPP feature.

access-list 111 deny udp host 192.168.100.1 any eq 2067
access-list 111 deny 91 host 192.168.100.1 any

!--- Permit all other DLSw traffic sent to all IP addresses
!--- configured on all interfaces of the affected device so that it
!--- will be policed and dropped by the CoPP feature.

access-list 111 permit udp any any eq 2067
access-list 111 permit 91 any any

!--- Permit (Police or Drop)/Deny (Allow) all other Layer 3 and Layer 4
!--- traffic in accordance with existing security policies and
!--- configurations for traffic that is authorized to be sent
!--- to infrastructure devices.
!--- Create a Class-Map for traffic to be policed by
!--- the CoPP feature.

class-map match-all drop-DLSw-class
 match access-group 111

!--- Create a Policy-Map that will be applied to the
!--- Control-Plane of the device.

policy-map drop-DLSw-traffic
 class drop-DLSw-class
  drop

!--- Apply the Policy-Map to the Control-Plane of the
!--- device.

control-plane
 service-policy input drop-DLSw-traffic

In the above CoPP example, the access control entries (ACEs) that match the potential exploit packets with the "permit" action result in these packets being discarded by the policy-map "drop" function, while packets that match the "deny" action (not shown) are not affected by the policy-map drop function. Please note that in the Cisco IOS 12.2S and 12.0S trains, the policy-map syntax is different:

policy-map drop-DLSw-traffic
 class drop-DLSw-class
  police 32000 1500 1500 conform-action drop exceed-action drop

Additional information on the configuration and use of the CoPP feature is available at:

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6642/prod_white_paper
0900aecd804fa16a.html

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtrtlimt.html

* Using Infrastructure ACLs at Network Boundary

Although it is often difficult to block traffic transiting your network, it is possible to identify traffic that should never be allowed to target your infrastructure devices and block that traffic at the border of your network. iACLs are a network security best practice and should be considered as a long-term addition to good network security as well as a workaround for this specific vulnerability. The iACL example shown below should be included as part of the deployed infrastructure access-list that will protect all devices with IP addresses in the infrastructure IP address range. If FST is not used, protocol 91 may be completely filtered. Additionally, if UDP is disabled with the dlsw udp-disable command, UDP port 2067 may also be completely filtered.

!--- Permit DLSw (UDP port 2067 and IP protocol 91) packets
!--- from trusted hosts destined to infrastructure addresses.

access-list 150 permit udp TRUSTED_HOSTS MASK INFRASTRUCTURE_ADDRESSES MASK eq 2067
access-list 150 permit 91 TRUSTED_HOSTS MASK INFRASTRUCTURE_ADDRESSES MASK

!--- Deny DLSw (UDP port 2067 and IP protocol 91) packets from
!--- all other sources destined to infrastructure addresses.

access-list 150 deny udp any INFRASTRUCTURE_ADDRESSES MASK eq 2067
access-list 150 deny 91 any INFRASTRUCTURE_ADDRESSES MASK

!--- Permit/deny all other Layer 3 and Layer 4 traffic in accordance
!--- with existing security policies and configurations.
!--- Permit all other traffic to transit the device.

access-list 150 permit ip any any

interface serial 2/0
 ip access-group 150 in

The white paper entitled "Protecting Your Core: Infrastructure Protection Access Control Lists" presents guidelines and recommended deployment techniques for infrastructure protection access lists. This white paper can be obtained at the following link:

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper
09186a00801a1a55.shtml

Further Problem Description: This vulnerability occurs on multiple events to be exploited. It is medium complexity in order to exploit and has never been seen in customers environment.

CSCsz72591

Symptoms: A router crashes with an Address Error (load or instruction fetch) exception.

Conditions: The router must be configured to act as a DHCP client.

Workaround: There is no workaround.

CSCsz78479

Symptoms: When the PE routes traffic with a default network, it suddenly stops forwarding the packets from the CE. The PE is still able to reach the Internet.

Conditions: The PE is configured with the ip default network command and has an Engine 5.

Workaround: Remove and re-add the ip default network command.

Further Problem Description: The issue was already reproduced on the CALO case.

CSCsz81356

Symptoms: E6 linecards crash immediately after a CSC switchover.

Conditions: The CSC switchover is caused by a CSC card failure or by the CLI shutting down the primary CSC.

Workaround: There is no workaround.

CSCsz84906

Symptoms: The ISIS redistribution RIB has a stale route that is not removed after the original ISIS route is deleted when an interface is shut down. This can cause wrong ISIS database information and wrong routing information in the routing table.

Conditions: This symptom is observed when the router is an L1L2 router and the old ISIS route to be deleted after interface shutdown has a backup route from other routing protocols. If the ip routing protocol purge interface command is configured, the issue will not happen.

Workaround: Either configure the ip routing protocol purge interface command or enter the clear isis * command, which may resolve the problem temporarily.

CSCsz89090

Symptoms: When the delay triggers line command is executed under a controller, the configured values are not reflected in the running configuration.

Conditions: This symptom is observed in Cisco IOS Release 12.0(33)S and 12.0 (32)SY9 images.

Workaround: There is no workaround.

CSCsz89107

Symptoms: CPU utilization is high when there is a scaled configuration of more than 1000 interfaces and 100-pps traffic is being sent on UUT along with BGP and multicast traffic.

Conditions: This symptom is observed when several sessions are active and generating traffic.

Workaround: There is no workaround.

CSCta08632

Symptoms: After supervisor forces switchover several times, a router two hops away has wrong ISIS topology and ISIS routing table.

Conditions:

1. Incremental shortest path first (ISPF) enabled in ISIS.

2. set-overload-bit on-startup in ISIS.

3. Supervisor force switchover several times

Workaround: Disable ISPF in ISIS.

CSCta24441

Symptoms: Under certain circumstances, an E5 linecard may stop forwarding traffic to a certain subinterface. We see ARP entries updated, but traffic is not arriving on the connected equipment. Accordingly, we see on the connected equipment that ARP ages out. The connected VLAN becomes isolated to the rest of the network. Also, control protocols on the affected interface can go down.

Conditions: The Cisco 12000 is connected to a dot1q trunk. The issue is seen on subinterfaces with or without VRF, and with various lengths of subnet masks. This issue is seen when the adjacencies of the affected interface have an adjacency index with a value greater than 16383. This issue can be seen in a scaled testbed where there is a lot of churn in adjacency creation and deletion as a result of subinterface deletion and creation or ARP entries getting timed-out and refreshed.

Workaround: Perform a shut/no shut on the subinterface. Make sure to pause before bringing the subinterface back up. If this does not work, remove the subinterface and configure the same again.

If the above workaround does not work, reloading the RP is the only solution.

CSCta25677

Symptoms: Upon an RPR+ switchover, a few MLPPP interfaces that are configured on an E3 1xChOC12 may start having ping failures.

Conditions: This symptom is observed with a Cisco IOS 12.0(32)S11p fc1 image.

Workaround: Perform a shut/no-shut on the ML interface.

CSCta30330

Symptoms: PIM checksum errors are causing the joins to be dropped in the MVPN.

Conditions:

Topology _______

ce3------BR(Pe)(IOS-XR)---------Pe1(IOS)---------source

Initially, we observed a null olist in the VRF mroutes on the Cisco IOS router. Ideally, in this case, a tunnel should have been there in the olist.

Then we checked if the tunnel joins are sent and received by the Cisco IOX and IOS routers, respectively, by enabling the PIM debugs on both routers.

The XR debugs confirmed that joins are sent out by the XR node. Then we checked the debugs on the Cisco IOS router.

Initially, we suspected that the problem is due to "not to us" messages. Then we checked the IP traffic statistics.

PE1# show ip traffic 
 
   
IP statistics: >>>>> PIMv2 statistics: Sent/Received Total: 2087399/4842053, 245046 
checksum errors, 0 format errors Registers: 0/0, Register Stops: 0/0, Hellos: 
571945/560676 Join/Prunes: 1515499/4036576, Asserts: 0/0, grafts: 0/0 Bootstraps: 0/0, 
Candidate_RP_Advertisements: 0/0 Queue drops: 0
PIMv2 statistics: Sent/Received Total: 2092509/4848529, 245374 checksum errors, 0 
format errors Registers: 0/0, Register Stops: 0/0, Hellos: 573425/561965 Join/Prunes: 
1519100/4041190, Asserts: 0/0, grafts: 0/0 Bootstraps: 0/0, 
Candidate_RP_Advertisements: 0/0 Queue drops: 0
PIMv2 statistics: Sent/Received Total: 2092834/4848711, 245396 checksum errors, 0 
format errors Registers: 0/0, Register Stops: 0/0, Hellos: 573515/562041 Join/Prunes: 
1519335/4041274, Asserts: 0/0, grafts: 0/0 Bootstraps: 0/0, 
Candidate_RP_Advertisements: 0/0 Queue drops: 0 >>>>>
 
   

We observed checksum errors.

Workaround: After seeing checksum errors in the IP traffic statistics, we tried shutting the core-facing interface in the olist. After that, the problem disappeared. When we added that interface back, the problem was reproduced again. We suspect the following to cause this issue.

When we have core and VRF interfaces on the egress LC (E5), the PIM packet has to be forwarded on the core-facing interface and also has to be punted to the RP. In the E5, this is done by recycling the packet. In the first cycle, the packet will be sent to the core interface; in the second cycle, the packet will be decapsulated and punted to the LC CPU.

Only the head gets recycled for different passes. The tail will be stored in the stingray. When the packet is punted to the LC CPU, the LC CPU will copy the tail from the stingray, attach it to the head, and send it to the RP. We suspect that this copy is not happening properly and the RP is seeing PIM checksum errors.

CSCta37296

Symptoms: On a Cisco 12000 ATM linecard, threshold drops are observed on a service policy that is configured with WRED, and these drops occur even if no random drops are incrementing.

Conditions: This symptom is observed only when using WRED, and it is observed even under low utilization of the service policy. Threshold drops will happen only for RP-generated packets even though there are no random drops.

Workaround: To stop the drops, remove WRED and configure a standard queue limit.

Further Problem Description: Some of the packet types that are generated by the linecard (such as ICMP echo response) will still undergo threshold drops.

CSCta45402

Symptoms: In an MVPN setup with a CE connected via an MLPPP interface, auto- RP packets are not being punted to the RP and the RP entry times out after 180 seconds.

Conditions: This symptom is observed either when a link flaps on a member of the MLPPP interface or when output QoS is applied on the MLPPP interface.

Workaround:

1) RP# clear ip mroute vrf <vpn> 224.0.1.40

2) LC# clear ip mds all

3) Configure static RP.

4) Remove the output policy on the outgoing Multilink.

CSCta58995

Symptoms: A Cisco 7200 PE is dropping *small* frames on an AToM FRoMPLS tunnel.

Conditions: This symptom is observed in an FR IP IW case when frames that are less than 60 bytes are sent from a Cisco 12000 series router (PE on the other side).

Workaround: There is no workaround.

CSCta69919

Symptoms: On a Cisco 12000 series router with ISE line cards and an IPv6 ACL, after a reload or RP switchover, the ACL does not match traffic correctly.

Conditions: This applies to IPv6 ACL.

Workaround: Delete and recreate the ACL.

CSCta76975

Symptoms: IPv6 multicast traffic drops are observed when IPv6 multicast traffic is sent at a high rate. These multicast packets are punted to the RP; this can be seen through the show ipv6 mflib <multicast address> CLI.

Conditions: This symptom is observed upon router reload.

Workaround: There is no workaround.

CSCta77678

Symptoms: RTP timestamp on the RFC 2833 event is modified. IP Phones are using RFC 2833 to transport the DTMF signals, which causes problems with the voicemail systems.

Conditions: This symptom occurs when RTP header compression is enabled.

Workaround: There is no workaround.

Further Problem Description: The problem disappears if cRTP is disabled. The issue is seen with Class-Based cRTP configured and also with other cRTP configuration types.

CSCtb08699

Symptoms: The traffic flow between the Cisco 12000 series PE routers and the core CRS router stopped unexpectedly without any trigger, and the linecard had to be reloaded for recovery.

Conditions: The packet buffers in the ingress direction of the core-facing linecards of the Cisco 12000 series were gradually being depleted. Once this happened, all the incoming packets were dropped as seen in "no mem drop" below:

LC-Slot1# show contr tofab qm stat 
 
   
135590 no mem drop, 193180 soft drop, 4167963929 bump count 0 rawq (High Priority) 
drops, 0 rawq (Medium Priority) drops, 0 rawq (Low Priority) drops 0 dnq1 drops, 0 
dnq2 drops 0 no memory (ns), 0 no memory hwm (ns) no free queue 0 126499 61990 15125 
36 0 0 0 0 0 0 0 0 0 0 0
 
   

Workaround:

1) Clear the corrupted entry using the "clear ip route vrf <vpn-name> <prefix>" command on the RP.

2) Reload the linecard.

3) Reclaim the lost buffers by forced re-carve.

CSCtb45062

Symptoms: A subinterface does not transmit traffic in the egress direction, the queue head and tail stay frozen, and the txport is consistently back- pressured.

Conditions: These symptoms are observed under the following conditions:

12000-SIP-501 with SPA-8X1FE-TX-V2.

One Fast Ethernet interface with more than 468 subinterface VLANs.

All subinterfaces with the same policy (SHAPE_OUT_960).

policy-map VBL class
 class-default
  police cir 96000 bc 4470 be 4470 conform-action set-dscp-transmit af11
exceed-action
set-dscp-transmit default
policy-map SHAPE_OUT_960
 class class-default
  shape average 960000
 service-policy VBL

Workaround: Create a dummy Fast Ethernet subinterface and force it to allocate the tx-port being back-pressured.

Further Problem Description: Removing the policy and re-applying it or performing a shut/no shut solves the issue temporally, but the issue will move to another subinterface in the same main interface.

CSCtb49864

Symptoms: An HP ingress policy is applied on the Gigabit Ethernet main interface (E5). After an RP switchover, the counter for the "show policy-map int gig 0/0/0" command stays at 0 even though the police function appears to be working okay. The policer also disappears from the "show policy-map int" command output.

Conditions: RP switchover.

Workaround:

1. Perform a shut/no shut on the interface.

2. Delete/re-apply the service policy on the interface.

CSCtb51864

Symptoms: An IPv6 ACL is not working on the ingress of an E3 engine.

Conditions: Apply the IPv6 ACL on the ingress of the E3 engine, remove the ACL, and then reapply the same ACL on the same interface.

Workaround: Reload the linecard.

CSCtb52229

Symptoms: When a class map is added to an existing service policy (with a huge number of class maps), high CPU utilization occurs and CPU hog messages are seen, which causes OSPF flapping, and, in turn, a network outage.

Conditions: This symptom is observed when a class map is bonded/unbonded from a service policy that has a huge number of class maps.

Workaround: There is no workaround.

CSCtc36576

Symptoms: In a FR-Ethernet IP interworking scenario, a Cisco 12000 series PE (with an E5 linecard being used as CE facing) corrupts CE-to-CE packets that are less than 58 bytes.

Conditions: One Cisco 12000 series is running Cisco IOS Release 12.0(32) SY8, 12.0(32)SY9, or 12.0(32)SY10. The linecard that is facing the CE must be E5.

Workaround: There is no workaround.

CSCtc55200

Symptoms: An E5 linecard crashes while the "show ip hardware-cef x.x.x.x detail" command is executed during CEF troubleshooting.

Conditions: This symptom is observed under the following conditions:

Core-facing interfaces using Eng3 with two Port-Channel and load-balance.

Customer-facing interfaces using Eng5 with exhausted FSRAM memory because of a high number of hosts or load-balance routes from Eng3.

When FSRAM memory becomes exhausted, if you try to add one more host on the port-channel, the following error message will appear:

SLOT 4:02:04:44: %EE192-3-LINKBUNDLE: Cannot create hw link_bundle -Traceback= 40030EE8 4068CAC8 405AF138 413B6CCC 413D7464 413D7FA0 413BB2F4 413BB580 413BB88C 413BC780

Workaround: Reload the linecard.

CSCtc72808

Symptoms: In situations where an enhanced SFC module would experience problems with the clock module, a recovery feature that was introduced in previous releases would try to recover switch fabric system indefinitely:

%FABRIC-3-ERR_HANDLE: Reconfigure all fabric cards due to SUSHI REGISTER RESET ERROR error from slot <..>

And that would lead to linecard resets in the chassis.

Conditions: This behavior is observed when a enhanced SFC module experiences hardware/clock module problems.

Workaround: Disable the faulty module in configuration mode:

hw-module slot <slot> shutdown

CSCtc76700

Symptoms: An E5 T1E1 SPA loses all configurations when the image is loaded.

Conditions: This symptom is observed when the latest Cisco IOS Release 12.0 (33)S6 image is loaded.

Workaround: There is no workaround.

CSCtd15620

Symptoms: An interface on a ChOC12 linecard remains down after a shut/no shut is performed.

Conditions: This symptom is observed when a shut/no shut is performed on a serial interface.

Workaround: Perform a shut/no shut on the SONET controller.

Resolved Caveats—Cisco IOS Release 12.0(33)S5

All the caveats listed in this section are resolved in Cisco IOS Release 12.0(33)S5. This section describes only severity 1, severity 2, and select severity 3 caveats.

CSCsx70889

Cisco devices running affected versions of Cisco IOS Software are vulnerable to a denial of service (DoS) attack if configured for IP tunnels and Cisco Express Forwarding. Cisco has released free software updates that address this vulnerability. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090923-tunnels.shtml.

CSCsz55293

Symptoms: A remote third-party device is resetting the IPv6 BGP session with a Cisco 12000 router.

Conditions: BGP is exchanging only IPv6 capability with the remote EBGP peer, but IPv4 capability will be enabled by default. The remote EBGP peer is sending only IPv6 capability, and we should advertise only IPv6 prefixes because that is the capability negotiated. We are wrongly marking IPv4 capability as negotiated and advertising IPv4 prefixes, and the remote neighbor is resetting the session because IPv4 capability is not negotiated at the peer end.

Workaround: Configure a route map to deny all IPv4 prefixes, and apply it as follows:

Route-map deny-ipv4 deny 10

Router bgp <asnum>
address-family ipv4
Neighbor <IPv6Address> activate
Neighbor <IPv6Address> route-map <deny-ipv4> out

CSCta24441

Symptoms: Under certain circumstances, an E5 linecard may stop forwarding traffic to a certain subinterface. We see ARP entries updated, but traffic is not arriving on the connected equipment. Accordingly, we see on the connected equipment that ARP ages out. The connected VLAN becomes isolated to the rest of the network. Also, control protocols on the affected interface can go down.

Conditions: The Cisco 12000 is connected to a dot1q trunk. The issue is seen on subinterfaces with or without VRF, and with various lengths of subnet masks. This issue is seen when the adjacencies of the affected interface have an adjacency index with a value greater than 16383. This issue can be seen in a scaled testbed where there is a lot of churn in adjacency creation and deletion as a result of subinterface deletion and creation or ARP entries getting timed-out and refreshed.

Workaround: Perform a shut/no shut on the subinterface. Make sure to pause before bringing the subinterface back up. If this does not work, remove the subinterface and configure the same again.

If the above workaround does not work, reloading the RP is the only solution.

CSCta33973

Recent versions of Cisco IOS Software support RFC4893 ("BGP Support for Four-octet AS Number Space") and contain two remote denial of service (DoS) vulnerabilities when handling specific Border Gateway Protocol (BGP) updates.

These vulnerabilities affect only devices running Cisco IOS Software with support for four-octet AS number space (here after referred to as 4-byte AS number) and BGP routing configured.

The first vulnerability could cause an affected device to reload when processing a BGP update that contains autonomous system (AS) path segments made up of more than one thousand autonomous systems.

The second vulnerability could cause an affected device to reload when the affected device processes a malformed BGP update that has been crafted to trigger the issue.

Cisco has released free software updates to address these vulnerabilities.

No workarounds are available for the first vulnerability.

A workaround is available for the second vulnerability.

This advisory is posted at the following link:

http://www.cisco.com/warp/public/707/cisco-sa-20090729-bgp.shtml

Resolved Caveats—Cisco IOS Release 12.0(33)S4

All the caveats listed in this section are resolved in Cisco IOS Release 12.0(33)S4. This section describes only severity 1, severity 2, and select severity 3 caveats.

Basic System Services

CSCsw76894

Symptoms: IPv6 traps are not sent. And sometimes "%IP_SNMP-3-SOCKET: can't open UDP socket" messages can also be seen.

Conditions: This symptom is observed when no IPv4 address is configured.

Workaround: Perform the following three steps:

1. Disable the SNMP engine by issuing the no snmp-server command.

2. Configure an IP address and an IPv6 address on loopback interfaces.

3. Enable the SNMP engine.

CSCsz87312

Symptoms: A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(33)S3 may have partial debug outputs of the debug snmp packet command in the log even though no such debug command is enabled.

The edited log would appear as follows:

<snip>

May 27 15:36:52.272 UTC: SNMP: Packet sent via UDP to xxx.xxx.xxx.xxx

<snip>

Conditions: The messages appear because of a reply to an SNMP probe.

Workaround: There is no workaround.

Further Problem Description: This symptom is not observed in Cisco IOS Release 12.0(33)S2.

Resolved Caveats—Cisco IOS Release 12.0(33)S3

All the caveats listed in this section are resolved in Cisco IOS Release 12.0(33)S3. This section describes only severity 1, severity 2, and select severity 3 caveats.

CSCdw62064

Symptoms: Inbound data packets that are reassembled from multilink fragments may not be processed properly on Multilink PPP (MLP) interfaces that are receiving encrypted IP Security (IPSec) traffic that is terminated locally when a hardware accelerator is used for decryption.

Conditions: This symptom affects all inbound reassembled data frames that are received by the bundle and not just those data frames that are carrying encrypted IP datagrams. Most significantly, inbound Internet Security Association and Key Management Protocol (ISAKMP) keepalives are not processed, leading to the eventual failures of the associated IPSec sessions.

The IPSec sessions are reestablished after each failure, but traffic drops will occur until the session is renegotiated via the Internet Key Exchange (IKE). Thus, the observable symptoms are an intermittent failure of IPSec sessions combined with high loss rates in the encrypted data traffic.

Workaround: Disable hardware crypto acceleration, and use software crypto acceleration instead.

CSCed55180

Symptoms: After a Stateful Switchover (SSO) occurs on a Cisco 7500 series, the traffic interruption may last longer than you would expect.

Conditions: This symptom is observed on Cisco 7500 series that runs Cisco IOS Release 12.2(22)S and that is configured with a Route Switch Processor 4 or 8 (RSP4 or RSP8) when the router is configured with a large number (100,000) of Border Gateway Protocol (BGP) routes and Ethernet interfaces that process traffic.

Workaround: There is no workaround. One way to help reduce the length of the traffic interruption is to add static ARP entries.

CSCei45749

Symptoms: When you enter the clear interface command on an Inverse Multiplexing for ATM (IMA) interface configured for dynamic bandwidth, the PVCs that are associated with the IMA interface may become Inactive.

Conditions: This symptom is observed only for IMA interfaces that have the atm bandwidth dynamic command enabled.

Workaround: Issuing the no atm bandwidth dynamic command from the IMA interface can prevent the problem from happening. If the problem has been experienced already, using the no atm bandwidth dynamic command followed by a shutdown and subsequent no shutdown from the IMA interface can be used to work around the problem and clear the inactive PVC condition.

CSCek77589

Symptoms: The following message is observed in syslog/console.

%UTIL-3-IDTREE_TRACE: SSM SEG freelist DB:Duplicate ID free

Conditions: This symptom was observed during scalability testing of a large number (over 2000) of PPP sessions being brought up and torn down continuously.

Workaround: There is no workaround.

CSCir01027

Symptoms: SNMP over IPv6 does not function.

Conditions: This symptom is observed on a Cisco router that integrates the fix for caveat CSCsg02387. A list of the affected releases can be found at http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCsg02387. Cisco IOS software releases that are not listed in the "First Fixed-in Version" field at this location are not affected.

Workaround: Use SNMP over IPv4.

CSCsd23579

Symptoms: On PPP links that do not support duplicate address detection (DAD), the interface up state can be signaled too early, for example before the interface is actually up. As a result, OSPFv3 neighbor relationship is not established.

Conditions: Any interface that does not support DAD could signal link local up before the interface is up.

Workaround: There is no workaround.

CSCsd47863

Symptoms: Summary Refresh messages are not sent downstream; consequently, the downstream router notices missing refreshes, and, after some time, the tunnel goes down.

Conditions: This symptom is observed when there is an alternate FRR path and it becomes active. The router that has refresh reduction enabled creates the problem. The command that creates the problem is:

ip rsvp signalling refresh reduction

Workaround: Disable Refresh Reduction on the router using the following command:

no ip rsvp signalling refresh reduction

Further Problem Description: When an incoming interface on a router is shut down, FRR is triggered, and tunnels takes another path.

Now the Path messages on this router come via a different incoming interface. This router had ip rsvp signalling refresh reduction enabled.

We can now see the that this router stops sending Refresh reduction messages downstream. After some time, the downstream router will say that it has missed the refreshes and then after some time (around 5 minutes), the tunnel will be down.

CSCsf04035

Symptoms: Upon an SSO switchover, on the new active RP, the MFR interface shows the default bandwidth value instead of the actual bandwidth, which is based on the available bundle links.

Conditions: This symptom is observed on a Cisco 7600 router that is running 12.2SR software and on a Cisco 12000 series Internet router that is running 12.0SY software.

Workaround: Recycle the MFR interface to reset the bandwidth to the correct value.

CSCsf32449

Symptoms: A Sup720 Multicast-VPN (MVPN) PE router may not advertise its mdt prefix (BGP vpnv4 RD-type 2) after reloading.

Conditions: This symptom is observed on a Sup720 MVPN PE router.

Workaround: Use the clear ip bgp command after reloading.

CSCsg00102

Symptoms: SSLVPN service stops accepting any new SSLVPN connections.

Conditions: A device configured for SSLVPN may stop accepting any new SSLVPN connections, due to a vulnerability in the processing of new TCP connections for SSLVPN services. If the debug ip tcp transactions command is enabled and this vulnerability is triggered, debug messages with connection queue limit reached will be observed.

This vulnerability is documented in two separate Cisco bug IDs, both of which are required for a full fix CSCso04657 and CSCsg00102.

CSCsg02387

Symptoms: A time-out occurs when you enter an SNMP command for an IPv6 interface. However, you can ping the IPv6 interface.

Conditions: This symptom is observed on a Cisco 7200 series but is platform-independent.

Workaround: There is no workaround.

CSCsh97579

Cisco devices running affected versions of Cisco IOS Software are vulnerable to a denial of service (DoS) attack if configured for IP tunnels and Cisco Express Forwarding. Cisco has released free software updates that address this vulnerability. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090923-tunnels.shtml.

CSCsi57031

Symptoms: On a pseudowire that is configured on an OC-12 ATM interface, when you delete the oam-ac emulation-enable command, enter the write memory command, and then initiate an SSO switchover, the new standby PRE continues to reboot because of a configuration mismatch with the new active PRE.

Conditions: This symptom is observed on a Cisco 10000 series when the new active PRE has the oam-ac emulation-enable command in its configuration but the new standby PRE does not, causing a configuration mismatch. The symptom may not be platform-specific.

Workaround: Reload the new active PRE, then remove the oam-pvc manage 0 command from its configuration.

CSCsj56281

Symptoms: Inherit peer-policy does not work.

Conditions: This symptom is observed after a router reload

Workaround: There is no workaround.

CSCsj60462

Symptoms: Unicast traffic is multicasted.

Conditions: This symptom is observed if two sources send traffic at the same time.

Workaround: There is no workaround.

CSCsj75907

Symptoms: Traffic may be lost, and the port mode VC goes down.

Conditions: This symptom is observed when an OIR is performed on the PE edge interface in an L2VPN setup.

Workaround: Reset the interfaces on the PEs.

CSCsj88665

Symptoms: A device with a PA-MC-2T3+ may reset because of a bus error if a channel group is removed while the show interface command is being used from another telnet session at the same time, and then the telnet session is cleared.

The device may also display Spurious Memory Accesses.

Conditions: These symptoms have been observed in the latest Cisco IOS 12.4T and 12.2S releases.

Workaround: Do not remove a channel group while using the show interface command for that interface.

CSCsk27147

Symptoms: The following SNMP is incorrectly generated:

%SNMP-3-INPUT_QFULL_ERR: Packet dropped due to input queue full

This issue is affecting the CISCO-MEMORYPOOL-MIB instead.

Conditions: Occurs on a Cisco 2600 series router running Cisco IOS Release 12.4(11)T3. The router keeps dropping SNMP packets. The log shows that the packets are dropped because of the input queue being full. Although the utilization is sometimes high, this could not be the root cause, as the router keeps dropping packets regardless of the current utilization. Also, the SNMP process takes 5 to 20 percent of the CPU load.

Workaround: Exclude ciscoMemoryPoolMIB from your query with the following commands:

snmp-server view public-view iso included

snmp-server view public-view ciscoMemoryPoolMIB excluded

Apply this view to the RW community string. This view will exclude only ciscoMemoryPoolMib, all other MIBs will be available.

CSCsk31502

Symptoms: A router that is running IPv6 in IP tunnelling may reload upon receiving a malformed packet.

Conditions: The router needs to be configured for IPv6 in IP tunneling.

Workaround: There is no workaround.

CSCsk59579

Symptoms: The error message "eelc_add_a_port_to_root: port number not contiguous" is displayed, and SPAs may eventually go out of service.

Conditions: This symptom is observed under a race condition due to a back-to- back removal and addition of a member from the bundle.

Workaround: Shut down the member before removing it from the bundle.

CSCsk64158

Several features within Cisco IOS Software are affected by a crafted UDP packet vulnerability. If any of the affected features are enabled, a successful attack will result in a blocked input queue on the inbound interface. Only crafted UDP packets destined for the device could result in the interface being blocked, transit traffic will not block the interface.

Cisco has released free software updates that address this vulnerability.

Workarounds that mitigate this vulnerability are available in the workarounds section of the advisory.

This advisory is posted at the following link:

http://www.cisco.com/warp/public/707/cisco-sa-20090325-udp.shtml

CSCsk78809

Symptoms: If the traffic flow is re-routed a couple of times due to routing information changes under a heavy load, the linecard suddenly stops forwarding traffic, and then even if the utilization is zero, the linecard does not forward packets anymore.

Conditions: This problem is specific to SPA-1X10GE-L-V2 cards. It is associated with a failed re-initialization of the SPA; that is, the problem can be reproduced by re-initializing the SPA while traffic is artificially sent to the SPA rx side during the re-initialization. Traffic is IMIX with giant/jumbo packets.

Workaround: There is no workaround. The proper operations can be recovered via "reload slot x."

CSCsl49628

Symptoms: When a VPN routing/forwarding (VRF) is deleted through the CLI, the VRF deletion never completes on the standby RP, and the VRF cannot be reconfigured at a later time.

Conditions: This symptom is observed when BGP is enabled on the router.

Workaround: There is no workaround.

CSCsm27071

A vulnerability in the handling of IP sockets can cause devices to be vulnerable to a denial of service attack when any of several features of Cisco IOS Software are enabled. A sequence of specially crafted TCP/IP packets could cause any of the following results:

The configured feature may stop accepting new connections or sessions.

The memory of the device may be consumed.

The device may experience prolonged high CPU utilization.

The device may reload.

Cisco has released free software updates that address this vulnerability.

Workarounds that mitigate this vulnerability are available in the "workarounds" section of the advisory.

The advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090325-ip.shtml.

CSCsm49112

Problem Description: When eBGP sessions that carry a full routing table (200,000+ routes) are brought up, a prolonged period of 100-percent CPU utilization (5 to 7 minutes) is experienced.

During this time, the router is unresponsive in the CLI, and it stops responding to icmp/snmp polls.

The router is a Cisco 12406/PRP and is running Cisco IOS Release 12.0(32)S5 (c12kprp-k4p-mz.120-32.S5).

When bringing up a BGP session with a full routing table, the router seems to load the first several thousand prefixes quickly and then stops dead for several minutes before loading the rest.

Workaround: After changing the outbound prefix list on the eBGP session to a deny all (ip prefix-list test-nothing-out seq 1 deny 0.0.0.0/0 le 32), clearing the BGP session does not produce the problem anymore.

CSCsm74848

Symptoms: A crash occurs.

Conditions: All the interfaces should be up and running. To recreate the issue, perform the following steps:

1) Configure xconnect between PE1 and PE2.

2) Execute the show xconnect all command.

3) Then remove the T1 channel on which xconnect is configured.

Workaround: There is no workaround.

CSCsm75818

Symptoms: Multicast data loss may be observed while changing the PIM mode of MDT-data groups in all core routers.

Conditions: The symptom is observed while changing the PIM mode of MDT-data groups from "Sparse" to "SSM" or "SSM" to "Sparse" in all core routers in a Multicast Virtual Private Network (MVPN).

Workaround: Use the clear ip mroute MDT-data group command to resolve the issue.

CSCsm84415

Symptoms: ATM aal0-aal0 local switching fails upon SSO switchover, with L2 rewrite information missing for the corresponding VCs, resulting in traffic drops. Pseudo Wire will be down

Conditions: This symptom is observed after an SSO switchover in a scale testbed Local Switching and AToM both will be affected.

Workaround: Shutting and unshutting the involved ports resolves the issue.

CSCsm86832

Symptoms: The line protocol of the serial interface keeps flapping.

Conditions: This symptom is observed after the Atlas BERT pattern is run on a fractional T1 (1 or 2 timeslots).

Workaround: Add/Remove the T1.

CSCso04657

Symptoms: SSL VPN service stops accepting any new connections.

Conditions: A device configured for SSL VPN may stop accepting any new SSL VPN connections due to a vulnerability in the processing of new TCP connections for SSL VPN services. If the debug ip tcp transactions command is enabled and this vulnerability is triggered, debug messages with connection queue limit reached will be observed.

Workaround: There is no workaround.

CSCso60442

Symptoms: A crash occurs.

Conditions: This symptom is observed when the show buffers interface dump command is entered.

Workaround: There is no workaround.

CSCso84392

Symptoms: In MVPN, on the source PE, multicast packets are punted to the RP CPU, and some packets are also dropped.

Conditions: Ingress E3 and egress E5, and the TUNSEQ error message appears.

Workaround: There is no workaround.

CSCso92169

Symptoms: A traceback is seen on the E3 and E5 line cards.

Conditions: This symptom is observed under normal traffic conditions after a clear ip route * command is issued.

Workaround: There is no workaround.

CSCsq13938

Symptoms: In Cisco IOS software that is running the Border Gateway Protocol (BGP), the router may reload if BGP show commands are executed while the BGP configuration is being removed.

Conditions: This problem may happen only if the BGP show command is started and suspended by auto-more before the BGP-related configuration is removed, and if the BGP show command is continued (for example by pressing the SPACE bar) after the configuration has been removed. This bug affects BGP show commands related to VPNv4 address family. In each case the problem only happens if the deconfiguration removes objects that are being utilized by the show command. Removing unrelated BGP configuration has no effect.

This bug is specific to MPLS-VPN scenarios (CSCsj22187 fixes this issue for other address-families).

Workaround: Terminate any paused BGP show commands before beginning operations to remove BGP-related configuration. Pressing "q" to abort suspended show commands, rather SPACE to continue them, may avoid problems in some scenarios.

CSCsq31233

Symptoms: The following error messages are received on a 1xoc12 eng3 line card:

SEC 8:May 16 06:41:09.216: %IDBINDEX_SYNC-3-IDBINDEX_ENTRY_SET: Cannot set entry to interface index table: "", 73 -Process= "RP Standby", ipl= 0, pid= 63 -Traceback= 20A640 20A748 11D29D8 27F7A8 281F80 439B64 436AC4 5187B8 4FF360 5006FC 523434 240B7C 5C0514 5C0A14 34BC74 350B0C SEC 8:May 16 06:41:09.216: %FIB-2-HW_IF_INDEX_ILLEGAL: Attempt to create CEF interface for Serial4/0.1/1:1 with illegal index: -1 -Traceback= 20A640 20A748 178438 17A198 17A7E8 17A980 439C1C 436ACC 5187B8 4FF360 5006FC 523434 240B7C 5C0514 5C0A14 34BC74 SEC 8:May 16 06:41:09.216: %EERP-2-UIDB_ERR: Unable to allocate resources. Null fibhwidb for free 0

Conditions: This symptom is observed when either of the two tasks mentioned below is performed in the specific order and HA is configured in SSO mode.

A. Configure/Unconfigure Channels:

1. Under sonet framing, configure some T1 lines.

2. Unconfigure these T1 lines.

3. Change the framing to sdh and configure some E1 lines.

4. Unconfigure these E1 lines.

5. Change the framing to sonet and configure some T1 lines.

B. Change Framing:

1. Change the framing without deleting all the channels; a warning message to delete all channels before changing the framing will be issued.

2. Delete all the channels.

3. Change the framing multiple times from sonet to sdh, from sdh to sonet, and then from sonet to sdh again.

Workaround: There is no workaround.

CSCsq31776

Cisco devices running affected versions of Cisco IOS Software are vulnerable to a denial of service (DoS) attack if configured for IP tunnels and Cisco Express Forwarding. Cisco has released free software updates that address this vulnerability. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090923-tunnels.shtml.

CSCsq91960

Symptoms: VRF may not get deleted if the VRF NAME size is 32 characters on a dual RP HA/SSO router.

Conditions: This symptom occurs when adding a VRF with 32 characters on a DUAL RP HA router. (In some releases a VRF name with more than 32 characters will get truncated to 32.) The following may occur:

There may be a DATA CORRUPTION ERRMSG.

While deleting this 32 character length VRF, VRF will fail to get deleted completely with an ERRMSG on active.

Workaround: There is no workaround.

CSCsq96435

Symptoms: Line cards get stuck in the WAITRTRY state after an RP switchover and a router reload.

Conditions: This symptom is observed on a Cisco 12810 and 12816 Internet series router that is booted with Cisco IOS Release 12.0(32)S11. The symptom is seen on both E4+ and E6 line cards and also during reload.

Workaround: There is no workaround.

CSCsr04198

Symptoms: Traffic for certain pairs of sources and destinations is dropped.

Conditions: This symptom is observed under the following conditions:

1. Destinations are routed via a default route.

2. Load-balancing is in place.

Workaround: Break and restore load-balancing by changing IGP metrics.

CSCsr40433

Symptoms: Traffic engineering (TE) tunnel reoptimization fails and tunnel stuck in "RSVP signaling proceeding."

Conditions: Occurs when explicit path with loose next hops and one of the next hops is still reachable and that next hops is a dead-end.

Workaround: Use strict next hop addresses.

CSCsr53541

Symptoms: A TE tunnel from a mesh group disappears after the tailend router is reloaded.

Conditions: The IGP is OSPF, and OSPF is used to advertise the mesh-group membership. The problem appears only if the OSPF network type is point-to- point.

Workaround: Enter the clear mpls traffic-eng auto-tunnel mesh command after the TE tunnel disappears from the mesh group.

CSCsr61125

Symptoms: A switchover takes more time on a Cisco 7500 router.

Conditions: This symptom is observed when RPR+ is configured on the Cisco 7500.

Workaround: There is no workaround.

CSCsr64777

Symptoms: A router crashes because of a block overrun (overwriting the memory block).

Conditions: This symptom is observed only when NetFlow version 5 is used.

Workaround: NetFlow version 9 could be used for exporting.

CSCsr67137

Symptoms: An Engine 3 (E3) Channelized OC12 (CHOC12) line card can reload after a switchover in Route Processor Redundancy Plus (RPR+) mode.

Conditions: This symptom is observed on a Cisco 12416 Internet series router:

The router is booted with Cisco IOS Release 12.0(32)S11n and contains the following:

Redundant PRP-2 processor running in RPR+ mode.

E3 CHOC12 line card.

All other slots in the chassis are populated with E3, E4+, and E5 line cards.

Workaround: There is no workaround.

CSCsr67289

Symptoms: Router hangs when online insertion and removal (OIR) is performed.

Conditions: Occurs after changing the interface bandwidth followed by an OIR operation.

Workaround: Stop traffic before making these changes.

CSCsr87973

Symptoms: Linecards crash when the tunnel interface is shut down.

Conditions:

1. The issue is seen when Tag-Switching is enabled on the VRF interface and the tunnel interface is shut down.

2. The interface on which the tunnels are going through goes down and tunnels go down with it also.

See attachments for configuration information.

Workarounds:

1. For condition 1, the workaround is to remove the tag-switching command configured on all the affected VRF interfaces and then do a shutdown.

2. For condition 2, there is no workaround because an interface can go down when the underlying L1/L2 layer goes down.

Further Problem Description: See attachments for topology and router configurations.

CSCsr88705

Symptoms: Redistributed routes are not being advertised after a neighbor flap.

Conditions: This symptom is observed if BGP is redistributing local routes and if there are multiple neighbors in the same update-group and then a neighbor flaps. For the flapped neighbor, some redistributed routes are not being advertised.

Workaround: Undo and redo the redistribution.

CSCsu23084

Symptoms: The secondary RP crashes continuously.

Conditions: This symptom is observed in any Cisco IOS Release 12.0(33)S image, subject to following:

Redundancy mode SSO.

Several Link-bundling subinterfaces with service policies attached (Scaled Environment).

More than 1 Engine 3 Members.

The secondary RP will crash when it is coming up, if the primary RP is already up and configured. Examples of this behavior:

Switchover.

The primary comes up first; the secondary is manually booted later.

Workaround: Change the redundancy mode to RPR or RPR+ to avoid the crash.

CSCsu32015

Symptoms: A ping fails across Frame Relay subinterfaces over a non- channelized SPA.

Conditions: The ping fails across Frame Relay subinterfaces when:

The channelized SPA is used on a bay and there are approximately 30 or more interfaces that are created and used.

That SPA is later removed and moved to some other bay or to some other slot.

And this current empty bay is then used for a non-channelized SPA and for Frame Relay subinterface circuits.

Workaround: There is no workaround.

CSCsu33246

Symptoms: IPv6 PIM RP embedded functionality is not working properly in Cisco IOS Release 12.0(32)S or Release 12.0(32)SY even after the fix for CSCsf28907.

Conditions: If a first-hop router (that is connected to the IPv6 multicast source) is configured for a PIM RP embedded operation, the register packets will not be sent to the RP and the mroute table will remain in the Registering state. No IPv6 multicast traffic will flow.

Workaround: Configure an IPv6 PIM static RP.

CSCsu36958

Symptoms: A router cannot be reloaded after the RP switches over three times.

Conditions: The router restarts three times, and each time due to watchdog timeout due to failure to allocate memory. This symptom is related to a flood of multicast messages. Once this symptom occurs, attempts to manually reload the router are unsuccessful as the NVRAM is locked, indicating that it is being updated.

Workaround: There really is no workaround except to manually remove and re-insert the RP or power-cycle the chassis.

CSCsu40491

Symptoms: When a second multilink is enabled between a PE and a connected CPE, the route may not be propagated to the remote PE. A ping from the local PE to the CPE always works fine over both multilinks; however, a ping from the remote PE to the CPE does not work when both links are enabled.

Conditions: This symptom is observed under the following conditions:

1. The routing protocol between the PE and the CE is BGP.

2. Two static routes are defined on the PE toward the CE.

3. MLPPP is used on both links.

4. The PE is a Cisco 12000 series Internet router.

5. Both links are enabled.

These conditions do not guarantee that the problem will be reproduced; but it may occur under certain circumstances.

Workaround: Perform either of the following two workarounds:

1. To clear the issue, redefine the static routes, or shut down both multilinks and bring them back up again.

2. Enable only one multilink.

Further Problem Description: The MPLS label shows as "aggregate" instead of "untagged" during the problem.

CSCsu41338

Symptoms: Set cos is not being applied for VPLS packets in E5 Gig. The source MAC address of the VPLS packet from the disposition PE is getting corrupted.

Conditions: This symptom is observed only for VPLS packets in E5 cards when a service policy with set cos is applied to the egress interface of the disposition PE.

Workaround: There is no workaround.

CSCsu54160

Symptoms: An RP becomes stuck.

Conditions: This symptom is observed after an SSO mode redundancy force switchover is executed.

Workaround: Reload the secondary RP.

CSCsu59282

Symptoms: The following message is continuously seen on SSO switchover even if the maximum scale numbers are not configured.

%RP-3-ENCAP: Failure to allocate encap table entry, exceeded max number of entries, slot 3 (info 0xC0000

Conditions: This symptom is observed upon SSO switchover.

Workaround: Reload the RP.

CSCsu63081

Symptoms: The delay triggers path delay command does not function as it is provisioned on an E3 CHOC12 controller.

Conditions: This symptom is observed on a Cisco 12000 Internet series router booted with c12kprp-p-mz.120-32.S11n. This router contains an E3 CHOC12 line card.

Workaround: There is no workaround.

CSCsu65189

Symptoms: If router is configured as follows:

router ospf 1
...
passive-interface Loopback0

And is later enabled with LDP/IGP synchronization using the following commands.

Router(config)# router ospf 1
Router(config-router)# mpls ldp sync
Router(config-router)# ^Z

MPLS LDP/IGP synchronization will be allowed on the loopback interface too.

Router# show ip ospf mpls ldp in

Loopback0
     Process ID 1, Area 0
     LDP is not configured through LDP autoconfig
     LDP-IGP Synchronization : Required < ---- NOK
     Holddown timer is not configured
     Interface is up

If the clear ip ospf proc command is entered, LDP will keep the interface down. Down interface is not included in the router LSA, therefore IP address configured on loopback is not propagated. If some application like BGP or LDP use the loopback IP address for the communication, application will go down too.

Conditions: Occurs when interface configured as passive. Note: all interface types configured as passive are affected, not only loopbacks.

Workaround: Do not configure passive loopback under OSPF. The problem occurs only during reconfiguration.

The problem will not occur if LDP/IGP sync is already in place and:

The router is reloaded with image with fix for CSCsk48227.

The passive-interface command is removed/added.

CSCsu66119

Symptoms: If "set exp" is configured on the ingress AC, local switching (AC - AC) traffic does not copy the exp value to the cos bits in the egress direction.

Conditions: This symptom is observed with E3 as ingress and "set exp" configured on VPLS interface.

Workaround: There is no workaround.

CSCsu73675

Symptoms: In the case of E5 AToM QinQ, set cos is being set on the inner vlan_id.

Conditions: This symptom is observed in an E5 AToM with QinQ configuration that has set cos in the policy map.

Workaround: There is no workaround.

CSCsu74140

Symptoms: In E5 L2TPv3 dot1q set cos is not setting on the vlan-id.

Conditions: This symptom is observed in a configuration that has set cos in the policy.

Workaround: There is no workaround.

CSCsu79988

Symptoms: Before this BGP aspath memory optimization, the memory consumption for aspath has increased. With this memory optimization, the memory consumption for aspath is reduced.

Workaround: There is no workaround.

CSCsu84357

Symptoms: The show mac address-table bridge-domain domain command may display unexpected MAC addresses.

Conditions: This symptom has been reported on a Cisco 12000 series Internet router that is configured with VPLS. When a service policy with input policing is applied on an interface that also has bridge-domain configured and when police drops happen, ghost MAC addresses are present in the MAC address table for that bridge-domain ID.

Workaround: There is no workaround. But no immediate impact on system behavior has been observed.

Further Problem Description: This issue can occur with either ACL drops or policer drops on a VPLS-enabled interface. If there are no ACL or CAR drops, this issue will not occur.

This unexpected MAC address might conflict with another real MAC address and may lead to some other issues such as traffic being sent over the wrong interface for the same customer.

Let us assume that the customer is having two ACs on the same PE and that AC1 learned the proper MAC address and the unexpected MAC address. If this unexpected MAC address is a valid MAC address on AC2, then the traffic for this MAC address may be sent to AC1 instead of to AC2.

CSCsu86288

Symptoms: A line card on a Cisco 12000 series Internet router generates tracebacks during LI provisioning while installing a 50th tap request. After the appearance of the first traceback, LI functionality stops working for newly requested taps.

Conditions: This symptom is observed when there are 48 active taps and 2 new taps arrive.

Workaround: Reload the line card or the whole router.

CSCsu89509

Symptoms: When PEM PS is inserted, there is an increase in CPU utilization by the PowerMgr Main process. The utilization is from 10 percent to 99 percent; the difference is caused by inserting timing.

Conditions: This issue is observed under the following conditions:

16-slot chassis

Enhanced fabric

Enhanced CSC

DC PEM

Workaround: There is no workaround.

CSCsu92317

Symptoms: Pings fail on an MLPPP interface.

Conditions: There is an MFR interface used for L2 services such as xconnect and an MLPPP interface on the same SPA. When the member links are removed/added from these bundles back-to-back, the ping on the MLPPP interface may fail. This symptom is observed so far only on E5 cards.

Workaround: Reload the line card.

CSCsu93472

Symptoms: Whenever a service policy that has an action as bandwidth or shaping is applied as output to the core-facing interface in an imposition PE in a VPLS setup, the egress multicast packets that are passing through the core-facing interface are being dropped.

Conditions: This symptom is observed when:

A service policy with action as bandwidth or shaping is applied as output to the core-facing interface in an imposition PE in a VPLS setup; and

Multicast traffic is flowing through the interface.

Workaround:

1) Remove and re-add the bridge-domain.

2) Reload the ingress line card that has bridge-domain configured on it.

CSCsu93501

Symptoms: In Cisco IOS Release 12.0(33)S, the VPLS-specific ingress policy matches are not working for the multicast and VPLS-unknown classes. Either class will match all unicast, multicast, broadcast, and unknown traffic.

Conditions: This symptom is observed for multicast and VPLS-unknown traffic that passes through the VPLS-specific ingress policy in Cisco IOS Release 12.0 (33)S images only.

Workaround: There is no workaround.

CSCsv00039

Symptoms: A customer observed the following message in the log:

The PAM_PIM created confusion as it was being referred to Protocol Independent Multicast and not to the Packet Assembly Module/Packet Interface Module.

Conditions: This symptom occurs because of a corrupted packet.

Workaround: There is no workaround.

CSCsv04674

Symptoms: The M(andatory)-Bit is not set in Random Vector AVP, which is a must according to RFC2661.

Conditions: This symptom is observed with Egress ICCN packet with Random Vector AVP during session establishment.

Workaround: There is no workaround.

CSCsv04836

Multiple Cisco products are affected by denial of service (DoS) vulnerabilities that manipulate the state of Transmission Control Protocol (TCP) connections. By manipulating the state of a TCP connection, an attacker could force the TCP connection to remain in a long-lived state, possibly indefinitely. If enough TCP connections are forced into a long-lived or indefinite state, resources on a system under attack may be consumed, preventing new TCP connections from being accepted. In some cases, a system reboot may be necessary to recover normal system operation. To exploit these vulnerabilities, an attacker must be able to complete a TCP three-way handshake with a vulnerable system.

In addition to these vulnerabilities, Cisco Nexus 5000 devices contain a TCP DoS vulnerability that may result in a system crash. This additional vulnerability was found as a result of testing the TCP state manipulation vulnerabilities.

Cisco has released free software updates for download from the Cisco website that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml.

CSCsv08408

Symptoms: A router may crash due to a bus error due to an illegal access to a low address because IPC is processing a message that is already returned back to the pool, but still the message's reference is present in IPC's retry table.

Conditions: The conditions under which this symptom occurs are not known.

Workaround: There is no workaround.

CSCsv15604

Symptoms: E4+ on a Cisco 12000 series Internet router stops exporting NetFlow. Show commands display that packets are correctly captured and exported.

Conditions: Traffic should flow through an E4+ and go out through an E5, which has to be MPLS enabled.

Workaround:

1) Change the outbound interface configuration to IP.

2) Add a static route for the NFC using the non-recursive next hop.

CSCsv16911

Symptoms: I have created a few flow monitors, and I tried to add the flow monitors in one direction on which IPHC was configured and it gave a linecard failure message; when I tried the same procedure a second time, it was added.

Conditions: All the serial interfaces should be up and running.

Workaround: There is no workaround.

CSCsv18049

Symptoms: Presently we do not support processing multiple filter specs in the Resv Error message. We process only the first filter spec in the list. Not processing the other LSPs in the RESVError will lead to inconsistent states.

Conditions: This symptom is observed on a Cisco 12000 series Internet router that has a PRP-2 and that is running Cisco IOS Release 12.0(32)SY6.

Workaround: There is no workaround.

CSCsv23328

Symptoms: Default Q-limit is not getting doubled for low-speed interfaces.

1) Non-channelized SPA

2) For policy without queueing action on non-channelized SPA

Conditions: Default Q-limit for low-speed interfaces should be doubled as required.

This should be done only for low-speed interfaces. Rates that will get 64K queue-limit and above. I.e, starting from 32K, the queue-limits will not get doubled.

For example, 64K in will be trimmed to 32K from this release onward and likewise for further queue-limits. Also, it is taken care that the class rate ranges 2097152 - above will get max_queue_depth of 256K as they always got.

For more info, please also refer to DDTS CSCsu60240.

Workaround: Reload the SPA.

CSCsv25593

Symptoms: If the BFD session count exceeds the limits, an error message is printed within the debug flag.

Conditions: The linecard supports 100 sessions, and the chassis supports 200 sessions in Cisco IOS Release 12.0(33)s throttle only.

Workaround: If the BFD session count exceeds the limits, remove and add the BFD from the interface.

CSCsv26606

Symptoms: A 1xCHOC12 controller goes down, and all links flap.

Conditions: This symptom is observed when the show plim datapath details command is executed on the line card, which dumps a lot of information on the console.

Workaround: Avoid using the show plim datapath details command; instead, use the per-channel show plim datapath channel-id details command.

CSCsv27470

Symptoms: An Engine 3 CHOC12 fails to bring the T1 controller link down when the delay triggers path command is configured.

Conditions: Shutting down the remote end T1 controller or CHOC12 T1 controller receive AIS will not cause the T1 link to go to down state.

Workaround: Do not configure the delay triggers path command on the CHOC12 SONET controller.

CSCsv27607

Symptoms: BGP router filters outbound routes to the peers when doing soft reset with specifying peer address using the clear ip bgp ip-address soft out command. However, the routes to be filtered are not deleted from the routing table on the BGP peer router.

Conditions: The symptom happens when removing and then reapplying an outbound route-map. When issuing the clear ip bgp neighbor-address soft out command for each peer in an update-group after applying the outbound route-map filtering policy. The withdraw for filtered prefixes is sent to the first peer specified in soft reset, but the next peers in the same update-group do not withdraw the routes.

Workaround: Perform a hard BGP reset using the clear ip bgp ip-address command.

CSCsv38557

Symptoms: POS interfaces run into a tx stuck condition, and heavy packet drops occur in the local switching path. The VIP CPU runs high due to the Rx- Side Buffering mechanism that kick starts in the local switching path in the VIP.

Conditions: This symptom is observed on a Cisco 7500 node with a VIP that has the POS interfaces up and data traffic being locally switched between the POS interfaces. This symptoms is triggered when a service policy is applied/removed followed by interface flaps.

Workaround: "test rsp stall" cleans up the Rx-Side buffered packets. Hence this could be considered a workaround. However, this does not always help. Doing a soft OIR removal and insertion of the LC always helps recover from this situation. The best workaround is to apply a service policy.

CSCsv57665

Symptoms: A router is not learning MAC addresses when unknown multicast traffic (packet size greater than min_mtu for that VFI towards core) is sent.

Conditions: This symptom is observed when the MTU of the core-facing interface is changed to some value less than the default value and then is increased back to the default. The min_mtu is stuck on the lesser value.

Workaround: There is no workaround.

CSCsv66827

Symptoms: Clearing the SSH sessions from a VTY session may cause the router to crash.

Conditions: The symptom is observed when a Cisco 7300 series router is configured for SSH and then an SSH session is connected. If the SSH session is cleared every two seconds using a script, the symptom is observed.

Workaround: There is no workaround.

CSCsv73509

Symptoms: When "no aaa new-model" is configured, authentication happens through the local even when tacacs is configured. This happens for the exec users under vty configuration.

Conditions: Configure "no aaa new-model," configure login local under line vty 0 4, and configure login tacacs under line vty 0 4.

Workaround: There is no workaround.

CSCsv74508

Symptom: If a linecard is reset (either due to error or a command such as hw-module slot reload) at the precise time an SNMP query is trying to communicate with that LC, the RP could reset due to a CPU vector 400 error.

Conditions: In order to experience these symptoms the linecard is reset (either due to error or a command such as hw-module slot reload) at the precise time an SNMP query is received.

Workaround: There is no workaround.

CSCsv82120

Symptoms: A CHOC12 T1 continuously flaps when the T1 link that is connected to a third-party CE router flaps. With the Cisco router, the same issue is not observed.

Conditions: This symptom is observed under the following conditions:

Cisco IOS Release 12.0(32)S11n

CHOC12 T1 links with a third-party CE router

Workaround: Disable "yellow detection" on the CHOC12 T1 link. For example, serial interface 12/0.7/6:0:

controller sonet 12/0
 sts-1 7
 no t1 6 yellow detection
 ! Wait for the T1 to stabilize.
 t1 6 yellow detection

CSCsv84690

Symptoms: The source MAC address is not learned properly for the bridge domain associated with a VFI instance.

Conditions: Traffic is from CE2------PE1------CE1 (locally switched). Source MAC addresses of packets from CE2 are not learned correctly. NetFlow is enabled on the interfaces of the PE.

Workaround: Disable NetFlow on the main interface.

CSCsv94306

Symptoms: On a Cisco 12000 series Internet router E5/SPA POS interface, FRR reroute may take up to 700 msec.

Conditions: This symptom is observed when the far-end RX fiber of the POS link is removed.

Workaround: Configure the pos delay triggers command on the interface to reduce delay in FRR.

Further Problem Description: When the RX fiber is removed on the far-end of the POS interface, the far-end router is supposed to send LRDI to the Cisco 12000 series Internet router, and the LRDI will trigger the FRR reroute. The E5/SPA current implementation is that remote end SONET alarm does not trigger FRR in interrupt mode; it triggers FRR only in process context, which may take up to 700 msec to converge.

CSCsv96395

Symptoms: A SIP-400 and SIP-601 crash continuously after the image is loaded.

Conditions: After the 32SY 11_23-date-coded image is loaded, SIP crashes when channelized SPAs come up.

Workaround: There is no workaround.

CSCsw17389

Symptoms: A SPA_PLIM-3-HEARTBEAT failure and tracebacks are seen for channelized SPAs. All the traffic in the ingress direction is dropped.

Conditions: With traffic present, configure aggregate NF scheme on 4XT3/E3 SPA; channelized SPAs get stuck in the booting state. (SIP comes up fine to IOS RUN state.)

Workaround: Perform a microcode reload to make the SPAs come up.

CSCsw17390

Symptoms: A PVC flaps with the following error message:

ATM(ATM3/0/0.504): VC(17) Bad SAP received 00AD

Conditions: This symptom is observed on a Cisco 7600 with a FlexWAN and PAA3 when connected to a Cisco 12000 ATM interface and when the PVC is configured for bridging.

Workaround: There is no workaround.

CSCsw19951

Symptoms: A SUP720 may reset with the following:

RP: %C6K_PLATFORM-2-PEER_RESET: RP is being reset by the SP

SP or DFC: Address Error (load or instruction fetch) exception, CPU signal 10, PC = 0x40B0D738 -Traceback= XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX $0 : XXXXXXXX, AT : XXXXXXXX, v0 : XXXXXXXX, v1 : XXXXXXXX a0 : XXXXXXXX, a1 : XXXXXXXX, a2 : XXXXXXXX, a3 : XXXXXXXX t0 : XXXXXXXX, t1 : XXXXXXXX, t2 : XXXXXXXX, t3 : XXXXXXXX t4 : XXXXXXXX, t5 : XXXXXXXX, t6 : XXXXXXXX, t7 : XXXXXXXX s0 : XXXXXXXX, s1 : XXXXXXXX, s2 : XXXXXXXX, s3 : XXXXXXXX s4 : XXXXXXXX, s5 : XXXXXXXX, s6 : XXXXXXXX, s7 : XXXXXXXX t8 : XXXXXXXX, t9 : XXXXXXXX, k0 : XXXXXXXX, k1 : XXXXXXXX gp : XXXXXXXX, sp : XXXXXXXX, s8 : XXXXXXXX, ra : XXXXXXXX EPC : XXXXXXXX, ErrorEPC : XXXXXXXX, SREG : XXXXXXXX MDLO : XXXXXXXX, MDHI : XXXXXXXX, BadVaddr : XXXXXXXX DATA_START : 0xXXXXXXXX Cause XXXXXXXX (Code 0xX): Address Error (load or instruction fetch) exception

Conditions: This symptom is observed on a device that is configured with MPLS.

Workaround: There is no workaround.

CSCsw24700

Cisco IOS software contains two vulnerabilities within the Cisco IOS WebVPN or Cisco IOS SSLVPN feature (SSLVPN) that can be remotely exploited without authentication to cause a denial of service condition. Both vulnerabilities affect both Cisco IOS WebVPN and Cisco IOS SSLVPN features:

1. Crafted HTTPS packet will crash device - Cisco Bug ID CSCsk62253.

2. SSLVPN sessions cause a memory leak in the device - Cisco Bug ID CSCsw24700.

Cisco has released free software updates that address these vulnerabilities.

There are no workarounds that mitigate these vulnerabilities.

This advisory is posted at the following link:

http://www.cisco.com/warp/public/707/cisco-sa-20090325-webvpn.shtml

CSCsw30847

Symptoms: The standby router may crash.

Conditions: The symptom is observed when two IMA interfaces are configured on a Cisco 7500 series router along with HA RPR+ mode. When you try to unconfigure the ima-group from the first member of IMA interfaces, the crash will occur.

Workaround: There is no workaround.

CSCsw31009

Symptoms: CEF Scanner takes high CPU for sustained periods of time around 10 minutes.

Conditions: This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(32)S11n. It is seen under the following conditions:

When multiple eiBGP paths exist for a certain prefix and the eBGP path is recursive through the attached next-hop.

A large number of prefixes that have one iBGP path that is recursive through an IGP route that has one path, and one iBGP path that is recursive through an IGP route that has multiple paths.

A route modification for load-balanced prefix.

Workaround: Configure a static route.

CSCsw34455

Symptoms: After a reboot, GEs remain down/down on a SPA-10X1GE-V2.

Conditions: This symptom is observed on a Cisco 12000 series Internet router that is using a 12000-SIP-601 with a SPA-10X1GE-V2 and Cisco IOS Release 12.0 (32)SY6.

Workaround: Shut and unshut the port that is down/down.

CSCsw35638

Symptoms: When a Cisco router is the Merge Point (MP) for a protected TE tunnel, and FRR is triggered, two things happen:

The primary LSP goes down, and traffic is lost on the protected tunnel.

Any PLR that is downstream of the failure will lose its backup.

Conditions: When a competitor's router is a point of local repair (PLR) and a Cisco router is a merge point, then when FRR is triggered, the Cisco router drops the backup tunnel (in some cases immediately and in other cases after 3 minutes). This causes the primary tunnel that is protected by this backup to go down. The issue has been identified as related to the fact that session attribute flags (link/node protection desired) are being cleared by the competitor PLR when the Path is sent over the backup tunnel.

Workaround: There is no workaround.

CSCsw47346

Symptoms: A switchover cannot be performed on a Cisco 7500 router.

Conditions: This symptom is observed when test crash is issued on a VIP console.

Workaround: There is no workaround.

CSCsw47868

Symptoms: An IPv6 ping fails on an E3 Gigabit line card because of a PRECAM 1 Exception.

Conditions: This issue pertains to the dropping of IPv6 packets because of a precam exception on the egress side. It looked as if the profile for IPv6 was wrong when IPv4 QoS was already applied even on different subinterfaces on the same port.

Workaround:

1) Add/Remove an ACL.

2) Add/Remove the subinterface.

CSCsw51017

Symptoms: In the case of egress MVPN QoS, some packets are going to the wrong queue.

Conditions: This symptom is observed with an egress MVPN QoS configuration.

Workaround: There is no workaround.

CSCsw64956

Symptoms: The no ppp lcp fast-start command is added to all PPP-encapsulation interfaces.

Conditions: This symptom is observed after a router is upgraded from Cisco IOS Release 12.0(32)SY7 to the latest 32sy throttle image.

Workaround: There is no workaround.

CSCsw69322

Symptoms: Given the following topology:

PE1 (CT32/2/1) <------- > (CT34/0/1) CE1

Configuring t1 <1-28> loopback remote line feac at PE1 and then removing the loopback causes the serial interface at CE1 to start flapping continuously.

Conditions: All the interfaces should be up and running.

Workaround: There is no workaround.

CSCsw74258

Symptoms: An Engine 5 linecard crashes.

Conditions: This symptom is observed when MLPPP member links are swapped from one MLPPP bundle to another MLPPP bundle.

Workaround: There is no workaround.

CSCsw79733

Symptoms: RTP timestamp is getting corrupted with a sequence of RTP packets.

Conditions: Conditions are FH/cRTP/cUDP/cRTP. cUDP is sent if there is some change in RTP header like the Marker bit is set, the payload type changes, the CSRC list is there. This symptom is seen only with the IPHC compression format.

Workaround: Configure the IETF compression format.

CSCsw80606

Symptoms: A router crashes.

Conditions: This symptom is observed when the copy scp: disk0: command is issued to transfer the file to disk0: of the router.

Workaround: There is no workaround.

CSCsw82329

Symptoms: A SIP-601 crashes continuously. The line card (LC) stops crashing when the SPA-1XCHSTM1/OC3 SPA is shut. The LC does not stop crashing with any other exercise like LC OIR, SPA OIR, or router reload.

Conditions: This symptom was observed while the router was being brought up. The router was initially shut and was later powered up.

Workaround: Shut the SPA to cause the LC to stop crashing.

CSCsw90192

Symptoms: A CT3 controller on a CH OC3 SPA remains down after a SPA reload.

Conditions: SPA reload.

Workaround: Enable and disable the BITS feature to clear the issue.

CSCsw90592

Symptoms: Traffic does not flow for some VCs through the SR-APS interface.

Conditions: This symptom is observed after a LC reload and a router reload.

Workaround: Shut/no shut of SR-APS interface.

CSCsw93321

Symptoms: If the Flexible NetFlow feature is used on a Cisco 12000 series Internet router along with sampled NetFlow, packets are dropped through the router. The packet drop rate is equal to the configured sampler rate.

Conditions: This symptom has been reported on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(33)S1. The symptom is triggered only if both Flexible NetFlow and sampled NetFlow are used together on same interface.

Workaround: There is no workaround.

CSCsx08901

Symptoms: The following message is received from the standby RP:

SEC 8:Jan 13 23:11:09.991: SPA CHOCX ALARM MSG: spa_chocx_update_sonet_ctrlr_alarm_status : mib is NULL plugin = 0xA7357E4 line_id = 0 SEC 8:Jan 13 23:11:09.991: -Traceback= 20E8FC 929F50 929E1C 929D64 928B58 928A98 9335D8 4FAA38 4C09E0 362A84 35EED8 35EF30 2F92DC Jan 13 23:11:10.987 UTC: %SONET-4-ALARM: SONET 14/2/0: SLOS Jan 13 23:11:10.987 UTC: %CONTROLLER-5-UPDOWN: Controller SONET 14/2/0, changed state to down SEC 8:Jan 13 23:11:10.991: spa_chocx_update_sonet_ctrlr_alarm_status : mib is NULL plugin = 0xA7357E4 line_id = 0 SEC 8:Jan 13 23:11:10.991: -Traceback= 20E8FC 929F50 929E1C 929D64 928B58 928A98 9335D8 4FAA38 4C09E0 362A84 35EED8 35EF30 2F92DC

Conditions: This symptom is observed after the framing on the chstm1 SPA card is changed.

Workaround: There is no workaround.

CSCsx10140

Recent research (1) has shown that it is possible to cause BGP sessions to remotely reset by injecting invalid data, specifically AS_CONFED_SEQUENCE data, into the AS4_PATH attribute provided to store 4-byte ASN paths. Since AS4_PATH is an optional transitive attribute, the invalid data will be transited through many intermediate ASes which will not examine the content. For this bug to be triggered, an operator does not have to be actively using 4-byte AS support.

The root cause of this problem is the Cisco implementation of RFC 4893 (4-byte ASN support) - this RFC states that AS_CONFED_SEQUENCE data in the AS4_PATH attribute is invalid. However, it does not explicitly state what to do if such invalid data is received, so the Cisco implementation of this RFC sends a BGP NOTIFICATION message to the peer and the BGP session is terminated.

RFC 4893 is in the process of getting updated to avoid this problem, and the fix for this bug implements the proposed change. The proposed change is as follows:

"To prevent the possible propagation of confederation path segments outside of a confederation, the path segment types AS_CONFED_SEQUENCE and AS_CONFED_SET [RFC5065] are declared invalid for the AS4_PATH attribute. A NEW BGP speaker MUST NOT send these path segment types in the AS4_PATH attribute of an UPDATE message. A NEW BGP speaker that receives these path segment types in the AS4_PATH attribute of an UPDATE message MUST discard these path segments, adjust the relevant attribute fields accordingly, and continue processing the UPDATE message."

The only affected version of Cisco IOS software that supports RFC 4893 is Cisco IOS Release 12.0(32)S12, released in December 2008.

(1) For more information please visit:

http://www.merit.edu/mail.archives/nanog/msg14345.html

CSCsx23456

Symptoms: The standby reloads on a Cisco 7500 series router.

Conditions: The symptom is observed when IMA PA is configured on a Cisco 7500 series router and where RPR+ is configured. It is seen when an OIR is done on the VIP where IMA PA is sitting.

Workaround: There is no workaround.

CSCsx23559

Symptoms: With a nested policy map, when EF traffic is sent at police rate or above police rate, BFD flaps. The BFD timer is set to 999 ms*3, while the EF traffic average latency is only 50 to 70 microseconds.

Conditions: This symptom is observed when a nested policy is applied to ocpos3 and cht3 SPA with FR encapsulation.

Workaround: There is no workaround.

CSCsx25461

Symptoms: With a Cisco IOS Release 12.0(32)SY image, BGP I/O spikes CPU up to 9 percent because of a BGP neighbor flap with a single BGP neighbor. When multiple eBGP neighbors flap at the same time, the BGP I/O can sometimes spike up to approximately 20 percent.

Conditions:

bgp neighbor reset

Workaround: There is no workaround.

CSCsx29281

Symptoms: Packets get corrupted along the path. Extra padding is added to the packets, and the packets become unusable by the receiver application.

Conditions: Frame Relay VPWS between Cisco 12000 series Internet router's with small 25-byte non-IP packets.

Workaround: There is no workaround.

CSCsx31693

Symptoms: All L2VPN traffic is dropped for more than 1 minute around 20 to 30 seconds after another linecard is reinserted.

Conditions:

ToFab QoS is configured (rx-slot-cos commands).

L2VPN (both AToM and VPLS) traffic on E5 is affected.

Cisco IOS Release 12.0(32)SY7.

900 VCs are configured.

Workaround: Remove the rx-slot-cos part of the configuration.

CSCsx32416

Symptoms: A session may go down one or more times before stabilizing in the up state.

Conditions: This symptom is observed when a BFD session is first coming up and the network is suffering from congestion.

Workaround: There is no workaround.

CSCsx42179

Symptoms: In MPLS VPN each tunnel is associated with one or more virtual routing and forwarding (VRF) instances. A VRF defines the VPN membership of a customer site attached to a PE router. Traffic entering a network on a non-VRF interface may be incorrectly forwarded to a VRF.

Note: Traffic from a VRF to another private or a public network is not incorrectly routed.

Conditions: This issue is only experienced in Cisco 12000 Series Internet Routers running Cisco IOS Releases 12.0(32)S and 12.0(32)SY. Additionally, the affected device must have NetFlow enabled and configured with an Engine 3 Line Card (LC).

This issue is only experienced in very rare conditions where routing table fluctuations take place as the result of route flapping.

Workaround: Create a default IP route destined to null 0 in the global routing table, as demonstrated in the following example:

ip route 0.0.0.0 0.0.0.0 null 0

CSCsx46184

Symptoms: In case of E5 FRoMPLS, small-sized frames that are less than 34 bytes are getting corrupted because of the padding that is being added. Traffic is not getting dropped as the L2 header (DLCI) is intact; only the extra padding that gets added to the payload is being dropped.

Conditions: This symptom is observed when E5 is acting as edge for FRoMPLS.

Workaround: There is no workaround.

CSCsx55779

Symptoms: A SIP-601 is reset after local switching is configured. After the linecard comes up, traffic does not flow end to end on the local switching attachment circuit.

The issue is seen only when the Frame Relay frame size is less than 12 bytes (4 bytes FR header + 4 bytes FCS + 0-4 bytes payload) and when the NLPID value is 0x00 (that is, an invalid Frame Relay encapsulation). From RFC 2427:

An NLPID value of 0x00 is defined within ISO/IEC TR 9577 as the Null Network Layer or Inactive Set. Because it cannot be distinguished from a pad field, and because it has no significance within the context of this encapsulation scheme, an NLPID value of 0x00 is invalid under the Frame Relay encapsulation.

Conditions: Traffic should be enabled while doing local switching configurations.

Workaround: There is no easy workaround. Shut down the interface before the hw-module reload of the linecard.

CSCsx69785

Symptoms: 8-port OC48 E6 linecards crash when trying to bring up back-to-back connected or looped back (between two OC48 interfaces on the same E6 linecard) interfaces. This can also be seen when the optic cable/SFP is removed and inserted continuously between the back-to-back or loopback OC48 interfaces on the E6 linecard.

Conditions: On back-to-back connected or loopback (through two ports on the same linecard) connected E6 OC48 ports, performing a shut/no shut crashes the E6 linecards. Also, removing and inserting the optic cable/SFP repeatedly in the back-to-back or loopback connection (which is in the "no shut" state) between two OC48 ports on E6 cards crashes the E6 linecard.

Workaround: Configure clock source internal before configuring no shut.

CSCsx81775

Symptoms: An Engine 5 line card (SIP-x01) crashes when a QoS configuration is applied to a serial interface.

Conditions: This symptom is observed when applying a service policy to a serial interface with several classes with a Police + WRED configuration, with more than two of the following:

1. Class-default with WRED+Police action.

2. One or more classes matching on prec/dscp with WRED+Police action.

3. One or more classes matching on Access-group with WRED+Police action.

4. Any class with a "Match Any" condition with WRED+Police.

Workaround: There is no workaround. Such a policy is not supported.

CSCsx90461

Symptoms: A SIP 601 crashes in a PE router mvpn scenario.

Conditions: This symptom is observed while flapping core-facing or edge- facing interface.

Workaround: There is no workaround.

CSCsy03689

Symptoms: The IP address of one of the SDCC interfaces is not seen.

Conditions: This symptom is observed after the router is reloaded.

Workaround: There is no workaround.

CSCsy06379

Symptoms: In reloading the E5 with CT3, it resets three to four times, and also the core-facing E5 with 10x1GE crashes a couple of times before stabilizing.

Conditions: This symptom is observed in a scale testbed that is running an MVPN profile.

Workaround: Stop the traffic until the linecard comes up and then start the traffic.

CSCsy09839

Symptoms: QoS class of service queues are in an unallocated state on the standby RP of a router that is configured in SSO mode upon router reload.

Conditions: The following conditions should exist to hit this DDTS:

A Cisco 12000 series Internet router with E3 LC configured in SSO mode.

Scale number of output service policy configured on the interfaces of E3 LC.

Reload of router configured in SSO mode.

Workarounds:

1) Reload the E3 LC after the router configured in SSO mode has come up.

2) Remove and add the affected service policies on E3 LC.

CSCsy20021

Symptoms: Ping and traffic drops occur on LB local switching circuits.

Conditions: This symptom is observed when an RPR+ switchover is performed.

Workaround: There is no workaround.

CSCsy29345

Symptoms: An E3 1*CHOC12 LC_ENABLED is not sent to the standby RP in SSO mode.

Conditions: This symptom is observed when a router that is configured in SSO mode is reloaded.

Workaround: There is no workaround.

CSCsy33936

Symptoms: The CEF process is hogging the CPU because of many incomplete fibidbs, because CEF was disabled and re-enabled.

Conditions: This symptom is observed in a scale testbed when an RPR+ switchover is performed.

Workaround: There is no workaround.

CSCsy57746

Symptoms: The standby PRP2 crashes many times during a reload.

Conditions: The problem occurs only during the boot-up process. The router:

Should have two processors (in this case PRP2) that are running SSO as the redundancy mode.

Should be running Cisco IOS Release 12.0(32)SY6e.

Should have a high scale (so a large configuration).

Should have many MLPPP interfaces.

Workaround: There is no workaround.

Further Problem Description: The standby processor crashes many times during boot-up when the router has a high scale (a large configuration) and many MLPPP interfaces.

The problem happens on a Cisco 12000 series Internet router with two PRP2s that are working in SSO mode and that are running Cisco IOS Release 12.0(32) SY6e.

After the reload, exactly when MLPPP is coming up (establishing), the Cisco 12000 series Internet router suffers high CPU utilization and it loses communication with the standby router for some seconds. When the timeout occurs (when the time expires), the router requests the standby PRP to reset.

CSCsy66775

Symptoms: PPLB drops some packets upon loadsharing with an odd number of links.

Conditions: This symptom is observed when there is an odd number of interfaces for load balancing.

Workaround: There is no workaround.

CSCsy81103

Symptoms: An E5 crashes when the show contr rewrite command is executed.

Conditions: This symptom is observed on a Cisco 12000 series Internet router that is configured with LB.

Workaround: There is no workaround.

CSCsy98079

Symptoms: Although AToM VCs are up, pings are not working between CE routers, and tracebacks are also observed.

Conditions: When L2TPv3 is used with AToM, connectivity breaks between CE routers.

Workaround: There is no workaround.

CSCsz01358

Symptom: A linecard crashes continuously when a microcode reload is performed.

Conditions: The interfaces of the crashing linecard are part of port-channel, and traffic is flowing via that linecard.

Workaround: There is no workaround.

Resolved Caveats—Cisco IOS Release 12.0(33)S2

All the caveats listed in this section are resolved in Cisco IOS Release 12.0(33)S2. This section describes only severity 1, severity 2, and select severity 3 caveats.

CSCeb54456

Symptoms: A Data-link switching plus (DLSw+) circuit may not function when a TCP connection gets stuck. After about 90 seconds, the TCP connection is closed by DLSw+, and a new TCP connection is built for DLSw+. Once the new TCP connection is up, the DLSw+ circuit starts functioning again.

Conditions: This symptom is observed on a Cisco router that is configured with both a DLSw+ interface and an ATM interface.

Possible Workaround: If this is an option, remove the ATM interface from the router. When you configure the DLSw+ interface and the ATM interface on different routers, the symptom does not occur.

CSCek79311

Symptoms: Under stress conditions, an L2TP multihop node may crash.

Conditions: This symptom is observed when a session is being disconnected.

Workaround: There is no workaround.

CSCse05292

Symptoms: A static map configuration for an ATM PVC that uses the protocol ip ip-address command is rejected, giving an ambiguous command error.

Conditions: This symptom is observed when you configure a static map on an ATM PVC using the protocol ip ip- address command.

Workaround: Explicitly configure the [broadcast | no broadcast] option:

Router(config-if-atm-vc)# protocol ip 10.10.100.2 broadcast 
Router(config-if-atm-vc)# protocol ip 10.10.100.2 ? 
broadcast Pseudo-broadcast 
no Prevent Pseudo-broadcast on this connection 
<cr>
Router(config-if-atm-vc)# protocol ip 10.10.100.2 no broadcast 
Router(config-if-atm-vc)# 
 
   

CSCsi68795

Symptoms: A PE that is part of a confederation and that has received a VPNv4 prefix from an internal and an external confederation peer, may assign a local label to the prefix despite the fact that the prefix is not local to this PE and that the PE is not changing the BGP next-hop.

Conditions: The symptoms are observed when receiving the prefix via two paths from confederation peers.

Workaround: There is no workaround.

Further Problem Description: Whether or not the PE will chose to allocate a local label depends on the order that the multiple paths for this VPNv4 prefix are learned. The immediate impact is that the local label allocated takes up memory in the router as the router will populate the LFIB with the labels.

CSCsi77983

Symptoms: The NetFlow cache runs out of space for new flow entry when customer uses heavy traffic.

Conditions: Large amount of traffic, which could exhaust the NetFlow cache.

Workaround: There is no workaround.

CSCsj30417

Symptoms: In Eng3 ATM, when a subinterface flaps, traffic to certain destinations is forwarded to the wrong subinterface.

Conditions: This symptom is observed in Cisco IOS Release 12.0(32)S05 and 12.0(32)S06. The symptom is not found in Cisco IOS Release 12.0(31)S2.

Workaround: There is no workaround; however, reloading the line card solves the problem.

CSCsj36133

Symptoms: A BGP neighbor may send a notification reporting that it received an invalid BGP message with a length of 4097 or 4098 bytes.

Conditions: The problem can be seen for pure IPv4 BGP sessions (no MP-BGP in use) when the router that is running the affected software generates a large number of withdraws in a short time period and fills an entire BGP update message (up to 4096 bytes normally) completely with withdraws. Because of a counting error, the router that is running the affected software can generate an update message that is 1 or 2 bytes too large when formatting withdraws close to the 4096 size boundary.

Workaround: The issue is not seen when multiple address families are being exchanged between BGP neighbors.

CSCsj49293

Symptoms: The interface output rate (214 Mb/s) is greater than the interface line rate (155 Mb/s).

Conditions: This symptom is observed with a Cisco 7600/7500/7200-NPE400 and below. That is, PA-POS-2OC3/1OC3 (PULL mode).

Workaround: There is no workaround.

Further Problem Description: From the Ixia, packets are transmitted at 320 Mb/s. On the UUT (Cisco 7600), the outgoing interface (POS-Enhanced Flexwan) shows the output rate as 200 Mb/s. But the interface bandwidth is 155 Mb/s.

CSCsk68742

Symptoms: The show ip mds stats linecard command shows MDFS reloads on all line cards.

Conditions: This symptom is observed when multicast distributed routing is added on a VRF through the configuration of the ip multicast-routing vrf vpn distributed command.

Further Problem Description: Note that while the MDFS reload is a real reload, it is without a preceding clear, so it will not generally cause traffic interruption because it merely causes the same information to be downloaded to the line cards again. However, in a highly scaled system that is running close to the limit, the additional load introduced by a full MDFS reload of every line card may cause additional failures owing to maxing out of the CPUs.

CSCsk69194

Symptoms: The shape average percent calculation is wrong.

Conditions: This symptom is observed on a Cisco 7500 router that is configured for dLFIoLL. The policy is attached to ATM and multilink interfaces.

Workaround: Use only absolute values in the shape policy.

CSCsk89546

Symptoms: OSPF routes are not populated in the Routing Information Base (RIB) with the next hop as traffic engineering (TE) tunnels.

Conditions: Occurs when multiple TE tunnels are configured and the tunnels come up or are shut/no shut simultaneously.

Workaround: Shut/no shut tunnels one at a time.

CSCsl05174

Symptoms:

Issue 1: A non-deleted PPP configuration inside the interface reappears when the interface is created again.

Issue 2: Some multilink configuration is not being synced to the standby (hold-queue).

Conditions: This symptom is observed when running RPR+.

Workaround: Reapply the original configuration.

Further Problem Description: Deletion of a multilink interface and subsequent creation using the same name may cause portions of the original configuration to return even if not explicitly configured. The hold-queue command is not being synchronized to the standby RP.

CSCsl51616

Symptoms: The v6-vrf-lite configuration does not synch properly with the standby; hence 100 percent of the traffic is lost after an SSO switchover.

Conditions: The conditions under which this symptom is observed are unknown.

Workaround: There is no workaround.

CSCsl61164

Symptoms: Router may crash @ipflow_fill_data_in_flowset when changing flow version.

Conditions: Occurs when NetFlow is running with data export occurring while manually changing the flow-export version configuration from version 9 to version 5 and back to version 9 again.

Workaround: Do not change the NetFlow flow version while the router is exporting data and routing traffic.

CSCsl68227

Symptoms: An E3 linecard may drop packets larger than a certain size because of a buffer carving problem when the mtu command is used for multilink interfaces.

Conditions: This symptom is observed with images based on Cisco IOS Release 12.0(32)S10.

Workaround: Changing the MTU or reloading the linecard may clear the problem.

CSCsl83415

Symptoms: After executing the following CLI commands (steps mentioned alphabetically) via a script (not reproducible manually), the router sometimes crashes:

Test10:

a. clear ip bgp 10.0.101.46 ipv4 multicast out

b. clear ip bgp 10.0.101.47 ipv4 multicast out

Test 1:

c. show ip bgp ipv4 multicast nei 10.0.101.2

d. show ip bgp ipv4 multicast [<prefix>]

e. config terminal

The crash does not happen for each of the following cases:

1. If the same CLI is cut and paste manually, there is no crash.

2. If the clear cli command is not executed, there is no crash.

3. If the config terminal command is not entered, there is no crash.

Conditions: The symptom occurs after executing the above CLI.

Workaround: There is no workaround.

CSCsm80425

Symptoms: A Cisco 7200 device crashes when a policy map is applied.

Conditions: This symptom is observed when the service policy map is applied on the channelized E3 interface of a Cisco 7200 VXR router and traffic is pumped.

Workaround: Remove the service policy map.

CSCsm96785

Symptoms: You may observe a problem which the OSPF neighbor is down after switch-over in spite of using OSPF Non-Stop Forwarding (NSF).

Conditions: This occurs with the following conditions:

"nsf cisco" is only affected. If "nsf ietf", this problem does not occur.

You may observe this problem if the OSPF interface is "point-to-multipoint non-broadcast" or "point-to-multipoint". If the interface is "broadcast", this problem does not occur.

When this problem occurs after switch-over, DBD packet may not be exchanged between two neighbors. And the neighbor is down in spite of NSF.

Workaround: Change the OSPF config to "nsf ietf" and change the OSPF interface to "broadcast".

CSCsm96842

Symptoms: The command hold-queue length in cannot be configured for port-channel interface.

Conditions: The symptom is observed with a Cisco 7600 series router after upgrading to Cisco IOS Release 12.2(33)SRC.

Workaround: There is no workaround.

Further Problem Description: Queueing is not supported for port-channel with a Cisco 7600 series router. The hold-queue is a legacy queueing command and is not supported.

CSCso15740

Symptoms: The "set metric" clause in the continue route-map sequence is not setting metric correctly in some particular conditions. This is also applicable in case where the nexthop setting is done via route-map with a continue clause.

Conditions: The symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(32)SY4. This is platform independent. This symptom occurs if the route-map has a continue clause and the match condition does not allow the continue clause to be executed. The following route-map sequence which has to be executed will not execute properly if the metric or nexthop of the prefix are to be modified via the route-map.

Workaround: Avoid using "continue" in a route-map and modifying metric or nexthop via the following route-map sequence.

CSCso32397

Symptoms: An unexpected reboot occurs because of a software-forced crash.

Conditions: This symptom is observed when changes are made in the policy map.

Workaround: There is no workaround.

CSCso41824

Symptoms: A router crashes with an unexpected exception to CPUvector 300.

Conditions: This symptom is observed when you configure MPLS trunks on an 4xT3E3 SPA with FR IETF encapsulation.

Workaround: There is no workaround.

CSCso46427

Symptoms: A device may crash when the show clns interface command is issued on the wrong interface.

Conditions: The symptom is observed when there are a number (around 100 or more) CLNS interfaces on the device.

Workaround: There is no workaround.

CSCso51637

Symptoms: Router crashes.

Conditions: Router may crash in some cases after removing interface Auto-template and unconfiguring auto-mesh with large number of active mesh auto-tunnels. Currently, this crash has only been observed occasionally with internal scale test scripts and has not occurred with manual configuration.

Workaround: Wait until all auto-tunnels are down after unconfiguring auto-tunnel mesh globally, and before removing interface Auto-template

CSCso54167

Symptoms: BGP peers are stuck with table versions of 0. BGP peers do not announce any routes to neighbors.

Conditions: Whenever the interfaces flap with online insertion and removal (OIR) multiple times, all of the BGP peers using such interfaces for peering connections encounter this issue.

Workaround: Delete and reconfigure the neighbor.

CSCso64050

Symptoms: Policy-map outputs are not seen in standby router. The policy is attached to the VC in the standby, but no output is seen.

Conditions: The symptom is observed when an ATM PVC is created and a service policy is attached to the PVC.

Workaround: There is no workaround.

CSCso65266

Symptoms: A customer upgraded to Cisco IOS Release 12.0(32)Sy4, and now the customer is seeing a memory leak in the BGP process. The memory leak is happening with the BGP router process at the rcache chunk memory when the route map has a "continue" clause in the configuration.

Conditions: The leak is seen when a "continue" statement is configured in an outbound route map.

Workaround: There is no workaround.

CSCso65289

Symptoms: High CPU utilization is seen on a Cisco 12000 series Internet router caused by the "IPC Seat Manager" process.

Conditions: This symptom may be observed when the router is enabled with multicast distributed routing and has high scaled multicast configurations.

Workaround: There is no workaround.

CSCso72996

Symptoms: A SIP601 sometimes crashes or gets an alignment error.

SLOT 4:Mar 17 17:59:03.877 UTC: %ALIGN-3-SPURIOUS: Spurious memory access made at 0x408C1E14 reading 0xF SLOT 4:Mar 17 17:59:03.877 UTC: %ALIGN-3- TRACE: -Traceback= 408C1E14 408C03D4 00000000 00000000 00000000 00000000 00000000 00000000

Conditions: The conditions under which this symptom occurs are unknown.

Workaround: There is no workaround.

CSCso74028

Symptoms: The local PE is sending graft messages even after receiving data from the remote PE on an MVPN network.

Conditions: This symptom is observed when the graft-ack messages are lost in transit (could be due to misconfiguration/ACL, etc.).

Workaround: Fix the misconfiguration so that graft-ack messages are forwarded as expected.

CSCso82178

Symptoms: Configuring a PBR at the E5 GE subinterface may cause buffer depletion. The buffer cannot be released except by reloading the linecard.

Conditions: This symptom is observed when a PBR is configured at the subinterface.

Workaround: There is no workaround.

CSCso87348

Symptoms: A Catalyst 6500 or a Cisco 7600 may reload unexpectedly.

Conditions: Occurs when NetFlow is configured on one of the following:

Cisco 7600 that is running Cisco IOS Release 12.2(33)SRC.

Catalyst 6500 that is running Cisco IOS Release 12.2SXH.

Workaround: Disable NetFlow. This is done with the following commands:

no ip flow ingress
no ip flow egress
no ip route-cache flow

Enter the appropriate command for each subinterface for which NetFlow is currently configured.

CSCso88575

Symptoms: MFR bundles associated with E5 channelized based SPAs will stop forwarding traffic, an mismatch of the connection identifier (CI) of the channelized SPA is seen on CI value in the shim header of the l2 rewrite.

Conditions: This problem will occur for l2vpns only on E5 channelized based SPAs.

Workaround: Enter into interface configuration mode.

Alternate Workaround: Remove and re-add the xconnect.

CSCso89427

Symptoms: When a router reloads, the line protocol on serial interfaces will go down.

Conditions: This symptom is observed when bringing up the SPA-1XCHSTM1/OC3 or SPA-2XCT3/DS0 with a scaled configuration that has serial interfaces on all the T1s.

Workaround: There is no workaround.

CSCso89794

Symptoms: Spurious accesses are seen when SNMP queries are performed on the router.

Conditions: This symptom occurs if SNMP queries like "snmpwalk -v2c 7.42.19.43 public .1.3.6.1.4.1.9.3.6.13.1" are performed on the router. Spurious accesses are seen.

Workaround: There is no workaround.

CSCso92635

Symptoms: The line card on a Cisco 10720 resets when an IP phone is connected. The "%TOASTER-2-FAULT: T1 Exception summary:" message appears.

Conditions: The line card to which the Cisco Call Manager is connected to a Cisco 10720 crashes when an IP phone is connected to the network.

Workaround: The recommended approach is to upgrade the Cisco IOS software.

CSCso93957

Symptoms: New T1s cannot be provisioned on a CT3 SPA.

Conditions: When a customer tries to create a new T1 on one of the controllers of a CT3-SPA that is inserted into a SIP-401, the following errors are displayed:

Router(config-controller)# t1 15 channel-group 7 timeslots 1-24  
%Failed to configure channel group  
Router(config-controller)#  
Apr 24 22:51:05.283 UTC: %GRPSPA-3-VC_PROV_ERROR: Provision T1 15 channel group 7 of 
T3 4/0/1 unsuccessful (error code 44) -Traceback= 20A640 20A748 954AA4 94DB80 94DC90 
9582D0 4FF4E0 5006FC 240B7C 2563B0 13D7410 13C6F3C 2F517C SLOT 4:Apr 24 22:51:05.271 
UTC: %SPA_CHOC_DSX-3-SPA_SW_ERR: SPA on Subslot 0: HDLC controller device driver 
failure: Failed to start operation Software error was encountered.
-Traceback= 40031128 408B4020 408BCE40 408BD374 408BF114 408C004C 408C0ED8 408D24E0 
408D25F8
 
   

Workaround: There is no workaround.

CSCso93959

Symptoms: Newer SDRAM devices on the 2- and 4-port OC48 POS/RPR SPA require an additional initialization sequence as recommended by the vendor. Without this new initialization sequence, packets that go through the transit buffer in RPR/SRP mode or in subscription mode may get corrupted, or packet loss may occur.

Conditions: Card initialization after inserting the SPA or removing an unpowered shutdown.

Workaround: Perform an OIR on the SPA.

Customers are advised to upgrade to the newer image with this new initialization sequence. Newer software will be backward compatible with older SPA boards.

CSCsq02826

Symptoms: The MDFS state of the line card stays in a "disabled" state, which may lead to multicast traffic being punted to the RP.

Conditions: This symptom may be observed with the following sequence of operation:

1. The router is booted without configuring the ip multicast-routing distributed command.

2. The ip multicast-routing distributed command is configured.

The issue will not be seen if the ip multicast-routing distributed command is present in the startup configuration when the router is reloaded.

Workaround: Enter the clear ip mds linecard slot- number command.

CSCsq02883

Symptoms: A device crashes with ACL configurations.

Conditions: The RP will crash when the device is running low on memory or in a highly fragmented situation if an ACL/ACE is added/deleted.

Workaround: There is no workaround.

CSCsq08131

Symptoms: Ping packets of 8180 or larger cause sourcing POS linecard/SIP to reload and remain in a boot state waiting for IPC connection.

Conditions: This symptom is observed with ping packets that are sourced from PRP2 with part number 800-27058-03.

Workaround: Reload the router.

Further Problem Description: This symptom is observed only on PRP2 with part number 800-27058-03.

CSCsq09917

Symptoms: A crash occurs when BGP graceful restart is configured.

Conditions: In the following configuration:

ip vrf vfifteen
 rd 15:15
 import ipv4 unicast map rfifteen
 route-target export 150:15
 route-target import 150:15

Delete the RD, and then the unicast map, and then the VRF.

Workaround: There is no feasible workaround. Try to avoid doing such an operation as explained above.

CSCsq15994

Symptoms: Low CPS may be observed.

Conditions: The symptoms are seen with PPPoA and PPPoE sessions.

Workaround: There is no workaround.

CSCsq18916

Symptoms: A copy tftp operation failed with a Socket error when the FPD of an SPA was updated or when the SPA was reloaded, OIRed.

Conditions: This symptom is related to the number of (nnets) non-virtual interfaces on the box. Depending on that, a number of SPA reloads must be done.

Workaround:

1. Reload the SPA or the router.

2. Configure one loopback interface.

CSCsq27365

Symptoms: A router can crash at l2tp_process_control_packet_cleanup.

Conditions: Conditions are unknown at this time.

Workaround: There is no workaround.

CSCsq28627

Symptoms: CPU hogs are seen in a 1-port E3 channelized OC48.

Conditions: This symptom is observed when any of the following is done:

controller shut/no shut

mic reload <slot>

hw-mod slot <xx> shut/no shut

hw-module slot <xx> reload

Workaround: There is no workaround.

CSCsq42001

Symptoms: The following error messages appear:

SLOT 5:*May 9 21:43:48.547: %LC_SPA_DMLP-1-SPAHWBUNDLEERROR: Could not perform required operation in SPA H/w for bundle Multilink2 in bflc_cx3_dmlp_frag_on_off SLOT 5:*May 9 21:44:10.727: %SPA_CHOC_DSX-3-ERROR: Multilink2 (cmd 203) Serial5/0/1/8:0: response parsing failed. chnl 36, bid 1 -Traceback= 40031008 408924C0 4072B1BC 40899F64 4033DB90 4033E190 4033E5C0 4033E930 4033F448 4033F600 4015B53C 4015C020 SLOT 5:*May 9 21:44:10.735: %LC_SPA_DMLP-3-CFG_FAIL: bundle Multilink2 (id 1): bay 0 err 7 (del rx link)

Conditions: When we remove/add/remove all members from all the configured MLP bundles once or several times, these tracebacks are seen.

Workaround: There is no workaround.

Further Problem Description: spabrg EFC mapping goes to a mismatch state, and the following is seen:

SLOT 5:*May 9 21:59:26.771: %SPA_CHOC_DSX-3-HDLC_CTRL_ERR: SPA 5/0: 20 TX Chnl Queue Overflow events on HDLC Controller were encountered.

CSCsq42803

Symptoms: The hw-module slot x qos account layer2 encapsulation command does not take effect for an AToM connection.

Conditions: This symptom is observed when xconnect is configured under a VLAN.

Workaround: There is no workaround.

CSCsq44052

Symptoms: When configuring "is-type level-1" under "router isis", the following error message may be received:

% Ambiguous command: "is-type level-1"

Conditions: The symptom is observed when configuring "is-type level-1" under "router isis".

Workaround: There is no workaround.

CSCsq44598

Symptoms: A PA-POS-2OC3 experiences an output stuck condition.

Conditions: This issue is sporadic in nature and is sometimes seen with QoS configurations although QoS is not the cause of the issue. The issue is due to an extra interrupt, which is confusing the driver if it expires before the FIFO reaches the low point. For example, if the FIFO goes full but is filled with large packets, then it is possible that the no traffic timer will expire before the tx packets have emptied. It is a communication issue between the hardware and the driver code.

Workaround: There is no workaround.

CSCsq45502

Symptom: Serials that are part of MLPPP/MFR remain in a down state.

Conditions: This symptom is observed when T1 controllers remain down.

Workaround: There is no workaround.

CSCsq49823

Symptoms: MDFS may get disabled in a scaled mVPN environment that has many global mroutes. Once disabled, it may keep on changing between the "active" and "disabled" states. Linecard CPU utilization may also go high.

Conditions: This symptom is observed with a Cisco IOS Release 12.0(32)S10 image.

Workaround: There is no workaround.

CSCsq52048

Symptoms: Router crashed while running the show vpdn tunnel all command.

Conditions: When there are thousands of L2TP tunnels coming up, going down, running the show vpdn tunnel all command may result in a crash.

Workaround: There is no workaround.

CSCsq55258

Symptoms: After a router reloads, sometimes the configuration for the gigE and POS OC12 SPA is lost from the running configuration.

Conditions: This symptom is observed when the router is reloaded.

Workaround: There is no workaround.

CSCsq58341

Symptoms: If both L2 and L3 services co-exist on the same interface, you can no longer configure urpf on the L3 subinterface after the fix for CSCsl09772. After the router reloads, the urpf command will be erased from the L3 subinterface. You have to use the workaround to reapply the urpf command.

Conditions: This symptom is observed when both L2 and L3 services are configured on the same interface.

Workaround: Do the following:

1. Remove the L2 connection.

2. Add urpf on the L3 subinterface.

3. Re-add the L2 connection.

CSCsq62703

Symptoms: Intermediate System-to-Intermediate System (IS-IS) tries to access invalid memory address and may cause router to stop working.

Conditions: Occurs when a switch over happens and standby router becomes active.

Workaround: There is no workaround.

CSCsq62803

Symptoms: CPU Hog and related tracebacks are seen from the E3 Gig linecard.

Conditions: Attach a scaled policy/LC reload/router reload.

Workaround: There is no workaround.

CSCsq67266

Symptoms: The pos delay triggers line command is configurable at the interface level of E3 channelized POS interfaces.

Conditions: This symptom is observed on a Cisco 12416 Internet series router that is booted with the Cisco IOS Release 12.0(32)S nightly build of 05/19/08. The router contains an E3 CHOC48 linecard.

Workaround: There is no workaround.

CSCsq68156

Symptoms: FRF12 packets are dropped by a PE router.

Conditions: This symptom is observed on a Cisco 12000 series Internet router that has a SPA-1XCHSTM1/OC3, SPA-2XCT3/DS0, or SPA-8XCHT1/E1.

Workaround: There is no workaround.

CSCsq71212

Symptoms: EFC clock interrupts are causing a line card to crash.

Conditions: The conditions under which this symptom occurs are unknown.

Workaround: There is no workaround.

CSCsq77603

Symptoms: The RP crashes.

Conditions: With a map-class that has an egress policy with iphc action, dlci removal is done.

Workaround: Ensure that the map-class is removed and then dlci removal is done.

CSCsq80773

Symptoms: Slow-path multicast fragmentation is not happening correctly. One of the output interfaces is not receiving the packets in case of MVPN traffic.

Conditions: This symptom is observed with MVPN traffic with fragmentation on one of the interfaces on E5.

Workaround: There is no workaround.

CSCsq83540

Symptoms: A Cisco 12000 works as a PE, and an Eng5 SIP line card is used to face the CE. In the VRF, the default route 0.0.0.0 is learned from the remote PE. When the problem occurs, all traffic from the CE that is forwarded via the VRF default route is dropped.

Conditions: This symptom is observed on a Cisco 12000 Eng5 SIP line card that is running Cisco IOS Release 12.0(32)SY04, 12.0(32)SY05, or 12.0(32)SY06. When VRFs are created and deleted, new VRFs that are created will have a problem if they are allocated with a table ID allocated for older deleted VRFs.

Workaround:

1. Reload the ingress Eng5 line card that is facing the CE.

or

2. If the customer does not want to reload the line card, a second workaround can be attempted, but it is not a reliable workaround and may not always be successful. Create a new VRF without removing any VRFs, which gets a new table ID, and apply the VRF configuration completely wherever the old VRF configuration is applied.

Further Problem Description: This problem cannot be cleared by using the clear cef linecard x or clear ip route vrf xxx 0.0.0.0 commands.

CSCsq91217

Symptoms: A heartbeat failure causes SPAs to go out of service.

Conditions: This symptom can be observed under the following conditions:

1. Provision/unprovision the MFR with QoS attached to its subinterfaces with traffic.

2. Add/remove of QoS policy tried on MFR subinterfaces with queues having packets.

3. Link is swapped from MLPPP to MLFR.

Workaround: Reload the line card.

CSCsq93004

Symptoms: Removal of a subinterface may cause memory corruption or a crash. The symptoms are unpredictable.

Conditions: The symptoms are rare and will only be observed if a sub- interface is configured for mpls traffic-eng auto-tunnel primary use, and the sub-interface is later removed from the configuration.

Workaround: Do not remove sub-interfaces.

CSCsq96425

Symptoms: MVPN inner packet with IP option causes depletion of FrFab buffers of Cisco 12000-SIP-401.

Conditions: This symptom occurs on Cisco 12000 routers that are running the c12kprp-k4p-mz.120-32.SY2g image and with Cisco 12000-SIP-401. This is triggered by multicast traffic.

Workaround: Only a reload of the card solves the problem.

CSCsr08476

Symptoms: Trying to remove the MFR bundle crashes the router.

Conditions: After OIR, remove the VIP (those VIP interfaces are members of MFR bundle). Try to remove the MFR bundle.

Workaround: There is no workaround.

Further Problem Description: The MFR bundle has one Channelized PA interface as a member. OIR remove that PA seated VIP and next try to remove the bundle using the no int MFR command. The router crashes.

CSCsr09376

Symptoms: After a router reloads, the SPAs on a SIP601 may take twice as long to come up in OK mode. When this occurs, you also experience the problem that is documented in CSCsq55258.

Conditions: This symptom is observed after a router reloads.

Workaround: There is no workaround.

CSCsr11332

Symptoms: In rare situations, the show controller SONET port command might crash the RP.

Conditions: This symptom has been observed on a 4CHOC12/DS3-I-SCB= line card, but it can be seen on other similar channelized line cards. It may be reproducible by executing the show controller SONET port command on a nonexistent port like sonet 3/4 (that is, only sonet 0/0, 0/1, 0/2, and 0/3 are valid on a 4CHOC line card). When the problem can be seen, the CLI help indicates an incorrect unit number:

Router# show controller sonet 12/? 
<0-48> Controller unit number
 
   

If the controller unit number is shown fine (for example, <0-3>), then the crash will not occur.

Workaround: There is no workaround.

CSCsr13314

Symptoms: The pos delay triggers line command is configurable on APS-enabled interfaces of E3 clear channel POS line cards. After the commit of CSCsq45452, the pos delay triggers path command is not configurable on APS-enabled interfaces of E3 channelized POS line cards.

Conditions: This symptom is observed on a Cisco 12000 series Internet router that is booted with Cisco IOS Release 12.0(32)S. The router contains ISE OC48 POS and ISE CHOC48 POS line cards.

Workaround: There is no workaround.

CSCsr13521

Symptoms: Memory chunk allocated for LDP-IGP Sync may leak.

Conditions: The symptom is observed on a router with a dual link to its neighbor. LDP and LDP Graceful Restart are enabled on both routers. When LDP is disabled and re-enabled globally on the neighbor router, a small memory leak occurs on this router.

To verify the memory leak, on Router 1, enable memory leak debug with the set memory debug incremental starting-time command. On Router 2, disable LDP globally with the no mpls ip. Wait for LDP session go down, then re-enable LDP. On Router 1, the memory chunk leak for LDP should be seen with the sh mem debug leaks chunks command.

Workaround: There is no workaround.

CSCsr18851

Symptoms: When the router reloads, it loses the previously configured wavelength configuration and puts the controller at its default wavelength (channel 3), which is an undesirable behavior.

Conditions: This symptom is observed with Cisco IOS Release 12.0(33)S01 and an SPA-1X10GE-L-ITUC when a specific wavelength in the controller is configured (for example, wavelength itu-channel 41), the write memory command is issued, and then the router is reloaded.

Workaround: There is no workaround.

CSCsr20377

Due to an eng3 HW limitation, there is more overhead added to like to like ethernet PW or ethernet interworking PW if "hw-module slot <> qos account layer2 encapsulation length <>" is configured. without the fix of CSCsq42803, the overhead impact is less. Request a return to the behavior of 12.0(32)SY back to pre-CSCsq42803.

CSCsr22043

Symptoms: A controller goes into an admin down state.

Conditions: This symptom is observed when an STS path under the SONET controller is shut down.

Workaround: Perform a no shutdown on the controller.

CSCsr27734

Symptoms: The standby router crashes.

Conditions: This symptom is observed when a service-policy map is removed from a VC.

Workaround: There is no workaround.

CSCsr27794

Symptoms: BGP does not generate updates for certain peers.

Conditions: BGP peers show a neighbor version of 0 and their update groups as converged. Out queues for BGP peers are not getting flushed if they have connection resets.

Workaround: There is no workaround other than entering the clear ip bgp * command.

CSCsr42364

Symptoms: All line cards may crash after a switchover in Route Processor Redundancy Plus mode.

Conditions: This issue is observed on Cisco 12000 series Internet routers with PRP2 processors. This issue usually requires multiple line-card reloads prior to the switchover. It is seen under conditions of high line-card utilization.

Workaround: There is no workaround.

CSCsr47477

Symptoms: After a router reloads, sometimes there may be mbus message gets timed out on the SIP601 located in the lower cage of a Cisco 12816.

Conditions: This symptom is observed after a router reloads.

Workaround: There is no workaround.

CSCsr47795

Symptoms: After flapping the interfaces, the FIB converges and points to the correct outgoing interface, while the FIB in hardware points to another interface.

The trigger is when the interface is flapping because the default route is updated. The BGP session is always stable and never goes down.

Topology:

End customer ------(eng3)slot4 c12k_Lab_router-42 slot5 and slot6(Eng5) ------ router_B ------ Internet

The Lab-router-42 router receives a default route from the router_B neighbor.

Snapshots from the Eng3 line card on slot4:

Lab-router-42# exec slot 4 show ip hardware-cef 10.1.1.1 detail 
 
   
========= Line Card (Slot 4) =========
Root: 0x240CE000 Location: 0x240CE404 Data: 0x81819380 Offset: 0x93D96404 Leaf 
pointer: 0x300C9C00
Leaf FCR 2 Addr 0x300C9C00 : 0xE0000100 0x0285C008 found 2 deep SRAM Loadbalance addr 
0x28170020 default alpha ip loadbalance: 0x28170020 (0 paths, hw maxpath 0) Hash 1: 
alpha adjacency: 0x2001FA60 (cef adj NULL or alpha_default_lb) [0] oi 0x200006 oq 4080 
in A ab 50 hl 20 gp 19 tl 4 loq 9800 6/0/0 mtu 1520 Output interface is 
GigabitEthernet6/0/0 <== Here ^^^^^^ Here
1 tag: 23 current counters 95059, 5157246 last reported 93252, 5059668
Output Queue / Local Output Queue Bundle: [0-7] output queue 0x4080 local output queue 
0x9800 PLU leaf data: 0xE0000100 0x0285C008 0xA1020304 0xA5080000 Mask bits: 1 Origin 
AS: 0 Source lookup drop: yes QOS group: 0 Traffic index: 0 Precedence not set Default 
Route: yes PBR enabled: no
 
   

While the FIB was updated to the proper outgoing interface.

LAB_router_42# exec slot 4 show ip cef 10.1.1.1 
 
   
========= Line Card (Slot 4) =========
0.0.0.0/0, version 38, epoch 0, cached adjacency 10.125.72.74 0 packets, 0 bytes Flow: 
AS 0, mask 0 tag information from 10.38.192.6/32, shared, all rewrites owned local 
tag: 34 via 192.168.225.0, 0 dependencies, recursive next hop 10.125.72.74, 
GigabitEthernet5/0/0 via 192.168.225.0/24 (Default) <=== HERE valid cached adjacency 
tag rewrite with Gi5/0/0, 10.125.72.74, tags imposed {} <=== HERE LAB_router_42#
 
   

Conditions: This symptom is observed when there is a default route configured while running Cisco IOS Release 120(32)SY4 or 120(32)SY6 on Eng3.

Workaround: Enter clear ip route 0.0.0.0 or <default-network>.

CSCsr62931

Symptoms: Cisco 7500 and 10700 builds are breaking.

Conditions: The fix for CSCsq11643 is causing build breakage.

Workaround: There is no workaround.

CSCsr64998

Symptoms: Low BGP keepalive timer sessions flap too often during periods of high CPU utilization.

Conditions: This symptom is observed when low BGP keepalive timers are set (for example, 20/60, 10/30, 1/3). This symptom is specific to Cisco IOS Release 12.0S and 12.4T.

Workaround: Do not configure very aggressive BGP keepalive timers. Also, try not to overload the CPU.

CSCsr65767

Symptoms: MVPN traffic is being punted to the slowpath for packets that have a size ranging from 1476 to 1500 (minimum IP MTU of the outgoing interfaces is 1500).

Packets that have a size ranging from 1476 to 1500 are being punted to the slowpath, which is not required. During the fragmentation check, we should check the packet size with:

1) Minimum IP MTU of customer-facing interfaces.

2) Minimum IP MTU of core-facing interfaces - gre header (24).

If the size is greater than the above value, then only the packet should be punted to the slowpath for fragmentation.

Conditions: This issue applies to the MVPN on the Cisco 12000 series Internet router with an E5 line card as the egress line card. The issue is not seen with an E3 line card.

Workaround: There is no workaround.

CSCsr70530

Symptoms: A line card crashes.

Conditions: This symptom is observed after members of the MLPPP are swapped from one bay to another bay and vice-versa on the same line card.

Workaround: There is no workaround.

CSCsr70985

Symptoms: A Cisco router crashes following multiple accesses to NVRAM.

Conditions: This symptom has been observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(32)SY5 when the "dir tar:" command is executed parallel with the "write memory" command. It may not be platform specific.

Workaround: Avoid using the "dir tar:" command.

CSCsr71139

Symptoms: The following messages are displayed in the syslog:

%QM-4-SW_SWITCH: Interface GigabitEthernet7/0/1.558 routed traffic will be software switched in egress direction(s)

Another symptom is that the "show policy-map interface" command for the affected interface displays "Class of service queue: 0" for all queues.

Conditions: These symptoms are observed on Engine 5 line cards when attaching to an interface a policy map that requires more WRED resources than what is available in the line card.

Workaround: Verify whether the line card has enough WRED resources available before attaching a new policy map to one of its interfaces.

Further Problem Description: On Engine 5 line cards, when attaching to an interface a policy map that requires more WRED resources than what is available in the line card, no verification for available WRED resources is performed and the command is accepted. This is because Engine 5 line cards, as opposed to Engine 3 line cards, have Line Card Based QoS Manager. Because the policy cannot be programmed in hardware (there are not enough RED resources), the traffic is punted to the line card CPU (that is, it is software-switched). This fix makes the error message more prominent.

CSCsr79573

Symptoms: The member link of a multilink bundle goes into an up/down state.

Conditions: This symptom is observed when multilink is swapped from one multilink bundle to another multilink bundle through a script.

Workaround: Enter the "hw-module subslot <slot#/subslot#> reload" command.

CSCsr80321

Symptoms: Commands cannot be sent to the SPA.

Conditions: This symptom is observed when the members of MLPPP and MLFR are swapped.

Workaround: Reload the line card.

CSCsr83626

Symptoms: The line card in slot 0 does not boot up completely. It does not go past the UP IOS state.

Conditions: This symptom is observed after upgrading the router to Cisco IOS Release 12.0(32)SY5 and having the ATM line card in slot 6 send an LAIS alarm.

Workaround: Move the ATM card to another slot, or shut down the ATM line card in slot 6.

CSCsr85656

Symptoms: On removal of an xconnect from the L2 transport PVC (ATM portmode), the policy map is not removed and entries still exist.

Conditions: This symptom is observed when an xconnect is removed from the L2 transport PVC (ATM portmode).

Workaround: Remove the policy map first and then remove the xconnect configuration.

CSCsr99670

Symptoms: Channelized SPAs on Engine-5 line cards might go to out-of-service.

Conditions: There should be all kinds of interfaces (with encapsulations hdlc/ppp/fr/gige l2fwding enabled on some interfaces) in the same Engine-5 line card.

Workaround: Reload the Engine-5 line card.

CSCsr99774

Symptoms: An engine 5 line card is queueing on egress the GRE precedence rather than the original IP packet precedence.

Conditions: This symptom is observed under the following conditions:

1. Send MVPN traffic.

2. Configure an egress QoS policy on the decap side.

3. Configure a QoS policy in the core to set the GRE IP precedence.

Workaround: There is no workaround.

CSCsu09595

Symptoms: A SIP-601 crashes while changing the CRC/encap/MTU on MLPPP and MFR.

Conditions: This symptom is observed under the following conditions:

1. Change the CRC of the members of the bundle (from crc 16 to 32 and then back again to crc 16).

2. Remove the members from the bundle.

3. Add serials back to MFR and MLPPP.

4. Change the MTU.

5. Flap the links (serials and bundle).

Workaround: There is no workaround.

CSCsu12040

Symptoms: BGP neighbors that are configured with as-override and send-label (CsC) together may not work after an interface flap or service reset.

Conditions:

neighbor xxx as-override neighbor xxx send-label

Workaround: Enter the "clear ip bgp * soft in" command.

Further Problem Description: Peers (neighbors) with a CsC (IPv4+label) BGP configuration with the as-override option should be separated into different dynamic update groups during the BGP update generation process. After the CSCef70161 fix in Cisco IOS Release 12.0(32)SY4, this is no longer the case; this CSCsu12040 fix enhances the CSCef70161 fix to handle the CsC (IPv4+label) case separately.

CSCsu12146

Symptoms: On a Cisco 12404 that is running Cisco IOS Release 12.0(32)SY5, a SIP-401 reloads when lawful intercept (LI) is used on it.

Conditions: This symptom is observed when LI is activated.

Workaround: Deactivate LI.

CSCsu21668

Symptoms: "carve-level 0" is being used in SY5 nodes (SIP-601) to avoid unnecessary buffer recarving and subsequent traffic disruption.

Conditions:

carve-level 0

Workaround: There is no workaround.

CSCsu41968

Symptoms: On a Cisco 7500 with an HA setup, the "show controller t3" command is showing framing as M23 on the active and as C-bit on the standby. So the "loopback remote" configuration is rejected on the active and is accepted on the standby.

Conditions: This symptom is observed when the "show controller t3 1/1/0" command is issued.

Workaround: There is no workaround.

Further Problem Description: Because of the framing mismatch, the standby might crash due to sync issues.

CSCsu45425

Symptoms: Label Forwarding Information Base (LFIB) shows incorrect information for Global BGP prefix after route flap. LFIB/FIB shows prefix as having a tag when it should be not. Routing table is correct.

Conditions: Occurred on a Cisco 12000 router running Cisco IOS Release 12.0(33)S1.

Workaround: Enter the clear ip route command.

CSCsu86371

Symptoms: The connect command that is used to configure FRoMPLS is rejected.

Conditions: This symptom is observed with E0/E2 cards and E3/E5 MFRs.

Workaround: There is no workaround.

CSCsv04345

Symptoms: A GRP crashes with DWDM.

Conditions: This symptom is observed when the "show controllers dwdm" command is issued.

Workaround: There is no workaround.

CSCsv21489

Symptoms: Traffic is dropped on an FR subinterface with IPHC configurations when the SPA reloads.

Conditions: This symptom is observed when IPHC is configured.

Workaround: Shut/no shut the affected main interface (for the subinterfaces).

CSCsv30035

Symptoms: ICMP packets get corrupted when PXF is enabled.

Conditions: This symptom is observed when PXF is enabled.

Workaround: Disable PXF.

Resolved Caveats—Cisco IOS Release 12.0(33)S1

All the caveats listed in this section are resolved in Cisco IOS Release 12.0(33)S1. This section describes only severity 1, severity 2, and select severity 3 caveats.

CSCeb69473

Symptoms: Device crashes with a segmentation violation (SegV) exception.

Conditions: Occurs when the connect target_ip [login|513] /terminal- type value command is entered with a large input parameter to the terminal-type argument such as the following:

router>connect 192.168.0.1 login /terminal-type aaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

Trying 192.168.0.1...Open login:

*** System received a SegV exception *** signal= 0xb, code= 0x1100, context= 0x82f9e688 PC = 0x61616160, Vector = 0x1100, SP = 0x833ae5a8

Workaround:

AAA Authorization AAA authorization enables you to limit the services available to a user. When AAA authorization is enabled, the network access server uses information retrieved from the user's profile, which is located either in the local user database or on the security server, to configure the user's session. Once this is done, the user will be granted access to a requested service only if the information in the user profile allows it.

For a complete description of authorization commands, refer to the following links:

Configuring Authorization http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hsec_c/part05/schathor. htm

ACS 4.1 Command Authorization Sets http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/ user/SPC.html#wpxref9538

ACS 4.1 Configuring a Shell Command Authorization Set for a User Group http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/ user/GrpMgt.html#wp480029

Role-Based CLI Access The Role-Based CLI Access feature allows the network administrator to define "views," which are a set of operational commands and configuration capabilities that provide selective or partial access to Cisco IOS EXEC and configuration (Config) mode commands. Views restrict user access to Cisco IOS command-line interface (CLI) and configuration information; that is, a view can define what commands are accepted and what configuration information is visible. Thus, network administrators can exercise better control over access to Cisco networking devices. The following link provides more information about the Role-Based CLI Access feature:

Role-Based CLI Access http://www.cisco.com/en/US/netsol/ns696/networking_solutions_white_paper09186a00801ee18d.sh tml

Device Access Control Due to the nature of this vulnerability, networking best practices such as access control lists (ACLs) and Control Plane Policing (CoPP) that restrict vulnerable device access to certain IP addresses or Subnetworks may not be effective. Device access best practices provide some mitigation for these issues by allowing systemic control of authenticated and unauthenticated users. Device access best practices are documented in:

Infrastructure Protection on Cisco IOS Software-Based Platforms Appendix B-Controlling Device Access http://www.cisco.com/application/pdf/en/us/guest/products/ps1838/c1244/cdccont_0900aecd804 ac831.pdf

Improving Security on Cisco Routers http://www.cisco.com/warp/public/707/21.html

CSCee29138

Symptoms: The ciscoMemoryPoolType returns the wrong value for all memory types, except processor.

Conditions: This symptom is observed on a Cisco platform that runs Cisco IOS Release 12.2 S, 12.3, or 12.3 T.

Workaround: There is no workaround.

CSCek63384

Symptoms: A service policy is unexpectedly removed.

Conditions: This symptom is observed when you apply a service policy to a multilink interface and then the interface is reset.

Workaround: There is no workaround to prevent the symptom from occurring. When the symptom has occurred, reconfigure the service policy after the multilink interface has been brought up.

CSCek78237

Symptoms: A short CPU hog seen in the ATM PA Helper process when an interface flaps and the framing configuration is modified on the interface.

Conditions: This symptom is observed on a Cisco 7200 with a PA-A3-T3 adapter that is running Cisco IOS Release 12.2(25)S or 12.2(31)SB (and possibly other Cisco IOS releases).

Workaround: There is no workaround.

Further Problem Description: The CPU hog is enough to cause OSPF adjacencies (with fast hello) to go down on other unrelated interfaces. The same problem is seen if BFD is configured.

CSCek79178

Symptoms: The dot1q tunneling ethertype 0x9100 interface configuration command disappears from the main interface after a route processor (RP) switchover.

Conditions: This symptom is observed after an RP switchover.

Workaround: There is no workaround.

CSCsb63652

Symptoms: BGP convergence is very slow, and CPU utilization at the BGP Router process is always near 100 percent during the convergence at the aggregation router. This issue obviously shows the following tendencies:

1) The greater the number of component prefixes that belong to the aggregate- address entry, significantly slower convergence is seen at the aggregation router.

2) The greater the number of duplicate aggregation component prefixes for the aggregate-address entry, seriously slower convergence is seen at the aggregation router.

Conditions: Any release would be affected if "aggregate-address" is configured and routing updates are received every few seconds.

Workaround: Remove the "aggregate-address".

Further Problem Description: If you configure "aggregate-address" lines after BGP convergence has been achieved, the BGP process only holds about 60 or 80 percent of the CPU for about 1 minute. However, if you do peer reset after "aggregate-address" entries have been configured, the convergence time is about 32 minutes (it is about 6 minutes if "aggregate-address" entries are removed).

CSCse50781

Symptoms: After executing the no ipv6 multicast-routing command on a dual-RP router, IPC communication to the standby RP may be broken, and the following messages may be seen every minute:

%IPCGRP-3-ERROR: standby set time: timeout seen

Conditions: This symptom is observed on a Cisco 12000 series router that is running the c12kprp-p-mz image of Cisco IOS Release 12.0(32)SY.

Workaround: Reload the router.

Further Problem Description: This bug is seen only while operating in SSO mode (not in RPR mode).

CSCse56501

A device running Cisco IOS software that has Internet Protocol version 6 (IPv6) enabled may be subject to a denial of service (DoS) attack. For the device to be affected by this vulnerability the device also has to have certain Internet Protocol version 4 (IPv4) User Datagram Protocol (UDP) services enabled. To exploit this vulnerability an offending IPv6 packet must be targeted to the device. Packets that are routed throughout the router can not trigger this vulnerability. Successful exploitation will prevent the interface from receiving any additional traffic. The only exception is Resource Reservation Protocol (RSVP) service, which if exploited, will cause the device to crash. Only the interface on which the vulnerability was exploited will be affected.

Cisco is providing fixed software to address this issue. There are workarounds available to mitigate the effects of the vulnerability.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080326-IPv4IPv6.shtml

CSCse75697

Symptoms: When an ATM interface is configured with an IMA group and when you enter the clock source line command, the router may crash.

Conditions: This symptom is observed on a Cisco router that integrates the fixes for caveats CSCin90422 and CSCsb68536.

Workaround: There is no workaround.

Further Problem Description: The symptom occurs because the default clocking has been changed to "internal" via the fixes for caveats CSCin90422 and CSCsb68536. The fix for this caveat, CSCse75697, sets the default clocking back to "line."

CSCse92050

Symptoms: A router may reload unexpectedly when a routing event causes multicast boundary to be configured on a Reverse Path Forwarding (RPF) interface.

Conditions: This symptom is observed on a Cisco platform that is configured for PIM.

Workaround: Remove multicast boundary from the configuration.

CSCsg08751

Symptoms: Route Switch Processor (RSP) may crash when flash card is removed from RSP slot.

Conditions: This has been seen on RSP running Cisco IOS Release 12.4(10).

Workaround: There is no workaround.

CSCsg35077

Symptoms: A device that is running Cisco IOS software may crash during processing of an Internet Key Exchange (IKE) message.

Conditions: The device must have a valid and complete configuration for IPsec. IPsec VPN features in Cisco IOS software that use IKE include Site-to- Site VPN tunnels, EzVPN (server and remote), DMVPN, IPsec over GRE, and GET VPN.

Workaround: Customers that do not require IPsec functionality on their devices can use the no crypto isakmp enable command in global configuration mode to disable the processing of IKE messages and eliminate device exposure.

If IPsec is configured, this bug may be mitigated by applying access control lists that limit the hosts or IP networks that are allowed to establish IPsec sessions with affected devices. This assumes that IPsec peers are known. This workaround may not be feasible for remote access VPN gateways where the source IP addresses of VPN clients are not known in advance. ISAKMP uses port UDP/500 and can also use UDP/848 (the GDOI port) when GDOI is in use.

Further Problem Description: This bug is triggered deep into the IKE negotiation, and an exchange of messages between IKE peers is necessary.

If IPsec is not configured, it is not possible to reach the point in the IKE negotiation where the bug exists.

CSCsg42672

Symptoms: On a Cisco router running Cisco IOS Release 12.0(32)S4 and configured with BGP and peer-groups, if the Fast Peering Session Deactivation feature is configured in the peer-group, the router automatically configures on the command a route-map with the same name as the peer- group.

Conditions: Occurs with the following configuration sequence:

RR#conf t Enter configuration commands, one per line. End with CNTL/Z. RR(config)#router bgp 65001 RR(config-router)#neighbor rrs-client fall-over ? bfd Use BFD to detect failure route-map Route map for peer route <cr>

RR(config-router)#neighbor rrs-client fall-over

RR#sh ru <snip> router bgp 65001

neighbor rrs-client peer-group neighbor rrs-client remote-as 20959 neighbor rrs-client update-source Loopback0 neighbor rrs-client fall-over route-map rrs-client <<<<<<<

the route-map does not exist.

Workaround: Configure the neighbor individually or use peer-templates.

CSCsh31546

Symptoms: Applying L4 operators (used with an ACL) on many interfaces at the same time generates a traceback.

Conditions: There is no set procedure for generating the traceback. You must play around with the configuration to generate it.

Workaround: Configure the ACL batch by batch; for example, 20 to 30 interfaces at a time.

CSCsh75224

Symptoms: RP crashes in IFS code when a SSH or TELNET session is established while the switch is attempting to download a configuration.

Conditions: Occurs on a Cisco Catalyst 6509.

Workaround: There is no workaround.

CSCsj12867

Symptoms: The following message can be seen after executing the write memory command, even though the version has not been changed.

Router# write memory

Warning: Attempting to overwrite an NVRAM configuration previously written by a different version of the system image. Overwrite the previous NVRAM configuration?[confirm]

The router then restarts with the following traceback:

-Traceback= 6067F3DC 6067FB38 605E3FE8 60686384 605E3FE8 605188BC 60518830 605444D4 60539164 6054719C 605AB65C 605AB648

Conditions: This symptom is observed on a Cisco 7206 VXR (NPE-400) with C7200-IO-FE-MII/RJ45= or C7200-I/O= running the Cisco IOS Release 12.2(24a) interim build.

Workaround: There is no workaround.

CSCsj21785

Symptoms: A Traffic Engineering (TE) tunnel does not re-optimize to explicit path after an MTU change.

Conditions: The TE tunnel is operating via explicit path. The MTU on outgoing interface is changed. OSPF is flapped, and it does not come up as there is MTU mismatch (MTU is not changed on peer router). Meanwhile the TE re- optimizes to a dynamic path-option as expected. Now the MTU is reverted back to the previous value, and the OSPF adjacency comes up. The TE tunnel does not re-optimize to explicit path. Manual re-optimization of the TE tunnel fails as well, and the TE tunnel sticks to the dynamic path.

Workaround: Enter the shutdown command followed by the no shutdown command on the particular interface.

CSCsj68299

Symptoms: The line card crashes when the interface MTU is changed.

Conditions: This symptom is observed when having both ingress and egress E0 cards with MPLS in the core and when an ATOM tunnel is configured on the egress line card.

Workaround: Before changing the MTU, stop the traffic across all the E0 line card interfaces. You can resume traffic after changing the MTU.

CSCsj74173

Symptoms: Egress E0 - Two ports OC3 channelized to DS1/E1 are crashing continuously just as traffic starts.

Conditions: E0 - In an IP->Tag fragmentation case with E4/E4P/E6 POS cards as the ingress and E0 as the egress card, for certain frame sizes larger than the egress MTU, the E0 egress card crashes. This happens only with the E0 card as egress.

Workaround: Make sure that the packets sent are less than the egress MTU of the E0 linecard to avoid any fragmentation.

CSCsj99269

Symptoms: With some VPN configurations, such as configurations with a multipath import or an import map, the CPU usage of the router may be very high for a long time, even after BGP convergence has occurred.

Conditions: This symptom is observed on a Cisco router that functions in a highly scaled environment involving several hundred VRFs and occurs after the router has been reloaded or after a switchover has occurred.

Workaround: There is no workaround.

CSCsk10104

Symptoms: MPLS-TE tunnels do not come up after a core interface is brought down and then up again by entering the shutdown command followed by the no shutdown command.

Conditions: This symptom is observed when there are 200 MPLS-TE tunnels and 1000 VRFs configured on an NES-150 and when entering the shutdown command followed by the no shutdown command for the core interface when the traffic is on for all 1000 VRFs end to end.

Workaround: Enter the no mpls traffic-eng tunnels command followed by the mpls traffic-eng tunnels command, and all tunnels come up.

CSCsk15805

Symptoms: If you shut down a TE tunnel interface and you have a static route through the tunnel, the routing table is not updated immediately but only when the static scan runs (every minute by default).

Conditions: This problem is fine if the static route is pointing to a physical interface and happens only with TE tunnel interfaces when it is configured with the ip routing protocol purge command.

Workaround: Remove the ip routing protocol purge command or tune the adjust timer (ip route static adjust-time command).

CSCsk26165

Symptoms: A router may crash because of a bus error.

Conditions: The router must be configured for L2TP.

Workaround: There is no workaround.

CSCsk30571

Symptoms: Field diagnostics fail (indicating a DOWNLOAD FAILURE) on the standby PRP2 when the PRP2 has 4 GB of memory installed.

After 40 minutes, the default download time limit, field diagnostics declare a download failure and reload the board. The failure message for this looks like the following:

--------------------------------------------------------------------------- Field Diagnostic: ****DOWNLOAD FAILURE**** while preparing slot {#}

Field Diag eeprom values: run 3 fail mode 5 (DOWNLOAD FAILURE) slot {#} last test failed was 0, error code 0 Shutting down diags in slot {#}

Board will reload ---------------------------------------------------------------------------

Conditions: This symptom is observed for any release of Cisco IOS software when you attempt to run field diagnostics on a standby PRP that has 4 GB of memory.

Workaround: There is no workaround.

CSCsk34458

Symptoms: An E5 line card with a 1x10GE SPA can crash when the laser of a JDSU T-BERD 8000 testset that is connected to the 10GE interface is enabled.

Conditions: This symptom is observed on a router that contains an E5 line card with a 1x10GE SPA and redundant PRP-2 processors that are booted with the c12kprp-p-mz.12.0(32)S7 image and that are running in RPR+ mode.

Workaround: There is no workaround.

CSCsk36276

Symptoms: Traceback seen at tfib_post_table_change_label_request_needed.

Conditions: Occurs during SSO switchover on a Cisco 7606 router.

Workaround: There is no workaround.

CSCsk36552

Symptoms: Some packet flows may be dropped when the next-hop is load-shared between MPLS-TE tunnel and physical interface. The next-hop entry for the physical interface is invalid in Hardware-CEF table in ingress Line-Card during this problem. This cause the some packet flows which look up the invalid entry as the result of hash calculation to be dropped. The other flows which looks up the tunnel interface are not affected.

You can check the detail of hardware-CEF table for this problem by entering the show ip hardware-cef prefix detail command in Engine 3 and Engine 5.

Conditions: This problem occurs when the next-hop is load-shared between MPLS-TE and physical interface. This problem may be observed when using Engine 3 or Engin 5 as the ingress Line-Card on GSR.

Workaround: There is no workaround.

CSCsk55692

Symptoms: A Cisco 7500 series router that is running Cisco IOS Release 12.2SB and Release 12.0S continues to witness output drops after configuring and unconfiguring an Output Policy containing Police feature on a Logical Interface. On a Cisco 7507 router that is running Cisco IOS Release 12.0(32) S9, reconfiguring fair-queue causes the VIP crash by signal = 10.

Conditions: The problem is caused when installing a policy with police on a logical interface: Subinterface, ATM PVC, Frame Relay DLCI, etc. After removal of such policy, the interface continues to police traffic. If the interface is configured with FR and the fair-queue is reconfigured, the VIP crashes.

Workaround: There is no workaround. The router has to be reloaded to correct the behavior.

CSCsk60112

Symptoms: Uninitialized memory causes failures when label switched path (LSP) ping is performed

Conditions: This error occurs when the allocated memory is non-zero.

Workaround: There is no workaround.

CSCsk61790

Symptoms: Syslog displays password when copying the configuration via FTP.

Conditions: This symptom occurs when copying via FTP. The Syslog message displays the password given by the user as part of syntax of FTP copy.

Workaround: There is no workaround.

CSCsk66339

Symptoms: A Cisco 7600 router running Cisco IOS Release 12.2(18)SFX6 may encounter a condition such that when intermediate system-to-intermediate system (IS-IS) and traffic engineering (TE) are configured, IS-IS should remove the native path from its local RIB and call RIB code to remove the path from global RIB but fails by either not passing the "delete" msg to RIB properly or RIB does not react when it received the "delete" call.

Conditions: The show mpls traffic-engineering tunnel command output may indicate "Removal Trigger: setup timed out" status.

Workaround: Perform a shut/no shut on the interface or change the metric temporarily to force an update with the tunnel mpls traffic-eng autoroute metric 1 command.

CSCsk67111

Symptoms: Watchdog timeout seen after switchover.

Conditions: Occurs when high availability RPR mode is configured on a Cisco 7500 router.

Workaround: There is no workaround.

CSCsk78725

Symptoms: While giving T1 controller configuration, the router crashes. This happenes on the 8-port multichannel T1/E1 8PRI PA (PA-MC-8TE1+).

Conditions: Occurs on a router running Cisco IOS Release 12.4(17.7) and Cisco IOS Release 12.4(17.4)T1.

Workaround: There is no workaround.

CSCsk81155

Symptoms: OSPFv3 loses hello packets causing neighbors to flap.

Conditions: Occurs on a Cisco GSR router running Cisco IOS Release 12.0(32)S7 and later when TE tunnels are configured.

Workaround: There is no workaround.

CSCsk81725

Symptoms: All E6 line cards are holding incorrect output slot information in hardware CEF for default route. At the same time, other E4+ and E2 LCs have no problem with hardware CEF.

Conditions: Unknown.

Workaround: Use the clear ip route 0.0.0.0 command.

CSCsk82701

Symptoms: Hot Standby Routing Protocol (HSRP) Virtual IP address is unreachable. IP address assigned to the interfaces is reachable.

Conditions: Problem was seen in GSRs with different SPAs. Problem occurs only when line card is installed for the first time or if it is moved between slots. Problem only occurs if the same interface is both configured for HSRP and assigned to VPN routing/forwarding (VRF) VRF.

interface GigabitEthernet3/0/0.5 ip vrf forwarding ip address X.X.X.2 X.X.X.X standby 1 ip X.X.X.1 standby 1 priority 110 standby 1 preempt

Workaround: Reload active and standby router as if you reload only active there is a chance standby router once become active may hit the problem. Or, remove the HSRP configuration before moving the linecard.

CSCsk98123

Symptoms: Tx traffic may get dropped due to a "precam 1 exception."

Conditions: This symptom is observed when vrf vlite and strict urpf are configured on the interfaces. This happens in all releases when adjacency indexes between 65528 to 65531 are used in TX SRAM Adjacency programming on line cards. This happens only on port 0. Strict URPF not a required condition. It can happen without that.

Workaround: To recover from the situation, remove and re-apply the configuration on the interface when the problem is seen. To recover from the condition, shut and no shut of the interface is fine provided it does not get adjacency index allocated within 65528 and 65532. If URPF/PBR is configured or removed, then also it gets cleared.

Alternate Workaround: Do not use port 0 on the line card. Using a subinterface will mitigate the issue.

CSCsl01921

*Some packet flows dropped in nexthop load-sharing between TAG and IP

CSCsl03699

Symptoms: SPA-4XCT3/DS0 serial interface went down.

Conditions: Connected the shared port adapter (SPA) back to back and configured remote loopback from one router and entered t1 1 bert channel-group 0 pattern 2^11 interval 1. BERT ran successfully, then the serial interface went down.

Workaround: Perform a shut/no shut on the controller or serial interface.

CSCsl06336

Symptoms: When the maximum-paths n import command is unconfigured, for example, a no maximum-paths n import m command is issued for a VPN/VRF on a router, sometimes the routes in that VPN may have duplicate path entries.

For example:

diezmil#sh ip bgp vpnv4 v v1001 10.0.20.0 BGP routing table entry for 100:1001:10.0.20.0/24, version 1342275 Paths: (2 available, best #1, table v1001) Flag: 0x420 Not advertised to any peer 65164, imported path from 100:1:10.0.20.0/24 192.168.1.7 (metric 4) from 192.168.1.254 (192.168.1.254) Origin IGP, metric 1552, localpref 80833, valid, internal, best Extended Community: RT:100:1001 Originator: 192.168.1.7, Cluster list: 192.168.2.7 mpls labels in/out nolabel/291 65164, imported path from 100:1:10.0.20.0/24 192.168.1.7 (metric 4) from 192.168.1.253 (192.168.1.253) Origin IGP, metric 1552, localpref 80833, valid, internal Extended Community: RT:100:1001 Originator: 192.168.1.7, Cluster list: 192.168.2.7 mpls labels in/out nolabel/291

Workaround: The least resource-intensive workaround is to configure and unconfigure a dummy import map under that VPN/VRF. Clearing the affected BGP sessions on PEs also resolves the issue.

CSCsl07297

Symptoms: Router may crash when a sequence of commands are executed in quick succession.

Conditions: Occurs when a Border Gateway Protocol (BGP) neighbor belongs to a particular peer group and the following commands are entered in quick succession: * no neighbor a.b.c.d peer-group pgroup-name * no neighbor a.b.c.d description xyz If these commands executed quickly, such as when they are pasted into the interface, the router may crash.

Workaround: Use the no neighbor a.b.c.d peer-group pgroup-name command to remove the neighbor. This command removes the neighbor and eliminates the need for the second command.

CSCsl09752

Symptoms: Packet drops occurring on PE router.

Conditions: Occurs after sending traffic from VPN routing/forwarding (VRF). Traffic is stopped until the mroute entries get cleared. When traffic is sent from core, packets are dropped.

Workaround: Reload the line card.

CSCsl10053

None <B>Symptom:</B> After gsr is booted, up and running, when first time dwdm spa is inserted in linecard, linecard crashes. AFter linecard restart, next oirs are fine.

<B>Workaround:</B> Before gsr boots, keep dwdm spa inserted in linecard and then boot gsr.

CSCsl11335

Symptoms: The number of entries obtained from the "ciscoMvpnBgpMdtUpdateTable" table using the getmany command is incorrect

Conditions: Occurred on a Cisco 7200 router running Cisco IOS version 12.4(17.9)T.

Workaround: There is no workaround.

CSCsl15026

Symptoms: Configuration applied to a multilink interface is not reflected on the interface.

Conditions: Occurs when a configuration is applied immediately after adding the first link to a multilink PPP or a multilink frame-relay bundle. It affects any configuration applied to the main interface or to the sub-interface of the bundle. The problem does not occur when adding subsequent member links to the bundle.

Workaround: After adding the first link, wait 15 seconds before applying any configuration to the bundle interface or on the sub-interface. If any of the configurations are missing, re-apply them.

CSCsl16385

Symptoms: Line card reloads.

Condition: Occurs after high-availability switchover and caused by excessive number of control messages.

Workaround: There is no workaround.

CSCsl17766

Symptoms: Attempting to configure serial interfaces results in the following message and a traceback: %FIB-2-HW_IF_INDEX_ILLEGAL: Attempt to create CEF interface for Serialx/x with illegal index: -1

Conditions: When this happens the "ifindex" table appears to be incorrect on the PRP as a result of a race condition related to online insertion and removal (OIR) events. This problem should only occur if SSO or RPR+ redundancy is configured.

Workaround: If this happens on an HA-protected Active RP, check whether the Standby RP has good if- index values for all interfaces by running the show idb EXEC command on the Standby RP. If so, then do an RP switchover, so the RP with good interface indexes becomes the Active RP.

If the Standby RP shows this symptom, reload the Standby RP and check that after it comes up it has good if-index values, which should happen in most cases.

CSCsl18488

Symptoms: BERT continues to run on a T1 channel of SPA-1XCHSTM1/OC3.

Conditions: Occurred when a SPA-1XCHSTM1/OC3 shared port adapter (SPA) was connected back-to-back and configured with 12 T1 links with a network loopback from the other router. The following steps cause the problem:

1) Run normal bert patterns on 6 T1 channels 2) Once the bert is done run atlas bert pattern on 4 T1 channels 3) Later run atlas bert pattern on 4 T1 channels.

Workaround: Reload the SPA.

CSCsl28278

Symptoms: Routes and packets are lost.

Conditions: Occurs because NSF restart is not recognized by some of the neighbors after a router restarts.

Workaround: There is no workaround.

CSCsl29991

Symptoms: Link is flaps after reload.

Conditions: Occurs with a Engine 5 line card and 5x1GE shared port adapter (SPA) following a reload of SPA or line card.

Workaround: There is no workaround.

CSCsl30331

Symptom: Prefixes are allowed by the outbound route-map even though the match condition is met and the action is set to deny.

Conditions: Occurs in the following scenario: 1. The iteration with the deny action contains a match community. 2. The continue statement is used in one of the previous iterations.

Workaround: If there is single match clause based on NLRI, the condition is avoided.

Further Problem Description: Route-maps can be used without continue to avoid the problem.

CSCsl31683

Symptoms: PC error messages are seen along with tracebacks and SPA console is not available while running atlas BERT.

Conditions: The issue is seen when running atlas BERT on CHSTM1.

Workaround: Reload the SPA

CSCsl31789

<B>Symptom:</B>

RP Crashed with MLPPP Provisioning / unprovisioning -- followed by SPA reload

<B>Conditions:</B>

RP Crashed with MLPPP Provisioning / unprovisioning -- followed by SPA reload

<B>Workaround:</B>

CSCsl32142

Symptoms: A router may reload after reporting SYS-3-OVERRUN or SYS-3-BADBLOCK error messages. SYS-2-GETBUF with 'Bad getbuffer' error may also be reported.

Condition: Occurs when PIM auto-RP is configured and IP multicast boundary is enabled with the filter-autorp option.

Workaround: Configure IP multicast boundary without the filter-autorp option.

CSCsl32220

Symptoms: Cisco 12000 router running Cisco IOS Release 12SY may experience intermittent communications problems over Bridged VCs and ARP entries are not repopulated.

Conditions: Occurs when VC is configured for half-bridging and the router is running Cisco IOS Release 12.0SY.

Workaround: Use Cisco IOS Release 12.0S or, use VCs with routed encapsulation.

CSCsl33471

Symptoms: Anyphy value changes after channel group BERT.

Conditions: Anyphy value changes after channel group BERT for an interface if another interface on the same SPA with a lower anyphy value is deleted.

Workaround: Reload the line card.

CSCsl36013

Symptoms: A Cisco 12000 series router with an Engine 0 ATM OC12 line card may experience a problem in which a Layer 2 adjacency rewrite string for an ATM PVC becomes invalid. The invalid rewrite results in packets being forwarded out the interface with the wrong Layer 2 details prepended.

Conditions: This symptoms is observed on a Cisco 12000 series router with an Engine 0 ATM OC12 line card.

Workaround: Use the following command for the affected IP address:

clear ip arp x.x.x.x

Further Problem Description: This problem can be identified using the execute-on [slot#] show controller rewrite Cisco IOS command, compared to the rewrite string in the show adjacency internal command:

Router# execute-on 1 show controller rewrite

========= Line Card (Slot 1) =========

Local MAC rewrite table Interface Address Output_Info -------------------------------------------------------- ... ATM1/0.1 192.168.1.1 0x1C062340 4BA72000AABA031180C2000700000004 757122D600081008B0560800 <-- incorrect ...

Router# execute-on all show adjacency internal

========= Line Card (Slot 1) =========

Protocol Interface Address ... IP ATM1/0.1 192.168.1.1(9) 131229862 packets, 74135640171 bytes 02710100AABA031180C2000700000017 E0DC040200072009B0450800 <-- correct ...

Router# clear ip arp 192.168.1.1

Router# execute-on 1 show controller rewrite

========= Line Card (Slot 1) =========

Local MAC rewrite table Interface Address Output_Info -------------------------------------------------------- ... ATM1/0.1 192.168.1.1 0x1C025340 6EA82000AABA031180C2000700000017 E0DC040200072009B0450800 <-- correct ...

CSCsl36723

Symptoms: A SIP401/SIP600 may crash upon a primary CSC failover. FIA Halt related error messages are also seen.

Conditions: This symptom is observed upon a primary CSC failover.

Workaround: There is no workaround.

CSCsl41107

Symptoms: When explicit-null packets are received on URPF bundle, there is a possibility of BMA errors and crash.

Conditions: Occurs when explicit-null and URPF are configured.

Workaround: There is no workaround.

CSCsl43394

Symptoms: Standby RSP reloads and has problems syncing configuration when DS1 controller is removed from DS3 configuration.

Conditions: This problem is seen when SSH is enabled on the router and DS1 controller is added or deleted from the configuration.

Workaround: There is no workaround.

CSCsl43723

Symptoms: SIP-400 crashed.

Conditions: Occurs after repeated provision/unprovision of ML bundle.

Workaround: There is no workaround.

CSCsl43735

<B>Symptom:</B> 1. Multiple OI and OQ information which are same for an (S, G) mroute ( MGID ) on conga.

<B>Conditions:</B> 1. An E3 card with Multicast output interfaces configured.

2. Colliding sources for same multicast group (S1, G) and (S2, G) for above output interfaces.

3. No Egress QoS in the above interfaces.

<B>Workaround:</B> 1. reload the E3 LC 2. do not have colliding sources for multicast.

CSCsl47221

Symptoms: Traffic may stop because of spurious memory access.

Conditions: Occurs after shutting the qinq subinterface

Workaround: Perform a shut/no shut on the subinterface.

CSCsl47637

Symptoms: Cisco 12000-SIP-401 with SPA-8X1FE-TX-V2 stops forwarding traffic.

Conditions: Occurs on Cisco 12000 routers running the c12kprp-k4p-mz.120-32.SY2g image and with 12000-SIP-401 and SPA-8X1FE-TX-V2. Another three shared port adapters (SPA) were also present. Possibly triggered by multicast traffic.

Workaround: Only a reload of the card/SPA solves the problem.

CSCsl50271

Symptoms: An Open Shortest Path First (OSPF) enhancement, to avoid a suspend when link state update packets are sent, may result in a router crash.

Conditions: The symptoms are observed in a scenario with 3k tunnels. Both unconfiguring the loopback interface and deleting the loopback interface trigger the same code path that may lead to OSPF suspension.

Workaround: There is no workaround

Further Problem Description: The problem actually exists in all branches. However, this is a timing issue.

CSCsl51587

Symptoms: The channelized SPA is in admin down state. When the show hw-module subslot x brief command is entered on the LC, the LC may crash.

Conditions: Unknown at this time.

Workaround: There is no workaround.

CSCsl51615

Symptoms: Channelized shared port adapter (SPA) out of service after active RP crash.

Conditions: Occurs because of heartbeat failure

Workaround: Reload the SPAs.

CSCsl53811

Symptoms: Some FRR database entries become active after reoptimization. Traffic on the LSP which become FRR active is forwarded to the wrong path and continues to drop.

Conditions: This problem may happen when manual or timer reoptimization is performed during convergence. This problem may happen when "Tunnel head end item" and "LSP midpoint item" in FRR database have more than one entry in each item. This problem may happen when midpoint entry in "LSP midpoint item" is the LSP using "loose" path-option on a headend router.

Workaround: There is no workaround.

Further Problem Description: FRR database state and the traffic recover by doing primary tunnel or backup tunnel's "shutdown" / "no shutdown" if this problem occur. If we configure longer reoptimization timer or we perform manual reoptimization after convergence, this problem may not occur

CSCsl60370

Symptoms: GSR not soaking SLOS and bringing down interface immediately

Conditions: The issue occurs only when the GSR redundancy switchover happens.

Workaround: There is no workaround.

CSCsl62276

*Some packet flows dropped in nexthop load-sharing between TAG and IP

CSCsl63038

Symptoms: Provider edge (PE) not learning MAC addresses as expected.

Conditions: Occurs with Virtual Private LAN Services (VPLS) setup with three PEs.

Workaround: There is no workaround.

CSCsl63885

Symptoms: Packet drops occur when doing MPLS ip2tag and tag2ip load balancing on an Engine 2 line card.

Condition: Occurs on a Cisco 12000 series router running Cisco IOS Release 12.0(32)sy2d.

Workaround: Enable LDP on the the tunnel.

CSCsl65264

Symptoms: EF CAR value does not set properly in TCAM for MFR bundle interface.

Conditions: Occurs when MFR interface is shut and no shut.

Workaround: Remove and re-apply output service policy to the MFR interface.

CSCsl65977

Symptoms: IOS field diagnostics is failing with various error messages about "Slave Clock" such as displayed below:

Error disabling LC Enable register on CSC 0, SCA768_LC_ENABLE_2_S 0x7f, read_count 100 ... Timed out waiting for TX Network Interrupt to happen ... Slot 16, Slave Clock Control Register 0x00000000

Conditions: This has only been observed on a Cisco 12000 router when there are 12010E-CSC and 12010E-SFC fabric card in the chassis.

Workaround: There is no workaround.

CSCsl67149

Symptoms: A sync issue is observed with the standby and active configuration.

Conditions: This symptom is observed on a Cisco 12000 series router that is configured for MLPP/MFR. When an attempt is made to remove and add the members before the unprovisioning is completed, the member is added in standby but not in active; hence the configuration sync issue.

Workaround: Add the member after the unprovisioning is completed.

CSCsl67815

Symptoms: When core-facing line card reloads or has link flap, the edge-facing E3/E5 for mVPN may not forward mVPN traffic.

Conditions: This defect is observed with an internal version off Cisco IOS Release 12.0(33)S.

Workaround: Enter the clear ip mds line <edge facing E5 lc slot> command.

CSCsl74425

Symptoms: Engine 5 card crashed following provision/unprovision.

Conditions: Occurs after repeated provision/unprovision of Multilink Point-to-Point Protocol (MLPPP).

Workaround: There is no workaround.

CSCsl74820

Symptoms: Standby RP crashed.

Conditions: Occurred after provision/unprovision of Multilink Frame Relay (MLFR) MLFR with Hierarchical Quality of Service (HQoS).

Workaround: There is no workaround.

CSCsl77158

Symptoms: A Cisco router may see the following errors: Oct 30 16:42:04.094 GMT: %ALIGN-3-SPURIOUS: Spurious memory access made at 0x405039FC reading 0x1678

Conditions: The symptoms may be observed on a CISCO7513 running Cisco IOS release 12.0(32)S3 with PA-MC-E3 cards installed.

Workaround: There is no workaround. This problem is not service impacting.

CSCsl81258

Symptoms: On a Cisco 12000 router running Cisco IOS Release 12.0(32)SY4, the SNMP ifIndex is missing for subinterfaces of the first SPA of a Engine 5 SIP-600 Line Card, as follows:

router#sh snmp mib ifmib ifindex GigabitEthernet15/0/3.951 Invalid ifIndex for GigabitEthernet15/0/3.951

This issue affects accounting and billing.

Conditions: Occurred after router was upgraded from Cisco IOS Release 12.0.(31)s6 to Cisco IOS Release 12.0.(32)SY4.

Workaround: There is no workaround.

CSCsl82857

Symptoms: RP crashes after successful switchover.

Conditions: Occurs when Data-Link Connection Identifiers (DLCI) are deleted from Multilink Frame Relay (MFR) interface, followed by a switchover.

Workaround: There is no workaround.

CSCsl87418

Symptoms: The process IPC Seat Manager is permanently holding a CPU utilization of 40-50%. Causes a considerable decrease in traffic and very slow response from the routers.

Condition: This behavior has been observed on several Cisco 12000 routers with PRP-1 running Cisco IOS Release 12.0(32)SY4 and is conditioned to the following factors: - Several hundreds of interfaces configured like channelized, multilink or virtual template interfaces. Every physical and each of these interfaces has an HWIDB associated with it. - many linec ards in the chassis. - The ip multicast-routing distributed command is enabled.

Workaround: Upgrade to PRP-2 and CPU would go down to 10-15% in this same process. Or if feasible, disable ip multicast-routing distributed.

CSCsl89425

Symptoms: Bidirectional Forwarding Detection (BFD) sessions do not scale. This symptom is especially visible with an OSPF client when one of the peers is rebooted after configuring the maximum number of BFD sessions.

Conditions: This symptom occurs when configuring maximum BFD sessions or total number of BFD sessions too close to the maximum limit.

Workaround: Configure 90 percent of the maximum allowed BFD sessions.

CSCsl92482

Symptoms: Fragmentation is handled incorrectly on GSR E5 line card. We can send up to around 2Gbps of fragmented traffic without performance impact. When the egress line card CPU reaches 100%, the rate of the fragmented traffic drops down to 50Mbps.

Conditions: Occurs when all CPU resources of the egress LC are consumed.

Workaround: There is no workaround.

CSCsl93596

Symptoms: When the MTU is changed on the core-facing E0 LC, all the E0 cards in the router crash.

Conditions: This symptom is observed with bidirectional traffic with an L3VPN, L2VPN configuration. There are also MPLS TE tunnels.

Workaround: There is no workaround.

CSCsl93926

Symptoms: E5 line card configured for CFI and BFI may crash when passing mVPN traffic.

Conditions: This is observed with Cisco IOS Release 12.0(32)SY5.

Workaround: There is no workaround.

CSCsl94410

Symptom: CPU hog condition occurs because of stressful BGP configuration.

Conditions: Occurs in Cisco IOS releases in which CSCsj17879.

Workaround: None

CSCsl94784

Symptoms: Packet drops on output service policy after port swap in Tx BMA of E3 Card. The problem is due to the port-burst being changed incorrectly without any real configuration change on the concerned sub-interfaces.

Conditions: When a Port-swap in Tx BMA is accompanied by the change in burst value after removing service policy (or sub-interface), we are able to see the traffic drop to another sub-interface.

Workaround: Remove and re-add the output service policy from the affected sub-interface.

CSCsl96577

Symptoms: The show ppp multilink statistics are not updated on a Cisco 7500 router.

Conditions: This symptom is observed when dLFIoLL+SSO is configured on the Cisco 7500 router and a switchover is performed.

Workaround: There is no workaround.

CSCsl98882

Symptoms: Traffic stops forwarding after the deletion of a security output ACL which is shared with the other port on a two-port OC-192, with the port carrying the traffic having a feature-output ACL.

Conditions: Occurs on a two-port OC-192 E6 card. Both the ports should be configured with output or input security ACLs, and one port which is carrying the traffic should have output or input ACL. For this issue to happen, all the ACLs need to be either output or input type simultaneously.

Workaround: Configure a new ACL with a different name from the original ACL, then remove it. The traffic can then be forwarded again.

Further Problem Description: This issue is specific to E6 alone and will not happen on E4.

CSCsm02749

Symptoms: When multicast VPN routing/forwarding instance (mVRF) is un-configured, memory leak may occur in line cards.

Conditions: This symptom is observed in Cisco 12000 Series Routers and Cisco 7500 Series Routers when multicast distributed routing is enabled on VPN routing/forwarding instance.

Workaround: There is no workaround.

CSCsm04631

Symptoms: RP crashes due to memory corruption.

Conditions: LC or SPA sending wrong VC number during stats update.

Workaround: There is no workaround.

CSCsm07692

Symptoms: A SIP600 crashes.

Conditions: When the primary CSC is shut, the SIP600 crashes.

Workaround: There is no workaround.

CSCsm09927

Symptoms: Interface flaps continuously after running atlas BERT.

Conditions: During atlas BERT another interface with lower anyphy number should be deleted.

Workaround: Reload the shared port adapter (SPA).

CSCsm10560

Symptoms: A standby route processor crashes with a traceback when multilink is provisioned/unprovisioned continuously.

Conditions: This symptom is observed with a script. There is a small but significant chance of encountering this symptom during manual testing. This symptom occurs in branches based on Cisco IOS Release 12.0S ONLY.

Workaround: There is no workaround.

CSCsm11787

Symptoms: Customer reporting intermitent loss of L2 tunnel with no error messages.

Conditions: Occurs on a Cisco 7500 router running Cisco IOS Release 12.0(31)S02y.

Workaround: There is no workaround.

CSCsm12723

Symptoms: Layer 2 Virtual Private Network (L2VPN) CoS (Class of Service) queue becomes unallocated via the show policy-map int <> dlci <> output command after a L3VPN subinterface with another policy-map is applied to the same interface.

Conditions: Occurs when both L2vpn and L3vpn under the same interface with different policy-map on both of them.

Workaround: Delete and redefine the layer 2 QoS policy to the Data-Link Connection Identifier (DLCI).

CSCsm17391

Symptoms: Some Intermediate System-to-Intermediate System (IS-IS) routes are missing in the routing table.

Conditions: This occurs when some interfaces flap.

Workaround: There is no workaround.

CSCsm24189

Symptoms: 1choc12 ISE: PLIM might reset due to heartbeat failure.

Conditions: This happens when the following errors occur on the PLIM console: [2]T1:5 rx error(crc or non-integer size) 5 [2]T1:5 rx error(crc or non-integer size) 5

And when one or more paths have PAIS.

Workaround: Reduce the TEMUX logging level to 0 as follows attach slot# plim logctl /dev/temux 0 And then clear the path AIS.

CSCsm26130

Symptoms: When removing a subinterface from the configuration that contains an IP address that falls into the major net of the static route, the static route is no longer injected into the BGP table. Since the route is not in the BGP table, it is not advertised to any peers.

Conditions: This symptom is observed with auto-summary enabled in BGP. A static summary route is configured to null0 and is injected into the BGP table with a network statement.

Workaround: There are four possible workarounds:

1) Use an "aggregate-address" configuration instead of the static route to generate the summary. 2) Remove auto-summary from the BGP process. 3) Enter the clear ip bgp * command. 4) Remove and reconfigure the BGP network statement for the summary route.

CSCsm32438

Symptoms: The ifStackStatus results for SPA-4XCT3/DS0 on GSR intermittently do not show relationship between Serial interface and T1, nor T1 to CT3.

Conditions: Occurs when running Cisco IOS Release 12.0(32)S6d with SPA-4XCT3/DS0. Polling ifStackStatus results do show layered relationship with Serial interface, T1 to CT3.

Workaround: Remove and add again the T1 link channel-group if possible.

CSCsm33743

Symptoms: VIP reloads.

Conditions: The crash is triggered by an illeagal memory access operation. The issue can affect any interface and on any platform.

Workaround: No workaround.

Further Problem Description: This bug does not impact Cisco IOS Release 12.2SXF, 12.4, or 12.4T releases. This is seen very rarely and is not reproducible in lab.

CSCsm36057

Symptoms: "Warning: error msgs in vc stats" messages are displayed continuously on the console.

Conditions: This symptom is observed when the router is reloaded.

Workaround: There is no workaround.

If any statistics are not being updated properly on the serial interfaces on the Ch-SPAs, enable the debug hw sub slot/bay command on the RP.

CSCsm41303

Symptoms: A Cisco 12000 router with SIP-601 linecards may experience high CPU in the Tag Input process because of many packets being punted by the linecards to the PRP CPU. The packets are MPLS TTL expired packets that require an unreachable to be sent back. These packets should be processed on the linecard, but they are not.

Conditions: This symptom is observed only on SIP-601 10G linecards.

Workaround: There is no workaround.

CSCsm43195

Symptoms: A configuration of L2VPN interworking between SIP-601/GE SPA to SIP- 401/CT3/FR DLCI switching and with a QoS egress policy applied on the SIP-601 GE SPA interface, traffic may propagate egress on the GE port.

Conditions: When the policy is not applied, traffic flows egress on the GE SPA based interface. When the policy is applied, no traffic is seen egress on the GE interfaces.

Workaround: There is no workaround.

CSCsm44620

Symptoms: Multicast tunnel not coming up after RPM change. A misconfiguration with overlapping networks causes the join to be rejected. This can be seen on the PIM neighbor list.

Conditions: There is a problem related to one of the hub card in rpm-xf.10 in forwarding PIM traffic from 2 PEs ( rpm-xf.13 & rpm-xf.11 ). After RP migration from AVICI to CRS we found that tunnels from PE in slot 13 were not coming up. PE in slot 13 was in consistently in registering mode. PE was not coming out of registering mode which was preventing the tunnels from coming up. For PE to come out of registering mode S,G state should be built from new RP down to PE. At this stage the CRS (RP) showed that S,G tree was establish at the RP. S,G tree was OK all the way down from CRS to the last hop (P in slot 10) connecting to the slot 13 PE. The P router in slot 10, which is directly connected to PE, showed that S,G state was established and PE facing interface was in OIL. But there were couple of discrepancies on the P in slot 10. There were no flags set on this P for the mroute of PE. In addition, we found that PE was not receiving any PIM traffic from the P in slot 10. This led to suspicion that although the P showed the correct S,G and OIL but is still not able to forward traffic to the PE. And this could be the reason for PE to remain in registering mode hence preventing the tunnels from coming up.

Workaround: Remove the following configurations:

a. rpm-xfh10-z135 - shut & remove interface Switch1.4073 b. rpm-xfh09-z134 - shut & remove interface Switch1.4073 c. rpm-xfp11-l172 - remove interface Switch1.3172 d. rpm-xfp13-z074 - remove interface Switch1.4074 e. rpm-xfp04-l171 - remove interface Switch1.3171

CSCsm45113

Symptom: Router may install duplicate routes or incorrect route netmask into routing table. It could happen on any routing protocol. Additionally, for OSPF, crash was observed.

Conditions: The problem is triggered by SNMP polling of ipRouteTable MIB. The problem is introduced by CSCsj50773, see the Integrated-in field of CSCsj50773 for affected images.

Workaround: Do not poll ipRouteTable MIB, poll newer replacement ipForward MIB. instead. The ipRouteTable MIB was replaced by ipForward MIB in RFC 1354.

Further problem description: The clear ip route * command can correct the routing table until the next poll of ipRouteTable MIB.

CSCsm45311

Symptoms: Active RP crashes because of FIA error.

Conditions: Crash is seen when ML provisioning/unprovisioning and Buffer Recarve is done.

Workaround: There is no workaround.

CSCsm45666

Symptoms: E5 LC crash on startup with multicast traffic flowing.

Conditions: Reboot the router.

Workaround: There is no workaround.

CSCsm48176

Symptoms: Line cards on a Cisco 12000 series router or a Cisco 7500 router might crash.

Conditions: This symptom is observed when the no ip multicast- routing distributed command for a VRF is issued when multicast tunnels are up. This symptom is also observed when MVRFs are deleted.

Workaround: Stop multicast traffic before deleting VRFs or issuing the no ip multicast-routing distributed command.

CSCsm55274

Symptoms: Class Based Tunnel Selection (CBTS) stops working. Packets are sent through the wrong tunnel.

Conditions: This symptom is observed when the tunnel flaps.

Workaround: There is no workaround. Once CBTS is broken, only a reload of the Line card clears the problem.

CSCsm57369

Symptoms: On switchover, we see the overhead message appearing in config if we have not configured.

Conditions: This symptom is observed only if there is a switchover in RPR+ or SSO mode.

Workaround: Manually change the config to restore the previous config.

CSCsm62033

Symptoms: L2TP session does not come up.

Conditions: Occurs when a Cisco router marks the Call Serial Number AVP in the ICRP as mandatory. This causes a third-party router to reject it.

Workaround: There is no workaround.

CSCsm64491

Symptoms: Connecting SPA-4XCT3/DS0 SPAs back to back and executing the hw-module subslot x/y reload command causes the line card to crash.

Conditions: All the interfaces should be up and running. Note that this symptom occurs only because of the issue introduced by CSCsg96660; it is not seen otherwise without the image having the fix for CSCsg96660.

Workaround: There is no workaround.

CSCsm66081

Symptoms: If a multilink interface has one end connected to a Cisco 12000 router with a CHOC12/DS1-IR-SC and the other end connected to a non-Cisco- 12000 router, then the multilink interface receiver, at the non-Cisco-12000 router side, may drop all received packets because of packet fragment loss or out-of-order.

Conditions: This symptom may occur immediately when the first member link comes back up again after all member links of the multilink interface have gone down.

Workaround:

1) Create a new multilink interface.

2) Move the member links from the current multilink interface to the new multilink interface.

CSCsm66635

Symptoms: E5 BF/CFI on same line card, PIM-DM traffic may not flow for CFI or Auto-RP information may also not flow. So far the problem is identified to be in E5 BFI/CFI card which drops the DM data packets instead of punting them which is needed for the (*,G)/(S,G) state creation and packet flooding for DM to work.

Conditions: This defect is observed with Cisco IOS Release 12.0(32)SY5.

Workaround: Use the clear ip mds line command on the E5 and core line cards to solve the problem.

CSCsm70668

Symptoms: A soft OIR over E3:POS impacts complete traffic with a biscuit tunnel.

Condition: A soft OIR over E3:POS impacts complete traffic with a biscuit tunnel configured. In OIR "test mbus power 6 off" and "test mbus power 6 on" are performed followed by a microcode reload on slot 6.

Workaround: There is no workaround.

CSCsm71063

Symptoms: The shape fecn-adapt command is accepted in the configuration, but it is not shown in output from show running-config or show policy-map.

Conditions: When shape fecn-adapt is configured with shaping configured on the serial interface with frame-relay, show policy-map does not show the shape fecn-adapt being configured. The show policy-map int command shows fecn-adapt as "0".

Workaround: There is no workaround.

CSCsm74769

Symptoms: if_num mismatch is seen in the uidb, sometimes along with the L2TPv3 bit set to zero. As a result, customer saw L2TPv3 packet drops over FR in Cisco 12000 series Internet router.

Conditions: Removing xconnect on remote PE, resulting in a session(DLCI) FLAP on the local PE. Trigger is L2TPv3 session flap; this may cause a stale CI->Uidb mapping in internal data-structures resulting in if-num mismatch in uidb if the old CI is reused by an DLCI on a different interface.

Workaround: Reload the affected line card.

CSCsm75339

Symptoms: Tracebacks on mic-reload of SIP601.

Conditions: Mic-reload of SIP601 with CT3 SPA.

Workaround: Reloading the secondary RP should restore the out-of-sync ifindex tables.

CSCsm82260

*Some packet flows dropped in nexthop load-sharing between TAG and IP

CSCsm82600

Symptoms: PRP-1 fails to boot after an OIR/power cycle. LEDs might show RPT SENT or RP RDY.

Conditions: This symptom is observed upon a power cycle after upgrading the mbus-agent-rom of the PRP.

Workaround: Use the upgrade mbus-agent-rom slot force command with an older version of Cisco IOS software in the active RP to downgrade the mbus agent ROM of the problem RP.

CSCsm92567

Symptoms: After an RP switchover (SSO), or performing the following procedure, the VPWS DLCI output queues become unallocated.

1. Add VPWS DLCI with service-policy to the FR main interface. 2. Add an FR subinterface but with LFI enabled. 3. Bounce the service policy class on the DLCI under the main interface.

Conditions: When a VPWS circuit is configured on the FR main interface and L3 subinterface has LFI enabled. QoS is applied to both L2VPN and L3VPN services.

Workaround:

1. Delete the LFI FR service-policy. 2. Bounce QoS again on the VPWS DLCI.

CSCso01440

Symptoms: PE1 2/2/1 <--------> 4/0/1CE1

Connect SPA-4XCT3/DS0 SPA back to back, configure loopback network at CE1, and then run bert on 4 T1 channels in PE1. After this, bert will not stop even though the time interval elapsed.

Conditions: All the interfaces should be up and running.

Workaround: There is no workaround.

CSCso12748

Symptoms: Tunnels between Cisco and non Cisco peers fail to come up since the Mandatory of Message Type AVP for SCCRQ that is sent by Cisco is FALSE.

Conditions: This symptom occurs because the Mandatory of Message Type AVP for SCCRQ that is sent by Cisco is FALSE.

Workaround: There is no workaround.

CSCso19528

Symptoms: Traffic may not flow after a switchover.

Conditions: The symptom may be observed when dLFIoLL + HA is configured on a Cisco 7500 router.

Workaround: Wait for standby to come up.

CSCso19748

Symptoms: An 80-byte buffer depletion occurs on E5, leading to an outage of all serial links.

Conditions: The conditions under which this symptom is observed are unknown.

Workaround: There is no workaround.

CSCso21681

Symptoms: An output policy on an MFR interface disappears when the SIP 601 card is reset.

Conditions: Configure the service policy and apply it to the output of the MFR interface. Reset the SIP 601 card, and the service policy will disappear from configuration.

Workaround: There is no workaround.

CSCso22098

Symptoms: OSPF neighborship goes down on RPR+ switchover on core router. The router does not send any hello packets to the connected routers.

Conditions: Occurs when executing RPR or RPR+ switchover. No Problem seen with SSO switchover.

Workaround: There is no workaround.

CSCso22730

Symptoms: Prefixes learned via IGP (ISIS) get assigned "imp-null" as the local label for them.

Conditions: The router has ECMP paths to uplink routers via POS interfaces. It runs ISIS as an IGP. There could be TE tunnel configured on the POS interface. And frequent interface flaps.

Workaround: There is no workaround. Clear the route or flap the interface to bring back the correct local label.

CSCso25026

Symptoms: SONET Section Data Communications Channel (SDCC) comes up initially and goes down after some time and never comes up again. The interface shows up, but the line protocol shows down on both the sides

Conditions: Occurs after packet over SONET (POS) is converted to spatial reuse protocol (SRP).

Workaround: There is no workaround.

CSCso25848

Symptoms: With an ingress E2 GigE line card and an egress E5 line card, packets are dropped in the egress line card with TX bad BMA buffer counts increasing.

Conditions: This symptom is observed when the ingress is E2 and the egress is E5.

Workaround: There is no workaround.

Further Problem Description: This issue is not seen with an E3/E5 combination or an E2/E6 combination.

CSCso30471

Symptoms: Engine 5 SIP-600 crashes and tracebacks seen for Flexible NetFlow (FNF) configuration.

Conditions: Line card crash is hard to reproduce, and it is seen when show flow monitor is used. Tracebacks are easily re-producible while unconfiguring FNF output mode.

Workaround: There is no workaround.

CSCso31508

Symptoms: CEF and hardware CEF for global default route are inconsistent. This may cause the default traffic to be sent through the wrong interface.

Conditions: This issue occurs under the following conditions:

1. Global default should point toward the core. 2. VRF default should be learned from the remote PE.

Workaround: Enter the following command:

clear ip route 0.0.0.0 0.0.0.0

CSCso33290

Symptoms: L2VPN traffic on an MFR interface is unable to pass through FR/IETF encapsulation MPLS trunk. Furthermore, if this MFR interface is deleted and re-added, the following error messages are received.

SLOT 4:Mar 20 11:51:05.459 UTC: %SPA_CHOC_DSX-3-ERROR: Serial4/0/0/1:0: response parsing failed for DLCI (601) provisioning SLOT 4:Mar 20 11:51:05.471 UTC: %SPA_CHOC_DSX-3-ERROR: Serial4/0/0/1:0: response parsing failed for DLCI (602) provisioning

Conditions: This symptom is observed after an MFR interface is deleted and re-added.

Workaround: There is no workaround.

CSCso46965

Symptoms: Ping fails

Conditions: Occurs when 2x1GE V2 shared port adapter (SPA) is in BN jacket.

Workaround: There is no workaround.

CSCso47485

Symptoms: The E4+ line card crashes continuously with the following output:

SLOT 1:Jan 19 02:06:09.559 UTC: %TX192-3-CPUIF: Error=0x40

rd 0x15 base 0x12 hdr 0x14 last 0x14 wr 0x14 insert 0x0 back 0x1 len 0x2474 cnt 0x0

Conditions: There is no exact trigger. But this symptom is observed when there are corrupt packets being sent from the ingress card under unknown circumstances.

Workaround: There is no workaround.

CSCso53048

Symptoms: A router acting as an OSPF ABR for an NSSA area, when announcing a default route into the NSSA area, sets the LSA forwarding address to one of its interfaces instead of to 0.0.0.0. When there is more than one interface from that router into the NSSA area (load balancing), only one interface will be used by NSSA routers to forward traffic toward destinations reachable via the default route. If there is no default route present in the RIB, the forwarding address is set to 0.0.0.0, which will enable load balancing.

Conditions: This behavior is not present in Cisco IOS Release 12.0(32)SY4.

Workaround: To have load balancing, you may want to define a loopback inside the NSSA to be elected as the FA and have the FA visible from the interfaces into the NSSA.

CSCso60329

Symptoms: With L3VPN config over IP using L2TPV3 tunnel configuration, the input queues of interface is wedged. The show buffer input interface command yields no output.

Conditions: Occurs with the configuration of L3VPN over IP using L2TPV3 tunnels.

Workaround: There is no workaround.

CSCso82147

Symptoms: Line card crashes when packet over SONET (POS) shared port adapter (SPA) is present.

Conditions: Occurs the first time router is reloaded.

Workaround: There is no workaround.

CSCso86881

Symptoms: Per-Packet Load Balancing (PPLB) does not work and traffic goes through single interface.

Conditions: Observed in following case: * CE1----PE-----CE2. * Two links from CE1 to provider edge (PE) and two links from PE to CE2. * All the four links are emerging from same shared port adapter (SPA) on PE. * Serial interface is used. * VPN routing/forwarding (VRF) is configured on PE.

Workaround: Remove PPLB and configure it back. However, the issue will reappear on router or line card reload.

CSCso89193

None Symptom:

c7200-kboot-mz image is broken by the commit of CSCso71150

Workaround:

No workaround

CSCso92950

Symptoms: IPv6 multicast unnecessarily copied when join -> prune is repeated multiple times.

Conditions: Occurs when IPv6 multicast-routing is enabled on a Cisco 12000 series router.

Workaround: Reload the router.

CSCsq00167

Symptoms: 12000-SIP-401/501/601 has 8 MB of FSRAM with the fix CSCsm13564. But PLU and TLU adjacencies in the 12000-SIP-401/501/601 support up to 4 MB.

Conditions: If the hardware is supporting 8 MB of FSRAM, the PLU can have access to this 8 MB. But this is not happening.

Workaround: Identified through the code review of CSCsm13564. There is no workaround.

CSCsq00596

Symptoms: CE-CE ping is not working in Frame Relay over MPLS (FRoMPLS).

Condition: Occurs when E0 POS is used as disposition.

Workaround: There is no workaround.

CSCsq02587

Symptoms: Traffic engineering (TE) tunnel is not coming up in MPLS TE.

Condition: Occurs when both Ethernet Over MPLS (EoMPLS) and MPLS TE are configured on the router.

Workaround: There is no workaround.

CSCsq03170

Symptoms: An input service policy with only the class-default class shows no matches.

Conditions: This symptom is observed after a reload of Cisco 12000 series routers, Linecard Engine 3, with an ATM interface configured for AToM, Port Mode.

Workaround: Move traffic and the configuration to another interface.

CSCsq04787

Symptoms: Router crashed when issuing the show-tech command while connected to the router using SSH.

Conditions: Occurred on a Cisco 7200 router with NPE-G2 running Cisco IOS Release 12.0(33)S.

Workaround: Use telnet to connect to the router.

CSCsq05128

Symptoms: Performance Route Processor (PRP) crashes after loading image from disk0.

Condition: Occurs when multiservice edge (MSE) router reloads with the image in the disk0. The RP crashes, and tracebacks are displayed. Both the active and standby RPs toggle each time.

Workaround: There is no workaround.

CSCsq05602

Symptoms: Intermediate System-to-Intermediate System (IS-IS) routes still using MPLS tunnels as next hop even after tunnels are shutdown.

Conditions: Occurs when MPLS tunnels to multiple routers are configured.

Workaround: Use the clear isis * command to temporarily solve the problem.

CSCsq16042

Symptoms: The OSPF state of interfaces on a Cisco 7500 RSP router will stay down after a reload or when the interface are brought down and then up.

Conditions: This only affects Cisco 7500 RSP routers.

Workaround: There is no workaround.

CSCsq26219

*Some packet flows dropped in nexthop load-sharing between TAG and IP

CSCsq70534

Symptoms: A router crashes because of a block overrun (overwriting the memory block).

Conditions: This symptom is observed only when templates are exported in the export packet, which is used only in version 9 version of exporting.

Workaround: Version 5 could be used for exporting.

CSCsq85868

Symptoms: Performance Route Processor (PRP) crashes after loading image from disk0.

Condition: Occurs when multiservice edge (MSE) router reloads with the image in the disk0. The RP crashes, and tracebacks are displayed. Both the active and standby RPs toggle each time.

Workaround: There is no workaround.

Resolved Caveats—Cisco IOS Release 12.0(33)S

All the caveats listed in this section are resolved in Cisco IOS Release 12.0(33)S. This section describes only severity 1, severity 2, and select severity 3 caveats.

ISO CLNS

CSCsh63785

Symptoms: A MPLS tunnel may not come up after a stateful switchover (SSO) has occurred.

Conditions: This symptom is observed on a Cisco router when Cisco IS-IS NSF is enabled and when IS-IS is used as the IGP for MPLS TE tunnels.

Workaround: Do not configure Cisco IS-IS NSF. Rather, configure IETF NSF.

First Alternate Workaround: Enter the clear isis * command.

Second Alternate Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the interface that is used for the MPLS TE tunnels after the SSO has occurred.

Miscellaneous

CSCec12299

Devices running Cisco IOS versions 12.0S, 12.2, 12.3 or 12.4 and configured for Multiprotocol Label Switching (MPLS) Virtual Private Networks (VPNs) or VPN Routing and Forwarding Lite (VRF Lite) and using Border Gateway Protocol (BGP) between Customer Edge (CE) and Provider Edge (PE) devices may permit information to propagate between VPNs.

Workarounds are available to help mitigate this vulnerability.

This issue is triggered by a logic error when processing extended communities on the PE device.

This issue cannot be deterministically exploited by an attacker.

Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080924-vpn.shtml.

CSCek61276

Symptoms: IPv6 traffic stops.

Conditions: This symptom is observed on a Cisco router when you first disable and then re-enable IPv6 on an interface.

Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the affected interface.

CSCsc53393

Symptoms: A Cisco 12000 series may generate the following error message and reload unexpectedly because of a bus error:

%MEM_ECC-2-MBE: Multiple bit error detected at XXXXXXXX: %MEM_ECC-3-SYNDROME_MBE: 8-bit Syndrome for the detected Multi-bit error: 0x99

Conditions: This symptom is observed on a Cisco 12000 series that is configured for CEF and MPLS.

Workaround: There is no workaround.

CSCsd20210

Symptoms: The PXF engine of a Cisco 10720 may crash.

Conditions: The symptom is observed when you modify an existing access control list (ACL) that is attached to an interface.

Workaround: Do not modify an ACL that is attached to an interface. If you cannot remove the ACL from the interface, create a new ACL and apply it to the interface.

CSCsg61922

Symptoms: The show l2tp session all vcid command generates incorrect output.

Conditions: This symptom is observed on a Cisco router that has an L2TPv3 tunnel.

Workaround: There is no workaround.

CSCsg70932

Symptoms: A Cisco 7200 series that is configured for QoS may crash when traffic is sent.

Conditions: This symptom is observed on a Cisco 7200 series that has an NPE-G1 or NPE-G2 and that has a Port Adapter Jacket Card in which a 2-port OC-3/STM-1 POS port adapter (PA-POS-2OC3) in installed that has an interface with a service policy.

Workaround: There is no workaround.

CSCsj25476

Symptoms: Route processor crashes.

Conditions: Occurs while executing the command no control-plane slot <slot no> command.

Workaround: There is no workaround.

CSCsk47914

Symptoms: Traffic forwarding stops upon mic-reloading the egress card when E4+ is ingress.

Conditions: Occurs when mic-reloading the egress line card

Workaround: Mic-reload the E4+ line card to recover. You can also enter the clear cef linecard <ingress card slot#> command to recover traffic.

CSCsk67111

Symptoms: Watchdog timeout occurs after switchover.

Conditions: Occurs when the high-availability feature is configured on the RPR of a Cisco 7500 router.

Workaround: There is no workaround.

CSCsl09865

Symptoms: Memory leak occurs on Cisco 10720 router.

Conditions: Occurs when the router receives a "pim join" message. The router allocates blocks of memory that are never released. Occurs when there are more than three IPv6 PIM hosts on the same network segment.

Workaround: There is no workaround.

CSCsl33781

Symptoms: Primary RP crashes when the clear counter command is entered.

Conditions: Occurs when the command is issued while traffic is flowing.

Workaround: There is no workaround.

CSCsl34355

Two crafted Protocol Independent Multicast (PIM) packet vulnerabilities exist in Cisco IOS software that may lead to a denial of service (DoS) condition. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080924-multicast.shtml.

Open Caveats—Cisco IOS Release 12.0(33)S

This section describes possibly unexpected behavior by Cisco IOS Release 12.0(33)S. All the caveats listed in this section are open in Cisco IOS Release 12.0(33)S. This section describes only severity 1, severity 2, and select severity 3 caveats.

IP Routing Protocols

CSCek77029

Symptoms: The remove-private-as command does not work as expected when applied to a neighbor for which a route-map with a "set as-path prepend" and "continue" statement are configured.

Conditions: Occurred on a router with the following configuration:

route-map test permit 10
set as-path prepend 2
continue
route-map test permit 20
set metric 200

Workaround: Do not use the remove-private-as command with the above configuration.

CSCsb63652

Symptoms: BGP convergence is very slow and CPU utilization at BGP Router process is always near 100% during the convergence at aggregation router.

Conditions: Occurs if the number of component prefixes belonging to the aggregate-address entry increases. Also occurs if the number of duplicate aggregation component prefixes for aggregate-address entry increases

Workaround: Remove the "aggregate-address" statement.

CSCsc27668

Symptoms: When you enter the neighbor ip address send-label explicit-null command, the RP may crash.

Conditions: This symptom is observed on a Cisco router that is configured for BGP.

Workaround: There is no workaround.

CSCsd54539

Symptoms: After the command route-map test-comm-in permit 20 is issued, one of the peers should be denied and should not be advertised to any other peers.But this behavior is not seen with this image.

Conditions: Occurs when the route map test-comm-in permit 20 is entered.

Workaround: There is no workaround.

CSCsg42672

Symptoms: On a Cisco router running Cisco IOS release 12.0(32)S4 and configured with BGP and peer-groups, if the Fast Peering Session Deactivation feature is configured in the peer-group, the router automatically configures on the command a route-map with the same name as the peer-group.

Conditions: Occurs when the following is configured:

RR#conf t
Enter configuration commands, one per line. End with CNTL/Z.
RR(config)#router bgp 65001
RR(config-router)#neighbor rrs-client fall-over ?
bfd Use BFD to detect failure
route-map Route map for peer route
<cr>
RR(config-router)#neighbor rrs-client fall-over
RR#sh ru
<snip>
router bgp 65001
neighbor rrs-client peer-group
neighbor rrs-client remote-as 20959
neighbor rrs-client update-source Loopback0
neighbor rrs-client fall-over route-map rrs-client <<<<<<<
the route-map does not exist.

Workaround: Configure the neighbor individually or use peer-templates

CSCsg48540

Symptoms: A carrier supporting carrier (CsC) Multiprotocol Border Gateway Protocol (MPBGP) connection between two PE routers may remain in the active state but never becomes established.

Conditions: This symptom is observed when (CsC) is configured on all routers.

Workaround: There is no workaround.

CSCsi68795

Symptoms: A PE that is part of a confederation and receives a VPNv4 prefix from an internal and an external confederation peer assigns a local label to the prefix despite the fact that the prefix is not local to this PE and that the PE is not changing the BGP next-hop.

Conditions: Occurs when receiving this prefix via two paths from confederation peers.

Workaround There is no workaround.

Further Problem Description: Whether or not the PE will chose to allocate a local label depends on the order at which the multiple paths for this vpnv4 prefix are learned. The immediate impact is that the local label that is allocated takes up memory in the router as the router will populate the LFIB with the labels.

CSCsj56281

Symptoms: Inherit peer-policy does not work after a router reload

Conditions: Occurs only after the router is reloaded.

Workaround: There is no workaround.

CSCsk23478

Symptoms: When converting BGP from NLRI to AF form, route-maps are not applied to the multicast neighbor.

Conditions: Occurs when a neighbor is supporting both unicast and multicast. If a route-map is applied to the neighbor, it will only be applied to the IPv4 unicast address-family after converting with the bgp upgrade-cli command

Workaround: If the route-map is needed for the unicast and multicast address-family, then the command match nlri unicast multicast should be added to the route-map, even though this is the default behavior.

CSCsl30331

Symptoms: Prefixes are allowed by the outbound route-map even though the match condition is met and the action is set to deny

1. The iteration with the deny action contains a match community.

2. The continue statement is used in one of the previous iterations.

Workaround: If there is single match clause based on NLRI, the condition is avoided. The issue is not observed.

CSCuk59727

Symptoms: The output of the show stacks command may show a very large number of blank lines (for example, 280,000) instead of a process name before the next line of command output is shown.

Conditions: This symptom is observed on a Cisco 12000 series. The symptom may also occur when you enter a command that executes the show stacks command such as the show tech command or the show tech cef command.

Workaround: There is no workaround.

ISO CLNS

CSCsk66339

Symptoms: A Cisco 7600 router may encounter a condition such that when IS-IS and Traffic Engineering are configured, IS-IS should remove the native path from its local RIB and call RIB code to remove the path from global RIB but fails by either not passing the "delete" msg to RIB properly or RIB doesn't react when it received the "delete" call.

Conditions: Output from the show mpls traffic-engineering tunnel command may indicate the "Removal Trigger: setup timed out" status.

Workaround: Shut/no shut the interface or change the metric temporarily to force an update by using the tunnel mpls traffic-eng autoroute metric 1 command.

Miscellaneous

CSCsg32465

Symptoms: Incorrect police percent conversions occur in the second and third levels of a policy.

Conditions: This symptom is observed on a Cisco 7200 series that runs Cisco IOS Release 12.2SB. However, the symptom is platform-independent.

Workaround: There is no workaround.

CSCsh28556

Symptoms: When configuring frame relay queueing, bandwidth is taken as 28kbps and more than 28 kbps cannot be configured.

Conditions: This happens only when service policy is applied under map-class frame-relay and then binding it under the DLCI with frame-relay traffic shaping enabled under the interface.

Workaround: There is no workaround.

CSCsh59300

Symptoms: Standby may crash repeatedly

Conditions: Occur when dLFIoLL+QoS+SSO is configured on a Cisco 7500 router. Input service policy is configured on MCT1E1 interface.

Workaround: Change the mode to RPR+

CSCsh77320

Symptoms: Cisco 7500 router is unable to provide adequate guarantee to classes.

Conditions: Occurs when dLFIoLL and QoS are configured on 7500 router

Workaround: There is no workaround.

CSCsi15007

Symptoms: RIP process uses excessive CPU.

Conditions: Occurs when 200 network commands are configured using RIP version 2.

Workaround: There is no workaround

CSCsi50772

Symptoms: During setup of vc-class provision for l2tpv3 ATM tunnels, the initial end-to-end is just fine, but after removing vc-class on both PE at the same time by script, one of ATM sub-interface on CE router went down, and ping was not passing through anymore.

Conditions: Occurs when the vc-class on PE1 and PE2 are removed at almost at the same time.

Workaround: Remove vc-class on one PE router first, and then remove vc-class on the other PE router.

CSCsi53353

Symptoms: IPv6 EBGP sessions fail with the following message in "debug bgp events":

%BGP-4-INCORRECT_TTL: Discarded message with TTL 32 from <ip>

Conditions: Occurs when BTSH is configured between the peers.

Workaround: Disable BTSH between the IPv6 peers

CSCsi90548

Symptoms: Cisco 7206VXR with PA-MC-8TE1+ experiences interface flaps when there is a service policy configured on the interface.

Conditions: Occurs when the configured service policy limit is reached.

Workaround: There is no workaround.

CSCsi95175

Symptoms: Output for set-mpls-exp-imposition-transmit is incorrect.

Conditions: The following is output when the command is entered:

75Q2-R3(config)#policy-map multiple_action_1
75Q2-R3(config-pmap)# class 35
75Q2-R3(config-pmap-c)# police cir 8000 bc 1000 pir 10000 be 12000
75Q2-R3(config-pmap-c-police)#conform-action set-mpls-exp-imposition-transmit 5
75Q2-R3#sh policy-map
Policy Map multiple_action_1
Class 35
police cir 8000 bc 1000 pir 10000 be 12000
conform-action set-mpls-exp-transmit 5 <<<should be set-mpls-exp-imposition-transmit 5
exceed-action drop
violate-action drop

Workaround: There is no workaround.

CSCsk68742

Symptoms: Using the show ip mds stats linecard command shows MDFS reloads on all LCs when multicast distributed routing is added on a VRF through the configuration of ip multicast-routing vrf vpn distributed.

Workaround: There is no workaround.

Further Problem Description:

Note that while the MDFS reload is a real reload, it is without a preceding clear so it will not generally cause traffic interruption as it merely causes the same information to be downloaded to the linecards again. However in a highly scaled system running close to the limit, the additional load introduced by a full MDFS reload of every linecard may cause additional failures because of CPU utilization.

CSCsk69194

Symptoms: Shape average percent calculation is incorrect.

Conditions: This issue is seen on a Cisco 7500 router configured for dLFIoLL. The policy is attached to ATM and multilink interfaces.

Workaround: there is no workaround.

CSCsl30246

Symptoms: IP PIM neighbor in multicast VPN is not two-way

Conditions: Occurs in traffic between a Cisco 12000 router and a Cisco 7500 router. The Cisco 7500 does not receive MDT update.

Workaround: There is no workaround.

CSCsl53811

Symptoms: Some FRR database entries become active after reoptimization. Traffic on the LSP which become FRR active is forwarded wrong path and continues to drop.

Conditions:

- This problem may happen when manual or timer reoptimization is performed during convergence

- This problem may happen when "Tunnel head end item" and "LSP midpoint item" in FRR database have more than one entry in each item.

- This problem may happen when midpoint entry in "LSP midpoint item" is the LSP using "loose" path-option on a headend router.

Workaround: There is no workaround.

CSCsl63438

Symptoms: The Unicast and Multicast VPN traffic packets are dropped on a MLFR bundle link while increasing the traffic rate and bringing back to normal.

Conditions: The drops are seen only after an increase in the traffic rate and bringing back to normal value.

Workaround: There is no workaround.

CSCsl64686

Symptoms: VIP with CHSTM1 crashes on a Cisco 7500 router.

Conditions: dLFIoLL is configured on a Cisco 7500 router and MDR reload is done on the VIP

Workaround: There is no workaround.

Wide-Area Networking

CSCsb64662

This caveat consists of two symptoms, two conditions, and two workarounds:

Symptom 1: Multicast packets that traverse a Frame Relay virtual circuit (VC) bundle are dropped.

Condition 1: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.0S.

Workaround 1: There is no workaround.

Symptom 2: Multicast packets that traverse a Frame Relay virtual circuit (VC) bundle are process-switched.

Condition 2: This symptom is observed with Cisco IOS Release 12.3.

Workaround 2: There is no workaround.

Resolved Caveats—Cisco IOS Release 12.0(32)S15

Cisco IOS Release 12.0(32)S15 is a rebuild of Cisco IOS Release 12.0(32)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(32)S15 but may be open in previous Cisco IOS releases. This section describes only severity 1, severity 2, and select severity 3 caveats.

CSCek38939

Symptoms: The input error counter may not be incremented for packet errors such as runts, CRC errors, and overrun errors.

Conditions: This symptom is observed on a Cisco 7200 series that has an NPE-G1 or a Cisco 3800.

Workaround: There is no workaround.

CSCsu96698

Symptoms: More specific routes are advertised and withdrawn later even if config aggregate-address net mask summary-only is configured. The BGP table shows the specific prefixes as suppressed with s>.

Conditions: This occurs only with very large configurations.

Workaround: Configure a distribute-list in BGP process that denies all of the aggregation child routes.

CSCsz71787

Symptoms: A router crashes when it is configured with DLSw.

Conditions: A vulnerability exists in Cisco IOS software when processing UDP and IP protocol 91 packets. This vulnerability does not affect TCP packet processing. A successful exploitation may result in a reload of the system, leading to a denial of service (DoS) condition.

Cisco IOS devices that are configured for DLSw with the dlsw local- peer command automatically listen for IP protocol 91 packets. A Cisco IOS device that is configured for DLSw with the dlsw local-peer peer-id <IP- address> command listen for IP protocol 91 packets and UDP port 2067.

Cisco IOS devices listen to IP protocol 91 packets when DLSw is configured. However, it is only used if DLSw is configured for Fast Sequenced Transport (FST). A DLSw FST peer configuration will contain the following line:

dlsw remote-peer 0 fst <ip-address>

It is possible to disable UDP processing in DLSw with the dlsw udp-disable command. However, disabling UDP only prevents the sending of UDP packets; it does not prevent the device from receiving and processing incoming UDP packets.

Workaround: The workaround consists of filtering UDP packets to port 2067 and IP protocol 91 packets. Filters can be applied at network boundaries to filter all IP protocol 91 packets and UDP packets to port 2067, or filters can be applied on individual affected devices to permit such traffic only from trusted peer IP addresses. However, since both of the protocols are connectionless, it is possible for an attacker to spoof malformed packets from legitimate peer IP addresses.

As soon as DLSw is configured, the Cisco IOS device begins listening on IP protocol 91. However, this protocol is used only if DLSw is configured for Fast Sequenced Transport (FST). A DLSw FST peer configuration will contain the following line:

dlsw remote-peer 0 fst <ip-address>

If FST is used, filtering IP protocol 91 will break the operation, so filters need to permit protocol 91 traffic from legitimate peer IP addresses.

It is possible to disable UDP processing in DLSw with the dlsw udp-disable command. However, disabling UDP only prevents the sending of UDP packets; it does not prevent the receiving and processing of incoming UDP packets. To protect a vulnerable device from malicious packets via UDP port 2067, both of the following actions must be taken:

1. Disable UDP outgoing packets with the dlsw udp-disable command

2. Filter UDP 2067 in the vulnerable device using infrastructure ACL.

* Using Control Plane Policing on Affected Devices

Control Plane Policing (CoPP) can be used to block untrusted DLSw traffic to the device. Cisco IOS software releases 12.0S, 12.2SX, 12.2S, 12.3T, 12.4, and 12.4T support the CoPP feature. CoPP may be configured on a device to protect the management and control planes to minimize the risk and effectiveness of direct infrastructure attacks by explicitly permitting only authorized traffic sent to infrastructure devices in accordance with existing security policies and configurations. The following example, which uses 192.168.100.1 to represent a trusted host, can be adapted to your network. If FST is not used, protocol 91 may be completely filtered. Additionally, if UDP is disabled with the dlsw udp-disable command, UDP port 2067 may also be completely filtered.

!--- Deny DLSw traffic from trusted hosts to all IP addresses
!--- configured on all interfaces of the affected device so that
!--- it will be allowed by the CoPP feature.

access-list 111 deny udp host 192.168.100.1 any eq 2067 access-list 111 deny 91 host 192.168.100.1 any

!--- Permit all other DLSw traffic sent to all IP addresses
!--- configured on all interfaces of the affected device so that it
!--- will be policed and dropped by the CoPP feature.

access-list 111 permit udp any any eq 2067 access-list 111 permit 91 any any

!--- Permit (Police or Drop)/Deny (Allow) all other Layer 3 and Layer 4
!--- traffic in accordance with existing security policies and
!--- configurations for traffic that is authorized to be sent
!--- to infrastructure devices.
!--- Create a Class-Map for traffic to be policed by
!--- the CoPP feature.

class-map match-all drop-DLSw-class match access-group 111

!--- Create a Policy-Map that will be applied to the
!--- Control-Plane of the device.

policy-map drop-DLSw-traffic class drop-DLSw-class drop

!--- Apply the Policy-Map to the Control-Plane of the
!--- device.

control-plane service-policy input drop-DLSw-traffic

In the above CoPP example, the access control entries (ACEs) that match the potential exploit packets with the "permit" action result in these packets being discarded by the policy-map "drop" function, while packets that match the "deny" action (not shown) are not affected by the policy-map drop function. Please note that in the Cisco IOS 12.2S and 12.0S trains, the policy-map syntax is different:

policy-map drop-DLSw-traffic class drop-DLSw-class police 32000 1500 1500 conform-action drop exceed-action drop

Additional information on the configuration and use of the CoPP feature is available at:

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6642/prod_ white_paper0900aecd804fa16a.html

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtrtlimt.html

* Using Infrastructure ACLs at Network Boundary

Although it is often difficult to block traffic transiting your network, it is possible to identify traffic that should never be allowed to target your infrastructure devices and block that traffic at the border of your network. iACLs are a network security best practice and should be considered as a long-term addition to good network security as well as a workaround for this specific vulnerability. The iACL example shown below should be included as part of the deployed infrastructure access-list that will protect all devices with IP addresses in the infrastructure IP address range. If FST is not used, protocol 91 may be completely filtered. Additionally, if UDP is disabled with the dlsw udp-disable command, UDP port 2067 may also be completely filtered.

!--- Permit DLSw (UDP port 2067 and IP protocol 91) packets
!--- from trusted hosts destined to infrastructure addresses.

access-list 150 permit udp TRUSTED_HOSTS MASK INFRASTRUCTURE_ADDRESSES MASK eq 2067 access-list 150 permit 91 TRUSTED_HOSTS MASK INFRASTRUCTURE_ADDRESSES MASK

!--- Deny DLSw (UDP port 2067 and IP protocol 91) packets from
!--- all other sources destined to infrastructure addresses.

access-list 150 deny udp any INFRASTRUCTURE_ADDRESSES MASK eq 2067 access-list 150 deny 91 any INFRASTRUCTURE_ADDRESSES MASK

!--- Permit/deny all other Layer 3 and Layer 4 traffic in accordance
!--- with existing security policies and configurations.
!--- Permit all other traffic to transit the device.

access-list 150 permit ip any any

interface serial 2/0 ip access-group 150 in

The white paper entitled "Protecting Your Core: Infrastructure Protection Access Control Lists" presents guidelines and recommended deployment techniques for infrastructure protection access lists. This white paper can be obtained at the following link:

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a0080 1a1a55.shtml

Further Problem Description: This vulnerability occurs on multiple events to be exploited. It is medium complexity in order to exploit and has never been seen in a customer environment.

CSCsz72591

Symptoms: A router crashes with an Address Error (load or instruction fetch) exception.

Conditions: The router must be configured to act as a DHCP client.

Workaround: There is no workaround.

CSCtd75033

Symptoms: Cisco IOS Software is affected by NTP mode 7 denial-of-service vulnerability.

Conditions: Cisco IOS Software with support for Network Time Protocol (NTP) contains a vulnerability processing specific NTP Control Mode 7 packets. This results in increased CPU on the device and increased traffic on the network segments.

This is the same as the vulnerability which is described in http://www.kb.cert.org/vuls/id/568372.

Cisco has release a public facing vulnerability alert at the following link:

http://tools.cisco.com/security/center/viewAlert.x?alertId=19540

Cisco IOS Software that has support for NTPv4 is NOT affected. NTPv4 was introduced into Cisco IOS Software: 12.4(15)XZ, 12.4(20)MR, 12.4(20)T, 12.4(20)YA, 12.4(22)GC1, 12.4(22)MD, 12.4(22)YB, 12.4(22)YD, 12.4(22)YE and 15.0(1)M.

All other versions of Cisco IOS and Cisco IOS XE Software are affected.

To see if a device is configured with NTP, log into the device and issue the CLI command show running-config | include ntp. If the output returns either of the following commands listed then the device is vulnerable:

ntp master <any following commands>

ntp peer <any following commands>

ntp server <any following commands>

ntp broadcast client

ntp multicast client

The following example identifies a Cisco device that is configured with NTP:

router#show running-config | include ntp

ntp peer 192.168.0.12

The following example identifies a Cisco device that is not configured with NTP:

router#show running-config | include ntp

router#

To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the show version command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to "Cisco Internetwork Operating System Software" or "Cisco IOS Software." The image name displays in parentheses, followed by "Version" and the Cisco IOS Software release name. Other Cisco devices do not have the show version command or may provide different output.

The following example identifies a Cisco product that is running Cisco IOS Software Release 12.3(26) with an installed image name of C2500-IS-L:

Router#show version

Cisco Internetwork Operating System Software

IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE

(fc2)

Technical Support: http://www.cisco.com/techsupport

Copyright ) 1986-2008 by cisco Systems, Inc.

Compiled Mon 17-Mar-08 14:39 by dchih

<output truncated>

The following example shows a product that is running Cisco IOS Software Release 12.4(20)T with an image name of C1841-ADVENTERPRISEK9-M:

Router#show version

Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version

12.4(20)T, RELEASE SOFTWARE (fc3)

Technical Support: http://www.cisco.com/techsupport

Copyright ) 1986-2008 by Cisco Systems, Inc.

Compiled Thu 10-Jul-08 20:25 by prod_rel_team

<output truncated>

Additional information about Cisco IOS Software release naming conventions is available in "White Paper: Cisco IOS Reference Guide" at the following link:

http://www.cisco.com/warp/public/620/1.html

Workaround: There are no workarounds other than disabling NTP on the device. The following mitigations have been identified for this vulnerability; only packets destined for any configured IP address on the device can exploit this vulnerability. Transit traffic will not exploit this vulnerability.

Note: NTP peer authentication is not a workaround and is still a vulnerable configuration.

* NTP Access Group

Warning: Because the feature in this vulnerability utilizes UDP as a transport, it is possible to spoof the sender's IP address, which may defeat access control lists (ACLs) that permit communication to these ports from trusted IP addresses. Unicast Reverse Path Forwarding (Unicast RPF) should be considered to be used in conjunction to offer a better mitigation solution.

!--- Configure trusted peers for allowed access

access-list 1 permit 171.70.173.55

!--- Apply ACE to the NTP configuration

ntp access-group peer 1

For additional information on NTP access control groups, consult the document titled "Performing Basic System Management" at the following link:

http://www.cisco.com/en/US/docs/ios/netmgmt/configuration/guide/nm_basic_sys_manage.html#wp1034942

* Infrastructure Access Control Lists

Warning: Because the feature in this vulnerability utilizes UDP as a transport, it is possible to spoof the sender's IP address, which may defeat ACLs that permit communication to these ports from trusted IP addresses. Unicast RPF should be considered to be used in conjunction to offer a better mitigation solution.

Although it is often difficult to block traffic that transits a network, it is possible to identify traffic that should never be allowed to target infrastructure devices and block that traffic at the border of networks.

Infrastructure ACLs (iACLs) are a network security best practice and should be considered as a long-term addition to good network security as well as a workaround for this specific vulnerability. The iACL example below should be included as part of the deployed infrastructure access-list, which will help protect all devices with IP addresses in the infrastructure IP address range:

!---

!--- Feature: Network Time Protocol (NTP)

!---

access-list 150 permit udp TRUSTED_SOURCE_ADDRESSES WILDCARD

INFRASTRUCTURE_ADDRESSES WILDCARD eq 123

!--- Note: If the router is acting as a NTP broadcast client

!--- via the interface command "ntp broadcast client"

!--- then broadcast and directed broadcasts must be

!--- filtered as well. The following example covers

!--- an infrastructure address space of 192.168.0.X

access-list 150 permit udp TRUSTED_SOURCE_ADDRESSES WILDCARD

host 192.168.0.255 eq ntp

access-list 150 permit udp TRUSTED_SOURCE_ADDRESSES WILDCARD

host 255.255.255.255 eq ntp

!--- Note: If the router is acting as a NTP multicast client

!--- via the interface command "ntp multicast client"

!--- then multicast IP packets to the mutlicast group must

!--- be filtered as well. The following example covers

!--- a NTP multicast group of 239.0.0.1 (Default is

!--- 224.0.1.1)

access-list 150 permit udp TRUSTED_SOURCE_ADDRESSES WILDCARD

host 239.0.0.1 eq ntp

!--- Deny NTP traffic from all other sources destined

!--- to infrastructure addresses.

access-list 150 deny udp any

INFRASTRUCTURE_ADDRESSES WILDCARD eq 123

!--- Permit/deny all other Layer 3 and Layer 4 traffic in

!--- accordance with existing security policies and

!--- configurations. Permit all other traffic to transit the

!--- device.

access-list 150 permit ip any any

!--- Apply access-list to all interfaces (only one example

!--- shown)

interface fastEthernet 2/0

ip access-group 150 in

The white paper entitled "Protecting Your Core: Infrastructure Protection Access Control Lists" presents guidelines and recommended deployment techniques for infrastructure protection access lists and is available at the following link:

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a00801a1a55.shtml

* Control Plane Policing

Provided under Control Plane Policing there are two examples. The first aims at preventing the injection of malicious traffic from untrusted sources, whilst the second looks at rate limiting NTP traffic to the box.

- Filtering untrusted sources to the device.

Warning: Because the feature in this vulnerability utilizes UDP as a transport, it is possible to spoof the sender's IP address, which may defeat ACLs that permit communication to these ports from trusted IP addresses. Unicast RPF should be considered to be used in conjunction to offer a better mitigation solution.

Control Plane Policing (CoPP) can be used to block untrusted UDP traffic to the device. Cisco IOS Software Releases 12.0S, 12.2SX, 12.2S, 12.3T, 12.4, and 12.4T support the CoPP feature. CoPP can be configured on a device to help protect the management and control planes and minimize the risk and effectiveness of direct infrastructure attacks by explicitly permitting only authorized traffic that is sent to infrastructure devices in accordance with existing security policies and configurations. The CoPP example below should be included as part of the deployed CoPP, which will help protect all devices with IP addresses in the infrastructure IP address range.

!--- Feature: Network Time Protocol (NTP)

access-list 150 deny udp TRUSTED_SOURCE_ADDRESSES WILDCARD

any eq 123

!--- Deny NTP traffic from all other sources destined

!--- to the device control plane.

access-list 150 permit udp any any eq 123

!--- Permit (Police or Drop)/Deny (Allow) all other Layer3 and

!--- Layer4 traffic in accordance with existing security policies

!--- and configurations for traffic that is authorized to be sent

!--- to infrastructure devices

!--- Create a Class-Map for traffic to be policed by

!--- the CoPP feature

class-map match-all drop-udp-class

match access-group 150

!--- Create a Policy-Map that will be applied to the

!--- Control-Plane of the device.

policy-map drop-udp-traffic

class drop-udp-class

drop

!--- Apply the Policy-Map to the

!--- Control-Plane of the device

control-plane

service-policy input drop-udp-traffic

In the above CoPP example, the access control list entries (ACEs) that match the potential exploit packets with the "permit" action result in these packets being discarded by the policy-map "drop" function, while packets that match the "deny" action (not shown) are not affected by the policy-map drop function.

- Rate Limiting the traffic to the device The CoPP example below could be included as part of the deployed CoPP, which will help protect targeted devices from processing large amounts of NTP traffic.

Warning: If the rate-limits are exceeded valid NTP traffic may also be dropped.

!--- Feature: Network Time Protocol (NTP)

access-list 150 permit udp any any eq 123

!--- Create a Class-Map for traffic to be policed by

!--- the CoPP feature

class-map match-all rate-udp-class

match access-group 150

!--- Create a Policy-Map that will be applied to the

!--- Control-Plane of the device.

!--- NOTE: See section "4. Tuning the CoPP Policy" of

!--- http://www.cisco.com/web/about/security/intelligence/coppwp_gs.html#5

!--- for more information on choosing the most

!--- appropriate traffic rates

policy-map rate-udp-traffic

class rate-udp-class

police 10000 1500 1500 conform-action transmit

exceed-action drop violate-action drop

!--- Apply the Policy-Map to the

!--- Control-Plane of the device

control-plane

service-policy input drop-udp-traffic

Additional information on the configuration and use of the CoPP feature can be found in the documents, "Control Plane Policing Implementation Best Practices" and "Cisco IOS Software Releases 12.2 S—Control Plane Policing" at the following links:

http://www.cisco.com/web/about/security/intelligence/coppwp_gs.html and http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtrtlimt.html

CSCsz45567

A device running Cisco IOS Software, Cisco IOS XE Software, or Cisco IOS XR Software is vulnerable to a remote denial of service condition if it is configured for Multiprotocol Label Switching (MPLS) and has support for Label Distribution Protocol (LDP).

A crafted LDP UDP packet can cause an affected device running Cisco IOS Software or Cisco IOS XE Software to reload. On devices running affected versions of Cisco IOS XR Software, such packets can cause the device to restart the mpls_ldp process.

A system is vulnerable if configured with either LDP or Tag Distribution Protocol (TDP).

Cisco has released free software updates that address this vulnerability.

Workarounds that mitigate this vulnerability are available.

This advisory is posted at:

http://www.cisco.com/warp/public/707/cisco-sa-20100324-ldp.shtml

Resolved Caveats—Cisco IOS Release 12.0(32)S14

Cisco IOS Release 12.0(32)S14 is a rebuild of Cisco IOS Release 12.0(32)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(32)S14 but may be open in previous Cisco IOS releases. This section describes only severity 1, severity 2, and select severity 3 caveats.

CSCse56910

Symptoms: Bundle links are added or removed when an MFR bundle is in the Administrative Down state; when the bundle is brought back to the Up state, its interface bandwidth value is not properly reflected.

Conditions: This symptom is observed with Cisco IOS Release 12.2SRB software.

Workaround: Shutting a bundle link interface down and bringing it back up can refresh the bundle interface bandwidth value.

CSCse75697

Symptoms: When an ATM interface is configured with an IMA group and when you enter the clock source line command, the router may crash.

Conditions: This symptom is observed on a Cisco router that integrates the fixes for caveats CSCin90422 and CSCsb68536.

Workaround: There is no workaround.

Further Problem Description: The symptom occurs because the default clocking has been changed to "internal" via the fixes for caveats CSCin90422 and CSCsb68536. The fix for this caveat, CSCse75697, sets the default clocking back to "line."

CSCsf26043

Symptoms: IS-IS protocol packets may not be classified as high-priority. When this situation occurs during stress conditions and when the IS-IS protocol packets are mixed with other packets, the IS-IS protocol packets may be dropped because of their low-priority.

Conditions: This symptom is observed on a Cisco platform that is configured for Selective Packet Discard (SPD).

Workaround: Ensure that DSCP rewrite is enabled and then enter the following command:

mls qos protocol isis precedence 6

CSCsh42820

Symptoms: Alignment correction seen on an MCT3.

Conditions: The symptom is observed when dLFIoLL is configured on a Cisco 7500 series router and an OIR is done on an MCT3 VIP.

Workaround: There is no workaround.

CSCsh97579

Cisco devices running affected versions of Cisco IOS Software are vulnerable to a denial of service (DoS) attack if configured for IP tunnels and Cisco Express Forwarding.

Cisco has released free software updates that address this vulnerability.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090923-tunnels.shtml.

CSCsj12565

Symptoms: Route Processor unexpectedly reloads upon removing and adding the network x.x.x.x command two or three times under the OSPF process.

Conditions: The symptom is observed on a GSR configured with 1500 TE tunnels in a scale setup.

Workaround: There is no workaround.

CSCsk35688

Symptoms: Aggregate routes are not processed if all aggregated child routes are deleted prematurely.

Conditions: The symptom is observed when all aggregated child routes are marked for deletion and the periodic function which processes the routes to be deleted deletes the route before the aggregate processing function gets a chance to process them and the aggregate route to which they belong.

Workaround: Configuring "bgp aggregate-timer" to 0 or the lowest value would considerably reduce the chances of hitting this problem. In case this problem does occur, in order to delete the stale aggregate route, configure a temporary local BGP route (say, redistribute a static route or network a loopback) with its address being a subnet of the stale aggregate address and then remove the aggregate address and the added route. This should delete the route from table and send withdraws to the other routes also.

Further Problem Description: The periodic function is by default called at 60 second intervals. The aggregate processing is normally done based on the CPU load. If there is no CPU load, then the aggregate processing function would be triggered within one second. As the CPU load increases, this function call will be triggered at higher intervals and if the CPU load is very high it could go as high as the maximum aggregate timer value configured via command. By default this maximum value is 30 seconds and is configurable with a range of 6-60 seconds and in some trains 0. So, if default values are configured, then as the CPU load increases, the chances of hitting this defect is higher.

CSCsu24425

Symptoms: Standby RP can crash upon boot up.

Conditions: The symptom is observed under the following conditions:

1. "clock timezone .." is configured.

2. config-register = 0x2142.

3. The router is running Cisco IOS Release 12.0S based code.

Workaround: Use config-register 0x2102 and unconfigure the clock timezone.

CSCsv27607

Symptoms: BGP router filters outbound routes to the peers when doing soft reset with specifying peer address using the clear ip bgp ip-addr soft out command. However, the routes to be filtered are not deleted from the routing table on the BGP peer router.

Conditions: The symptom happens when removing and then reapplying an outbound route-map. When issuing the clear ip bgp neighbor-address soft out command for each peer in an update-group after applying the outbound route-map filtering policy. The withdraw for filtered prefixes is sent to the first peer specified in soft reset, but the next peers in the same update-group do not withdraw the routes.

Workaround: Perform a hard BGP reset using the clear ip bgp ip-addr command.

CSCsw50410

Symptoms: The following traceback is seen on the console, and all the channelized serial links on the E3 LC flap.

SLOT 5:1d00h: %EE48-3-INVALID_CFG_DATA: Channel 4: Invalid configuration

data. Channel type= 5

-Traceback= 40030F00 40417F44 40418208 40418444 404184B4 40418588

SLOT 5:1d00h: %EE48-3-INVALID_CFG_DATA: Channel 5: Invalid configuration

data. Channel type= 5

-Traceback= 40030F00 40417F44 40418208 40418444 404184B4 40418588

Conditions: This symptom occurs with all the serial links configured on a Channelized OC48-DS3/Engine 3 card. Serial interfaces flap, bringing down BGP/OSPF for no apparent reason. No configs were done.

Workaround: There is no workaround.

CSCsx48975

Symptoms: Channelized interfaces on a Cisco 7500 series router may face txacc loss and emit interface "not transmitting" messages.

Conditions: The symptoms are observed when, for example:

1. Flapping the E1 controller; or

2. Flapping the channelized interfaces continuously.

3. Performing an OIR of the other slot. 4. Adding and removing the E1 channel groups.

Workaround:

1. Delete the channel-group and reconfigure it.

2. Use the command test rsp stall. This will get back the txaccs and the router will do a MEMD recarve. The expected downtime is just 2-3 seconds.

CSCsx70889

Cisco devices running affected versions of Cisco IOS Software are vulnerable to a denial of service (DoS) attack if configured for IP tunnels and Cisco Express Forwarding.

Cisco has released free software updates that address this vulnerability.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090923-tunnels.shtml.

CSCsx96402

Symptoms: The LC (E3/E5) crashes upon executing certain show controller... commands 3-4 times.

Conditions: The symptom is observed with scale configurations on MLPPP, MFR, serial interfaces with features like VRF, VPN, basic QOS, ACL, and netflow.

Workaround: There is no workaround.

CSCsy33936

Symptoms: The CEF process is hogging the CPU because of many incomplete fibidbs, because CEF was disabled and re-enabled.

Conditions: This symptom is observed in a scale testbed when an RPR+ switchover is performed.

Workaround: There is no workaround.

CSCsy82104

Symptoms: I/O memory leaks after several days. The output of the E1 serial interface may be blocked as well.

Conditions: The symptoms are observed on a Cisco 7200 series router that is running Cisco IOS Release 12.0(33)S and when an E1 interface serial flaps. The QoS outgoing service-policy needs to be provisioned on this serial interface.

Workaround: Remove the outgoing QoS service-policy from the flapped/blocked serial interface.

CSCsy92142

Symptoms: The serial interface on a channelized OC48 line card stays in the UP/DOWN state after encountering Layer 1 alarms (PRID or PAIS). The interface continues to be in the UP/DOWN state even after the Layer 1 alarms are cleared.

The interface is configured for PPP encapsulation, and path level delay triggers are enabled on this interface. The link shows UP, but the PPP negotiation will be stuck in Echo Request Sent.

Conditions: This symptom is observed with a 12.0(32)S11o-based image for channelized DS3 Engine 3 line cards with alarm delay triggers configured. The problem will be seen only with momentary path level alarms.

Workaround:

1. Perform a shut/no shut on the serial interface that is in the UP/DOWN state. However, this needs manual intervention every time.

2. Remove the alarm-delay triggers path 2500 command from the serial interface configuration. However, the side effect of this would cause the serial interface to flap.

CSCsy96287

Symptoms: A customer experienced a single T1 flapping on controller 0/3/0. It would take between 2,500 and 3,000 path code violations and then drop and come back. It would do this about once every 15 minutes. Problems with our phones losing connectivity to a central call manager when a WAN circuit experiences a problem.

We use Multilink PPP to bundle three T1s for a 4.5-Mb circuit. If any one of the three T1s experiences even a minor issue, phones are resetting. However, we never lose Layer 3 connectivity. The edge router maintains its BGP peering across the Multilink PPP bundle, and none of our management applications ever sees a loss in connectivity.

We recently switched over to Multilink PPP from Multilink Frame due to a requirement by our MPLS provider. We did not have an issue using Multilink Frame; hence, we believe it is an issue with our configuration for Multilink PPP.

Conditions: This issue was first noticed in a 32S6r image, and some nodes running 32s11 showed similar symptoms.

Workaround: Perform a shut/no shut on the serial interface on the Cisco 12000 series side.

Further Problem Description: The root cause of this issue is that the customer was getting exposed to an inherent limitation of a timer that was being used in the T1/E1 line-state processing routine at the PLIM level. The malfunctioning of the timer would result in the PLIM not sending a line-state update message to the line card and the route processor when a link flapped, and therefore the route processor would not bring the link down even when an alarm was present on the line. This would cause blackholing of traffic for some time until the L2 times out and the protocol comes down.

CSCsz19255

Symptoms: Tag rewrites are missing on line cards for one of the load-shareable interfaces.

Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(32)S11o.

Workaround: Shut/no-shut the interface.

CSCsz55293

Symptoms: A remote third-party device is resetting the IPv6 BGP session with a Cisco 12000 router.

Conditions: BGP is exchanging only IPv6 capability with the remote EBGP peer, but IPv4 capability will be enabled by default. The remote EBGP peer is sending only IPv6 capability, and we should advertise only IPv6 prefixes because that is the capability negotiated. We are wrongly marking IPv4 capability as negotiated and advertising IPv4 prefixes, and the remote neighbor is resetting the session because IPv4 capability is not negotiated at the peer end.

Workaround: Configure a route map to deny all IPv4 prefixes, and apply it as follows:

Route-map deny-ipv4 deny 10

Router bgp <asnum>

address-family ipv4

Neighbor <IPv6Address> activate

Neighbor <IPv6Address> route-map <deny-ipv4> out

CSCta79412

Symptoms: BGP sessions get stuck in an active state.

Conditions: The symptom is observed when using the neighbor fall-over command.

Workaround: There is no workaround.

Resolved Caveats—Cisco IOS Release 12.0(32)S13

Cisco IOS Release 12.0(32)S13 is a rebuild of Cisco IOS Release 12.0(32)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(32)S13 but may be open in previous Cisco IOS releases. This section describes only severity 1, severity 2, and select severity 3 caveats.

CSCsg00102

Symptoms: SSLVPN service stops accepting any new SSLVPN connections.

Conditions: A device configured for SSLVPN may stop accepting any new SSLVPN connections, due to a vulnerability in the processing of new TCP connections for SSLVPN services. If the debug ip tcp transactions command is enabled and this vulnerability is triggered, debug messages with connection queue limit reached will be observed.

This vulnerability is documented in two separate Cisco bug IDs, both of which are required for a full fix CSCso04657 and CSCsg00102.

CSCsg54016

Symptoms: With ATMoMPLS with AAL5 encapsulation, the xconnect session bounces when you enter and exit PVC configuration mode without making any configuration changes.

Conditions: This symptom is observed only when the <CmdBold>oam-ac emulation-enable<noCmdBold> command is used.

Workaround: There is no workaround.

CSCsl49628

Symptoms: When a VPN routing/forwarding (VRF) is deleted through the CLI, the VRF deletion never completes on the standby RP, and the VRF cannot be reconfigured at a later time.

Conditions: This symptom is observed when BGP is enabled on the router.

Workaround: There is no workaround.

CSCsm49112

Problem Description: When eBGP sessions that carry a full routing table (200,000+ routes) are brought up, a prolonged period of 100-percent CPU utilization (5 to 7 minutes) is experienced.

During this time, the router is unresponsive in the CLI, and it stops responding to ICMP/SNMP polls.

The router is a Cisco 12406/PRP and is running Cisco IOS Release 12.0(32)S5 (c12kprp-k4p-mz.120-32.S5).

When bringing up a BGP session with a full routing table, the router seems to load the first several thousand prefixes quickly and then stops dead for several minutes before loading the rest.

Workaround: After changing the outbound prefix list on the eBGP session to a deny all (ip prefix-list test-nothing-out seq 1 deny 0.0.0.0/0 le 32), clearing the BGP session does not produce the problem anymore.

CSCsm75818

Symptoms: Multicast data loss may be observed while changing the PIM mode of MDT-data groups in all core routers.

Conditions: The symptom is observed while changing the PIM mode of MDT-data groups from "Sparse" to "SSM" or "SSM" to "Sparse" in all core routers in a Multicast Virtual Private Network (MVPN).

Workaround: Use the clear ip mroute MDT-data group command.

CSCso64050

Symptoms: Policy-map outputs are not seen in standby router. The policy is attached to the VC in the standby, but no output is seen.

Conditions: The symptom is observed when an ATM PVC is created and a service policy is attached to the PVC.

Workaround: There is no workaround.

CSCso92169

Symptoms: A traceback is seen on the E3 and E5 line cards.

Conditions: This symptom is observed under normal traffic conditions after a clear ip route * command is issued.

Workaround: There is no workaround.

CSCsq31776

Cisco devices running affected versions of Cisco IOS Software are vulnerable to a denial of service (DoS) attack if configured for IP tunnels and Cisco Express Forwarding. Cisco has released free software updates that address this vulnerability. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090923-tunnels.shtml.

CSCsr61125

Symptoms: A switchover takes more time on a Cisco 7500 router.

Conditions: This symptom is observed when RPR+ is configured on the Cisco 7500.

Workaround: There is no workaround.

CSCsu79988

Symptoms: Before this BGP aspath memory optimization, the memory consumption for aspath has increased. With this memory optimization, the memory consumption for aspath has reduced.

Workaround: There is no workaround.

CSCsv26606

Symptoms: A 1xCHOC12 controller goes down, and all links flap.

Conditions: This symptom is observed when the show plim datapath details command is executed on the line card, which dumps a lot of information on the console.

Workaround: Avoid using the show plim datapath details command; instead, use the per-channel show plim datapath channel-id details command.

CSCsv73509

Symptoms: When "no aaa new-model" is configured, authentication happens through the local even when tacacs is configured. This happens for the exec users under vty configuration.

Conditions: Configure "no aaa new-model", configure login local under line vty 0 4 and configure login tacacs under line vty 0 4.

Workaround: There is no workaround.

CSCsv82120

Symptoms: A CHOC12 T1 continuously flaps when the T1 link that is connected to a third-party CE router flaps. With the Cisco router, the same issue is not observed.

Conditions: This symptom is observed under the following conditions:

Cisco IOS Release 12.0(32)S11n.

CHOC12 T1 links with a third-party CE router.

Workaround: Disable "yellow detection" on the CHOC12 T1 link. For example, serial interface 12/0.7/6:0:

controller sonet 12/0  
 sts-1 7  
 no t1 6 yellow detection  
 ! Wait for the T1 to stabilize.  
 t1 6 yellow detection  
 ! 
 
   

CSCsw31009

Symptoms: CEF Scanner takes high CPU for sustained periods of time around 10 minutes.

Conditions: This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(32)S11n. It is seen under the following conditions:

When multiple eiBGP paths exist for a certain prefix and the eBGP path is recursive through the attached next-hop.

A large number of prefixes that have one iBGP path that is recursive through an IGP route that has one path, and one iBGP path that is recursive through an IGP route that has multiple paths.

A route modification for load-balanced prefix.

Workaround: Configure a static route.

CSCsw47346

Symptoms: A switchover cannot be performed on a Cisco 7500 router.

Conditions: This symptom is observed when test crash is issued on a VIP console.

Workaround: There is no workaround.

CSCsw47868

Symptoms: An IPv6 ping fails on an E3 Gigabit line card because of a PRECAM 1 Exception.

Conditions: This issue pertains to the dropping of IPv6 packets because of a precam exception on the egress side. It looked as if the profile for IPv6 was wrong when IPv4 QoS was already applied even on different subinterfaces on the same port.

Workaround:

1) Add/Remove an ACL.

2) Add/Remove the subinterface.

CSCsw64956

Symptoms: The no ppp lcp fast-start command is added to all PPP-encapsulation interfaces.

Conditions: This symptom is observed after a router is upgraded from Cisco IOS Release 12.0(32)SY7 to the latest 32sy throttle image.

Workaround: There is no workaround.

CSCsx10140

Recent research(1) has shown that it is possible to cause BGP sessions to remotely reset by injecting invalid data, specifically AS_CONFED_SEQUENCE data, into the AS4_PATH attribute provided to store 4-byte ASN paths. Since AS4_PATH is an optional transitive attribute, the invalid data will be transited through many intermediate ASes which will not examine the content. For this bug to be triggered, an operator does not have to be actively using 4-byte AS support.

The root cause of this problem is the Cisco implementation of RFC 4893 (4-byte ASN support) - this RFC states that AS_CONFED_SEQUENCE data in the AS4_PATH attribute is invalid. However, it does not explicitly state what to do if such invalid data is received, so the Cisco implementation of this RFC sends a BGP NOTIFICATION message to the peer and the BGP session is terminated.

RFC 4893 is in the process of getting updated to avoid this problem, and the fix for this bug implements the proposed change. The proposed change is as follows:

"To prevent the possible propagation of confederation path segments outside of a confederation, the path segment types AS_CONFED_SEQUENCE and AS_CONFED_SET [RFC5065] are declared invalid for the AS4_PATH attribute. A NEW BGP speaker MUST NOT send these path segment types in the AS4_PATH attribute of an UPDATE message. A NEW BGP speaker that receives these path segment types in the AS4_PATH attribute of an UPDATE message MUST discard these path segments, adjust the relevant attribute fields accordingly, and continue processing the UPDATE message."

The only affected version of Cisco IOS that supports RFC 4893 is 12.0(32)S12, released in December 2008.

(1) For more information, please visit:

http://www.merit.edu/mail.archives/nanog/msg14345.html

CSCsx32416

Symptoms: A session may go down one or more times before stabilizing in the up state.

Conditions: This symptom is observed when a BFD session is first coming up and the network is suffering from congestion.

Workaround: There is no workaround.

CSCsx94290

Symptoms:

1) In case of a config where police rate is not taking effect on priority command, as we saw it go through default queue. This occurs in a QoS policy with a priority queue where the "police" statement occurs before the priority statement in the policy. Additionally, this occurs only upon the initial configuration of the policy-map. Editing the policy-map will correct the issue.

2) In case of a config where class is configured as only strict priority (no police) and then modified, packets go through non-default and non-priority queue.

Conditions: The initial configuration of policy-map was modified.

Workaround: Detach and re-attach the policy-map.

Resolved Caveats—Cisco IOS Release 12.0(32)S12

Cisco IOS Release 12.0(32)S12 is a rebuild of Cisco IOS Release 12.0(32)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(32)S12 but may be open in previous Cisco IOS releases. This section describes only severity 1, severity 2, and select severity 3 caveats.

CSCdw62064

Symptoms: Inbound data packets that are reassembled from multilink fragments may not be processed properly on Multilink PPP (MLP) interfaces that are receiving encrypted IP Security (IPSec) traffic that is terminated locally when a hardware accelerator is used for decryption.

Conditions: This symptom affects all inbound reassembled data frames that are received by the bundle and not just those data frames that are carrying encrypted IP datagrams. Most significantly, inbound Internet Security Association and Key Management Protocol (ISAKMP) keepalives are not processed, leading to the eventual failures of the associated IPSec sessions.

The IPSec sessions are reestablished after each failure, but traffic drops will occur until the session is renegotiated via the Internet Key Exchange (IKE). Thus, the observable symptoms are an intermittent failure of IPSec sessions combined with high loss rates in the encrypted data traffic.

Workaround: Disable hardware crypto acceleration, and use software crypto acceleration instead.

CSCea53765

Symptoms: Adding a /31 netmask route on a Cisco router may not overwrite an existing /32 CEF entry.

Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.1(13)E4, Release 12.2, other 12.1E releases, or Release 12.3. Any 12.2S release past 12.2(20)S is not affected.

Workaround: There is no workaround.

Further Problem Description: The fix for this caveat enables prefixes that are derived from adjacencies in the FIB to be periodically validated against covering prefixes that originate from the RIB. Validation ensures that an adjacency prefix is only active when it points out of the same interface as a covering attached prefix. To enable this validation, enter the ip cef table adjacency-prefix validate global configuration command.

Note that because validation is periodic, there could be a time lag between RIB changes and subsequent validation or withdrawal of covered adjacencies in the FIB.

CSCeg30179

Symptoms: Removing a policy that has shape and bandwidth in the same class (in that same order) may cause a router to crash.

Conditions: This symptom is observed when the router functions under a traffic load.

Workaround: There is no workaround.

CSCei45749

Symptoms: When you enter the clear interface command on an Inverse Multiplexing for ATM (IMA) interface configured for dynamic bandwidth, the PVCs that are associated with the IMA interface may become Inactive.

Conditions: This symptom is observed only for IMA interfaces that have the atm bandwidth dynamic command enabled.

Workaround: Issuing the no atm bandwidth dynamic command from the IMA interface can prevent the problem from happening. If the problem has been experienced already, using the no atm bandwidth dynamic command followed by a shutdown and subsequent no shutdown from the IMA interface can be used to workaround the problem and clear the inactive PVC condition.

CSCek25851

Symptoms: While adding the policer, when it gets rejected, the proper action should also detach the action from the policy map.

Conditions: This symptom is observed in the following releases:

12.2(31.04.05)SR

12.2(33)SXH

12.2(33)SB

12.0(31a)S02a

Workaround: There is no workaround.

CSCse61893

Symptoms: A ping from a channelized T3 (CT3) port adapter may fail.

Conditions: This symptom is observed on a Cisco platform that is configured with a CT3 port adapter that functions in unchannelized mode.

Workaround: There is no workaround.

CSCsg50187

Symptoms: CEF-switching does not function, and the output of the show adjacency interface-type interface-number detail command does not show any packets.

Conditions: This symptom is observed on a Cisco router when packets are switched to a multilink interface via CEF and when you enter the show adjacency interface-type interface-number detail command for a multilink interface.

Workaround: There is no workaround.

CSCsh61119

Symptoms: ARP may be refreshed excessively on the default interface, causing high CPU usage in the "Collection Process."

Conditions: This symptom is observed on a Cisco router that has point-to-point interfaces that have non-/32 interface addresses or secondary addresses and that constantly come up or go down.

Workaround: There is no workaround.

CSCsi68795

Symptoms: A PE that is part of a confederation and that has received a VPNv4 prefix from an internal and an external confederation peer, may assign a local label to the prefix despite the fact that the prefix is not local to this PE and that the PE is not changing the BGP next-hop.

Conditions: The symptoms are observed when receiving the prefix via two paths from confederation peers.

Workaround: There is no workaround.

Further Problem Description: Whether or not the PE will chose to allocate a local label depends on the order that the multiple paths for this VPNv4 prefix are learned. The immediate impact is that the local label allocated takes up memory in the router as the router will populate the LFIB with the labels.

CSCsi77983

Symptoms: NetFlow cache runs out of space for new flow entry when customer uses heavy traffic.

Conditions: Large amount of traffic which could exhaust the NetFlow cache.

Workaround: There is no workaround.

CSCsi84089

Symptoms: A few seconds after OSPF adjacencies come up, a router crashes because of a bus error.

Conditions: This symptom is observed on a Cisco router that functions as an ISR that is configured for OSPF.

Workaround: Add area 0 in the OSPF VRF processes.

Alternate Workaround: Enter the no capability transit command in the OSPF VRF processes.

CSCsj30417

Symptoms: In Eng3 ATM, when a subinterface flaps, traffic to certain destinations is forwarded to the wrong subinterface.

Conditions: This symptom is observed in Cisco IOS Release 12.0(32)S05 and 12.0(32)S06. The symptom is not found in Cisco IOS Release 12.0(31)S2.

Workaround: There is no workaround; however, reloading the line card solves the problem.

CSCsj49293

Symptoms: The interface output rate (214 Mb/s) is greater than the interface line rate (155 Mb/s).

Conditions: This symptom is observed with a Cisco 7600/7500/7200-NPE400 and below. That is, PA-POS-2OC3/1OC3 (PULL mode).

Workaround: There is no workaround.

Further Problem Description: From the Ixia, packets are transmitted at 320 Mb/s. On the UUT (Cisco 7600), the outgoing interface (POS-Enhanced Flexwan) shows the output rate as 200 Mb/s. But the interface bandwidth is 155 Mb/s.

CSCsj50773

Symptoms: Performing the snmpwalk on the ipRouteTable MIB may cause high CPU and reloads.

Conditions: This symptom is observed on a router that is running Cisco IOS Release 12.4(13b) or later releases.

Workaround: Create a view that excludes the ipRouteTable:

snmp-server view cutdown 1.3.6.1.2.1.4.21 exclude
snmp-server view cutdown internet included
snmp-server community <comm> view cutdown RO

This view restricts the objects that the NMS can poll. It excludes access to the ipRouteTable, but allows access to the other MIBs.

CSCsk32095

Symptoms: The Ethernet interface flaps after configuring QoS on the interface.

Conditions: Occurs on PA-2FE-TX port adapter after applying QoS to the interface.

Workaround: There is no workaround.

CSCsk35985

Symptoms: The system crashes when the show ipv6 ospf lsdb-radix hidden command is entered.

Conditions: This symptom is observed when the show ipv6 ospf lsdb-radix hidden command is entered.

Workaround: Do not enter the show ipv6 ospf lsdb-radix command.

CSCsk64158

Symptoms: Several features within Cisco IOS software are affected by a crafted UDP packet vulnerability. If any of the affected features are enabled, a successful attack will result in a blocked input queue on the inbound interface. Only crafted UDP packets destined for the device could result in the interface being blocked, transit traffic will not block the interface.

Cisco has released free software updates that address this vulnerability.

Workarounds that mitigate this vulnerability are available in the workarounds section of the advisory. This advisory is posted at the following link:

http://www.cisco.com/warp/public/707/cisco-sa-20090325-udp.shtml

CSCsk69194

Symptoms: The shape average percent calculation is wrong.

Conditions: This symptom is observed on a Cisco 7500 router that is configured for dLFIoLL. The policy is attached to ATM and multilink interfaces.

Workaround: Use only absolute values in the shape policy.

CSCsk89546

Symptoms: OSPF routes are not populated in the Routing Information Base (RIB) with the next hop as traffic engineering (TE) tunnels.

Conditions: Occurs when multiple TE tunnels are configured and the tunnels come up or are shut/no shut simultaneously.

Workaround: Shut/no shut tunnels one at a time.

CSCsl51616

Symptoms: The v6-vrf-lite configuration does not synch properly with the standby; hence 100 percent of the traffic is lost after an SSO switchover.

Conditions: The conditions under which this symptom is observed are unknown.

Workaround: There is no workaround.

CSCsl61164

Symptoms: Router may crash @ipflow_fill_data_in_flowset when changing the flow version.

Conditions: Occurs when NetFlow is running with data export occurring while manually changing the flow-export version configuration from version 9 to version 5 and then back again to version 9.

Workaround: Do not change the NetFlow flow version while the router is exporting data and routing traffic.

CSCsl67149

Symptoms: A sync issue is observed with the standby and active configuration.

Conditions: This symptom is observed on a Cisco 12000 series router that is configured for MLPP/MFR. When an attempt is made to remove and add the members before the unprovisioning is completed, the member is added in standby but not in active; hence the configuration sync issue.

Workaround: Add the member after the unprovisioning is completed.

CSCsm27071

A vulnerability in the handling of IP sockets can cause devices to be vulnerable to a denial of service attack when any of several features of Cisco IOS software are enabled. A sequence of specially crafted TCP/IP packets could cause any of the following results:

The configured feature may stop accepting new connections or sessions.

The memory of the device may be consumed.

The device may experience prolonged high CPU utilization.

The device may reload. Cisco has released free software updates that address this vulnerability.

Workarounds that mitigate this vulnerability are available in the "workarounds" section of the advisory. The advisory is posted at:

http://www.cisco.com/warp/public/707/cisco-sa-20090325-ip.shtml

CSCsm45113

Symptom: Router may install duplicate routes or incorrect route netmask into routing table. It could happen on any routing protocol. Additionally, for OSPF, crash was observed.

Conditions: The problem is triggered by SNMP polling of ipRouteTable MIB. The problem is introduced by CSCsj50773, see the Integrated-in field of CSCsj50773 for affected images.

Workaround: Do not poll ipRouteTable MIB, poll newer replacement ipForward MIB. instead. The ipRouteTable MIB was replaced by ipForward MIB in RFC 1354.

Further problem description: The clear ip route * command can correct the routing table until the next poll of ipRouteTable MIB.

CSCsm70668

Symptoms: A soft OIR over E3:POS impacts complete traffic with a biscuit tunnel.

Condition: A soft OIR over E3:POS impacts complete traffic with a biscuit tunnel configured. In OIR "test mbus power 6 off" and "test mbus power 6 on" are performed followed by a microcode reload on slot 6.

Workaround: There is no workaround.

CSCsm74769

Symptoms: if_num mismatch is seen in the uidb, sometimes along with the L2TPv3 bit set to zero. As a result, customer saw L2TPv3 packet drops over FR in Cisco 12000 series Internet router.

Conditions: Removing xconnect on remote PE, resulting in a session(DLCI) FLAP on the local PE. Trigger is L2TPv3 session flap; this may cause a stale CI->Uidb mapping in internal data-structures resulting in if-num mismatch in uidb if the old CI is reused by an DLCI on a different interface.

Workaround: Reload the affected line card.

CSCso04657

Symptoms: SSLVPN service stops accepting any new SSLVPN connections.

Conditions: A device configured for SSLVPN may stop accepting any new SSLVPN connections, due to a vulnerability in the processing of new TCP connections for SSLVPN services. If "debug ip tcp transactions" is enabled and this vulnerability is triggered, debug messages with connection queue limit reached will be observed. This vulnerability is documented in two separate Cisco bug IDs, both of which are required for a full fix: CSCso04657 and CSCsg00102.

CSCso15740

Symptoms: The "set metric" clause in the continue route-map sequence is not setting metric correctly in some particular conditions. This is also applicable in case where the nexthop setting is done via route-map with a continue clause.

Conditions: The symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(32)SY4. This is platform independent. This symptom occurs if the route-map has a continue clause and the match condition does not allow the continue clause to be executed. The following route-map sequence which has to be executed will not execute properly if the metric or nexthop of the prefix are to be modified via the route-map.

Workaround: Avoid using "continue" in a route-map and modifying metric or nexthop via the following route-map sequence.

CSCso46427

Symptoms: A device may crash when the show clns interface command is issued on the wrong interface.

Conditions: The symptom is observed when there are a number (around 100 or more) CLNS interfaces on the device.

Workaround: There is no workaround.

CSCso65266

Symptoms: A customer upgraded to Cisco IOS Release 12.0(32)Sy4, and now the customer is seeing a memory leak in the BGP process. The memory leak is happening with the BGP router process at the rcache chunk memory when the route map has a "continue" clause in the configuration.

Conditions: The leak is seen when a "continue" statement is configured in an outbound route map.

Workaround: There is no workaround.

CSCso72996

Symptoms: A SIP601 sometimes crashes or gets an alignment error.

SLOT 4:Mar 17 17:59:03.877 UTC: %ALIGN-3-SPURIOUS: Spurious memory access made at 0x408C1E14 reading 0xF SLOT 4:Mar 17 17:59:03.877 UTC: %ALIGN-3- TRACE: -Traceback= 408C1E14 408C03D4 00000000 00000000 00000000 00000000 00000000 00000000

Conditions: The conditions under which this symptom occurs are unknown.

Workaround: There is no workaround.

CSCso82147

Symptoms: Line card crashes when packet over SONET (POS) shared port adapter (SPA) is present.

Conditions: Occurs the first time router is reloaded.

Workaround: There is no workaround.

CSCso82178

Symptoms: Configuring a PBR at the E5 GE subinterface may cause buffer depletion. The buffer cannot be released except by reloading the linecard.

Conditions: This symptom is observed when a PBR is configured at the subinterface.

Workaround: There is no workaround.

CSCso84392

Symptoms: In MVPN, on the source PE, multicast packets are punted to the RP CPU, and some packets are also dropped.

Conditions: Ingress E3 and egress E5, and the TUNSEQ error message appears.

Workaround: There is no workaround.

CSCso87348

Symptoms: A Catalyst 6500 or a Cisco 7600 may reload unexpectedly.

Conditions: Occurs when NetFlow is configured on one of the following:

Cisco 7600 running Cisco IOS Release 12.2(33)SRC.

Catalyst 6500 running Cisco IOS Release 12.2SXH.

Workaround: Disable NetFlow. This is done with the following commands:

no ip flow ingress
no ip flow egress
no ip route-cache flow

Enter the appropriate command for each subinterface for which NetFlow is currently configured.

Other Notes:

Only the 12.2SRC and 12.2SXH code trains are affected. The specific versions affected are 12.2(33)SXH, 12.2(33)SXH1, 12.2(33)SXH2, 12.2(33)SXH2a, 12.2(33)SRC, and 12.2(33)SRC1.

The issue is fixed in the two affected code trains from the 12.2SXH3 and 12.2SRC2 releases onwards.

The following release trains do not have this issue; 12.2(18)SXF, 12.2(33)SRA, 12.2(33)SRB, 12.2(33)SXI and all other release trains after those affected.

CSCso88575

Symptoms: MFR bundles associated with E5 channelized based SPAs will stop forwarding traffic, an mismatch of the connection identifier (CI) of the channelized SPA is seen on CI value in the shim header of the l2 rewrite.

Conditions: This problem will occur for l2vpns only on E5 channelized based SPAs.

Workaround: Enter into interface configuration mode.

Alternate Workaround: Remove and re-add the xconnect.

CSCso92635

Symptoms: The line card on a Cisco 10720 resets when an IP phone is connected. The "%TOASTER-2-FAULT: T1 Exception summary:" message appears.

Conditions: The line card to which the Cisco Call Manager is connected to a Cisco 10720 crashes when an IP phone is connected to the network.

Workaround: The recommended approach is to upgrade the Cisco IOS software.

CSCsq02826

Symptoms: The MDFS state of the line card stays in a "disabled" state, which may lead to multicast traffic being punted to the RP.

Conditions: This symptom may be observed with the following sequence of operation:

1. The router is booted without configuring the ip multicast-routing distributed command.

2. The ip multicast-routing distributed command is configured.

The issue will not be seen if the ip multicast-routing distributed command is present in the startup configuration when the router is reloaded.

Workaround: Enter the clear ip mds linecard slot-number command.

CSCsq08131

Symptoms: Ping packets of 8180 or larger cause sourcing POS linecard/SIP to reload and remain in a boot state waiting for IPC connection.

Conditions: This symptom is observed with ping packets that are sourced from PRP2 with part number 800-27058-03.

Workaround: Reload the router.

Further Problem Description: This symptom is observed only on PRP2 with part number 800-27058-03.

CSCsq15994

Symptoms: Low CPS may be observed.

Conditions: The symptoms are seen with PPPoA and PPPoE sessions.

Workaround: There is no workaround.

CSCsq18916

Symptoms: A copy tftp operation failed with a Socket error when the FPD of an SPA was updated or when the SPA was reloaded, OIRed.

Conditions: This symptom is related to the number of (nnets) non-virtual interfaces on the box. Depending on that, a number of SPA reloads must be done.

Workaround:

1. Reload the SPA or the router.

2. Configure one loopback interface.

CSCsq26625

Symptoms: In a decently scaled setup, after an RPR+ switchover, the MDFS process may fail in opening IPC port.

Conditions: This symptom is observed under the following conditions:

15,000 total mroutes

5,000 global mroutes

Approximately 110 mVRFs

Workaround: There is no workaround.

CSCsq42001

Symptoms: The following error messages appear:

SLOT 5:*May 9 21:43:48.547: %LC_SPA_DMLP-1-SPAHWBUNDLEERROR: Could not perform required operation in SPA H/w for bundle Multilink2 in bflc_cx3_dmlp_frag_on_off SLOT 5:*May 9 21:44:10.727: %SPA_CHOC_DSX-3-ERROR: Multilink2 (cmd 203) Serial5/0/1/8:0: response parsing failed. chnl 36, bid 1 -Traceback= 40031008 408924C0 4072B1BC 40899F64 4033DB90 4033E190 4033E5C0 4033E930 4033F448 4033F600 4015B53C 4015C020 SLOT 5:*May 9 21:44:10.735: %LC_SPA_DMLP-3-CFG_FAIL: bundle Multilink2 (id 1): bay 0 err 7 (del rx link)

Conditions: When we remove/add/remove all members from all the configured MLP bundles once or several times, these tracebacks are seen.

Workaround: There is no workaround.

Further Problem Description: spabrg EFC mapping goes to a mismatch state, and the following is seen:

SLOT 5:*May 9 21:59:26.771: %SPA_CHOC_DSX-3-HDLC_CTRL_ERR: SPA 5/0: 20 TX Chnl Queue Overflow events on HDLC Controller were encountered.

CSCsq42803

Symptoms: The hw-module slot x qos account layer2 encapsulation command does not take effect for an AToM connection.

Conditions: This symptom is observed when xconnect is configured under a VLAN.

Workaround: There is no workaround.

CSCsq55258

Symptoms: After a router reloads, sometimes the configuration for the gigE and POS OC12 SPA is lost from the running configuration.

Conditions: This symptom is observed when the router is reloaded.

Workaround: There is no workaround.

CSCsq58341

Symptoms: If both L2 and L3 services co-exist on the same interface, you can no longer configure urpf on the L3 subinterface after the fix for CSCsl09772. After the router reloads, the urpf command will be erased from the L3 subinterface. You have to use the workaround to reapply the urpf command.

Conditions: This symptom is observed when both L2 and L3 services are configured on the same interface.

Workaround: Do the following:

1. Remove the L2 connection.

2. Add urpf on the L3 subinterface.

3. Re-add the L2 connection.

CSCsq67266

Symptoms: The pos delay triggers line command is configurable at the interface level of E3 channelized POS interfaces.

Conditions: This symptom is observed on a Cisco 12416 Internet series router that is booted with the Cisco IOS Release 12.0(32)S nightly build of 05/19/08. The router contains an E3 CHOC48 linecard.

Workaround: There is no workaround.

CSCsq71212

Symptoms: EFC clock interrupts are causing a line card to crash.

Conditions: The conditions under which this symptom occurs are unknown.

Workaround: There is no workaround.

CSCsq77980

Symptoms: When traffic is flowing over the default mdt and a remote PE's edge facing slot is reloaded, slot-mask may become zero on the UUT, which also has local switching.

Conditions: This defect is observed with Cisco IOS Release 12.0(32)S11.

Workaround: Enter the clear ip mds linecard command for the affected slot.

CSCsq80773

Symptoms: Slow-path multicast fragmentation is not happening correctly. One of the output interfaces is not receiving the packets in case of MVPN traffic.

Conditions: This symptom is observed with MVPN traffic with fragmentation on one of the interfaces on E5.

Workaround: There is no workaround.

CSCsq83540

Symptoms: A Cisco 12000 works as a PE, and an Eng5 SIP line card is used to face the CE. In the VRF, the default route 0.0.0.0 is learned from the remote PE. When the problem occurs, all traffic from the CE that is forwarded via the VRF default route is dropped.

Conditions: This symptom is observed on a Cisco 12000 Eng5 SIP line card that is running Cisco IOS Release 12.0(32)SY04, 12.0(32)SY05, or 12.0(32)SY06. When VRFs are created and deleted, new VRFs that are created will have a problem if they are allocated with a table ID allocated for older deleted VRFs.

Workaround:

1. Reload the ingress Eng5 line card that is facing the CE.

or

2. If the customer does not want to reload the line card, a second workaround can be attempted, but it is not a reliable workaround and may not always be successful. Create a new VRF without removing any VRFs, which gets a new table ID, and apply the VRF configuration completely wherever the old VRF configuration is applied.

Further Problem Description: This problem cannot be cleared by using the clear cef linecard x or clear ip route vrf xxx 0.0.0.0 commands.

CSCsq93004

Symptoms: Removal of a subinterface may cause memory corruption or a crash. The symptoms are unpredictable.

Conditions: The symptoms are rare and will be observed only if a subinterface is configured for mpls traffic-eng auto-tunnel primary use, and the subinterface is later removed from the configuration.

Workaround: Do not remove subinterfaces.

CSCsr11332

Symptoms: In rare situations, the show controller SONET port command might crash the RP.

Conditions: This symptom has been observed on a 4CHOC12/DS3-I-SCB= line card, but it can be seen on other similar channelized line cards. It may be reproducible by executing the show controller SONET port command on a nonexistent port like sonet 3/4 (that is, only sonet 0/0, 0/1, 0/2, and 0/3 are valid on a 4CHOC line card). When the problem can be seen, the CLI help indicates an incorrect unit number:

Router# show controller sonet 12/? 
<0-48> Controller unit number
 
   

If the controller unit number is shown fine (for example, <0-3>), then the crash will not occur.

Workaround: There is no workaround.

CSCsr13314

Symptoms: The pos delay triggers line command is configurable on APS-enabled interfaces of E3 clear channel POS line cards. After the commit of CSCsq45452, the pos delay triggers path command is not configurable on APS-enabled interfaces of E3 channelized POS line cards.

Conditions: This symptom is observed on a Cisco 12000 series Internet router that is booted with Cisco IOS Release 12.0(32)S. The router contains ISE OC48 POS and ISE CHOC48 POS line cards.

Workaround: There is no workaround.

CSCsr20377

Due to an eng3 hardware limitation, there is more overhead added to like to like Ethernet PW or Ethernet interworking PW if "hw-module slot <> qos account layer2 encapsulation length <>" is configured. Without the fix of CSCsq42803, the overhead impact is less. Request a return to the behavior of 12.0(32)SY back to pre-CSCsq42803.

CSCsr22043

Symptoms: A controller goes into an admin down state.

Conditions: This symptom is observed when an STS path under the SONET controller is shut down.

Workaround: Perform a no shutdown on the controller.

CSCsr42364

Symptoms: All line cards may crash after a switchover in Route Processor Redundancy Plus mode.

Conditions: This issue is observed on Cisco 12000 series Internet routers with PRP2 processors. This issue usually requires multiple line-card reloads prior to the switchover. It is seen under conditions of high line-card utilization.

Workaround: There is no workaround.

CSCsr47477

Symptoms: After a router reloads, sometimes there may be mbus message gets timed out on the SIP601 located in the lower cage of a Cisco 12816.

Conditions: This symptom is observed after a router reloads.

Workaround: There is no workaround.

CSCsr47795

Symptoms: After flapping the interfaces, the FIB converges and points to the correct outgoing interface, while the FIB in hardware points to another interface.

The trigger is when the interface is flapping because the default route is updated. The BGP session is always stable and never goes down.

Topology:

End customer ------(eng3)slot4 c12k_Lab_router-42 slot5 and slot6(Eng5) ------ router_B ------ Internet

The Lab-router-42 router receives a default route from the router_B neighbor.

Snapshots from the Eng3 line card on slot4:

Lab-router-42# exec slot 4 show ip hardware-cef 10.1.1.1 detail

========= Line Card (Slot 4) =========

Root: 0x240CE000 Location: 0x240CE404 Data: 0x81819380 Offset: 0x93D96404 Leaf pointer: 0x300C9C00

Leaf FCR 2 Addr 0x300C9C00 : 0xE0000100 0x0285C008 found 2 deep SRAM Loadbalance addr 0x28170020 default alpha ip loadbalance: 0x28170020 (0 paths, hw maxpath 0) Hash 1: alpha adjacency: 0x2001FA60 (cef adj NULL or alpha_default_lb) [0] oi 0x200006 oq 4080 in A ab 50 hl 20 gp 19 tl 4 loq 9800 6/0/0 mtu 1520 Output interface is GigabitEthernet6/0/0 <== Here ^^^^^^ Here

1 tag: 23 current counters 95059, 5157246 last reported 93252, 5059668

Output Queue / Local Output Queue Bundle: [0-7] output queue 0x4080 local output queue 0x9800 PLU leaf data: 0xE0000100 0x0285C008 0xA1020304 0xA5080000 Mask bits: 1 Origin AS: 0 Source lookup drop: yes QOS group: 0 Traffic index: 0 Precedence not set Default Route: yes PBR enabled: no

While the FIB was updated to the proper outgoing interface.

LAB_router_42# exec slot 4 show ip cef 10.1.1.1

========= Line Card (Slot 4) =========

0.0.0.0/0, version 38, epoch 0, cached adjacency 10.125.72.74 0 packets, 0 bytes Flow: AS 0, mask 0 tag information from 10.38.192.6/32, shared, all rewrites owned local tag: 34 via 192.168.225.0, 0 dependencies, recursive next hop 10.125.72.74, GigabitEthernet5/0/0 via 192.168.225.0/24 (Default) <=== HERE valid cached adjacency tag rewrite with Gi5/0/0, 10.125.72.74, tags imposed {} <=== HERE LAB_router_42#

Conditions: This symptom is observed when there is a default route configured while running Cisco IOS Release 120(32)SY4 or 120(32)SY6 on Eng3.

Workaround: Clear ip route 0.0.0.0 or <default-network>.

CSCsr64777

Symptoms: A router crashes because of a block overrun (overwriting the memory block).

Conditions: This symptom is observed only when NetFlow version 5 is used.

Workaround: NetFlow version 9 could be used for exporting.

CSCsr67137

Symptoms: An Engine 3 (E3) Channelized OC12 (CHOC12) line card can reload after a switchover in Route Processor Redundancy Plus (RPR+) mode.

Conditions: This symptom is observed on a Cisco 12416 Internet series router. The router is booted with Cisco IOS Release 12.0(32)S11n and contains the following:

Redundant PRP-2 processor running in RPR+ mode

E3 CHOC12 line card

All other slots in the chassis are populated with E3, E4+, and E5 line cards.

Workaround: There is no workaround.

CSCsr67289

Symptoms: Router hangs when online insertion and removal (OIR) is performed.

Conditions: Occurs after changing the interface bandwidth followed by an OIR operation.

Workaround: Stop traffic before making these changes.

CSCsr70530

Symptoms: A line card crashes.

Conditions: This symptom is observed after members of the MLPPP are swapped from one bay to another bay and vice-versa on the same line card.

Workaround: There is no workaround.

CSCsr70985

Symptoms: A Cisco router crashes following multiple accesses to NVRAM.

Conditions: This symptom has been observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(32)SY5 when the "dir tar:" command is executed parallel with the "write memory" command. It may not be platform specific.

Workaround: Avoid using the "dir tar:" command.

CSCsr79573

Symptoms: The member link of a multilink bundle goes into an up/down state.

Conditions: This symptom is observed when multilink is swapped from one multilink bundle to another multilink bundle through a script.

Workaround: Enter the "hw-module subslot <slot#/subslot#> reload" command.

CSCsr80321

Symptoms: Commands cannot be sent to the SPA.

Conditions: This symptom is observed when the members of MLPPP and MLFR are swapped.

Workaround: Reload the line card.

CSCsr83626

Symptoms: The line card in slot 0 does not boot up completely. It does not go past the UP IOS state.

Conditions: This symptom is observed after upgrading the router to Cisco IOS Release 12.0(32)SY5 and having the ATM line card in slot 6 send an LAIS alarm.

Workaround: Move the ATM card to another slot, or shut down the ATM line card in slot 6.

CSCsu09595

Symptoms: A SIP-601 crashes while changing the CRC/encap/MTU on MLPPP and MFR.

Conditions: This symptom is observed under the following conditions:

1. Change the CRC of the members of the bundle (from crc 16 to 32 and then back again to crc 16).

2. Remove the members from the bundle. 3. Add serials back to MFR and MLPPP. 4. Change the MTU. 5. Flap the links (serials and bundle).

Workaround: There is no workaround.

CSCsu12146

Symptoms: On a Cisco 12404 that is running Cisco IOS Release 12.0(32)SY5, a SIP-401 reloads when lawful intercept (LI) is used on it.

Conditions: This symptom is observed when LI is activated.

Workaround: Deactivate LI.

CSCsu21668

Symptoms: "carve-level 0" is being used in SY5 nodes (SIP-601) to avoid unnecessary buffer recarving and subsequent traffic disruption.

Conditions:

carve-level 0

Workaround: There is no workaround.

CSCsu32015

Symptoms: A ping fails across Frame Relay subinterfaces over a non- channelized SPA.

Conditions: The ping fails across Frame Relay subinterfaces when:

The channelized SPA is used on a bay and there are approximately 30 or more interfaces that are created and used.

That SPA is later removed and moved to some other bay or to some other slot.

And this current empty bay is then used for a non-channelized SPA and for Frame Relay subinterface circuits.

Workaround: There is no workaround.

CSCsu33246

Symptoms: IPv6 PIM RP embedded functionality is not working properly in Cisco IOS Release 12.0(32)S or Release 12.0(32)SY even after the fix for CSCsf28907.

Conditions: If a first-hop router (that is connected to the IPv6 multicast source) is configured for a PIM RP embedded operation, the register packets will not be sent to the RP and the mroute table will remain in the Registering state. No IPv6 multicast traffic will flow.

Workaround: Configure an IPv6 PIM static RP.

CSCsu41968

Symptoms: On a Cisco 7500 with an HA setup, the "show controller t3" command is showing framing as M23 on the active and as C-bit on the standby. So the "loopback remote" configuration is rejected on the active and is accepted on the standby.

Conditions: This symptom is observed when the "show controller t3 1/1/0" command is issued.

Workaround: There is no workaround.

Further Problem Description: Because of the framing mismatch, the standby might crash due to sync issues.

CSCsu63081

Symptoms: The delay triggers path delay command does not function as it is provisioned on an E3 CHOC12 controller.

Conditions: This symptom is observed on a Cisco 12000 Internet series router booted with c12kprp-p-mz.120-32.S11n. This router contains an E3 CHOC12 line card.

Workaround: There is no workaround.

CSCsu86288

Symptoms: A line card on a Cisco 12000 series Internet router generates tracebacks during LI provisioning while installing a 50th tap request. After the appearance of the first traceback, LI functionality stops working for newly requested taps.

Conditions: This symptom is observed when there are 48 active taps and 2 new taps arrive.

Workaround: Reload the line card or the whole router.

CSCsu92317

Symptoms: Pings fail on an MLPPP interface.

Conditions: There is an MFR interface used for L2 services such as xconnect and an MLPPP interface on the same SPA. When the member links are removed/added from these bundles back-to-back, the ping on the MLPPP interface may fail. This symptom is observed so far only on E5 cards.

Workaround: Reload the line card.

CSCsv04836

Multiple Cisco products are affected by denial of service (DoS) vulnerabilities that manipulate the state of Transmission Control Protocol (TCP) connections. By manipulating the state of a TCP connection, an attacker could force the TCP connection to remain in a long-lived state, possibly indefinitely. If enough TCP connections are forced into a long-lived or indefinite state, resources on a system under attack may be consumed, preventing new TCP connections from being accepted. In some cases, a system reboot may be necessary to recover normal system operation. To exploit these vulnerabilities, an attacker must be able to complete a TCP three-way handshake with a vulnerable system.

In addition to these vulnerabilities, Cisco Nexus 5000 devices contain a TCP DoS vulnerability that may result in a system crash. This additional vulnerability was found as a result of testing the TCP state manipulation vulnerabilities.

Cisco has released free software updates for download from the Cisco website that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml.

CSCsv08408

Symptoms: A router may crash due to a bus error due to an illegal access to a low address because IPC is processing a message that is already returned back to the pool, but still the message's reference is present in IPC's retry table.

Conditions: The conditions under which this symptom occurs are not known.

Workaround: There is no workaround.

CSCsv27470

Symptoms: An Engine 3 CHOC12 fails to bring the T1 controller link down when the delay triggers path command is configured.

Conditions: Shutting down the remote end T1 controller or CHOC12 T1 controller receive AIS will not cause the T1 link to go to down state.

Workaround: Do not configure the delay triggers path command on the CHOC12 SONET controller.

CSCsv38557

Symptoms: POS interfaces run into a tx stuck condition, and heavy packet drops occur in the local switching path. The VIP CPU runs high due to the Rx-Side Buffering mechanism that kick starts in the local switching path in the VIP.

Conditions: This symptom is observed on a Cisco 7500 node with a VIP that has the POS interfaces up and data traffic being locally switched between the POS interfaces. This symptoms is triggered when a service policy is applied/removed followed by interface flaps.

Workaround: "test rsp stall" cleans up the Rx-Side buffered packets. Hence this could be considered a workaround. However, this does not always help. Doing a soft OIR removal and insertion of the LC always helps recover from this situation. The best workaround is to apply a service policy.

CSCuk61422

Symptoms: CEF-switching does not function, and the output of the show adjacency interface-type interface-number detail command does not show any packets.

Conditions: This symptom is observed on a Cisco 7500 series that has an RSP when packets are switched to a multilink interface via CEF and when you enter the show adjacency interface-type interface-number detail command for a multilink interface.

Workaround: There is no workaround.

Resolved Caveats—Cisco IOS Release 12.0(32)S11

Cisco IOS Release 12.0(32)S11 is a rebuild of Cisco IOS Release 12.0(32)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(32)S11 but may be open in previous Cisco IOS releases. This section describes only severity 1, severity 2, and select severity 3 caveats.

CSCee73956

Symptoms: The Generalized TTL Security Mechanism (GTSM), formerly known as BGP TTL Security Hack (BTSH), checks the time-to-live (TTL) value of the packets at the application level, which is not efficient. Also, GTSM does not stop the establishment of a TCP connection for a packet with an invalid TTL value.

Conditions: This symptom is observed on a Cisco platform that has the neighbor neighbor-address security ttl hops hop-count command configured in a BGP environment.

Workaround: There is no workaround.

CSCef70161

Symptoms: External BGP neighbors that are configured in the IPv4 VRF address-family context may fall into different update groups, even if the outbound policy is identical. This situation slightly reduces the overall scalability because BGP cannot use update replication when sending updates to the neighbors.

Conditions: This symptom is observed on a Cisco router and is both release- and platform-independent.

Workaround: There is no workaround.

Further Problem Description: The symptom does not affect neighbors that are configured in the global IPv4 address-family context.

CSCeg25475

Symptoms: Filtering BGP routes by means of the distribute-list prefix MARTIAN in command applied to address-family IPv4 actually filters out M-BGP routes in address-family VPNv4.

Conditions: This symptom occurs when MPLS-VPNs are configured.

Workaround: Use route maps to filter routes inbound.

Further Problem Description: The show ip bgp neighbors command can be used to check whether the prefixes are actually being filtered out from updates for address-family VPNv4, and not for IPv4, as it is configured.

CSCsa73179

Symptoms: Memory corruption, possibly leading to a crash or other undesired behavior, can occur when the no default-information originate command is entered in router RIP configuration mode.

Conditions: This symptom occurs only if both the RIP routing protocol and the OSPF routing protocol are configured on a router.

Workaround: There is no workaround.

CSCsd46413

Symptoms: Long configuration times are seen for very large QoS configurations (at or near 40,000 unique policy-map instances) for ATM PVC with policy-map per PVC.

Conditions: This symptom has been observed with very large QoS configurations and Cisco IOS Release 12.0S, Release 12.2SB, or Release 12.4T.

Workaround: There is no workaround.

CSCsd87844

Symptoms: When a route distinguisher (RD) that is configured for a VRF is deleted and then reconfigured, the standby RP may reload unexpectedly.

Conditions: This symptom is observed on a Cisco router that has dual RPs that function in HA mode and that is configured for MPLS VPN.

Workaround: Delete the VRF itself and then reconfigure the VRF in order to change the RD. If this is not an option, there is no workaround.

Further Problem Description: The symptom occurs because the processing of the no rd command is completed only on the active RP. On the standby RP, the processing does not clear a flag that signals the completion of the processing of the no rd command. Then, when the RD is reconfigured, the configuration succeeds on the active RP but fails on the standby RP, causing the standby RP to reload.

CSCse05292

Symptoms: A static map configuration for an ATM PVC that uses the protocol ip ip-address command is rejected, giving an ambiguous command error.

Conditions: This symptom is observed when you configure a static map on an ATM PVC using the protocol ip ip-address command.

Workaround: Explicitly configure the [broadcast | no broadcast] option:

Router(config-if-atm-vc)# protocol ip 10.10.100.2 broadcast
Router(config-if-atm-vc)# protocol ip 10.10.100.2 ?
<cr>
broadcast Pseudo-broadcast
no     Prevent Pseudo-broadcast on this connection
<cr>

Router(config-if-atm-vc)# protocol ip 10.10.100.2 no broadcast
Router(config-if-atm-vc)#

CSCse27461

Symptoms: If a Cisco 12000 series Internet router is configured as a PE VPN router in a large scale configuration, sometimes one or more line cards can reload during RPR+ switchback from default standby PRP (now in active role) to default primary PRP (now in standby role). Between the silent reloads or resets tracked separately, some mbus-related crashes were captured.

Conditions: This symptom has been observed in Cisco IOS Release 12.0(32)S2, on routers with scaled configurations, after RPR+ switchovers.

Workaround: There is no workaround.

CSCse50781

Symptoms: After executing the no ipv6 multicast-routing command on a dual-RP router, IPC communication to the standby RP may be broken, and the following messages may be seen every minute:

%IPCGRP-3-ERROR: standby set time: timeout seen

Conditions: This symptom is observed on a Cisco 12000 series router that is running the c12kprp-p-mz image of Cisco IOS Release 12.0(32)SY.

Workaround: Reload the router.

Further Problem Description: This bug is seen only while operating in SSO mode (not in RPR mode).

CSCse52184

Symptoms: Traffic may be interrupted for a short duration because of FIB updates. This issue happens very frequently and affects traffic forwarding.

Conditions: This issue is seen when MPLS TE tunnels are configured.

This issue is triggered when an interface is shut down and then brought back up if that interface is carrying a large rate of traffic. The problem is intensified by two factors:

1) Tunnel interface is kept flapping because of:

a) Reoptimization

b) Connection down

2) One tunnel flapping could trigger entire (or a very large number of) FIB updates.

So if we do not have 2), then traffic may just be lost for a very short duration, and it will not impact application.

Workaround: There is no workaround.

CSCse56501

A device running Cisco IOS software that has Internet Protocol version 6 (IPv6) enabled may be subject to a denial of service (DoS) attack. For the device to be affected by this vulnerability the device also has to have certain Internet Protocol version 4 (IPv4) User Datagram Protocol (UDP) services enabled. To exploit this vulnerability an offending IPv6 packet must be targeted to the device. Packets that are routed throughout the router can not trigger this vulnerability. Successful exploitation will prevent the interface from receiving any additional traffic. The only exception is Resource Reservation Protocol (RSVP) service, which if exploited, will cause the device to crash. Only the interface on which the vulnerability was exploited will be affected.

Cisco is providing fixed software to address this issue. There are workarounds available to mitigate the effects of the vulnerability.

This advisory is posted at:

http://www.cisco.com/warp/public/707/cisco-sa-20080326-IPv4IPv6.shtml

CSCsf20947

Symptoms: A default route that is originated and advertised to a BGP peer using the neighbor default-originate command may be ignored by the peer in favor of a traditional default route (from the BGP table) that is advertised to the same peer.

Conditions: This symptom is observed on a Cisco router after a route flap in the network causes the traditional 0.0.0.0/0 default route to be relearned by a router. In turn, the router advertises this default route to its peers, overriding the previously sent default-originate route. The result is that the BGP peer router learns the default route that has been propagated through the network, rather than the default route that has been created using the neighbor default-originate command on the adjacent router.

Workaround: Manually clear the BGP neighbor to enable the peer router to correctly relearn the correct default route (the one generated by the neighbor default-originate command).

CSCsf28907

Symptoms: Embedded RP does not work in Cisco IOS Release 12.0(32)S or later releases.

Conditions: This symptom is observed on Cisco 12000 and Cisco 10720 routers with IPv6 multicast routing in Cisco IOS Release 12.0(32)S or later releases.

Workaround: Enter the no ipv6 pim rp embedded command and then the ipv6 pim rp embedded command in the global configuration mode.

CSCsf29803

Symptoms: An engine 3 linecard in an mVPN PE router with multicast egress QoS configured may report the following error message and may also reload after this message:

SLOT 10:Sep 5 15:12:43.879 UTC: %EE48-3-CONGA_MCAST: Table indices not linked: (tbl1=262129, tbl2=262136, prev=0, oiq_id=0, oi=0, oq=0)

Conditions: This symptom is observed when an engine 3 linecard in an mVPN PE router has both core interfaces and VRF interfaces configured and an output service policy applied to one or more of these interfaces.

Workaround: Limit engine 3 linecards with service policies to either core interfaces or VRF interfaces, and do not combine both interface types on a single linecard. Note that Cisco recommends that core and VRF interfaces not be configured on the same linecard anyway because any multicast packet that needs to egress on both interfaces will be software-forwarded and not hardware-forwarded. Alternatively, replace the engine 3 linecard with an engine 5 linecard.

CSCsg25995

Symptoms: Networks do not show up in the BGP table for multicast address family, as can be seen in the output of the show ip mbgp command.

Conditions: This symptom is observed when BGP is used for multicast address family; it does not affect unicast address family.

Workaround: Use the clear ip bgp neighbor-address command.

CSCsg32689

Symptoms: A crash or traceback may occur when the route-map option for fall-over is configured for a BGP peer-session template or peer group.

Conditions: This symptom occurs when the fall-over [route-map map-name] command is configured under the router bgp autonomous-system-number command.

Workaround: There is no workaround. Avoid using the route-map option.

CSCsg35077

Symptoms: A device that is running Cisco IOS software may crash during processing of an Internet Key Exchange (IKE) message.

Conditions: The device must have a valid and complete configuration for IPsec. IPsec VPN features in Cisco IOS software that use IKE include Site-to- Site VPN tunnels, EzVPN (server and remote), DMVPN, IPsec over GRE, and GET VPN.

Workaround: Customers that do not require IPsec functionality on their devices can use the no crypto isakmp enable command in global configuration mode to disable the processing of IKE messages and eliminate device exposure.

If IPsec is configured, this bug may be mitigated by applying access control lists that limit the hosts or IP networks that are allowed to establish IPsec sessions with affected devices. This assumes that IPsec peers are known. This workaround may not be feasible for remote access VPN gateways where the source IP addresses of VPN clients are not known in advance. ISAKMP uses port UDP/500 and can also use UDP/848 (the GDOI port) when GDOI is in use.

Further Problem Description: This bug is triggered deep into the IKE negotiation, and an exchange of messages between IKE peers is necessary.

If IPsec is not configured, it is not possible to reach the point in the IKE negotiation where the bug exists.

CSCsg52336

Symptoms: A router may crash when you remove an unused and unassigned VRF by entering the no ip vrf vpn-name command.

Conditions: This symptom is observed on a Cisco router that functions as a PE router and that has the Multi-VRF capability for OSPF routing configured along with other VRFs that are unused and unassigned.

Workaround: There is no workaround.

CSCsg89512

Symptoms: In an MVPN topology, sparse mode, Auto RP, if the PE router has the same line card as the core and customer-facing router, and if there are two RP announcers, the RP point may not be selected correctly, and traffic will not go through.

Conditions: This symptom is observed on a Cisco 12000 series that runs Cisco IOS Release 12.0(33)S.

Workaround: Select values for offset using the hw-module slot x ip multicast hw-accelerate source-table size a offset b command, which will prevent collision from happening.

CSCsh43283

Symptoms: Engine 2 line cards stop forwarding multicast traffic when the hw-module slot 2 ip multicast hw-accelerate command is issued.

Conditions: This symptom is observed when a higher priority bundle such as uRPF is already running.

Workaround: Unconfigure all the features to revert back to the vanilla bundle, and then reconfigure only the features that do not collide.

CSCsj22472

Symptoms: When an IXIA-simulated BGP neighbor is not up, BGP is forced to delete the ARP entry for the IXIA host for a while. During that period, the router has to send ARP, and traffic is lost for a while.

Conditions: While observed with other protocols, this symptom was noticed with a typical BGP configuration in which the peers are nonexistent. This would cause the SYN to be retransmitted multiple times, and after some threshold, the ARP entry would be purged.

The ARP entries gets flushed out when the TCP retransmission timer expires. This causes the CEF adjacency to be lost, and performance can drop for packets going to that destination until the ARP is resolved again. This problem is not specific to BGP and is applicable to anything that rides over TCP.

Workaround: There is no workaround.

CSCsj28800

Symptoms: The Engine 5 line cards on a router crash.

Conditions: When a router is configured to have TE tunnels with CBTS, and when the clear cef linecard command is executed, the Engine 5 line cards on the router crash. This problem is seen in any of the Cisco IOS Release 12.0(32)SY releases prior to Cisco IOS Release 12.0(32)SY5.

Workaround: There is no workaround.

CSCsj31964

Symptoms: The BFD protocol may go down if an interface is congested.

Conditions: This symptom is observed on a SIP-401 when 2-Gbps traffic is directed toward a Gigabit Ethernet interface that has a BFD session.

Workaround: On an Engine5 line card, apply 1CnD, nCnD service policy to map precedence 6 packets to low-latency queue. On an Engine3 line card, there is no workaround.

Further Problem Description: The problem is seen on both Engine3 and Engine5 line cards.

CSCsj68299

Symptoms: The line card crashes when the interface MTU is changed.

Conditions: This symptom is observed when having both ingress and egress E0 cards with MPLS in the core and when an ATOM tunnel is configured on the egress line card.

Workaround: Before changing the MTU, stop the traffic across all the E0 line card interfaces. You can resume traffic after changing the MTU.

CSCsj74173

Symptoms: Egress E0 - Two ports OC3 channelized to DS1/E1 are crashing continuously just as traffic starts.

Conditions: E0 - In an IP->Tag fragmentation case with E4/E4P/E6 POS cards as the ingress and E0 as the egress card, for certain frame sizes larger than the egress MTU, the E0 egress card crashes. This happens only with the E0 card as egress.

Workaround: Make sure that the packets sent are less than the egress MTU of the E0 linecard to avoid any fragmentation.

CSCsj99269

Symptoms: With some VPN configurations, such as configurations with a multipath import or an import map, the CPU usage of the router may be very high for a long time, even after BGP convergence has occurred.

Conditions: This symptom is observed on a Cisco router that functions in a highly scaled environment involving several hundred VRFs and occurs after the router has been reloaded or after a switchover has occurred.

Workaround: There is no workaround.

CSCsk55768

Symptoms: IP connectivity is lost upon the occurrence of a short flap (microflap) in the optical signal.

Conditions: No particular conditions trigger this situation.

Workaround: There is no workaround.

CSCsk98123

Symptoms: Tx traffic may get dropped due to a "precam 1 exception."

Conditions: This symptom is observed when vrf vlite and strict urpf are configured on the interfaces. This happens in all releases when adjacency indexes between 65528 to 65531 are used in TX SRAM Adjacency programming on line cards. This happens only on port 0. Strict URPF not a required condition. It can happen without that.

Workaround: To recover from the situation, remove and re-apply the configuration on the interface when the problem is seen. To recover from the condition, shut and no shut of the interface is fine provided it does not get adjacency index allocated within 65528 and 65532. If URPF/PBR is configured or removed, then also it gets cleared.

Alternate Workaround: Do not use port 0 on the line card. Using a subinterface will mitigate the issue.

CSCsl05174

Symptoms:

Issue 1: A non-deleted PPP configuration inside the interface reappears when the interface is created again.

Issue 2: Some multilink configuration is not being synced to the standby (hold-queue).

Conditions: This symptom is observed when running RPR+.

Workaround: Reapply the original configuration.

Further Problem Description: Deletion of a multilink interface and subsequent creation using the same name may cause portions of the original configuration to return even if not explicitly configured. The hold- queue command is not being synchronized to the standby RP.

CSCsl36013

Symptoms: A Cisco 12000 series router with an Engine 0 ATM OC12 line card may experience a problem in which a Layer 2 adjacency rewrite string for an ATM PVC becomes invalid. The invalid rewrite results in packets being forwarded out the interface with the wrong Layer 2 details prepended.

Conditions: This symptoms is observed on a Cisco 12000 series router with an Engine 0 ATM OC12 line card.

Workaround: Use the following command for the affected IP address:

clear ip arp x.x.x.x

Further Problem Description: This problem can be identified using the execute-on [slot#] show controller rewrite Cisco IOS command, compared to the rewrite string in the show adjacency internal command:

Router# execute-on 1 show controller rewrite

========= Line Card (Slot 1) =========

LocalMAC rewrite table
Interface                             Address                           Output_Info -----------------------------------------------------------------------------
...
ATM1/0.1                          192.168.1.1                      0x1C062340
    4BA72000AABA031180C2000700000004
    757122D600081008B0560800 <-- incorrect
...

Router# execute-on all show adjacency internal

========= Line Card (Slot 1) =========

Protocol           Interface             Address
...
IP                     ATM1/0.1           192.168.1.1(9)
131229862 packets, 74135640171 bytes
02710100AABA031180C2000700000017
E0DC040200072009B0450800 <-- correct
...

Router# clear ip arp 192.168.1.1

Router# execute-on 1 show controller rewrite

========= Line Card (Slot 1) =========

Local MAC rewrite table
Interface                              Address                         Output_Info
----------------------------------------------------------------------------------
...
ATM1/0.1                            192.168.1.1                    0x1C025340
    6EA82000AABA031180C2000700000017
    E0DC040200072009B0450800 <-- correct
...

CSCsl36723

Symptoms: A SIP401/SIP600 may crash upon a primary CSC failover. FIA Halt related error messages are also seen.

Conditions: This symptom is observed upon a primary CSC failover.

Workaround: There is no workaround.

CSCsl43782

Symptoms: A CE-CE ping is failing in ATM-Ethernet/VLAN/ATM, PW/LS routed interworking scenarios.

Condition: This symptom is observed when the E3 ATM is in the CE side.

Workaround: There is no workaround.

CSCsl68227

Symptoms: An E3 linecard may drop packets larger than a certain size because of a buffer carving problem when the mtu command is used for multilink interfaces.

Conditions: This symptom is observed with images based on Cisco IOS Release 12.0(32)S10.

Workaround: Changing the MTU or reloading the linecard may clear the problem.

CSCsl89425

Symptoms: Bidirectional Forwarding Detection (BFD) sessions do not scale. This symptom is especially visible with an OSPF client when one of the peers is rebooted after configuring the maximum number of BFD sessions.

Conditions: This symptom occurs when configuring maximum BFD sessions or total number of BFD sessions too close to the maximum limit.

Workaround: Configure 90 percent of the maximum allowed BFD sessions.

CSCsl93596

Symptoms: When the MTU is changed on the core-facing E0 LC, all the E0 cards in the router crash.

Conditions: This symptom is observed with bidirectional traffic with an L3VPN, L2VPN configuration. There are also MPLS TE tunnels.

Workaround: There is no workaround.

CSCsl96577

Symptoms: The show ppp multilink statistics are not updated on a Cisco 7500 router.

Conditions: This symptom is observed when dLFIoLL+SSO is configured on the Cisco 7500 router and a switchover is performed.

Workaround: There is no workaround.

CSCsm07692

Symptoms: A SIP600 crashes.

Conditions: When the primary CSC is shut, the SIP600 crashes.

Workaround: There is no workaround.

CSCsm10560

Symptoms: A standby route processor crashes with a traceback when multilink is provisioned/unprovisioned continuously.

Conditions: This symptom is observed with a script. There is a small but significant chance of encountering this symptom during manual testing. This symptom occurs in branches based on Cisco IOS Release 12.0S only.

Workaround: There is no workaround.

CSCsm26130

Symptoms: When removing a subinterface from the configuration that contains an IP address that falls into the major net of the static route, the static route is no longer injected into the BGP table. Since the route is not in the BGP table, it is not advertised to any peers.

Conditions: This symptom is observed with auto-summary enabled in BGP. A static summary route is configured to null0 and is injected into the BGP table with a network statement.

Workaround: There are four possible workarounds:

1) Use an "aggregate-address" configuration instead of the static route to generate the summary.

2) Remove auto-summary from the BGP process.

3) Enter the clear ip bgp * command.

4) Remove and reconfigure the BGP network statement for the summary route.

CSCsm36057

Symptoms: "Warning: error msgs in vc stats" messages are displayed continuously on the console.

Conditions: This symptom is observed when the router is reloaded.

Workaround: There is no workaround.

If any statistics are not being updated properly on the serial interfaces on the Ch-SPAs, enable the debug hw sub slot/bay command on the RP.

CSCsm41303

Symptoms: A Cisco 12000 router with SIP-601 linecards may experience high CPU in the Tag Input process because of many packets being punted by the linecards to the PRP CPU. The packets are MPLS TTL expired packets that require an unreachable to be sent back. These packets should be processed on the linecard, but they are not.

Conditions: This symptom is observed only on SIP-601 10G linecards.

Workaround: There is no workaround.

CSCsm43195

Symptoms: A configuration of L2VPN interworking between SIP-601/GE SPA to SIP- 401/CT3/FR DLCI switching and with a QoS egress policy applied on the SIP-601 GE SPA interface, traffic may propagate egress on the GE port.

Conditions: When the policy is not applied, traffic flows egress on the GE SPA based interface. When the policy is applied, no traffic is seen egress on the GE interfaces.

Workaround: There is no workaround.

CSCsm48176

Symptoms: Line cards on a Cisco 12000 series router or a Cisco 7500 router might crash.

Conditions: This symptom is observed when the no ip multicast- routing distributed command for a VRF is issued when multicast tunnels are up. This symptom is also observed when MVRFs are deleted.

Workaround: Stop multicast traffic before deleting VRFs or issuing the no ip multicast-routing distributed command.

CSCsm57369

Symptoms: On switchover, we see the overhead message appearing in config if we have not configured.

Conditions: This symptom is observed only if there is a switchover in RPR+ or SSO mode.

Workaround: Manually change the config to restore the previous config.

CSCsm64491

Symptoms: Connecting SPA-4XCT3/DS0 SPAs back to back and executing the hw-module subslot x/y reload command causes the line card to crash.

Conditions: All the interfaces should be up and running. Note that this symptom occurs only because of the issue introduced by CSCsg96660; it is not seen otherwise without the image having the fix for CSCsg96660.

Workaround: There is no workaround.

CSCsm66081

Symptoms: If a multilink interface has one end connected to a Cisco 12000 router with a CHOC12/DS1-IR-SC and the other end connected to a non-Cisco- 12000 router, then the multilink interface receiver, at the non-Cisco-12000 router side, may drop all received packets because of packet fragment loss or out-of-order.

Conditions: This symptom may occur immediately when the first member link comes back up again after all member links of the multilink interface have gone down.

Workaround:

1) Create a new multilink interface.

2) Move the member links from the current multilink interface to the new multilink interface.

CSCsm75339

Symptoms: Tracebacks on mic-reload of SIP601.

Conditions: Mic-reload of SIP601 with CT3 SPA.

Workaround: Reloading the secondary RP should restore the out-of-sync ifindex tables.

CSCsm82600

Symptoms: PRP-1 fails to boot after an OIR/power cycle. LEDs might show RPT SENT or RP RDY.

Conditions: This symptom is observed upon a power cycle after upgrading the mbus-agent-rom of the PRP.

Workaround: Use the upgrade mbus-agent-rom slot force command with an older version of Cisco IOS software in the active RP to downgrade the mbus agent ROM of the problem RP.

CSCso21681

Symptoms: An output policy on an MFR interface disappears when the SIP 601 card is reset.

Conditions: Configure the service policy and apply it to the output of the MFR interface. Reset the SIP 601 card, and the service policy will disappear from configuration.

Workaround: There is no workaround.

CSCso22730

Symptoms: Prefixes learned via IGP (ISIS) get assigned "imp-null" as the local label for them.

Conditions: The router has ECMP paths to uplink routers via POS interfaces. It runs ISIS as an IGP. There could be TE tunnel configured on the POS interface. And frequent interface flaps.

Workaround: There is no workaround. Clear the route or flap the interface to bring back the correct local label.

CSCso25848

Symptoms: With an ingress E2 GigE line card and an egress E5 line card, packets are dropped in the egress line card with TX bad BMA buffer counts increasing.

Conditions: This symptom is observed when the ingress is E2 and the egress is E5.

Workaround: There is no workaround.

Further Problem Description: This issue is not seen with an E3/E5 combination or an E2/E6 combination.

CSCso31508

Symptoms: CEF and hardware CEF for global default route are inconsistent. This may cause the default traffic to be sent through the wrong interface.

Conditions: This issue occurs under the following conditions:

1. Global default should point toward the core.

2. VRF default should be learned from the remote PE.

Workaround: Enter the following command:

clear ip route 0.0.0.0 0.0.0.0

CSCso32397

Symptoms: An unexpected reboot occurs because of a software-forced crash.

Conditions: This symptom is observed when changes are made in the policy map.

Workaround: There is no workaround.

CSCso33290

Symptoms: L2VPN traffic on an MFR interface is unable to pass through FR/IETF encapsulation MPLS trunk. Furthermore, if this MFR interface is deleted and re-added, the following error messages are received.

SLOT 4:Mar 20 11:51:05.459 UTC: %SPA_CHOC_DSX-3-ERROR: Serial4/0/0/1:0: response parsing failed for DLCI (601) provisioning SLOT 4:Mar 20 11:51:05.471 UTC: %SPA_CHOC_DSX-3-ERROR: Serial4/0/0/1:0: response parsing failed for DLCI (602) provisioning

Conditions: This symptom is observed after an MFR interface is deleted and re-added.

Workaround: There is no workaround.

CSCso47485

Symptoms: The E4+ line card crashes continuously with the following output:

SLOT 1:Jan 19 02:06:09.559 UTC: %TX192-3-CPUIF: Error=0x40

rd 0x15 base 0x12 hdr 0x14 last 0x14 wr 0x14 insert 0x0 back 0x1 len 0x2474 cnt 0x0

Conditions: There is no exact trigger. But this symptom is observed when there are corrupt packets being sent from the ingress card under unknown circumstances.

Workaround: There is no workaround.

CSCso65289

Symptoms: High CPU utilization is seen on a Cisco 12000 series Internet router caused by the "IPC Seat Manager" process.

Conditions: This symptom may be observed when the router is enabled with multicast distributed routing and has high scaled multicast configurations.

Workaround: There is no workaround.

CSCso73511

Symptoms: Configure the line delay trigger at the line level in the Choc48 linecard as shown below.

Router# sh run | b 1/0

controller SONET 1/0
 alarm-report lais
 alarm-report lrdi
 alarm-report sd-ber
 sts-1 1 serial t3

Router# conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# controller sonet 1/0
Router(config-controller)# delay triggers line 10000
Router(config-controller)# do sh run | b 1/0

controller SONET 1/0
 alarm-report lais
 alarm-report lrdi
 alarm-report sd-ber
 delay triggers report
 sts-1 1 serial t3

Conditions: The serial interface should be UP and running.

Workaround: There is no workaround.

CSCso74028

Symptoms: The local PE is sending graft messages even after receiving data from the remote PE on an MVPN network.

Conditions: This symptom is observed when the graft-ack messages are lost in transit (could be due to misconfiguration/ACL, etc.).

Workaround: Fix the misconfiguration so that graft-ack messages are forwarded as expected.

CSCsq00167

Symptoms: 12000-SIP-401/501/601 has 8 MB of FSRAM with the fix CSCsm13564. But PLU and TLU adjacencies in the 12000-SIP-401/501/601 support up to 4 MB.

Conditions: If the hardware is supporting 8 MB of FSRAM, the PLU can have access to this 8 MB. But this is not happening.

Workaround: Identified through the code review of CSCsm13564. There is no workaround.

CSCsq03170

Symptoms: An input service policy with only the class-default class shows no matches.

Conditions: This symptom is observed after a reload of Cisco 12000 series routers, Linecard Engine 3, with an ATM interface configured for AToM, Port Mode.

Workaround: Move traffic and the configuration to another interface.

CSCsq24258

Symptoms: An E0 OC3 CH does not give the option to configure sts-1 interfaces.

Conditions: This symptom is observed when loading a Cisco IOS Release 12.0(32) S11 image on the router.

Workaround: There is no workaround.

CSCsq28627

Symptoms: CPU hogs are seen in a 1-port E3 channelized OC48.

Conditions: This symptom is observed when any of the following is done:

controller shut/no shut

mic reload <slot>

hw-mod slot <xx> shut/no shut

hw-module slot <xx> reload

Workaround: There is no workaround.

CSCsq36270

Symptoms: CE-CE pinging is failing.

Conditions: This symptom is observed when E5 POS is imposition.

Workaround: There is no workaround.

CSCsq49823

Symptoms: MDFS may get disabled in a scaled mVPN environment that has many global mroutes. Once disabled, it may keep on changing between the "active" and "disabled" states. Linecard CPU utilization may also go high.

Conditions: This symptom is observed with a Cisco IOS Release 12.0(32)S10 image.

Workaround: There is no workaround.

CSCsq70534

Symptoms: A router crashes because of a block overrun (overwriting the memory block).

Conditions: This symptom is observed only when templates are exported in the export packet, which is used only in version 9 version of exporting.

Workaround: Version 5 could be used for exporting.

Resolved Caveats—Cisco IOS Release 12.0(32)S10

Cisco IOS Release 12.0(32)S10 is a rebuild of Cisco IOS Release 12.0(32)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(32)S10 but may be open in previous Cisco IOS releases. This section describes only severity 1, severity 2, and select severity 3 caveats.

CSCek49315

Symptoms: LC crashes due to a very high rate link flap.

Conditions: Occurred on different SPAs inserted on GSR routers running 12.0(32)SY1 when FEC is disabled on the remote end.

Workaround: There is no workaround.

CSCek63384

Symptoms: A service policy is unexpectedly removed.

Conditions: This symptom is observed when you apply a service policy to a multilink interface and then the interface is reset.

Workaround: There is no workaround to prevent the symptom from occurring. When the symptom has occurred, reconfigure the service policy after the multilink interface has been brought up.

CSCsa87034

Symptoms: When you attempt to clear the routing table, the neighbor is brought down instead.

Conditions: This symptom is observed when you enter the clear bgp ipv4 unicast * or clear bgp ipv6 unicast * command, causing respectively the IPv4 neighbor or IPv6 neighbor to be brought down.

Workaround: There is no workaround.

CSCsc70055

Symptoms: A Cisco 7200 series may crash when you perform a graceful OIR of a port adapter that is processing traffic.

Conditions: This symptom is observed mostly when the port adapter processes ingress traffic.

Workaround: Do not perform a graceful OIR. Rather, perform a manual OIR.

CSCsc91735

Symptoms: CyBus errors may occur during an HA switchover, causing most VIPs to be disabled on a Cisco 7500 series.

Conditions: This symptom is observed when MLP Multilink interfaces are configured on channelized T3 (CT3) port adapters.

Workaround: Reload microcode onto all affected VIPs.

CSCsd10762

Symptoms: The following traceback appears:

FIB-4-FIBNULLIDB: Missing idb for fibidb Virtual4 (if_number 54).

Conditions: This symptom is observed when a router is reloaded.

Workaround: There is no workaround.

CSCsd49670

Symptoms: After recovery from a network outage, some multicast traffic may be duplicated for a period of up to 15 seconds.

Conditions: Occurred on a Cisco 12000 with 5 Gigabyte Ethernet line cards and running Cisco IOS Release 12.0(32)S. The router was configured for Protocol Independent Multicast source specific mode (PIM- SSM).

Workaround: There is no workaround.

CSCse04220

Symptoms: The BGP table version remains stuck at 1, and the router may crash.

Conditions: This symptom is observed when you enter the clear bgp ipv4 uni * command for IPv4 or the clear bgp ipv6 uni * command for IPv6. The symptom may also occur when you enter the clear bgp nsap uni * command for a network service access point (NSAP) address family.

Workaround: Enter the clear ip bgp * command to clear the sessions, purge the BGP table, and prevent the router from crashing.

CSCsg19546

Symptoms: The standby RP may reload unexpectedly because of a Redundancy Facility (RF) synchronization error.

Conditions: This symptom is observed on a Cisco router that is configured for SNMP, dMLP, and SSO.

Workaround: Do not configure SSO. Rather, configure RPR+.

CSCsh13581

Symptoms: Engine 5 line card crashes when MPLS is unconfigured either globally or on a subinterface.

Conditions: Occurred on a router running Cisco IOS Release 12.0(33)S. The problem can be seen even with two node setup with explicit NULL configured. There should be at least three parallel paths with equal weight between the source and destination.

Workaround: There is no workaround.

CSCsh16951

Symptoms: There is high CPU usage by the TAG process on the E4+ ingress line card.

Conditions: This symptom is observed when MPLS traffic comes in to the ingress E4+ and the MPLS configuration on the ingress interface is removed.

Workaround: There is no workaround.

CSCsh31546

Symptoms: Applying L4 operators (used with an ACL) on many interfaces at the same time generates a traceback.

Conditions: There is no set procedure for generating the traceback. You must play around with the configuration to generate it.

Workaround: Configure the ACL batch by batch; for example, 20 to 30 interfaces at a time.

CSCsh32191

Symptoms: Cisco 12000-SIP-601= with SPA-10X1GE running Cisco IOS Release 12.0(32)S2 in slots 3 and 5 both crash to software forced crash. Additional symptoms:

No logs may be seen other than "%RP-4-RSTSLOT: Resetting the card" - Crashinfo may not be generated

Events in the log:

SLOT 4:May 2 16:17:33.195: %GENERAL-3-EREVENT: Failed to delete TCAM entry -Traceback= 
400310E4 40597080 40597914 40597A60 41345534 41349360 41354978 4136B774 41362BCC 
41362E6C 41363190 413640A4 SLOT 4:May 2 16:17:33.195: %SYS-2-CHUNKFREE: Attempted to 
free nonchunk memory, chunk 45E099A0, data B0D0B0D. -Process= "CEF LC IPC Background", 
ipl= 3, pid= 90 -Traceback= 400310E4 400E07E0 405986CC 40597A6C 41345534 41349360 
41354978 4136B774 41362BCC 41362E6C 41363190 413640A4

Conditions: Routers was configured for CE to PE is using EIGRP. Edge facing line card is E5

Workaround: Configure no default-information in in the EIGRP section on PE, as shown in the following example:

address-family ipv4 vrf VrfOne redistribute bgp 1800 network 172.16.0.0 network 172.20.0.0 no default-information in no auto-summary autonomous-system 100 exit-address-family !

Further Problem Description: Router may display the following log:

SLOT 5:Jan 5 01:05:33 KST: %GENERAL-3-EREVENT: Failed to delete TCAM entry -Traceback= 
40030EF8 40589CE4 4058A554 4058A6A0 4122D3D8 412314B0 41231694 4123C7F8 41253540 
4124AA70 4124AD08 4124B02C 4124BF40 

CSCsh44940

Symptoms: Dynamic MAC re-write for port-channel causes around a 50-percent traffic drop.

Conditions:

A---LB1---------LB2---------LB3---B

1) Port-channel between LB2 and LB1 with two E5 members. Removed the member, whose MAC address is used for the port-channel, on both the routers. 2) Added the member back to the port-channel.

Traffic flows from B to A.

Workaround: Reload the microcode of the line card.

CSCsh54862

Symptoms: MPLS TE tunnel does not come up completely after using no shut on the tunnel interface. This tunnel interface then goes down after about 10 seconds.

Conditions: Occurs because RSVP Path/Resv messages are lost between head-end and tail-end.

Workaround: Configure static ARP so that RSVP setup message is not dropped.

CSCsh64365

Symptoms: A ping does not yield a 100-percent result after you have entered the no set-overload-bit for an IS-IS configuration.

Conditions: This symptom is observed on a Cisco 7200 series but is not platform-specific.

Workaround: There is no workaround.

CSCsh75224

Symptoms: RP crashes in IFS code when a SSH or TELNET session is established while the switch is attempting to download a configuration.

Conditions: Occurs on a Cisco Catalyst 6509.

Workaround: There is no workaround.

CSCsi07219

Symptoms: An Engine 3 4GE-SFP-LC= crashes by a Software Forced Crash after NetFlow-related configuration changes are made at the interface level. The crashes can occur from 30 minutes to several hours later.

Conditions: On a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(32)SY2 with a 4GE-SFP-LC=, NetFlow configuration changes at the interface level (Full NF or SNF) can trigger the crashes. This bug applies to NFv9.

Workaround: There is no workaround.

CSCsi17519

Symptoms: An E5 line card fails to boot up after multiple retries.

Conditions: This symptom is observed only on faulty hardware.

Workaround: There is no workaround.

Further Problem Description: The root cause is bad hardware that causes TCAM parity errors during line card init. In this particular line card, when the parity error interrupt is generated during line card init, the line card is reset. If the interrupt comes after line card init, the line card is not reset. So, in general, if the card reports multiple TCAM parity errors, and they are not correctable, it may be better to replace the hardware.

CSCsi83259

Symptoms: The MPLS labels for packets that are forwarded via CEF and MPLS over a BGP route may not match the labels in the BGP table.

Conditions: This symptom is observed on a Cisco RPM-XF-512 that runs Cisco IOS Release 12.4(6)T5 but is not platform-specific.

Workaround: Enter the clear ip route command for the prefix in the VRF.

CSCsi93023

Symptoms: A MOD 48 line card gets stuck in the UP IOS state for more than 45 minutes after an RPR switchover.

Conditions: The line card is MOD 48 and contains two 2-port SPA-2XCT3/DS0. This is connected to another router with MOD 48 with two 2-port SPA- 2XCT3/DS0. This is a back-to-back connection with all the T1 links created on both the SPA-2XCT3/DS0. Both MLPPP and MLFR bundles are created with half of the T1 links assigned to MLPPP and the other half assigned to MLFR with traffic flowing in the links.

Under these conditions, when an RPR switchover is performed, the MOD 48 gets stuck in the UP IOS state and does not recover for 50 minutes. After this duration, it comes up automatically.

Workaround: There is no workaround. To recover immediately from this state, reload the card.

CSCsi98730

Symptoms: The MPLS labels for packets that are forwarded via CEF and MPLS over a BGP route may not match the labels in the BGP table, which may lead to traffic loss.

Conditions: This problem occurs under certain circumstances and timing conditions.

Workaround: When the symptom occurs, enter the clear ip route command for the prefix in the VRF.

CSCsj16016

Symptoms: With an ingress E2 GigE and an egress E5 (SIP 600/601 with a 1x10GE SPA), packets are dropped in the egress line card with TX bad BMA buffer counts increasing.

Conditions: This symptom is observed when the ingress is E2 and the egress is E5.

Workaround: There is no workaround.

Further Problem Description: This issue is not seen with an E3/E5 combination or an E2/E6 combination.

CSCsj23805

Symptoms: Using the show isis timers causes the router crashes.

Conditions: Occurred on a router running Cisco IOS Release 12.0(31)S2y.

Workaround: There is no workaround.

CSCsj59130

Symptoms: A router crashes when QoS is configured on POS and traffic line rate is sent.

Conditions: This symptom is observed whenQoS and above line rate traffic.

Workaround: Remove QoS.

CSCsj78019

Symptoms: Buffers on a line card are depleted, causing the LC to stop transmitting packets and possibly reset.

Conditions: E3/E5 on Tx side may have buffer depletion if running a defective image that corrupts the OQ to 0.

Workaround: Reload the line card.

CSCsj88891

Symptoms: A console message is displayed with an unknown MPLS peer and VCID.

Conditions: This symptom is observed after the xconnect configuration is deleted.

Workaround: There is no workaround.

CSCsk14495

Symptoms: A bogus line card crash is reported during a PLIM reset.

Conditions: This symptom is observed during a PLIM reset.

Workaround: There is no workaround.

CSCsk15805

Symptoms: If you shut down a TE tunnel interface and you have a static route through the tunnel, the routing table is not updated immediately but only when the static scan runs (every minute by default).

Conditions: This problem is fine if the static route is pointing to a physical interface and happens only with TE tunnel interfaces when it is configured with the ip routing protocol purge command.

Workaround: Remove the ip routing protocol purge command or tune the adjust timer (ip route static adjust-time command).

CSCsk30571

Symptoms: Field diagnostics fail (indicating a DOWNLOAD FAILURE) on the standby PRP2 when the PRP2 has 4 GB of memory installed.

After 40 minutes, the default download time limit, field diagnostics declare a download failure and reload the board. The failure message for this looks like the following:

Field Diagnostic: ****DOWNLOAD FAILURE**** while preparing slot {#}
Field Diag eeprom values: run 3 fail mode 5 (DOWNLOAD FAILURE) slot {#} last test 
failed was 0, error code 0 Shutting down diags in slot {#}

Board will reload.

Conditions: This symptom is observed for any release of Cisco IOS software when you attempt to run field diagnostics on a standby PRP that has 4 GB of memory.

Workaround: There is no workaround.

CSCsk36276

Symptoms: Traceback seen at tfib_post_table_change_label_request_needed.

Conditions: Occurs during SSO switchover on a Cisco 7606 router.

Workaround: There is no workaround.

CSCsk36552

Symptoms: Some packet flows may be dropped when the next-hop is load-shared between MPLS-TE tunnel and physical interface. The next-hop entry for the physical interface is invalid in Hardware-CEF table in ingress Line-Card during this problem. This cause the some packet flows which look up the invalid entry as the result of hash calculation to be dropped. The other flows which looks up the tunnel interface are not affected.

You can check the detail of hardware-CEF table for this problem by entering the show ip hardware-cef prefix detail command in Engine 3 and Engine 5.

Conditions: This problem occurs when the next-hop is load-shared between MPLS-TE and physical interface. This problem may be observed when using Engine 3 or Engine 5 as the ingress Line-Card on GSR.

Workaround: There is no workaround.

CSCsk47914

Symptoms: Traffic forwarding stops after micro-reloading the egress card when E4+ is ingress.

Conditions: Occurs after micro-reload of the egress line card

Workaround: 1. Micro-reload the E4+ line card. 2. Use the clear cef line card ingress card slot# command to recover the traffic.

CSCsk49843

Symptoms: E3 4xOC12 ATM line card may crash on enabling feature mode.

Conditions: Occurs when IPv4 VPN routing/forwarding (VRF) is configured on an IPv6-enabled interface.

Workaround: Apply an IPv6 ACL to "permit any any".

CSCsk71509

Symptoms: Line card stops forwarding after the ip default-network 192.168.228.0 command is entered.

Conditions: Occurs on a LC Engine 5 with 12000-SIP-601 and running Cisco IOS Release 12.0(32)SY1 or 12.0(32)SY4. Problem also occurs on SPA-8XCHT1/E1 and 10Gigabit.

Workaround: Use Interior Gateway Protocol (IGP) to propagate the default route 0.0.0.0. BGP or OSPF also work. You can also add static route 0.0.0.0/0.

CSCsk81155

Symptoms: OSPFv3 loses hello packets causing neighbors to flap.

Conditions: Occurs on a Cisco GSR router running Cisco IOS Release 12.0(32)S7 and later when TE tunnels are configured.

Workaround: There is no workaround.

CSCsk81725

Symptoms: All E6 line cards are holding incorrect output slot information in hardware CEF for default route. At the same time, other E4+ and E2 LCs have no problem with hardware CEF.

Conditions: Unknown.

Workaround: Use the clear ip route 0.0.0.0 command.

CSCsk82701

Symptoms: Hot Standby Routing Protocol (HSRP) Virtual IP address is unreachable. IP address assigned to the interfaces is reachable.

Conditions: Problem was seen in GSRs with different SPAs. Problem occurs only when line card is installed for the first time or if it is moved between slots. Problem only occurs if the same interface is both configured for HSRP and assigned to VPN routing/forwarding (VRF).

interface GigabitEthernet3/0/0.5 ip vrf forwarding ip address X.X.X.2 X.X.X.X standby 1 ip X.X.X.1 standby 1 priority 110 standby 1 preempt

Workaround: Reload active and standby router as if you reload only active there is a chance standby router once become active may hit the problem. Or, remove the HSRP configuration before moving the line card.

CSCsk83652

Symptoms: Ping from CE to PE fails

Conditions: Occurs when multilink bundle is removed from SIP 401/501/601/600 using no multilink-group and added to SIP 400/6CT3 LC/2CHOC3 LC.

Workaround: Use a new multilink bundle (multilink2) when removing member links from the SIP 401/501/601/600 (multilink1) and adding links from SIP 400 / 6CT3 LC / 2CHOC3 LC . It is not sufficient to delete the bundle (multilink1) and add the bundle configuration back with the same bundle name as it does not reset the layer 2 information.

CSCsk99530

Symptoms: The MPLS forwarding table has an untagged outgoing entry for a VPNv4 prefix in a CSC case.

Conditions: This is an LDP/IGP (OSPF etc.) based CSC-PE. The VPNv4 prefix shall have a local/redistributed (PE-CE OSPF etc.) path as well as an iBGP path. If the CE path is toggled and then there is a LABEL ONLY change from the iBGP neighbor, the issue will be seen. BGP will end up programming "Untagged" for the local/redistributed prefix, overwriting what is given by LDP.

Workaround: There is no real workaround. To clear the problem, issue a clear ip route command for the vrf-prefix in question. If there are redundant paired PEs, make sure to clear the problem on both routers with the clear ip route command.

CSCsl09752

Symptoms: Packet drops occurring on PE router.

Conditions: Occurs after sending traffic from VPN routing/forwarding (VRF). Traffic is stopped until the mroute entries get cleared. When traffic is sent from core, packets are dropped.

Workaround: Reload the line card.

CSCsl11335

Symptoms: The number of entries obtained from the "ciscoMvpnBgpMdtUpdateTable" table using the getmany command is incorrect

Conditions: Occurred on a Cisco 7200 router running Cisco IOS version 12.4(17.9)T.

Workaround: There is no workaround.

CSCsl15026

Symptoms: Configuration applied to a multilink interface is not reflected on the interface.

Conditions: Occurs when a configuration is applied immediately after adding the first link to a multilink PPP or a multilink frame-relay bundle. It affects any configuration applied to the main interface or to the sub-interface of the bundle. The problem does not occur when adding subsequent member links to the bundle.

Workaround: After adding the first link, wait 15 seconds before applying any configuration to the bundle interface or on the sub-interface. If any of the configurations are missing, re-apply them.

CSCsl16385

Symptoms: Line card reloads.

Condition: Occurs after high-availability switchover and caused by excessive number of control messages.

Workaround: There is no workaround.

CSCsl17766

Symptoms: Attempting to configure serial interfaces results in the following message and a traceback:

%FIB-2-HW_IF_INDEX_ILLEGAL: Attempt to create CEF interface for Serialx/x with illegal 
index: -1

Conditions: When this happens the "ifindex" table appears to be incorrect on the PRP as a result of a race condition related to online insertion and removal (OIR) events. This problem should only occur if SSO redundancy is configured.

Workaround: If this happens on an HA-protected Active RP, check whether the Standby RP has good if- index values for all interfaces by running the show idb EXEC command on the Standby RP. If so, then do an RP switchover, so the RP with good interface indexes becomes the Active RP.

If the Standby RP shows this symptom, reload the Standby RP and check that after it comes up it has good if-index values, which should happen in most cases.

CSCsl32220

Symptoms: Cisco 12000 router running Cisco IOS Release 12SY may experience intermittent communications problems over Bridged VCs and ARP entries are not repopulated.

Conditions: Occurs when VC is configured for half-bridging and the router is running Cisco IOS Release 12.0SY.

Workaround: Use Cisco IOS Release 12.0S or, use VCs with routed encapsulation.

CSCsl33781

Symptoms: Primary RP crashes when the clear counter command is entered.

Conditions: Occurs when the command is entered while traffic is flowing.

Workaround: There is no workaround.

CSCsl41107

Symptoms: When explicit-null packets are received on URPF bundle, there is a possibility of BMA errors and crash.

Conditions: Occurs when explicit-null and URPF are configured.

Workaround: There is no workaround.

CSCsl51587

Symptoms: The channelized SPA is in admin down state. When the show hw-module subslot x brief command is entered on the LC, the LC may crash.

Conditions: Unknown at this time.

Workaround: There is no workaround.

CSCsl53811

Symptoms: Some FRR database entries become active after reoptimization. Traffic on the LSP which become FRR active is forwarded to the wrong path and continues to drop.

Conditions: This problem may happen when manual or timer reoptimization is performed during convergence. This problem may happen when "Tunnel head end item" and "LSP midpoint item" in FRR database have more than one entry in each item. This problem may happen when midpoint entry in "LSP midpoint item" is the LSP using "loose" path-option on a headend router.

Workaround: There is no workaround.

Further Problem Description: FRR database state and the traffic recover by doing primary tunnel or backup tunnel's "shutdown" / "no shutdown" if this problem occur. If we configure longer reoptimization timer or we perform manual reoptimization after convergence, this problem may not occur

CSCsl60370

Symptoms: GSR not soaking SLOS and bringing down interface immediately

Conditions: The issue occurs only when the GSR redundancy switchover happens.

Workaround: There is no workaround.

CSCsl62276

The supplied note does not exist in CDETS

CSCsl63885

Symptoms: Packet drops occur when doing MPLS ip2tag and tag2ip load balancing on an Engine 2 line card.

Condition: Occurs on a Cisco 12000 series router running Cisco IOS Release 12.0(32)sy2d.

Workaround: Enable LDP on the tunnel.

CSCsl65264

Symptoms: EF CAR value does not set properly in TCAM for MFR bundle interface.

Conditions: Occurs when MFR interface is shut and no shut.

Workaround: Remove and re-apply output service policy to the MFR interface.

CSCsl65977

Symptoms: IOS field diagnostics is failing with various error messages about "Slave Clock" such as displayed below:

Error disabling LC Enable register on CSC 0, SCA768_LC_ENABLE_2_S 0x7f, read_count 100 
... Timed out waiting for TX Network Interrupt to happen ... Slot 16, Slave Clock 
Control Register 0x00000000

Conditions: This has only been observed on a Cisco 12000 router when there are 12010E-CSC and 12010E-SFC fabric card in the chassis.

Workaround: There is no workaround.

CSCsl67815

Symptoms: When core-facing line card reloads or has link flap, the edge-facing E5 for mVPN may not forward mVPN traffic.

Conditions: This defect is observed with an internal version off Cisco IOS Release 12.0(33)S.

Workaround: Enter the clear ip mds line <edge facing E5 lc slot> command.

CSCsl81258

Symptoms: On a Cisco 12000 router running Cisco IOS Release 12.0(32)SY4, the SNMP ifIndex is missing for subinterfaces of the first SPA of a Engine 5 SIP-600 Line Card, as follows:

router#sh snmp mib ifmib ifindex GigabitEthernet15/0/3.951 Invalid ifIndex for GigabitEthernet15/0/3.951

This issue affects accounting and billing.

Conditions: Occurred after router was upgraded from Cisco IOS Release 12.0.(31)s6 to Cisco IOS Release 12.0.(32)SY4.

Workaround: There is no workaround.

CSCsl92482

Symptoms: Fragmentation is handled incorrectly on GSR E5 line card. We can send up to around 2Gbps of fragmented traffic without performance impact. When the egress line card CPU reaches 100%, the rate of the fragmented traffic drops down to 50Mbps.

Conditions: Occurs when all CPU resources of the egress LC are consumed.

Workaround: There is no workaround.

CSCsl93926

Symptoms: E5 line card configured for CFI and BFI may crash when passing mVPN traffic.

Conditions: This is observed with Cisco IOS Release 12.0(32)SY5.

Workaround: There is no workaround.

CSCsl98882

Symptoms: Traffic stops forwarding after the deletion of a security output ACL which is shared with the other port on a two-port OC-192, with the port carrying the traffic having a feature-output ACL.

Conditions: Occurs on a two-port OC-192 E6 card. Both the ports should be configured with output or input security ACLs, and one port which is carrying the traffic should have output or input ACL. For this issue to happen, all the ACLs need to be either output or input type simultaneously.

Workaround: Configure a new ACL with a different name from the original ACL, then remove it. The traffic can then be forwarded again.

Further Problem Description: This issue is specific to E6 alone and will not happen on E4.

CSCsm02749

Symptoms: When multicast VPN routing/forwarding instance (mVRF) is un-configured, memory leak may occur in line cards.

Conditions: This symptom is observed in Cisco 12000 Series Routers and Cisco 7500 Series Routers when multicast distributed routing is enabled on VPN routing/forwarding instance.

Workaround: There is no workaround.

CSCsm04631

Symptoms: RP crashes due to memory corruption.

Conditions: LC or SPA sending wrong VC number during stats update.

Workaround: There is no workaround.

CSCsm11787

Symptoms: Customer reporting intermittent loss of L2 tunnel with no error messages.

Conditions: Occurs on a Cisco 7500 router running Cisco IOS Release 12.0(31)S02y.

Workaround: There is no workaround.

CSCsm17607

Symptoms: GSP image not getting build

Conditions: Error in implicit declaration bfr_is_jag48_chocx_card.

Workaround: There is no workaround.

CSCsm24189

Symptoms: 1choc12 ISE: PLIM might reset due to heartbeat failure.

Conditions: This happens when the following errors occur on the PLIM console: [2]T1:5 rx error(crc or non-integer size) 5 [2]T1:5 rx error(crc or non-integer size) 5

And when one or more paths have PAIS.

Workaround: Reduce the TEMUX logging level to 0 as follows attach slot# plim logctl /dev/temux 0 And then clear the path AIS.

CSCsm32438

Symptoms: The ifStackStatus results for SPA-4XCT3/DS0 on GSR intermittently do not show relationship between Serial interface and T1, nor T1 to CT3.

Conditions: Occurs when running Cisco IOS Release 12.0(32)S6d with SPA-4XCT3/DS0. Polling ifStackStatus results do show layered relationship with Serial interface, T1 to CT3.

Workaround: Remove and add again the T1 link channel-group if possible.

CSCsm33743

Symptoms: VIP reloads.

Conditions: Occurs upon unconfiguring a service-policy from an interface. The crash is triggered by an illegal memory access operation. The issue can affect any interface and on any platform.

Workaround: No workaround.

Further Problem Description: This bug does not impact Cisco IOS Release 12.2SXF, 12.4, or 12.4T releases. This is seen very rarely and is not reproducible in lab.

CSCsm45666

Symptoms: E5 LC crash on startup with multicast traffic flowing.

Conditions: Reboot the router.

Workaround: There is no workaround.

CSCsm61527

Symptoms: Service policy with DCBWFQ does not offer guaranteed bandwidth.

Conditions: Occurs when DCBWFQ is configured in RSP router loaded with an internal version of Cisco IOS Release 12.0(32)S10.

Workaround: Increase the queue limit manually.

CSCsm87206

Symptoms: Alternate PVC may go down if you reload the local PE line card 10 seconds after the remote PE line card.

Conditions: Occurs with Cisco 12000 router loaded with Cisco IOS Release 12.0(32)sy0i image. Local PE is configured with 4xCT3, and remote PE is configured with 1xSTM1 and L2tpv3.

Workaround: Reload with long delay between local and remote PE's LC

Resolved Caveats—Cisco IOS Release 12.0(32)S9

Cisco IOS Release 12.0(32)S9 is a rebuild of Cisco IOS Release 12.0(32)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(32)S9 but may be open in previous Cisco IOS releases. This section describes only severity 1, severity 2, and select severity 3 caveats.

Basic System Services

CSCef32207

Symptoms: The no snmp trap link-status command is not available.

Conditions: Occurs only in the Frame Relay sub-interface.

Workaround: There is no workaround

CSCsd59610

Symptoms: Cisco 7500 router with a RSP8 running Cisco IOS Release 12.0(27)S5b may experience traceback errors when the command bgp regexp deterministic is issued.

%SYS-4-REGEXP: new engine: regexp compilation had failed.
-Process= "BGP Router", ipl= 0, pid= 172
-Traceback= 40E601F4 40E5E8C0 40E5F950 40E5E128 4060BD4C 407CCF14 407CD440 407CE4A0 
407A944C 407AB594 407ABE90 4079BA34
 
   

Conditions: Traceback appears after issuing the command bgp regexp deterministic.

Workaround: Disable bgp regexp deterministic.

CSCse68904

Symptoms: IPC-INVALID with tracebacks seen after switchover.

Conditions: RPR-PLUS is configured on Cisco 7500 router.

Workaround: There is no workaround.

CSCsg39295

Symptoms: Password information may be displayed in a Syslog message as follows:

%SYS-5-CONFIG_I: Configured from scp://userid:password@10.1.1.1/config.txt by console
 
   

Conditions: When using SNMP to modify a configuration by means of the CISCO-CONFIG-COPY-MIB, selection of ConfigCopyProtocol of SCP or FTP may result in the password being exposed in a syslog message.

Workaround: When using SNMP to modify a configuration by means of the CISCO-CONFIG-COPY-MIB, use the ConfigCopyProtocol of RCP to avoid exposure of the password.

CSCsg69244

Symptoms: After you have performed a microcode reload on a router, a ping may not go through for 100 percent.

Conditions: This symptom is observed on a Cisco router that has an RSP after you have entered the microcode reload command.

Workaround: There is no workaround.

CSCsj05318

Symptoms: The following error messages occur:

May 9 08:12:02.449: %CONTROLLER-5-UPDOWN: Controller E1 3/1/7, changed state to down
May 9 08:12:03.449: %CONTROLLER-5-UPDOWN: Controller E1 3/1/7, changed state to up
May 9 08:48:16.354: %CONTROLLER-5-UPDOWN: Controller E1 3/1/7, changed state to down
May 9 08:48:16.354: %RSP-3-ACCERROR: Serial3/1/7:1 acc E80002BA had bad value 39
-Traceback= 40348B24 404E4DEC 4050B378 405086B4 405087AC 4050CAAC 4050E754
 
   

Conditions: Possibly caused by unstable line 3/1/7.

Workaround: Shutdown the interface 3/1/7.

CSCsj68341

Symptoms: snmpEngineBoots variable, used in SNMPv3 packets, not incremented correctly during RP switchover when using RPR+ on a Cisco 12000 Series router. This may cause issues for third party mediation devices that attempt to utilize this variable to decide if the SNMPv3 configuration needs to be reinstated after a reboot or RP switchover of the device.

Conditions: Add SNMPv3 configuration, then do an RP switchover two times. At least one of the times, the snmpEngineBoots variable will not have incremented. Variable can be decoded via packet capture of SNMPv3 packets from router, or with snmpwalk:

snmpwalk -v 3 -Os -u USERNAME -l authNoPriv -A PASSWORD Z.Z.Z.Z snmpEngineBoots
 
   

Workaround: There is no workaround.

CSCsk03336

Symptoms:

Interface counters on E5 line cards may show incorrect packet input stats in the output of show interface.

Conditions: Problem is seen when the line card CPU spikes to over 90% due to the process "CEF LC IPC Backg"

Workaround: Issuing the clear counters command will temporarily correct the counters.

CSCsk09044

Symptoms: Customer experienced excessive environmental messages on the logs when environmental temperature is still normal.

Jun 22 19:44:18.229: %CI-6-ENVNORMAL: RSP(6) Inlet measured at 19C/66F
Jun 22 19:44:21.765: %CI-6-ENVNORMAL: RSP(6) Hotpoint measured at
25C/77F
Jun 22 19:44:25.301: %CI-6-ENVNORMAL: RSP(6) Exhaust measured at
25C/77F
Jun 22 19:44:28.836: %CI-6-ENVNORMAL: RSP(7) Inlet measured at 19C/66F
Jun 22 19:44:32.372: %CI-6-ENVNORMAL: RSP(7) Hotpoint measured at
24C/75F
Jun 22 19:44:35.908: %CI-6-ENVNORMAL: RSP(7) Exhaust measured at
24C/75F
Jun 22 19:44:39.556: %CI-6-ENVNORMAL: +12 Voltage measured at 12.26
Jun 22 19:44:43.092: %CI-6-ENVNORMAL: +5 Voltage measured at 5.11
Jun 22 19:44:46.627: %CI-6-ENVNORMAL: -12 Voltage measured at -12.03
Jun 22 19:44:50.163: %CI-6-ENVNORMAL: +24 Voltage measured at 21.60
Jun 22 19:44:53.699: %CI-6-ENVNORMAL: 2.5 Reference measured at 2.47
 
   

Conditions: These are called ENVMIB clearance messages and indicate that a problem condition has returned to normal condition. Unless there is a problem condition these should not be seen and if once seen they should not repeat.

Workaround: There is no workaround.

EXEC and Configuration Parser

CSCsj85585

Symptoms: Active is getting the following errors:

00:45:48: %IPCGRP-3-ERROR: set cfg-exited: timeout 00:46:11: %IPCGRP-3-ERROR: standby 
set time: timeout

Conditions: If we give the any "do commands" under config mode/(interface) and If we wait until (exec-timeout 1) timer times out, we can observe these errors in active and also output of "do command" is displayed in standby.

Workaround: There is no workaround.

Interfaces and Bridging

CSCsh31952

Symptoms: High number of input errors and ignores when locally switching traffic on a VIP6-80. Traffic coming in on a PA-2FE and out a PA-A6-OC3-SMI on the same VIP we will see input errors on the PA-2FE.

Conditions: Occurs on a Cisco 7500 series router with an RSP16 with VIP6-80s running 12.4 PA-2FE and PA-A6-OC3-SMI.

Workaround: There is no workaround:

IP Routing Protocols

CSCsc67367

Symptoms: The set ip next-hop in-vrf vrf-name command does not work in conjunction with import maps.

Conditions: This symptom is observed on a Cisco router that is configured for BGP.

Workaround: There is no workaround.

CSCsd72747

Symptoms: A OSPF router in a NSSA that summarizes an address will keep the summary learned via a neighbor router after using the clear ip route * command.

Conditions: Both neighbors are summarizing the same network in a NSSA area and are advertising it.

Workaround: Use the clear ip ospf process command.

CSCsf02935

Symptoms: A router that is configured for OSPF Sham-Link and BGP redistribution may crash.

Conditions: This symptom is observed only in network topologies with OSPF routes that traverse two or more sham links. For example, the symptom may occur in a hub-and-spoke topology with sham links between the hub and two or more individual spokes. This symptom was observed on a Cisco 10000 series but may also occur on other platforms.

Workaround: There is no workaround.

CSCsg16778

Symptoms: A router may reload when Border Gateway Protocol (BGP) neighbor statements are removed from the configuration.

Conditions: This symptom is observed in rare circumstances on a Cisco router when BGP neighbors are removed very quickly by a script at a much faster rate than manually possible and when a large BGP table is already present on the router before the script adds and removes the BGP neighbors.

Workaround: There is no workaround.

Further Problem Description: If you manually remove the BGP neighbors, it is less likely that the symptom occurs.

CSCsg42488

Symptoms: In an MPLS VPN where OSPF is being used between PE and CE, if the BGP VPNv4 routes received over the VPN backbone are advertised by a Juniper device, OSPF Route-Type and OSPF Router-ID extended community may not be interpreted correctly. This may result in the PE redistributing the incorrect route-type via OSPF.

Conditions: - OSPF being used between PE-CE - BGP VPNv4 prefixes received from a Juniper device

Workaround: If it is possible to configure OSPF Route Type Extended Community/OSPF Router ID Extended Community type to be advertised by the Juniper device, then using the 0x8000/0x8001 would avoid this problem.

RFC4577 defines two encodings for Route Type and Router ID BGP communities that are used in VPN context:

OSPF Route Type Extended Community - 0x0306 or 0x8000 OSPF Router ID Extended Community - 0x0107 or 0x8001

Cisco uses the original encodings (0x8000 and 0x8001) when advertising routes over the VPN backbone and does not currently recognize the new types (0x0306 and 0x0107).

CSCsg43140

Symptoms: A router may crash during the boot process and return to ROMmon.

Conditions: This symptom is observed on a Cisco router that is configured for BGP and that has VPNs configured.

Workaround: There is no workaround.

CSCsh02161

Symptoms: A Route Reflector (RR) does not withdraw a prefix that redistributes itself even if this prefix is removed from the BGP table.

Conditions: This symptom is observed on a Cisco router that functions as an RR that advertises two of the same prefixes with different Route Distinguishers (RDs) when one of these prefixes redistributes itself and when the other prefix is a route that is learned from an RR client via iBGP.

Workaround: There is no workaround.

CSCsh12493

Symptoms: After addition/deletion/modification of a VRF and the re-addition of associated configuration, it becomes apparent that the RIB is not being updated by BGP after reconvergence, and LDP neighborship is reestablished. As the RIB is not updated, neither is CEF. While BGP VPNv4 has the correct information, the RIB is empty of remote PE VRF subnets, and CEF has a default entry.

Conditions: This symptom is observed on Cisco 12000 series router that is running Cisco IOS Release 12.0(32)S6.

Workaround: Can be recovered by clearing BGP session.

CSCsi48304

Symptoms: After a reload, the following error message may be displayed if an OSPFv3 router redistributes large numbers of the external routes:

%OSPFv3-3-DBEXIST: DB already exist
 
   

No impact to the operation of the router has been observed.

Conditions: Redistribution is configured, then router is reloaded.

Workaround: There is no workaround.

CSCsj32013

Symptoms: A Cisco 12000 series router may crash unexpectedly.

Conditions: Occurred only on Cisco IOS Release 12.0(32)SY0f.

Workaround: There is no workaround.

CSCsk35970

Symptoms: Repetitive CPU spikes are seen on Cisco 12000 series router, running 12.0(32)S and configured for BGP multipath with several iBGP and eBGP peers.

Conditions: TblVer is incrementing every 5 minutes, thus causing the BGP Router process to inflict CPU spikes at every 5 minutes.

Workaround: There is no workaround.

ISO CLNS

CSCee04303

Symptoms: A Cisco router running ISIS routing protocol may experience spurious memory access issue. The following messages can be seen:

*Sep 5 10:40:11.781 JST: %ALIGN-3-SPURIOUS: Spurious memory access made at 0x61081F84 
reading 0x4
*Sep 5 10:40:11.781 JST: %ALIGN-3-TRACE: -Traceback= 61081F84 610833C0 61083D8C 
6108438C 610748D0 610751B4 00000000 00000000
 
   

Conditions: Occurs only while rebooting.

Workaround: There is no workaround.

CSCee73764

Symptoms: The interface command isis metric xxx on the MPLS tunnel interface is not shown in the configuration, nor does it take effect when a non-default value is configured.

Conditions: When MPLS TE tunnel is configured and ISIS is used as routing protocol.

Workaround: There is no workaround.

CSCsh38140

Symptoms: CEF drops seen when new link comes up, and IS-IS picks the new link as the best path.

Conditions: Only seen when IS-IS the IGP routing protocol used.The problem is that IS-IS is not an IP based routing protocol, so IS-IS does not depend on IP connectivity between the routers, and can install routes with a next-hop for which no ARP entry exists yet. This leads to a short window of loss until the ARP entry is resolved.

Workaround: Ensure the ARP entry is present, for example:

Use static ARP entries for the neighboring routers.

Enable an IP based protocol between the 2 routers, for example BFD.

CSCsi25729

Symptoms: BFD is not enabled.

Conditions: Occurs when BFD is configured along with ISIS

Workaround: Reload the LC.

CSCsj53361

Symptoms: IS-IS adjacencies may flap after a stateful switchover (SSO) has occurred.

Conditions: This symptom is observed when there are large number of adjacencies (for example, 16) and when the IS-IS database is large (for example, one LSP containing 5000 routes).

Workaround: Increase the hold time that is advertised in the IS-IS Hello (IIH) packet by entering the router isis nsf advertise holdtime 90 command on the router on which the SSO occurs.

CSCsj72039

Symptoms: The prefix of a serial interface that is configured for PPP or HDLC and that functions as a passive interface for IS-IS may not be installed in the local IS-IS database.

Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.2(18)SXF6 but is not release-specific.

Workaround: Remove and reconfigure the passive-interface command.

First Alternate Workaround: Enter the clear isis * command.

Second Alternate Workaround: Enter any command that triggers the generation of the local IS-IS database.

CSCsj89636

Symptoms: For routers with parallel links connected through switches, if neighbor shuts down ethernet interface, ISIS routes in the routing table use that interface as nexthop will not be deleted even after it receives new LSP from the neighbor reflecting the topology change until adjacency times out, thus create temporary blackhole and delay the convergence.

Conditions: Parallel link exists between routers.

Workaround: Enable BFD on interfaces.

CSCsk02919

Symptoms: IPV6 Traffic is hit in one direction after resuming when OIR is performed on the connecting SIP on the router at the other end.

Conditions: Topology in which the bug was found:

CRS1(GigE)--------------(GigE)GSR

Occurs when an OIR is performed on GigE Line Card of CRS1 connecting to the GigE of GSR the IPV6 traffic going in one direction (from GSR to CRS) is hit again for about 4 seconds after the traffic has resumed after the OIR.

Workaround: There is no workaround.

CSCsk95829

Symptoms: A quick shut/no shut (less than 3 sec) of a traffic eng tunnel interface results in the tunnel being removed from the routing table.

Conditions: Occurs on a Cisco 7600 series router running Cisco IOS Release 12.2(33)SRB1. Routing protocol is ISIS.

Workaround: Wait at least 7 seconds to do the no shut after the initial shut on the tunnel interface. If you can not wait for than 7 sec to shut/no shut the tunnel interface then you can configure: .ip routing protocol purge interface

CSCsk98772

Symptoms: Route might be missing in the routing table.

Conditions: If there is a DR change and ISIS SPF finishes before neighbor sends the router with correct LAN ID reflecting the new DR.

Workaround: Anything that can trigger another SPF run will correct this problem.

Miscellaneous

CSCdv70397

Symptoms: Whenever an ACE is deleted on the RP from a numbered extended or standard ACL, the corresponding ACL is removed from the LC.

Workaround: Use one of the following:

1. Use named extended or standard ACLs.

2. If it is really necessary to use numbered ACLs, modify them offline, delete the whole ACL and re-apply it on the RP.

CSCek56415

Symptoms: The Hierarchal Queuing Framework (HQF) is not removed after you have removed a service policy.

Conditions: This symptom is observed on a Cisco 7200 series that has an NPE-G1 and that runs Cisco IOS Release 12.2SB.

Workaround: There is no workaround.

CSCek78719

Symptoms: While running a Cisco IOS Release 12.0(32)S image, an Engine 3 line card on a Cisco 12000 series router may report some CPUHOG error messages similar to the following:

%SYS-3-CPUHOG: Task ran for 2264 msec (282/155), process = Per-Second Jobs, PC = 400FC51C. -Traceback= 400FC524 400ACC0C 40102FCC 400ACC38 400D7580 400D756C

Conditions: This symptom happens during normal operation.

Workaround: There is no workaround.

CSCin97669

Symptoms: The standby RP resets continuously because of synchronization failures.

Conditions: This symptom is observed on a Cisco router when you first perform and OIR of a VIP in which a port adapter is installed that supports both T1 and E1 (for example, a PA-MC-8TE1+ port adapter) and then an SSO switchover occurs.

Workaround: There is no workaround. You must power-cycle the standby RP to enable it to come up.

CSCin98630

Symptoms: When an InARP request is received on an AAL5SNAP PVC, the router does not respond with an InARP reply.

Conditions: This symptom has been observed when the source address contained in InARP request is not in the subnet of the sub-interface on which PVC is configured.

Workaround: There is no workaround.

CSCir02303

Symptoms: InARP map gets deleted and ping does not work.

Conditions: This problem is seen when there is P2P on one side and multipoint on the other. The map is deleted on the multipoint side, and the inARP configuration is changed on P2P side.

Workaround: There is no workaround.

CSCsa83219

Symptoms: Configuring an SDCC interfaces on a 2xOC48 POS SPA on the Cisco 12000 Series platform causes the router to display the following error message.

"%EELC_QOS_RES_MGR-3-HW_IDB_INDEX_TO_TX_PORT_MAPPING_FAILED:
Mapping of hwidb_index to tx_port failed. hwidb_index = 5"
 
   

The message is displayed every time and SDCC interface is configured for this SPA. There is no other adverse effect other than the message being displayed.

Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(32)S.

Workaround: There is no workaround.

CSCsc45827

Symptoms: T1/e1 stay up when BERT is running.

Conditions: BERT once started, cannot be stopped.

Workaround: Reload the SPA.

CSCsd97412

Symptoms: LC gets reset.

Conditions: SPABRG generates excessive interrupts.

Workaround: There is no workaround.

CSCse34197

Symptoms: Ping fails to remote CE.

Conditions: This symptom occurs after edge interface on a PE is micro reloaded, for example 4t3/e3 serial interface with PPPoMPLS AToM circuit.

Workaround: Try one of the following workarounds:

1. Reload the SPA.

2. Remove and reapply xconnect configuration.

CSCse85151

Symptoms: Cisco Catalyst 4500 Supervisors and Cisco Catalyst 4948 that are running Cisco IOS Release 12.2(31)SG crash when one of the following commands are issued:

- show buffers all - show buffers assigned - show buffers input-interface

Conditions: This symptom occurs when one of the following commands is issued:

- show buffers all - show buffers assigned - show buffers input-interface

Workaround: Do not use any of the above commands. For troubleshooting high CPU issues use the steps indicated in the following tech tip instead:

http://www.cisco.com/warp/public/473/cat4500_high_cpu.html

CSCse92201

Symptoms: The following traceback is observed:

SLOT 2: Aug 31 21:41:09.908: %SW_MGR-3-CM_ERROR: Connection Manager Error - provision 
segment failed [ADJ:FR:1774000] - no interface available.
-Traceback= 6010C364 6010C8C0 60819570 60819610 60781D4C 608171E0 60829C4C 60829D0C 
60817A9C 60817C2C 6080A4B0 60829C4C 60829D0C 6080B058 60806A30 608098E4
 
   

Conditions: Reload the router.

Workaround: There is now workaround.

CSCsf97715

Symptoms: When both ACL and SNF are configured on one 3GE-GBIC-SC, SNF cannot work, and the CPU usage is high.

Conditions: This problem appears in Cisco IOS Release 12.0(28.4)S1 and is not seen in previous releases.

Workaround: Keep only one feature on the LC or downgrade IOS.

CSCsg86567

Symptoms: When reloading a Cisco 7500 router (lsnt-ap-pe) with Cisco IOS Release 12.0(32)S5, several IDBINDEX_SYNC-3-IDBINDEX_ENTRY_LOOKUP and tracebacks occur in the standby log.

Conditions: This symptom has been observed on a Cisco 7500 router platform with MVPN configured.

Workaround: There is no workaround.

CSCsh20034

Symptoms: IPv6 traffic drops (in 6PE scenario) on PE (core facing interface). IPv6 version errors are also seen.

Conditions: This symptom is seen in Engine3 line card. This issue is seen in Cisco IOS Release 12.0(33)S and Release 12.0(32)SY2 images.

Workaround: Use the hw-module reload command.

CSCsh51418

Symptoms: The following message may be seen on manual RP switchover in SSO mode:

%FM-2-BAD_TLV: Error in internal messaging - bad tlv 0
 
   

Conditions: This is Observed on Cisco 12000 series router with SSO S/w and IPv6 ACL(with Traffic).

Workaround: There is no workaround.

CSCsh51580

Symptoms: On the E3 line card "non channelized 4 port OC12 -- 4OC12X/POS" when an IPv6 ACL is applied on an outgoing interface to match on "Routing" extension header, it will instead match on "Fragments" extension header.

Conditions: The same behavior is seen on E3 line card "Channelized OC12 CHOC12" on both incoming and outgoing interface.

Workaround: Match on "Routing" extension header, or match on "Fragments" extension header.

CSCsh51907

Symptoms: The following may be seen on physical OIR of a SPA-4XT3/E3 from a SIP-501 linecard:

%SPA_PLUGIN-4-LED_WRITE: SPA-4XT3/E3[8/2]: LED write failed for port 1, status 3.

Conditions: This symptom is observed on a Cisco 12000 series router that runs the c12kprp-p-mz image of Cisco IOS Release 12.0(32)SY2

Workaround: There is no workaround

CSCsh88212

Symptoms: BGP Neighbor drop after receiving a high rate of MCAST traffic without previously defined state.

Conditions: 100K PPS of Mcast arriving at input interface on a GSR E5 card causing neighbor loss.

Workaround: There is no workaround.

CSCsi01578

Symptoms: The MAC address on standby are 0 in RPR+.

Conditions: This symptom has been observed when doing RPR+ switchover. The traffic is lost.

Workaround: No workaround.

CSCsi30873

Symptoms: VIP crash is seen with dLFIoLL and QoS config on MCT3

Conditions: Occurs when using shut/no shut on a multilink interface through which traffic is flowing. Also occurs when clear interface multilink # command is issued.

Workaround: There is no workaround.

Further Problem Description: IPv6 Traffic is dropping in IPv6-IP tunnel with E2,E3,E4, E5 cards

CSCsi69192

Symptoms: Upon an RPR+ switchover on a PE router followed by a switching of core traffic to an auxiliary interface, some mroutes may not resume traffic.

Conditions: This affects E3 line cards. Line card is core for one vrf and edge for the other

Workaround: There is no workaround.

CSCsi89068

Symptoms: A channelized STM-1 port adapter is not transmitting equal traffic compared to a Multichannel T1/E1 port adapter when links from both port adapters are part of the same multilink interface.

Conditions: The problem is seen under heavy load on the multilink PPP bundle with or without multilink fragmentation enabled.

Workaround: Place all member links from the bundle on the same type of port adapter.

CSCsi89149

Symptoms: After a microcode reload of SPA-1XCHSTM1/OC3 has been executed, the sequence of interfaces as it appears in show run and show ip interface brief is changed.

Conditions: SPA-1XCHSTM1/OC3 is configured on an E5 Line Card. When the router is reloaded and the SPA-1XCHSTM1/OC3 is configured for the first time, the sequence in which the interfaces appears fine. However, when the microcode reload is executed on the LC, the sequence in which the interfaces are displayed is not as expected. It has no other known side effects. Specifically this does not affect the traffic, nor the SNMP interface indexes.

Workaround: Avoid reloading the LC.

CSCsj07189

Symptoms: Using snmpget of an OID using the ifindex value of an interface for its index will result in an error:

snmpget -c <community> -v1 <device> 
IF-MIB::ifDescr.92 Error in packet
Reason: (noSuchName) There is no such variable name in this MIB.
Failed object: IF-MIB::ifDescr.92
 
   

Conditions: This can occur after PAs have been swapped.

Workaround: Use snmpwalk to retrieve the IF-MIB values.

CSCsj12728

Symptoms: Connect the TGN to one of the interface of OC48 SPA. Inject the PAIS alarm and check whether it is reported or not using command the show controller pos x/y/z. Then clear the alarm, immediately after this we can see B3-TCA alarm declared and cleared.

Conditions: The SPA interfaces should be up.

Workaround: There is no workaround

CSCsj17694

Symptoms: Add/remove of MLPP interface can cause mod48 to crash.

Conditions: This is observed with Cisco IOS Release 12.0(32)SY image.

Workaround: There is no workaround.

CSCsj19308

Symptoms: MLPPP/MLFR ping failure on SPA-2/4CT3 or SPA-CH-STM.

Conditions: MLPPP/MLFR configured on SPA-2/4CT3 or SPA-CH-STM.

Workaround: Reload the SPA using the hw-module subslot <slot>/<subslot> reload.

CSCsj32904

Symptoms: When the no bert command is issued to remove a configured bert test before the timer has expired, the bert test may be reset and the slave RSP may also reset

Conditions: Seen in rsp-k4pv-mz-eng-sp.120-31.S2_V2

Workaround: Do not issue no bert, instead change the interval in the bert pattern to 1 and let the test time out naturally. Example: bert pattern 2^20-O153 interval 1

CSCsj37071

Symptoms: All E1 interfaces on a PA-MC-E3 port adapter may flap continuously even after the traffic has been stopped.

Conditions: This symptom is observed on a Cisco Catalyst 6500 series switch and Cisco 7600 series router that have a PA-MC-E3 port adapter when you configure 16 or 128 channel groups on each time slot (that is, time slots 1-31) and then generate traffic just above line rate traffic through all the channel groups. Note that the symptom is not platform-specific.

Workaround: Stop the traffic and reset the E3 controller of the PA-MC-E3 port

adapter.

CSCsj39711

Symptoms: Configuration of "hw-module slot x tcam compile acl no-merge" is missing after OIR of E3 POS card.

Conditions: OIR of POS E3 line card.

Workaround: Enter the command again.

CSCsj47271

Symptoms: The following error message appears while removing an MFR bundle interface:

%FIB-2-IF_NUMBER_ILLEGAL: Attempt to create CEF interface for MFR1 with illegal 
if_number: 0
 
   

Conditions: The error occurs if the MFR bundle interface is removed without removing the member links from the bundle.

Workaround: Remove the MFR bundle, wait approximately 1 minute, then re-add the configuration for the affected MFR bundle.

CSCsj47347

Symptoms: Using CLI to delete a child policy on a Cisco 7500 series router causes the VIP to crash.

Conditions: The router has a hierarchical QoS policy attached to an interface. Traffic is flowing through the QoS policy. There are BGP updates happening on the router. The no policy- map command is executed to delete the child policy. The router is running Cisco IOS Release 12.0(32)S6.

Workaround: There is no workaround.

CSCsj50513

Symptoms: All LCs goes to WAITRTRY state

Conditions: SFC is shut and one LC through which traffic is coming is shut.

Workaround: Reload the router.

CSCsj52025

Symptoms: On enabling/disabling mcast hw-acceleration, the following error occurs:

1d06h: %REDUNDANCY-3-CONFIG_SYNC: Active and Standby lbl configuration out of sync" 
message may be thrown.
 
   

Conditions: rpr-plus, enabling/disabling mcast hw-acceleration.

Workaround: There is no workaround.

CSCsj52280

Symptoms: Using the pos ais-shut configuration may be lost on E3 POS linecard

Conditions: Occurs when following OIR or shutdown of card.

Workaround: There is no workaround.

CSCsj52296

Symptoms: After changing redundancy mode via SNMP on GSR redundancy mode description is missing on SNMP O/P.

Conditions: Only on changing redundancy mode, this does not affect the functionality

Workaround: There is no workaround.

CSCsj58716

Symptoms: Traffic drops occur on egress SIP-X01 interface during congestion.

Conditions: The problem occurs when egress is any SIP-X01 card and there is congestion on the outgoing interface and no default queue-limit is configured explicitly for the traffic class.

Workaround: The problem does not occur when a low limit is configured on the class and WRED is also configured.

CSCsj62100

Symptoms: The show controller psar frfab packet_dump command has no effect.

Conditions: This command is used to capture corrupt packet data when assembler RP detects it.

Workaround: There is no workaround.

CSCsj62309

Symptoms: Unexpected flows are seen on a GSR configured with aggregate netflow and acting as a provider edge router (PE). The unexpected flows is seen in the output direction of the CE-facing interface (vrf interface).

Conditions: When traffic is generated (FTP, UDP, ICMP), we can observe strange flows of IP precedence 5 (TOS A0). If there is no traffic flowing through, then the flows are not seen. The router runs Cisco IOS Software 12.0(32)S6. Both ingress and egress linecards are ISE Engine 3 linecards. The P-facing interfaces are bundled in a port-channel.

Workaround: There is no known workaround and this impacts customer billing.

Further Problem Description: The flows can be seen through the following command:

clk15ra#execute-on slot 3 sh ip cac ver flow agg as-tos | i Gi3/1.999 ========= Line 
Card (Slot 3) ========= Gi3/1.999 0 PortCh1 0 00 64 121K 46 147.2 Gi2/0 0 Gi3/1.999* 0 
00 96 238K 1300 144.6 Gi2/0 0 Gi3/1.999* 0 A0 76 3996 442 115.8 >>> Unexpected 
 
   

CSCsj65683

Symptoms: Wrong channel group obtained from the CLI.

Conditions: Occurs when BERT is run on a channel group.

Workaround: There is no workaround.

CSCsj65713

Symptoms: Following unknown trigger events, a GSR running Cisco IOS version 120(32)S6 may not properly classify PIM MDT-encapsulated multicast traffic via an MQC queueing policy attached to a POS interface on an E3 POS linecard [4OC3X/POS-IR-LC-B=]. This symptom can be observed via executing the show policy-map interface POS X/Y command while multicast traffic with non-zero IP Precedence or DSCP Value is exiting the interface.

Conditions: The issue is observed on MDT encapsulated GRE multicast tunnel packets on a P router in an MPLS core. The P router's failing Line-Card is 4OC3X/POS-IR-LC-B= and the P router is running Cisco IOS version c12kprp-p-mz.120-32.S3.

Workaround: There is no workaround.

CSCsj66400

Symptoms: Tracebacks and error messages seen on E2 POS LC when changing from the encap from FR-HDLC encap

Conditions: Occurs when unconfiguring the Frame-relay interfaces to the default encap HDLC.

Workaround: There is no workaround.

CSCsj68219

Symptoms: Tracebacks and error messages are seen.

Conditions: Occurs when configuring SR APS.

Workaround: There is no workaround.

CSCsj72032

Symptoms: COPP fails after LC is reloaded.

Conditions: Occurs when LC should be reloaded.

Workaround: There is no workaround.

CSCsj72234

Symptoms: The standby crashes when the 3-port Gigabit ethernet card is in admin down state after a switchover has happened

Conditions: The 3 port Gigabit Ethernet Card has to be in admin down mode and then 2 switchovers need to be done to get into this situation.

Workaround: Use the no hardware-module slot <x> shut command on the LC and admin shut it again.

CSCsj74724

Symptoms: When the router is in transit mode (SRP shut down), the show controllers command will behave as follows:

LOS, LOF, and RDI signals are reported as if the SRP interface were up

Active defects are detected properly (SLOS SLOF PLOP) as if the SRP interface were up

Active defects will not get cleared even if the issue goes away until the SRP is brought up

FEBE messages are not reported

Conditions: Occurs on a Cisco 10720 Router with SRP card in shutdown mode.

Workaround: Use no shut command on the SRP interface without assigning it an IP address.

CSCsj77669

Symptoms: GRP may crash continuously on reload if a MFR interface in the router has bfd neighbor command configured.

Conditions: Occurs when bfd neighbor command is configured on MFR interface.

Workaround: Issue send brk from "telnet>" prompt and boot the router with a boot image. Then remove the "bfd neighbor" config from MFR and reload the router with the regular image.

CSCsj77998

Symptoms: BFD sessions do not come up on Cisco ISR routers.

Conditions: BFD sessions remain in down state and do not transition to up state on Cisco ISR routers.

Workaround: There is no workaround.

CSCsj86839

Symptoms: Field diagnostics for a card such as the SIP-401, SIP-501, SIP-601 fails with messages:

"Timeout waiting for Field Diag individual test completion
Field Diagnostic: ****TIMEOUT FAILURE**** slot 4: first test failed: 163,
SPA LPBK damsl, error 0
Field Diag eeprom values: run 44 fail mode 3 (TIMEOUT FAILURE) slot 4
last test failed was 163, error code 0
Shutting down diags in slot 4"
 
   

Moreover, depending upon which verbosity and debugging flags are enabled you may see a series of messages such as:

"Field Diag Misc Services requested for a slot (4) not in Field Diag mode, dropping 
request."
 
   

This occurs until the slot is reloaded with the command hw-module slot # reload

Conditions: This problem occurs when field diagnostics is run on the SPA, "SPA-10x1GE" residing in any Jacket card.

Workaround: There is no workaround.

CSCsj87371

Symptoms: In case that MPLS Traffic Engineering Tunnel (TE Tunnel) and Fast Reroute (FRR) are configured on 12000 Series router, FRR backup Tunnel does not restore MPLS LDP/TDP encapsulating packets inputting from Engine 4 Line Card.

Conditions: When Next hop is Head-end LDP/TDP over TE Tunnel and FRR become active, the labeled packets are not protected by the backup TE Tunnel so it causes continuous packet drop until new path is installed.

Workaround: There is no workaround.

CSCsj89407

Symptoms: The tx-ring-limit value configured in PA-2CT3 may reset to its default value.

Conditions: Occurs while doing soft OIR of PA-2CT3.

Workaround: There is no workaround.

CSCsj90463

Symptoms: Holddown timer value is different in "show bfd nbr detail" and "show bfd neighbor". The detailed output of "show bfd neighbor" command displayed holddown timer value for async mode where as the summarized output showed the holddown timer value for echo mode. Change had to be made to have holddown field in both summarized and detailed output of "show bfd neighbor" to display same value.

Conditions: When holddown value in "show bfd summary" and "show bfd neighbor detail" are compared.

Workaround: There is no workaround.

CSCsj91286

Symptoms: This issue is a traceback seen on boot when upgrading or downgrading an image. The traceback seen is:

'%MBUS_C2W-3-SPA_UNKNOWN_C2W_DEVICE: cannot find SPA's C2W device for slot:', and 
running config for all SPA's may be lost from an engine 5 card.
 
   

Conditions: This issue is due to the Mbus Agent ROM and Mbus Agent RAM.

Workaround: Copy the startup configuration to the running configuration.

CSCsj93388

Symptoms: 12000-SIP-501 reloads with the following error message:

%RP-3-FABPINGTIMEOUT: Fabric ping timeout
 
   

Conditions: This problem is seen when executing the following commands

Router#attach <slot number>
LC-SlotX>show controllers tofab queues outputq 0 2303 drr 
 
   

Workaround: Enter valid queue numbers for "start_q" and "end_q" values in the command. Valid Queues are as follows.

0 - 2047 (Low Priority ToFab Unicast Queues)

2048 - 2055 (ToFab Multicast Queues)

2176 - 2191 (High Priority Tofab Unicast Queues).

The problem is not seen when DRR information is read for valid queues.

CSCsj94561

Symptoms: A router may crash because of a bus error when you perform an OIR of a PA-MC-8TE1+ port adapter or when you enter the hw-module slot slot-number stop command for the slot in which the PA-MC-8TE1+ port adapter is installed.

Conditions: This symptom is observed on a Cisco 7200 series.

Workaround: There is no workaround.

CSCsj97877

Symptoms: When E4P is egress and policing is configured in the policy, matching ip prec did not match labelled packets and matching exp did not match pure IP packets.

Conditions: When E4P is egress and policing is configured in the policy, matching ip prec did not match labelled packets and matching exp did not match pure IP packets.

Workaround: Match exp for labelled packets and ip prec for pure IP packets.

CSCsj98594

Symptoms: SIP-600/601 LC reloads.

Conditions: Occurs on slow path.

Workaround: There is no workaround.

CSCsj98725

Symptoms: The following traceback occurs when some policy/class addition/deletion or interface flaps is done:

SLOT 2:Jan 25 19:13:34 UTC: ee192_tx_q_cleanup_guts(): EE_QM_QOS_INTERNAL_ERROR
 
   

Conditions: It happens when some policy or class addition/deletion or interface flaps is done.

Workaround: Reload the LC to bring the LC-Resources to normal state.

CSCsj98774

Symptoms: When changing the APS mode using aps unidirectional or no aps unidirectional the following error message may be seen:

%SONET-4-APSMM: SONET9/0 (grp 1 chn 0: ACTIVE): APS mode mismatch - switching to 
unidirectional mode
 
   

Conditions: This problem is seen on a Cisco 12416 Internet Series router containing dual channelize OC-48 line cards configured for automatic protection switching. The router is running Cisco IOS Release 12.0(32)S6q.

Workaround: There is no workaround

CSCsk02675

Symptoms: RP crash occurs.

Conditions: Occurs when cef linecard is cleared concurrently with the unprovisioning of the multilink bundle.

Workaround: Do not clear cef linecard and unprovision the bundle at the same time.

CSCsk05059

Symptoms: A spurious access error occurs in tfib_post_table_change_sanity_check () function.

Conditions: This symptom occurs if route is deleted. ROUTE_DOWN event is triggered in tfib_post_table_change() function which in turn calls tfib_post_table_sanity_check(). In that function, spurious access is reported, as the only path of route is down.

Workaround: There is no workaround.

CSCsk06322

Symptoms: "%REDUNDANCY-3-CONFIG_SYNC: Active and Standby lbl configuration out of sync" message may be seen on hw-module shut of spas

Conditions: This is a timing issue and does not occur with debugs enabled.

Workaround: This does not impact service, and there is no workaround.

CSCsk08317

Symptoms: Hardware CHEF entry on line card is incorrect. Incorrect slot is observed by show hip hardware-clef command.

Conditions: The problem occurs on Engine4+ Line Card of Cisco12000 router. The prefix has two next hop with load balancing.

Workaround: Use the clear hip route <prefix> command to correct the problem.

CSCsk08440

Symptoms: E4+ card crashes continuously with following error:

SLOT X:Jul 29 09:40:52.844 UTC: %TX192-3-CPUIF_ERR: Underrun Error:
Read Pointer Crosses
Write Pointer.
-Traceback= 400310C4 411E4614 408E1934 4092B4C8 40A2FE1C 40A304F4
40110920
X=slot number
 
   

Conditions: Packets which have their IP header length corrupted hit the Tx E4+ card, and it causes this fatal error, causing the line card to crash.

Workaround: There is no workaround.

CSCsk14113

Symptoms: This defect has two symptoms:

1. When changing the access lists used in LDP outbound filtering configuration tag-switching advertise-tag for or mpls ldp advertise-label for, it may result in the LSR not advertising label bindings for some prefixes.

2. If tag-switching advertise-tags oldstyle or mpls ldp advertise-labels oldstyle is configured, and the access-list used as prefix-acl in tag-switching advertise-tags [for <prefix-acl>] [to <tsr-acl>] or mpls ldp advertise-labels [for <prefix-acl>] [to <lsr-acl>] has been changed, it may result the LSR not advertise label bindings to or withdraw label bindings from peers as expected.

Conditions: Occurs in the following scenarios:

1. When changing of the access lists cause LDP performing following task:

Withdraw label bindings for some prefixes from a set of peers;

Re-advertise label bindings for these prefixes to the same set of peers;

2. The access-list explicitly permits/denies a prefix (including explicit "permit any" or "deny any") before the change, and after the change it explicitly denies/permits a prefix (including explicit "deny any" or "permit any").

Workaround: For problem 1:

a. After performing the changes of access lists which cause LDP withdraw label bindings, wait for a short time to ensure label bindings have been withdrawn before performing the changes of access lists which cause LDP re-advertise label bindings.

b. If problem already happened, recover it by performing the same changes in a pace as described in a., or toggle "mpls ip" on the interface.

c. Change the access-list name used by prefix-acl.

For problem 2:

a. Remove the access-list completely, with a short time to ensure label bindings have been withdrawn/advertised to all peers as expected, then add back the desired access-list.

b. Toggling "mpls ip" on the interface.

c. Change the access-list name used by prefix-acl.

CSCsk15520

Symptoms: In case that multiple MPLS Traffic Engineering(MPLS-TE) Tunnels and Fast Reroute(FRR) are configured on Cisco 12000 series router, in event of FRR invoking, unaffected MPLS-TE tunnel is also protected by FRR unexpectedly.

Conditions: The MPLS-TE Tunnels are Equal Cost Multipath for BGP Nexthop. Once one of tunnels is restored by FRR, the other tunnel which is not affected may be protected also and the backup Tunnel continue "active" status in FRR database. After FRR invoking and reoptimized to a secondary path, BGP routes are balanced into both one primary tunnel and one backup tunnel which should not be activated.

Workaround: There is no workaround.

CSCsk19661

Symptoms: In a Cisco 7500 HA router in RPR+ Mode when configuring and unconfiguring channel groups under an E1 controller, the router reports the following:

*Aug 22 17:58:34.970: %HA-2-IPC_ERROR: Failed to open peer port. timeout *Aug 22 
17:58:34.974: %HA-3-SYNC_ERROR: CCB sync failed for slot: 1 *Aug 22 17:58:34.974: 
%HA-5-SYNC_RETRY: Reloading standby and retrying sync operation (retry 1).
 
   

and the standby RSP is reloaded.

Conditions: This symptom is observed when configuring and unconfiguring channel groups under an E1 controller.

Workaround: There is no workaround.

CSCsk30567

Symptoms: A GSR with Eng5 line cards may not pass traffic when acting as an ASBR in an inter-as vpn option B setup. The problem happens after the removal of a VRF from the ASBR. The mpls labels advertised on the eBGP peering for the vpnv4 prefixes are not programmed in the line cards so traffic is dropped. The label for a prefix can be seen on the RP, but not on the LCs.

Conditions: When there are lots of prefixes in BGP. Seen with PRP2 with Eng5 line cards.

Workaround: Flapping the affected prefix triggers an update which gets the labels on the LCs.

CSCsk35283

Symptoms: Following error occurs:

%EE48-3-ALPHA_MCAST: Can't assign new hw_mdb
 
   

Conditions: Observed on E3-choc12 Line card with multicast-egress-qos enabled. At least 8 OIF for a VRF mroute on the same LC.

Workaround: Spread the VRF interface distribution so that none of the LC contain more then 7 interfaces.

Further Problem Description: Best known way to recover is through reload of the LC.

CSCsk49685

Symptoms: In an FRR setup, VPNv4 packets are black-holed around 4-5 seconds while the traffic switched over to the backup TE-Tunnel.

Conditions: Problem is seen with Cisco IOS Release 12.0(32)SY4 for VPNv4 traffic ingress to GSR Engine-2 line card.

Workaround: There is no workaround.

Further Problem Description:

Engine-2 linecard incorrectly sets the tunnel label for tunnel-end when the traffic is forwarded to the back-up tunnel. MPLS packets arrives at the tunnel-end with 0 TTL hence they are discarded.

CSCsk53104

Symptoms: RSP is not reused the IDB. When the maximum 2047 IDB is reached after delete and add a channel-group several times, the RSP did not assign the old IDB because is on non-share reuse mode and log the follow messages.

Cisco7507_test#sh idb ifnum
Interface Deleted IfIndex Feature
Se0/0/0:1 36 non-shared reuse,
Se0/0/0:1 21
Se0/0/1:3 37 non-shared reuse,
Se0/0/1:3 22
Se0/0/1:5 38 non-shared reuse,
Se0/0/1:5 23
Se0/0/1:6 39 non-shared reuse,
Se0/0/1:6 24
Se0/0/6:21 227 non-shared reuse,
Se0/0/6:21 69
Se0/0/6:21.16 70
Se0/0/6:28 600 non-shared reuse,
Se0/0/6:28 67
Se0/0/6:28.16 68
RSP logged the follow messages:
===============================
Cisco7507_test(config-controller)#controller E1 6/0/6
Cisco7507_test(config-controller)#no ch 3 timeslots 4
Cisco7507_test(config-controller)# ch 3 timeslots 4
*Sep 13 14:03:15: %FIB-2-HW_IF_INDEX_ILLEGAL: Attempt to create CEF
interface for Serial6/0/6:3 with illegal index: 2049
-Traceback= 403564FC 40278C60 4027B438 402A1E3C 404ECA1C 404DEAC4
*Sep 13 14:03:16: %IPC-5-SLAVELOG: VIP-SLOT6:
Sep 13 14:03:15: %MDS-2-LC_INVALID_INPUT_IF_INDEX: Invalid input
if_index (0x801) for HWIDB allocation exceeds platform_maxinterfaces
 
   

Conditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 120(32)S. This Issue happens only when reconfigure channel-groups.

Workaround: There is no workaround.

CSCsk54203

Symptoms: When an add/drop multiplexer is in bidirectional mode, changing the APS mode using the aps unidirectional or no aps unidirectional commands, there is no APS mode mismatch message seen.

Conditions: This problem is seen on a Cisco 12416 Internet Series router containing dual Channelize OC48 line cards configured for Automatic Protection Switching. The router is booted with Cisco IO S Release 12.0(32)S6q.

Workaround: There is no workaround

CSCsk56496

Symptoms: On router using HA RPR+, after an encapsulation change is done on serial interfaces of channelized port adapters, a reload of slave RSP is called.

Conditions: Encapsulation is changed on channelized interfaces and issue happens when you exit configuration mode.

Workaround: There is no workaround

CSCsk61417

Symptoms: If spa_dmlp_add_bundle(&bndl); in bflc_spa_dmlp_add_bundle_guts() routine failed for first link. The flag bundle->plim_provisioned was set to true, making bundle unusable.

Conditions: This issue occurs when first link failed to be added to the bundle.

Workaround: There is no workaround.

CSCsk64052

Symptoms: When an engine 3 OC48 card is reloaded, PIM neighbors over the default MDT tunnel are lost for VRFs that have interfaces configured on a linecard other than the one which was reloaded.

Conditions: VRFs configured that have interfaces defined on more than one LC might see the default MDT tunnel flap when an LC is reloaded.

Workaround: Do not reload LC.

CSCsk70924

Symptoms: Some Frame-relay interfaces stop forwarding traffic after SPA reload.

Conditions: The issue happens with Frame-relay interfaces configured on a SPA using any of the following SIP on a Cisco 12000 series router:

SIP-401

SIP-501

SIP-601

SIP-600

Workaround: Reload the linecard with the affected interfaces.

CSCsk72704

Symptoms: Tracebacks and spurious memory access occur when MR APS is unconfigured.

Conditions: The direction has to be changed from bidirection to unidirection before unconfiguration.

Workaround: There is no workaround.

CSCsk75759

Symptoms: RP does not boot up if it is power cycled immediately on upgrading the ROMmon.

Conditions: Occurs only with Cisco IOS Release 12.0(33)S-based images.

Workaround: Avoid power cycle of the PRP immediately after the upgrade. Boot IOS after the ROMmon upgrade.

CSCsk76076

Symptoms: There are no netflow data for the traffic received on the port-channel 1. There is netflow data for the traffic received on port-channel 2, but the data match with the traffic from first interface of the bundle. Netflow data are still correct for the traffic sent to a port-channel interface (netflow destination interface).

Conditions: Sampled netflow configured on GSR 12416 router, 2 port-channel configured Upgrade of the IOS from version 12.0(32).S5 to version 12.0(32).S8.

Workaround: There is no workaround.

CSCsk84729

Symptoms: PIM neighbor will no