Table Of Contents
Release Notes for Cisco uBR7100 Series
for Cisco IOS Release 12.2 BCOverview of Cisco Universal Broadband Routers
Cisco uBR7100 Series Universal Broadband Routers
Cisco uBR7111 and Cisco uBR7111E Universal Broadband Routers
Cisco uBR7114 and Cisco uBR7114E Universal Broadband Routers
Universal Broadband Router Overview
Determining Your Software Release
Upgrading to a New Software Release
No New Hardware Features in Release 12.2(15)BC2i
New Software Features in Release 12.2(15)BC2i
No New Hardware Features in Release 12.2(15)BC2h
New Software Features in Release 12.2(15)BC2h
No New Hardware Features in Release 12.2(15)BC2g
New Software Features in Release 12.2(15)BC2g
No New Hardware Features in Release 12.2(15)BC2f
New Software Features in Release 12.2(15)BC2f
No New Hardware Features in Release 12.2(15)BC2e
New Software Features in Release 12.2(15)BC2e
No New Hardware Features in Release 12.2(15)BC2c
New Software Features in Release 12.2(15)BC2c
No New Hardware Features in Release 12.2(15)BC2b
New Software Features in Release 12.2(15)BC2b
Show Controllers Cable Extensions
Source Verify Lease-Query Throttling
No New Hardware Features in Release 12.2(15)BC2a
No New Software Features in Release 12.2(15)BC2a
No New Hardware Features in Release 12.2(15)BC2
New Software Features in Release 12.2(15)BC2
CISCO-NBAR-PROTOCOL-DISCOVERY-MIB
Command-Line Interface (CLI) Enhancements
Extended Upstream Frequency Ranges
IEEE 802.1Q Transparent Lan Service
N+1 Support for Load Balancing
Vendor-Specific Information Field to Authorize Dynamic Service Requests
No New Hardware Features in Release 12.2(15)BC1g
New Software Features in Release 12.2(15)BC1g
No New Hardware Features in Release 12.2(15)BC1f
New Software Features in Release 12.2(15)BC1f
No New Hardware Features in Release 12.2(15)BC1d
New Software Features in Release 12.2(15)BC1d
Source Verify Lease-Query Throttling
No New Hardware Features in Release 12.2(15)BC1c
No New Software Features in Release 12.2(15)BC1c
No New Hardware Features in Release 12.2(15)BC1b
No New Software Features in Release 12.2(15)BC1b
No New Hardware Features in Release 12.2(15)BC1a
No New Software Features in Release 12.2(15)BC1a
No New Hardware Features in Release 12.2(15)BC1
New Software Features in Release 12.2(15)BC1
Command-Line Interface Enhancements
Nonstop Forwarding (NSF) Awareness
Support for Cisco Broadband Troubleshooter Version 3.0
No New Hardware Features in Release 12.2(11)BC3d
No New Software Features in Release 12.2(11)BC3d
No New Hardware Features in Release 12.2(11)BC3c
No New Software Features in Release 12.2(11)BC3c
No New Hardware Features in Release 12.2(11)BC3b
No New Software Features in Release 12.2(11)BC3b
No New Hardware Features in Release 12.2(11)BC3
New Software Features in Release 12.2(11)BC3
Transparent LAN Service over Cable
No New Hardware Features in Release 12.2(11)BC2
No New Software Features in Release 12.2(11)BC2
No New Hardware Features in Release 12.2(11)BC1b
No New Software Features in Release 12.2(11)BC1b
No New Hardware Features in Release 12.2(11)BC1a
No New Software Features in Release 12.2(11)BC1a
No New Hardware Features in Release 12.2(11)BC1
New Software Features in Release 12.2(11)BC1
cable source-verify leasetimer Command
No New Hardware Features in Release 12.2(8)BC2a
No New Software Features in Release 12.2(8)BC2a
No New Hardware Features in Release 12.2(8)BC2
New Software Features in Release 12.2(8)BC2
Adding Load Information and a Timestamp to Show Commands
Display Modem Capabilities with the show cable modem mac Command
Support for the cable modem vendor command
Support for the cable tftp-enforce Command
Support for a Secondary Shared Secret
Enhancement to the show hccp brief Command
Enhancement to the cable filter group Command
New Hardware Features in Release 12.2(8)BC1
New Software Features in Release 12.2(8)BC1
EXEC Commands in Configuration Mode
No New Hardware Features in Release 12.2(4)BC1b
New Software Features in Release 12.2(4)BC1b
Cisco IOS Network-Based Application Recognition (NBAR)
No New Hardware Features in Release 12.2(4)BC1a
No New Software Features in Release 12.2(4)BC1a
New Hardware Features in Release 12.2(4)BC1
PA-T3+ and PA-2T3+ Port Adapter Cards
New Software Features in Release 12.2(4)BC1
PPPoE Termination Support on Cable interfaces
No New Hardware Features in Release 12.2(4)XF1
New Software Features in Release 12.2(4)XF1
Cable Interface Setup Facility
Cable Source Verification Feature
Internal Modem Configuration File Editor
Link Up/Down Traps Support (RFC 2233)
MPLS VPN Support for Subinterfaces
Overlapping Subinterface IP Addresses
Spectrum Management and Dynamic Upstream Modulation
Limitions on Upstream Modulation Parameters for PacketCable VoIP Calls
Cable Modems Becoming Stuck in the TFTP Transfer State
Deprecated and Removed Cable MIB Objects
Using cable helper-address and ip helper-address Commands
Synchronization of the System Clocks
Upgrading When Using Shared Secret Passwords
Avoiding the Dropping of SNMP Traps
Limitation on Vendor-Specific Information in the DOCSIS Configuration File
Hot-Standby 1+1 Redundancy Not Supported
Cable Source-Verify and Routing Configurations
EIGRP, IS-IS, and OSPF Not Supported on Cable Interfaces
Configuring the Routing Protocol Causes a Reset of the Cable Modems
Transparent LAN Service over Cable
Open Caveats for Release 12.2(15)BC2i
Closed and Resolved Caveats for Release 12.2(15)BC2i
Open Caveats for Release 12.2(15)BC2h
Closed and Resolved Caveats for Release 12.2(15)BC2h
Open Caveats for Release 12.2(15)BC2g
Closed and Resolved Caveats for Release 12.2(15)BC2g
Open Caveats for Release 12.2(15)BC2f
Closed and Resolved Caveats for Release 12.2(15)BC2f
Open Caveats for Release 12.2(15)BC2e
Closed and Resolved Caveats for Release 12.2(15)BC2e
Open Caveats for Release 12.2(15)BC2c
Closed and Resolved Caveats for Release 12.2(15)BC2c
Open Caveats for Release 12.2(15)BC2b
Closed and Resolved Caveats for Release 12.2(15)BC2b
Open Caveats for Release 12.2(15)BC2a
Closed and Resolved Caveats for Release 12.2(15)BC2a
Open Caveats for Release 12.2(15)BC2
Closed and Resolved Caveats for Release 12.2(15)BC2
Open Caveats for Release 12.2(15)BC1g
Closed and Resolved Caveats for Release 12.2(15)BC1g
Open Caveats for Release 12.2(15)BC1f
Closed and Resolved Caveats for Release 12.2(15)BC1f
Open Caveats for Release 12.2(15)BC1d
Closed and Resolved Caveats for Release 12.2(15)BC1d
Open Caveats for Release 12.2(15)BC1c
Closed and Resolved Caveats for Release 12.2(15)BC1c
Open Caveats for Release 12.2(15)BC1b
Closed and Resolved Caveats for Release 12.2(15)BC1b
Open Caveats for Release 12.2(15)BC1a
Closed and Resolved Caveats for Release 12.2(15)BC1a
Open Caveats for Release 12.2(15)BC1
Closed and Resolved Caveats for Release 12.2(15)BC1
Open Caveats for Release 12.2(11)BC3d
Closed and Resolved Caveats for Release 12.2(11)BC3d
Open Caveats for Release 12.2(11)BC3c
Closed and Resolved Caveats for Release 12.2(11)BC3c
Open Caveats for Release 12.2(11)BC3b
Closed and Resolved Caveats for Release 12.2(11)BC3b
Open Caveats for Release 12.2(11)BC3
Closed and Resolved Caveats for Release 12.2(11)BC3
Open Caveats for Release 12.2(11)BC2
Closed and Resolved Caveats for Release 12.2(11)BC2
Open Caveats for Release 12.2(11)BC1b
Closed and Resolved Caveats for Release 12.2(11)BC1b
Open Caveats for Release 12.2(11)BC1a
Closed and Resolved Caveats for Release 12.2(11)BC1a
Open Caveats for Release 12.2(11)BC1
Closed and Resolved Caveats for Release 12.2(11)BC1
Open Caveats for Release 12.2(8)BC2a
Closed and Resolved Caveats for Release 12.2(8)BC2a
Open Caveats for Release 12.2(8)BC2
Closed and Resolved Caveats for Release 12.2(8)BC2
Open Caveats for Release 12.2(8)BC1
Closed and Resolved Caveats for Release 12.2(8)BC1
Open Caveats for Release 12.2(4)BC1b
Closed and Resolved Caveats for Release 12.2(4)BC1b
Open Caveats for Release 12.2(4)BC1a
Closed and Resolved Caveats for Release 12.2(4)BC1a
Open Caveats for Release 12.2(4)BC1
Closed and Resolved Caveats for Release 12.2(4)BC1
Open Caveats for Release 12.2(4)XF1
Closed and Resolved Caveats for Release 12.2(4)XF1
Cisco IOS Software Documentation Set
Release 12.2 Documentation Set
Obtaining Technical Assistance
Release Notes for Cisco uBR7100 Series
for Cisco IOS Release 12.2 BC
November 2, 2005
Cisco IOS Release 12.2(15)BC2i
OL-2774-20
These release notes for the Cisco uBR7100 series universal broadband routers document the cable-specific, early deployment 12.2 BC train, describing the enhancements and caveats provided in Cisco IOS Release 12.2(15)BC2i. This release includes features in previous Cisco IOS 12.2BC Releases. Cisco IOS Release 12.2(15)BC2g is a child of Cisco IOS Release 12.2(15)T.The 12.2 BC train is an interim release train that provides DOCSIS 1.1 two-way support, along with support for selected new features. Cisco IOS Release 12.2(15)BC2i provides a migration path from the earlier 12.2 XF releases, which included a selected subset of the features supported for the Cisco uBR7100 series routers in Cisco IOS Release 12.0 SC, Cisco IOS Release 12.1 EC, and Cisco IOS Release 12.1(7)CX1.
These release notes are updated with each release in the train. For a list of the software caveats that apply to Cisco IOS Release 12.2(15)BC2i, see the "Caveats" section and Caveats for Cisco IOS Release 12.2 T. Use these release notes in conjunction with the cross-platform Release Notes for Cisco IOS Release 12.2 T located on Cisco.com and the Documentation CD-ROM.
Note Cisco IOS Release 12.2(15)BC2i does not include support for telco-return images.
Cisco recommends that you view the field notices for this release to see if your software or hardware platforms are affected. If you have an account on Cisco.com, you can find field notices at http://www.cisco.com/warp/customer/770/index.shtml. If you do not have a Cisco.com login account, you can find field notices at http://www.cisco.com/warp/public/770/index.shtml.
Contents
These release notes describe the following topics:
•MIBs
•Obtaining Technical Assistance
Inheritance Information
Cisco IOS Release 12.2(15)BC2i is an early deployment release that is a child of Cisco IOS Release 12.2(15)T. All features in Cisco IOS Release 12.2(15)T and specifically all features and caveats in Cisco IOS Release 12.2(15)T6 are in Cisco IOS Release 12.2(15)BC2i.
Table 1 References for the Cross-Platform Release Notes for Cisco IOS Release 12.2 T
Topic Location•Determining the Software Version
•Upgrading to a New Software Release
To view information about the topics in the left-hand column, click Cross-Platform System Requirements at: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122relnt/xprn122t/122treqs.htm
•New and Changed Information (Feature Descriptions)
•MIBs
•Important Notes
To view information about the topics in the left-hand column.
For Cisco IOS Release 12.2 T, go to:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122relnt/xprn122t/122tnewf.htm
Scroll down and click New Hardware and Software Features in Cisco IOS Release 12.2(15)T, or MIBs, or Important Notes.
•Related Documentation
•Obtaining Documentation
•Obtaining Technical Assistance
To view information about the topics in the left-hand column, go to:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122relnt/xprn122t/122tdocs.htm
Introduction
For information on new features and the Cisco IOS documentation set supported by Cisco IOS Release 12.2(15)BC2i, see the "New and Changed Information" section and the "Related Documentation" section.
Overview of Cisco Universal Broadband Routers
The Cisco uBR7100 series universal broadband routers—the Cisco uBR7111, Cisco uBR7111E, Cisco uBR7114, and Cisco uBR7114E—are based on the Data-over-Cable Service Interface Specification (DOCSIS) standards and designed to be installed at small cable operators and multiple dwelling unit (MDU) operators to enable them to offer services such as e-mail, high-speed Internet access, voice, and digital video over a bidirectional cable television and IP backbone network. The universal broadband routers function as the cable modem termination system (CMTS) for subscriber-end devices such as Cisco uBR905, Cisco uBR924, and Cisco uBR925 cable access routers, and other DOCSIS-compliant cable modems (CMs) and set-top boxes (STBs).
Both the Cisco uBR7100 series and Cisco uBR7200 series universal broadband routers allow two-way transmission of digital data and Voice over IP (VoIP) traffic over a hybrid fiber-coaxial (HFC) network. The Cisco uBR7100 series routers support IP routing with a wide variety of protocols and WAN interfaces selections.
Cisco IOS Release 12.2(15)BC2i supports the Cisco uBR7111, Cisco uBR7111E, Cisco uBR7114, and Cisco uBR7114E universal broadband routers.
Cisco uBR7100 Series Universal Broadband Routers
The Cisco uBR7100 series routers provide a fixed set of WAN and LAN interfaces with a combination of fixed and modular interfaces, allowing both flexibility and simplicity in configuration. Each Cisco uBR7100 series router includes one modular single-width port adapter, one integrated cable interface with an internal upconverter, and two integrated Fast Ethernet ports. The cable interface is based on the Cisco uBR-MC14C cable interface line card and is not field-replaceable.
The Cisco uBR7100 series routers support IP routing through the following optional WAN and LAN port adapters: Ethernet, Fast Ethernet, serial, High-Speed Serial Interface (HSSI), Packet over SONET (POS) OC-3c, and Asynchronous Transfer Mode (ATM) media. For more information, see Table 6.
Depending on the model, the Cisco uBR7100 series routers support the following two standards:
•Data Over Cable Service Interface Specifications (DOCSIS), which supports the 6 MHz North American channel plans using the ITU J.83 Annex B RF standard. The downstream uses a 6 MHz channel width in the 85 to 860 MHz frequency range, and the upstream supports the 5 to 42 MHz frequency range.
•European Data Over Cable Service Interface Specifications (EuroDOCSIS), which supports the 8 MHz Phase Alternating Line (PAL) and Systeme Electronique Couleur Avec Memoire (SECAM) channel plans using the ITU J.112 Annex A RF standard. The downstream uses an 8 MHz channel width in the 85 to 860 MHz frequency range, and the upstream supports multiple channel widths in the 5 to 65 MHz frequency range.
The Cisco uBR7100 series offers the following models:
•The Cisco uBR7111 and Cisco uBR7111E universal broadband routers provide a cable interface with one downstream port and one upstream port. The downstream port can be output either as an RF signal through the integrated upconverter or as an IF signal for processing by an external upconverter. The Cisco uBR7111 router supports DOCSIS cable plants, and the Cisco uBR7111E supports EuroDOCSIS cable plants.
•The Cisco uBR7114 and Cisco uBR7114E universal broadband routers provide a cable interface with one downstream port and four upstream ports. The downstream port can be output either as an RF signal through the integrated upconverter or as an IF signal for processing by an external upconverter. The Cisco uBR7114 router supports DOCSIS cable plants, and the Cisco uBR7114E supports EuroDOCSIS cable plants.
Cisco uBR7111 and Cisco uBR7111E Universal Broadband Routers
The Cisco uBR7111 and Cisco uBR7111E provide the following major hardware features:
•Integrated network processing engine
•1 upstream cable modem interface
•1 downstream cable modem interface
•2 Fast Ethernet ports
•1 port adapter slot
•1 service adapter slot
•1 AC power supply
•1 Personal Computer Memory Card International Association (PCMCIA) slot that allows for software upgrades through the use of Flash memory cards
Cisco uBR7114 and Cisco uBR7114E Universal Broadband Routers
The Cisco uBR7114 and Cisco uBR7114E provide the following major hardware features:
•Integrated network processing engine
•1 downstream cable modem interface
•4 upstream cable modem interfaces
•2 Fast Ethernet ports
•1 port adapter slot
•1 service adapter slot
•1 AC power supply
•1 Personal Computer Memory Card International Association (PCMCIA) slot that allows for software upgrades through the use of Flash memory cards
Universal Broadband Router Overview
Table 2 provides a quick overview of the major hardware features of the two universal broadband routers.
Early Deployment Releases
These release notes describe the Cisco uBR7100 series universal broadband routers for Cisco IOS Release 12.2(15)BC2i. Release 12.2 XF is an early deployment (ED) release based that contains fixes to software caveats as well as support for new Cisco hardware and software features. Feature support is cumulative from release to release, unless otherwise noted.
Cisco IOS Release 12.2(15)BC2i supports a selected subset of the hardware and software features that were released in Cisco IOS Release 12.1 EC for the Cisco uBR7100 series universal broadband routers. Table 3 lists the features supported by the Cisco uBR7100 series in Cisco IOS Release 12.2(15)BC2i.
Table 3 Early Deployment (ED) Releases for the Cisco uBR7100 Series
ED Release Hardware Features Hardware
AvailabilityCisco IOS Release 12.2(15)BC2i
None
None
—
Cisco IOS Release 12.2(15)BC2h
None
None
—
Cisco IOS Release 12.2(15)BC2g
None
None
—
Cisco IOS Release 12.2(15)BC2f
None
None
—
Cisco IOS Release 12.2(15)BC2e
None
None
—
Cisco IOS Release 12.2(15)BC2c
None
None
—
Cisco IOS Release 12.2(15)BC2b
•Cable Arp Filter Enhancement
•Show Controllers Cable Extensions
•Source Verify Lease-Query Throttling
None
—
Cisco IOS Release 12.2(15)BC2a
None
None
—
Cisco IOS Release 12.2(15)BC2
•Cable ARP Filter
•CISCO-NBAR-PROTOCOL-DISCOVERY-MIB
•Command-Line Interface (CLI) Enhancements
•DOCS-IF-MIB Update
•DOCSIS Set-Top Gateway
•Extended Upstream Frequency Ranges
•IEEE 802.1Q Transparent Lan Service
•N+1 Support for Load Balancing
•PacketCable Enhancements
•Vendor-Specific Information Field to Authorize Dynamic Service Requests
None
—
Cisco IOS Release 12.2(15)BC1g
•None
None
—
Cisco IOS Release 12.2(15)BC1f
•None
None
—
Cisco IOS Release 12.2(15)BC1d
•Source Verify Lease-Query Throttling
None
—
Cisco IOS Release 12.2(15)BC1c
•Cable ARP Filter
None
—
Cisco IOS Release 12.2(15)BC1b
None
None
—
Cisco IOS Release 12.2(15)BC1a
None
None
—
Cisco IOS Release 12.2(15)BC1
•Command-Line Interface Enhancements
•Dynamic Shared Secret
•Nonstop Forwarding (NSF) Awareness—BGP, OSPF, and Integrated IS-IS
•Subscriber Traffic Management
•Support for Cisco Broadband Troubleshooter Version 3.0
None
—
Cisco IOS Release 12.2(11)BC3d
None
None
—
Cisco IOS Release 12.2(11)BC3c
None
None
—
Cisco IOS Release 12.2(11)BC3b
None
None
—
Cisco IOS Release 12.2(11)BC3
•Transparent LAN Service over Cable
•clear cable modem Commands
•debug cable Commands
None
—
Cisco IOS Release 12.2(11)BC2
None
None
—
Cisco IOS Release 12.2(11)BC1b
None
None
—
Cisco IOS Release 12.2(11)BC1a
None
None
—
Cisco IOS Release 12.2(11)BC1
•Support for the cable source-verify leasetimer Command
None
—
Cisco IOS Release 12.2(8)BC2a
None
None
—
Cisco IOS Release 12.2(8)BC2
•Adding Load Information and a Timestamp to Show Commands
•Display Modem Capabilities with the show cable modem mac Command
•Support for the cable modem vendor Command
•Support for the cable tftp-enforce Command
•Support for a Secondary Shared Secret
•Enhancement to the show hccp brief Command
•Enhancement to the cable filter group Command
None
—
Cisco IOS Release 12.2(8)BC1
•EXEC Commands in Configuration Mode
•Secure Shell (SSH)
•Support for the PA-A3-E3 port adapter card
Now
Cisco IOS
Release 12.2(4)BC1b•Baseline Privacy Interface Plus (BPI+)
•Cisco IOS Network-Based Application Recognition (NBAR)
•Turbo ACL
•SNMP Cable Modem Remote Query
None
—
Cisco IOS
Release 12.2(4)BC1•PPPoE3 Termination
•Support for PA-T3+ and PA-2T3+ port adapters
Now
Cisco IOS
Release 12.2(4)XF1•DOCSIS 1.0 Support
•DOCSIS 1.0+ Support
•DOCSIS 1.1 Support, including:
–TLV4 Parser Support
–BE5 , UGS6 , UGS-AD7 , rtPS8 Service Flows
–DSC9 Service Flow, Classifier, and PHS10
–Fragmentation
–Concatenation
–PHS
–DS11 Classification and Queuing
•Cable Intercept Command
•Cable Interface Setup Facility
•DHCP/TOD/TFTP12 Server Support
•Cable Subinterface Support
•Access Lists
•Spectrum Management and Dynamic Upstream Modulation
•Cable Source Verification Feature
•MPLS13 VPN14 Support for Subinterfaces
•Dynamic Mobile Hosts Feature
•IP NAT/PAT15 Translation
•Internal Modem Configuration File Editor
•Cable Flap List
•Cable ARP16 and Proxy ARP Support
•Cable Downstream Frequency Override CLI17
•MAX-CPE CLI override
None
Now
1 Only major features are listed.
2 MIB = Management Information Base
3 PPPoE = Point-to-Point Protocol over Ethernet
4 TLV = Type/Length/Value
5 BE = Best Effort
6 UGS = Unsolicited Grant Service
7 UGS-AD = Unsolicited Grant Service with Activity Detection
8 rtPS = Real-Time Polling Service
9 DSC = Dynamic Service Change
10 PHS = Payload Header Suppression
11 DS = Downstream
12 DHCP = Dynamic Host Configuration Protocol, TOD = Time of Day, TFTP = Trivial File Transfer Protocol
13 MPLS = Multiprotocol Label Switching
14 VPN = Virtual Private Network
15 NAT/PAT = Network Address Translation/Port Address Translation
16 ARP = Address Resolution Protocol
17 CLI = command line interface
Unsupported Features
Table 4 lists the features that are not supported in Cisco IOS Release 12.2(15)BC2i, along with the most recent, recommended Cisco IOS Release that does support that particular feature for the Cisco uBR7100 series routers.
System Requirements
This section describes the system requirements for Cisco IOS Release 12.2(15)BC2i and includes the following sections:
•Determining Your Software Release
•Upgrading to a New Software Release
Memory Recommendations
Table 5 displays the memory recommendations of the Cisco IOS feature sets for the Cisco uBR7100 series universal broadband routers for Cisco IOS Release 12.2(15)BC2i. Cisco uBR7100 series routers are available with a 16-MB or 20-MB Type II PCMCIA Flash memory card.
The image subset legend for Table 5 is as follows:
•i = IP routing, MPLS-VPN support, and noncable interface bridging, including Network Address Translation (NAT)
•k8 = DOCSIS Baseline Privacy and MPLS-VPN support
•p = IP routing with Intermediate System-to-Intermediate System (IS-IS) and Border Gateway Protocol (BGP); MPLS-VPN support; no NAT
•s = "Plus" features: NAT and Inter-Switch Link (ISL)
Note All images support all of the hardware listed in the "Supported Hardware" section, unless otherwise indicated.
System Interoperability
This section clarifies the operation of certain features in the Cisco uBR7100 series universal broadband routers.
•DOCSIS 1.0 Baseline Privacy
DOCSIS baseline privacy interface (BPI) gives subscribers data privacy across the RF network, encrypting traffic flows between the CMTS and CM. BPI ensures that a CM, uniquely identified by its Media Access Control (MAC) address, can obtain keying material for only those services to which it has authorized access.
To enable BPI, choose software at both the CMTS and CM that support the mode of operation. For the Cisco uBR7100 series software, choose an image with "k8" in its file name or BPI in the feature set description.
The CM must also support BPI. CMs must have factory-installed RSA private/public key pairs to support internal algorithms to generate key pairs prior to first BPI establishment. BPI must be enabled using the DOCSIS configuration file.
Note RSA stands for Rivest, Shamir, and Adelman, inventors of a public-key cryptographic system.
•CM Interoperability
The Cisco uBR7100 series interoperates with DOCSIS (Cisco uBR7111 and Cisco uBR7114) or Euro-DOCSIS (Cisco uBR7111E and Cisco uBR7114E) two-way CMs that support basic Internet access, VoIP, or Virtual Private Networks (VPNs). Cisco IOS Release 12.2(15)BC2i does not support telco-return CMs/STBs.
Also, if you have configured a Cisco cable modem for routing mode and are also using the cable-modem dhcp-proxy nat command on the cable modem, you must configure the corresponding cable interface on the Cisco uBR7100 series router with the cable dhcp-giaddr policy command. Otherwise, the cable interface could flap and the CM could go offline unpredictably.
•DOCSIS 1.0 Extensions
The Cisco uBR7100 series supports the following DOCSIS 1.0 quality of service (QoS) extensions:
–Multi-Service ID (SID) support, allowing the definition of multiple SIDs on the upstream—Voice traffic can be designated on a higher QoS committed information rate (CIR) secondary SID, while data traffic can be forwarded on a best-effort basis on a primary SID. Secondary SIDs are higher QoS CIR-type classes that have a nonzero minimum reserved rate (CIR-type service). These SIDs receive preferential treatment at the CMTS for grants over any tiered best-effort type data SID of that upstream. Reliable operation with voice requires multiple SIDs—at least two per CM to separate voice from data. In DOCSIS 1.0, SIDs are set up statically. When supporting DOCSIS 1.0 extensions, SIDs can be set up statically or dynamically. Both the CMTS and CM must support this capability.
–CM-initiated dynamic MAC messages—Dynamic Service Addition (DSA) and Dynamic Service Deletion (DSD). These messages allow dynamic SIDs to be created and deleted at run-time on a per-VoIP call basis.
–Unsolicited grant service (constant bit rate [CBR] scheduling) on the upstream—This helps provide a higher-quality channel for upstream VoIP packets from an Integrated Telephony Cable Modem (ITCM) such as the Cisco uBR924 cable access router.
–Ability to provide separate downstream rates for any given ITCM, based on the IP-precedence value in the packet—This helps separate voice signaling and data traffic that goes to the same ITCM to address rate-shaping purposes.
–Concatenation—To increase the per-CM upstream throughput in certain releases of software, Cisco uBR7100 series software supports a concatenated burst of multiple MAC frames from a CM that supports concatenation.
Note All DOCSIS 1.0 extensions are activated only when a CM or Cisco uBR924 that supports these extensions solicits services via dynamic MAC messages or the feature set. If the CMs in your network are pure DOCSIS 1.0-based, they will receive regular DOCSIS 1.0 treatment from the CMTS.
Supported Hardware
Cisco IOS Release 12.2(15)BC2i supports the following Cisco uBR7100 series routers:
•Cisco uBR7111
•Cisco uBR7114
•Cisco uBR7111E
•Cisco uBR7114E
Port Adapter Cards
Table 6 lists and describes the port adapters supported by Cisco uBR7100 series routers in Cisco IOS Release 12.2(15)BC2i.
Note Table 6 identifies some port adapters for the Cisco uBR7100 series routers that are in an end-of-life (EOL) stage.
.
Table 6 Cisco uBR7100 Series Port Adapter Releases
WAN Technology Product Number and Description Introduced in Release 1 End-of-LifeEthernet
PA-4E—4-port Ethernet 10BASE-T port adapter
12.2(4)XF1
No
PA-8E—8-port Ethernet 10BASE-T port adapter
12.2(4)XF1
Yes
Fast Ethernet
PA-FE-TX—1-port 100BASE-TX Fast Ethernet port adapter
12.2(4)XF1
No
PA-FE-FX—1-port 100BASE-FX Fast Ethernet port adapter
12.2(4)XF1
No
PA-2FE-TX—2-port 100BASE-TX Fast Ethernet port adapter
12.2(4)XF1
No
PA-2FE-FX—2-port 100BASE-FX Fast Ethernet port adapter
12.2(4)XF1
No
Serial
PA-E3—1-port high-speed serial E3 interface port adapter
12.2(4)XF1
No
PA-T3—1-port T3 serial interface port adapter
12.2(4)XF1
No
PA-T3+—1-port T3 serial interface port adapter enhanced
12.2(4)BC1
No
PA-2E3—2-port high-speed serial E3 interface port adapter
12.2(4)XF1
No
PA-2T3—2-port T3 serial interface port adapter
12.2(4)XF1
No
PA-2T3+—2-port T3 serial interface port adapter enhanced
12.2(4)BC1
No
PA-4T+—4-port synchronous serial port adapter
12.2(4)XF1
No
PA-4E1G-75—4-port unbalanced (75-ohm) E1-G.703/G.704 synchronous serial port adapter
12.2(4)XF1
No
PA-4E1G-120—4-port balanced (120-ohm) E1-G.703/G.704 synchronous serial port adapter
12.2(4)XF1
No
PA-8T-232—8-port EIA/TIA-232 synchronous serial port adapter
12.2(4)XF1
Yes
PA-8T-V35—8-port V.35 synchronous serial port adapter
12.2(4)XF1
No
PA-8T-X21—8-port X.21 synchronous serial port adapter
12.2(4)XF1
Yes
PA-MC-2T1—2-port multichannel DS1 Integrated Services Digital Network (ISDN) Primary Rate Interface (PRI) single-wide port adapter
12.2(4)XF1
Yes
PA-MC-4T1—4-port multichannel DS1 ISDN PRI single-wide port adapter
12.2(4)XF1
No
HSSI
PA-H—1-port HSSI port adapter
12.2(4)XF1
Yes
PA-2H—2-port HSSI port adapter
12.2(4)XF1
No
ATM
PA-A3-E3—1-port E3 ATM, PCI-based, single-width port adapter, that uses an E3 interface with a coaxial cable BNC connector
12.2(8)BC1
No
PA-A3-OC3MM—1-port OC-3c ATM, PCI-based multimode port adapter
12.2(4)XF1
No
PA-A3-OC3SMI—1-port OC-3c ATM, PCI-based single-mode intermediate reach port adapter
12.2(4)XF1
Yes
PA-A3-OC3SML—1-port OC-3c ATM, PCI-based single-mode long reach port adapter
12.2(4)XF1
No
PA-A3-8T1/IMA—ATM inverse multiplexer over ATM port adapter with 8 T1 ports
12.2(4)XF1
No
Packet over SONET
PA-POS-OC3SMI—1-port OC3 single-mode, intermediate reach port adapter
12.2(4)XF1
No
1 The number in this column indicates the Cisco IOS release in which the interface was introduced in this train.
Determining Your Software Release
To determine the version of Cisco IOS software running on the Cisco uBR7100 series universal broadband router, log in to the router and enter the show version EXEC command:
Router> show versionCisco Internetwork Operating System SoftwareIOS (tm) 12.2 BC Software (ubr7100-k8p-mz), Version 12.2(15)BC2i, RELEASE SOFTWAREUpgrading to a New Software Release
For general information about upgrading to a new software release, see Cisco IOS Upgrade Ordering Instructions located at http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/957_pp.htm.
Feature Set Tables
The Cisco IOS software is packaged in feature sets consisting of software images—depending on the platform. Each feature set contains a specific set of Cisco IOS features.
Table 7 lists the features and feature sets supported by the Cisco uBR7100 series in Cisco IOS Release 12.2(15)BC2i and uses the following conventions:
•Yes—The feature is supported in the software image.
•No—The feature is not supported in the software image.
•In—The number in the "In" column indicates the Cisco IOS release in which the feature was introduced (excluding deferred images). Cisco IOS Release 12.2(4)XF1 is the base release; all features, unless otherwise noted, were introduced in this release.
Note Table 7 might not be cumulative or list all the features in each image. You can find the most current Cisco IOS documentation on Cisco.com. These electronic documents may contain updates and modifications made after the hard-copy documents were printed. If you have a Cisco.com login account, you can find image and release information regarding features prior to Cisco IOS Release 12.2(15)BC2i by using the Feature Navigator tool at http://www.cisco.com/go/fn.
Table 7 Feature List by Feature Sets for Cisco uBR7100 Series Universal Broadband Routers
Feature Feature Set In 1 DOCSIS Two-way with BPI DOCSIS Two-way
IP Plus
with BPI IP RoutingDHCP2 Server
Yes
Yes
DRP3 Server Agent
Yes
Yes
Easy IP (Phase 1)
Yes
Yes
Hot-Standby 1+1 Redundancy
No
No
No
No
IP Type of Service and Precedence for GRE6 Tunnels
Yes
Yes
IP Enhanced IGRP7 Route Authentication
Yes
Yes
MxU Bridging
No
No
Nonstop Forwarding (NSF) Awareness—BGP, OSPF, and Integrated IS-IS
12.2(15)BC1
Yes
Yes
Per-Modem Filters
Yes
Yes
PPPoE Termination
Yes
Yes
Transparent LAN Service over Cable
12.2(11)BC3
Yes
Yes
ManagementCable Interface Setup Facility
Yes
Yes
Cisco Broadband Troubleshooter Version 3.0 Support
12.2(15)BC1
Yes
Yes
Cisco Call History MIB Command Line Interface
Yes
Yes
DOCSIS Ethernet MIB Objects Support (RFC 2665)
Yes
Yes
DOCSIS OSSI8 Objects Support (RFC 2233)
Yes
Yes
Dynamic Ranging Support
Yes
Yes
Enhanced Modem Status Display
Yes
Yes
Enhanced Per-Modem Error Counter
Yes
Yes
Internal Modem Configuration File Editor
Yes
Yes
LinkUp/Down Traps Support (RFC 2233)
Yes
Yes
RF Interface MIB
Yes
Yes
Yes
Yes
MultimediaBidirectional PIM11
No
No
IP Multicast Load Splitting Across Equal-Cost Paths
No
No
IP Multicast over ATM12 Point-to-Multipoint Virtual Circuits
No
No
IP Multicast over Token Ring LANs
No
No
Stub IP Multicast Routing
No
No
Quality of Service252 Operator Configurable QoS Service Profiles for DOCSIS 1.0
Yes
Yes
Admission Control for Load Balancing
Yes
Yes
Admission Control (Including Weighting Functions per QoS Profile)
Yes
Yes
DOCSIS 1.0 Configuration File Editor (IOS CLI-based)
Yes
Yes
Dynamic Upstream Modulation
Yes
Yes
DOCSIS 1.0+13 QoS Enhancements
Yes
Yes
Downstream QoS Handling
Yes
Yes
Downstream Traffic Shaping
Yes
Yes
Dynamic SID Support
Yes
Yes
Dynamic Map-Advance
Yes
Yes
Guaranteed Upstream Minimum Throughput per Modem for DOCSIS 1.0
Yes
Yes
Improved Upstream QoS
Yes
Yes
Multiple SID Support for DOCSIS 1.0+
Yes
Yes
Multiple SID Support for DOCSIS 1.1
Yes
Yes
Multiple SID Support (static only)
Yes
Yes
QoS Configuration
Yes
Yes
QoS Profile Enforcement
Yes
Yes
QoS Profile Management via SNMP, CLI, or Dynamic
Yes
Yes
RTP14 Header Compression
Yes
Yes
Subscriber Traffic Management
12.2(15)BC1
Yes
Yes
Telco Return
No
No
Time of Day (ToD) Server
Yes
Yes
TOS Bit Restamping and TOS-based QoS for DOCSIS 1.0
Yes
Yes
Upstream Address Verification
Yes
Yes
Upstream Traffic Shaping
Yes
Yes
SecurityAutomated Double Authentication
Yes
Yes
BPI and BPI+ Encryption
Yes
Yes
Cable Modem and Multicast Authentication using RADIUS15
No
No
Cable source-verify
Yes
Yes
Cable source-verify DHCP (Including lease-query)
Yes
Yes
Cisco IOS Firewall Enhancements
Yes
Yes
Dynamic Mobile Hosts
Yes
Yes
Dynamic Shared Secret
12.2(15)BC1
Yes
Yes
HTTP16 Security
Yes
Yes
Named Method Lists for AAA17 Authorization & Accounting
Yes
Yes
Per-Modem and Per-Host Access List Support
Yes
Yes
Per-User Configuration
Yes
Yes
Reflexive Access Lists
Yes
Yes
Secure Shell (SSH)
Yes
Yes
SNMP Access Lists (Including Logging Feature)
Yes
Yes
TACACS+
Yes
Yes
TFTP-enforce
Yes
Yes
Vendor-Proprietary RADIUS Attributes
No
No
SwitchingFast-Switched Policy Routing
Yes
Yes
VPNMPLS VPN Support for Subinterfaces
Yes
Yes
WAN OptimizationPAD18 Subaddressing
Yes
Yes
WAN ServicesBandwidth Allocation Control Protocol (BACP)
Yes
Yes
Enhanced Local Management Interface (ELMI)
Yes
Yes
Frame Relay Enhancements
Yes
Yes
Frame Relay MIB Extensions
Yes
Yes
Frame Relay Router ForeSight
Yes
Yes
ISDN19 Advice of Charge
Yes
Yes
ISDN Caller ID Callback
Yes
Yes
ISDN Multiple Switch Type
Yes
Yes
ISDN NFAS20
Yes
Yes
Microsoft Point-to-Point Compression (MPPC)
Yes
Yes
Yes
Yes
VPDN23 MIB and Syslog Facility
Yes
Yes
X.25 Enhancements
Yes
Yes
Yes
Yes
1 The number in the "In" column indicates the Cisco IOS release in which the feature was introduced in this release train. If a cell in this column is empty, the feature was included in the initial base release.
2 DHCP = Dynamic Host Configuration Protocol
3 DRP = Director Response Protocol
4 HSRP = Hot-Standby Routing Protocol
5 ISL = Inter-Switch Link
6 GRE = generic routing encapsulation
7 IGRP = Interior Gateway Routing Protocol
8 OSSI = Operations Support System Interface
9 SNMPv2 = Simple Network Management Protocol version 2
10 SNMPv3 = Simple Network Management Protocol version 3
11 PIM = Protocol Independent Multicast
12 ATM = Asynchronous Transfer Mode
13 The DOCSIS 1.0+ QoS Enhancements is a set of Cisco's Quality of Service extensions to DOCSIS 1.0 to enable basic VoIP service over the DOCSIS link before DOCSIS 1.1 becomes available. The main enhancements include support for dynamic creation and teardown of flows during voice calls, support for one new unsolicited grant service (UGS) slot scheduling mechanism for voice slots, and per IP-precedence rate shaping on the downstream.
14 RTP = Real-Time Transport Protocol
15 RADIUS = Remote Access Dial-In User Service
16 HTTP = Hypertext Transfer Protocol
17 AAA =authentication, authorization, and accounting
18 PAD = packet assembler/disassembler
19 ISDN = Integrated Services Digital Network
20 NFAS = non-facility-associated signaling
21 BRI = Basic Rate Interface
22 PRI = Primary Rate Interface
23 VPDN = virtual private dial-up network
24 PVC = permanent virtual circuit
25 SVC = switched virtual circuit
New and Changed Information
The following sections list the new hardware and software features supported by the Cisco uBR7100 series routers for Cisco IOS Release 12.2(15)BC2i. These sections also show the features inherited from Release 12.2(4)XF1 and other earlier releases.
No New Hardware Features in Release 12.2(15)BC2i
There are no new hardware features in Cisco IOS Release 12.2(15)BC2i.
New Software Features in Release 12.2(15)BC2i
There are no new software features in Cisco IOS Release 12.2(15)BC2i.
No New Hardware Features in Release 12.2(15)BC2h
There are no new hardware features in Cisco IOS Release 12.2(15)BC2h.
New Software Features in Release 12.2(15)BC2h
There are no new software features in Cisco IOS Release 12.2(15)BC2h.
No New Hardware Features in Release 12.2(15)BC2g
There are no new hardware features in Cisco IOS Release 12.2(15)BC2g.
New Software Features in Release 12.2(15)BC2g
There are no new software features in Cisco IOS Release 12.2(15)BC2g.
No New Hardware Features in Release 12.2(15)BC2f
There are no new hardware features in Cisco IOS Release 12.2(15)BC2f.
New Software Features in Release 12.2(15)BC2f
There are no new software features in Cisco IOS Release 12.2(15)BC2f.
No New Hardware Features in Release 12.2(15)BC2e
There are no new hardware features in Cisco IOS Release 12.2(15)BC2e.
New Software Features in Release 12.2(15)BC2e
There are no new software features in Cisco IOS Release 12.2(15)BC2e.
No New Hardware Features in Release 12.2(15)BC2c
There are no new hardware features in Cisco IOS Release 12.2(15)BC2c.
New Software Features in Release 12.2(15)BC2c
There are no new software features in Cisco IOS Release 12.2(15)BC2c.
No New Hardware Features in Release 12.2(15)BC2b
There are no new hardware features in Cisco IOS Release 12.2(15)BC2b.
New Software Features in Release 12.2(15)BC2b
The following software features are new in Cisco IOS Release 12.2(15)BC2b.
Cable Arp Filter Enhancement
The ip-requests-filtered option was added to the show cable arp-filter command to display the specific Service IDs (SIDs) that are generating or forwarding a minimum number of ARP packets.
Show Controllers Cable Extensions
The Show Controllers Cables Extensions feature has been supported for Cisco IOS Release 12.2(15)BC2b.
In this feature, the mem-stats, memory, proc-cpu, and tech-support keywords execute the related command on the processor that runs on are added to obtain the relevant information from the onboard processor on Broadband Processing Engine (BPE) cable interface line cards, such as the Cisco uBR-MC16U/X, Cisco uBR-MC28U/X, and Cisco uBR-MC5X20S/U cards. This allows the user to obtain information that is specific for that particular cable interface card, as opposed to having to run these commands on the entire router.
Source Verify Lease-Query Throttling
When the cable source-verify dhcp and no cable arp commands are configured on a cable interface, problems can occur when viruses, denial of service (DoS) attacks, and theft-of-service attacks begin scanning a range of IP addresses, in an attempt to find unused addresses. When the Cisco CMTS router is verifying unknown IP addresses, this type of scanning generates a large volume of DHCP lease queries, which can result in a number of problems, such as dropped packets and high CPU utilization of both the Cisco CMTS router and DHCP server.
To prevent these problems, you can enable filtering of these requests on upstream interfaces, downstream interfaces, or both. When this feature is enabled, the Cisco CMTS allows only a certain number of DHCP LEASEQUERY requests for each service ID (SID) on an interface within the configured interval time period. If a SID generates more lease queries than the maximum, the router drops the excess number of requests until the next interval period begins.
For more information on this feature, see the document "Filtering Cable DHCP Lease Queries", at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122bc/122bc_15/cblsrcvy.htm
Note The Source Verify Lease-Query Throttling feature is only available in Cisco IOS Release 12.2(15)BC1d and Cisco IOS Release 12.2(15)BC2b.
No New Hardware Features in Release 12.2(15)BC2a
There are no new hardware features in Cisco IOS Release 12.2(15)BC2a.
No New Software Features in Release 12.2(15)BC2a
There are no new software features in Cisco IOS Release 12.2(15)BC2a
No New Hardware Features in Release 12.2(15)BC2
There are no new hardware features in Cisco IOS Release 12.2(15)BC2.
New Software Features in Release 12.2(15)BC2
The following software features are new in Cisco IOS Release 12.2(15)BC2.
Cable ARP Filter
Cisco IOS Release 12.2(15)BC2 adds support for the cable arp filter command, which enables service providers to filter ARP request and reply packets, to prevent a large volume of such packets from interfering with the other traffic on the cable network. For more information, see the Cable ARP Filtering document, at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122bc/122bc_15/cblarpfl.htmCISCO-NBAR-PROTOCOL-DISCOVERY-MIB
Cisco IOS Release 12.2(15)BC2 adds support for the CISCO-NBAR-PROTOCOL-DISCOVERY-MIB to the Cisco uBR7100 series and Cisco uBR7246VXR universal broadband routers. This allows service providers to use SNMP requests to configure and monitor the Network-Based Application Recognition (NBAR) feature.
For more information about NBAR, see the Network-Based Application Recognition and Distributed Network-Based Application Recognition document, at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t8/dtnbarad.htmFor more information about the CISCO-NBAR-PROTOCOL-DISCOVERY-MIB, see the Network-Based Application Recognition Protocol Discovery Management Information Base document, at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t15/ftpdmib.htmCommand-Line Interface (CLI) Enhancements
Cisco IOS Release 12.2(15)BC2 has enhanced or updated the following commands:
•cable dhcp-giaddr—Supports a new option, strict, that uses the GIADDR IP address as the source IP address in the forwarded DHCP OFFER packet, when using the policy option. By default, the Cisco CMTS changes the source IP address in the DHCPOFFER packet to match that of the primary address on the cable interface. Use the strict option to prevent this behavior, which could interfere with any access lists applied to the CM when the CM is using a different subnet from the cable interface's primary address space.
Caution You cannot use the strict option with the internal DHCP server that is onboard the Cisco CMTS router, because the strict option requires the use of DHCP relay operation, which is not performed by DHCP termination points such as the internal DHCP server.
•cable downstream frequency—Changed to allow the center frequency to be set only in 250 KHz increments. Previously, this command allowed the center frequency to be specified in 125 KHz increments, but this had to be changed to support all of the operational modes of the Broadband Processing Engine (BPE) cards that include integrated onboard upconverters, such as the Cisco uBR-MC16U, Cisco uBR-MC28U, and Cisco uBR-MC5X20S/U.
•cable modem qos profile—Supports a new option, no-persistence, which specifies that the quality-of-service (QoS) profile for a cable modem should not remain in force when the modem reboots. Instead, when a cable modem reboots, it uses the QoS profile specified in its DOCSIS configuration file. The default is without this option, so that the QoS profile remains in force for cable modems across reboots.
•cable primary-sflow-qos11 keep—Specifies whether the Cisco CMTS should preserve the DOCSIS 1.1 service flow traffic counters after a DOCSIS 1.1-provisioned CM goes offline and then comes back online. This allows service providers to track the total usage of CMs over a period of time, regardless of the number of times the CMs go offline and reboot.
•cable service flow qi-rate-limit {all | none | standard | threshold n}—Configures the Cisco CMTS for how it should grant bandwidth requests for extra bandwidth (packets that have the Queue Indicator (QI) bit set) for Unsolicited Grant Service (UGS) service flows.
•cable spectrum-group, cable upstream spectrum-group, show cable spectrum-group—The maximum number of spectrum groups has been increased from 32 to 40.
•cable upstream fragment-force—Specifies the size of DOCSIS 1.1 frames that should be fragmented, as well as the number of fragments that should be created when fragmenting. By default, the Cisco CMTS fragments DOCSIS frames that are 2,000 bytes or larger in size, and it fragments these frames into three equally-sized fragments.
Note On the Cisco uBR-MC5X20S/U cable interface line cards, do not use a fragment size greater than 2,000 bytes. On all other cable interface line cards, do not use a fragment size greater than 3,500 bytes, unless otherwise instructed by a Cisco TAC engineer.
•clear cable hop—Clears the forward error corrections (FEC) hop counters on one or all cable interfaces.
•debug hccp sync cable cpe-management—Displays debugging for SYNC messages that concern CPE-related parameters, such as MAX CPE, MAX CPE IP, and max learnable addresses.
•dir filesystem: and show filesystem:—These commands display a new field that shows the timezone for the file's date and time. The timezone field shows the number of hours the timezone is offset from the Coordinated Universal Time (UTC) timezone. For example:
Router# dir disk0:Directory of disk0:/1 -rw- 5666024 Jan 24 1981 07:20:02 -05:00 ubr7200-kboot-mz.122BC2 -rw- 19445128 Jan 30 2004 10:24:40 -05:00 ubr7200-ik9s-mz.12215BC13 -rw- 19680432 Feb 4 2004 09:17:44 -05:00 ubr7200-ik9s-mz.12215BC24 -rw- 1289 Sep 4 2003 18:53:30 -04:00 startup.cfg5 -rw- 241940 Jan 27 2004 18:07:06 -05:00 system-log47906816 bytes total (2883584 bytes free)Router#•show cable modem verbose—This command now also shows the total time that a particular cable modem has been online.
•show hccp detail—This command now shows separate lists of the critical and non-critical CLI commands that are being synchronized for each Working and Protect interface and subinterface.
For more information on these command changes, see the Cisco Broadband Cable Command Reference Guide, at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/cable/bbccmref/index.htmDOCS-IF-MIB Update
The DOCS-IF-MIB (released as RFC 2670) has been updated to conform to the version 5 of the DOCSIS 2.0 RF MIB Specification (draft-ietf-ipcdn-docs-rfmibv2-05.txt).
DOCSIS Set-Top Gateway
Cisco IOS Release 12.2(15)BC2 supports the initial version of the DOCSIS Set-Top Gateway (DSG) feature, which is an CableLabs specification that allows the Cisco CMTS to provide a class of cable services known as out-of-band (OOB) messaging to set-top boxes (STBs) over existing DOCSIS cable networks. This allows cable Multi-System Operators (MSOs) and other service providers to combine both DOCSIS and STB operations over one, open, vendor-independent network, without requiring any changes to the existing DOCSIS network infrastructure.
For more information about the DSG feature, see the DOCSIS Set-Top Gateway (DSG) for the Cisco CMTS document, at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122bc/122bc_15/ubrdsg.htmExtended Upstream Frequency Ranges
Cisco IOS Release 12.2(15)BC2 adds support for the extended upstream frequency range that is used in cable networks in Japan and other areas. This feature also clarifies the configuration of DOCSIS and EuroDOCSIS networks, so that the router shows only those upstream and downstream frequencies that are valid for each mode of operation.
A new CLI command, cable freq-range, was also added to support this feature on the Cisco uBR-MC16U/X and Cisco uBR-MC28U/X cards. For more information, see the Support for Extended Upstream Frequency Ranges, at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122bc/122bc_15/mclcjfm.htmIEEE 802.1Q Transparent Lan Service
Cisco IOS Release 12.2(15)BC2 enhanced the existing support for Transparent Lan Services (TLS), which allows the Cisco CMTS to create Layer 2 tunnels for traffic to and from cable modems. This allows customers to create their own virtual local area network (VLAN) using any number of cable modems in multiple sites.
In addition to the ATM PVC Mapping, which was previously supported, Cisco IOS Release 12.2(15)BC2 added the ability to map a cable modem's MAC address to an IEEE 802.1Q VLAN on a specific Ethernet interface, so that all traffic from the cable modem is tagged with the specified VLAN ID. Service providers can now map cable modem traffic onto an ATM PVC or onto an Ethernet IEEE 802.1Q VLAN, depending on their customer's specific needs.
For more information on this service, see the Transparent LAN service over Cable document, at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122bc/122bc_11/sidatmpv.htmN+1 Support for Load Balancing
Cisco IOS Release 12.2(15)BC2 supports configuring a cable interface for both load balancing and N+1 HCCP redundancy.
PacketCable Enhancements
Cisco IOS Release 12.2(15)BC2 supports PacketCable operations on the Cisco uBR-MC5X20S/U cable interface line cards on the Cisco uBR10012 router, and on the Cisco uBR-MC16U/X and Cisco uBR-MC28U/X cards on the Cisco uBR7246VXR router.
In addition, cable interfaces can be configured for both PacketCable operations and for N+1 HCCP redundancy. The debug packetcable hccp and show packetcable event commands have been added as part of this support.
Vendor-Specific Information Field to Authorize Dynamic Service Requests
DOCSIS 1.1 cable modems can request additional bandwidth via the DOCSIS 1.1 dynamic services mechanism, by sending dynamic service add (DSA) and dynamic service change (DSC) messages (known collectively as DSX messages). By default, the CMTS grants these requests because a DOCSIS-compliant cable modem does not request services that would violate their provisioned service flows.
However, a cable modem that is using software that is not DOCSIS-compliant, or that is using software that has been hacked to include unauthorized changes that violate the DOCSIS specifications, could use dynamic services requests to obtain bandwidth that the user is not authorized to use. Users could also use dynamic services requests as part of a denial-of-service attack on the cable network.
To prevent this, Cisco IOS Release 12.2(15)BC2 supports including an optional vendor-specific information field (VSIF) in the DOCSIS configuration file to enable or disable DSX requests by the cable modem:
TLV = 43 (VSIF)
SubTLV 12, Length = 1
Value = 0, denies all DSX requests
Value = 1, allows all DSX requests
For example, the following string of decimal digits in the DOCSIS configuration file would enable DSX requests for a cable modem:
43-08-08-03-00-00-12-12-01-01This string translates to the following TLV values:
TLV = 43Length = 08SubTLV = 08Length = 03Value = 00-00-12SubTLV = 12Length = 1Value = 1 (change to 0 to disable DSX requests)By default, all DSX requests are allowed. The show cable modem verbose command has also been enhanced to show whether DSX messages are supported for a particular cable modem. For example, the following excerpt from the command shows the display when a cable modem is allowed to make DSX requests:
Router# show cable modem 0010.7bb3.fcd1 verboseMAC Address : 00C0.7bb3.fcd1IP Address : 10.20.113.2Prim Sid : 1QoS Profile Index : 6Interface : C5/0/U5sysDescr : Vendor ABC DOCSIS 2.0 Cable Modem...Active Classifiers : 0 (Max = NO LIMIT)DSA/DSX messages : permit allDynamic Secret : A3D1028F36EBD54FDCC2F74719664D3FRouter#If DSX requests are not allowed, the DSA/DSX messages line would show "reject all."
Tip We recommend also using the cable dynamic-secret and cable tftp-enforce commands to ensure that users cannot substitute their own DOCSIS configuration file in place of the original file provided by the service provider.
No New Hardware Features in Release 12.2(15)BC1g
There are no new hardware features in Cisco IOS Release 12.2(15)BC1g.
New Software Features in Release 12.2(15)BC1g
There are no new software features in Cisco IOS Release 12.2(15)BC1g.
No New Hardware Features in Release 12.2(15)BC1f
There are no new hardware features in Cisco IOS Release 12.2(15)BC1f.
New Software Features in Release 12.2(15)BC1f
There are no new software features in Cisco IOS Release 12.2(15)BC1f.
No New Hardware Features in Release 12.2(15)BC1d
There are no new hardware features in Cisco IOS Release 12.2(15)BC1d.
New Software Features in Release 12.2(15)BC1d
The following software features are new in Cisco IOS Release 12.2(15)BC1d.
Source Verify Lease-Query Throttling
When the cable source-verify dhcp and no cable arp commands are configured on a cable interface, problems can occur when viruses, denial of service (DoS) attacks, and theft-of-service attacks begin scanning a range of IP addresses, in an attempt to find unused addresses. When the Cisco CMTS router is verifying unknown IP addresses, this type of scanning generates a large volume of DHCP lease queries, which can result in a number of problems, such as dropped packets and high CPU utilization of both the Cisco CMTS router and DHCP server.
To prevent these problems, you can enable filtering of these requests on upstream interfaces, downstream interfaces, or both. When this feature is enabled, the Cisco CMTS allows only a certain number of DHCP LEASEQUERY requests for each service ID (SID) on an interface within the configured interval time period. If a SID generates more lease queries than the maximum, the router drops the excess number of requests until the next interval period begins.
For more information on this feature, see the document "Filtering Cable DHCP Lease Queries", at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122bc/122bc_15/cblsrcvy.htm
Note The Source Verify Lease-Query Throttling feature is only available in Cisco IOS Release 12.2(15)BC1d and Cisco IOS Release 12.2(15)BC2b.
No New Hardware Features in Release 12.2(15)BC1c
There are no new hardware features in Cisco IOS Release 12.2(15)BC1c.
No New Software Features in Release 12.2(15)BC1c
The following software feature is new in Cisco IOS Release 12.2(15)BC1c:
Cable ARP Filter
Cisco IOS Release 12.2(15)BC2 adds support for the cable arp filter command, which enables service providers to filter ARP request and reply packets, to prevent a large volume of such packets from interfering with the other traffic on the cable network. For more information, see the Cable ARP Filtering document, at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122bc/122bc_15/cblarpfl.htmNo New Hardware Features in Release 12.2(15)BC1b
There are no new hardware features in Cisco IOS Release 12.2(15)BC1b.
No New Software Features in Release 12.2(15)BC1b
There are no new software features in Cisco IOS Release 12.2(15)BC1b
No New Hardware Features in Release 12.2(15)BC1a
There are no new hardware features in Cisco IOS Release 12.2(15)BC1a.
No New Software Features in Release 12.2(15)BC1a
There are no new software features in Cisco IOS Release 12.2(15)BC1a
No New Hardware Features in Release 12.2(15)BC1
There are no new hardware features in Cisco IOS Release 12.2(15)BC1.
New Software Features in Release 12.2(15)BC1
The following software features are new in Cisco IOS Release 12.2(15)BC1.
Command-Line Interface Enhancements
Cisco IOS Release 12.2(15)BC1 supports the following additions and enhancements to the Cisco IOS command-line interface (CLI):
•The cable slfog global configuration command has been added to support a log of deleted service flow entries that is maintained in the DOCSIS-QOS SNMP MIB, which is required by the DOCSIS 2.0 specifications. This command enables service flow logging and configures the number and duration of entries in the log.
•The clear cable modem flap-list command was added to reset a particular cable modem's flap list counters to zero.
•The output for the show cable modem verbose command includes the value of the sysDescr SNMP attribute, as reported by the cable modem. This field shows a value only when the cable modem remote-query command has been enabled.
For a complete description of these commands and the changes, see the Cisco Broadband Cable Command Reference Guide, at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/cable/bbccmref/index.htmDynamic Shared Secret
The Dynamic Shared Secret feature provides service providers a way of providing higher levels of security for their Data-over-Cable Service Interface Specifications (DOCSIS) cable networks, by using randomized, single-use shared secrets to verify the DOCSIS configuration files that are downloaded to each cable modem. The Dynamic Shared Secret feature is enabled using the cable dynamic-secret interface configuration command.
The Dynamic Shared Secret feature automatically creates a unique DOCSIS shared secret on a per-modem basis, creating a one-time use DOCSIS configuration file that is valid only for the current session. This ensures that a DOCSIS configuration file that has been downloaded for one cable modem can never be used by any other modem, nor can the same modem reuse this configuration file at a later time.
This patent-pending feature is designed to guarantee that all registered modems are using only the quality of service (QoS) parameters that have been specified by the DOCSIS provisioning system for that particular modem at the time of its registration.
For information on the Dynamic Shared Secret feature, see the Configuring a Dynamic Shared Secret for the Cisco CMTS document, at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122bc/122bc_15/ubrdmic.htm
Note The Dynamic Shared Secret feature does not affect the use of the original shared secret or secondary shared secrets that are configured using the cable shared-secondary-secret and cable shared-secret commands. If these shared secrets are configured, the Cisco CMTS continues to use them to validate the original DOCSIS configuration file that is downloaded from the TFTP server. If the DOCSIS configuration file fails to pass the original or secondary shared secret verification checks, the cable modem is not allowed to register, and the Dynamic Shared Secret feature is not invoked for that particular cable modem.
Tips Verify that a cable modem is able to register with the Cisco CMTS before enabling the Dynamic Shared Secret feature.
Nonstop Forwarding (NSF) Awareness
The Nonstop Forwarding (NSF) Awareness feature, introduced in Cisco IOS release 12.2(15)T and inherited by Cisco IOS release 12.2(15)BC1, allows customer premises equipment (CPE) routers that are NSF-aware to assist NSF-capable routers perform nonstop forwarding of packets.
The NSF Awareness feature is supported on three IP routing protocols—Border Gateway Protocol (BGP), Open Shortest Path First (OSPF), and Integrated Intermediate System-to-Intermediate System (IS-IS).
BGP NSF Awareness
BGP NSF Awareness assists NSF-capable neighbors to continue forwarding packets during a Stateful Switchover (SSO) operation. The BGP NFS Awareness feature allows an NSF-aware router that is running BGP to forward packets along routes that are already known for a router that is performing an SSO operation.
If you use BGP, you need to enable NSF Awareness using the bgp graceful-restart command in global configuration mode. This procedure enables smooth switchover operations on the Cisco uBR10012 CMTS.
For information on the BGP NSF Awareness feature for Cisco IOS Release 12.2(15)T, refer to the BGP Nonstop Forwarding (NSF) Awareness feature module at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t15/ftbgpnsf.htm
For configuration information, refer to the "Configuring BGP" section in the Cisco IOS IP Configuration Guide, Release 12.2 at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/ipcprt2/1cfbgp.htm
OSPF NSF Awareness
The local router's awareness of NSF allows the integrity and accuracy of the RIB and link state database occurring on the neighboring NSF-capable router to be maintained during the switchover process.
For information on the OSPF NSF Awareness feature for Cisco IOS Release 12.2(15)T, refer to the OSPF Nonstop Forwarding (NSF) Awareness feature module at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t15/ftosnsfa.htm
For configuration information, refer to the "Configuring OSPF" section in the Cisco IOS IP Configuration Guide, Release 12.2 at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/ipcprt2/1cfospf.htm
Integrated IS-IS NSF Awareness
The local router's awareness of NSF allows the integrity and accuracy of the RIB and link state database occurring on the neighboring NSF-capable router to be maintained during the switchover process.
For information on the Integrated IS-IS NSF Awareness feature for Cisco IOS Release 12.2(15)T, refer to the Integrated IS-IS Nonstop Forwarding (NSF) Awareness feature module at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t15/isnsfawa.htm
For configuration information, refer to the "Configuring Integrated IS-IS" section in the Cisco IOS IP Configuration Guide, Release 12.2 at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/ipcprt2/1cfisis.htm
Subscriber Traffic Management
The Subscriber Traffic Management feature allows service providers to identify and control subscribers who exceed the maximum bandwidth allowed under their registered quality of service (QoS) profiles. This feature supplements current techniques such as Network-Based Application Recognition (NBAR) and access control lists (ACLs) to ensure a minority of users do not consume a majority of the cable network's bandwidth.
Current subscriber controls, such as NBAR and ACLs, examine all packets coming into the CMTS. These techniques can curb a large volume of problem traffic, but they are not as effective in dealing with the latest generation of peer-to-peer file-sharing applications that can swamp a network's available bandwidth. The Subscriber Traffic Management feature allows service providers to focus on a minority of potential problem users, without impacting network performance or other users who are abiding by their service agreements.
In addition, when a cable modem goes offline and remains offline for 24 hours, the Cisco CMTS deletes its service flow IDs from its internal databases, and also deletes the modem's traffic counters. This can allow some users to exceed their bandwidth limits, go offline, and come back online with new counters.
The Subscriber Traffic Management feature helps to thwart these types of theft-of-service attacks by implementing a penalty period for cable modems that violate their service level agreements (SLA). Even if the cable modem goes offline, its counters are still reset, but the CMTS continues to enforce the penalty period.
For more information about the Subscriber Traffic Management feature, see the Subscriber Traffic Management for the Cisco CMTS document, at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122bc/122bc_15/ubsubmon.htmSupport for Cisco Broadband Troubleshooter Version 3.0
Cisco IOS Release 12.2(15)BC1 supports version 3.0 of the Cisco Broadband Troubleshooter, which includes graphic-based spectrum analysis for supported platforms and cable interface line cards. For more information, see the Cisco Broadband Troubleshooter documentation, at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/cable/trblshtr/cbt30/index.htmNo New Hardware Features in Release 12.2(11)BC3d
There are no new hardware features in Cisco IOS Release 12.2(11)BC3d.
No New Software Features in Release 12.2(11)BC3d
There are no new software features in Cisco IOS Release 12.2(11)BC3d.
No New Hardware Features in Release 12.2(11)BC3c
There are no new hardware features in Cisco IOS Release 12.2(11)BC3c.
No New Software Features in Release 12.2(11)BC3c
There are no new software features in Cisco IOS Release 12.2(11)BC3c.
No New Hardware Features in Release 12.2(11)BC3b
There are no new hardware features in Cisco IOS Release 12.2(11)BC3b.
No New Software Features in Release 12.2(11)BC3b
There are no new software features in Cisco IOS Release 12.2(11)BC3b.
No New Hardware Features in Release 12.2(11)BC3
There are no new hardware features in Cisco IOS Release 12.2(11)BC3.
New Software Features in Release 12.2(11)BC3
The following software features are introduced in Cisco IOS Release 12.2(11)BC3.
Transparent LAN Service over Cable
Cisco IOS Release 12.2(11)BC3 introduces support for the Transparent LAN Service over Cable feature for the Cisco uBR7100 series routers.
The Transparent LAN Service over Cable feature enhances the existing Asynchronous Transfer Mode (ATM) support to provide more flexible Managed Access for multiple Internet Service Provider (ISP) support over a hybrid fiber-coaxial (HFC) cable network. This feature allows service providers to map an upstream service identifier (SID) to an ATM permanent virtual connection (PVC).
The Transparent LAN Service over Cable feature enables service providers to provide Layer-2 tunnels over an ATM network, allowing customers to create their own virtual network using any number of cable modems in different sites.
On the Cisco CMTS, you map each cable modem (on the basis of its MAC address) to a separate PVC on an ATM interface. The CMTS then creates an internal database of this one-to-one mapping of cable modems to PVCs, and uses it to determine which packets should be forwarded to the ATM network.
The CMTS encapsulates the CPE traffic from mapped cable modems using AAL5 SNAP encapsulation, as defined in RFC 1483, Multiprotocol Encapsulation over ATM Adaptation Layer 5. It then forwards those packets to the appropriate ATM interface and PVC.
Traffic to and from this group of cable modems is routed to a group of PVCs that are bridged into a single ATM network by the ATM bridge aggregator, creating a secure virtual private network (VPN) for that particular group of cable modems. This allows service providers to provide Layer-2 VPN support that does not have the limitations of Layer-3 VPN solutions, such as MPLS-VPN:
•Unlike Layer-3 VPN solutions that support only IP packets, the Transparent LAN Service over Cable feature can support multiple Layer-3 protocols.
•Layer-2 VPN solutions provide Ethernet connectivity for the participating devices, so that the service provider does not need to know the addressing and routing details of the customer's private network.
Service providers can provide a Layer-2 VPN with only minimal configuration changes on the providers' routers. The end customer does not need to make any changes to their private network or cable modems, nor does the service provider have to provide any special DOCSIS configuration files to enable this feature.
The Transparent LAN Service over Cable feature has the following prerequisites:
•The Cisco uBR7100 series routers must be running Cisco IOS Release 12.2(11)BC3 or later Cisco IOS Release 12.2 BC release.
•You must know the hardware (MAC) addresses of the cable modems that are to be mapped to ATM PVCs.
You must create a bridge group for each separate customer on the ATM bridge aggregator, so that traffic from all of the CPE devices for the customer are grouped together into the same ATM tunnel.
Note See Limitations and Restrictions for a summary of the restrictions for the Transparent LAN Service over Cable feature.
For more information on the feature, refer to the Transparent LAN Service over Cable feature module at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122bc/122bc_11/sidatmpv.htm
clear cable modem Commands
Cisco IOS Release 12.2(11)BC3 adds support for two new clear cable modem commands:
•clear cable modem delete
This command removes one or more CMs from the internal address and routing tables.
•clear cable modem offline
This command removes offline CMs from the internal address and routing tables for a cable interface.
For syntax and usage information on the commands, refer to the "Cisco CMTS Commands" chapter of the Cisco Broadband Cable Command Reference Guide at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/cable/bbccmref/bbcmts.htm
debug cable Commands
Cisco IOS Release 12.2(11)BC3 adds support for the following new debug commands:
•debug cable arp
This command enables debugging of the Address Resolution Protocol when it is used on the cable interface.
•debug cable dhcp
This command enables debugging of the Dynamic Host Configuration Protocol (DHCP) when it is used on the cable interface.
•debug cable encap
This command enables debugging of encapsulated Point-to-Point Protocol over Ethernet (PPPoE) packets on the cable interface.
For syntax and usage information on the debug commands, refer to the "Cisco CMTS Debugging Commands" chapter of the Cisco Broadband Cable Command Reference Guide at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/cable/bbccmref/bbcmtsde.htm
No New Hardware Features in Release 12.2(11)BC2
There are no new hardware features in Cisco IOS Release 12.2(11)BC2.
No New Software Features in Release 12.2(11)BC2
There are no new software features in Cisco IOS Release 12.2(11)BC2.
No New Hardware Features in Release 12.2(11)BC1b
There are no new hardware features in Cisco IOS Release 12.2(11)BC1b.
No New Software Features in Release 12.2(11)BC1b
There are no new software features in Cisco IOS Release 12.2(11)BC1b.
No New Hardware Features in Release 12.2(11)BC1a
There are no new hardware features in Cisco IOS Release 12.2(11)BC1a.
No New Software Features in Release 12.2(11)BC1a
There are no new software features in Cisco IOS Release 12.2(11)BC1a.
No New Hardware Features in Release 12.2(11)BC1
There are no new hardware features in Cisco IOS Release 12.2(11)BC1.
New Software Features in Release 12.2(11)BC1
The following new software feature was introduced in Cisco IOS Release 12.2(11)BC1.
cable source-verify leasetimer Command
Cisco IOS Release 12.2(11)BC1 introduces the cable source-verify leasetimer <n> command.
The leasetimer option allows you to configure how often the timer checks the lease times, so as to specify the maximum amount of time a customer premises equipment (CPE) device can use an IP address that was previously assigned by the Dynamic Host Configuration Protocol (DHCP) server but whose lease time has since expired. The time period can range from 1 minute to 240 minutes (4 hours), with a grace period of 2 minutes to allow a PC enough time to make a DHCP request to renew the IP address.
To turn off the timer, so that the CMTS no longer checks the lease times, issue the cable source-verify command without the dhcp option, or turn off the feature entirely with the no cable source-verify command. The leasetimer option takes effect only when the dhcp option is also used on an interface or subinterface.
The leasetimer option adds another level of verification by activating a timer that periodically examines the lease times for the IP addresses for known CPE devices. If the CMTS discovers that the DHCP lease for a CPE device has expired, it removes that IP address from its database, preventing the CPE device from communicating until it makes another DHCP request. This prevents users from treating DHCP-assigned addresses as static addresses, as well as from using IP addresses that were previously assigned to other devices.
Note The leasetimer option for the cable source-verify command cannot be configured on subinterfaces. Instead, configure the command on the master interface, and the leasetimer will apply to all subinterfaces as well.
The following example shows how to enable the leasetimer feature so that every two hours, the CMTS checks the IP addresses in the CPE database for that particular interface for expired lease times:
router# configure terminalrouter#(config) interface c1/0router(config-if)# cable source-verify dhcp
router(config-if)# cable source-verify leasetimer 120For more information on the command, refer to the "Cisco Cable Modem Termination System Commands" chapter in the Cisco Broadband Cable Command Reference Guide at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/cable/bbccmref/bbcmts.htm
No New Hardware Features in Release 12.2(8)BC2a
There are no new hardware features in Cisco IOS Release 12.2(8)BC2a.
No New Software Features in Release 12.2(8)BC2a
There are no new software features in Cisco IOS Release 12.2(8)BC2a.
No New Hardware Features in Release 12.2(8)BC2
There are no new hardware features in Cisco IOS Release 12.2(8)BC2.
New Software Features in Release 12.2(8)BC2
Cisco IOS Release 12.2(8)BC2 supports the following new software feature for the Cisco uBR7100 series routers.
Adding Load Information and a Timestamp to Show Commands
Cisco IOS Release 12.2(8)BC2 adds a new command, exec prompt timestamp, that adds load information and a timestamp to all show commands. This can be useful for troubleshooting and system analysis.
The new command has the following syntax in line configuration mode:
Router(config-line)# [no] exec prompt timestampThe command has the following syntax in User EXEC mode, so that users who do not know the enable password can also timestamp their show commands:
Router> terminal [no] exec prompt timestampThe following example shows how to enable and disable the timestamp for the console connection:
Router# config tRouter(config)# line console 0Router(config-line)# exec prompt timestampRouter(config-line)# no exec prompt timestampThe following example shows how to enable and disable the timestamp for the first five telnet connections:
Router(config)# line vty 0 4Router(config-line)# exec prompt timestampRouter(config-line)# no exec prompt timestampThe following example shows how to enable and disable the timestamp when logged into User EXEC mode:
Router> terminal exec prompt timestampRouter> terminal no exec prompt timestampDisplay Modem Capabilities with the show cable modem mac Command
In Cisco IOS Release 12.2(8)BC2 and later 12.2 BC releases, the mac option displays both the maximum DOCSIS Version of the CM as well as the currently provisioned DOCSIS version. This allows you to see both the capabilities of the CM as well as its current provisioning.
Router# show cable modem macMAC Address MAC Prim Ver Prov Frag Concat PHS Priv DS USState Sid Saids Sids0010.64ff.e4ad online 1 DOC1.1 DOC1.0 yes yes yes BPI+ 0 40010.f025.1bd9 init(rc) 2 DOC1.0 DOC1.0 no no no BPI 0 00010.9659.4447 online(pt) 3 DOC1.0 DOC1.0 no yes no BPI 0 00010.9659.4461 online(pt) 4 DOC1.0 DOC1.0 no yes no BPI 0 00010.64ff.e459 online 5 DOC1.0 DOC1.0 no yes no BPI 0 00020.4089.7ed6 online 6 DOC1.0 DOC1.0 no no no BPI 0 00090.9607.3831 online(pt) 7 DOC1.0 DOC1.0 no no no BPI 0 00090.9607.3830 online(pt) 1 DOC1.0 DOC1.0 no no no BPI 0 00050.7366.12fb init(i) 2 DOC1.0 DOC1.0 no no no BPI 0 00010.fdfa.0a35 online(pt) 3 DOC1.1 DOC1.1 yes yes yes BPI+ 0 4Support for the cable modem vendor command
Cisco IOS Release 12.2(8)BC2 adds support for associating the name of a vendor with its Organizational Unique Identifier (OUI), so that the vendor name can appear in the displays of the show cable modem vendor command. The software comes with a default database that contains approximately 300 OUIs associated with approximately 60 vendor names, and you can use the cable modem vendor command in global configuration mode to create new associations or overwrite existing associations.
The syntax of the cable modem vendor command is:
[no] cable modem vendor OUI [vendor-name]
where OUI is the first 3 octets (3 bytes, 6 hexadecimal digits) of the CM MAC address and typically indicates the vendor for the CM. Each octet should be separated by a period or colon (for example: 00:01:02 or 00.01.02). The vendor-name is the arbitrary string identifying the vendor for this OUI.
If you specify an OUI with the cable modem vendor command that already exists in the OUI database, the previous value is overwritten with the new value. You can use the default prefix to restore the original value for an OUI in the default database.
Use the no cable modem vendor command to remove the association between an OUI and a vendor name. The show cable modem vendor command then displays only the OUI as the vendor name.
Tip The Institute of Electrical and Electronics Engineers (IEEE) is the official issuer of OUI values. The IEEE OUI web site is at http://standards.ieee.org/regauth/oui/index.shtml.
The following shows several examples of the cable modem vendor command using Cisco OUIs:
Router(config)# cable modem vendor 00:01:42 Cisco
Router(config)# cable modem vendor 00:01:43 Cisco
Router(config)# cable modem vendor 00:01:63 Cisco
Router(config)# cable modem vendor 00:01:64 Cisco
Router(config)# cable modem vendor 00:0A:41 Cisco
Router(config)# cable modem vendor 00:0A:42 Cisco
The following example shows sample output for the vendor option on the Cisco uBR10012 router:
Router# show cable modem vendorVendor MAC Address I/F MAC Prim RxPwr Timing Num BPIState Sid (db) Offset CPE EnbThomson 0010.9507.01db C5/1/0/U5 online 1 0.00 938 1 NEricsson 0080.37b8.e99b C5/1/0/U5 online 2 -0.25 1268 0 NCisco 0002.fdfa.12ef C6/1/0/U0 online 13 0.00 1920 1 NCisco 0002.fdfa.137d C6/1/0/U0 online 16 -0.50 1920 1 NCisco 0003.e38f.e9ab C6/1/0/U0 online 3 -0.25 1926 1 NCisco 0001.9659.519f C6/1/1/U2 online 26 0.25 1930 1 NMotorola 0020.4005.3f06 C7/0/0/U0 online 2 0.00 1901 1 NMotorola 0020.4006.b010 C7/0/0/U5 online 3 0.25 1901 1 NCisco 0050.7302.3d83 C7/0/0/U0 online 18 -0.25 1543 1 NCisco 00b0.6478.ae8d C7/0/0/U5 online 44 0.50 1920 21 NCisco 00d0.bad3.c0cd C7/0/0/U5 online 19 0.00 1543 1 NCisco 00d0.bad3.c0cf C7/0/0/U0 online 13 0.00 1546 1 NCisco 00d0.bad3.c0d5 C7/0/0/U0 online 12 -0.50 1546 1 NRouter#Support for the cable tftp-enforce Command
Cisco IOS Release 12.2(8)BC2 adds support for the new cable tftp-enforce cable interface configuration command, which requires all cable modems on a cable interface to attempt a TFTP request for the DOCSIS configuration file through the cable interface with the Cisco CMTS router before being allowed to register and come online. This can help prevent the following situations from occurring:
•Users who attempt theft-of-service by reconfiguring their local networks to allow the downloading of an unauthorized DOCSIS configuration file from a local TFTP server. Typically, some users do this to obtain services that they have not paid for, such as higher guaranteed bandwidths or a higher priority Quality of Service (QoS) profile.
•Some brands or models of cable modems might be running older software releases that cache the DOCSIS configuration file and use the cached version instead of downloading the actual file from a TFTP server during the registration process. Although this can marginally speed up the registration process, it also violates the DOCSIS requirements and could create a situation in which the cable modem is not using the proper DOCSIS configuration file. A user might then be mistakenly accused of theft-of-service, when in reality the problem is the non-DOCSIS-compliant cable modem.
The cable tftp-enforce command identifies these situations and can block these cable modems from registering and coming online. This command also has an option that allows these cable modems to come online, but it also identifies the cable modems so that the network administrators can investigate the situation further before taking any action.
Command Syntax
The new command has the following syntax:
cable tftp-enforce [mark-only]no cable tftp-enforce [mark-only]When the command is used without the mark-only option, cable modems that do not download a TFTP file are blocked from registering and coming online. The mark-only option allows the cable modems to come online, but it also prints a warning message and marks the cable modems in the show cable modem command.
Tips Cisco recommends that you initially configure cable interfaces with the mark-only option, so that potential problems are identified without initially interfering with users' ability to come online. After you identify and resolve these initial problems, reconfigure the cable interfaces without the mark-only option to block problem cable modems that attempt to come online without downloading a valid DOCSIS configuration file.
The default behavior is not to require the TFTP download through the cable interface with the Cisco CMTS router. Each cable interface must be configured with this command to require the TFTP download.
Enforcing TFTP Downloads and Blocking Non-Compliant Cable Modems
The following example shows how to enforce TFTP downloads for all of the cable modems on cable interface 1/0. These cable modems must attempt a TFTP download of the DOCSIS configuration file through their cable interface with the Cisco CMTS router. If they do not, they are not allowed to register or come online.
Router# configure terminalRouter(config)# interface cable 1/0Router(config-if)# cable tftp-enforceRouter(config-if)# exitRouter(config)#When the cable tftp-enforce command is configured, the following message is displayed on the console when a cable modem attempts to register without first attempting a TFTP download through the cable interface with the Cisco CMTS router:
06:53:57: %UBR7100-4-REGISTRATION_BEFORE_TFTP: Registration request unexpected:Cable Modem did not attempt TFTP. Registration Rejected. CM Mac Addr <00ff.ff66.12fb>When a cable modem is rejected for not attempting a TFTP download, it is marked as having a Message Integrity Check (MIC) failure—reject(m)—in the show cable modems command.
Router# configure terminalRouter(config)# interface cable 1/0Router(config-if)# cable tftp-enforceRouter(config-if)# exitRouter(config)#Router# show cable modemsInterface Prim Online Timing Rec QoS CPE IP address MAC addressSid State Offset PowerCable1/0/U1 1 online(pt) 2734 0.50 5 0 10.1.1.38 00ff.fffa.0a35Cable1/0/U0 2 online(pt) 2729 0.25 5 0 10.1.1.50 00ff.ff07.382fCable1/0/U0 3 init(i) 2732 0.25 2 0 10.1.1.48 00ff.ff03.307dCable1/0/U1 4 online(pt) 2737 0.75 5 0 10.1.1.34 00ff.ff59.4477Cable1/0/U1 5 reject(m) 2215 0.25 2 0 10.1.1.47 00ff.ff66.12fbRouter#
Note DOCSIS-compliant cable modems that are rejected with a MIC failure go into the offline state for a short period of time and then retry the registration process.
The debug cable registration command can be used to display additional information:
Router# debug cable interface c1/0 verboseRouter# debug cable registration
CMTS registration debugging is onJun 6 23:27:15.859: Registration request from 00ff.ff66.12fb, SID 7 on Cable1/0/U1Jun 6 23:27:15.859: Found a network access control parameter: OkJun 6 23:27:15.859: Found a class of service block: OkJun 6 23:27:15.859: Found Baseline Privacy config: OkJun 6 23:27:15.859: Found Max CPE: OkJun 6 23:27:15.859: Found CM MIC: OkJun 6 23:27:15.859: Found CMTS MIC: OkJun 6 23:27:15.859: Found modem ip: OkJun 6 23:27:15.859: Found modem capabilities: OkJun 6 23:27:15.859: Finished parsing REG RequestJun 6 23:27:15.859: Cable Modem sent Registration Request without attempting required TFTP22:33:21 %UBR7100-4-REGISTRATION_BEFORE_TFTP: Registration request unexpected:Cable Modem did not attempt TFTP. Registration Rejected. CM Mac Addr <00ff.ff66.12fb>Registration failed for Cable Modem 00ff.ff66.12fb on interface Cable1/0/U0:CoS/Sflow/Cfr/PHS failed in REG-REQJun 6 23:27:15.859: REG-RSP Status : failure (2)Jun 6 23:27:15.859: Registration Response:Jun 6 23:27:15.859: 0x0000: C2 00 00 1B 00 00 00 50 73 4E B4 19 00 05 00 E0Jun 6 23:27:15.859: 0x0010: 56 AC 00 09 00 00 03 01 07 00 00 02 02Jun 6 23:27:15.859: Registration Response TransmittedIdentifying Non-Compliant Cable Modems But Allowing Them to Come Online
The mark-only option of the cable tftp-enforce command allows CMs that do not attempt a TFTP download through the cable interface to come online, but the Cisco CMTS router displays a warning message on the console and marks the cable modem in the show cable modem command with a pound sign (#). This option allows network providers to identify potential problems and to investigate them before taking any corrective action.
When the mark-only option is configured, the following message is displayed on the console when a cable modem attempts to register without first attempting a TFTP download through the cable interface with the Cisco CMTS router:
06:53:57: %UBR7100-4-REGISTRATION_BEFORE_TFTP: Registration request unexpected:Cable Modem did not attempt TFTP. Modem marked with #. CM Mac Addr <00ff.ff66.12fb>In addition, the cable modem is marked with a pound sign (#) in the show cable modems command:
Router# configure terminalRouter(config)# interface cable 1/0Router(config-if)# cable tftp-enforce mark-onlyRouter(config-if)# exitRouter(config)#Router# show cable modemsInterface Prim Online Timing Rec QoS CPE IP address MAC addressSid State Offset PowerCable1/0/U1 1 online(pt) 2734 0.50 5 0 10.1.1.38 00ff.fffa.0a35Cable1/0/U0 2 online(pt) 2729 0.25 5 0 10.1.1.50 00ff.ff07.382fCable1/0/U0 3 init(i) 2732 0.25 2 0 10.1.1.48 00ff.ff03.307dCable1/0/U1 4 online(pt) 2737 0.75 5 0 10.1.1.34 00ff.ff59.4477Cable1/0/U1 5 #online 2213 0.25 6 0 10.1.1.47 00ff.ff66.12fbRouter#The debug cable registration command can be used to display additional information:
Jun 6 23:27:15.859: Registration request from 00ff.ff66.12fb, SID 7 on Cable1/0/U1Jun 6 23:27:15.859: Found a network access control parameter: OkJun 6 23:27:15.859: Found a class of service block: OkJun 6 23:27:15.859: Found Baseline Privacy config: OkJun 6 23:27:15.859: Found Max CPE: OkJun 6 23:27:15.859: Found CM MIC: OkJun 6 23:27:15.859: Found CMTS MIC: OkJun 6 23:27:15.859: Found modem ip: OkJun 6 23:27:15.859: Found modem capabilities: OkJun 6 23:27:15.859: Finished parsing REG RequestJun 6 23:27:15.859: Cable Modem sent Registration Request without attempting required TFTP23:27:15: %UBR7100-4-REGISTRATION_BEFORE_TFTP: Registration request unexpected:Cable Modem did not attempt TFTP. Modem marked with #. CM Mac Addr <00ff.ff66.12fb>Jun 6 23:27:15.859: Sec sids obtained for all requested classes of serviceJun 6 23:27:15.859: Performing connection admission control (CAC) for each SidJun 6 23:27:15.859: CAC Status for ClassID:1 is CAC_SUCCESSJun 6 23:27:15.859: Registration Status: ok (0)Jun 6 23:27:15.859: Registration Response TransmittedSupport for a Secondary Shared Secret
Cisco IOS Release 12.2(8)BC2 adds support for one or more secondary shared-secret keys that cable modems can use to successfully process the DOCSIS configuration file and register with the Cisco CMTS. Secondary shared secrets can be defined with the cable shared-secondary secret command, which has the following syntax:
cable shared-secondary secret index index-num [0 | 7] authentication-key
no cable shared-secondary secret index index-num
where index-num specifies the order in which the Cisco CMTS will use the secondary shared-secrets to verify the cable modem during the registration process. The valid range is 1 to 16. The authentication-key is the secondary shared secret string, where 0 indicates it is unencrypted and 7 indicates it is encrypted.
Note To store the authentication-key in encrypted form in the configuration file, also use the service password-encryption command.
The cable modem must use the proper shared secret encryption string to successfully decrypt and process the configuration file, and then register with the Cisco CMTS. If the cable modem does not have the proper encryption string, it will be unable to calculate the proper MIC value, and the show cable modem command will show reject(m) for the modem to indicate a MIC authentication failure.
The cable shared-secondary-secret command allows a cable operator to specify up to 16 alternate DOCSIS shared secrets. If a cable modem has a MIC authentication failure during registration, the CMTS then checks the MIC values using the alternate shared secrets. If a match is found, the cable modem is allowed online. If none of the alternate MIC values match the value returned by the CM, the CMTS refuses to allow the cable modem to come online and instead logs a MIC authentication failure.
The use of secondary shared secrets allow the MSO to gradually phase in changes to the shared secret key. If a shared secret has been compromised, or if the MSO decides to regularly change the shared secret, the MSO can use the cable shared-secret command to immediately change the primary shared secret. The previous key can then be made a secondary shared secret, using the cable shared-secondary-secret command, so that CMs can continue to register until the MSO can change all of the DOCSIS configuration files to use the new shared secret.
To use the secondary shared-secret feature, you must do the following:
•You must specify a shared secret with the cable shared-secret command. The cable shared-secondary-secret command has no effect if you have not specified a primary shared secret.
Note At any particular time, the majority of cable modems should use the primary shared secret to avoid excessive registration times.
•Create DOCSIS configuration files that use the shared-secret encryption string to create the MD5 MIC value. This can be done using the Cisco DOCSIS Configurator tool by entering the shared-secret string in the CMTS Authentication field in the Miscellaneous parameters.
Note The shared-secret string itself is not saved in the DOCSIS configuration file, so you must re-enter the string in the CMTS Authentication field whenever you create or edit a DOCSIS configuration file using the Cisco DOCSIS Configurator tool.
•Use the cable shared-secondary-secret command to configure the cable interfaces with one or more matching shared-secret strings. The string configured on an interface must match the string used to create the DOCSIS configuration files downloaded to the CMs on that interface, or the CMs will not be able to register. You can use different shared secrets for each interface, if you are also using a different set of configuration files for each interface.
•To encrypt the shared-secret strings in the CMTS configuration, you must include the service password-encryption global configuration command in the router's configuration.
Note You cannot use the secondary shared secret feature with the files created by the internal DOCSIS configuration file editor (cable config-file command) because the internal DOCSIS configuration file editor automatically obtains the correct shared secret from the interface when the modems register.
The following example shows how to specify multiple secondary shared-secret string using encrypted keys:
Router# config tRouter(config)# service password-encryptionRouter(config)# int c6/0Router(config-if)# cable shared-secret n01jk_1a
Router(config-if)# cable shared-secondary-secret index 1 cabl3-x21bRouter(config-if)# cable shared-secondary-secret index 2 dasc9_ruld55ist5q3zRouter(config-if)# cable shared-secondary-secret index 3 j35u556_x_0Router(config-if)# exitRouter(config)# exitRouter# show running-config | include sharedcable shared-secret 7 1407513181A0F13253920cable shared-secondary-secret 7 14031A021F0D39263D3832263104080407cable shared-secondary-secret 7 071B29455D000A0B18060615142B38373F3C2726111202431259545D6cable shared-secondary-secret 7 0501555A34191B5F261D28420A555DRouter#
Note In this example, the shared-secret strings are initially entered as clear text, but because the service password-encryption command has been used, the strings are encrypted in the configuration file.
See the "Cisco Cable Modem Termination System Commands" chapter in the Cisco Broadband Cable Command Reference Guide for more information about the cable shared-secondary secret command at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/cable/bbccmref/bbcmts.htm
Enhancement to the show hccp brief Command
In Cisco IOS Release 12.2(8)BC2 and later 12.2 BC releases, the brief option now shows the amount of time left before the next resynchronization and the time left before a restore:
Router# show hccp brief
Interface Config Grp Mbr Status WaitToResync WaitToRestoreCa5/0/0 Protect 1 3 standby 00:01:50.892Ca7/0/0 Working 1 3 active 00:00:50.892 00:01:50.892Enhancement to the cable filter group Command
The status option was added to the cable filter group command to allow filter groups to be activated and deactivated without removing the filter group's configuration.
For example, the following command would deactivate a filter without changing its configuration:
Router(config)# cable filter group 1 index 1 status inactiveThe following command would reactivate this filter:
Router(config)# cable filter group 1 index 1 status active
Note Filter groups are active by default when created.
New Hardware Features in Release 12.2(8)BC1
The following new hardware feature is supported by the Cisco uBR7100 series routers in Cisco IOS Release 12.2(8)BC1.
PA-A3-E3 Port Adapter
The PA-A3-E3 is a single-width, single-port E3 ATM, PCI-based port adapter that uses an E3 interface with a coaxial cable BNC connector.
Note For configuration information on the PA-A3-E3 port adapter, see the PA-A3 Enhanced ATM Port Adapter Installation and Configuration Guide, which is available on the Customer Documentation CD-ROM, and on Cisco.com at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/core/cis7505/portadpt/atm_port/pa_a3/index.htm
New Software Features in Release 12.2(8)BC1
The following new software features are supported by the Cisco uBR7100 series routers in Cisco IOS Release 12.2(8)BC1.
EXEC Commands in Configuration Mode
In Cisco IOS Release 12.2(8)BC1, you can now issue EXEC-level Cisco IOS commands (such as show, clear, and debug commands) from within global configuration mode or other configuration modes by issuing the do command followed by the EXEC command. For example, you can display the run-time configuration file from within global configuration mode by issuing the following command:
Router(config)# do show running-config
Note You cannot use the do command to execute the configure terminal EXEC command because issuing the configure terminal command changes the mode to configuration mode.
Secure Shell Support
Secure Shell (SSH) allows network administrators to securely log in to the Cisco uBR7100 series routers, using authentication and encryption at the application layer and providing a secure connection even when logging in over insecure networks such as the Internet. Secure Shell allows an administrator to securely monitor and configure a router without having to be logged into the router's local console port or directly connected to the Ethernet port on the router's I/O controller.
To configure SSH on a Cisco uBR7100 router, use the following command in global configuration mode:
uBR7100(config)# crypto key generate rsa general-keys
When you are asked the size of the key seed, enter a value of at least 1024.
To verify whether SSH is configured on the Cisco uBR7100 router, use the following command in Privileged EXEC mode:
uBR7100# show ip ssh
SSH Enabled - version 1.5Authentication timeout: 120 secs; Authentication retries: 3To verify whether the Cisco uBR7100 router has an SSH connection, use the following command in Privileged EXEC mode:
uBR7100# show sshConnection Version Encryption State Username1 1.5 DES Session started adminNo New Hardware Features in Release 12.2(4)BC1b
There are no new hardware features in Cisco IOS Release 12.2(4)BC1b.
New Software Features in Release 12.2(4)BC1b
The following new software features are supported by the Cisco uBR7100 series routers in Cisco IOS Release 12.2(4)BC1b.
Cisco IOS Network-Based Application Recognition (NBAR)
Cisco IOS Release 12.2(4)BC1b adds support for Cisco IOS Network-Based Application Recognition (NBAR). The NBAR feature is a new classification engine that can recognize a wide variety of network applications, including Web-based applications, client/server applications, and other difficult-to-classify protocols that dynamically assign TCP or UDP port numbers.
NBAR enhances existing methods of application-recognition by adding several new classification features:
•Classification of applications that use statically assigned TCP/UDP port numbers, that use dynamically assigned TCP/UDP port numbers, or that use protocols other than TCP and UDP
•Classification of HTTP traffic by URL, host, or MIME type
•Classification of Citrix ICA traffic by application name
•Classification of application traffic using subport information
NBAR can also classify static port protocols. Although access control lists (ACLs) can also be used for this purpose, NBAR is easier to configure and can provide other options and classification statistics that are not available when using ACLs.
Tips The Cisco IOS NBAR feature requires CPU resources to inspect, recognize, and process the packets coming through the router. In laboratory conditions, the use of NBAR can impact CPU performance by approximately 30 percent—the actual performance impact depends on the current CPU load, the number of packets processed, and the type of traffic being inspected. To limit the performance impact when using NBAR, activate the Turbo ACL feature to increase the performance of access list handling.
After NBAR recognizes an application, the Cisco uBR7100 series router can invoke specific services appropriate for that application. These services can provide QoS features such as:
•Guaranteed bandwidth
•Bandwidth limits
•Traffic shaping
•Packet coloring
The Cisco IOS NBAR feature can also be used to detect and respond to denial-of-service and other types of network attacks. Cisco IOS NBAR uses a protocol description language module (PDLM) to define the rules by which the NBAR processes recognize an application. New PDLM definitions can usually be loaded without the need for a Cisco IOS software upgrade or a router reboot, allowing for a rapid response to discovered attacks.
Note For basic information on configuring and using the Cisco IOS NBAR feature, see the Network-Based Application Recognition documentation. For information on configuring NBAR for Quality of Service (QoS) control, see the Configuring Network-Based Application Recognition chapter in the Cisco IOS Release 12.2 Quality of Service Solutions Configuration Guide. These documents are available on Cisco.com and the Customer Documentation CD-ROM.
Tips Cisco.com also contains a technical note, Using Network-Based Application Recognition and Access Control Lists for Blocking the Code Red Worm, that provides information on using NBAR to block denial-of-service attacks. This technical note is available at http://www.cisco.com/warp/customer/63/nbar_acl_codered.shtml.
SNMP Cable Modem Remote Query
The remote query feature allows the Cisco Cable Modem Termination System (CMTS) to use Simple Network Management Protocol (SNMP) requests to periodically poll online CMs to gather the signal-to-noise ratio (SNR), upstream power value, transmit timing offset, micro reflection value, and modem state. To enable the remote query feature, use the cable modem remote-query command. To display the collected statistics, use the show cable modem remote-query command, or display the attributes in the CISCO-DOCS-REMOTE-QUERY-MIB MIB. You can also generate SNMP traps to inform the SNMP manager when remote query polling has completed by using the snmp-server enable cable cm-remote-query command.
Turbo Access Control Lists
Cisco IOS Release 12.2(4)BC1b adds support for Turbo Access Control Lists (Turbo ACL), which increases the performance of access lists by compiling them into a form that is more quickly accessed during packet processing. The access-list compiled command enables the Turbo ACL feature, and the show access-lists and show access-lists compiled commands provide status information about these access lists.
Complete information about the Turbo ACL feature is available on Cisco.com at http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121t/121t5/dttacl.htm. The related commands are also described in the Addressing and Services volume of the Cisco IOS Release 12.1 IP and IP Routing Command Reference. For complete information about access lists, see the Traffic Filtering and Firewall volume in the Cisco IOS Release 12.1 Security Configuration Guide.
Note The Turbo ACL feature was introduced in Cisco IOS Release 12.1(9)EC but was unusable because of caveats CSCdv04414 and CSCdv69271. These caveats have been resolved in Cisco IOS Release 12.1(10)EC.
No New Hardware Features in Release 12.2(4)BC1a
There are no new hardware features in Release 12.2(4)BC1a.
No New Software Features in Release 12.2(4)BC1a
There are no new software features in Release 12.2(4)BC1a.
New Hardware Features in Release 12.2(4)BC1
The following new hardware features are supported by the Cisco uBR7100 series routers in Cisco IOS Release 12.2(4)BC1.
PA-T3+ and PA-2T3+ Port Adapter Cards
The PA-T3+ and PA-2T3+ port adapters provide full-duplex operation at the T3 (45 Mbps) speed. They support both 16- and 32-bit cyclic redundancy checks (CRCs), with the default being 16-bit CRCs. The PA-T3+ port adapter provides one port, and the PA-2T3+ port adapter provides two ports.
Cisco IOS Release 12.2(4)BC1 supports the PA-T3+ and PA-2T3+ port adapters on the Cisco uBR7223 and Cisco uBR7246VXR universal broadband routers. These port adapters are replacements for the PA-T3 and PA-2T3 port adapters, which have reached their end-of-life.
Note For configuration information on the PA-T3+ and PA-2T3+ port adapters, see the PA-T3 Serial Port Adapter Installation and Configuration Guide, which is available on Cisco.com and the Documentation CD-ROM.
New Software Features in Release 12.2(4)BC1
The following new software feature is supported by the Cisco uBR7100 series routers in Cisco IOS Release 12.2(4)BC1.
PPPoE Termination Support on Cable interfaces
The Point-to-Point Protocol over Ethernet (PPPoE) on Cable Interfaces feature adds support for PPPoE by allowing a direct connection to cable interfaces. PPPoE provides service-provider digital-subscriber line (DSL) support. The support of PPPoE on cable interfaces of the Cisco uBR7100 series routers allows customer premises equipment (CPE) behind the cable modem to use PPP as a mechanism to get their IP addresses and use it for all subsequent data traffic, just like a dial-up PPP client. In a PPP dial-up session, the PPPoE session is authenticated and the IP address is negotiated between the PPPoE client and the server, which could be either a Cisco uBR7100 series router or a Home Gateway.
Information about configuring PPPoE is available in the Configuring Broadband Access: PPP and Routed Bridge Encapsulation chapter of the Cisco IOS Wide-Area Networking Configuration Guide, Release 12.2. Also see the PPPoE on Ethernet feature module and RFC 2516 (http://www.ietf.org/rfc/rfc2516.txt).
Note PPPoE is supported only in routing mode. Bridged mode is not supported in the Cisco IOS Release 12.2 BC train for the Cisco uBR7100 series routers.
No New Hardware Features in Release 12.2(4)XF1
There are no new hardware features supported by the Cisco uBR7100 series routers in Cisco IOS Release 12.2(4)XF1.
New Software Features in Release 12.2(4)XF1
The following new software features are supported by the Cisco uBR7100 series routers in Cisco IOS Release 12.2(4)XF1.
DOCSIS 1.0 and 1.0+ Support
Cisco IOS Release 12.2(4)XF1 provides support for the original DOCSIS 1.0 standard that provides for basic best-effort data traffic and Internet access over the coaxial cable network. The DOCSIS 1.0+ extensions provided Quality of Service (QoS) enhancements for real-time traffic, such as voice calls, in anticipation of full DOCSIS 1.1 support.
Cisco IOS Release 12.2(4)XF1 interoperates seamlessly with both DOCSIS 1.0 and 1.0+ cable modems and set-top boxes.
DOCSIS 1.1 Support
Cisco IOS Release 12.2(4)XF1 provides support for the new DOCSIS 1.1 standard for the Cisco Release 12.2(4)XF1 series routers. DOCSIS 1.1 modifies the DOCSIS 1.0 specification to provide better performance, in particular for real-time traffic such as voice calls.
The DOCSIS 1.1 specification provides the following functional enhancements over DOCSIS 1.0 coaxial cable networks:
•Enhanced Quality of Service (QoS) to give priority for real-time traffic such as voice and video
–The DOCSIS 1.0 QoS model (a Service IDs (SID) associated with a QoS profile) has been replaced with a service flow model that allows greater flexibility in assigning QoS parameters to different types of traffic and in responding to changing bandwidth conditions
–Multiple service flows per CM in either direction due to packet classifiers
–Support for multiple service flows per cable modem allows a single cable modem to support a combination of data, voice, and video traffic
–Greater granularity in QoS per cable modem in either direction, using unidirectional service flows
–Dynamic MAC messages that can create, modify, and tear-down QoS service flows dynamically when requested by a DOCSIS 1.1 cable modem
•Supported QoS models for the upstream are:
–Best effort-Data traffic sent on a non-guaranteed best-effort basis
–Committed Information Rate (CIR)—Guaranteed minimum bandwidth for data traffic
–Unsolicited Grants (UGS)—Constant bit rate (CBR) traffic, such as voice, that is characterized by fixed size packets at fixed intervals
–Real Time Polling (rtPS)—Real Time service flows, such as video, that produce unicast, variable size packets at fixed intervals
–Unsolicited Grants with Activity Detection (USG-AD)—Combination of UGS and RTPS, to accommodate real time traffic that might have periods of inactivity (such as voice using silence suppression). The service flow uses UGS fixed grants while active, but switches to RTPS polling during periods of inactivity to avoid wasting unused bandwidth.
•Enhanced time-slot scheduling mechanisms to support guaranteed delay/jitter sensitive traffic on the shared multiple access upstream link
•Payload Header Suppression (PHS) conserves link-layer bandwidth by suppressing unnecessary packet headers on both upstream and downstream traffic flows
•Layer 2 fragmentation on the upstream prevents large data packets from affecting real-time traffic, such as voice and video. Large data packets are fragmented and then transmitted in the timeslots that are available between the timeslots used for the real-time traffic.
•Concatenation allows a cable modem to send multiple MAC frames in the same timeslot, as opposed to making an individual grant request for each frame. This avoids wasting upstream bandwidth when sending a number of very small packets, such as TCP acknowledgement packets.
•DOCSIS 1.1 cable modems can coexist with DOCSIS 1.0 and 1.0+ cable modems in the same network—the Cisco Release 12.2(4)XF1 series provides the levels of service that are appropriate for each cable modem
DOCSIS 1.1 Quality of Service
The DOCSIS 1.1 QoS framework is based on the following objects:
•Service class: A collection of settings maintained by the CMTS that provide a specific QoS service tier to a cable modem that has been assigned a service flow within a particular service class
•Service flow: a unidirectional sequence of packets receiving a service class on the DOCSIS link
•Packet classifier: A set of packet header fields used to classify packets onto a service flow to which the classifier belongs
•PHS rule: A set of packet header fields that are suppressed by the sending entity before transmitting on the link, and are restored by receiving entity after receiving a header-suppressed frame transmission. Payload Header Suppression increases the bandwidth efficiency by removing repeated packet headers before transmission
In DOCSIS 1.1, the basic unit of QoS is the service flow, which is a unidirectional sequence of packets transported across the RF interface between the cable modem and CMTS. A service flow is characterized by a set of QoS parameters such as latency, jitter, and throughput assurances.
Every cable modem establishes a primary service flow in both the upstream and downstream directions. The primary flows maintain connectivity between the cable modem and CMTS at all times.
In addition, a DOCSIS 1.1 cable modem can establish multiple secondary service flows. The secondary service flows can either be permanently created (they persist until the cable modem is reset or powered off) or they can be created dynamically to meet the needs of the on demand traffic being transmitted.
Each service flow has a set of QoS attributes associated with it. These QoS attributes define a particular class of service and determine characteristics such as the maximum bandwidth for the service flow and the priority of its traffic. The class of service attributes can be inherited from a preconfigured CMTS local service class (class-based flows), or they can be individually specified at the time of the creation of the service flow.
Each service flow has multiple packet classifiers associated with it, which determine the type of application traffic allowed to be sent on that service flow. Each service flow can also have a Payload Header Suppression (PHS) rule associated with it to determine which portion of the packet header will be suppressed when packets are transmitted on the flow.
In Cisco IOS Release 12.2(4)XF1, the following new or enhanced software features are implemented for DOCSIS 1.1 functionality. (For more information, see the feature module DOCSIS 1.1 for Cisco Release 12.2(4)XF1 Series Universal Broadband Routers).
Cable ARP and Proxy ARP
The cable arp and cable proxy-arp commands control whether the Cisco Release 12.2(4)XF1 series router allows ARP requests on the cable interfaces and whether the router serves as a proxy ARP server for cable modems, so that cable modems on the same subnet can communicate with each other, without having to send the traffic through the Cisco Release 12.2(4)XF1 series router.
Cable Flap List
The cable flap list is a patented tool that is incorporated in the Cisco IOS software for the Cisco Release 12.2(4)XF1 series universal broadband routers for troubleshooting cable modem connectivity problems. The flap list tracks cable modems that have intermittent connectivity problems (known as "flapping") that could indicate a problem with the cable modem or with the upstream or downstream portion of the cable plant.
The flap-list feature does not require any special polling or data transmissions but instead monitors the registration and station maintenance activity that is already performed over any network that conforms to Data-over-Cable Service Interface Specifications (DOCSIS). The router, therefore, collects its flap-list data without creating additional packet overhead and without impacting network throughput and performance.
The flap-list feature tracks reinsertions (a cable modem re-registers more frequently than a user-specified insertion time, hits and misses (a cable modem responds or does not respond to the DOCSIS MAC-layer "keepalive" messages that the router sends out), and the cable modem's upstream transmission power level adjustments.
Cable Intercept Command
The cable intercept command forwards all traffic to and from a particular CM to a data collector located at particular User Datagram Protocol (UDP) port. This command can be used to comply with the United States Federal Communications Assistance for Law Enforcement Act (CALEA) and other law enforcement wiretap requirements for voice communications.
Note The cable monitor command, which performs a similar function, is not supported in Cisco IOS 12.2(15)BC2i, Release 12.2(11)BC3c, or Release 12.2(4)XF1.
Cable Interface Setup Facility
The Cable Interface Setup Facility is an alternative mechanism to enable or configure Cisco Release 12.2(4)XF1 series parameters. The setup facility supports automated configuration of upstream parameters.
In earlier releases, upstream ports were put in a default shut-down state after the setup facility was run. You had to use the CLI to configure a fixed frequency or create a spectrum group, assign an interface to it, and enable each upstream port on a cable interface line card. The setup facility now supports configuring and enabling upstream parameters.
In the following example, the upstream parameters for a cable interface line card in slot 5 are configured and enabled. Press Return to accept the default.
Do you want to configure Cable 5/0 interface? [no]: yes Downstream setting frequency: 531000000 For cable upstream [0] Shut down this upstream? [yes/no]: no Frequency: 33808000 Would you like to configure the DHCP server? [yes/no]: yes IP address for the DHCP server [X.X.X.X]: 10.0.0.2 Configure IP on this interface? [yes]: IP address for this interface [10.20.133.65]: Subnet mask for this interface [255.0.0.0]: 255.255.255.248 Class A network is 10.0.0.0, 29 subnet bits; mask is /29In this example, the input above generates the following command interface script:
interface Cable 5/0 no shutdown cable downstream frequency 531000000 no shutdown cable downstream modulation 64qam cable downstream annex B cable downstream interleave-depth 32 no cable upstream 0 shutdown cable upstream 0 frequency 33808000 cable helper-address 10.0.0.2 ip address 10.20.133.65 255.255.255.248
Note Cable modems or set-top boxes with integrated cable modems are brought online when the utility is run.
Note For Dynamic Host Configuration Protocol (DHCP)/time of day (TOD)/Trivial File Transfer Protocol (TFTP), a static route must exist to the host.
Cable Source Verification Feature
The cable source-verify command helps to prevent the spoofing of IP addresses by CMs or their CPE devices by verifying that the upstream packets coming from each CM are known to be associated with the IP address in that packet. Packets with IP addresses that do not match those associated with the CM are dropped.
Note The cable source-verify [dhcp] cable interface command specifies that DHCP lease-query requests are sent to verify any unknown source IP address found in upstream data packets. This feature requires a DHCP server that supports the new LEASEQUERY message type.
DHCP/TOD/TFTP Server Support
The Cisco uBR7100 series routers support onboard Dynamic Host Configuration Protocol (DHCP), Time-of-Day (ToD), and TFTP servers that are compliant with the DOCSIS requirements. This allows the Cisco uBR7100 series routers to provide cable modems with IP address information, to supply an RFC 868-compliant time-of-day timestamp, and to download a DOCSIS configuration file, without requiring separate, external servers.
Dynamic Map-Advance
The Dynamic Map-Advance feature improves the upstream throughput for a cable modem. This feature enables the map-advance to be dynamic and self-adjusting to propagation delay, even for the furthest cable modem in the plant.
Dynamic Mobile Hosts
This feature addresses a security hole that occurs when the Cisco uBR7100 router supports mobile hosts. (Mobile host are hosts that can move from one modem to another modem.) Anyone who knows the MAC address of a mobile host can "fake" the mobile host, thereby causing denial of access for the real mobile host.
To avoid this security hole, the Dynamic Mobile Hosts feature pings the mobile host on the old SID to verify that the host has indeed been moved.
Dynamic Ranging Support
The clear cable modem <mac-address> reset command sends a "Ranging Abort" message instead of just removing the SID. To indicate this, the modem state—Reset (display: resetting)— has been introduced into the modem state list. A modem is deprovisioned when moving into this state as if going offline. Move the modem to the Continue Ranging list. If a ranging request is received from the modem, send a "Ranging Abort" message. Continue until an "Initial Ranging" message is received or until normal timeout (16 attempts). If the modem does not go back to initial ranging, set it to offline.
The Reset modem state may show as follows in the output of show cable modem:
Cable4/0/U1 80 resetting 3575 0.25 3 0 10.30.160.26 0050.7318.e965This is an intermediate state. A modem will not be in this state for more than a few seconds; if the modem does not respond, it may be in this state for up to 30 seconds. The subsequent modem state is offline.
Dynamic Upstream Modulation
The Dynamic Upstream Modulation feature reduces the risks associated with transitioning to QAM16 modulation in the return path, and provides assurance that subscribers remain online and connected during periods of return-path impairments.
This new feature actively monitors the signal-to-noise-ratio (SNR) and forward error correction (FEC) counters in the active return path of each upstream port. The software tracks whether the current upstream channel signal quality can adequately support the higher modulation scheme configured, and proactively adjusts to the more robust Quadrature Phase-Shift Keying (QPSK) modulation scheme when necessary. When return-path spectrum conditions improve, the software proactively returns the upstream channel to the higher-modulation quadrature amplitude modulation (QAM) scheme. This is done through modulation profiles supported in Cisco IOS, which can be configured in a variety of ways to support the unique environment at each user's facility.
The Dynamic Upstream Modulation feature can be configured on interfaces with fixed upstream frequencies or on interfaces with spectrum groups assigned. Cisco IOS provides one preconfigured modulation profile resident in memory, which defines a typical profile for QPSK modulation. In order to use the Dynamic Upstream Modulation feature, a second profile must be created that is unique from the first profile and typically provides a higher modulation scheme.
The cable upstream <n> modulation-profile cable interface command configures the cable interface for the desired modulation profiles.
For more information on the Dynamic Upstream Module feature, including information on creating modulation profiles using the cable modulation-profile command, see the Cisco Release 12.2(4)XF1 Dynamic Upstream Modulation feature module. For more information on the above commands, see the documents listed in the "Related Documentation" section.
Internal Modem Configuration File Editor
This feature adds support for internal DOCSIS cable modem configuration file storage and generation. The cable modem configuration file is generated and stored as part of the Cisco IOS configuration file. The DOCSIS configuration files are not stored in Flash memory but are automatically generated when requested for TFTP downloads to cable modems.
Link Up/Down Traps Support (RFC 2233)
The objects in the varbind list, based on Internet Engineering Task Force (IETF) standard, are defined in IF-MIB. Since IF-MIB supports subinterfaces, all objects in this varbind list are also supported for subinterfaces. The feature allows the user to base the Link Up/Down trap varbind list on a Cisco-specific or IETF standard with a new CLI configuration command:
snmp-server link-trap [cisco | ietf]
The default is a Cisco-specific link trap (snmp-server link-trap cisco). The user can switch between Cisco and IETF standard.
"MAX-CPE" CLI Override
The following cable-specific configuration command provides a way to override the MAX-CPE parameter in the cable modem's DOCSIS configuration file:
[no] cable modem max-cpe [<n> | unlimited]
When set to unlimited or if n is larger than the "MAX-CPE" value in the configuration file of a cable modem, it overrides the config file value.
Note The cable max-hosts and cable modem max-hosts commands can also be used to set this value for all cable modems on a particular cable interface or for a particular cable modem.
MPLS VPN Support for Subinterfaces
Cisco IOS Release 12.2(4)XF1 includes MPLS support as part of its VPN offerings for cable subinterfaces. The software offers enhancements made to tags placed on the fronts of packets that contain forwarding information used to make switching decisions for cable interfaces and bundles. This tag switching infrastructure combines advanced routing protocol capabilities to define IP VPNs by selectively advertising IP reachability information to just those subscribers within the same VPN or extranet on a cable interface.
The MPLS-VPN approach of creating VPNs for individual Internet service providers (ISPs) requires subinterfaces to be configured on cable interfaces. One subinterface is required for each ISP. The subinterfaces are tied to VPN Routing Forwarding (VRF) tables for respective ISPs.
For more feature information, see the Cisco Release 12.2(4)XF1 Series MPLS VPN Cable Enhancements feature module. For information on feature modules, see the "Feature Modules" section.
Overlapping Subinterface IP Addresses
Multiprotocol Label Switching (MPLS)-based Virtual Private Networks (VPNs), which are created in layer 3, provide privacy and security by constraining the distribution of a VPN's routes to those routers that are members of the VPN only, and by using MPLS forwarding. Each ISP's VPN is insulated from all others sharing the HFC and IP-over-cable infrastructure. MPLS VPN enforces traffic separation by assigning a unique VPN Routing/Forwarding (VRF) instance to each VPN. A VRF instance consists of an IP routing table, a derived forwarding table, a set of interfaces that use the forwarding table, and a set of rules and routing protocols that determine what is in the forwarding table.
Earlier Cisco IOS releases assumed that IP addresses were unique, but it is possible with an MPLS VPN to configure overlapped IP addresses within a VRF. A configuration of overlapped IP addresses could have caused errors. Cisco IOS Release 12.1(4)CX and subsequent releases support a configuration of overlapping IP addresses for subinterfaces. The same IP subnet can be configured for CPEs on different VRFs using a Cisco Release 12.2(4)XF1 to configure an MPLS VPN. See also the "MPLS VPN Support for Subinterfaces" section.
The following CLI commands have been updated to support overlapping IP addresses on subinterfaces:
•Old CLI commands:
cable host <ipaddr> [no] access-group <acl>
cable device <ipaddr> [no] access-group <acl>
show cable host <ipaddr> access-group
show cable device <ipaddr> access-group
clear cable host <ipaddr>•New CLI commands:
cable host [vrf <vrfname>] <ipaddr> [no] access-group <ac >
cable device [vrf <vrfname> <ipaddr> [no] access-group <acl>
show cable host [vrf <vrfname>] <ipaddr> access-group
show cable device [vrf <vrfname>] <ipaddr> access-group
clear cable host [vrf <vrfname>] <ipaddr>Spectrum Management and Dynamic Upstream Modulation
Spectrum management allows the Cisco Release 12.2(4)XF1 series router to sense downstream and upstream plant impairments, report them to a management entity, and automatically mitigate them by changing to a different frequency using a blind hopping algorithm.
The Dynamic Upstream Modulation feature creates two modulation profiles for and upstream. The feature monitors the upstream channel signal quality and determines if the channel can support the primary modulation scheme. If noise or other impairments occur, the feature automatically adjusts to the most robust modulation scheme when necessary. When return path conditions improve, this feature returns the upstream channel to the higher modulation scheme that includes the modulation profile.
SNMP Cable Modem Remote Query
This feature provides a new MIB, CISCO-DOCS-REMOTE-QUERY-MIB, which, once implemented on a CMTS, facilitates SNMP polling of remote CMs. This MIB includes the configuration of the CMTS CM Poller, as well as status objects of remote CMs that are polled by the CMTS CM poller.
The following CLI command has been implemented for turning on the trap:
snmp-server enable cable cm-remote-query
Important Notes
The following sections contain important notes about Cisco IOS Release 12.2(15)BC2i that apply to Cisco uBR7100 series universal broadband routers.
Limitions on Upstream Modulation Parameters for PacketCable VoIP Calls
When PacketCable support is enabled on the Cisco CMTS to provide Voice over IP (VoIP) support, the following combinations of upstream modulation parameters should not be used, because the channel width is too small to allow the upstream MAC scheduler to provide sufficient grants for reliable VoIP communications.
The following Table lists unsupported Upstream Parameter Combinations for VoIP Calls:
We recommend configuring upstreams that are being used for PacketCable operations and VoIP calls for a channel width that is larger than 400 KHz. (These channel widths and upstream parameter combinations can still be used, however, for best-effort data communications.)
Cable Modems Becoming Stuck in the TFTP Transfer State
Cable modems can become stuck in the TFTP transfer state under the following conditions. This state is indicated as "init(o)" by the show cable modem command.
•The Dynamic Shared Secret feature is enabled on the cable interface, using the cable dynamic-secret command.
•The cable modems on that cable interface are downloading a DOCSIS configuration file that is greater than 4 Kbytes in size.
• A large number of cable modems are registering at the same time. Some or all of those cable modems could also be downloading the DOCSIS configuration file using multiple TFTP transfers that use multiple TFTP ports on the Cisco CMTS router.
This situation can cause the TFTP server to run out of available ports, resulting in the cable modems failing the TFTP download stage. To prevent this situation from happening, temporarily disable the Dynamic Shared Secret feature on the cable interface or reduce the size of the DOCSIS configuration file.
CPE IP Addressing
If the IP address of a DHCP CPE is changed to a currently unused static IP address, the new IP address is not allowed into the CMTS router's host table and the CMTS router's Address Resolution Protocol (ARP) table. Consequently, traffic destined to the static IP address is dropped by the Cisco CMTS router.
Deprecated and Removed Cable MIB Objects
In Cisco IOS Release 12.2(15)BC1 and later releases, the DOCS-IF-EXT-MIB has been deprecated and removed. The objects in this MIB have been replaced by new objects in the DOCS-IF-MIB and the proposed DOCS-RFI-MIB, so as to conform to the requirements given in the DOCSIS 2.0 Operations Support System Interface Specification (SP-OSSIv2.0-I04-030730). In particular, the following objects are replaced as indicated:
•docsIfDocsisCapability (replaced by docsIfDocsisBaseCapability)
•docsIfDocsisOperMode (replaced by docsIfDocsisBaseCapability)
•docsIfCmtsCmStatusDocsisMode (replaced by docsIfCmtsCmStatusDocsisRegMode)
Also, the following objects have been removed from traps and notifications in DOCS-CABLE-DEVICE-TRAP-MIB because they duplicate existing objects:
•docsIfDocsisCapability
•docsIfDocsisOperMode
Using cable helper-address and ip helper-address Commands
On the Cisco CMTS, the Cisco IOS software provides two commands to forward User Datagram Protocol (UDP) broadcasts, such as DHCP/BOOTP packets, that are received on an interface—the ip helper-address and cable helper-address commands.
Use the ip helper-address command on all non-cable interfaces, and use the cable helper-address command for cable interfaces.
The cable helper-address command is optimized for cable interfaces and DOCSIS networks and should be used on cable interfaces instead of the ip helper-address command.
For more information on the ip helper-address command, refer to the Cisco IOS Command Reference, Release 12.2 T index page at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122tcr/crftindx.htm
For more information on the cable helper-address command, refer to the "Cable Modem Termination System Commands" chapter of the Cisco Broadband Cable Command Reference Guide at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/cable/bbccmref/bbcmts.htm
Synchronization of the System Clocks
Ensure that the system clocks on the CMTS and on the time-of-day (ToD) servers are synchronized. If this does not occur, the clocks on the CMs will not match the clocks on the CMTS, which could interfere with Baseline Privacy Interface Plus (BPI+) operations. In particular, this could prevent the proper verification of the digital certificates on the CM.
Upgrading When Using Shared Secret Passwords
Cisco IOS Release 12.2 BC changed the encryption algorithm used for the shared-secret command. If you are upgrading from Cisco IOS Release 12.1 EC or Cisco IOS Release 12.0 SC, you cannot cut and paste the "shared-secret" configuration lines that include an encrypted password. Instead, you must re-enter the original shared secret passwords at the CLI prompt.
For example, if the actual shared secret password is "cm-sharedsecret-password," you would enter the cable shared-secret cm-sharedsecret-password command at the CLI prompt. If you have enabled password encryption, the configuration file will then show only the newly encrypted password.
The following example shows a typical configuration session:
Router# config t
Router(config)# service password-encryption
Router(config)# int c6/0
Router(config-if)# cable shared-secret cm-sharedsecret-password
Router(config-if)# exit
Router(config)# exit
Router# show running-config | include sharedcable shared-secret 7 0458064B1C294D5C0C1D161211190910673B253B20222D0103Router#
Note This change only affects the encryption of the passwords that are stored in the configuration file. It does not affect the actual encryption that is used between the CMTS and CMs, so you do not need to change the shared secret in the DOCSIS configuration files for the CMs.
SNR Algorithm Updated
Since Cisco IOS Release 12.2(4)BC1, the algorithm for calculating the SNR estimate in the show controllers cable upstream command was refined for a more accurate value. The new SNR estimate uses the algorithm as recommended by the chip manufacturer, and depending on plant characteristics, the new SNR value could be up to 6 dB lower than the values shown in earlier software releases.
Note This value is only an estimate—for the most accurate value, use specialized test equipment like a spectrum analyzer.
Avoiding the Dropping of SNMP Traps
When the snmp-server enable traps command is given without any options, it enables all traps, which can generate a significant number of traps at key events, such as system power-up. If the SNMP queue is not large enough to handle all of the traps, new traps will be dropped without notification until the existing traps are sent and slots become available in the queue.
You can do two things to avoid dropping traps in this situation:
•Increase the SNMP trap queue size. The default queue size is 10, which is insufficient to handle all traps. Use the snmp-server queue-length length global configuration command to increase the queue size. The length parameter can range from 10 to 1000. Increase the queue size until traps are no longer dropped.
•Disable unneeded SNMP traps. For example, if you do not need SYSLOG traps (which are sent for every message displayed on the console), disable those traps as follows:
router(config)# snmp-server enable trapsrouter(config)# no snmp-server enable traps syslogDOCSIS 1.0 BPI Support
To conform with a recent change in the DOCSIS 1.0 Baseline Privacy Interface (BPI) Specification, Cisco IOS Release 12.2(8)BC1 and later releases require that the Baseline Privacy Configuration Settings Option (Type 17) must be included in the DOCSIS configuration file for all DOCSIS 1.0 cable modems attempting to register for BPI encryption. If the type 17 option is not included, an "Unauthorized SAID" warning will appear in the CMTS console, and the cable modem will not be allowed to come online.
Previous Cisco IOS Releases allowed DOCSIS 1.0 cable modems to register for BPI encryption and to come online, even if the DOCSIS configuration file did not include the type 17 option. The change to the DOCSIS BPI specification, however, made the type 17 option mandatory for BPI operation.
For more information about this requirement, see the TAC technical note on Cisco.com at http://www.cisco.com/warp/public/109/bpi_changes_23895.html.
Limitation on Vendor-Specific Information in the DOCSIS Configuration File
DOCSIS requires that when the cable modem sends its Registration Request (REG-REQ) message to the CMTS, it must include the configuration information found in the DOCSIS configuration file. This configuration information must include all vendor-specific information fields (VSIF). Because MAC-layer management messages, such as REG-REQ, have a maximum data size of 1522 bytes, this limits the amount of VSIF information that can be included in the DOCSIS configuration file.
In particular, the maximum packet size imposes a limit on the number of Cisco IOS CLI commands you can include as VSIF fields in the DOCSIS configuration file. The exact number of commands that will fit depends on the other information included in the file, as well as the length of each command.
If the REG-REQ message is larger than 1522 bytes, the cable modem will likely report errors similar to the following errors that appear on Cisco uBR900 series cable access routers:
%LINK-4-TOOBIG: Interface cable-modem0, Output packet size of 1545 bytes too big%LINEPROTO-5-UPDOWN: Line protocol on Interface cable-modem0, changed state to downIn addition, the CMTS will also report that the cable modem timed out during the registration process. If this occurs, you can try the following steps:
•Reduce the length of the commands by using the abbreviated form of the command. For example, you can specify the int c0 instead of the full command interface cable-modem0.
•SNMP MIB objects are not included in the Registration Request message, so wherever possible, replace the CLI commands with the corresponding SNMP MIB object statements in the DOCSIS configuration file.
•If a large number of CLI commands must be given, use VSIF option 128 to download a Cisco IOS configuration file to the cable modem.
For complete details on what is included in the REG-REQ message, see Chapter 6 of the current DOCSIS 1.1 specification (SP-RFIv1.1-I07-010829 or later).
Note This limitation is being tracked by caveat CSCdv83892 but is not expected to be resolved unless the DOCSIS specification is changed to remove the maximum size limit for MAC-layer management messages.
Hot-Standby 1+1 Redundancy Not Supported
The hot-standby 1+1 redundancy feature is not supported on any model of the Cisco uBR7100 series universal broadband router. The HCCP protocol therefore should not be configured on the cable interface using the hccp interface configuration commands.
Cable Source-Verify and Routing Configurations
In current Cisco IOS Release 12.2 BC software images, the Cisco CMTS can crash with a "bus error exception" when the cable source-verify command is configured on a cable interface, and the routing configuration of that interface is being changed while traffic is passing through the interface.
To avoid this problem, temporarily disable this feature (using no cable source-verify) on the interface before you configure the routing parameters. Then after you have finished the routing configuration, reenable the feature using the cable source-verify command. Alternatively, you can also change the routing parameters when the interface is not passing traffic (such as when the interface is shut down).
EIGRP, IS-IS, and OSPF Not Supported on Cable Interfaces
The Cisco uBR7100 series router supports advanced routing protocols such as Enhanced Interior Gateway Routing Protocol (EIGRP), Intermediate System-to-Intermediate System (IS-IS), and Open Shortest Path First (OSPF) only on the WAN interfaces, not on the cable interfaces. On cable interfaces, use a routing protocol that is supported by the cable modems, such as RIPv2.
Configuring the Routing Protocol Causes a Reset of the Cable Modems
Be aware that when configuring a routing protocol on a Cisco uBR7100 series router, the Cisco IOS software must reset the interfaces to enable the change. This normally does not significantly affect operations on the interface, except that when this is done on a cable interface, it causes all cable modems on that particular downstream to reinitialize, potentially interfering with data transmission on that downstream. Therefore, you should use the routing protocol global configuration commands, such as router rip, only when a minimum of subscribers would be affected.
Field Notices and Bulletins
•Field Notices—Cisco recommends that you view the field notices for this release to see if your software or hardware platforms are affected. If you have an account on Cisco.com, you can find field notices at http://www.cisco.com/warp/customer/770/index.shtml. If you do not have a Cisco.com login account, you can find field notices at http://www.cisco.com/warp/public/770/index.shtml.
•Product Bulletins—If you have an account on Cisco.com, you can find product bulletins at http://www.cisco.com/warp/customer/cc/general/bulletin/index.shtml. If you do not have a Cisco.com login account, you can find product bulletins at http://www.cisco.com/warp/public/cc/general/bulletin/iosw/index.shtml.
•What's New for IOS — What's New for IOS lists recently posted Cisco IOS software releases and software releases that have been removed from Cisco.com. If you have an account on Cisco.com, you can access What's New for IOS at http://www.cisco.com/kobayashi/sw-center/sw-ios.shtml or by logging in and selecting Software Center: Cisco IOS Software: What's New for IOS.
Limitations and Restrictions
The following limitations and restrictions apply to Cisco IOS Release 12.2(11)BC3c.
Transparent LAN Service over Cable
The Transparent LAN Service over Cable feature in Cisco IOS Release 12.2(11)BC3 has the following restrictions and limitations:
•The virtual connections (VC) on the ATM interface must be configured to use ATM Adaptation Layer 5 (AAL5) IEEE 802.1a SubNetwork Attachment Point (SNAP) encapsulation. On Cisco routers, this means that each PVC endpoint must be configured for the proper encapsulation using the encapsulation aal5snap command.
•If a cable modem is being mapped to an ATM PVC, all of its CPE traffic is sent through the ATM tunnel through the ATM cloud, even if the ultimate destination is another cable modem on the same CMTS.
•Cable modems must have a one-to-one mapping with ATM PVCs, with each cable modem being mapped to its own ATM PVC. Cable modems cannot share a single PVC. Multiple PVCs from the same customer are aggregated at the ATM bridge aggregator into the same bridge group.
The spanning tree protocol cannot be used with devices (cable modems, their CPE devices, and the endpoint CPE devices) that are using this feature. In particular, the spanning tree protocol cannot be used between the ATM bridge aggregator and the endpoint customer devices.
MIBs
Current MIBs
To obtain lists of supported MIBs by platform and Cisco IOS release, and to download MIB modules, go to the Cisco MIB web site on Cisco.com at http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml
Supported MIBs
The Cisco uBR7100 series universal broadband routers support the following categories of MIBs:
•SNMP standard MIBs—These MIBs are required by any agent supporting SNMPv1 or SNMPv2 network management.
•Cisco's platform and network-layer enterprise MIBs—Common across most of Cisco's router platforms. If your network management applications are already configured to support other Cisco routers, such as the Cisco 2600 series or Cisco 7200 series, no further configuration is needed unless the version of Cisco IOS software being used has updated these MIBs.
•Cable-specific MIBs—Provide information about the cable interfaces and related information on the Cisco uBR7100 series routers. They include both DOCSIS-specific MIBs and Cisco-specific enterprise MIBs. If your network management applications have not already been configured for the Cisco uBR7100 series routers, these MIBs must be loaded.
•Deprecated MIBs—Supported in earlier releases of Cisco IOS software but have been replaced by more standardized, scalable MIBs. Network Management applications and scripts should convert to the replacement MIBs as soon as possible.
The cable-specific MIBs are described in the following section. For information on the SNMP standard MIBs and Cisco's platform and network-layer enterprise MIBs, see Cisco's MIB web site at http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml
Cable-Specific MIBs
Table 9 shows the cable-specific MIBs that are supported on the Cisco uBR7100 series universal broadband routers. The table also provides a brief description of each MIB's contents and the Cisco IOS software release in which the MIB was initially functional—earlier releases might have had unsupported prototype versions of the MIB; later releases might have added new attributes and functionality. Because of interdependencies, the MIBs must be loaded in the order given in the table.
Note The names given in Table 9 are the filenames for the MIBs as they exist on Cisco's FTP site (ftp://ftp.cisco.com/pub/mibs/ or http://www.cisco.com/public/mibs). Most MIBs are available in both SNMPv1 and SNMPv2 versions; the SNMPv1 versions have V1SMI as part of their filenames.
Deprecated MIBs
Old Cisco MIBs will be replaced in a future release. Currently, OLD-CISCO-* MIBs are being converted into more scalable MIBs without affecting existing Cisco IOS products or network management system (NMS) applications. You can update from deprecated MIBs to the replacement MIBs as shown in Table 10.
Note Some of the MIBs listed in Table 10 represent feature sets that are not supported on Cisco uBR7100 series universal broadband routers.
Note Cisco Management Information Base (MIB) User Quick Reference is no longer published. If you have an account with Cisco.com, you can find the current list of MIBs supported by Cisco. To reach the Cisco Network Management Toolkit, go to Cisco.com, press Login, and then go to Software Center: Network Mgmt Products: Cisco Network Management Toolkit: Cisco MIB.
Caveats
Caveats describe unexpected behavior in Cisco IOS software releases. Severity 1 caveats are the most serious caveats; severity 2 caveats are less serious. Severity 3 caveats are moderate caveats, and only select severity 3 caveats are included in the caveats document.
All caveats in Cisco IOS Release 12.2 T and specifically in Cisco IOS Release 12.2(15)T6 are also in Cisco IOS Release 12.2(15)BC2i.
For information on caveats in Cisco IOS Release 12.2 T, see Caveats for Cisco IOS Release 12.2 T, which lists severity 1 and 2 caveats and select severity 3 caveats for Cisco IOS Release 12.2 T and is located on Cisco.com and the Documentation CD-ROM.
Caveat numbers and brief descriptions for Cisco IOS Release 12.2(15)BC2i and earlier releases are listed in this section.
Note If you have an account on Cisco.com, you can use the Bug Toolkit to find select caveats of any severity. To reach the Bug Toolkit, log in to Cisco.com and click Technical Support: Tools & Utilities: Software BUG TOOLKIT (under Configuration Tools). Another option is to enter the following URL in your web browser or go to
http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl
Open Caveats for Release 12.2(15)BC2i
This section documents possible unexpected behavior by Cisco IOS Release 12.2(15)BC2i and describes only severity 1 and 2 caveats and select severity 3 caveats.
There are no known open caveats for Cisco IOS Release 12.2(15)BC2i.
Closed and Resolved Caveats for Release 12.2(15)BC2i
The caveats listed in Table 12 are resolved in Cisco IOS Release 12.2(15)BC2i. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Table 11 Closed and Resolved Caveats for Release 12.2(15)BC2i
Caveat ID Number DescriptionCSCei61732
Cisco IOS may permit arbitrary code execution after exploitation of a heap-based buffer overflow vulnerability. Cisco has included additional integrity checks in its software, as further described below, that are intended to reduce the likelihood of arbitrary code execution.
Cisco has made free software available that includes the additional integrity checks for affected customers.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20051102-timers.shtml.
CSCei76358
Through normal software maintenance processes, Cisco is removing deprecated functionality. These changes have no impact on system operation or feature availability.
Open Caveats for Release 12.2(15)BC2h
This section documents possible unexpected behavior by Cisco IOS Release 12.2(15)BC2h and describes only severity 1 and 2 caveats and select severity 3 caveats.
There are no known open caveats for Cisco IOS Release 12.2(15)BC2h.
Closed and Resolved Caveats for Release 12.2(15)BC2h
The caveats listed in Table 12 are resolved in Cisco IOS Release 12.2(15)BC2h. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Table 12 Closed and Resolved Caveats for Release 12.2(15)BC2h
Caveat ID Number DescriptionCSCef68324
Cisco Internetwork Operating System (IOS) software is vulnerable to a Denial of Service (DoS) and potentially an arbitrary code execution attack from a specifically crafted IPv6 packet. The packet must be sent from a local network segment. Only devices that have been explicitly configured to process IPv6 traffic are affected. Upon successful exploitation, the device may reload or be open to further exploitation.
Cisco has made free software available to address this vulnerability for all affected customers.
More details can be found in the security advisory that is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml..
Open Caveats for Release 12.2(15)BC2g
This section documents possible unexpected behavior by Cisco IOS Release 12.2(15)BC2g and describes only severity 1 and 2 caveats and select severity 3 caveats.
There are no known open caveats for Cisco IOS Release 12.2(15)BC2g.
Closed and Resolved Caveats for Release 12.2(15)BC2g
The caveats listed in Table 35 are resolved in Cisco IOS Release 12.2(15)BC2g. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Open Caveats for Release 12.2(15)BC2f
This section documents possible unexpected behavior by Cisco IOS Release 12.2(15)BC2f and describes only severity 1 and 2 caveats and select severity 3 caveats.
There are no known open caveats for Cisco IOS Release 12.2(15)BC2f.
Closed and Resolved Caveats for Release 12.2(15)BC2f
The caveats listed in Table 14 are resolved in Cisco IOS Release 12.2(15)BC2f. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Open Caveats for Release 12.2(15)BC2e
This section documents possible unexpected behavior by Cisco IOS Release 12.2(15)BC2e and describes only severity 1 and 2 caveats and select severity 3 caveats.
There are no known open caveats for Cisco IOS Release 12.2(15)BC2e.
Closed and Resolved Caveats for Release 12.2(15)BC2e
The caveats listed in Table 15 are resolved in Cisco IOS Release 12.2(15)BC2e. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Table 15 Closed and Resolved Caveats for Release 12.2(15)BC2e
Caveat ID Number DescriptionCSCdy01705
A Cisco router may experience high cpu utilization at process TTY Background when the command logging synchronous is configured under line con 0.
Workaround: Remove the command logging synchronous from line con 0. However, this should only be performed during a scheduled maintenance window, as the router could pause indefinitely just after removal of the command and may require a manual reboot of the router.
CSCed27848
UBR with IOS 12.2(15)BC1 and 12.2(15)BC1a has a problem with loading startup-config after reload with BPI+ configuration and cable modems. When BPI+ is enabled in a cable modems' config file after reload CMTS doesn't load startup-config. This is version specific 12.2(15)BC1 and 12.2(15)BC1a seems to have this issue.
There are no known workarounds.
CSCee61429
The MC28u, MC28x, MC16u, and MC16x real time clock drifts from the NPE clock.
Due to a code omission in IOS 12.2(15)CX, 12.2(15)BC1a-e, and 12.2(15)BC2a-d, the real time clock on the MC28u, MC28x, MC16u, and MC16x Cable Line Cards for the uBR7246VXR is not kept in sync with the real time clock on the NPE. The estimated drift is approximately +/- 1.3 minutes per month, and is somewhat temperature sensitive.
The linecard clock is updated each time the system is reloaded, but not afterwards.
The linecard clock is not updated even if NTP is configured on the NPE.
The drift can cause a problem where modems will eventually be in the reject(ts) state if the modem config file is set to contain a timestamp (see CSCef71411) and the drift is greater than 30 seconds.
Workaround: If possible, write a script to periodically extract the current time from the NPE and login to the linecard using if-con/if-quit and set the time to the NPE value.
Alternative workaround 1: Reload during a service window.
Alternative workaround 2: Turn off timestamp.
CSCef04492
snmpwalk on cdrqCmtsCmStatusTable does not show consistent result.
There are no known workarounds.
CSCef09586
If DHCP server in one of the configured VRF's has IP address that is matching broadcast address of the IP subnetwork used in another VRF (another subinterface), than cable modems will not come on-line and stay in init(d).
This issue occurs if the user has DHCP server in VRF1 using IP address 10.2.16.15 and configure ip address 10.2.16.1 255.255.255.240 on subinterface that belongs to VRF2.
This issue has been noticed with following tested images: 12.2(11)BC2 and 12.2(15)BC1d.
Workaround: Changing IP address of the DHCP server or changing IP address scope in another VRF will resolve this issue.
CSCef09770
Each flow appear in a different time with a different sid in docsIfCmtsServiceTable, but the docsIfCmtsServiceCreateTime are the same for all sids.
There are no known workarounds.
CSCef19398
Momentary (about 1 second) of ping packet lost was observed when changing downstream modulation rate on another cable interface on the same line card.
Once DS cable interface is reinitialized, ping operation returns to normal (successful reception of ping packets).
There are no known workarounds.
CSCef20890
A Cisco ubr7246VXR running Cisco IOS Release 12.2(15)BC1 may reload unexpectedly due to a bus error.
There are no known workarounds.
CSCef27943
The following error message is displayed at inappropriate times:
DSG tunnel MAC address already defined in DOCSISThe following three valid configuration sequences have been incorrectly flagged with the above error message:
1. add/remove/readd of a DSG mapping on a cable bundle master interface.
2. mapping more than 1 IP address to a tunnel on a cable bundle master interface.
3. Configuring an RFC1112 based DSG tunnel and an non-DSG static IP multicast group which both use the same MAC address on a cable bundle master interface.
Workaround: For the first sequence listed above, a shut/no shut will turn of the cable bundle master and will allow the DSG tunnel to be readded. No workaround exists for the other 2 sequences.
CSCef31956
This caveat improves reverse arp lookup on the CMTS for modem bringup.
There are no known workarounds.
CSCef37495
Sync Pulse failure detection mechanism is not working for N+1/7200 solution.
Workaround: Use Fast Failure Detection for crash detection.
CSCef46191
A specifically crafted Transmission Control Protocol (TCP) connection to a telnet or reverse telnet port of a Cisco device running Internetwork Operating System (IOS) may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases Hypertext Transport Protocol (HTTP) access to the Cisco device. Telnet, reverse telnet, RSH and SSH sessions established prior to exploitation are not affected. All other device services will operate normally.
User initiated specially crafted TCP connection to a telnet or reverse telnet port results in blocking further telnet sessions. Whereas, services such as packet forwarding, routing protocols and all other communication to and through the device remains unaffected.
There are no known workarounds.
The detail advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtmlCSCef54205
If an MTA has multiple lines and both the lines are being used to make calls, call failures could happen in certain scenarios.
Examples:
Scenario 1:
Line 1 has a call in progress, meanwhile, Line 2 makes a new call, then hangs up, and makes another new call, then hangs up, and so on. After sometime line 2 will not be able to make a call.
Scenario 2:
Line 1 is having a call, Line 2 makes a new call. Before Line 2 hangs up, Line 1 hangs up and makes another call. Same for Line 2, it hangs up and makes another call _before_ Line 1 hangs up, and vice versa. After sometime line 1 and 2 will not be able to make new calls.
This issue occurs because activity count on the CMTS does not get decremented in each of the above scenarios (even if the call on a line goes away). As a result the activity count reaches its limit and new calls are not allowed.
However, at any instance, if both lines are disconnected, the activity count will be reset again.
Workaround: Increase the activity count on BTS to a large number. This way, even if the activity counts are not decremented at call termination, new calls will be allowed till the activity count is maxed out. When both the lines are terminated, the count will be reset automatically.
In the case where the MTA contains 2 lines only, it should not have a big impact since it won't use up a lot of resources even if someone is trying to abuse the system by making multiple calls simultaneously. Moreover, it is a counter issue only, all the actual resources, such as service-flows, gates, etc, they are all freed up.
CSCef59093
Cisco uBR-MC28U cable interface line card may unexpectedly reload in an ubr7200 series CMTS running IOS release 12.2(15)BC2b.
The issue only occurs with MC28U line card. MC16C in the same chassis works fine.
There are no known workarounds.
CSCef68286
A cable modem termination system (CMTS) may record a traceback when you either remove a Fast Ethernet (FE) member interface of an EtherChannel interface by entering the shutdown interface configuration command or you add an FE member interface to an EtherChannel interface by entering the no shutdown interface configuration command.
This issue is observed on a Cisco uBR7200 series when IP unicast traffic is sent in both the downstream and the upstream direction.
Workaround: When new member FE interface is added to the EtherChannel interface, take the following steps:
1. Enter the shutdown interface configuration command on both the new FE member interface and the EtherChannel interface.
2. Add the FE member interface by entering the channel-group port-channel-number interface configuration command on the FE member interface.
3. Enter the no shutdown interface configuration command on the Etherchannel interface.
When an FE member interface is remove from the EtherChannel interface, take the following steps:
1. Enter the shutdown interface configuration command on the EtherChannel interface.
2. Remove the FE member interface by entering the no channel-group port-channel-number interface configuration command on the FE member interface.
3. Enter the no shutdown interface configuration command on the Etherchannel interface.
CSCef70739
A "MAXMEMORY USED Reached maximum amount of memory allocated for stile" error is displayed at the console and the "Active links" for the show ip nbar resources command will show 4 GB plus.
This issue occurs when the NBAR feature is activated, i.e when "match protocol <protocol-name>" is included in a policy map, or "ip nbar protocol-discovery" is applied on an interface, the "MAXMEMORY USED Reached maximum amount of memory allocated for stile" error may appear on the console.
Workaround: Perform no ip nbar resources to reset active links back to zero.
CSCef73242
Cisco ubr7200 series CMTS running IOS release 12.2(15)BC2b may not guarantee configured QoS levels on Downstream dynamic Service Flows in VoIP networks.
The issue can be seen with very high SFIDs (between 32768 and 65535) and when cable modems are provisioned with non-zero Active QoS Timeout.
Workaround: Increase the bandwidth for Best Effort (BE) flow.
CSCin82407
Cisco Internetwork Operating System (IOS) Software release trains 12.2T, 12.3 and 12.3T may contain vulnerabilities in processing certain Internet Key Exchange (IKE) Xauth messages when configured to be an Easy VPN Server.
Successful exploitation of these vulnerabilities may permit an unauthorized user to complete authentication and potentially access network resources.
This advisory will be posted to http://www.cisco.com/warp/public/707/cisco-sa-20050406-xauth.shtml
Open Caveats for Release 12.2(15)BC2c
All the caveats listed in Table 16 are open and reported in Cisco IOS Release 12.2(15)BC2c. This table lists only severity 1 and 2 caveats and select severity 3 caveats.
Closed and Resolved Caveats for Release 12.2(15)BC2c
The caveats listed in Table 17 are resolved in Cisco IOS Release 12.2(15)BC2c. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Open Caveats for Release 12.2(15)BC2b
All the caveats listed in Table 18 are open and reported in Cisco IOS Release 12.2(15)BC2b. This table lists only severity 1 and 2 caveats and select severity 3 caveats.
Closed and Resolved Caveats for Release 12.2(15)BC2b
The caveats listed in Table 19 are resolved in Cisco IOS Release 12.2(15)BC2b. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Open Caveats for Release 12.2(15)BC2a
All the caveats listed in Table 20 are open and reported in Cisco IOS Release 12.2(15)BC2a. This table lists only severity 1 and 2 caveats and select severity 3 caveats.
Closed and Resolved Caveats for Release 12.2(15)BC2a
The caveats listed in Table 21 are resolved in Cisco IOS Release 12.2(15)BC2a. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Open Caveats for Release 12.2(15)BC2
All the caveats listed in Table 22 are open and reported in Cisco IOS Release 12.2(15)BC2. This table lists only severity 1 and 2 caveats and select severity 3 caveats.
Closed and Resolved Caveats for Release 12.2(15)BC2
The caveats listed in Table 23 are resolved in Cisco IOS Release 12.2(15)BC2. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Open Caveats for Release 12.2(15)BC1g
This section documents possible unexpected behavior by Cisco IOS Release 12.2(15)BC1g and describes only severity 1 and 2 caveats and select severity 3 caveats.
There are no known open caveats for Cisco IOS Release 12.2(15)BC1g.
Closed and Resolved Caveats for Release 12.2(15)BC1g
The caveats listed in Table 24 are resolved in Cisco IOS Release 12.2(15)BC1g. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Open Caveats for Release 12.2(15)BC1f
This section documents possible unexpected behavior by Cisco IOS Release 12.2(15)BC1f and describes only severity 1 and 2 caveats and select severity 3 caveats.
There are no known open caveats for Cisco IOS Release 12.2(15)BC1f.
Closed and Resolved Caveats for Release 12.2(15)BC1f
The caveats listed in Table 25 are resolved in Cisco IOS Release 12.2(15)BC1f. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Table 25 Closed and Resolved Caveats for Release 12.2(15)BC1f
Caveat ID Number DescriptionCSCed61110
Cisco ubr7200 series CMTS running IOS release 12.2(15)BC1 may experience a software-forced crash after a watchdot timiout in CMTS MAC Timer process.
The failure occurred on a platform with NPE-G1.
There are no known workarounds.
CSCee64504
A CPUHOG may occur for about 4.5 seconds when you enter the show running-config command.
This issue is observed on a Cisco uBR10000 series but may also occur on other platforms.
Workaround: Do not enter the show running-config command. Rather, enter the show config command.
CSCef09586
If DHCP server in one of the configured VRF's has IP address that is matching broadcast address of the IP subnetwork used in another VRF (another subinterface) than cable modems will not come on-line and stay in init(d).
If customer has DHCP server in VRF1 using IP address 10.2.16.15 and configure ip address 10.2.16.1 255.255.255.240 on subinterface that belongs to VRF2, problem will occur.
This issue has been noticed with following tested images: 12.2(11)BC2, 12.2(15)BC1d.
Workaround: Changing IP address of the DHCP server or changing IP address scope in another VRF will resolve the problem.
CSCef20890
A Cisco ubr7246VXR running Cisco IOS Release 12.2(15)BC1 may unexpectedly reload due to a bus error.
There are no known workarounds.
CSCef46191
A specifically crafted Transmission Control Protocol (TCP) connection to a telnet or reverse telnet port of a Cisco device running Internetwork Operating System (IOS) may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases Hypertext Transport Protocol (HTTP) access to the Cisco device. Telnet, reverse telnet, RSH and SSH sessions established prior to exploitation are not affected.
All other device services will operate normally.
This issue occurs when user initiated specially crafted TCP connection to a telnet or reverse telnet port results in blocking further telnet sessions. Whereas, services such as packet forwarding, routing protocols and all other communication to and through the device remains unaffected.
Workaround: The detail advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtmlCSCin82407
Cisco Internetwork Operating System (IOS) Software release trains 12.2T, 12.3 and 12.3T may contain vulnerabilities in processing certain Internet Key Exchange (IKE) Xauth messages when configured to be an Easy VPN Server.
Successful exploitation of these vulnerabilities may permit an unauthorized user to complete authentication and potentially access network resources.
This advisory will be posted to http://www.cisco.com/warp/public/707/cisco-sa-20050406-xauth.shtml
Open Caveats for Release 12.2(15)BC1d
All the caveats listed in Table 26 are open and reported in Cisco IOS Release 12.2(15)BC1d. This table lists only severity 1 and 2 caveats and select severity 3 caveats.
Closed and Resolved Caveats for Release 12.2(15)BC1d
The caveats listed in Table 27 are resolved in Cisco IOS Release 12.2(15)BC1d. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Open Caveats for Release 12.2(15)BC1c
All the caveats listed in Table 28 are open and reported in Cisco IOS Release 12.2(15)BC1c. This table lists only severity 1 and 2 caveats and select severity 3 caveats.
Closed and Resolved Caveats for Release 12.2(15)BC1c
The caveats listed in Table 29 are resolved in Cisco IOS Release 12.2(15)BC1c. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Table 29 Closed and Resolved Caveats for Release 12.2(15)BC1c
Caveat ID Number DescriptionCSCec87802
High cpu utilization mostly due to CEF Scanner.
This issue is observed on a uBR10k series that is running IOS 12.2(15)BC1.
There are no known workarounds.
CSCed06821
When the following IOS configurations are used together, some modems become stuck in the state "init (o)" and cannot come online. These modems will cycle through various registration states, but do not come online. The issue is specific to a minority of modem brands.
ip tftp-source interface <interface>- where <interface> is not the cable interfacecable dynamic-secret <any setting>The issue grows to all modem brands if an access lists prevents TFTP traffic between the modem and the <interface> specified above.
Workaround: Remove the CMTS configuration:
ip tftp-source interface <interface> command.use FTP for logging and management files.CSCed14904
A Cisco Universal Broadband Router may reload unexpectedly as a result of it's memory getting corrupted.
This issue occurs only when using CMTS remote query feature.
Workaround: Disable the CMTS remote query. If the CMTS remote query must be use, then there are no known workarounds.
CSCed27956
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
CSCed38527
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
CSCed67484
CSCed14039 fixed A WDT problem for the NPE-G1. A first set of diffs were ported from this DDTS to Cable BC release train in Nov., 2003. Later another set of diffs were committed to the same DDTS that fixes the problem at more of a root cause level.
This DDTS was opened to port the 2nd commit against CSCec14039 to the Cable BU branches.
There are no known workarounds.
CSCed73075
Customer reported a NPE-400 crash. The crash was identified to be missing of CSCec58486 in the Cable BU BC train.
There are no known workarounds.
CSCin43613
The Fast Ethernet (FE) switching performance on a Cisco 7200 series was altered by implementing the fix for:
CSCdw00953 - TX-ISL 1 port FE PA wont go DOWN immediately after loss of carrier.
The fix went into: 12.2(16)BX 12.3(1)BW 12.2(16)B 12.2(15)ZN 12.2(17)B 12.3(15)
PI 12.2(16)S 12.3(15)PI 12.2(15)T 12.2(15)
If you are running an IOS list above or later, you may see a performance change from earlier IOS. You regain the performance, you must load an IOS that contains this bug fix.
This issue is observed on any FE switching path of a 7200 router.
There are no known workarounds.
Open Caveats for Release 12.2(15)BC1b
All the caveats listed in Table 30 are open and reported in Cisco IOS Release 12.2(15)BC1b. This table lists only severity 1 and 2 caveats and select severity 3 caveats.
Closed and Resolved Caveats for Release 12.2(15)BC1b
The caveats listed in Table 31 are resolved in Cisco IOS Release 12.2(15)BC1b. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Open Caveats for Release 12.2(15)BC1a
All the caveats listed in Table 32 are open and reported in Cisco IOS Release 12.2(15)BC1a. This table lists only severity 1 and 2 caveats and select severity 3 caveats.
Closed and Resolved Caveats for Release 12.2(15)BC1a
The caveats listed in Table 33 are resolved in Cisco IOS Release 12.2(15)BC1a. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Open Caveats for Release 12.2(15)BC1
All the caveats listed in Table 34 are open and reported in Cisco IOS Release 12.2(15)BC1. This table lists only severity 1 and 2 caveats and select severity 3 caveats.
Closed and Resolved Caveats for Release 12.2(15)BC1
The caveats listed in Table 35 are resolved in Cisco IOS Release 12.2(15)BC1. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Table 35 Closed and Resolved Caveats for Release 12.2(15)BC1
Caveat ID Number DescriptionCSCdu13269
Attempt to free Unassigned memory, System reloads
CSCdu53656
A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet. BGP MD5 is a valid workaround for this problem.
Cisco has made free software available to address this problem. For more details, please refer to this advisory, available at http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml.
CSCdz46435
Traceback at frame_relay_extract_addr after igmp_get_mac_or_ip_srcad
CSCdz71127
corrupted packet can cause input queue wedge - reg to CSCdx02283
CSCdz74683
rate-limiting should happen after PHS is taken into account
CSCdz85694
SYS-2-INTSCHED:may_suspend when changing GigE config on NPE-G1
CSCea02355
rare ip packets may cause input queue wedge
CSCea08892
change buffer allocations in VXR
CSCea14372
CMTS should calculate the dynamic map advance based on max delay
CSCea21911
CMTS Crashes randomly under load
CSCea28131
A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet. BGP MD5 is a valid workaround for this problem.
Cisco has made free software available to address this problem. For more details, please refer to this advisory, available at http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml.
CSCea29514
NPE-G1:Aux port do not work after changing configuration
CSCea41560
show cable modem verbose shows wrong value for active classifiers
CSCea55917
LC-HA:BPI broken for dynamic service flows
CSCea56592
OIR causes Q Wedge with bundle when OIR of different card types
CSCea57826
NPE-G1:GE Rx input stuck
CSCea60814
Internal configuration file editor does no longer work
CSCea64738
make <cable int> optional in clear cable modem command
CSCea71170
LC-HA: First switch-over from W->P fails when call is in session
CSCea78353
Intermittent packet drop by CEF when interface is cable bundle master
CSCea81983
Pktcbl: should delete associate DS SF when receiving US SF DSD
CSCea88356
ubr7200/MC16B:Calibration bad for 3.2MHz channel width
CSCea92361
7200/16s:DSP stops responding with continuous SNMP query. (ACK 39)
CSCea92806
NPEG1 crashed during PA-MC-E3 OIR
CSCea93586
OIR causes trace backs at cmts_ds_trafshap_out
CSCeb01067
NPE-G1:Add support for MRVL88E1111 PHY and remove debugs
CSCeb02553
Upstream port in shared spectrum group can go down and stay down
CSCeb09043
CMTS stops generating Initial Maintenance opportunities
CSCeb11987
Pktcbl: em-n-02182 remove Call Answer and Disconnect EM
CSCeb12127
Traceback from cmts_check_us_input_power_level_range
CSCeb12966
Pktcbl: remove media_cnx object per ECN dqos-n-02185
CSCeb13881
Alignment error and traceback at cmts_rx_interrupt, cmts_mac2
CSCeb14298
Pktcbl: clfr information missing/broken in CMTS DSC-REQ
CSCeb14562
Gig intf on NPE-G1 bounces when adding bridging on subintf
CSCeb21271
CSCdz66185 limits the number of DOCSIS 1.0+ modems allowed on a DS
CSCeb22301
NPE-G1 breaks into ROMMON or boot-mode when boot up
CSCeb29707
Interface counters show output drops when no drops in serv.flow count
CSCeb38067
all cms offlined in MC16C in 12.1(10)EC1 and 12.1(13)EC3.
CSCeb38851
Traceback and Alignment errors in DMIC routines
CSCeb40414
CLI for modulation profile does not check validity if first digit 0
CSCeb44085
PacketCable: Gate Open is not being sent
CSCeb44118
Packetcable: Radius information is not being send
CSCeb45272
CMTS crash during modem registration
CSCeb45392
Add protection for a NULL pointer in cmts_bind_cm_to_upstream
CSCeb46162
PacketCable: Bogus gate id lookup error when service flow timeout
CSCeb51330
Traceback and traffic stop after OIR in int-bundling env
CSCeb56680
Modem entry can exist on multiple interfaces
CSCeb58771
fair_enqueue called from process without int protection
CSCeb59740
ubr7200 may crash with FIFO queueing on DOCSIS interface
CSCeb63130
CMTS does not send DSD after receiving gate-delete
CSCeb63747
Modems online with 0.0.0.0 IP address
CSCeb82492
load balancing: threshold stability cmd wrong in NVRAM
CSCeb84099
MC16S:cmts crash at Bus Error after DSP failed to respond
CSCeb85140
ALIGN-3-SPURIOUS traceback with pktcbl_handle_commit_msg
CSCin20408
CMTS displays invalid CLI under show cable tech-support output
CSCin29936
ciscoEnvMonSupplySource returns incorrect values
CSCin31951
SNMP: Traceback at timer_start while config session timeout to max va
CSCin36943
Show Version displays erratic number of interfaces after OIR of FE
Open Caveats for Release 12.2(11)BC3d
There are no open caveats specific to Cisco IOS Release 12.2(11)BC3d that require documentation in the release notes.
Closed and Resolved Caveats for Release 12.2(11)BC3d
The caveat listed in Table 36 is resolved in Cisco IOS Release 12.2(11)BC3d. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Table 36 Closed and Resolved Caveats for Release 12.2(11)BC3c
Caveat ID Number DescriptionCSCeb78345
Initial maintenance slots not created under some circumstances
Open Caveats for Release 12.2(11)BC3c
Except for the caveats listed as closed and resolved in Table 37, Cisco IOS Release 12.2(11)BC3c contains the same open caveats as Cisco IOS Release 12.2(11)BC3b, which are listed in Table 38.
Closed and Resolved Caveats for Release 12.2(11)BC3c
The caveats listed in Table 37 are resolved in Cisco IOS Release 12.2(11)BC3c. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Table 37 Closed and Resolved Caveats for Release 12.2(11)BC3c
Caveat ID Number DescriptionCSCdz71127
corrupted packet can cause input queue wedge - reg to CSCdx02283
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at:
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
CSCea02355
rare ip packets may cause input queue wedge
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at:
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
CSCeb09043
CMTS stops generating Initial Maintenance opportunities
Open Caveats for Release 12.2(11)BC3b
All the caveats listed in Table 38 are open and reported in Cisco IOS Release 12.2(11)BC3b. This table lists only severity 1 and 2 caveats and select severity 3 caveats.
Closed and Resolved Caveats for Release 12.2(11)BC3b
The caveats listed in Table 39 are resolved in Cisco IOS Release 12.2(11)BC3b. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Open Caveats for Release 12.2(11)BC3
All the caveats listed in Table 40 are open and reported in Cisco IOS Release 12.2(11)BC3. This table lists only severity 1 and 2 caveats and select severity 3 caveats.
Closed and Resolved Caveats for Release 12.2(11)BC3
The caveats listed in Table 41 are resolved in Cisco IOS Release 12.2(11)BC3. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Open Caveats for Release 12.2(11)BC2
All the caveats listed in Table 42 are open in Cisco IOS Release 12.2(11)BC2. This table lists only severity 1 and 2 caveats and select severity 3 caveats.
Closed and Resolved Caveats for Release 12.2(11)BC2
The caveats listed in Table 43 are resolved in Cisco IOS Release 12.2(11)BC2. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Open Caveats for Release 12.2(11)BC1b
There are no open caveats specific to Cisco IOS Release 12.2(11)BC1b that require documentation in the release notes.
Closed and Resolved Caveats for Release 12.2(11)BC1b
The caveat listed in Table 44 is resolved in Cisco IOS Release 12.2(11)BC1b. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Table 44 Closed and Resolved Caveats for Release 12.2(11)BC1b
Caveat ID Number DescriptionCSCdz16916
Static hosts behind CM w/ multiple IP on one MAC loose connectivity
Open Caveats for Release 12.2(11)BC1a
All the caveats listed in Table 45 are open in Cisco IOS Release 12.2(11)BC1a. This table lists only severity 1 and 2 caveats and select severity 3 caveats.
Closed and Resolved Caveats for Release 12.2(11)BC1a
All the caveats listed in Table 46 are resolved in Cisco IOS Release 12.2(11)BC1a. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Open Caveats for Release 12.2(11)BC1
All the caveats listed in Table 47 are open in Cisco IOS Release 12.2(11)BC1. This table lists only severity 1 and 2 caveats and select severity 3 caveats.
Closed and Resolved Caveats for Release 12.2(11)BC1
All the caveats listed in Table 48 are resolved in Cisco IOS Release 12.2(11)BC1. This table describes only severity 1 and 2 caveats and select severity 3 caveats
Open Caveats for Release 12.2(8)BC2a
There are no open caveats specific to Cisco IOS Release 12.2(8)BC2a that require documentation in the release notes.
Closed and Resolved Caveats for Release 12.2(8)BC2a
All the caveats listed in Table 49 are resolved in Cisco IOS Release 12.2(8)BC2a. This table describes only severity 1 and 2 caveats and select severity 3 caveats
Table 49 Closed and Resolved Caveats for Release 12.2(8)BC2a
Caveat ID Number DescriptionCSCdy10672
TLB exception in cmts_cm_lookup
Open Caveats for Release 12.2(8)BC2
All the caveats listed in Table 50 are open in Cisco IOS Release 12.2(8)BC2. This table lists only severity 1 and 2 caveats and select severity 3 caveats.
Closed and Resolved Caveats for Release 12.2(8)BC2
All the caveats listed in Table 51 are resolved in Cisco IOS Release 12.2(8)BC2. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Open Caveats for Release 12.2(8)BC1
All the caveats listed in Table 52 are open in Cisco IOS Release 12.2(8)BC1. This table lists only severity 1 and 2 caveats and select severity 3 caveats.
Closed and Resolved Caveats for Release 12.2(8)BC1
All the caveats listed in Table 53 are resolved in Cisco IOS Release 12.2(8)BC1. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Table 53 Closed and Resolved Caveats for Cisco IOS Release 12.2(8)BC1
Caveat ID Number
Description
CSCdx16713
Erroneous upstream IP packet causes buffer inconsistency
Open Caveats for Release 12.2(4)BC1b
All the caveats listed in Table 54 are open in Cisco IOS Release 12.2(4)BC1b. This table lists only severity 1 and 2 caveats and select severity 3 caveats.
Table 54 Open Caveats for Release 12.2(4)BC1b
Caveat ID Number DescriptionCSCdw69389
Crash at cmts_ds_trafshap_out, cal_queue_dequeue, cmts_ds_pak_handle
Closed and Resolved Caveats for Release 12.2(4)BC1b
All the caveats listed in Table 55 are resolved in Cisco IOS Release 12.2(4)BC1b. This table describes only severity 1 and 2 caveats and select severity 3 caveats.
Open Caveats for Release 12.2(4)BC1a
There are no open caveats specific to Cisco IOS Release 12.2(4)BC1a that require documentation in the release notes.
Closed and Resolved Caveats for Release 12.2(4)BC1a
All the caveats listed in this section are resolved in Cisco IOS Release 12.2(4)BC1a. Table 56 describes only severity 1 and 2 caveats and select severity 3 caveats.
Table 56 shows the severity 1 and severity 2 caveats that exist for Cisco IOS Release 12.2(4)BC1.
Open Caveats for Release 12.2(4)BC1
Table 57 shows the severity 1 and severity 2 caveats that exist for Cisco IOS Release 12.2(4)BC1.
Closed and Resolved Caveats for Release 12.2(4)BC1
Cisco IOS Release 12.2(4)BC1 is the first release in the 12.2 BC train for the Cisco uBR7100 series routers but Table 58 shows the closed or resolved caveats that existed in previous releases that are also resolved in this release.
Open Caveats for Release 12.2(4)XF1
No severity 1 or severity 2 caveats exist for Cisco IOS Release 12.2(4)XF1 for the Cisco uBR7100 series routers.
Closed and Resolved Caveats for Release 12.2(4)XF1
Cisco IOS Release 12.2(4)XF1 was the first release in the 12.2 XF train for the Cisco uBR7100 series routers, but Table 59 shows the closed or resolved caveats that existed in previous releases that are also resolved in this release.
Table 59 Closed and Resolved Caveats for Release 12.2(4)XF1
Caveat ID Number DescriptionCSCdw03863
Crash with watchdog timeout in IGMP Input process
Related Documentation
The following sections describe the documentation available for the Cisco uBR7100 series. These documents consist of hardware and software installation guides, Cisco IOS configuration guides and command references, system error messages, feature modules, and other documents.
Documentation is available as printed manuals or electronic documents, except for feature modules, which are available online on Cisco.com and the Documentation CD-ROM.
Use these release notes with these documents:
•Cisco IOS Software Documentation Set
Release-Specific Documents
The following documents are specific to Cisco IOS Release 12.2 T and are located on Cisco.com and the Documentation CD-ROM:
•Cross-Platform Release Notes for Cisco IOS Release 12.2 T
On Cisco.com at:
Technical Documents: Cisco IOS Software: Cisco IOS Release 12.2 T: Release Notes: Cross-Platform Release Notes
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.2 T: Release Notes: Cross-Platform Release Notes
•Product bulletins, field notices, and other release-specific documents on Cisco.com at:
Technical Documents
•Caveats for Cisco IOS Release 12.2 T
As a supplement to the caveats listed in "Caveats" in these release notes, see Caveats for Cisco IOS Release 12.2 T, which contains caveats applicable to all platforms for all maintenance releases of Cisco IOS Release 12.2 T.
On Cisco.com at:
Technical Documents: Cisco IOS Software: Cisco IOS Release 12.2 T: Release Notes: Caveats
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.2 T: Caveats
Note If you have an account on Cisco.com, you can also use the Bug Toolkit to find select caveats of any severity. To reach the Bug Toolkit, log in to Cisco.com and click Service & Support: Software Center: Cisco IOS Software: BUG TOOLKIT. Another option is to go to http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl.
Platform-Specific Documents
The following documents are available for the Cisco uBR7100 series universal broadband routers on Cisco.com and the Documentation CD-ROM:
•Cisco uBR7100 Series Hardware Installation Guide
•Cisco uBR7100 Series Software Configuration Guide
•Cisco uBR7100 Series Power Supply Installation
•Broadband Cable Command Reference Guide
On Cisco.com, beginning under the Service & Support heading:
Technical Documents: Documentation Home Page: Broadband Access: Cable: Cisco uBR7100 Series Universal Broadband Routers
Note The Broadband Command Consolidation is available on Cisco.com through the following path:
Technical Documents: Documentation Home Page: Broadband/Cable Solutions
On the Documentation CD-ROM:
Cisco Product Documentation: Broadband Access: Cable: Cisco uBR7100 Series Universal Broadband Routers
Note The Broadband Command Consolidation is available on the Documentation CD-ROM through the following path: Cisco Product Documentation: Broadband/Cable Solutions
Tips Information about features of the Cisco uBR7100 series universal broadband router, as well as software release notes, are available on Cisco.com at:
http://www.cisco.com/univercd/cc/td/doc/product/cable/index.htm
Feature Modules
Feature modules describe new software enhancements, committed as features, supported by Cisco IOS Release 12.2(15)BC2i, and are updates to the Cisco IOS documentation set. A feature module consists of a brief overview of the feature, benefits, and configuration tasks, and a command reference. As updates, the feature modules are available online only. Feature-module information is incorporated in the next printing of the Cisco IOS documentation set.
On Cisco.com at:
Technical Documents: Cisco IOS Software: Cisco IOS Release 12.2 T: New Feature Documentation
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.2 T: New Feature Documentation
Cisco Feature Navigator
Cisco IOS software is packaged in feature sets that are supported on specific platforms. To get updated information regarding platform support for this feature, access Cisco Feature Navigator. Cisco Feature Navigator dynamically updates the list of supported platforms as new platform support is added for the feature.
Cisco Feature Navigator is a web-based tool that enables you to quickly determine which Cisco IOS software images support a specific set of features and which features are supported in a specific Cisco IOS image. You can search by feature or release. Under the release section, you can compare releases side by side to display both the features unique to each software release and the features in common.
To access Cisco Feature Navigator, you must have an account on Cisco.com. If you have forgotten or lost your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will verify that your e-mail address is registered with Cisco.com. If the check is successful, account details with a new random password will be e-mailed to you. Qualified users can establish an account on Cisco.com by following the directions found at this URL:
Cisco Feature Navigator is updated regularly when major Cisco IOS software releases and technology releases occur. For the most current information, go to the Cisco Feature Navigator home page at the following URL:
http://www.cisco.com/cgi-bin/Support/FeatureNav/FN.pl
Cisco IOS Software Documentation Set
The Cisco IOS software documentation set consists of the Cisco IOS configuration guides, Cisco IOS command references, and several other supporting documents. The Cisco IOS software documentation set is shipped with your order in electronic form on the Documentation CD-ROM, unless you specifically ordered the printed versions.
Documentation Modules
Each module in the Cisco IOS documentation set consists of one or more configuration guides and one or more corresponding command references. Chapters in a configuration guide describe protocols, configuration tasks, and Cisco IOS software functionality, and contain comprehensive configuration examples. Chapters in a command reference provide complete command syntax information. Use each configuration guide with its corresponding command reference.
On Cisco.com and the Documentation CD-ROM, two master hot-linked documents provide information for the Cisco IOS software documentation set.
On Cisco.com, beginning under the Service & Support heading:
Technical Documents: Cisco IOS Software Configuration: Cisco IOS Release 12.2: Configuration Guides and Command References
On the Documentation CD-ROM:
Cisco IOS Software Configuration: Cisco IOS Release 12.2: Configuration Guides and Command References
Release 12.2 Documentation Set
Note You can find the most current Cisco IOS documentation on Cisco.com and the Documentation CD-ROM. These electronic documents may contain updates and modifications made after the paper documents were printed.
On Cisco.com, beginning under the Service & Support heading:
Technical Documents: Cisco IOS Software Configuration: Cisco IOS Release 12.2: Configuration Guides and Command References
On the Documentation CD-ROM:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.2: Configuration Guides and Command References
Note The Cisco Management Information Base (MIB) User Quick Reference publication is no longer published. For the latest list of MIBs supported by Cisco, see Cisco Network Management Toolkit on Cisco.com. From Cisco.com, click on the following path: Service & Support: Software Center: Network Mgmt Products: Cisco Network Management Toolkit: Cisco MIB.
Note The Cisco Management Information Base (MIB) User Quick Reference publication is no longer published. For the latest list of MIBs supported by Cisco, see Cisco Network Management Toolkit on Cisco.com. From Cisco.com, click on the following path: Service & Support: Software Center: Network Mgmt Products: Cisco Network Management Toolkit: Cisco MIB.
Obtaining Documentation
The following sections provide sources for obtaining documentation from Cisco Systems.
World Wide Web
You can access the most current Cisco documentation on the World Wide Web at this URL:
Translated documentation is available at this URL:
http://www.cisco.com/public/countries_languages.shtml
Documentation CD-ROM
Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or as an annual subscription.
Ordering Documentation
You can order Cisco documentation in these ways:
•Registered Cisco.com users (Cisco direct customers) can order Cisco product documentation from the Networking Products MarketPlace:
http://www.cisco.com/cgi-bin/order/order_root.pl
•Registered Cisco.com users can order the Documentation CD-ROM through the online Subscription Store:
http://www.cisco.com/go/subscription
•Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco Systems Corporate Headquarters (California, U.S.A.) at 408 526-7208 or, elsewhere in North America, by calling 800 553-NETS (6387).
Documentation Feedback
You can submit comments electronically on Cisco.com. In the Cisco Documentation home page, click the Fax or Email option in the "Leave Feedback" section at the bottom of the page.
You can email your comments to bug-doc@cisco.com.
You can submit your comments by mail by using the response card behind the front cover of your document or by writing to the following address:
Cisco Systems
Attn: Document Resource Connection
170 West Tasman Drive
San Jose, CA 95134-9883We appreciate your comments.
Obtaining Technical Assistance
Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain online documentation, troubleshooting tips, and sample configurations from online tools by using the Cisco Technical Assistance Center (TAC) Web Site. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC Web Site.
Cisco.com
Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world.
Cisco.com is a highly integrated Internet application and a powerful, easy-to-use tool that provides a broad range of features and services to help you with these tasks:
•Streamline business processes and improve productivity
•Resolve technical issues with online support
•Download and test software packages
•Order Cisco learning materials and merchandise
•Register for online skill assessment, training, and certification programs
If you want to obtain customized information and service, you can self-register on Cisco.com. To access Cisco.com, go to this URL:
Technical Assistance Center
The Cisco Technical Assistance Center (TAC) is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two levels of support are available: the Cisco TAC Web Site and the Cisco TAC Escalation Center.
Cisco TAC inquiries are categorized according to the urgency of the issue:
•Priority level 4 (P4)—You need information or assistance concerning Cisco product capabilities, product installation, or basic product configuration.
•Priority level 3 (P3)—Your network performance is degraded. Network functionality is noticeably impaired, but most business operations continue.
•Priority level 2 (P2)—Your production network is severely degraded, affecting significant aspects of business operations. No workaround is available.
•Priority level 1 (P1)—Your production network is down, and a critical impact to business operations will occur if service is not restored quickly. No workaround is available.
The Cisco TAC resource that you choose is based on the priority of the problem and the conditions of service contracts, when applicable.
Cisco TAC Web Site
You can use the Cisco TAC Web Site to resolve P3 and P4 issues yourself, saving both cost and time. The site provides around-the-clock access to online tools, knowledge bases, and software. To access the Cisco TAC Web Site, go to this URL:
All customers, partners, and resellers who have a valid Cisco service contract have complete access to the technical support resources on the Cisco TAC Web Site. The Cisco TAC Web Site requires a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to this URL to register:
http://www.cisco.com/register/
If you are a Cisco.com registered user, and you cannot resolve your technical issues by using the Cisco TAC Web Site, you can open a case online by using the TAC Case Open tool at this URL:
http://www.cisco.com/tac/caseopen
If you have Internet access, we recommend that you open P3 and P4 cases through the Cisco TAC Web Site.
Cisco TAC Escalation Center
The Cisco TAC Escalation Center addresses priority level 1 or priority level 2 issues. These classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer automatically opens a case.
To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to this URL:
http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
Before calling, please check with your network operations center to determine the level of Cisco support services to which your company is entitled: for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). When you call the center, please have available your service agreement number and your product serial number.