Guest

Cisco IOS Software Releases 12.2 S

Cross-Platform Release Notes for Cisco IOS Release 12.2S

  • Viewing Options

  • PDF (4.5 MB)
  • Feedback
Cross-Platform Release Notes for Cisco IOS Release 12.2S

Table Of Contents

Cross-Platform Release Notes for Cisco IOS Release 12.2S

Contents

Introduction

Early Deployment Releases

System Requirements

Memory Recommendations

Supported Hardware

Supported Platforms

Supported Port Adapters

Determining the Software Version

Upgrading to a New Software Release

Microcode Software

Bundled FPGAs for the Cisco 7304

Shared Port Adapter FPD Image Packages for the Cisco 7304

Feature Support

New and Changed Information

New Hardware Features in Cisco IOS Release 12.2(30)S

New Software Features in Cisco IOS Release 12.2(30)S

New Hardware Features in Cisco IOS Release 12.2(25)S3

1 Port OC-12 ATM Line Card (7300-1OC12ATM)

1-Port OC-12c/STM-4 POS SPA Shared Port Adapter (SPA-1OC12-POS)

2-Port and 4-Port OC-3 POS SPA Shared Port Adapter (SPA-2XOC3-POS and SPA-4XOC3-POS)

2-Port and 4-Port T3/E3 Serial SPA Shared Port Adapter (SPA-2XT3/E3 and SPA-4XT3/E3)

New Software Features in Cisco IOS Release 12.2(25)S3

MPLS VPN: SSO/NSF Support

New Hardware Features in Cisco IOS Release 12.2(25)S2

New Software Features in Cisco IOS Release 12.2(25)S2

Any Transport over MPLS for PXF

Layer 2 Tunneling Protocol v3 for PXF on the Cisco 7304 NSE-100

Multicast and Multicast VPN for PXF

New Hardware Features in Cisco IOS Release 12.2(25)S1

New Software Features in Cisco IOS Release 12.2(25)S1

Multiple Trunk

PPP/MLP MRRU Negotiation Configuration

New Hardware Features in Cisco IOS Release 12.2(25)S

Route Switch Processor 16

New Software Features in Cisco IOS Release 12.2(25)S

1-Gbps ISC Links Peer Mode

ACL IP Options Selective Drop

ACL—Named ACL Support for Noncontiguous Ports on an Access Control Entry

ACL Support for Filtering IP Options

ACL TCP Flags Filtering

Any Transport over MPLS

Any Transport over MPLS (AToM) Graceful Restart

Any Transport over MPLS High Availability - Stateful Switchover (SSO) and Non-Stop Forwarding (NSF)

AToM Port Mode Cell Relay Support for PA-A3-8T1 IMA PA and PA-A3-8E1 IMA PA

ATM Conditional Debug Support

ATM OAM Ping

ATM Port Mode Packed Cell Relay over AToM

ATM PVC Trap Enhancements for Segment and End AIS/RDI Failures

BGP Features

Cisco IOS Login Enhancements

Cisco IOS Scripting with Tcl

CLNS Support for GRE Tunneling of IPv4 and IPv6

CNS Agents

Configuration Change Notification and Logging

Configuration Generation Performance Enhancement

Configuration Replace and Configuration Rollback

Contextual Configuration Diff Utility

Control Plane Policing - Time Based

CPU Threshold Notification

Embedded Event Manager 2.0

Embedded Syslog Manager (ESM)

Enhanced Object Tracking

Extended ACL Support for IGMP to Support SSM in IPv4

FHRP - Enhanced Object Tracking of Service Assurance Agent (SAA) Operations

FHRP - HSRP - SSO Aware HSRP

First Hop Redundancy Protocols

Frame Relay Conditional Debug Support

Frame Relay FRF.1.2 Annex A Support

Integrated IS-IS Global Default Metric

Integrated IS-IS Protocol Shutdown Support Maintaining Configuration Parameters

IPMROUTE-STD-MIB

IP Traffic Export

IPv6 Anycast Address

IPv6 Multicast Features

IS-IS Caching of Redistributed Routes

IS-IS Support for Priority-Driven IP Prefix RIB Installation

L2TPv3: Layer 2 Tunneling Protocol Version 3

L2VPN Interworking

Layer 2 Local Switching Features

Loadsharing IP Packets over More Than Six Parallel Paths

Memory Leak Detector

Memory Pool - SNMP Notification Support

MPLS LDP Inbound Label Binding Filtering

MPLS LDP: SSO/NSF Support and Graceful Restart

MPLS LDP MIB: SSO/NSF Support

MPLS VPN MIB: SSO/NSF Support

MPLS VPN - Route Target Rewrite

MPLS VPN: SSO/NSF Support

MPLS VPN—VRF Selection Based on Source IP Address

MPLS VPN VRF Selection Using Policy Based Routing

MSDP Compliance with IETF RFC 3618

Multicast Fast Switching Performance Improvement

Multilink Frame Relay over L2TPv3/AToM

NAT—dCEF Support

NAT—Performance Enhancement—CEF Switching Support

NAT—Performance Enhancement—Translation Table Optimization

NAT—Performance & Scalability Enhancement—Timer Wheel

NAT—Rate Limiting NAT Translation

NAT—Translation of External IP Addresses Only

NetFlow Input Filters

NetFlow MIB

NetFlow MIB and Top Talkers

OSPF Area Transit Capability

OSPF Forwarding Adjacency

OSPF Link-Local Signaling Per Interface Basis

OSPF Link State Database Overload Protection

OSPF MIB Support of RFC 1850 and Latest Extensions

OSPF Support for Forwarding Adjacencies over MPLS Traffic Engineered Tunnels

OSPF Support for Unlimited Software VRFs per Provider Edge (PE) Router

PBR Support for Multiple Tracking Options

Periodic MIB Data Collection and Transfer Mechanism

PIM Dense Mode Fallback Prevention in a Network Following RP Information Loss

Port Mode Cell Relay Support for PA-A3-T3, PA-A3-E3, and PA-A3-OC3 PAs

Rate Limiting NAT Translation

Router Security Audit Logs

RTP Header Compression over Satellite Links

Secure Copy

Secure Shell Version 2 Support

Secure SNMP Views

Service Assurance Agent (SAA) Multiple Operation Scheduling

Silent Operation Mode

SNMP Support over VPNs—Context Based Access Control

Stateful Switchover (SSO) Support for QoS

Stateful Switchover Support for Multilink Frame Relay

Suppress BGP Advertisement for Inactive Routes

Unique Device Identifier (UDI) Retrieval

VC Single Cell Relay Support for PA-A3-OC12 over AToM/L2TPv3

VP/VC Mode Packed Cell Relay Support for PA-A3-8T1 IMA PA and PA-A3-8E1 IMA PA

VRF Aware Multicast Error Messages

New Hardware Features in Cisco IOS Release 12.2(22)S

ONS 15530 Platform

ONS 15540 Platform

Regex Engine Performance Enhancement

New Software Features in Cisco IOS Release 12.2(22)S

ONS 15530 and ONS 15540 Cisco IOS Software Features

New Hardware Features in Cisco IOS Release 12.2(20)S6

New Software Features in Cisco IOS Release 12.2(20)S6

Cisco 7304 FPGA Upgrade Enhancements

Cisco 7304 Shared Port Adapter Field Programmable Device show Command Updates

New Hardware Features in Cisco IOS Release 12.2(20)S5

New Software Features in Cisco IOS Release 12.2(20)S5

PXF Logical Interface Options on the Cisco 7304 Router Using an NSE-100

FPGA Upgrade Prompt Options on the Cisco 7304 Router

New Hardware Features in Cisco IOS Release 12.2(20)S3

Cisco CWDM SFP Support for the NPE-G100

New Software Features in Cisco IOS Release 12.2(20)S3

Stateful Switchover and Nonstop Forwarding Support for Cisco 7304 Routers using the MSC-100

Stateful Switchover and Nonstop Forwarding Support for Cisco 7304 Routers using the PCI Port Adapter Carrier Card

New Hardware Features in Cisco IOS Release 12.2(20)S2

4-Port 10/100 Fast Ethernet Shared Port Adapter

2-Port 10/100/1000 Gigabit Ethernet Shared Port Adapter

Modular Services Card 100

New Software Features in Cisco IOS Release 12.2(20)S2

New Hardware Features in Cisco IOS Release 12.2(20)S

New Software Features in Cisco IOS Release 12.2(20)S

Enhanced Management of the Cisco 7304 Router, Phase 1

Frame Relay Discard Eligibility Bit Marking (PXF Based)

Generic Routing Encapsulation Tunnel IP Source and Destination VRF Membership (PXF Based)

Hierarchical Aggregate Ingress Policing (PXF Based)

Interface Queueing for Subinterfaces (PXF Based)

MQC Hierarchical Service-Policy Map Infrastructure (PXF Based)

MQC Match and Set QoS Group (PXF Based)

NetFlow Export of BGP Next Hop Propagation (PXF Based)

Nonstop Forwarding (NSF) with Stateful Switchover (SSO)

Route Processor Redundancy Plus (RPR+)

Service Assurance Agent (SAA) MPLS VPN Operation

Service Assurance Agent (SAA) Path Jitter Operation

New Hardware Features in Cisco IOS Release 12.2(18)S

Cisco 7300 Series

2-Port Packet over SONET OC3c/STM1 Port Adapter

New Software Features in Cisco IOS Release 12.2(18)S

ACL Performance Enhancement

ARP Optimization

AutoSecure

BGP CLI Troubleshooting Commands

BGP Configuration Using Peer Templates

BGP Convergence Optimization

BGP Cost Community

BGP Dynamic Update Peer-Groups

BGP Increased Support of Numbered AS-Path Access Lists to 500

BGP Restart Session After Max-Prefix Limit

BGP Route-Map Continue

BGP Route-Map Policy List Support

Cisco 7304 Software Features

Control Plane Policing

EIGRP NonStop Forwarding Support

GLBP MD5 Authentication

Hot Standby MAC Address

Image Verification

Implementing OSPF for IPv6

Integrated IS-IS Multi-Topology Support for IPv6

ip dhcp-client default-router distance Command

IPv6 Multicast

IS-IS Incremental Shortest Path First (i-SPF) Support

IS-IS Limit on Number of Redistributed Routes

IS-IS Mechanisms to Exclude Connected IP Prefixes from LSP Advertisements

IS-IS Support for a Redistribution Limit of Maximum Prefixes Imported

IS-IS Support for IP Route Tags

Memory Threshold Notifications

MPLS - Interfaces MIB Enhancements

MPLS - LDP MIB Version 08 Upgrade

MPLS Traffic Engineering Forwarding Adjacency

MPLS Traffic Engineering (TE)—Interarea Tunnels

MPLS VPN Support for EIGRP Between Provider Edge and Customer Edge

NetFlow Export of BGP Next Hop Information

NetFlow Export Version 9 Support

NetFlow Multicast Support

Nonstop Forwarding (NSF) with Stateful Switchover (SSO)

OSPF Forwarding Address Suppression in Translated Type-5 LSAs

OSPF Incremental Shortest Path First (i-SPF) Support

OSPF Inbound Filtering Using Route Maps with a Distribute List

OSPF Support for a Redistribution Limit of Maximum Prefixes Imported

OSPF Support for Fast Hellos

OSPF Support for Link State Advertisement (LSA) Throttling

QA Error Recovery for the Cisco 7500 Series

Random Sampled NetFlow

Router Security Audit Logs

SNMPv3 Community MIB Support

Source Specific Multicast (SSM) Mapping

SSO support for Community MIB, Notification MIB, Notification Log MIB, and Entity FRU Control MIB

Warm Reload

New Hardware Features in Cisco IOS Release 12.2(14)S

Cisco 7200-I/O-GE+E and Cisco 7200-I/O-2FE/E Input/Output Controllers

Cisco 7401 ASR-BB and Cisco 7401 ASR-CP

Enhanced Gigabit Ethernet Interface Processor

Integrated Service Adapter

Multichannel STM-1 Port Adapter

Network Services Engine

NPE-400

NPE-G1

PA-MC-2T3+ Phase-II (T3 Subrate)

PA-MC-8TE1+ Port Adapter

VIP4

VIP6-80

New Software Features in Cisco IOS Release 12.2(14)S

Any Transport over MPLS Features

BGP Features

Bidirectional PIM

Cisco 7500 Single Line Card Reload

Cisco IOS Server Load Balancing (SLB)

Cisco Quality of Service Device Manager

Class-Based Quality of Service MIB

DCBWFQ, DWRED, and DLLQ Support for PA-A3-8E1IMA and PA-A3-8T1IMA Port Adapters on Cisco 7500 Series Routers

DFP Agent Subsystem

DiffServ Compliant Weighted Random Early Detection

Distributed GRE Tunneling Support

Distributed Network-Based Application Recognition

DLR Enhancements: PGM RFC-3208 Compliance

Enhanced Password Security, Phase I

EXEC Commands in Configuration Mode

Express RTP Header Compression

Frame Relay Queueing and Fragmentation at the Interface

Functionality Changed for the tunnel mpls traffic-eng autoroute metric Command

Generic Routing Encapsulation (GRE) Tunnel Keepalive

GLBP: Gateway Load Balancing Protocol

iBGP Multipath Load Sharing

IGMP State Limit

IGMP Version 3—Explicit Tracking of Hosts, Groups, and Channels

Integrated IS-IS Point-to-Point Adjacency over Broadcast Media

Interface Range Configuration Mode

Interface Range Specification

IP Access List Entry Sequence Numbering

IP Event Dampening

IP MMLS Global Threshold

IPSec—SNMP Support

IPv6 Features

IS-IS: Allows BGP to Control the Configuration of the Overload Bit

IS-IS HMAC-MD5 Authentication and Enhanced Clear Text Authentication

Low Latency Queuing for the VIP Enhancement

Manual TFTP Certificate Enrollment

MPLS Label Distribution Protocol (LDP)

MPLS Label Distribution Protocol (LDP) MIB

MPLS Label Switching Router MIB

MPLS Traffic Engineering (TE) Features

MPLS VPN Features

Multicast-VPN—IP Multicast Support for MPLS VPNs

Multilink Frame Relay (FRF.16)

Multilink PPP Minimum Links Mandatory

NetFlow Features

Network-Based Application Recognition

Network-Based Application Recognition RTP Payload Classification

OSPF Features

Per-VC Queueing for ATM

PIM Features

Quality of Service Feature for Parallel Express Forwarding (PXF)

Quality of Service over LAN Emulation

Route Processor Redundancy Plus (RPR+)

RSVP Scalability Enhancements

SNMP Support for VLAN Subinterfaces

Tunnel Type of Service (ToS)

Turbo Access Control Lists

Virtual Router Redundancy Protocol

MIBs

Limitations and Restrictions

SNMP Version 1 BGP4-MIB Limitations

Important Notes

Deferrals

Field Notices and Bulletins

Important Notes for Cisco IOS Release 12.2(25)S15

NBAR Classification for HTTP Traffic on NPE-G100

Important Notes for Cisco IOS Release 12.2(25)S

High-Capacity Counters in the Output of the show interfaces Command

Memory Requirements for the VIP2-40 and VIP2-50

Important Notes for Cisco IOS Release 12.2(22)S

Changes to the Output of the show version Command

Important Notes for Cisco IOS Release 12.2(20)S

Protocol Independent Multicast on Cisco 7304 Routers

Important Notes for Cisco IOS Release 12.2(14)S18

RPR and RPR+ for the Cisco 7500 Series Routes

Important Notes for Cisco IOS Release 12.2(14)S

Configuring MD5 Authentication for BGP Peering Sessions

PPP over MPLS Restrictions

Caveats

Resolved Caveats—Cisco IOS Release 12.2(30)S1

Basic System Services

Open Caveats—Cisco IOS Release 12.2(30)S

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(30)S

Basic System Services

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(25)S15

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(25)S14

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(25)S13

Basic System Services

IBM Connectivity

IP Routing Protocols

Miscellaneous

TCP/IP Host-Mode Services

Resolved Caveats—Cisco IOS Release 12.2(25)S12

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

TCP/IP Host-Mode Services

Resolved Caveats—Cisco IOS Release 12.2(25)S11

Basic System Services

IP Routing Protocols

ISO CLNS

Miscellaneous

TCP/IP Host-Mode Services

Resolved Caveats—Cisco IOS Release 12.2(25)S10

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(25)S9

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(25)S8

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(25)S7

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(25)S6

Basic System Services

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.2(25)S5

Basic System Services

EXEC and Configuration Parser

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.2(25)S4

Basic System Services

Resolved Caveats—Cisco IOS Release 12.2(25)S3

Basic System Services

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Open Caveats—Cisco IOS Release 12.2(25)S2

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(25)S2

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.2(25)S1

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

TCP/IP Host-Mode Services

Wide-Area Networking

Open Caveats—Cisco IOS Release 12.2(25)S

Basic System Services

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.2(25)S

Basic System Services

IBM Connectivity

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.2(22)S2

Basic System Services

IP Routing Protocols

Miscellaneous

TCP/IP Host-Mode Services

Resolved Caveats—Cisco IOS Release 12.2(22)S1

Basic System Services

Miscellaneous

Open Caveats—Cisco IOS Release 12.2(22)S

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(22)S

Basic System Services

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

Novell IPX, XNS, and Apollo Domain

TCP/IP Host-Mode Services

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.2(20)S14

Basic System Services

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(20)S13

Basic System Services

EXEC and Configuration Parser

IBM Connectivity

IP Routing Protocols

Miscellaneous

TCP/IP Host-Mode Services

Resolved Caveats—Cisco IOS Release 12.2(20)S12

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(20)S11

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

TCP/IP Host-Mode Services

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.2(20)S10

Basic System Services

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(20)S9

Basic System Services

Interfaces and Bridging

ISO CLNS

IP Routing Protocols

ISO CLNS

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(20)S8

Basic System Services

IP Routing Protocols

Miscellaneous

TCP/IP Host-Mode Services

Resolved Caveats—Cisco IOS Release 12.2(20)S7

Basic System Services

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(20)S6

Basic System Services

IP Routing Protocols

ISO CLNS

Miscellaneous

TCP/IP Host-Mode Services

Resolved Caveats—Cisco IOS Release 12.2(20)S5

Basic System Services

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(20)S4

Basic System Services

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(20)S3

Basic System Services

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(20)S2

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(20)S1

Miscellaneous

Open Caveats—Cisco IOS Release 12.2(20)S

IBM Connectivity

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(20)S

Basic System Services

EXEC and Configuration Parser

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

TCP/IP Host-Mode Services

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.2(18)S13

Basic System Services

IBM Connectivity

IP Routing Protocols

Miscellaneous

TCP/IP Host-Mode Services

Resolved Caveats—Cisco IOS Release 12.2(18)S12

IP Routing Protocols

Miscellaneous

TCP/IP Host-Mode Services

Resolved Caveats—Cisco IOS Release 12.2(18)S11

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(18)S10

Basic System Services

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(18)S9

Basic System Services

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(18)S8

Basic System Services

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.2(18)S7

Basic System Services

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(18)S6

Basic System Services

ISO CLNS

Miscellaneous

TCP/IP Host-Mode Services

Resolved Caveats—Cisco IOS Release 12.2(18)S5

Basic System Services

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(18)S4

Basic System Services

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(18)S3

Basic System Services

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

TCP/IP Host-Mode Services

Resolved Caveats—Cisco IOS Release 12.2(18)S2

Basic System Services

EXEC and Configuration Parser

IP Routing Protocols

ISO CLNS

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(18)S1

Interfaces and Bridging

ISO CLNS

Miscellaneous

Wide-Area Networking

Open Caveats—Cisco IOS Release 12.2(18)S

Basic System Services

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.2(18)S

Basic System Services

EXEC and Configuration Parser

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

TCP/IP Host-Mode Services

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.2(14)S19

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(14)S18

Basic System Services

IBM Connectivity

IP Routing Protocols

Miscellaneous

TCP/IP Host-Mode Services

Resolved Caveats—Cisco IOS Release 12.2(14)S17

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(14)S16

Basic System Services

Interfaces and Bridging

IP Routing Protocols

ISO CLNS

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.2(14)S15

Basic System Services

IP Routing Protocols

ISO CLNS

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(14)S14

Basic System Services

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(14)S13

Basic System Services

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(14)S12

Basic System Services

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(14)S10

IP Routing Protocols

Miscellaneous

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.2(14)S9

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(14)S7

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(14)S5

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(14)S3

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

Resolved Caveats—Cisco IOS Release 12.2(14)S2

Interfaces and Bridging

IP Routing Protocols

Miscellaneous

TCP/IP Host-Mode Services

Wide-Area Networking

Resolved Caveats—Cisco IOS Release 12.2(14)S1

Troubleshooting

Related Documentation

Release-Specific Documents

Cisco IOS Release 12.2S

Cisco IOS Release 12.2

Platform-Specific Documents

Feature Modules

Cisco Feature Navigator

Cisco IOS Software Documentation Set

Documentation Modules

Cisco IOS Release 12.2 Documentation Set Contents

Notices

OpenSSL/Open SSL Project

License Issues

Obtaining Documentation and Submitting a Service Request


Cross-Platform Release Notes for Cisco IOS Release 12.2S


September 24, 2008

Cisco IOS Release 12.2(30)S1

OL-2586-09 Rev. Q1

These release notes support Cisco IOS Release 12.2S up to and including Cisco IOS Release 12.2(30)S1. These release notes are updated as needed to describe new features, memory requirements, hardware support, software platform deferrals, and related documents.


Note Cisco IOS Release 12.2(30)S and its rebuilds support only the Cisco ONS 15530 and Cisco ONS 15540 platforms. These releases do not introduce new hardware or software features but integrate resolved caveats.


Cisco IOS Release 12.2S is based on Cisco IOS Release 12.2 and is tailored for service provider and large-scale enterprise networks. Cisco IOS Release 12.2S includes features that were initially supported in Cisco IOS Release 12.2. Additionally, Cisco IOS Release 12.2S integrates features from Cisco IOS Release 12.0S, Release 12.0ST, and Release 12.1E.

For a list of the software caveats that apply to Cisco IOS Release 12.2S, see the "Caveats" section and the Caveats for Cisco IOS Release 12.2 document. The caveats document is updated for every maintenance release and is located on Cisco.com.

Use these release notes in conjunction with the Cross-Platform Release Notes for Cisco IOS Release 12.2 document located on Cisco.com.

We recommend that you view the field notices for this release to see if your software or hardware platforms are affected. If you have an account on Cisco.com, you can find field notices at http://www.cisco.com/warp/customer/tech_tips/index/fn.html. If you do not have a Cisco.com login account, you can find field notices at http://www.cisco.com/warp/public/tech_tips/index/fn.html.

Contents

Introduction

System Requirements

New and Changed Information

MIBs

Limitations and Restrictions

Important Notes

Caveats

Troubleshooting

Related Documentation

Notices

Obtaining Documentation and Submitting a Service Request

Introduction

Cisco IOS Release 12.2(14)S was the first general availability release of this software. Many of the features and the hardware supported in this software have been previously released to customers on other software releases.

For information on new features and Cisco IOS commands that are supported by Cisco IOS Release 12.2S, see the "New and Changed Information" section and the "Caveats" section.

Early Deployment Releases

These release notes describe the Cisco 7200 series routers, Cisco 7301 router, Cisco 7304 routers, Cisco 7400 series routers, Cisco 7500 series routers, Cisco ONS 15530 platform, and Cisco ONS 15540 platform for Cisco IOS Release 12.2S, which is an early deployment (ED) release based on Cisco IOS Release 12.2. Early deployment releases contain fixes for software caveats and support for new Cisco hardware and software features. Table 1 shows the Cisco IOS Release 12.2S early deployment releases for the above-mentioned platforms.

Table 1 Early Deployment Releases for the Cisco 7200 Series, Cisco 7301, Cisco 7304, Cisco 7400 Series, Cisco 7500 Series, Cisco ONS 15530, and Cisco ONS 15540 

Cisco IOS ED Release
Type of ED Release
Additional Software Features
Additional Hardware Features
Availability

12.2(30)S1

Rebuild

No new software features.

No new hardware features.

11/17/05

12.2(30)S

Maintenance1

No new software features.

No new hardware features.

07/29/05

12.2(25)S15

Rebuild

No new software features.

No new hardware features.

12/06/07

12.2(25)S14

Rebuild

No new software features.

No new hardware features.

08/28/07

12.2(25)S13

Rebuild

No new software features.

No new hardware features.

06/25/07

12.2(25)S12

Rebuild

No new software features.

No new hardware features.

02/09/07

12.2(25)S11

Rebuild

No new software features.

No new hardware features.

10/20/06

12.2(25)S10

Rebuild

No new software features.

No new hardware features.

07/10/06

12.2(25)S9

Rebuild

No new software features.

No new hardware features.

03/30/06

12.2(25)S8

Rebuild

No new software features.

No new hardware features.

01/10/06

12.2(25)S7

Rebuild

No new software features.

No new hardware features.

10/31/05

12.2(25)S6

Rebuild

No new software features.

No new hardware features.

10/24/05

12.2(25)S5

Rebuild

No new software features.

No new hardware features.

06/23/05

12.2(25)S4

Rebuild

No new software features.

No new hardware features.

04/13/05

12.2(25)S3

Rebuild

See the "New Software Features in Cisco IOS Release 12.2(25)S3" section.

See the "New Hardware Features in Cisco IOS Release 12.2(25)S3" section.

03/07/05

12.2(25)S2

Rebuild

See the "New Software Features in Cisco IOS Release 12.2(25)S2" section.

No new hardware features.

12/30/04

12.2(25)S1

Rebuild

See the "New Software Features in Cisco IOS Release 12.2(25)S1" section.

No new hardware features.

10/14/04

12.2(25)S

Maintenance

See the "New Software Features in Cisco IOS Release 12.2(25)S" section.

See the "New Hardware Features in Cisco IOS Release 12.2(25)S" section.

08/16/04

12.2(22)S2

Rebuild

No new software features.

No new hardware features.

08/26/04

12.2(22)S1

Rebuild

No new software features.

No new hardware features.

06/24/04

12.2(22)S

Maintenance

See the "New Software Features in Cisco IOS Release 12.2(22)S" section.

See the "New Hardware Features in Cisco IOS Release 12.2(22)S" section.

03/18/04

12.2(20)S14

Rebuild

No new software features.

No new hardware features.

08/03/07

12.2(20)S13

Rebuild

No new software features.

No new hardware features.

03/27/07

12.2(20)S12

Rebuild

No new software features.

No new hardware features.

06/30/06

12.2(20)S11

Rebuild

No new software features.

No new hardware features.

04/27/06

12.2(20)S10

Rebuild

No new software features.

No new hardware features.

12/29/05

12.2(20)S9

Rebuild

No new software features.

No new hardware features.

09/19/05

12.2(20)S8

Rebuild

No new software features.

No new hardware features.

05/13/05

12.2(20)S7

Rebuild

No new software features.

No new hardware features.

03/04/05

12.2(20)S6

Rebuild

See the "New Software Features in Cisco IOS Release 12.2(20)S6" section.

No new hardware features.

11/01/04

12.2(20)S5

Rebuild

See the "New Software Features in Cisco IOS Release 12.2(20)S5" section.

No new hardware features.

08/11/04

12.2(20)S4

Rebuild

No new software features.

No new hardware features.

06/28/04

12.2(20)S3

Rebuild

See the "New Software Features in Cisco IOS Release 12.2(20)S3" section.

See the "New Hardware Features in Cisco IOS Release 12.2(20)S3" section.

05/21/04

12.2(20)S2

Rebuild

No new software features.

See the "New Hardware Features in Cisco IOS Release 12.2(20)S2" section.

03/16/04

12.2(20)S1

Rebuild

No new software features.

No new hardware features.

01/21/04

12.2(20)S

Maintenance

See the "New Software Features in Cisco IOS Release 12.2(20)S" section.

No new hardware features.

10/29/03

12.2(18)S13

Rebuild

No new software features.

No new hardware features.

08/01/07

12.2(18)S12

Rebuild

No new software features.

No new hardware features.

06/22/06

12.2(18)S11

Rebuild

No new software features.

No new hardware features.

02/09/06

12.2(18)S10

Rebuild

No new software features.

No new hardware features.

09/29/05

12.2(18)S9

Rebuild

No new software features.

No new hardware features.

04/19/05

12.2(18)S8

Rebuild

No new software features.

No new hardware features.

02/24/05

12.2(18)S7

Rebuild

No new software features.

No new hardware features.

12/09/04

12.2(18)S6

Rebuild

No new software features.

No new hardware features.

09/10/04

12.2(18)S5

Rebuild

No new software features.

No new hardware features.

05/24/04

12.2(18)S4

Rebuild

No new software features.

No new hardware features.

03/22/04

12.2(18)S3

Rebuild

No new software features.

No new hardware features.

01/26/04

12.2(18)S2

Rebuild

No new software features.

No new hardware features.

12/05/03

12.2(18)S1

Rebuild

No new software features.

No new hardware features.

10/09/03

12.2(18)S

Maintenance

See the "New Software Features in Cisco IOS Release 12.2(18)S" section.

See the "New Hardware Features in Cisco IOS Release 12.2(18)S" section.

08/21/03

12.2(14)S19

Rebuild

No new software features.

No new hardware features.

07/26/07

12.2(14)S18

Rebuild

No new software features.

No new hardware features.

05/29/07

12.2(14)S17

Rebuild

No new software features.

No new hardware features.

05/18/06

12.2(14)S16

Rebuild

No new software features.

No new hardware features.

01/30/06

12.2(14)S15

Rebuild

No new software features.

No new hardware features.

09/20/05

12.2(14)S14

Rebuild

No new software features.

No new hardware features.

04/13/05

12.2(14)S13

Rebuild

No new software features.

No new hardware features.

02/17/05

12.2(14)S12

Rebuild

No new software features.

No new hardware features.

11/16/04

12.2(14)S10

Rebuild

No new software features.

No new hardware features.

08/09/04

12.2(14)S9

Rebuild

No new software features.

No new hardware features.

05/17/04

12.2(14)S7

Rebuild

No new software features.

No new hardware features.

03/08/04

12.2(14)S5

Rebuild

No new software features.

No new hardware features.

09/29/03

12.2(14)S3

Rebuild

No new software features.

No new hardware features.

07/10/03

12.2(14)S2

Rebuild

No new software features.

No new hardware features.

06/03/03

12.2(14)S1

Rebuild

No new software features.

No new hardware features.

04/10/03

12.2(14)S

Maintenance

See the "New Software Features in Cisco IOS Release 12.2(14)S" section.

See the "New Hardware Features in Cisco IOS Release 12.2(14)S" section.

01/30/03

1 Cisco IOS Release 12.0(30)S is the last maintenance release of Release 12.2S.


System Requirements

This section describes the system requirements for Cisco IOS Release 12.2S and includes the following sections:

Memory Recommendations

Supported Hardware

Determining the Software Version

Upgrading to a New Software Release

Microcode Software

Feature Support

Memory Recommendations

The memory recommendation tables have been removed from the Cisco IOS Release 12.2S release notes to improve the usability of the release notes documentation. The memory recommendations that were provided by these tables are available through Cisco Feature Navigator.

Cisco Feature Navigator is a web-based tool that enables you to determine which Cisco IOS and Catalyst OS software images support a specific set of features and which features are supported in a specific Cisco IOS image. You can search by feature or by feature set (software image). Under the release section, you can compare Cisco IOS software releases side by side to display both the features unique to each software release and the features that the releases have in common.

Cisco Feature Navigator is updated regularly when major Cisco IOS software releases and technology releases occur. For the most current information, go to the Cisco Feature Navigator home page at the following URL:

http://www.cisco.com/go/fn

For frequently asked questions about Cisco Feature Navigator, see the FAQs at the following URL:

http://tools.cisco.com/ITDIT/CFN/jsp/help.jsp

Determining Memory Recommendations for Software Images (Feature Sets)

To determine memory recommendations for software images (feature sets) in Cisco IOS Release 12.2S, go to the Cisco Feature Navigator home page and perform the following steps.


Step 1 From the Cisco Feature Navigator home page, click Search by Software/Image Name/Product Code/Platform.

Step 2 To find the memory recommendations for the latest Cisco IOS release, click the release under the Cisco IOS Quick Pick Latest Release area. For other releases, go to Step 3.

a. Choose All Platforms from the Platform drop-down list

b. Choose All Feature Sets from the Feature Set drop-down list.

The Search Results table will list all the software images (feature sets) that support the release that you chose, plus the DRAM and flash memory recommendations for each image.

Step 3 If the release is not listed in the Cisco IOS Quick Pick Latest Release area, choose IOS from the Software drop-down list, and click Continue.

a. Choose a release from the Major Release drop-down list, and click Continue again.

b. Choose a specific release from the Release drop-down list.

c. Choose All Platforms from the Platform drop-down list

d. Choose All Feature Sets from the Feature Set drop-down list.

The Search Results table will list all the software images (feature sets) that support the release that you chose, plus the DRAM and flash memory recommendations for each image.


Supported Hardware

This section describes the platforms and port adapters that are supported in Cisco IOS Release 12.2S.

Supported Platforms

Cisco IOS Release 12.2S supports the following platforms:

Cisco 7200 series routers (including the Cisco 7202, Cisco 7204, Cisco 7204VXR, Cisco 7206, and Cisco 7206VXR routers)

Cisco 7301 router

Cisco 7304 routers (including the 7304-NSE-100 and Cisco 7304-NPE-G100 routers)

Cisco 7400 series routers (including the Cisco 7401 ASR-BB and Cisco 7401 ASR-CP routers)

Cisco 7500 series routers (including the Cisco 7505, Cisco 7507, and Cisco 7513 routers)

Cisco ONS 15530 DWDM Multiservice Aggregation Platform

Cisco ONS 15540 Extended Services Platform (ESP) (including the Cisco ONS 15540 ESP and Cisco ONS 15540 ESPx platforms)

For detailed descriptions of the new hardware features, see the "New and Changed Information" section.

For additional information about supported hardware for these platforms and this release, see the Hardware/Software Compatibility Matrix in the Cisco Software Advisor at the following location:

http://www.cisco.com/cgi-bin/front.x/Support/HWSWmatrix/hwswmatrix.cgi

Table 2 describes the supported platforms for Cisco IOS Release 12.2S and uses the following conventions:

Yes—The platform is supported in the release.

No—The platform is not supported in the release.

Table 2 Supported Platforms for Cisco IOS Release 12.2S 

Cisco IOS
Release
Cisco 7200
Series
Cisco 7301
Router
Cisco 7304
Routers
Cisco 7400
Series
Cisco 7500
Series
Cisco
ONS 15530
Cisco
ONS 15540

12.2(30)S1

No

No

No

No

No

Yes

Yes

12.2(30)S

No

No

No

No

No

Yes

Yes

12.2(25)S15

Yes

Yes

Yes

No

Yes

No

No

12.2(25)S14

Yes

Yes

Yes

No

Yes

No

No

12.2(25)S13

Yes

Yes

Yes

No

Yes

No

No

12.2(25)S12

Yes

Yes

Yes

No

Yes

No

No

12.2(25)S11

Yes

Yes

Yes

No

Yes

No

No

12.2(25)S10

Yes

Yes

Yes

No

Yes

No

No

12.2(25)S9

Yes

Yes

Yes

No

Yes

No

No

12.2(25)S8

Yes

Yes

Yes

No

Yes

No

No

12.2(25)S7

Yes

Yes

Yes

No

Yes

Yes

Yes

12.2(25)S6

Yes

Yes

Yes

No

Yes

Yes

Yes

12.2(25)S5

Yes

Yes

Yes

No

Yes

Yes

Yes

12.2(25)S4

Yes

Yes

Yes

No

Yes

Yes

Yes

12.2(25)S3

Yes

Yes

Yes

No

Yes

Yes

Yes

12.2(25)S2

Yes

Yes

Yes

No

Yes

Yes

Yes

12.2(25)S1

Yes

Yes

No

No

Yes

Yes

Yes

12.2(25)S

Yes

Yes

No

No

Yes

Yes

Yes

12.2(22)S2

No

No

No

No

No

Yes

Yes

12.2(22)S1

No

No

No

No

No

Yes

Yes

12.2(22)S

No

No

No

No

No

Yes

Yes

12.2(20)S14

No

No

Yes

No

No

No

No

12.2(20)S13

No

No

Yes

No

No

No

No

12.2(20)S12

No

No

Yes

No

No

No

No

12.2(20)S11

No

No

Yes

No

No

No

No

12.2(20)S10

No

No

Yes

No

No

No

No

12.2(20)S9

No

No

Yes

No

No

No

No

12.2(20)S8

No

No

Yes

No

No

No

No

12.2(20)S7

No

No

Yes

No

No

No

No

12.2(20)S6

No

No

Yes

No

No

No

No

12.2(20)S5

No

No

Yes

No

No

No

No

12.2(20)S4

No

No

Yes

No

No

No

No

12.2(20)S3

No

No

Yes

No

No

No

No

12.2(20)S2

No

No

Yes

No

No

No

No

12.2(20)S1

No

No

Yes

No

No

No

No

12.2(20)S

No

No

Yes

No

No

No

No

12.2(18)S13

Yes

Yes

No

No

Yes

No

No

12.2(18)S12

Yes

Yes

No

No

Yes

No

No

12.2(18)S11

Yes

Yes

No

No

Yes

No

No

12.2(18)S10

Yes

Yes

No

No

Yes

No

No

12.2(18)S9

Yes

Yes

No

No

Yes

No

No

12.2(18)S8

Yes

Yes

No

No

Yes

No

No

12.2(18)S7

Yes

Yes

No

No

Yes

No

No

12.2(18)S6

Yes

Yes

No

No

Yes

No

No

12.2(18)S5

Yes

Yes

No

No

Yes

No

No

12.2(18)S4

Yes

Yes

No

No

Yes

No

No

12.2(18)S3

Yes

Yes

No

No

Yes

No

No

12.2(18)S2

Yes

Yes

No

No

Yes

No

No

12.2(18)S1

Yes

Yes

No

No

Yes

No

No

12.2(18)S

Yes

Yes

Yes

No

Yes

No

No

12.2(14)S19

Yes

No

No

No

Yes

No

No

12.2(14)S18

Yes

No

No

No

Yes

No

No

12.2(14)S17

Yes

No

No

No

Yes

No

No

12.2(14)S16

Yes

No

No

No

Yes

No

No

12.2(14)S15

Yes

No

No

Yes

Yes

No

No

12.2(14)S14

Yes

No

No

Yes

Yes

No

No

12.2(14)S13

Yes

No

No

Yes

Yes

No

No

12.2(14)S12

Yes

No

No

Yes

Yes

No

No

12.2(14)S10

Yes

No

No

Yes

Yes

No

No

12.2(14)S9

Yes

No

No

Yes

Yes

No

No

12.2(14)S7

Yes

No

No

Yes

Yes

No

No

12.2(14)S5

Yes

No

No

Yes

Yes

No

No

12.2(14)S3

Yes

No

No

Yes

Yes

No

No

12.2(14)S2

Yes

No

No

Yes

Yes

No

No

12.2(14)S1

Yes

No

No

Yes

Yes

No

No

12.2(14)S

Yes

No

No

Yes

Yes

No

No


Supported Port Adapters

Table 3 lists the port adapters that are supported for the Cisco 7200 series routers, Cisco 7301 router, Cisco 7304 router, Cisco 7400 series routers, and Cisco 7500 series routers in Cisco IOS Release 12.2S up to and including Cisco IOS Release 12.2(30)S1 and uses the following conventions:

Yes—The port adapter is supported in the software image.

No—The port adapter is not supported in the software image.

In—The number in the "In" column indicates the Cisco IOS 12.2S release in which the port adapter was introduced. For example, (14) means that a port adapter was introduced in Cisco IOS Release 12.2(14)S. If a cell in this column contains an em dash (—), support for the port adapter was inherited from Cisco IOS Release 12.2 or from another release and was included in the initial base release of Cisco IOS Release 12.2S.

Table 3 Supported Port Adapters for the Cisco 7200 Series, Cisco 7301, Cisco 7304, Cisco 7400 Series, and Cisco 7500 Series 

Cisco Product Number 1
Adapter Description
In
7200
Series
7301
Router
7304
Router
7400
Series
7500
Series
ATM Port Adapters

PA-A1-OC3SM

1-port ATM OC3 single mode (IR)

No

No

No

No

Yes

PA-A1-OC3MM

1-port ATM OC3 multimode

No

No

No

No

Yes

PA-A2-4T1C-OC3SM=

ATM CES, 4 T1 CES ports, 1 OC3 ATM SM port

Yes

No

No

No

No

PA-A2-4T1C-T3ATM=

ATM CES, 4 T1 CES ports, 1 T3 ATM port

Yes

No

No

No

No

PA-A2-4E1XC-OC3SM=

CES OC3, 4 E1 ports, 120 ohms

Yes

No

No

No

No

PA-A2-4E1XC-E3ATM=

CES E3/E1, 120 ohms

Yes

No

No

No

No

PA-A3-OC3MM

1-port ATM Enhanced OC3c/STM1 multimode

Yes

Yes

Yes

Yes

Yes

PA-A3-OC3SMI

1-port ATM Enhanced OC3c/STM1 single mode (IR)

Yes

Yes

Yes

Yes

Yes

PA-A3-OC3SML

1-port ATM Enhanced OC3c/STM1 single mode (LR)

Yes

Yes

Yes

Yes

Yes

PA-A3-OC12MM

1-port ATM Enhanced OC12/STM4 multimode

No

No

No

No

Yes

PA-A3-OC12SMI

1-port ATM Enhanced OC12/STM4 single mode (IR)

No

No

No

No

Yes

PA-A3-E3

1-port ATM Enhanced E3

Yes

Yes

Yes

Yes

Yes

PA-A3-T3

1-port ATM Enhanced DS3

Yes

Yes

Yes

Yes

Yes

PA-A3-8E1IMA

8-port ATM Inverse Mux E1, 120 ohms

Yes

Yes

Yes

Yes

Yes

PA-A3-8T1IMA

8-port ATM Inverse Mux T1

Yes

Yes

Yes

Yes

Yes

Channel Port Adapters

PA-4C-E=

1-port Enhanced ESCON Channel

Yes

No

No

No

No

Dynamic Packet Transport (DPT) Port Adapters

PA-SRP-OC12MM=

DPT-OC12 multimode (Cisco 7200 series only)

Yes

No

No

No

No

PA-SRP-OC12SMI=

DPT-OC12 single mode (IR) (Cisco 7200 series only)

Yes

No

No

No

No

PA-SRP-OC12SML=

DPT-OC12 single mode (LR) (Cisco 7200 series only)

Yes

No

No

No

No

PA-SRP-OC12SMX=

DPT-OC12 single mode extended reach (Cisco 7200 series only)

Yes

No

No

No

No

SRPIP-OC12MM=

DPT-OC12 multimode (Cisco 7500 series only)

No

No

No

No

Yes

SRPIP-OC12SMI=

DPT-OC12 single mode (IR) (Cisco 7500 series only)

No

No

No

No

Yes

SRPIP-OC12SML=

DPT-OC12 single mode (LR) (Cisco 7500 series only)

No

No

No

No

Yes

SRPIP-OC12SMX=

DPT-OC12 single mode extended reach (Cisco 7500 series only)

No

No

No

No

Yes

Ethernet/Fast Ethernet/Gigabit Ethernet Port Adapters

PA-4E

4-port Ethernet 10BASE-T

Yes

Yes

Yes

Yes

Yes

PA-4E1G/75

4-port E1 G.703 Serial, 75 ohms/unbalanced

Yes

Yes

Yes

Yes

Yes

PA-4E1G/120

4-port E1 G.703 Serial, 120 ohms/balanced

Yes

Yes

Yes

Yes

Yes

PA-5EFL

5-port Ethernet 10BASE-FL

Yes

Yes

No

Yes

Yes

PA-8E

8-port Ethernet 10BASE-T

Yes

Yes

Yes

Yes

Yes

PA-FE-FX

1-port Fast Ethernet 100BASE-FX

Yes

Yes

Yes

Yes

Yes

PA-FE-TX

1-port Fast Ethernet 100BASE-TX

Yes

Yes

Yes

Yes

Yes

PA-2FE-FX

2-port Fast Ethernet 100BASE-FX

Yes

Yes

Yes

Yes

Yes

PA-2FE-TX

2-port Fast Ethernet 100BASE-TX

Yes

Yes

Yes

Yes

Yes

PA-GE

1-port Gigabit Ethernet

Yes

No

Yes

Yes

No

FDDI Port Adapters

PA-F/FD-MM

1-port FDDI Full Duplex multimode

Yes2

No

No

No

Yes

PA-F/FD-SM

1-port FDDI Full Duplex single mode

Yes2

No

No

No

Yes

High-Speed Serial Port Adapters

PA-H

1-port High-Speed Serial Interface (HSSI)

Yes

Yes

Yes

Yes

Yes

PA-2H

2-port High-Speed Serial Interface (HSSI)

Yes

Yes

Yes

Yes

Yes

Multichannel Serial Port Adapters

PA-MC-T3

1-port multichannel T3

Yes

Yes

Yes

Yes

Yes

PA-MC-E3

1-port multichannel E3

Yes

Yes

Yes

Yes

Yes

PA-MC-2T3+

2-port multichannel T3

Yes

Yes

Yes

Yes

Yes

PA-MC-2T1

2-port multichannel T1, integrated CSU/DSUs

Yes

Yes

Yes

Yes

Yes

PA-MC-2E1/120

2-port multichannel E1, G.703 120-ohm interface

Yes

Yes

Yes

Yes

Yes

PA-MC-4T1

4-port multichannel T1, integrated CSU/DSUs

Yes

Yes

Yes

Yes

Yes

PA-MC-8T1

8-port multichannel T1, integrated CSU/DSUs

Yes

Yes

Yes

Yes

Yes

PA-MC-8E1/120

8-port multichannel E1, G.703 120-ohm interface

Yes

No

Yes

Yes

Yes

PA-MC-8TE1+

8-port multichannel T1/E1 8PRI

(14)

Yes

Yes

Yes

Yes

Yes

PA-MC-STM-1MM

1-port multichannel STM-1 multimode

(14)

Yes

Yes

Yes

Yes

Yes

PA-MC-STM-1SMI

1-port multichannel STM-1 single mode

(14)

Yes

Yes

Yes

Yes

Yes

PA-4B-U

4-port BRI, U Interface

Yes

Yes

No

Yes

No

PA-8B-S/T

8-port BRI, S/T Interface

Yes

Yes

No

Yes

No

Service Adapters

SA-ENCRYPT=

Encryption Service Adapter

No

No

No

No

Yes

SA-ISA

Integrated Services Adapter for IPSec or MPPE encryption

(14)

Yes

No

No

No

No

Shared Port Adapters (SPAs)

SPA-4FE-7304

4-port 10/100 Fast Ethernet SPA

(20)S2

No

No

Yes

No

No

SPA-2GE-7304

2-port 10/100/1000 Gigabit Ethernet SPA

(20)S2

No

No

Yes

No

No

SPA-2XOC3-POS

2-port OC-3c/STM-1 POS SPA

(25)S3

No

No

Yes

No

No

SPA-4XOC3-POS

4-port OC-3c/STM-1 POS SPA

(25)S3

No

No

Yes

No

No

SPA-1OC12-POS

1-port OC-12c/STM-4 POS SPA

(25)S3

No

No

Yes

No

No

SPA-2XT3/E3

2-port T3/E3 Serial SPA

(25)S3

No

No

Yes

No

No

SPA-4XT3/E3

4-port T3/E3 Serial SPA

(25)S3

No

No

Yes

No

No

SONET Port Adapters

PA-POS-OC3MM

1-port Packet over SONET OC3c/STM1 multimode

Yes

Yes

Yes

Yes

Yes

PA-POS-OC3SMI

1-port Packet over SONET OC3c/STM1 single mode (IR)

Yes

Yes

Yes

Yes

Yes

PA-POS-OC3SML

1-port Packet over SONET OC3c/STM1 single mode (LR)

Yes

Yes

Yes

Yes

Yes

PA-POS-2OC3

2-port OC-3/STM-1 POS with APS

(18)

Yes

Yes

Yes

Yes

Yes

T1/E1 Port Adapters

PA-4T+

4-port Serial, Enhanced

Yes

Yes

Yes

Yes

Yes

PA-8T-V35

8-port Serial, V.35

Yes

Yes

Yes

Yes

Yes

PA-8T-X21

8-port Serial, X.21

Yes

Yes

Yes

Yes

Yes

PA-8T-232

8-port Serial, 232

Yes

Yes

Yes

Yes

Yes

T3/E3 Port Adapters

PA-T3

1-port T3 Serial, T3 DSUs

Yes

Yes

Yes

Yes

Yes

PA-T3+

1-port T3 Serial, Enhanced

Yes

Yes

Yes

Yes

Yes

PA-2T3

2-port T3 Serial, T3 DSUs

Yes

Yes

Yes

Yes

Yes

PA-2T3+

2-port T3 Serial, Enhanced

Yes

Yes

Yes

Yes

Yes

PA-E3

1-port E3 Serial, E3 DSUs

Yes

Yes

Yes

Yes

Yes

PA-2E3

2-port E3 Serial, E3 DSUs

Yes

Yes

Yes

Yes

Yes

Token Ring Port Adapters

PA-4R-DTR

4-port Dedicated Token Ring, 4/16Mbps, HDX/FDX

Yes

No

No

No

Yes

1 For a spare product number, append an equal sign (=) to the product number. If a product number is listed as a spare product, only a spare product is available. For End-of-Sale (EOS) and End-of-Life (EOL) information about port adapters, refer to the Cisco product bulletins at the following locations:
Cisco 7200 series: http://www.cisco.com/en/US/products/hw/routers/ps341/prod_eol_notices_list.html
Cisco 7300 series: http://www.cisco.com/en/US/products/hw/routers/ps352/prod_eol_notices_list.html
Cisco 7400 series: http://www.cisco.com/en/US/products/hw/routers/ps354/prod_eol_notices_list.html
Cisco 7500 series: http://www.cisco.com/en/US/products/hw/routers/ps359/prod_eol_notices_list.html

2 The FDDI port adapters are supported on non-VXR routers.


For troubleshooting and alerts information about port adapters, see the Cisco documents at the following location:

http://www.cisco.com/en/US/products/hw/modules/ps2033/tsd_products_support_troubleshoot_and_alerts.html

Determining the Software Version

To determine the version of Cisco IOS software that is running on your Cisco router, log in to the router and enter the show version EXEC command:

Router> show version
Cisco Internetwork Operating System Software 
IOS (tm) 7500 Software (rsp-jsv-mz), Version 12.2(25)S, EARLY DEPLOYMENT RELEASE SOFTWARE

Upgrading to a New Software Release

For information about selecting a new Cisco IOS software release, see How to Choose a Cisco IOS Software Release at the following location:

http://www.cisco.com/warp/public/130/choosing_ios.shtml

For information about upgrading to a new software release, see the appropriate platform-specific document:

Cisco 7200 series, Cisco 7301, Cisco 7304, Cisco 7400 series, and Cisco 7500 series:

http://www.cisco.com/en/US/products/hw/routers/ps133/products_tech_note09186a0080094c07
.shtml

Cisco ONS 15530 DWDM Multiservice Aggregation Platform:

http://www.cisco.com/en/US/products/hw/optical/ps2011/ps4002/index.html

Cisco ONS 15540 ESP Extended Services Platform:

http://www.cisco.com/en/US/products/hw/optical/ps2011/ps2014/index.html

For Cisco IOS upgrade ordering instructions, see the document at the following location:

http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/957_pp.htm

To choose a new Cisco IOS software release by comparing feature support or memory requirements, use Cisco Feature Navigator. Cisco Feature Navigator is a web-based tool that enables you to determine which Cisco IOS and Catalyst OS software images support a specific set of features and which features are supported in a specific Cisco IOS image. You can search by feature or by feature set (software image). Under the release section, you can compare Cisco IOS software releases side by side to display both the features unique to each software release and the features that the releases have in common.

Cisco Feature Navigator is updated regularly when major Cisco IOS software releases and technology releases occur. For the most current information, go to the Cisco Feature Navigator home page at the following URL:

http://www.cisco.com/go/fn

To choose a new Cisco IOS software release based on information about defects that affect that software, use Bug Toolkit at the following URL:

http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl

Microcode Software

This section describes microcode software that is supported for the Cisco 7304 in Cisco IOS Release 12.2S and consists of the following subsections:

Bundled FPGAs for the Cisco 7304

Shared Port Adapter FPD Image Packages for the Cisco 7304

Bundled FPGAs for the Cisco 7304

This section provides information about the field-programmable gate array (FPGA) images for the Cisco 7304. These images apply only to the Cisco 7304.

If the versions of the FPGA images that are running on your Cisco 7304 do not match the versions that are bundled in the Cisco IOS software, we recommend that you update your FPGA images. For more details, see the Cisco 7304 FPGA Bundling and Update document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121ex/121ex10/
73fpga.htm

Bundled FPGAs for Cisco IOS Release 12.2(25)S15

There are no new FPGA images for Cisco IOS Release 12.2(25)S15. All Cisco IOS Release 12.2(25)S15 software images for the Cisco 7304 support the bundled FPGAs that were released in Release 12.2(25)S9.

Bundled FPGAs for Cisco IOS Release 12.2(25)S14

There are no new FPGA images for Cisco IOS Release 12.2(25)S14. All Cisco IOS Release 12.2(25)S14 software images for the Cisco 7304 support the bundled FPGAs that were released in Release 12.2(25)S9.

Bundled FPGAs for Cisco IOS Release 12.2(25)S13

There are no new FPGA images for Cisco IOS Release 12.2(25)S13. All Cisco IOS Release 12.2(25)S13 software images for the Cisco 7304 support the bundled FPGAs that were released in Release 12.2(25)S9.

Bundled FPGAs for Cisco IOS Release 12.2(25)S12

There are no new FPGA images for Cisco IOS Release 12.2(25)S12. All Cisco IOS Release 12.2(25)S12 software images for the Cisco 7304 support the bundled FPGAs that were released in Release 12.2(25)S9.

Bundled FPGAs for Cisco IOS Release 12.2(25)S11

There are no new FPGA images for Cisco IOS Release 12.2(25)S11. All Cisco IOS Release 12.2(25)S11 software images for the Cisco 7304 support the bundled FPGAs that were released in Release 12.2(25)S9.

Bundled FPGAs for Cisco IOS Release 12.2(25)S10

There are no new FPGA images for Cisco IOS Release 12.2(25)S10. All Cisco IOS Release 12.2(25)S10 software images for the Cisco 7304 support the bundled FPGAs that were released in Release 12.2(25)S9.

Bundled FPGAs for Cisco IOS Release 12.2(25)S9

All Cisco IOS Release 12.2(25)S9 software images for the Cisco 7304 support the bundled FPGAs that are listed in Table 4.

Table 4 Bundled FPGA Versions for Cisco IOS Release 12.2(25)S9 Sorted by Hardware Type 

FPGA Image
Hardware
Type
FPGA Version
Bundled
Minimum Required
Hardware Version
Approx. Upgrade
Time in Minutes

NSE-100 Motherboard FPGA

0x0001

1.10

2.00

15

NSE-100-CR Motherboard FPGA

0x0001

1.13

4.00

15

NSE-100-CR Motherboard FPGA

0x0001

1.14

5.00

15

NSE-100 Daughterboard FPGA

0x0002

1.07

0.00

6

NSE-100 Daughterboard FPGA

0x0002

1.08

5.00

6

OC-48 POS line card FPGA

0x0003

0.16

2.00

5

OC-3 POS line card FPGA

0x0004

0.22

2.00

8

6E3 line card FPGA

0x0005

0.21

2.00

12

6T3 line card FPGA

0x0005

0.21

2.00

12

OC-12 POS line card FPGA

0x0006

0.20

1.00

12

OC-3 ATM line card FPGA

0x0007

0.19

2.00

8

OC-12 ATM line card FPGA

0x0007

0.19

2.00

8

CC-PA line card FPGA

0x0008

1.40

1.01

8

NPE-G100 FPGA (PS)

0x000A

2.05

0.30

12

NPE-G100 FPGA (ES)

0x000A

2.05

0.20

12

MSC-100 FPGA

0x000D

0.27

0.10

22


Bundled FPGAs for Cisco IOS Release 12.2(25)S8

All Cisco IOS Release 12.2(25)S8 software images for the Cisco 7304 support the bundled FPGAs that are listed in Table 5.

Table 5 Bundled FPGA Versions for Cisco IOS Release 12.2(25)S8 Sorted by Hardware Type 

FPGA Image
Hardware
Type
FPGA Version
Bundled
Minimum Required
Hardware Version
Approx. Upgrade
Time in Minutes

NSE-100 Motherboard FPGA

0x0001

1.07

2.00

15

NSE-100-CR Motherboard FPGA

0x0001

1.07

4.00

15

NSE-100-CR Motherboard FPGA

0x0001

1.08

5.00

15

NSE-100 Daughterboard FPGA

0x0002

1.07

0.00

6

NSE-100 Daughterboard FPGA

0x0002

1.08

5.00

6

OC-48 POS line card FPGA

0x0003

0.16

2.00

5

OC-3 POS line card FPGA

0x0004

0.22

2.00

8

6E3 line card FPGA

0x0005

0.21

2.00

12

6T3 line card FPGA

0x0005

0.21

2.00

12

OC-12 POS line card FPGA

0x0006

0.20

1.00

12

OC-3 ATM line card FPGA

0x0007

0.19

2.00

8

OC-12 ATM line card FPGA

0x0007

0.19

2.00

8

CC-PA line card FPGA

0x0008

1.40

1.01

8

NPE-G100 FPGA (PS)

0x000A

2.05

0.30

12

NPE-G100 FPGA (ES)

0x000A

2.05

0.20

12

MSC-100 FPGA

0x000D

0.27

0.10

22


Bundled FPGAs for Cisco IOS Release 12.2(25)S7

There are no new FPGA images for Cisco IOS Release 12.2(25)S7. All Cisco IOS Release 12.2(25)S7 software images for the Cisco 7304 support the bundled FPGAs that were released in Release 12.2(25)S3.

Bundled FPGAs for Cisco IOS Release 12.2(25)S6

There are no new FPGA images for Cisco IOS Release 12.2(25)S6. All Cisco IOS Release 12.2(25)S6 software images for the Cisco 7304 support the bundled FPGAs that were released in Release 12.2(25)S3.

Bundled FPGAs for Cisco IOS Release 12.2(25)S5

There are no new FPGA images for Cisco IOS Release 12.2(25)S5. All Cisco IOS Release 12.2(25)S5 software images for the Cisco 7304 support the bundled FPGAs that were released in Release 12.2(25)S3.

Bundled FPGAs for Cisco IOS Release 12.2(25)S4

There are no new FPGA images for Cisco IOS Release 12.2(25)S4. All Cisco IOS Release 12.2(25)S4 software images for the Cisco 7304 support the bundled FPGAs that were released in Release 12.2(25)S3.

Bundled FPGAs for Cisco IOS Release 12.2(25)S3

All Cisco IOS Release 12.2(25)S3 software images for the Cisco 7304 support the bundled FPGAs that are listed in Table 6.

Table 6 Bundled FPGA Versions for Cisco IOS Release 12.2(25)S3 

FPGA Image
FPGA Version
Bundled
Minimum Required
Hardware Version
Approx. Upgrade
Time in Minutes

6E3 line card FPGA

0.21

2.00

12

6T3 line card FPGA

0.21

2.00

12

MSC-100 FPGA

0.27

0.10

22

NPE-G100 FPGA

2.05

0.30

12

NSE-100 Motherboard FPGA

1.07

2.00 or 4.00

15

1.08

5.00

15

NSE-100 Daughterboard FPGA

1.07

0.00

6

1.08

5.00

6

OC-3 ATM line card FPGA

0.19

2.00

8

OC-12 ATM line card FPGA

0.19

2.00

8

OC-3 POS line card FPGA

0.22

2.00

8

OC-12 POS line card FPGA

0.20

1.00

12

OC-48 POS line card FPGA

0.16

2.00

5

CC-PA line card FPGA

1.30

1.01

8


Bundled FPGAs for Cisco IOS Release 12.2(25)S2

All Cisco IOS Release 12.2(25)S2 software images for the Cisco 7304 support the bundled FPGAs that are listed in Table 7.

Table 7 Bundled FPGA Versions for Cisco IOS Release 12.2(25)S2 

FPGA Image
Hardware
Version
FPGA Version
Bundled
Approx. Upgrade
Time in Minutes

6E3 line card FPGA

0.21

12

6T3 line card FPGA

0.21

12

NPE-G100 FPGA

2.05

12

OC-12 POS line card FPGA

0.20

12

OC-3 ATM line card FPGA

0.18

8

OC-3 POS line card FPGA

0.22

8

OC-48 POS line card FPGA

0.16

5

NSE-100 Daughterboard FPGA

3.0 or lower

1.07

6

5.0 or higher

1.08

6

NSE-100 Motherboard FPGA

3.0 or lower

1.07

15

5.0 or higher

1.08

15

CC-PA line card FPGA

1.30

8

MSC-100 FPGA

0.24

22


Bundled FPGAs for Cisco IOS Release 12.2(20)S14

There are no new FPGA images for Cisco IOS Release 12.2(20)S14. All Cisco IOS Release 12.2(20)S14 software images for the Cisco 7304 support the bundled FPGAs that were released in Release 12.2(20)S11.

Bundled FPGAs for Cisco IOS Release 12.2(20)S13

There are no new FPGA images for Cisco IOS Release 12.2(20)S13. All Cisco IOS Release 12.2(20)S13 software images for the Cisco 7304 support the bundled FPGAs that were released in Release 12.2(20)S11.

Bundled FPGAs for Cisco IOS Release 12.2(20)S12

There are no new FPGA images for Cisco IOS Release 12.2(20)S12. All Cisco IOS Release 12.2(20)S12 software images for the Cisco 7304 support the bundled FPGAs that were released in Release 12.2(20)S11.

Bundled FPGAs for Cisco IOS Release 12.2(20)S11

All Cisco IOS Release 12.2(20)S11 software images for the Cisco 7304 support the bundled FPGAs that are listed in Table 8.

Table 8 Bundled FPGA Versions for Cisco IOS Release 12.2(20)S11 

FPGA Image
Hardware
Type
FPGA Version
Bundled
Minimum Required
Hardware Version
Approx. Upgrade
Time in Minutes

6E3 line card FPGA

0x0005

0.21

2.00

12

6T3 line card FPGA

0x0005

0.21

2.00

12

NPE-G100 FPGA (PS)

0x000A

2.05

0.30

12

NPE-G100 FPGA (ES)

0x000A

2.05

0.20

12

OC-12 POS line card FPGA

0x0006

0.20

1.00

12

OC-3 ATM line card FPGA

0x0007

0.19

2.00

8

OC-3 POS line card FPGA

0x0004

0.22

2.00

8

OC-48 POS line card FPGA

0x0003

0.15

2.00

5

NSE-100 Daughterboard FPGA

0x0002

1.07

0.00

6

NSE-100 Daughterboard FPGA

0x0002

1.08

5.00

6

NSE-100 Motherboard FPGA

0x0001

1.10

2.00

15

NSE-100-CR Motherboard FPGA

0x0001

1.13

4.00

15

NSE-100-CR Motherboard FPGA

0x0001

1.14

5.00

15

CC-PA line card FPGA

0x0008

1.40

1.01

8

MSC-100 FPGA

0x000D

0.27

0.10

22


Bundled FPGAs for Cisco IOS Release 12.2(20)S10

All Cisco IOS Release 12.2(20)S10 software images for the Cisco 7304 support the bundled FPGAs that are listed in Table 9.

Table 9 Bundled FPGA Versions for Cisco IOS Release 12.2(20)S10 

FPGA Image
Hardware
Type
FPGA Version
Bundled
Minimum Required
Hardware Version
Approx. Upgrade
Time in Minutes

6E3 line card FPGA

0x0005

0.21

2.00

12

6T3 line card FPGA

0x0005

0.21

2.00

12

NPE-G100 FPGA (PS)

0x000A

2.05

0.30

12

NPE-G100 FPGA (ES)

0x000A

2.05

0.20

12

OC-12 POS line card FPGA

0x0006

0.20

1.00

12

OC-3 ATM line card FPGA

0x0007

0.19

2.00

8

OC-3 POS line card FPGA

0x0004

0.22

2.00

8

OC-48 POS line card FPGA

0x0003

0.15

2.00

5

NSE-100 Daughterboard FPGA

0x0002

1.07

0.00

6

NSE-100 Daughterboard FPGA

0x0002

1.08

5.00

6

NSE-100 Motherboard FPGA

0x0001

1.07

2.00

15

NSE-100-CR Motherboard FPGA

0x0001

1.07

4.00

15

NSE-100-CR Motherboard FPGA

0x0001

1.08

5.00

15

CC-PA line card FPGA

0x0008

1.40

1.01

8

MSC-100 FPGA

0x000D

0.27

0.10

22


Bundled FPGAs for Cisco IOS Release 12.2(20)S9

There are no new FPGA images for Cisco IOS Release 12.2(20)S9. All Cisco IOS Release 12.2(20)S9 software images for the Cisco 7304 support the bundled FPGAs that were released in Release 12.2(20)S8.

Bundled FPGAs for Cisco IOS Release 12.2(20)S8

All Cisco IOS Release 12.2(20)S8 software images for the Cisco 7304 support the bundled FPGAs that are listed in Table 10.

Table 10 Bundled FPGA Versions for Cisco IOS Release 12.2(20)S8 

FPGA Image
FPGA Version
Bundled
Approx. Upgrade
Time in Minutes

6E3 line card FPGA

0.21

12

6T3 line card FPGA

0.21

12

NPE-G100 FPGA

2.05

12

OC-12 POS line card FPGA

0.20

12

OC-3 ATM line card FPGA

0.19

8

OC-3 POS line card FPGA

0.22

8

OC-48 POS line card FPGA

0.15

5

NSE-100 Daughterboard FPGA

1.08

6

NSE-100 Motherboard FPGA

1.08

15

CC-PA line card FPGA

1.30

8

MSC-100 FPGA

0.27

22


Bundled FPGAs for Cisco IOS Release 12.2(20)S7

All Cisco IOS Release 12.2(20)S7 software images for the Cisco 7304 support the bundled FPGAs that are listed in Table 11.

Table 11 Bundled FPGA Versions for Cisco IOS Release 12.2(20)S7 

FPGA Image
FPGA Version
Bundled
Approx. Upgrade
Time in Minutes

6E3 line card FPGA

0.21

12

6T3 line card FPGA

0.21

12

NPE-G100 FPGA

2.05

12

OC-12 POS line card FPGA

0.20

12

OC-3 ATM line card FPGA

0.19

8

OC-3 POS line card FPGA

0.22

8

OC-48 POS line card FPGA

0.15

5

NSE-100 Daughterboard FPGA

1.08

6

NSE-100 Motherboard FPGA

1.08

15

CC-PA line card FPGA

1.30

8

MSC-100 FPGA

0.24

22


Bundled FPGAs for Cisco IOS Release 12.2(20)S6

All Cisco IOS Release 12.2(20)S6 software images for the Cisco 7304 support the bundled FPGAs that are listed in Table 12.

Table 12 Bundled FPGA Versions for Cisco IOS Release 12.2(20)S6 

FPGA Image
FPGA Version
Bundled
Approx. Upgrade
Time in Minutes

6E3 line card FPGA

0.21

12

6T3 line card FPGA

0.21

12

NPE-G100 FPGA

2.05

12

OC-12 POS line card FPGA

0.20

12

OC-3 ATM line card FPGA

0.18

8

OC-3 POS line card FPGA

0.22

8

OC-48 POS line card FPGA

0.15

5

NSE-100 Daughterboard FPGA

1.08

6

NSE-100 Motherboard FPGA

1.08

15

CC-PA line card FPGA

1.30

8

MSC-100 FPGA

0.24

22


Bundled FPGAs for Cisco IOS Release 12.2(20)S5

All Cisco IOS Release 12.2(20)S5 software images for the Cisco 7304 support the bundled FPGAs that are listed in Table 13.

Table 13 Bundled FPGA Versions for Cisco IOS Release 12.2(20)S5 

FPGA Image
FPGA Version Bundled

6E3 line card FPGA

0.20

6T3 line card FPGA

0.20

NPE-G100 FPGA

2.05

OC-12 POS line card FPGA

0.20

OC-3 ATM line card FPGA

0.18

OC-3 POS line card FPGA

0.22

OC-48 POS line card FPGA

0.15

NSE-100 Daughterboard FPGA

1.08

NSE-100 Motherboard FPGA

1.08

CC-PA line card FPGA

1.30

MSC-100 FPGA

0.24


Bundled FPGAs for Cisco IOS Release 12.2(20)S4

There are no new FPGA images for Cisco IOS Release 12.2(20)S4. All Cisco IOS Release 12.2(20)S4 software images for the Cisco 7304 support the bundled FPGAs that were released in Release 12.2(20)S3.

Bundled FPGAs for Cisco IOS Release 12.2(20)S3

All Cisco IOS Release 12.2(20)S3 software images for the Cisco 7304 support the bundled FPGAs that are listed in Table 14.

Table 14 Bundled FPGA Versions for Cisco IOS Release 12.2(20)S3 

FPGA Image
FPGA Version Bundled

6E3 line card FPGA

0.20

6T3 line card FPGA

0.20

NPE-G100 FPGA

2.04

OC-12 POS line card FPGA

0.18

OC-3 ATM line card FPGA

0.18

OC-3 POS line card FPGA

0.20

OC-48 POS line card FPGA

0.15

NSE-100 Daughterboard FPGA

1.07

NSE-100 Motherboard FPGA

1.07

CC-PA line card FPGA

1.20

MSC-100 FPGA

0.23


Bundled FPGAs for Cisco IOS Release 12.2(20)S2

All Cisco IOS Release 12.2(20)S2 software images for the Cisco 7304 support the bundled FPGAs that are listed in Table 15.

Table 15 Bundled FPGA Versions for Cisco IOS Release 12.2(20)S2 

FPGA Image
FPGA Version Bundled

6E3 line card FPGA

0.20

6T3 line card FPGA

0.20

NPE-G100 FPGA

2.04

OC-12 POS line card FPGA

0.18

OC-3 ATM line card FPGA

0.18

OC-3 POS line card FPGA

0.20

OC-48 POS line card FPGA

0.15

NSE-100 Daughterboard FPGA

1.07

NSE-100 Motherboard FPGA

1.07

CC-PA line card FPGA

1.11

MSC-100 FPGA

0.23


Bundled FPGAs for Cisco IOS Release 12.2(20)S1

There are no new FPGA images for Cisco IOS Release 12.2(20)S1. All Cisco IOS Release 12.2(20)S1 software images for the Cisco 7304 support the bundled FPGAs that were released in Release 12.2(20)S.

Bundled FPGAs for Cisco IOS Release 12.2(20)S

All Cisco IOS Release 12.2(20)S software images for the Cisco 7304 support the bundled FPGAs that are listed in Table 16.

Table 16 Bundled FPGA Versions for Cisco IOS Release 12.2(20)S 

FPGA Image
FPGA Version Bundled

6T3 line card FPGA

0.16

NPE-G100 FPGA

2.03

OC-12 POS line card FPGA

0.18

OC-3 ATM line card FPGA

0.18

OC-3 POS line card FPGA

0.20

OC-48 POS line card FPGA

0.15

NSE-100 Daughterboard FPGA

1.07

NSE-100 Motherboard FPGA

1.07

CC-PA line card FPGA

1.10


Shared Port Adapter FPD Image Packages for the Cisco 7304

Field-programmable device (FPD) image packages are used to update shared port adapter (SPA) FPD images. If a discrepancy exists between an SPA FPD image and the Cisco IOS image that is running on the router, the SPA will be deactivated until this discrepancy is resolved. For additional information on FPDs, including the upgrade process, see the "Upgrading Field-Programmable Devices" section of the Cisco 7304 Modular Services Card and Shared Port Adapter Software Configuration Guide:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/73mscspa/mscspasw/index.htm


Note The maximum time to upgrade the FPD image(s) on one SPA is 2 minutes. The total FPD upgrade time depends on the number of SPAs.


Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(25)S15

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(25)S15 is the c7304-fpd.122-25.S15.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com. The content of this SPA FPD image package is the same as the content of the SPA FPD image package for Release 12.2(25)S3.

Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(25)S14

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(25)S14 is the c7304-fpd.122-25.S14.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com. The content of this SPA FPD image package is the same as the content of the SPA FPD image package for Release 12.2(25)S3.

Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(25)S13

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(25)S13 is the c7304-fpd.122-25.S13.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com. The content of this SPA FPD image package is the same as the content of the SPA FPD image package for Release 12.2(25)S3.

Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(25)S12

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(25)S12 is the c7304-fpd.122-25.S12.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com. The content of this SPA FPD image package is the same as the content of the SPA FPD image package for Release 12.2(25)S3.

Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(25)S11

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(25)S11 is the c7304-fpd.122-25.S11.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com. The content of this SPA FPD image package is the same as the content of the SPA FPD image package for Release 12.2(25)S3.

Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(25)S10

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(25)S10 is the c7304-fpd.122-25.S10.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com. The content of this SPA FPD image package is the same as the content of the SPA FPD image package for Release 12.2(25)S3.

Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(25)S9

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(25)S9 is the c7304-fpd.122-25.S9.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com. The content of this SPA FPD image package is the same as the content of the SPA FPD image package for Release 12.2(25)S3.

Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(25)S8

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(25)S8 is the c7304-fpd.122-25.S8.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com. The content of this SPA FPD image package is the same as the content of the SPA FPD image package for Release 12.2(25)S3.

Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(25)S7

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(25)S7 is the c7304-fpd.122-25.S7.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com. The content of this SPA FPD image package is the same as the content of the SPA FPD image package for Release 12.2(25)S3.

Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(25)S6

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(25)S6 is the c7304-fpd.122-25.S6.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com. The content of this SPA FPD image package is the same as the content of the SPA FPD image package for Release 12.2(25)S3.

Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(25)S5

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(25)S5 is the c7304-fpd.122-25.S5.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com. The content of this SPA FPD image package is the same as the content of the SPA FPD image package for Release 12.2(25)S3.

Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(25)S4

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(25)S4 is the c7304-fpd.122-25.S4.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com. The content of this SPA FPD image package is the same as the content of the SPA FPD image package for Release 12.2(25)S3.

Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(25)S3

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(25)S3 is the c7304-fpd.122-25.S3.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com.

Table 17 Release 12.2(25)S3 FPD Image Package Contents 

Supported SPAs
FPD
ID
FPD Component
Name
FPD Component Version
Minimum Required Hardware Version

7304-4FE-SPA

1

Data & I/O FPGA

4.18

0.0

7304-2GE-SPA

1

Data & I/O FPGA

4.18

0.0

SPA-2XOC3-POS

1

I/O FPGA

3.4

0.0

SPA-4XOC3-POS

1

I/O FPGA

3.4

0.0

SPA-1OC12-POS

1

I/O FPGA

3.4

0.0

SPA-2XT3/E3

1

ROMMON

2.12

0.0

2

I/O FPGA

0.24

0.0

3

E3 FPGA

0.6

0.0

4

T3 FPGA

0.14

0.0

SPA-4XT3/E3

1

ROMMON

2.12

0.0

2

I/O FPGA

0.24

0.0

3

E3 FPGA

0.6

0.0

4

T3 FPGA

0.14

0.0


Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(25)S2

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(25)S2 is the c7304-fpd.122-25.S2.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com.

Table 18 Release 12.2(25)S2 FPD Image Package Contents 

Supported SPAs
FPD ID
FPD Component Name
FPD Component Version
Minimum Required Hardware Version

7304-4FE-SPA

1

I/O FPGA

4.18

0.0

7304-2GE-SPA

1

I/O FPGA

4.18

0.0


Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(20)S14

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(20)S14 is the c7304-fpd-pkg.122-20.S14 file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image in the Software Center on Cisco.com.

Table 19 Release 12.2(20)S14 FPD Image Package Contents 

Supported SPAs
FPD ID
FPD Component Name
FPD Component Version
Minimum Required Hardware Version

7304-4FE-SPA

1

I/O FPGA

4.18

0.0

7304-2GE-SPA

1

I/O FPGA

4.18

0.0


Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(20)S13

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(20)S13 is the c7304-fpd-pkg.122-20.S13 file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image in the Software Center on Cisco.com.

Table 20 Release 12.2(20)S13 FPD Image Package Contents 

Supported SPAs
FPD ID
FPD Component Name
FPD Component Version
Minimum Required Hardware Version

7304-4FE-SPA

1

I/O FPGA

4.18

0.0

7304-2GE-SPA

1

I/O FPGA

4.18

0.0


Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(20)S12

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(20)S12 is the c7304-fpd-pkg.122-20.S12 file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image in the Software Center on Cisco.com.

Table 21 Release 12.2(20)S12 FPD Image Package Contents 

Supported SPAs
FPD ID
FPD Component Name
FPD Component Version
Minimum Required Hardware Version

7304-4FE-SPA

1

I/O FPGA

4.18

0.0

7304-2GE-SPA

1

I/O FPGA

4.18

0.0


Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(20)S11

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(20)S11 is the c7304-fpd-pkg.122-20.S11 file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image in the Software Center on Cisco.com.

Table 22 Release 12.2(20)S11 FPD Image Package Contents 

Supported SPAs
FPD ID
FPD Component Name
FPD Component Version
Minimum Required Hardware Version

7304-4FE-SPA

1

I/O FPGA

4.18

0.0

7304-2GE-SPA

1

I/O FPGA

4.18

0.0


Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(20)S10

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(20)S10 is the c7304-fpd-pkg.122-20.S10 file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image in the Software Center on Cisco.com.

Table 23 Release 12.2(20)S10 FPD Image Package Contents 

Supported SPAs
FPD ID
FPD Component Name
FPD Component Version
Minimum Required Hardware Version

7304-4FE-SPA

1

I/O FPGA

4.18

0.0

7304-2GE-SPA

1

I/O FPGA

4.18

0.0


Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(20)S9

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(20)S9 is the c7304-fpd-pkg.122-20.S9 file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image in the Software Center on Cisco.com.

Table 24 Release 12.2(20)S9 FPD Image Package Contents 

Supported SPAs
FPD ID
FPD Component Name
FPD Component Version
Minimum Required Hardware Version

7304-4FE-SPA

1

I/O FPGA

4.18

0.0

7304-2GE-SPA

1

I/O FPGA

4.18

0.0


Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(20)S8

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(20)S8 is the spa-fpd-122-20.S8.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com.

Table 25 Release 12.2(20)S8 FPD Image Package Contents 

Supported SPAs
FPD ID
FPD Component Name
FPD Component Version
Minimum Required Hardware Version

7304-4FE-SPA

1

I/O FPGA

4.18

0.0

7304-2GE-SPA

1

I/O FPGA

4.18

0.0


Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(20)S7

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(20)S7 is the spa-fpd-122-20.S7.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com.

Table 26 Release 12.2(20)S7 FPD Image Package Contents 

Supported SPAs
FPD ID
FPD Component Name
FPD Component Version
Minimum Required Hardware Version

7304-4FE-SPA

1

I/O FPGA

4.18

0.0

7304-2GE-SPA

1

I/O FPGA

4.18

0.0


Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(20)S6

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(20)S6 is the spa-fpd-122-20.S6.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com.

Table 27 Release 12.2(20)S6 FPD Image Package Contents 

Supported SPAs
FPD ID
FPD Component Name
FPD Component Version
Minimum Required Hardware Version

7304-4FE-SPA

1

I/O FPGA

4.18

0.0

7304-2GE-SPA

1

I/O FPGA

4.18

0.0


Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(20)S5

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(20)S5 is the spa-fpd-122-20.S5.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com.

Table 28 Release 12.2(20)S5 FPD Image Package Contents 

Supported SPAs
FPD ID
FPD Component Name
FPD Component Version
Minimum Required Hardware Version

7304-4FE-SPA

1

I/O FPGA

4.17

0.0

7304-2GE-SPA

1

I/O FPGA

4.17

0.0


Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(20)S4

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(20)S4 is the spa-fpd-122-20.S4.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com.

Table 29 Release 12.2(20)S4 FPD Image Package Contents 

Supported SPAs
FPD ID
FPD Component Name
FPD Component Version
Minimum Required Hardware Version

7304-4FE-SPA

1

I/O FPGA

4.17

0.0

7304-2GE-SPA

1

I/O FPGA

4.17

0.0


Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(20)S3

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(20)S3 is the spa-fpd-122-20.S3.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com.

Table 30 Release 12.2(20)S3 FPD Image Package Contents 

Supported SPAs
FPD ID
FPD Component Name
FPD Component Version
Minimum Required Hardware Version

7304-4FE-SPA

1

I/O FPGA

4.17

0.0

7304-2GE-SPA

1

I/O FPGA

4.17

0.0


Shared Port Adapter FPD Image Package for Cisco IOS Release 12.2(20)S2

The FPD image package that is used to upgrade SPAs on a router that runs Cisco IOS Release 12.2(20)S2 is the spa-fpd-122-20.S2.pkg file. This SPA FPD image package file is accessible from the page where you downloaded your specific Cisco IOS image from the Software Center on Cisco.com.

Table 31 Release 12.2(20)S2 FPD Image Package Contents

Supported SPAs
FPD ID
FPD Component Name
FPD Component Version
Minimum Required Hardware Version

7304-4FE-SPA

1

I/O FPGA

4.17

0.0

7304-2GE-SPA

1

I/O FPGA

4.17

0.0


Cisco IOS Release 12.2(20)S2 is the first Cisco IOS Release to support SPAs. Therefore, Cisco IOS Release 12.2(20)S2 is the first Cisco IOS Release to support FPD image packages.

Feature Support

Cisco IOS software is packaged in feature sets that consist of software images that support specific platforms. The feature sets available for a specific platform depend on which Cisco IOS software images are included in a release. Each feature set contains a specific set of Cisco IOS features.


Caution Cisco IOS images with strong encryption (including, but not limited to 168-bit (3DES) data encryption feature sets) are subject to U.S. government export controls and have limited distribution. Strong encryption images to be installed outside the United States are likely to require an export license. Customer orders may be denied or subject to delay because of U.S. government regulations. When applicable, the purchaser/user must obtain local import and use authorizations for all encryption strengths. Please contact your sales representative or distributor for more information, or send an e-mail to export@cisco.com.


Note The feature set tables have been removed from the Cisco IOS Release 12.2S release notes to improve the usability of the release notes documentation. The feature-to-image mapping that was provided by the feature set tables is available through Cisco Feature Navigator.


Cisco Feature Navigator is a web-based tool that enables you to determine which Cisco IOS and Catalyst OS software images support a specific set of features and which features are supported in a specific Cisco IOS image. You can search by feature or by feature set (software image). Under the release section, you can compare Cisco IOS software releases side by side to display both the features unique to each software release and the features that the releases have in common.

Cisco Feature Navigator is updated regularly when major Cisco IOS software releases and technology releases occur. For the most current information, go to the Cisco Feature Navigator home page at the following URL:

http://www.cisco.com/go/fn

For frequently asked questions about Cisco Feature Navigator, see the FAQs at the following URL:

http://www.cisco.com/support/FeatureNav/FNFAQ.html

Determining Which Software Images (Feature Sets) Support a Specific Feature

To determine which software images (feature sets) in Cisco IOS Release 12.2S support a specific feature, go to the Cisco Feature Navigator home page and perform the following steps.


Step 1 From the Cisco Feature Navigator home page, click Search by feature.

Step 2 To find a feature, use either "Search by full or partial feature name" or "Browse features in alphabetical order." Either a list of features that match the search criteria or a list of features that begin with the number or letter selected from the ordered list will be displayed in the Features available text box on the left side of the web page.

Step 3 Select a feature from the Features available text box, and click the Add button to add a feature to the Features selected text box on the right side of the web page.


Note To learn more about a feature in the list, click the Show Description(s) button below the Features available text box.


Repeat this step to add additional features. A maximum of 20 features can be chosen for a single search.

Step 4 Click Continue when you are finished selecting features.

Step 5 From the Major Release drop-down menu, choose 12.2S.

Step 6 From the Release drop-down menu, choose the appropriate maintenance release.

Step 7 From the Platform drop-down menu, select the appropriate hardware platform. The "Search Results" table will list all the software images (feature sets) that support the feature(s) that you selected.


Determining Which Features Are Supported in a Specific Software Image (Feature Set)

To determine which features are supported in a specific software image (feature set) in Cisco IOS Release 12.2S, go to the Cisco Feature Navigator home page and perform the following steps.


Step 1 From the Cisco Feature Navigator home page, click Compare Images, and then Search by Release.

Step 2 In the "Find the features in a specific Cisco IOS release, using one of the following methods:" area, choose 12.2S from the Cisco IOS Major Release drop-down menu.

Step 3 Click Continue.

Step 4 From the Release drop-down menu, choose the appropriate maintenance release.

Step 5 From the Platform drop-down menu, choose the appropriate hardware platform.

Step 6 From the Feature Set drop-down menu, choose the appropriate feature set. The "Search Results" table will list all the features that are supported by the feature set (software image) that you selected.


New and Changed Information

This section lists the new hardware and software features supported by Cisco IOS Release 12.2S and contains the following subsections:

New Hardware Features in Cisco IOS Release 12.2(30)S

New Software Features in Cisco IOS Release 12.2(30)S

New Hardware Features in Cisco IOS Release 12.2(25)S3

New Software Features in Cisco IOS Release 12.2(25)S3

New Hardware Features in Cisco IOS Release 12.2(25)S2

New Software Features in Cisco IOS Release 12.2(25)S2

New Hardware Features in Cisco IOS Release 12.2(25)S1

New Software Features in Cisco IOS Release 12.2(25)S1

New Hardware Features in Cisco IOS Release 12.2(25)S

New Software Features in Cisco IOS Release 12.2(25)S

New Hardware Features in Cisco IOS Release 12.2(22)S

New Software Features in Cisco IOS Release 12.2(22)S

New Hardware Features in Cisco IOS Release 12.2(20)S5

New Software Features in Cisco IOS Release 12.2(20)S5

New Hardware Features in Cisco IOS Release 12.2(20)S3

New Software Features in Cisco IOS Release 12.2(20)S3

New Hardware Features in Cisco IOS Release 12.2(20)S2

New Software Features in Cisco IOS Release 12.2(20)S2

New Hardware Features in Cisco IOS Release 12.2(20)S

New Software Features in Cisco IOS Release 12.2(20)S

New Hardware Features in Cisco IOS Release 12.2(18)S

New Software Features in Cisco IOS Release 12.2(18)S

New Hardware Features in Cisco IOS Release 12.2(14)S

New Software Features in Cisco IOS Release 12.2(14)S


Note These release notes are not cumulative and list only features that are new to Cisco IOS Release 12.2S. The parent release for Cisco IOS Release 12.2S is Cisco IOS Release 12.2. For information about inherited features, refer to Cisco.com or Cisco Feature Navigator. For Cisco.com, either go to Cisco.com and select the appropriate software release under Products and Service and IOS Software or go to http://www.cisco.com/univercd/home/index.htm and select the appropriate software release under Cisco IOS Software and Release Notes. You can use the Cisco Feature Navigator tool at http://www.cisco.com/go/fn.


New Hardware Features in Cisco IOS Release 12.2(30)S

There are no new hardware features in Cisco IOS Release 12.2(30)S.

New Software Features in Cisco IOS Release 12.2(30)S

There are no new software features in Cisco IOS Release 12.2(30)S.

New Hardware Features in Cisco IOS Release 12.2(25)S3

This section describes new and changed features in Cisco IOS Release 12.2(25)S3. Some features may be new to Cisco IOS Release 12.2S but were released in earlier Cisco IOS software releases. Some features may have been released in earlier Cisco IOS software releases and have been changed in Cisco IOS Release 12.2(25)S3. To determine if a feature is new or changed, see the feature history table at the beginning of the feature module for that feature. Links to feature modules are included below. If a feature listed below does not have a link to a feature module, that feature is documented only in the release notes, and information about whether the feature is new or changed will be available in the feature description provided below.

1 Port OC-12 ATM Line Card (7300-1OC12ATM)

This release introduces the 1-port OC-12 ATM line card (7300-1OC12ATM)for the Cisco 7304 router. For detailed information about this feature, see the Cisco documents at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/linecard/ol_6876/index.htm

1-Port OC-12c/STM-4 POS SPA Shared Port Adapter (SPA-1OC12-POS)

This release introduces the 1-port OC-12c/STM-4 POS SPA (SPA-1OC12-POS) shared port adapter (SPA) for the Cisco 7304 router. For detailed information about this feature, see the following Cisco documents:

Cisco 7304 Router Modular Services Card and Shared Port Adapter Hardware Installation Guide

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/73mscspa/mscspahw/index.htm

Cisco 7304 Router Modular Services Card and Shared Port Adapter Software Installation Guide

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/73mscspa/mscspasw/index.htm

2-Port and 4-Port OC-3 POS SPA Shared Port Adapter (SPA-2XOC3-POS and SPA-4XOC3-POS)

This release introduces the 2-port and 4-port OC-3 POS shared port adapters (SPA-2XOC3-POS and SPA-4XOC3-POS) for the Cisco 7304 router. For detailed information about this feature, see the following Cisco documents:

Cisco 7304 Router Modular Services Card and Shared Port Adapter Hardware Installation Guide

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/73mscspa/mscspahw/index.htm

Cisco 7304 Router Modular Services Card and Shared Port Adapter Software Installation Guide

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/73mscspa/mscspasw/index.htm

2-Port and 4-Port T3/E3 Serial SPA Shared Port Adapter (SPA-2XT3/E3 and SPA-4XT3/E3)

This release introduces the 2-port and 4-port T3/E3 serial SPA shared port adapters (SPA-2XT3/E3 and SPA-4XT3/E3) for the Cisco 7304 router. For detailed information about this feature, see the following Cisco documents:

Cisco 7304 Router Modular Services Card and Shared Port Adapter Hardware Installation Guide

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/73mscspa/mscspahw/index.htm

Cisco 7304 Router Modular Services Card and Shared Port Adapter Software Installation Guide

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/73mscspa/mscspasw/index.htm

New Software Features in Cisco IOS Release 12.2(25)S3

This section describes new and changed features in Cisco IOS Release 12.2(25)S3. Some features may be new to Cisco IOS Release 12.2S but were released in earlier Cisco IOS software releases. Some features may have been released in earlier Cisco IOS software releases and have been changed in Cisco IOS Release 12.2(25)S3. To determine if a feature is new or changed, see the feature history table at the beginning of the feature module for that feature. Links to feature modules are included below. If a feature listed below does not have a link to a feature module, that feature is documented only in the release notes, and information about whether the feature is new or changed will be available in the feature description provided below.

MPLS VPN: SSO/NSF Support

This feature was introduced in Cisco IOS Release 12.2(25)S. Release 12.2(25)S3 adds support for the Cisco 7304 routers. For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fsvpngr.
htm

New Hardware Features in Cisco IOS Release 12.2(25)S2

There are no new hardware features in Cisco IOS Release 12.2(25)S2.

New Software Features in Cisco IOS Release 12.2(25)S2

This section describes new and changed features in Cisco IOS Release 12.2(25)S2. Some features may be new to Cisco IOS Release 12.2S but were released in earlier Cisco IOS software releases. Some features may have been released in earlier Cisco IOS software releases and have been changed in Cisco IOS Release 12.2(25)S2. To determine if a feature is new or changed, see the feature history table at the beginning of the feature module for that feature. Links to feature modules are included below. If a feature listed below does not have a link to a feature module, that feature is documented only in the release notes, and information about whether the feature is new or changed will be available in the feature description provided below.

Any Transport over MPLS for PXF

Any Transport over MPLS (AToM) transports Layer 2 packets over a Multiprotocol Label Switching (MPLS) backbone. AToM enables service providers to connect customer sites with existing data link layer (Layer 2) networks, by using a single, integrated, packet-based network infrastructure— a Cisco MPLS network. Instead of separate networks with network management environments, service providers can deliver Layer 2 connections over an MPLS backbone. AToM provides a common framework to encapsulate and transport supported Layer 2 traffic types over an MPLS network core.

The AToM for PXF features introduces AToM in the PXF-processing path for the Cisco 7304 router.

IP and Ethernet interworkings are supported in PXF as part of this feature.

The following AToM transport modes are now supported on line card, port adapter, shared port adapter, and the native Gigabit Ethernet interface on the Cisco 7304 processor:

ATM AAL5 over MPLS

Ethernet over MPLS (Port and VLAN modes)

Frame Relay over MPLS

HDLC over MPLS

PPP over MPLS

The following modes are supported on the PA-A3-OC3 only:

ATM Single Cell Relay over MPLS

ATM single cell relay: VC mode

ATM single cell relay: VP mode

ATM single cell relay: Port mode

ATM packed cell relay: VP and VC modes

For general information on AToM (non-PXF and across platforms), see the Any Transport over ATM document at the following location:

http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/fsatom.html

For additional information on this feature, see the Cisco 7304 Troubleshooting and Configuration Notes document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/trouble/1270note.htm

Layer 2 Tunneling Protocol v3 for PXF on the Cisco 7304 NSE-100

L2TPv3 is an Internet Engineering Task Force (IETF) l2tpext working group draft that provides several enhancements to L2TP for the capability to tunnel any Layer 2 payload over L2TP. Specifically, L2TPv3 defines the L2TP protocol for tunneling Layer 2 payloads over an IP core network using Layer 2 Virtual Private Networks (VPNs).

L2TP has two fundamental parts:

A control plane responsible for setting up the connection

A data plane responsible for tunneling Layer 2 frames

L2TPv3 signaling is responsible for negotiating control plane parameters, session IDs, and cookies; for performing authentication; and for exchanging configuration parameters. L2TPv3 is also used to reliably deliver hello messages and circuit status messages. These messages are critical to support circuit interworking, such as the Local Management Interface (LMI), and to monitor the remote circuit status.

This feature introduces L2TPv3 in the PXF processing path for Cisco 7304 routers using an NSE-100 (this feature is already available for the NPE-G100). Specifically, the following is supported for L2TPv3 in the PXF processing path:

L2 Media

Ethernet Port mode

Ethernet 802.1q VLAN

PPP

HDLC

Frame Relay

AAL5/OAM

VP Single Cell relay

VC Single Cell relay

Interworking Types

Ethernet (bridged)

IP (routed)

Rewrite Options

VLAN ID rewrite

VLAN Header rewrite

Frame Relay DLCI switching

L2TPv3 Options

0,4,8 byte cookies

TTL set in tunnel header

IP ToS set, or reflect from inner IP header

DF bit set

Path MTU discovery

QoS

There is no classification support when the interface has xconnect.

Input QoS on the L2 circuit is limited to set and police configured under the default class. The service policy must have the following format:

policymap p1

class class-default

set qos-group .. [AND/OR]

police ..

Output QoS on the L2 circuit is limited to police configured under the default class.

Local Switching

Support for VLAN, Ethernet port, AAL5, HDLC and PPP local switching.

MIB Support

Limited to Cisco Enterprise VPDN MIB. PW-MIB support is not available in this release.

For additional information on this feature, see the Cisco 7304 Troubleshooting and Configuration Notes document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/trouble/1270note.htm

Multicast and Multicast VPN for PXF

The Multicast and Multicast VPN (mVPN) for PXF feature introduces support for the following packets in the PXF processing path on the Cisco 7304 Router in Cisco IOS Release 12.2(25)S2:

Basic Multicast Packets

Basic Multicast Packets using VRF (VRF-lite configuration)

Multicast packets using VRF and MPLS VPN

No new configuration has been introduced as a result of the introduction of this feature. This feature simply forwards the previously mentioned packets using the PXF-switching path, assuming the configurations were previously configured.

For some sample configurations, see the following documents:

The Multicast Quick-Start Configuration Guide at the following location:

http://www.cisco.com/warp/customer/105/48.html

The "Configuration Examples for Multicast VPN—IP Multicast Support for MPLS VPNs" section in the Multicast VPN—IP Multicast Support for MPLS VPNs document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/
fs_mvpn.htm#1041814

For additional information on this feature, see the Cisco 7304 Troubleshooting and Configuration Notes document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/trouble/1270note.htm

New Hardware Features in Cisco IOS Release 12.2(25)S1

There are no new hardware features in Cisco IOS Release 12.2(25)S1.

New Software Features in Cisco IOS Release 12.2(25)S1

This section describes new and changed features in Cisco IOS Release 12.2(25)S1. Some features may be new to Cisco IOS Release 12.2S but were released in earlier Cisco IOS software releases. Some features may have been released in earlier Cisco IOS software releases and have been changed in Cisco IOS Release 12.2(25)S1. To determine if a feature is new or changed, see the feature history table at the beginning of the feature module for that feature. Links to feature modules are included below. If a feature listed below does not have a link to a feature module, that feature is documented only in the release notes, and information about whether the feature is new or changed will be available in the feature description provided below.

Multiple Trunk

Cisco IOS Release 12.2(25)S1 adds support for multiple trunk connections that enable more than one network topology to connect to a single Cisco ONS 15540 chassis.

PPP/MLP MRRU Negotiation Configuration

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_7/gtmpmrru.
htm

New Hardware Features in Cisco IOS Release 12.2(25)S

This section describes new and changed features in Cisco IOS Release 12.2(25)S. Some features may be new to Cisco IOS Release 12.2S but were released in earlier Cisco IOS software releases. Some features may have been released in earlier Cisco IOS software releases and have been changed in Cisco IOS Release 12.2(25)S. To determine if a feature is new or changed, see the feature history table at the beginning of the feature module for that feature. Links to feature modules are included below. If a feature listed below does not have a link to a feature module, that feature is documented only in the release notes, and information about whether the feature is new or changed will be available in the feature description provided below.

Route Switch Processor 16

The Route Switch Processor 16 (RSP16) is available in new system deployments and as an upgrade to existing systems that are based on the RSP8, RSP4+, or RSP2. The RSP16 is compatible with existing Versatile Interface Processors (VIPs), including the new Cisco VIP6-80, and with port adapters that are supported with existing VIPs.

The RSP16 fully supports Cisco 7500 series high-availability features, including Single Line Card Reload (SLCR), Route Processor Redundancy (RPR), RPR Plus (RPR+), Fast Software Upgrade (FSU), Nonstop Forwarding (NSF), and Stateful Switchover (SSO). This support allows the Cisco 7500 series routers to demonstrate some of the highest uptime in the industry. FSU allows customers to upgrade their existing RSP2, RSP4+, and RSP8 to RSP16 with minimal downtime.

The RSP16 is an ideal platform for enterprise and service provider networks that require additional performance and processing power to support service-enabled edge and core applications.

For information about installation and configuration of the RSP16, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7505/rte_swit/13963r16.htm

New Software Features in Cisco IOS Release 12.2(25)S

This section describes new and changed features in Cisco IOS Release 12.2(25)S. Some features may be new to Cisco IOS Release 12.2S but were released in earlier Cisco IOS software releases. Some features may have been released in earlier Cisco IOS software releases and have been changed in Cisco IOS Release 12.2(25)S. To determine if a feature is new or changed, see the feature history table at the beginning of the feature module for that feature. Links to feature modules are included below. If a feature listed below does not have a link to a feature module, that feature is documented only in the release notes, and information about whether the feature is new or changed will be available in the feature description provided below.

1-Gbps ISC Links Peer Mode

The 1-Gbps ISC links peer mode is now supported on the Cisco ONS 15530 transponder line cards and Cisco ONS 15540 2.5-Gbps transponder modules.

ACL IP Options Selective Drop

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s23/sel_drop.htm

ACL—Named ACL Support for Noncontiguous Ports on an Access Control Entry

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_7/gtaclace.htm

ACL Support for Filtering IP Options

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gtipofil.htm

ACL TCP Flags Filtering

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gtaclflg.htm

Any Transport over MPLS

The following Any Transport over Multiprotocol Label Switching (AToM) features are introduced for the Cisco 7500 series in Cisco IOS Release 12.2(25)S:

Any Transport over MPLS (AToM): Ethernet over MPLS: Port Mode (EoMPLS)

Any Transport over MPLS (AToM): Distributed Mode for Frame Relay, PPP, and HDLC over MPLS

Any Transport over MPLS (AToM): ATM Cell Relay over MPLS: Packed Cell Relay

Any Transport over MPLS (AToM): Single Cell Relay - VC Mode (CRoMPLS)

Any Transport over MPLS (AToM): ATM Cell Relay over MPLS: VP Mode

Any Transport over MPLS: (AToM): ATM OAM Emulation

Any Transport over MPLS (AToM) SCR VC Mode for PA-A3-T1/E1-IMA

Any Transport over MPLS (AToM) SCR VP Mode and Port Mode for PA-A3-T1/E1-IMA

For detailed information about these features, see the following Cisco document:

http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/fsatom.html

Any Transport over MPLS (AToM) Graceful Restart

For detailed information about this feature, see the Any Transport over MPLS High Availability - Stateful Switchover (SSO) and Non-Stop Forwarding (NSF) document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fsatomha.htm

Any Transport over MPLS High Availability - Stateful Switchover (SSO) and Non-Stop Forwarding (NSF)

For detailed information about this feature, see the Any Transport over MPLS High Availability - Stateful Switchover (SSO) and Non-Stop Forwarding (NSF) document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fsatomha.htm

AToM Port Mode Cell Relay Support for PA-A3-8T1 IMA PA and PA-A3-8E1 IMA PA

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/fsatom.html

ATM Conditional Debug Support

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s28/12satmdb.htm

ATM OAM Ping

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s21/12atmpng.htm

ATM Port Mode Packed Cell Relay over AToM

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/fsatom.html

ATM PVC Trap Enhancements for Segment and End AIS/RDI Failures

When an ATM permanent virtual circuit (PVC) cannot be used to transmit data because of a connectivity failure, it may be placed in a down state. To detect a connectivity failure, various types of Operation, Administration, and Maintenance (OAM) cells can be used. The operator can inform the network management system (NMS) about OAM failures using ATM PVC trap notifications. Depending on the PVC trap notification that is enabled, the PVC state can be kept up or can brought down. The various ATM PVC trap notifications supported for different types of PVC connectivity failure detection mechanisms are as follows:

ATM PVC down trap

ATM PVC F5 loopback failure trap

ATM PVC F5 segment continuity check (CC) failure trap

ATM PVC F5 end-to-end CC failure trap

ATM PVC F5 alarm indication signal/remote defect indication (AIS/RDI) failure trap

When connectivity is restored and the PVC is in a down state, it is changed to an up state and data transfer is allowed to occur over the PVC. This restoration of connectivity can be detected using OAM cells, and the following recovery trap notifications can be used to inform the NMS:

ATM PVC up trap

ATM PVC F5 loopback recovery trap

ATM PVC F5 segment CC recovery trap

ATM PVC F5 end-to-end CC recovery trap

ATM PVC F5 AIS/RDI recovery trap

If the traps in these lists were sent for each PVC failure and recovery, they would generate much traffic for the NMS. To reduce this traffic, at most one trap of each type could be generated in each notification interval. However, because there can be multiple PVCs, each of which can have multiple failures and recoveries, the trap may contain multiple PVCs. To reduce the size of the trap packet, successive PVCs that have the same failures or recoveries are expressed by means of ranges.

In the F5 AIS/RDI failure and recovery traps listed above, separate segment and end AIS/RDI traps are not implemented. The ATM PVC Trap Enhancements for Segment and End AIS/RDI Failures feature introduced in Cisco IOS Release 12.2(25)S allows the generation of separate ATM F5 segment and end AIS/RDI failure and recovery trap notifications. This enhancement also adds the ifDescr object to the traps.

See the ATM OAM Support for F5 Continuity Check feature module for information about enabling ATM OAM F5 support:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s24/24soamcc.htm

BGP Features

The following BGP features are supported as of Cisco IOS Release 12.2(25)S:

BGP Cost Community Support for EIGRP MPLS VPN PE-CE with Backdoor Links

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fsbgpcce.htm

BGP MIB Support Enhancements

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fs_bmibe.htm

BGP Policy Accounting Output Interface Accounting

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/
gtbgppax.htm

BGP Support for Dual AS Configuration for Network AS Migrations

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fsbgpdas.htm

BGP Support for IP Prefix Import from Global Table into a VRF Table

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fs_bgivt.htm

BGP Support for Named Extended Community Lists

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fsnextcl.htm

BGP Support for Sequenced Entries in Extended Community Lists

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fsextseq.htm

BGP Support for TTL Security Check

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fs_btsh.htm

Cisco IOS Login Enhancements

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gt_login.htm

Cisco IOS Scripting with Tcl

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_2/gt_tcl.htm

CLNS Support for GRE Tunneling of IPv4 and IPv6

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-tunnel.html#wp1055474

CNS Agents

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fs_cns.htm

Configuration Change Notification and Logging

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gtconlog.htm

Configuration Generation Performance Enhancement

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_7/gtinvgen.htm

Configuration Replace and Configuration Rollback

For detailed information about this feature, including configuration versioning, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_7/gtrollbk.htm

Contextual Configuration Diff Utility

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gt_diff.htm

Control Plane Policing - Time Based

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s18/gtrtlimt.htm

CPU Threshold Notification

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gt_cput.htm

Embedded Event Manager 2.0

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fs_eem2.htm

Embedded Syslog Manager (ESM)

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_2/gt_esm.htm

Enhanced Object Tracking

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t15/fthsrptk.htm

Extended ACL Support for IGMP to Support SSM in IPv4

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_7/gtmcxacl.htm

FHRP - Enhanced Object Tracking of Service Assurance Agent (SAA) Operations

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gtfhrp.htm

FHRP - HSRP - SSO Aware HSRP

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fshsrpss.htm

First Hop Redundancy Protocols

The following First Hop Redundancy Protocols (FHRPs) are supported in Cisco IOS Release 12.2(25)S:

HSRP MD5 Authentication

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_2/gthsrpau.htm

Hot Standby Router Protocol Version 2

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gthsrpv2.htm

VRRP Object Tracking

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_2/gtvrrptk.htm

Frame Relay Conditional Debug Support

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s28/12sfrcdb.htm

Frame Relay FRF.1.2 Annex A Support

The Frame Relay FRF.1.2 Annex A Support feature is also known as Local Management Interface (LMI) segmentation and supports an enhancement to the Frame Relay LMI protocol where LMI full status messages are segmented because MTU constraints or large numbers of permanent virtual circuits (PVCs). This feature is useful when the MTU size cannot be increased but is insufficient to accommodate the large number of PVCs on the link. During Frame Relay internetworking with other Layer 2 protocols, the MTUs on each interface must match. In software without the Frame Relay FRF.1.2 Annex A Support feature, users cannot change the MTU size on the Frame Relay side and place all the PVC data into one LMI packet. With the Frame Relay FRF.1.2 Annex A Support functionality, this problem is solved.

The FRF.1.2 Annex A standard adds a new message type "Full status continued" to an LMI packet. When a DCE determines that it cannot fit all PVCs into one packet (enforced by the MTU size), the message type is set to "Full status continued." The DTE responds to "Full status continued" messages sent to this packet immediately instead of waiting for the T391 timer to expire. The DCE sends the remaining PVCs in one or more "Full status continued" messages until all the remaining PVCs can fit into one message. At this point, a normal "Full status" message is sent.

If the DTE receives a "Full status" or "Full status continued" STATUS message in response to a "Full status continued" STATUS ENQUIRY message, this exchange indicates a lower-valued data-link connection identifier (DLCI) than the previous "Full status continued" STATUS message and is considered to be an error event and PVC information elements (IEs) will not be processed. The next time the T391 timer expires, the "Full status" STATUS ENQUIRY procedure is reinitiated.

This feature follows the FRF1.2 implement agreement [1] and allows the Cisco IOS software to be compliant with the FRF1.2 standard. The implementation is platform-independent and applies to all platforms running Cisco IOS software that support Frame Relay. This feature interoperates only with existing Cisco IOS software releases where all PVCs can be reported in one packet. A router running the new functionality must be able to interoperate with routers running existing Cisco IOS software releases and with routers that support the new functionality using the continuation status request and reply frames. Only LMI types Q.933A and ANSI support the FRF.1.2 Annex A standard.

You can track "Full status continued" packets using the debug frame-relay lmi privileged EXEC command. An extra field, 04, has been added to the display output. The following example indicates where in the report to look for this field (text in bold for purpose of example):

17:42:39: Serial1(out): StEnq, myseq 126, yourseen 125, DTE up

17:42:39: datagramstart = 0x40058DA4, datagramsize = 13

17:42:39: FR encap = 0x00010308

17:42:39: 00 75 51 01 04 53 02 7E 7D

The string segment "active/inactive" in the show interface commands indicates whether the FRF.1.2 Annex A standard is triggered. The report indicates active when routers receive the "Full status continued" message; otherwise, the report indicates inactive.

Integrated IS-IS Global Default Metric

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gtisglob.htm

Integrated IS-IS Protocol Shutdown Support Maintaining Configuration Parameters

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gtisprot.htm

IPMROUTE-STD-MIB

This feature introduces support for the IPMROUTE-STD-MIB in Cisco IOS Release 12.2(25)S. The IPMROUTE-STD-MIB, as defined in RFC 2932, is a module for management of IP multicast routing in a manner independent of the specific multicast routing protocol in use. Support for this MIB replaces the draft form of the IPMROUTE-MIB.

The IPMROUTE-STD-MIB supports all the MIB objects of the IPMROUTE-MIB and also supports the following four new MIB objects:

ipMRouteEntryCount

ipMRouteHCOctets

ipMRouteInterfaceHCInMcastOctets

ipMRouteInterfaceHCOutMcastOctets

The ipMRouteScopeNameTable MIB object is not supported because it is not relevant to multicast routers.

IP Traffic Export

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gt_rawip.htm

IPv6 Anycast Address

For information about this feature, see the "IPv6 Address Type: Anycast" section in the Implementing Basic Connectivity for IPv6 document:

http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-addrg_bsc_con.html#wp1052470

IPv6 Multicast Features

The following IPv6 Multicast and IPv6 Multicast-related features are supported as of Cisco IOS Release 12.2(25)S:

IPv6 Bidirectional PIM

IPv6 Multicast: Address Family Support for Multiprotocol BGP

IPv6 Multicast: Bootstrap Router (BSR)

IPv6 Multicast: Explicit Tracking of Receivers

IPv6 Multicast: MLD Access Group

IPv6 Multicast: PIM Accept Register

IPv6 Multicast: PIM Embedded RP Support

IPv6 Multicast: Routable Address Hello Option

IPv6 Multicast: RPF Flooding of Bootstrap Router (BSR) Packets

IPv6 Multicast: Static Multicast Routing (mroute) for IPv6

For information about the IPv6 Multicast: PIM Embedded RP Support feature and the IPv6 Multicast: Static Multicast Routing (mroute) for IPv6 feature, see the following section in the Implementing IPv6 Multicast document:

http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-multicast.html

For information about the IPv6 Multicast: Address Family Support for Multiprotocol BGP feature, see the following section in the Implementing IPv6 Multicast document:

http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-multicast.html

For information about all other IPv6 Multicast and IPv6 Multicast-related features mentioned above, see the following section in the Implementing IPv6 Multicast document:

http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-multicast.html

IS-IS Caching of Redistributed Routes

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s27/isredrib.htm

IS-IS Support for Priority-Driven IP Prefix RIB Installation

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s26/fslocrib.htm

L2TPv3: Layer 2 Tunneling Protocol Version 3

Cisco IOS Release 12.2(25)S introduces support for the Layer 2 Tunneling Protocol version 3 (L2TPv3) feature, including the following L2TPv3-related features:

ATM AAL5 OAM Emulation over L2TPv3

ATM Single Cell Relay VC Mode over L2TPv3

ATM VP Mode Single Cell Relay over L2TPv3

L2TPv3 Distributed Sequencing

L2TPv3 Layer 2 Fragmentation

For information about the L2TPv3 Layer 2 Fragmentation feature, see the "IP Packet Fragmentation" section in the Layer 2 Tunnel Protocol Version 3 document (see below).

L2TPv3 Support for PA-A3-8T1IMA PA and PA-A3-8E1IMA Port Adapters

For detailed information about these features, see the Layer 2 Tunnel Protocol Version 3 document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s29/l2tpv29s.htm

L2VPN Interworking

Cisco IOS Release 12.2(25)S introduces support for the L2VPN Interworking feature, including the following features:

L2VPN Interworking: Ethernet to VLAN

L2VPN Interworking: Ethernet VLAN to ATM AAL5

L2VPN Interworking: Ethernet VLAN to Frame Relay

L2VPN Interworking: Frame Relay to ATM AAL5

L2VPN Interworking: Frame Relay to PPP

For detailed information about these features, see the L2VPN Interworking document:

https://www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_l2vpn_intrntwkg_ps6922_TSD_Products_Configuration_Guide_Chapter.html

Layer 2 Local Switching Features

The following Layer 2 Local Switching features are supported:

Layer 2 Local Switching - ATM to ATM

Layer 2 Local Switching - ATM to Ethernet

Layer 2 Local switching - ATM-FR

For detailed information about these features, see the following Cisco document:

http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/fslocal.html

Loadsharing IP Packets over More Than Six Parallel Paths

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/fslocal.html

Memory Leak Detector

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_8/gtmleakd.htm

Memory Pool - SNMP Notification Support

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gtmemnot.htm

MPLS LDP Inbound Label Binding Filtering

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fsinbd4.htm

MPLS LDP: SSO/NSF Support and Graceful Restart

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fsldpgr.htm

MPLS LDP MIB: SSO/NSF Support

For further information about this feature, see the "MPLS LDP MIB: SSO/NSF Support" section in the MPLS High Availability: Overview document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fshaov.htm

MPLS VPN MIB: SSO/NSF Support

For detailed information about this feature, see the "MPLS VPN MIB: SSO/NSF Support" section in the MPLS High Availability: Overview document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fshaov.htm

MPLS VPN - Route Target Rewrite

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fsrtrw4.htm

MPLS VPN: SSO/NSF Support

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fsvpngr.htm

MPLS VPN—VRF Selection Based on Source IP Address

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122sz/12214sz/122szvrf.htm

MPLS VPN VRF Selection Using Policy Based Routing

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fs_pbrsv.htm

MSDP Compliance with IETF RFC 3618

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gt_msdp.htm

Multicast Fast Switching Performance Improvement

The Multicast Fast Switching Performance Improvement feature provides improvement of up to 100 percent of the existing multicast path packet throughput. This feature targets software forwarding-based platforms for IPv4 multicast only.

Multilink Frame Relay over L2TPv3/AToM

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s28/fsmfrl2.htm

NAT—dCEF Support

The NAT—dCEF Support feature enhances the overall performance of Route Switch Processors (RSPs) on a Cisco 7500 series by enabling line cards to perform address translation. Without this feature, any distributed Cisco Express Forwarding (dCEF) switched packet that needs address translation must be switched by the Route Switch Controller (RSC), which increases load and reduces system performance and throughput.

Line cards are able to maintain a subset of the RSC's NAT table. This enables the line cards to switch packets and perform express forwarding within and between port adapters. Because embedded address translation cannot occur at the line card level, packets that require payload translation are punted to the next higher level switching mechanism in the RSC.

NAT—Performance Enhancement—CEF Switching Support

The NAT—Performance Enhancement—CEF Switching Support feature enhances router performance by optimizing packet processing. Through Cisco Express Forwarding (CEF), decisions to translate, punt, drop, or forward a packet are made with a single lookup. To improve performance, packets that do not require translation and fragmented packets are not punted to the process level. Those packets that have special flags, such as TCP syn/fin/reset, are processed in the CEF path itself. Any action that is CPU-intensive is performed by a background process or by process-level NAT code.

NAT—Performance Enhancement—Translation Table Optimization

The NAT Translation Table Optimization Performance enhancement provides greater structure for storing translation table entries and an optimized look up in the table for associating table entries to IP connections.

NAT—Performance & Scalability Enhancement—Timer Wheel

The NAT—Performance & Scalability Enhancement—Timer Wheel feature reduces CPU utilization in cases where routers must manage large numbers of Network Address Translation (NAT) entries and it eliminates the performance bottleneck caused by the previous timer tree model. By using a more efficient data structure and a priority queue to sort the timer and eliminate the sorting operation during a timer insertion, the process of inserting and removing a timer is faster, improving the scalability of a router that is running NAT.

NAT—Rate Limiting NAT Translation

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gt_natrl.htm

NAT—Translation of External IP Addresses Only

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t4/ftnatxip.htm

NetFlow Input Filters

For detailed information about this feature (which is also known as the NetFlow Input Filters and Multi-Sampling Rates feature), see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gtnfinpf.htm

NetFlow MIB

This release adds MIB support to NetFlow. NetFlow cache information, current NetFlow configuration, and statistics can now be monitored using the Simple Network Management Protocol (SNMP).

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_7/nflowmib.htm

For more information about CISCO-NETFLOW-MIB, the MIB objects for the functionality described above, and to locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://tools.cisco.com/ITDIT/MIBS/servlet/index

NetFlow MIB and Top Talkers

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/nflowtt.htm

OSPF Area Transit Capability

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s27/ospfatc.htm

OSPF Forwarding Adjacency

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s24/ospffa.htm

OSPF Link-Local Signaling Per Interface Basis

For detailed information about this feature (which may also be known as the OSPF Per-Interface Link-Local Signaling feature), see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s27/ospflls.htm

OSPF Link State Database Overload Protection

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s27/ospfopro.htm

OSPF MIB Support of RFC 1850 and Latest Extensions

This release updates the OSPF MIB support to the latest RFC 1850 and adds the latest draft extensions. For more information regarding the definitions of the draft extensions, see the CISCO-OSPF-MIB.my and CISCO-OSPF-TRAP-MIB.my files that are available through the Cisco MIB FTP site at the following URL:

http://tools.cisco.com/ITDIT/MIBS/servlet/index

For routers that are running Cisco IOS Release 12.0(26)S and later releases, the OSPF MIB and CISCO OSPF MIB will be supported only for the first OSPF process (except for MIB objects that are related to virtual links and sham links). SNMP traps will be generated for OSPF events that are related to any of the OSPF processes. There is no workaround for this situation.

The CISCO-OSPF-MIB.my is a read-only MIB.

OSPF Support for Forwarding Adjacencies over MPLS Traffic Engineered Tunnels

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s24/
ospffa.htm

OSPF Support for Unlimited Software VRFs per Provider Edge (PE) Router

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gtospfvf.htm

PBR Support for Multiple Tracking Options

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gtpbrtrk.htm

Periodic MIB Data Collection and Transfer Mechanism

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s24/gdatacol.htm

PIM Dense Mode Fallback Prevention in a Network Following RP Information Loss

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gtautorp.htm

Port Mode Cell Relay Support for PA-A3-T3, PA-A3-E3, and PA-A3-OC3 PAs

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/fsatom.html

Rate Limiting NAT Translation

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gt_natrl.htm

Router Security Audit Logs

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s18/gtaudlog.htm

RTP Header Compression over Satellite Links

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fscrtprf.htm

Secure Copy

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t2/ftscp.htm

Secure Shell Version 2 Support

For detailed information about this feature, including the Secure Shell SSH Version 2 Client Support feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gt_ssh2.htm

Secure SNMP Views

The User Security Model (USM), View-Based Access Control Model (VACM), and Community MIBs (SNMP-USM-MIB, SNMP-VACM-MIB, and SNMP-COMMUNITY-MIB) contain information that can potentially be used to gain access to a router using Simple Network Management Protocol (SNMP). Therefore, the USM, VACM, and Community MIBs are excluded from the default SNMP access view so as not to allow remote access unless it is specifically configured. However, when an SNMP view is created with any parent object identifier (OID) of these MIBs included (for example "internet included"), these MIBs also are included in the view. To increase security, the Secure SNMP Views feature excludes these MIBs from SNMP access views even when parent OIDs are included in the view.

In releases earlier than this release, when you configure SNMP views with parent OIDs that include the USM, VACM, or Community MIBs, you must explicitly exclude them. For example, the following configuration can be used to exclude security-sensitive MIBs from the SNMP view that is named "test":

! - include all MIBs under the parent tree "internet" snmp-server view test internet included

! -- exclude snmpUsmMIB snmp-server view test 1.3.6.1.6.3.15 excluded

! -- exclude snmpVacmMIB snmp-server view test 1.3.6.1.6.3.16 excluded

! -- exclude snmpCommunityMIB snmp-server view test 1.3.6.1.6.3.18 excluded

As of Cisco IOS Release 12.0(26)S, 12.2(25)S, and 12.2(2)T, the USM, VACM, and Community MIBs are excluded from any parent OIDs in a configured view by default. If you wish to include these MIBs in a view, you must now explicitly include them.

Service Assurance Agent (SAA) Multiple Operation Scheduling

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_8/gt_saams.htm

Silent Operation Mode

For detailed information about this feature, see the Control Plane Policing document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s18/gtrtlimt.htm

SNMP Support over VPNs—Context Based Access Control

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_2/gtsnmpvp.htm

Stateful Switchover (SSO) Support for QoS

For detailed information about this feature, see the following Stateful Switchover document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s20/fssso20s.htm

Stateful Switchover Support for Multilink Frame Relay

For detailed information about this feature, see the following Stateful Switchover document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s20/fssso20s.htm

Suppress BGP Advertisement for Inactive Routes

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s25/fs_sbair.htm

Unique Device Identifier (UDI) Retrieval

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gtpepudi.htm

VC Single Cell Relay Support for PA-A3-OC12 over AToM/L2TPv3

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/fsatom.html

VP/VC Mode Packed Cell Relay Support for PA-A3-8T1 IMA PA and PA-A3-8E1 IMA PA

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/fsatom.html

VRF Aware Multicast Error Messages

Multicast error messages that are associated with a particular multicast VPN customer in an MPLS VPN environment can be tracked.

New Hardware Features in Cisco IOS Release 12.2(22)S

This section describes new and changed features in Cisco IOS Release 12.2(22)S. Some features may be new to Cisco IOS Release 12.2S but were released in earlier Cisco IOS software releases. Some features may have been released in earlier Cisco IOS software releases and have been changed in Cisco IOS Release 12.2(22)S. To determine if a feature is new or changed, see the feature history table at the beginning of the feature module for that feature. Links to feature modules are included below. If a feature listed below does not have a link to a feature module, that feature is documented only in the release notes, and information about whether the feature is new or changed will be available in the feature description provided below.

ONS 15530 Platform

The Cisco ONS 15530 is a dense wavelength-division multiplexing (DWDM) multiservice aggregation platform that maximizes the carrying capacity of fiber by performing service aggregation of protocols such as Enterprise System Connection (ESCON), Fibre Channel, Fiber Connectivity (FICON), and Gigabit Ethernet. With the Cisco ONS 15530, users can take advantage of the availability of dark fiber to build a common infrastructure that supports data, storage area networking (SAN), and time-division multiplexing (TDM) traffic.

The Cisco ONS 15530 is available in two configurations, Network Equipment Building Systems (NEBS) and European Telecommunications Standards Institute (ETSI). Both configurations have two vertically stacked half-height slots specifically for the optical add/drop multiplexers (OADM) modules and ten vertically oriented slots that hold the CPU switch modules, line cards, and transponder line cards.

For further information about the Cisco ONS 15530 hardware, see the documents at the following Cisco location:

http://www.cisco.com/univercd/cc/td/doc/product/mels/15530/12_2_s/index.htm

ONS 15540 Platform

The Cisco ONS 15540 Extended Services Platform (ESP) is an optical transport platform that employs dense wavelength-division multiplexing (DWDM) technology. With the Cisco ONS 15540 ESP, users can take advantage of the availability of dark fiber to build a common infrastructure that supports data, storage area networking (SAN), and time-division multiplexing (TDM) traffic.

ONS 15540 ESP

The Cisco ONS 15540 ESP uses a 12-slot modular vertical chassis for optical mux/demux modules, transponder modules, and processor cards. The system has an optical backplane for carrying signals between the transponder modules and the mux/demux modules.

For further information about the Cisco ONS 15540 hardware, see the documents at the following Cisco location:

http://www.cisco.com/univercd/cc/td/doc/product/mels/15540/12_2_s/index.htm

ONS 15540 ESPx

The Cisco ONS 15540 ESPx is similar to the Cisco ONS 15504 ESP but uses an enhanced chassis with front fiber-optic cable access for optical interconnections between transponders and optical mux/demux modules. The system has an electrical backplane for system control.

For further information about the Cisco ONS 15540x hardware, see the documents at the following Cisco location:

http://www.cisco.com/univercd/cc/td/doc/product/mels/15540x/12_2_s/index.htm

Regex Engine Performance Enhancement

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s_22/fs_rexpe.hm

New Software Features in Cisco IOS Release 12.2(22)S

This section describes new and changed features in Cisco IOS Release 12.2(22)S. Some features may be new to Cisco IOS Release 12.2S but were released in earlier Cisco IOS software releases. Some features may have been released in earlier Cisco IOS software releases and have been changed in Cisco IOS Release 12.2(22)S. To determine if a feature is new or changed, see the feature history table at the beginning of the feature module for that feature. Links to feature modules are included below. If a feature listed below does not have a link to a feature module, that feature is documented only in the release notes, and information about whether the feature is new or changed will be available in the feature description provided below.

ONS 15530 and ONS 15540 Cisco IOS Software Features

The Cisco IOS software features that are supported for the Cisco ONS 15530 and Cisco ONS 15540 include the following ones:

10GbE Support over Optical Transport

Client Service Aggregation over 10Gbps

ESCON Service Aggregation

Fibre Channel/FICON/Gigabit Ethernet Service Aggregation

Optical Client Based Line Card Protection

Optical High Availability Software

Optical Multiplexing and Demultiplexing

Optical Splitter Protection

Optical Supervisory Channel Protocol

Optical Switch Fabric Based Line Card Protection

Optical Trunk Fiber Protection

Optical Y-Cable Line Card Protection

Protocol Monitoring of Storage and Data Protocols

Variable Optical Attenuation

For more information about these and other features, see the Cisco ONS 15530 and Cisco ONS 15540: Cisco IOS Software Configuration Library at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s_22/fs_ons.htm

New Hardware Features in Cisco IOS Release 12.2(20)S6

There are no new hardware features in Cisco IOS Release 12.2(20)S6.

New Software Features in Cisco IOS Release 12.2(20)S6

This section describes new and changed features in Cisco IOS Release 12.2(20)S6. Some features may be new to Cisco IOS Release 12.2S but were released in earlier Cisco IOS software releases. Some features may have been released in earlier Cisco IOS software releases and have been changed in Cisco IOS Release 12.2(20)S6. To determine if a feature is new or changed, see the feature history table at the beginning of the feature module for that feature. Links to feature modules are included below. If a feature listed below does not have a link to a feature module, that feature is documented only in the release notes, and information about whether the feature is new or changed will be available in the feature description provided below.

Cisco 7304 FPGA Upgrade Enhancements

In Cisco IOS Release 12.2(20)S6, some major enhancements were made to the Cisco 7304 FPGA upgrade process. The following enhancements were made:

The no upgrade fpga command was introduced and became the default setting. Starting in this Cisco IOS Release, FPGA is not upgraded automatically when an FPGA version mismatch is detected and the user is not prompted to upgrade the FPGA when the default settings are maintained.

The no upgrade fpga prompt command behavior was changed. The no upgrade fpga prompt configuration no longer automatically begins an FPGA upgrade when an FPGA mismatch is detected.

The prompt asking users if they would like to reload the line card to complete the FPGA upgrade process after entering the upgrade fpga all command was added. As a result of this enhancement, FPGA upgrades can be completed up to the stage where a hardware reload is required to finish the upgrade, but the hardware can be reloaded at a later time to complete the FPGA upgrade.

The show c7300 command was modified to show more FPGA information.

The show upgrade fppa progress command was introduced.

The upgrade fpga force command was introduced.

For additional information on the Cisco 7304 FPGA upgrade process, see the Cisco 7304 FPGA Bundling and Update document.

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121ex/121ex10/73fpga.htm

Cisco 7304 Shared Port Adapter Field Programmable Device show Command Updates

In this Cisco IOS Release, the show upgrade commands that are used to monitor SPA FPD behavior on the Cisco 7304 router (show upgrade file, show upgrade package default, show upgrade progress, and show upgrade table) have been changed to add the fpd keyword. The output previously generated with the aforementioned commands can now be generated by entering the appropriate show upgrade fpd command (show upgrade fpd file, show upgrade fpd package default, show upgrade fpd progress, and show upgrade fpd table).

For additional information on these commands and FPD in general, see the Cisco 7304 Router Modular Services Card and Shared Port Adapter Software Configuration Guide:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/73mscspa/mscspasw/index.htm

New Hardware Features in Cisco IOS Release 12.2(20)S5

There are no new hardware features in Cisco IOS Release 12.2(20)S5.

New Software Features in Cisco IOS Release 12.2(20)S5

This section describes new and changed features in Cisco IOS Release 12.2(20)S5. Some features may be new to Cisco IOS Release 12.2S but were released in earlier Cisco IOS software releases. Some features may have been released in earlier Cisco IOS software releases and have been changed in Cisco IOS Release 12.2(20)S5. To determine if a feature is new or changed, see the feature history table at the beginning of the feature module for that feature. Links to feature modules are included below. If a feature listed below does not have a link to a feature module, that feature is documented only in the release notes, and information about whether the feature is new or changed will be available in the feature description provided below.

PXF Logical Interface Options on the Cisco 7304 Router Using an NSE-100

On the Cisco 7304 router using an NSE-100, the PXF processing path is enhanced in Cisco IOS Release 12.2(20)S5 to support up to 63 classes per QoS policy (previous IOS releases supported up to 23 classes per QoS policy).

The pxf max-logical-interfaces command is introduced as part of this feature. This command allows you to choose the number of PXF logical interfaces that you want to support on the router. There is a direct trade off between the number of supported PXF logical interfaces on the router and the number of supported QoS traffic classes per policy in PXF. You can configure the pxf max-logical-interfaces command by using either the 4k or 16k options. If the router is configured to support 4,096 PXF logical interfaces (with the pxf max-logical-interfaces 4k command), up to 63 QoS classes per policy can be supported in PXF. If the router is configured to support 16,384 logical interfaces (which is the default setting, or which can be restored by entering the pxf max-logical-interfaces 16k command), up to 23 QoS classes per policy can be supported in PXF.

The show max-logical-interfaces command is also introduced to show the selected number of PXF logical interfaces that is configured in both the running and startup configurations.

For additional information on this feature, see the PXF Logical Interface Options document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s20/pxflio.htm

FPGA Upgrade Prompt Options on the Cisco 7304 Router

In Cisco IOS Release 12.2(20)S5, the [no] upgrade fpga prompt command is introduced. This command enables and disables FPGA prompting when an FPGA incompatibility is detected. FPGA upgrading prompting is still enabled by default. If FPGA prompting is disabled (with the no upgrade fpga prompt command), an FPGA upgrade is automatically performed when an FPGA incompatibility is detected by the router.

For additional information about this command, see the FPGA Bundling and Update document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121ex/121ex10/73fpga.htm

New Hardware Features in Cisco IOS Release 12.2(20)S3

This section describes new and changed features in Cisco IOS Release 12.2(20)S3. Some features may be new to Cisco IOS Release 12.2S but were released in earlier Cisco IOS software releases. Some features may have been released in earlier Cisco IOS software releases and have been changed in Cisco IOS Release 12.2(20)S3. To determine if a feature is new or changed, see the feature history table at the beginning of the feature module for that feature. Links to feature modules are included below. If a feature listed below does not have a link to a feature module, that feature is documented only in the release notes, and information about whether the feature is new or changed will be available in the feature description provided below.

Cisco CWDM SFP Support for the NPE-G100

Supported platform: Cisco 7304

The SFP ports on the NPE-G100 processor of the Cisco 7304 router now supports the following Coarse Wavelength Division Multiplexing (CWDM) Small Form-Factor Pluggable (SFP) modules:

Cisco CWDM SFP 1470 nm (product number CWDM-SFP-1470=)

Cisco CWDM SFP 1490 nm (product number CWDM-SFP-1490=)

Cisco CWDM SFP 1510 nm (product number CWDM-SFP-1510=)

Cisco CWDM SFP 1530 nm (product number CWDM-SFP-1530=)

Cisco CWDM SFP 1550 nm (product number CWDM-SFP-1550=)

Cisco CWDM SFP 1570 nm (product number CWDM-SFP-1570=)

Cisco CWDM SFP 1590 nm (product number CWDM-SFP-1590=)

Cisco CWDM SFP 1610 nm (product number CWDM-SFP-1610=)

New Software Features in Cisco IOS Release 12.2(20)S3

This section describes new and changed features in Cisco IOS Release 12.2(20)S3. Some features may be new to Cisco IOS Release 12.2S but were released in earlier Cisco IOS software releases. Some features may have been released in earlier Cisco IOS software releases and have been changed in Cisco IOS Release 12.2(20)S3. To determine if a feature is new or changed, see the feature history table at the beginning of the feature module for that feature. Links to feature modules are included below. If a feature listed below does not have a link to a feature module, that feature is documented only in the release notes, and information about whether the feature is new or changed will be available in the feature description provided below.

Stateful Switchover and Nonstop Forwarding Support for Cisco 7304 Routers using the MSC-100

Supported platform: Cisco 7304

The Stateful Switchover (SSO) and Nonstop Forwarding (NSF) features are now available for the Cisco 7304 routers configured with an MSC-100 populated with SPAs.

In specific Cisco networking devices that support dual RPs, SSO takes advantage of RP redundancy to increase network availability. The SSO feature takes advantage of RP redundancy by establishing one of the RPs as the active processor while the other RP is designated as the standby processor, and then synchronizing critical state information between them.

SSO is used with the Cisco NSF feature. Cisco NSF allows for the forwarding of data packets to continue along known routes while the routing protocol information is being restored following a switchover.

Stateful Switchover and Nonstop Forwarding Support for Cisco 7304 Routers using the PCI Port Adapter Carrier Card

Supported platform: Cisco 7304

The Stateful Switchover (SSO) and Nonstop Forwarding (NSF) features are now available for the Cisco 7304 routers configured with a PCI Port Adapter Carrier Card populated with a port adapter.

In specific Cisco networking devices that support dual RPs, SSO takes advantage of RP redundancy to increase network availability. The SSO feature takes advantage of RP redundancy by establishing one of the RPs as the active processor while the other RP is designated as the standby processor, and then synchronizing critical state information between them.

SSO is used with the Cisco NSF feature. Cisco NSF allows for the forwarding of data packets to continue along known routes while the routing protocol information is being restored following a switchover.

New Hardware Features in Cisco IOS Release 12.2(20)S2

This section describes new and changed features in Cisco IOS Release 12.2(20)S2. Some features may be new to Cisco IOS Release 12.2S but were released in earlier Cisco IOS software releases. Some features may have been released in earlier Cisco IOS software releases and have been changed in Cisco IOS Release 12.2(20)S2. To determine if a feature is new or changed, see the feature history table at the beginning of the feature module for that feature. Links to feature modules are included below. If a feature listed below does not have a link to a feature module, that feature is documented only in the release notes, and information about whether the feature is new or changed will be available in the feature description provided below.

4-Port 10/100 Fast Ethernet Shared Port Adapter

Supported platform: Cisco 7304

The 4-port 10/100 Fast Ethernet shared port adapter (SPA) (7304-4FE-SPA) provides four 10/100 Fast Ethernet ports for the Cisco 7304. SPAs are half-height interface line cards that provide additional physical interfaces to the Cisco 7304 when inserted into Modular Services Cards (MSCs), assuming that the SPA is supported by the MSC. MSCs are jacket cards in which multiple SPAs can be inserted. An MSC fits into a line card slot.

For additional information on the 4-port 10/100 Fast Ethernet shared port adapter for the Cisco 7304, see the following documents:

Cisco 7304 Router Modular Services Card and Shared Port Adapter Hardware Installation Guide at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/73mscspa/mscspahw/index.htm

Cisco 7304 Router Modular Services Card and Shared Port Adapter Software Installation Guide at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/73mscspa/mscspasw/index.htm

2-Port 10/100/1000 Gigabit Ethernet Shared Port Adapter

Supported platform: Cisco 7304

The 2-port 10/100/1000 Gigabit Ethernet shared port adapter (SPA) provides two 10/100/1000 Ethernet/Fast Ethernet/Gigabit Ethernet ports for the Cisco 7304. SPAs are half-height interface line cards that provide additional physical interfaces to the Cisco 7304 router when inserted into Modular Services Cards (MSCs), assuming that the SPA is supported by the MSC. MSCs are jacket cards in which multiple SPAs can be inserted. An MSC fits into a line card slot.

For additional information on the SPA-2GE-7304 for the Cisco 7304 router, see the following documents:

Cisco 7304 Router Modular Services Card and Shared Port Adapter Hardware Installation Guide at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/73mscspa/mscspahw/index.htm

Cisco 7304 Router Modular Services Card and Shared Port Adapter Software Installation Guide at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/73mscspa/mscspasw/index.htm

Modular Services Card 100

Supported platform: Cisco 7304

The Modular Services Card 100 (MSC-100) enables support for Cisco shared port adapters (SPAs) on the Cisco 7304. The MSC-100 is a jacket card that is designed to accept two supported half-height SPAs in one line card slot of the Cisco 7304 chassis. For additional information on the MSC-100, see the following documents:

Cisco 7304 Router Modular Services Card and Shared Port Adapter Hardware Installation Guide at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/73mscspa/mscspahw/index.htm

Cisco 7304 Router Modular Services Card and Shared Port Adapter Software Installation Guide at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/73mscspa/mscspasw/index.htm

New Software Features in Cisco IOS Release 12.2(20)S2

There are no new software features in Cisco IOS Release 12.2(20)S2.

New Hardware Features in Cisco IOS Release 12.2(20)S

There are no new hardware features in Cisco IOS Release 12.2(20)S.

New Software Features in Cisco IOS Release 12.2(20)S

This section describes new and changed features in Cisco IOS Release 12.2(20)S. Some features may be new to Cisco IOS Release 12.2S but were released in earlier Cisco IOS software releases. Some features may have been released in earlier Cisco IOS software releases and have been changed in Cisco IOS Release 12.2(20)S. To determine if a feature is new or changed, see the feature history table at the beginning of the feature module for that feature. Links to feature modules are included below. If a feature listed below does not have a link to a feature module, that feature is documented only in the release notes, and information about whether the feature is new or changed will be available in the feature description provided below.

Enhanced Management of the Cisco 7304 Router, Phase 1

The Enhanced Management of the Cisco 7304 Router, Phase 1 feature enables you to:

Manage and monitor Cisco 7304 resources through a Simple Network Management Protocol (SNMP)-based network management system (NMS).

Use set and get SNMP commands to access information in Cisco 7304 router MIBs.

Reduce the amount of time and system resources required to perform functions like inventory management and bulk data transfers.

Other benefits include the following:

A standards-based technology (that is, SNMP) for monitoring faults and performance on the router.

Support for all SNMP versions (SNMPv1, SNMPv2c, and SNMPv3).

Notification of faults, alarms, and conditions that might affect services.

The ability to aggregate fault and alarm information for multiple entities.

A way to access router information other than through the command-line interface (CLI).

Supported Cisco 7304 Modules

The following Cisco 7304 network processing engines, line cards, and port adapters are supported:

Network Services Engine 100 (NSE-100)

Network Processing Engine G-100 (NPE-G100)

1-port OC-12 POS and 2-port OC-12 POS line cards (7300-1OC12POS-MM, 7300-1OC12POS-SMI, 7300-1OC12POS-SML, 7300-2OC12POS-MM, 7300-2OC12POS-SMI, 7300-2OC12POS-SML)

1-port OC-48 POS line card (7300-1OC48POS-SMS, 7300-1OC48POS-SMI, 7300-1OC48POS-SML)

2-port OC-3 ATM line card (7300-2OC3ATM-MM, 7300-2OC3ATM-SMI, 7300-2OC3ATM-SML)

2-port OC-3 POS and 4-port OC-3 POS line cards (7300-2OC3POS-MM, 7300-2OC3POS-SMI, 7300-2OC3POS-SML, 7300-4OC3POS-MM, 7300-4OC3POS-SMI, 7300-4OC3POS-SML)

Clear Channel 6-port E3 line card (7300-6E3)

Clear Channel 6-port T3 (DS3) line card (7300-6T3)

Port Adapter Carrier Card (7300-CC-PA)

1-port ATM Enhanced E3 port adapter (PA-A3-E3)

1-port ATM Enhanced DS3 port adapter (PA-A3-T3)

2-port Fast Ethernet 100BASE-FX port adapter (PA-2FE-FX)

2-port Fast Ethernet 100BASE-FX port adapter (PA-2FE-TX)

Cisco 7304 MIB Enhancements

In Cisco IOS Release 12.2S, the Cisco 7304 supports the following MIBs:

CISCO-ENTITY-ALARM-MIB—Foundation Fault Management

CISCO-ENTITY-ASSET-MIB—Inventory and Asset Management

CISCO-ENTITY-FRU-CONTROL-MIB—Foundation Fault Management

CISCO-ENTITY-PFE-MIB—Performance Management

CISCO-ENTITY-SENSOR-MIB—Foundation Fault Management

CISCO-ENTITY-VENDORTYPE-OID-MIB—Inventory and Asset Management

CISCO-ENTITY-EXT-MIB—Inventory and Asset Management

ENTITY-MIB (RFC 2037)—Inventory and Asset Management

NOTIFICATION-LOG-MIB (RFC 3014)—Core fault management

Further Information

For further information about the Enhanced Management of the Cisco 7304 Router, Phase 1 feature, see the Cisco 7304 Router MIB Specifications Guide at the following location:

https://www.cisco.com/en/US/docs/routers/7300/technical_references/7304_mib_guides/7304_mib_specs_guide_v2/7304mib.html

Frame Relay Discard Eligibility Bit Marking (PXF Based)

The ability to mark Frame Relay Discard Eligibility (DE) bits via the set fr-de command is now available in the Parallel Express Forwarding (PXF) processing path on the Cisco 7304 router.

The DE bit in the address field of a Frame Relay frame is used as a method for prioritizing the discarding of frames in congested Frame Relay networks. The Frame Relay DE bit has only two settings, 0 or 1. If congestion occurs in a Frame Relay network, frames with the DE bit set to 1 are discarded before frames with the DE bit set to 0. Therefore, important traffic should have the DE bit set to 0, and less important traffic should be forwarded with the DE bit set to 1.

The default DE bit setting is 0. The Class-Based Packet Marking feature allows users to change the DE bit setting to 1 for various traffic, giving users the option of keeping the default value of 0 or changing the value to 1. Users can therefore use Frame Relay DE bit marking to prioritize frames in a Frame Relay network.

For additional information on this and other PXF features, see the "PXF Features" section in the Cisco 7304 Troubleshooting and Configuration Notes document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/trouble/1270note.htm#65935

For general, non-PXF specific information on this feature, see the Class-Based Marking document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121t/121t5/cbpmark2.htm

Generic Routing Encapsulation Tunnel IP Source and Destination VRF Membership (PXF Based)

The Generic Routing Encapsulation Tunnel IP Source and Destination VRF Membership (PXF Based) feature enables users to specify the Virtual Private Network (VPN) routing/forwarding (VRF) membership of a generic routing encapsulation (GRE) tunnel IP source and destination in the Parallel Express Forwarding (PXF) processing path for the Cisco 7304 router. Before the introduction of this feature, the VRF tunnel interface required the global route to the tunnel destination to remain up. This feature removes this restriction.

For additional information on this and other PXF features, see the "PXF Features" section in the Cisco 7304 Troubleshooting and Configuration Notes document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/trouble/1270note.htm#65935

Hierarchical Aggregate Ingress Policing (PXF Based)

Hierarchical Aggregate Ingress Policing support is now available in the Parallel Express Forwarding (PXF) processing path on the Cisco 7304 router.

Hierarchical Aggregate Ingress Policing enables users to first police the aggregate default traffic and then police (via marking) the traffic that belongs to each nested traffic class.

In a Hierarchical Aggregate Ingress Policing configuration, the child policy map can have up to 23 user-defined classes, and the service policy that contains the child policy can be configured only on the default traffic class.

For additional information on this and other PXF features, see the "PXF Features" section in the Cisco 7304 Troubleshooting and Configuration Notes document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/trouble/1270note.htm#65935

Interface Queueing for Subinterfaces (PXF Based)

The Interface Queueing for Subinterfaces feature is now available in the Parallel Express Forwarding (PXF) processing path for the Cisco 7304 router.

The Port Level Queueing for Subinterfaces feature allows port-level quality of service (QoS) configurations to be applied to 802.1q subinterfaces and data-link connection identifiers (DLCIs). QoS features can still be applied specifically to 802.1q subinterfaces and DLCIs, and the QoS configurations on the 802.1q subinterfaces and DLCIs will always take precedence over the port-level QoS configurations when the 802.1q subinterfaces or DLCI configurations conflict with the port-level QoS configurations.

For additional information on this and other PXF features, see the "PXF Features" section in the Cisco 7304 Troubleshooting and Configuration Notes document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/trouble/1270note.htm#65935

MQC Hierarchical Service-Policy Map Infrastructure (PXF Based)

The MQC Hierarchical Service-Policy Map Infrastructure feature introduces hierarchical service policies that do not require a default class at the parent level in the Parallel Express Forwarding (PXF) processing path on the Cisco 7304 router. A user can now define multiple class queues with multiple classes of traffic feeding into each class queue.

For additional information on this and other PXF features, see the "PXF Features" section in the Cisco 7304 Troubleshooting and Configuration Notes document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/trouble/1270note.htm#65935

MQC Match and Set QoS Group (PXF Based)

Quality of Service (QoS) group matching and setting are now available in the Parallel Express Forwarding (PXF) processing path on the Cisco 7304 router.

Marking a packet with a local QoS group value allows users to identify a group ID with a packet. The group ID can be used to classify packets into QoS groups based on prefix, autonomous system, and community string. This QoS group marking can be used only to classify traffic within a single router and cannot, therefore, be used to mark packets leaving the router. For this reason, QoS group values cannot be applied on output traffic policies (which are attached to interfaces that are configured with the service-policy output command).

The QoS group value is usually used for one of the two following reasons:

To leverage a large range of traffic classes. The QoS group value has 100 different individual packet markings, as opposed to IP DSCP and IP Precedence, which have 64 and 8 values, respectively.

If changing the IP Precedence or IP differentiated services code point (DSCP) value of the packet is undesirable.

For additional information on this and other PXF features, see the "PXF Features" section in the Cisco 7304 Troubleshooting and Configuration Notes document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/trouble/1270note.htm#65935

For general, non-PXF specific information on this feature, see the Class-Based Marking document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121t/121t5/cbpmark2.htm

NetFlow Export of BGP Next Hop Propagation (PXF Based)

The NetFlow Export of BGP Next Hop Propagation feature is now available in the Parallel Express Forwarding (PXF) processing path for the Cisco 7304 router.

The BGP Next Hop Propagation feature provides additional flexibility when designing and migrating networks. The BGP Next Hop Propagation feature allows a route reflector to modify the next hop attribute for a reflected route and allows Border Gateway Protocol (BGP) to send an update to an external BGP (eBGP) multihop peer with the next hop attribute unchanged.

For additional information on this and other PXF features, see the "PXF Features" section in the Cisco 7304 Troubleshooting and Configuration Notes document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/trouble/1270note.htm#65935

For general, non-PXF specific information about the NetFlow Export of BGP Next Hop Information feature, see the BGP Next Hop Propagation document at the following location:

http://www.cisco.com/en/US/docs/ios/12_2s/feature/guide/fs_bgpnh.html

Nonstop Forwarding (NSF) with Stateful Switchover (SSO)

Cisco IOS Release 12.2(18)S introduced the Nonstop Forwarding (NSF) with Stateful Switchover (SSO) feature for the Cisco 7500 series. Release 12.2(20)S introduces support for this feature for the Cisco 7304 router.

For detailed information about this feature, see the following Cisco documents:

Nonstop Forwarding (NSF):

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s20/fsnsf20s.htm

Stateful Switchover (SSO):

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s20/fssso20s.htm

Route Processor Redundancy Plus (RPR+)

Cisco IOS Release 12.2(14)S introduced the Route Processor Redundancy Plus (RPR+) feature for the Cisco 7500 series. Release 12.2(20)S introduces support for the Route Processor Redundancy Plus (RPR+) feature for the Cisco 7304 router.

The RPR+ and Stateful Switchover (SSO) redundancy modes, along with Route Processor Redundancy (RPR), Fast Software Upgrade (FSU), and online insertion and removal (OIR) of Route Processors (RPs), comprise the Cisco 7304 Route Processor High Availability feature.

A benefit of operating in RPR+ or SSO mode is that the standby RP boots up completely and switches over in a short period of time, usually 4 to 5 seconds in the case of RPR+ and in under 1 second in the case of SSO. The fast switchover is achieved in part because line cards are not reset across the switchover. In addition, the running configuration and the startup configuration are synchronized from the active RP to the standby RP.

For more information on the Route Processor Redundancy Plus (RPR+) feature on the Cisco 7304 router, see the Cisco 7300 Series High Availability NSE Redundancy document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121ex/121ex10/12e_rpr.htm

Service Assurance Agent (SAA) MPLS VPN Operation

The Service Assurance Agent (SAA) MPLS VPN Operation feature is supported on the Network Services Engine 100 (NSE-100) and the Network Processing Engine G-100 (NPE-G100) on the Cisco 7304 router. The feature is not supported in the Parallel Express Forwarding (PXF) processing path on the Cisco 7304 router. For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t2/ft1csaa.htm

Service Assurance Agent (SAA) Path Jitter Operation

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t2/ft1csaa.htm

New Hardware Features in Cisco IOS Release 12.2(18)S

This section describes new and changed features in Cisco IOS Release 12.2(18)S. Some features may be new to Cisco IOS Release 12.2S but were released in earlier Cisco IOS software releases. Some features may have been released in earlier Cisco IOS software releases and have been changed in Cisco IOS Release 12.2(18)S. To determine if a feature is new or changed, see the feature history table at the beginning of the feature module for that feature. Links to feature modules are included below. If a feature listed below does not have a link to a feature module, that feature is documented only in the release notes, and information about whether the feature is new or changed will be available in the feature description provided below.

Cisco 7300 Series

The Cisco 7300 series includes the following two routers.

Cisco 7301 Router

The Cisco 7301 router is optimized for flexible, feature rich IP/MPLS services at the customer network edge, where service providers and enterprises link together. The Cisco 7301 router can be used for enterprise campus or Internet gateway applications, or it can be deployed by service providers as a high-end customer premises equipment (CPE) router for managed service offerings. Other applications for the Cisco 7301 router include service provider broadband aggregation and metro Ethernet CPE applications.

The compact Cisco 7301 router is the industry's highest performance single rack unit router, capable of processing million packets per second. With three built-in Gigabit Ethernet interfaces (copper or optical) and a single slot for any Cisco 7000 series port adapter, the Cisco 7301 router is highly flexible for a variety of applications. For broadband aggregation, the Cisco 7301 router also supports up to 16,000 subscribers sessions, making it ideal for pay-as-you-grow broadband deployment models.

For more information about the Cisco 7301 router, see the Cisco documents at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/7301/index.htm

Cisco 7304 Router

The compact, modular Cisco 7304 router is designed for the network edge, where high-performance IP/Multiprotocol Label Switching (MPLS) services are required to enable profitability, service differentiation, and business agility. The Cisco 7304 router is the most compact (4RU) routing system in the industry to offer route processor redundancy coupled with a comprehensive set of interfaces from DS-1 to OC-48/STM-16 to Gigabit Ethernet. The Cisco 7304 router supports two network processors designed to meet the widest variety of network requirements. The Network Service Engine 100 (NSE-100), with two built-in Gigabit Ethernet interfaces, delivers uncompromising feature acceleration using Cisco's innovative Adaptive Network Processing (ANP) technology—ideal for high-performance carrier service delivery. The Network Processing Engine G-100 (NPE-G100), with three built-in Gigabit/Fast Ethernet interfaces, offers high-performance, flexible support for the most comprehensive set of Cisco IOS features.

For more information about the Cisco 7304 router, see the Cisco documents at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/

Cisco 7304 Router Line Cards

The Cisco 7304 router supports the following line cards:

1-port OC-12 Packet-over-SONET (POS) line card

1-port OC-48 POS line card

2-port OC-3 ATM line card

2-port OC-3 POS line card

4-port OC-3 POS line card

2-port OC-12 POS line card

Clear Channel 6-port T3 (DS3) line card

For more information about the Cisco 7304 router line cards, see the Cisco documents at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/linecard/index.htm

Cisco 7304 Router Port Adapters

The Cisco 7304 router supports Cisco 7000 series port adapters in conjunction with the 7300-CC-PA carrier card. For information about the supported port adapters, see Table 3 and see the Cisco documents at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/portad/index.htm

2-Port Packet over SONET OC3c/STM1 Port Adapter

Supported platforms: Cisco 7200 VXR routers, Cisco 7300 series, Cisco 7400 series, Cisco 7500 series

The 2-port Packet over SONET OC3c/STM1 port adapter (PA-POS-2OC3) provides two Packet-over-SONET (POS) ports in a single port adapter slot. The two ports function either as dual independent OC-3c/STM1 ports or as a single port with automatic protection switching (APS). The PA-POS-2OC3 is used as a direct connection between the supported router or switch and external networks.

The PA-POS-2OC3 installs into a single port adapter slot on the Cisco7204VXR, Cisco 7206VXR, Cisco 7301, and Cisco 7401ASR router, on the Cisco 7500 series, and on the Cisco 7304 PCI Port Adapter Carrier Card in a Cisco 7304 router.

For more information about the PA-POS-2OC3, see the Cisco documents at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/7200vx/portadpt/sonet_pa/3028_2oc/index.htm

New Software Features in Cisco IOS Release 12.2(18)S

This section describes new and changed features in Cisco IOS Release 12.2(18)S. Some features may be new to Cisco IOS Release 12.2S but were released in earlier Cisco IOS software releases. Some features may have been released in earlier Cisco IOS software releases and have been changed in Cisco IOS Release 12.2(18)S. To determine if a feature is new or changed, see the feature history table at the beginning of the feature module for that feature. Links to feature modules are included below. If a feature listed below does not have a link to a feature module, that feature is documented only in the release notes, and information about whether the feature is new or changed will be available in the feature description provided below.

ACL Performance Enhancement

Supported platforms: Cisco 7200 series, Cisco 7300 series, Cisco 7500 series

An IP access control list (ACL) is a Cisco IOS software feature that allows an administrator to configure a network to permit and deny packets based on a set of ACL entries, thus improving security and control within a network. These lists contain entries that are searched sequentially for matches among certain fields in Layer 3 and Layer 4 packet headers.

Before Cisco IOS Release 12.2(18)S, ACL entries were sequentially configured and stored. This implementation caused the first match in a search to be the first ACL entry in a given list, not the entry that provided the best match. Although this implementation was straightforward and logical, it did not scale well with the number of ACL entries in an ACL.

Release 12.2(18)S implements ACLs using hierarchical radix tries (sometimes called multilevel tries, backtracking tries, or tries-of-tries) to improve matching performance. Individual tries are made for the source prefix and the destination prefix, with additional ACL entry information such as TCP ports, TCP flags, and time ranges being held at the nodes. Cisco IOS software performs a best match lookup for the given set of prefixes. This new implementation is an internal improvement that supports all existing functionality, and the sequential searching properties that cause ACLs to check the entries from start to end and stop searching for a match as soon as one is found are still valid.

The benefits of this implementation of ACLs using hierarchical radix tries are as follows:

Memory usage is made more efficient.

Less system resources are required to maintain the tries information.

Performance of ACL matching is improved for larger access lists.

ARP Optimization

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s22/arpoptim.htm

AutoSecure

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123_1/ftatosec.htm

BGP CLI Troubleshooting Commands

For detailed information about this feature (which is also known as the BGP Standard Usage of CLI Troubleshooting Commands feature), see the Implementing Multiprotocol BGP for IPv6 document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/ipv6_c/sa_bgpv6.htm

The Cisco IOS IPv6 Configuration Library is available at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/ipv6_c/index.htm

BGP Configuration Using Peer Templates

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s24/s_bgpct.htm

BGP Convergence Optimization

Supported platforms: Cisco 7200 series, Cisco 7300 series, Cisco 7500 series

The BGP Convergence Optimization feature introduces a new algorithm for update generation that reduces the amount of time that is required for Border Gateway Protocol (BGP) convergence. Neighbor update messages are optimized before they are forwarded to neighbors. Updates are optimized and forwarded based on peer groups and per-individual neighbors. This enhancement improves BGP convergence, router boot time, and transient memory usage. This enhancement is not user configurable.


Note This feature may also be known as the BGP: Reduction in Transient Memory Usage feature.


BGP Cost Community

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s24/s_bgpcc.htm

BGP Dynamic Update Peer-Groups

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s24/s_bgpdpg.htm

BGP Increased Support of Numbered AS-Path Access Lists to 500

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t15/ftiaaspa.htm

BGP Restart Session After Max-Prefix Limit

For detailed information about this feature (which is also known as the BGP Restart Neighbor Session After max-prefix Limit Reached feature), see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t15/ftbrsamp.htm

BGP Route-Map Continue

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_2/gt_brmcs.htm

BGP Route-Map Policy List Support

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t15/ftbgprpl.htm

Cisco 7304 Software Features

The following features were ported from other Cisco IOS releases and are now supported in Cisco IOS Release 12.2(18)S and later releases for the Cisco 7304 router.

ACL Accounting Enhancements

The Access Control List Accounting feature keeps internal statistics and reports so network managers can ascertain which access control lists (ACLs) have been tested. This knowledge provides network managers with an understanding of how intruders are attempting to enter their enterprise networks. ACL accounting provides source and destination address information, source and destination port numbers, and packet counts. Use the show ip access-lists [access-list-number | name] command to view how many times a particular ACL has permitted or denied packets. For example:

Router# show ip access-lists source_only

Extended IP access list source_only (Compiled)

permit udp host 1.1.1.3 eq snmp host 2.1.1.3 (994598 matches)

permit udp host 1.1.1.3 eq snmptrap host 2.1.1.3 (994598 matches)

permit udp host 1.1.1.3 eq domain host 2.1.1.3 (994598 matches)

permit udp host 1.1.1.3 eq bootps host 2.1.1.3 (994598 matches)

.

.

.

Cisco 7304 Router High Availability NSE Redundancy

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121ex/121ex10/12e_rpr.htm

Cisco 7304 Router Platform-Specific Commands

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/12e_73x.htm

Cisco 7304 Router Power-On Diagnostics

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121ex/121ex10/12ediag.htm

FPGA Bundling and Update

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121ex/121ex10/73fpga.htm

IPv6 Multicast: Multicast Listener Discovery (MLD) Protocol

For detailed information about this feature, see the "Information About IPv6 Multicast" section in the Implementing IPv6 Multicast document:

http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-multicast.html

IPv6 Multicast: PIM Source-Specific Multicast (PIM-SSM)

For detailed information about this feature, see the "Information About IPv6 Multicast" section in the Implementing IPv6 Multicast document:

http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-multicast.html

IPv6 Multicast: PIM Sparse Mode (PIM-SM)

For detailed information about this feature, see the "Information About IPv6 Multicast" section in the Implementing IPv6 Multicast document:

http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-multicast.html

IPv6 Multicast: Scope Boundaries

For detailed information about this feature, see the "Information About IPv6 Multicast" section in the Implementing IPv6 Multicast document:

http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-multicast.html

Pv6 Routing: IS-IS Multitopology Support for IPv6

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/ipv6_c/sa_isis6.htm

IPv6 Routing: OSPF for IPv6 (OSPFv3)

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/ipv6_c/sa_ospf3.htm

MPLS AToM—Ethernet over MPLS

In Cisco IOS Release 12.2(18)S, this feature is introduced for the Cisco 7304 router. For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122sz/12214sz/eompls.htm

MPLS Traffic Engineering

Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) enables an MPLS backbone to replicate and expand upon the TE capabilities of Layer 2 ATM and Frame Relay networks.

TE is essential for service provider and Internet service provider (ISP) backbones. Such backbones must support a high use of transmission capacity, and the networks must be very resilient, so that they can withstand link or node failures.

MPLS TE provides an integrated approach to traffic engineering. With MPLS, TE capabilities are integrated into Layer 3, which optimizes the routing of IP traffic, given the constraints imposed by backbone capacity and topology.

MPLS TE routes traffic flows across a network based on the resources the traffic flow requires and the resources available in the network.

MPLS TE employs "constraint-based routing," in which the path for a traffic flow is the shortest path that meets the resource requirements (constraints) of the traffic flow. In MPLS TE, the flow has bandwidth requirements, media requirements, a priority over other flows, and so on.

MPLS TE gracefully recovers to link or node failures that change the topology of the backbone by adapting to the new set of constraints.

In Cisco IOS Release 12.2(18)S, the following MPLS TE features are introduced. This list also notes the features that were introduced in the Parallel Express Forwarding (PXF) switching path:

MPLS Traffic Engineering—basic PXF switching and accounting (introduced in the PXF switching path)

Basic PXF switching and accounting of MPLS TE traffic.

MPLS Traffic Engineering—Load Balancing (introduced in the PXF switching path)

Allows a router to balance traffic engineering traffic over multiple traffic engineering tunnels.

MPLS Traffic Engineering—Automatic Bandwidth Adjustment (introduced in the PXF switching path)

Automatically resizes a tunnel based on the tunnel's utilization. Automatic Bandwidth Adjustment decides whether to resize a tunnel at a specified collection frequency. The frequency is the number of seconds between samples of the tunnel output rate.

MPLS Traffic Engineering—1-hop MPLS-Traffic Engineering tunnel support (introduced in the PXF switching path)

An MPLS TE tunnel where the tunnel-head and the tunnel-tail routers are connected back to back is referred to as a 1-hop tunnel. In the 1-hop tunnel, the label switched path (LSP) terminates at the next hop. 1-hop MPLS TE tunnels are supported in PXF.

MPLS Traffic Engineering over Frame Relay, 802.1q, and ATM subinterfaces (introduced in the PXF switching path)

MPLS Traffic Engineering—Auto Route Calculation

The MPLS Traffic Engineering Auto Route Calculation is used to instruct the Interior Gateway Protocol to use a tunnel in it's shortest path first (SPF)/next-hop calculation if the tunnel is up.

MPLS Traffic Engineering—IP Explicit Address Exclusion Support

The ability to include and exclude given explicit IP addresses during LSP setup.

MPLS Traffic Engineering—Link Coloring

The affinity bits are an MPLS label distribution tunnel's requirements on the attributes of the links the tunnel will cross. The tunnel's affinity bits and affinity mask must match up with the attributes of the various links carrying the tunnel.

For sample MPLS TE configurations, see the Cisco 7304 Troubleshooting and Configuration Notes document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/trouble/1270note.htm

NSE-100 Hardware MAC Address Filtering

Each native Gigabit Ethernet port on the Network Service Engine 100 (NSE-100) can support up to 64 hardware MAC addresses. The MAC addressees of each port are stored in a hardware MAC address filtering table. With two NSE-100s installed, the Cisco 7304 router chassis can support up to four native Gigabit Ethernet ports and a total of 256 MAC address entries.

POS Alarm Trigger Delay

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121ex/121ex12c/e_posde.htm

PXF features

The Cisco 7304 router has a Parallel Express Forwarding (PXF) processor tot speed up the processing of various features that are supported in the PXF processing path. For a comprehensive list of the features that are supported in PXF on the Cisco 7304 and other information about PXF support, see the Cisco 7304 Router Troubleshooting and Configuration Notes document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7300/trouble/1270note.htm#65935

show redundancy Command Enhancements

The show redundancy command has been enhanced to include the following outputs: Operating mode, system up time, active up time, and the number of standby failures.

T3 Bit Error Rate Testing

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121ex/121ex12c/e_t3bert.htm

T3 Maintenance Data Link Messages

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121ex/121ex13/e_t3mdl.htm

Unicast Reverse Path Forwarding

The Unicast Reverse Path Forwarding (RPF) feature helps to mitigate difficulties that are caused by the introduction of malformed or forged (spoofed) IP source addresses into a network by discarding IP packets that lack a verifiable IP source address. For example, a number of common types of denial-of-service (DoS) attacks can take advantage of forged or rapidly changing source IP addresses to allow attackers to thwart efforts to locate or filter the attacks. RPF deflects such attacks by forwarding only packets that have source addresses that are valid and consistent with the IP routing table. This action protects the network of the Internet service provider (ISP), its customer, and the rest of the Internet.

On the Cisco 7304 router, the following configuration options are available for RPF:

ip verify unicast reverse-path [allow-self-ping] [list]

The ip verify unicast reverse-path command configures RPF verification on an interface. In this configuration, the router checks to make sure that the source address appears in the routing table and matches the interface on which the packet was received. If the source address of the packet does not match the interface on which the packet was received, the packet is dropped if no access list is specified or filtered by the access list if an access list is specified in the command line. An access list is specified for packets failing the RPF by specifying a previously configured access list number using the list option in the command line.

A hole exists in the verification check to allow the router to ping it's own interface. This hole could be exploited by attackers to spoof packets and attack the router. To prevent this type of DoS attack, the allow-self-ping option has to be configured for a router to ping it's own interface.

ip verify unicast source reachable-via {rx | any} [allow-default] [allow-self-ping] [list]

The ip verify unicast source reachable-via any command configures RPF to accept the incoming packet if the source IP address exists in the router's Forwarding Information Base (FIB), while the ip verify unicast source reachable-via rx command configures RPF to insure the source IP address is reachable via the interface on which the packet was received. The allow-default option is used to signal that RPF can lookup the default route on a router and use if for RPF verification.

The show c7300 pxf accounting command can be used to show the number of packets dropped on account of a failed RFP check, and the show c7300 pxf interface all command will show the RPF Verification Drops (the packets dropped by RPF check) and RPF Suppressed Drops (the packets dropped by RPF but permitted by the configured access list.) The show ip access-list command will show the number of packets dropped by RPF and permitted or denied by the configured access list.

Control Plane Policing

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s18/gtrtlimt.htm

EIGRP NonStop Forwarding Support

Supported platforms: Cisco 7500 series

The EIGRP NonStop Forwarding Support feature introduces Cisco Nonstop Forwarding (NSF) Stateful Switchover (SSO) support on Cisco 7500 series routers that are running Enhanced Interior Gateway Routing Protocol (EIGRP). Cisco NSF SSO support allows the forwarding of data packets to continue along known routes while the routing protocol information is being restored following a switchover. With Cisco NSF, peer networking devices do not experience routing flaps, which reduces loss of service outages for customers. This capability allows the EIGRP peers of the failing router to retain the routing information that is advertised by the failing router and continue to use this information until the failed router has returned to normal operating behavior and is able to exchange routing information. The peering session is maintained throughout the entire NSF operation.

The following commands have been introduced on the Cisco 7500 series routers to support NSF SSO. These commands are enabled in router configuration mode under an EIGRP routing process.

nsf

The nsf command enables Cisco NSF SSO operation. Use the no form of this command to disable NSF SSO operation. This command can be issued only on NSF-capable routers, such as Cisco 7500 series routers.

timers nsf signal seconds

The timers nsf signal command is used to adjust the maximum time of the initial restart period. During this time period the restarting router receives updates from peers. When this timer expires, a Routing Information Base (RIB) convergence notification is sent to peer routers. This command can be issued only on NSF-capable routers, such as Cisco 7500 series routers.

timers nsf converge seconds

The timers nsf converge command is used by the NSF-aware peer to adjust the maximum time that the router will wait for the convergent signal from the restarting router. This is a watchdog timer used in case the NSF-aware peer does not receive the end-of-table indication from the restarting neighbor. When this timer expires, the peer will scan its topology table looking for the stale routes from the restarting neighbor and then go active on them. This command can be issued only on NSF-capable routers, such as Cisco 7500 series routers.

timers nsf route-hold seconds

The timers nsf route-hold command sets the maximum period of time that the NSF-aware router will hold known routes for an NSF-capable neighbor during a switchover operation or a well-known failure condition. The route-hold timer is configurable so that you can tune network performance and avoid undesired effects, such as "black holing" routes if the switchover operation takes too much time. When this timer expires, the NSF-aware router scans the topology table and discards any stale routes, allowing EIGRP peers to find alternate routes instead of waiting during a long switchover operation. This command can be issued on NSF-capable or NSF-aware routers.

debug eigrp nsf

The output from the debug eigrp nsf command displays NSF-specific events. This command can be issued on NSF-capable or NSF-aware routers.

For more information about EIGRP NSF awareness and support, see the EIGRP NonStop Forwarding Awareness document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t15/ft_ensf.htm

For more information about NSF SSO support, see the Stateful Switchover document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s20/fssso20s.htm

GLBP MD5 Authentication

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_2/gtglbpau.htm

Hot Standby MAC Address

The Hot Standby MAC Address (HSMA) feature achieves redundancy and fault tolerance and avoids a single point of failure of Cisco Channel Interface Processors (CIPs) or Channel Port Adapters (CPAs). This feature also ensures that multiple devices on the Ethernet can have a common MAC address.

See the following document for further information:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123_1/ft_hsma.htm

Image Verification

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/en/US/docs/ios/sec_user_services/configuration/guide/sec_image_verifctn_ps6922_TSD_Products_Configuration_Guide_Chapter.html

Implementing OSPF for IPv6

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t13/ipv6/ipv6imp/sa_ospf3.htm

The Cisco IOS IPv6 Configuration Library is available at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t13/ipv6_vgf.htm

Integrated IS-IS Multi-Topology Support for IPv6

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/en/US/docs/ios/12_2t/release/notes/122TNEWF.html

The Cisco IOS IPv6 Configuration Library is available at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t13/ipv6_vgf.htm

ip dhcp-client default-router distance Command

Previous to Cisco IOS Release 12.2(18)S, Dynamic Host Configuration Protocol (DHCP) originated default routes that always had an administrative distance of 254. This distance allowed a metric of 255 as a backup route, but some routing protocols would interpret 255 as route unavailable. You can now configure the default administrative distance with the new ip dhcp-client default-router distance value command. For detailed information about this command, see the following Cisco document:

http://www.cisco.com/en/US/docs/ios/ipaddr/command/reference/iad_dhc1.html#wp1033167

IPv6 Multicast

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/en/US/docs/ios/12_2t/release/notes/122TNEWF.html

The Cisco IOS IPv6 Configuration Library is available at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t13/ipv6_vgf.htm

IS-IS Incremental Shortest Path First (i-SPF) Support

For detailed information about this feature (which is also known as the IS-IS Incremental SPF feature), see the following Cisco document:

http://www.cisco.com/univercd/td/doc/product/software/ios120/120newft/120limit/120s/120s24/isisispf.htm

IS-IS Limit on Number of Redistributed Routes

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s25/
fsiredis.htm

IS-IS Mechanisms to Exclude Connected IP Prefixes from LSP Advertisements

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s22/fsisiadv.htm

IS-IS Support for a Redistribution Limit of Maximum Prefixes Imported

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s25/fsiredis.htm

IS-IS Support for IP Route Tags

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_2/gtisitag.htm

Memory Threshold Notifications

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s18/fs_memnt.htm

MPLS - Interfaces MIB Enhancements

For detailed information about this feature (which is also known as the MPLS Enhancements to Interfaces MIB feature), see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s18/fsimib_3.htm

MPLS - LDP MIB Version 08 Upgrade

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s18/fsldp8_3.htm

MPLS Traffic Engineering Forwarding Adjacency

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s18/fstefa_3.htm

MPLS Traffic Engineering (TE)—Interarea Tunnels

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s18/fsiarea3.htm

MPLS VPN Support for EIGRP Between Provider Edge and Customer Edge

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t15/fteipece.htm

NetFlow Export of BGP Next Hop Information

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123_1/nfbgpnxt.htm

NetFlow Export Version 9 Support

For detailed information about this feature (which is also known as the NetFlow v9 Export Format feature), see the following Cisco document:

http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/nfexpfv9.html

NetFlow Multicast Support

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123_1/nfmultic.htm

Nonstop Forwarding (NSF) with Stateful Switchover (SSO)

For detailed information about this feature, see the following Cisco documents:

Nonstop Forwarding (NSF):

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s20/fsnsf20s.htm

Stateful Switchover (SSO):

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s20/fssso20s.htm

OSPF Forwarding Address Suppression in Translated Type-5 LSAs

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t15/ftoadsup.htm

OSPF Incremental Shortest Path First (i-SPF) Support

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s24/ospfispf.htm

OSPF Inbound Filtering Using Route Maps with a Distribute List

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s24/routmap.htm

OSPF Support for a Redistribution Limit of Maximum Prefixes Imported

For detailed information about this feature (which is also known as the OSPF Limit on Number of Redistributed Routes feature), see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s25/fsoredis.htm

OSPF Support for Fast Hellos

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s23/fasthelo.htm

OSPF Support for Link State Advertisement (LSA) Throttling

For detailed information about this feature (which is also known as the OSPF Link-State Advertisement [LSA] Throttling feature), see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s25/fsolsath.htm

QA Error Recovery for the Cisco 7500 Series

Supported platform: Cisco 7500 series

The QA Error Recovery for the Cisco 7500 feature helps a networking device to recover quickly from difficulties that are known as QAERRORs. These QAERRORs can be caused by hardware or software conditions. When a QAERROR occurs, a fully loaded networking device can pause up to five minutes (300 seconds) while it tries to recover from the difficulties. With QA error recovery enabled, the time that a networking device pauses can be a short as one second.

In Cisco IOS Release 12.2S, the QA Error Recovery for the Cisco 7500 feature is enabled by default.

You can tell that recovery from an error was successful because a message that reports a successful recovery appears on the console screen. In addition, the number of QAERROR recoveries is displayed in the output of the show controllers cbus privileged EXEC command.

The following example shows the output of the console or show logs when the QAERROR occurs. Although the example indicates both the point at which the feature attempts to recover from the QAERROR and the point at which the networking device recovers from the error, the networking device may display many additional messages that can help service technicians to diagnose the actual cause of the difficulties.

%QA-3-DIAG:Trying to recover from QA ERROR.

%QA-3-DIAG:Removing buffer header 0xE360 from all queues

%QA-3-DIAG:Buffer 0xE360 is element 155 on queue 0x2E

%QA-3-DIAG:Queue 0x2E (48000170) has 154 elements

%QA-3-DIAG:Buffer 0xE360 is element 1 on queue 0x340

%QA-3-DIAG:Queue 0x340 (48001A00) has 0 elements

%QA-3-DIAG:At least one QA queue is broken

%QA-3-DIAG:Recovered from QA ERROR

The following example shows the relevant QA error recovery output of the show controllers cbus privileged EXEC command:

Router# show controllers cbus

MEMD at E0000000, 8388608 bytes (unused 1565056, recarves 5, lost/qaerror recoveries 0/0)

.

.

.

To disable QAERROR recovery on the networking device, enter the no version of the hw-module main-cpu qaerror-recovery-enable global configuration command:

no hw-module main-cpu qaerror-recovery-enable

Random Sampled NetFlow

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_2/nfstatsa.htm

Router Security Audit Logs

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s18/gtaudlog.htm

SNMPv3 Community MIB Support

Supported platforms: Cisco 7200 series, Cisco 7300 series, Cisco 7500 series

The SNMPv3 Community MIB Support feature implements support for the SNMP Community MIB (SNMP-COMMUNITY-MIB) module, defined in RFC 2576, in Cisco IOS software.

The SNMPv1/v2c Message Processing Model and Security Model require mappings between parameters used in SNMPv1 and SNMPv2c messages and the version-independent parameters used in the Simple Network Management Protocol (SNMP) architecture. The SNMP Community MIB contains objects for mapping between these community strings and version-independent SNMP message parameters.

The mapped parameters consist of the SNMPv1/v2c community name and the SNMP securityName and contextEngineID/contextName pair. This MIB provides mappings in both directions; that is, a community name may be mapped to a securityName, contextEngineID, and contextName, or the combination of securityName, contextEngineID, and contextName may be mapped to a community name. This MIB also augments the snmpTargetAddrTable with a transport address mask value and a maximum message size value.

For implementation details, see the SNMP-COMMUNITY-MIB.my file, available through Cisco.com at http://tools.cisco.com/ITDIT/MIBS/servlet/index.

Source Specific Multicast (SSM) Mapping

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_2/gtssmma.htm

SSO support for Community MIB, Notification MIB, Notification Log MIB, and Entity FRU Control MIB

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s18/ssomibs2.htm

Warm Reload

For detailed information about this feature, see the following Cisco document:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_2/gtwrmrbt.htm

New Hardware Features in Cisco IOS Release 12.2(14)S

This section describes new and changed features in Cisco IOS Release 12.2(14)S. Some features may be new to Cisco IOS Release 12.2S but were released in earlier Cisco IOS software releases. Some features may have been released in earlier Cisco IOS software releases and have been changed in Cisco IOS Release 12.2(14)S. To determine if a feature is new or changed, see the feature history table at the beginning of the feature module for that feature. Links to feature modules are included below. If a feature listed below does not have a link to a feature module, that feature is documented only in the release notes, and information about whether the feature is new or changed will be available in the feature description provided below.

Cisco 7200-I/O-GE+E and Cisco 7200-I/O-2FE/E Input/Output Controllers

Supported platform: Cisco 7200 VXR routers

Cisco IOS Release 12.2(14)S supports two new variants of the Cisco 7200 I/O card:

The Cisco 7200-I/O-GE+E is an Input/Output controller that provides one Gigabit Ethernet and one Ethernet port. It is equipped with a GBIC receptacle for 1000-Mbps- operation and an RJ-45 receptacle for 10-Mbps operation.

The Cisco 7200-I/O-2FE/E is an Input/Output controller that provides two autosensing Fast Ethernet ports and is equipped with two RJ-45 receptacles for 10/100-Mbps operation.

For more information about the Cisco 7200-I/O-GE+E and Cisco 7200-I/O-2FE/E Input/Output controllers, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121t/121t5/dtasio.htm

For information about installation and configuration of the Input/Output controllers, see the Cisco document at the following location:

https://www.cisco.com/en/US/docs/routers/7200/install_and_upgrade/7200_i.o_controller_install/4447io.html

Cisco 7401 ASR-BB and Cisco 7401 ASR-CP

The Cisco 7401 series Application Specific Router (ASR) platforms provide application-specific features for broadband subscriber aggregation and network application services with high processing performance. The Cisco 7401 series ASR platforms provide the following hardware features:

A compact one-rack unit chassis.

Two fixed 10/100/1000-Mbps Ethernet ports.

A processor with Parallel Express Forwarding technology.

Support for a broad range of WAN media interfaces from DS0 to OC-3 (40+ port adapters).

Common port adapters with the Cisco 7500 series and Cisco 7200 series.

Cisco IOS Release 12.2(14)S supports the following two Cisco 7401 series ASR platforms:

Cisco 7401 ASR-BB for broadband subscriber aggregation including digital subscriber line (xDSL), ISDN, fiber-to-the-curb (FTTC), and wireless services.

Cisco 7401 ASR-CP for managed service (CPE) and customer-leased equipment and full MPLS provider edge (PE) and MPLS VPN services.

For information about installation and configuration of the Cisco 7401 series ASR platforms, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/7401/index.htm

Enhanced Gigabit Ethernet Interface Processor

Supported platform: Cisco 7500 series

The Enhanced Gigabit Ethernet Interface Processor (GEIP+) dual-wide port adapter provides enhanced data throughput compared to the GEIP for high density environments.

Gigabit Ethernet (GE) continues to be the choice media for both Enterprise backbone and Internet service providers (ISP) intra-point of presence (POP) interconnects. The GEIP+ supplies the high-throughput solution for integrating Cisco 7500 series into GE infrastructures.

The GEIP+ supports the following features:

Applicable IEEE 802.3z standards; full-duplex operation only

IEEE 802.3x flow control

Layer 3 distributed services, including Route Processor (RP) Cisco Express Forwarding (CEF) switching, fast switching, flow switching, and Committed Access Rate (CAR)

IEEE 802.1Q frames (in tagged or untagged modes)

Maximum transmission unit (MTU) of 4476 bytes

Ethernet Inter-Switch Link (ISL) encapsulation

Online insertion and removal of the GEIP+ and the Gigabit Interface Converter (GBIC)

Support for 1000BASE-SX (short wavelength=850-nm), 1000BASE-LX (long wavelength=1300-nm), and Long-Haul (long wavelength=1300-nm) operation by way of GBICs

For information about installation and configuration of the GEIP+, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7505/vip1/vip4/10699dwg/index.htm

Integrated Service Adapter

Supported platform: Cisco 7200 series

The Integrated Service Adapter (ISA) is a single-width service adapter that provides high-performance, hardware-assisted tunneling and encryption services suitable for Virtual Private Network (VPN) remote access, site-to-site intranet, and extranet applications, as well as platform scalability and security, while working with all services necessary for successful VPN deployments—security, quality of service (QoS), firewall and intrusion detection, and service-level validation and management.

The ISA offloads IP security (IPSec) and Microsoft Point-to-Point Encryption (MPPE) processing from the main processor of Cisco 7200 series, thus freeing resources on the processing engine (that is, the network processing engine [NPE] on the Cisco 7200 series) for other tasks.

The ISA provides hardware-accelerated support for multiple encryption functions:

56-bit Data Encryption Standard (DES) standard mode: Cipher Block Chaining (CBC)

3-key triple DES (168-bit)

Secure Hash Algorithm (SHA)-1 and Message Digest 5 (MD5) hash algorithms

Rivest, Shamir, Adelman (RSA) public-key algorithm

Diffie-Hellman key exchange RC4-40

For information about installation and configuration of the ISA, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/7200vx/portadpt/service/sa_isa/index.htm

Multichannel STM-1 Port Adapter

Supported platforms: Cisco 7200 VXR routers, Cisco 7400 series, Cisco 7500 series

The PA-MC-STM-1 is a high-speed, single-port multichannel STM-1 port adapter. You can configure the PA-MC-STM-1 as a multichannel E1/E0 STM-1 port. The PA-MC-STM-1 can be configured into 63 individual E1 links. Each E1 link can carry a single channel at full or fractional rates or be broken down into multiple DS0 or Nx64 Kbps rates. The PA-MC-STM-1 supports up to three TUG-3/AU-3 transport slots numbered 1 through 3. You can configure each TUG-3/AU-3 to carry 21 SDH TU-12s. Each SDH TU-12 is capable of carrying a channelized E1 frame, which can be unchannelized to nx64-Kbps time slots.

For more information about the PA-MC-STM-1, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121e/121e7/12e_stm.htm

For information about installation and configuration of the PA-MC-STM-1, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7505/portadpt/multi_ch/pa_mcstm/index.htm

Network Services Engine

Supported platform: Cisco 7200 VXR routers

The Network Services Engine (NSE) is the latest processor engine for Cisco 7200 VXR series. The NSE delivers wire rate OC-3 throughput while concurrent high-touch WAN edge services are running. It is the first Cisco processing engine to offer integrated hardware acceleration, increasing Cisco 7200 VXR series system performance by 50 to 300 percent for combined "high touch" edge services. The NSE takes advantage of a new technology called Parallel Express Forwarding (PXF).

The PXF processor enables IP parallel processing functions that work with the primary processor to provide accelerated IP Layer 3 feature processing. The PXF processor off-loads IP packet processing and switching functions from the Route Processor (RP) to provide accelerated and highly consistent switching performance when coupled with one or more of several IP services features such as access control lists (ACLs), address translation, quality of service (QoS), flow accounting, and traffic shaping.

For information about installation and configuration of the NSE, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/7206/fru/npense/index.htm

NPE-400

Supported platform: Cisco 7200 VXR routers

The NPE-400 is a new version of network processing engine for Cisco 7200 VXR routers with the following enhancements:

RM7000 microprocessor that operates at an internal clock speed of 350 MHz

Up to 512-MB ECC SDRAM

100-MHz SysAD and memory bus speed

4-MB Layer 3 cache

The NPE-400 leverages technology from the NPE-225 and NSE-1 to provide a higher performance NPE card.

For information about installation and configuration of the NPE-400, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/7206/fru/npense/index.htm

NPE-G1

Supported platform: Cisco 7200 VXR routers

The NPE-G1 is the first network processing engine (NPE) for the Cisco 7200 VXR routers to provide the functionality of both a network processing engine and I/O controller. If used without an I/O controller, an I/O blank panel must be in place.

While its design provides I/O controller functionality, it can also work with any I/O controller that is supported in the Cisco 7200 VXR routers. The NPE-G1, when installed with an I/O controller, provides the primary I/O functionality; that is, the NPE-G1 I/O functionality enhances that of the existing I/O controller. However, when both the I/O controller and NPE-G1 are present, the functionality of the auxiliary port and console port are on the I/O controller.

The NPE-G1 maintains and executes the system management functions for the Cisco 7200 VXR routers and also holds the system memory and environmental monitoring functions.

The NPE-G1 consists of one board with multiple interfaces. The board is keyed so that it can be used only in the Cisco 7200 VXR routers.

For information about installation and configuration of the NPE-G1, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/7206/fru/npense/index.htm

PA-MC-2T3+ Phase-II (T3 Subrate)

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The PA-MC-2T3+ is a single-width port adapter that provides two T3 interface connections. Each T3 interface can now be independently configured to be either channelized or unchannelized. A channelized T3 provides 28 T1 lines multiplexed into the T3. Each T1 line can be configured into one or more serial interface data channels.

Using the no channelized command, you can configure the T3 as a single, unchannelized serial interface data channel. You can configure this data channel to use all of the T3 bandwidth or a portion of it.

For more information about the PA-MC-2T3+, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121e/121e5/5e_ct3.htm

For information about installation and configuration of the PA-MC-2T3+, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7505/portadpt/multi_ch/mc_2t3/index.htm

PA-MC-8TE1+ Port Adapter

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The PA-MC-8TE1+ port adapter is a T1/E1 multichannel port adapter that provides eight DSX-1/DS1 or eight G.703 interfaces. The PA-MC-8TE1+ interfaces can be channelized, fractional, ISDN PRI, or nonframed. You configure the same port adapter to support either T1 or E1 physical links. The PA-MC-8TE1+ provides a total of 8 T1 or E1 links.

The PA-MC-8TE1+ provides up to 256 channels, as compared to a maximum of 128 for the PA-MC-8T1 (or PA-MC-8E1) port adapters. This allows for full channelization (down to the DS0 rate) for both T1 and E1 WAN links.

The PA-MC-8TE1+ supports Facility Data Link (FDL) in Extended Superframe (ESF) framing on T1 networks and network and payload loopbacks. Bit error rate testing (BERT) is supported on each of the T1 or E1 links and can run on all of the eight ports at the same time.

The PA-MC-8TE1+ provides channel group loopback. Channel group loopback for T1/E1 enables you to do section testing for a channel group without bringing down the whole T1/E1 line.

The PA-MC-8TE1+ does not support the aggregation of multiple T1s or E1s (called inverse muxing or bonding) for higher bandwidth data rates. The multichannel PA-MC-8TE1+ port adapter supports Cisco High-Level Data Link Control (HDLC), Frame Relay, PPP, and Switched Multimegabit Data Service (SMDS) Data Exchange Interface (DXI) encapsulations over each T1 or E1 link. For SMDS only, DXI is sent on the T1 or E1 line, so it needs to connect to an SMDS switch that has direct DXI input.

The PA-MC-8TE1+ has been designed to support a hardware watchdog facility in the MPC860 processor. The SRAM memory in the PA-MC-8TE1+ is mapped into the host (a Virtual Interface Processor on a Cisco 7500 series router, for example) memory space, allowing additional debugging capabilities.

For information about installation and configuration of the PA-MC-8TE1+, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/7200vx/portadpt/multicha/8port_t1/index.htm

VIP4

Supported platform: Cisco 7500 series

The VIP4 is the fourth generation of Versatile Interface Processors for use with Cisco 7000 series using the Cisco 7000 series Route Switch Processor (RSP7000) and Cisco 7000 series Chassis Interface (RSP7000CI) with Cisco 7500 series (which also include the Cisco 7507-MX and Cisco 7513-MX routers). The VIP4 installs in the interface processor slots in your Cisco 7000 series or Cisco 7500 series router.

For information about installation and configuration of the VIP4, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7505/vip1/vip4/6927vip4.htm

VIP6-80

Supported platform: Cisco 7500 series

The Versatile Interface Processor (VIP6-80) is an option available for use with the Cisco 7500 series and the Cisco 7000 series using the Cisco 7000 series Route Switch Processor (RSP7000) and Cisco 7000 series Chassis Interface (RSP7000CI). The VIP6-80 improves high-performance switching over previous generation VIPs.

The VIP6-80 supports online insertion and removal (OIR), a feature that allows you to remove and replace a VIP6-80 without first shutting down the system. However, VIP6-80 does not support OIR of port adapters (PAs). The VIP6-80 is removed before the port adapter is removed or installed.

The VIP6-80 also supports Single Line Card Reload (SLCR), a feature that enables a failed line card to reload on the network backplane without reloading other line cards.

The VIP6-80 supports any combination of LAN and WAN PAs, including Fast Ethernet, T1/E1, High-Speed Serial Interface (HSSI), T3/E3, T3/E3 ATM, multichannel T1/E1, multichannel T3/E3, OC-3 ATM, Packet over SONET (POS), and OC-12 ATM.

For information about installation and configuration of the VIP6-80, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7505/vip1/14372v68.htm

New Software Features in Cisco IOS Release 12.2(14)S

This section describes new and changed features in Cisco IOS Release 12.2(14)S. Some features may be new to Cisco IOS Release 12.2S but were released in earlier Cisco IOS software releases. Some features may have been released in earlier Cisco IOS software releases and have been changed in Cisco IOS Release 12.2(14)S. To determine if a feature is new or changed, see the feature history table at the beginning of the feature module for that feature. Links to feature modules are included below. If a feature listed below does not have a link to a feature module, that feature is documented only in the release notes, and information about whether the feature is new or changed will be available in the feature description provided below.

Any Transport over MPLS Features

The following sections describe various Any Transport over Multiprotocol Label Switching (AToM) features. For more information about the AToM features, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/atom/index.htm

ATM AAL5 over MPLS

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The ATM AAL5 over MPLS feature provides an ATM permanent virtual circuit (PVC) for transporting ATM adaptation layer 5 (AAL5) protocol data units (PDUs) across an IP/Multiprotocol Label Switching (MPLS) backbone with rate-limit policing and configurable PVC priority values. A dynamic MPLS tunnel is configured to enable label imposition and disposition of encapsulated ATM PDUs transported between two edge routers having a Label Distribution Protocol (LDP) neighbor relationship.

Each routed PVC label stack has two levels of labels prepended to each ATM PDU: an Interior Gateway Protocol (IGP) stack consisting of zero or more labels and a PVC-based label. Label imposition and disposition are performed by routers at the edge of the MPLS backbone. The imposition router takes the ATM PDU and encapsulates it in an MPLS PDU for transport to the correct disposition router. The disposition router takes the MPLS PDU, de-encapsulates the ATM PDU, and delivers it to the correct ATM interface and virtual path identifier/virtual circuit identifier (VPI/VCI).

Cell Relay over MPLS

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

With ATM cell relay functionality, ATM cells can be transported across Multiprotocol Label Switching (MPLS) networks transparently. This setup allows transportation of ATM signaling and Operations, Administration, and Maintenance (OAM) cells across a packet network, making a packet network invisible to the ATM network. The ATM Cell Relay over MPLS feature enables service providers to use the same tools for provisioning and to aggregate the existing frame and ATM installations to a high-speed packet core that is based on IP/MPLS.

Ethernet over MPLS

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The Ethernet over MPLS (EoMPLS) feature enables you to connect two VLAN networks that are in different locations, without using expensive bridges, routers, or switches at the VLAN locations. You can enable the Multiprotocol Label Switching (MPLS) backbone network to accept Layer 2 VLAN traffic by configuring the label edge routers (LERs) at both ends of the MPLS backbone.

Frame Relay over MPLS

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

With the Frame Relay over MPLS feature, Frame Relay traffic can be encapsulated in Multiprotocol Label Switching (MPLS) packets and forwarded over an MPLS backbone to other Frame Relay destinations. Service providers can quickly add new sites with less effort than with typical Frame Relay provisioning.

HDLC over MPLS

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The HDLC over MPLS feature enables a customer router to emulate a High-Level Data Link Control (HDLC) connection to another customer router across the packet backbone. Like PPP, this technology allows transportation of Cisco HDLC frames across the packet networks. HDLC over Multiprotocol Label Switching (MPLS) also works in transparent mode.

PPP over MPLS

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The PPP over MPLS feature enables service providers to encapsulate PPP frames across a Multiprotocol Label Switching (MPLS) core in order to emulate a PPP link across any layer transport. Using PPP over MPLS on Packet-over-SONET (POS) links enables service providers to create a "multiplexed" subinterface that can then be used to individually peer with other providers.

PPP over MPLS further enables service providers to provide a transparent PPP pass-through where the customer-edge routers can exchange the traffic via an end-to-end PPP session. Service providers can offer a virtual leased-line solution and use the PPP subinterface capability to peer with multiple providers via a single POS connection.

PPP over MPLS Restrictions

The following restrictions pertain to the PPP over MPLS feature:

Zero hops between provider edge (PE) routers: Zero hops on one router is not supported. However, you can configure back-to-back PE routers.

Asynchronous interfaces: Asynchronous interfaces are not supported. The connections between customer edge (CE) and PE routers on both ends of the backbone must have similar link layer characteristics. The connections between the CE and PE routers must both be synchronous.

Multilink PPP: Multilink PPP (MLP) is not supported.

Distributed CEF (dCEF): On the Cisco 7500 series, distributed processing for PPP over MPLS is not supported. This restriction does not affect other features that are processed in distributed mode.

BGP Features

The following sections describe various Border Gateway Protocol (BGP) features.

BGP 4 MIB Support for per-Peer Received Routes

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The BGP 4 MIB Support for per-Peer Received Routes feature introduces a new table in the CISCO-BGP4-MIB that provides the capability to query (by using Simple Network Management Protocol commands) for routes that are learned from individual Border Gateway Protocol (BGP) peers.

For more information about the BGP 4 MIB Support for per-Peer Received Routes features, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsbgpmib.htm

BGP Conditional Route Injection

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

Cisco IOS software provides several methods to originate a prefix into the Border Gateway Protocol (BGP) routing table. The existing methods include using the network or aggregate-address commands and redistribution. These methods assume the existence of more specific routing information (matching the route to be originated) in either the routing table or the BGP table.

The BGP Conditional Route Injection feature enables you to originate a prefix into a BGP routing table without the corresponding match. The routes are injected into the BGP table only if certain conditions are met. The most common condition is the existence of a less specific prefix.

The BGP Conditional Route Injection feature is configured using the bgp inject-map command. The bgp inject-map command uses two route maps (inject-map and exist-map) to install one or more new prefixes into a BGP routing table. The exist-map specifies the prefixes that the BGP speaking router will track. The inject-map defines the prefixes that will be created and installed into the local BGP table.

For more information about the BGP Conditional Route Injection feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsbgpri.htm

BGP Hide Local-Autonomous System

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

When the neighbor local-as command is configured on a Border Gateway Protocol (BGP) speaking router, the local autonomous system number is automatically prepended to all routes that are learned from external peers by default. This behavior makes changing the autonomous system number for a service provider or large existing BGP network difficult because paths, with the prepended autonomous system number, will be rejected by internal routers that are configured with the same autonomous system number. For example, if the network operator configures an internal router with the neighbor 10.0.0.2 local-as 20 command, all paths that are learned from the 10.0.0.2 external peer will have the autonomous system number 20 prepended. Internal routers that are configured with the autonomous number 20 will detect these routes as routing loops and reject them. This behavior required a network operator to change the autonomous system number for all internal peers at the same time in order to change the autonomous system number for a BGP network.

The BGP Hide Local-Autonomous System feature introduces the no-prepend keyword to the neighbor local-as command. The use of the no-prepend keyword will allow a network operator to configure a BGP speaker to not prepend the local autonomous system number to any routes that are received from external peers. This feature can be used to help transparently change the autonomous system number of a BGP network and ensure that routes can be propagated throughout the autonomous system, while the autonomous system number transition is incomplete. Because the local autonomous system number is not prepended to these routes, external routes will not be rejected by internal peers during the transition from one autonomous system number to another.


Caution Configuring this feature incorrectly could potentially create routing loops and should be attempted only by an experienced network operator.

For more information about the BGP Hide Local-Autonomous System feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsbgphla.htm

BGP Hybrid CLI Support

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The BGP Hybrid CLI Support feature allows the network operator to configure the Border Gateway Protocol (BGP) using the Network Layer Reachability Information (NLRI) format for IPv4 unicast commands and the address-family identifier (AFI) format for address family commands, such as IPv6, VPNv4, and Connectionless Network Service (CLNS) protocol commands.

For more information about the BGP Hybrid CLI Support feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fs_bhcli.htm

The Cisco IOS IPv6 Configuration Library is available at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t13/ipv6_vgf.htm

BGP Link Bandwidth

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The BGP Link Bandwidth feature is used to advertise the bandwidth of an autonomous system exit link as an extended community. The BGP Link Bandwidth feature is supported by the internal BGP (iBGP) and external BGP (eBGP) multipath features. The link bandwidth extended community indicates the preference of an autonomous system exit link in terms of bandwidth. The link bandwidth extended community attribute may be propagated to all iBGP peers and used with the BGP multipath features to configure unequal cost load balancing. When a router receives a route from a directly connected external neighbor and advertises this route to iBGP neighbors, the router may advertise the bandwidth of that link.

The link bandwidth extended community attribute is a 4-byte value that is set by the network administrator on the demilitarized zone (DMZ) interface that connects two single hop eBGP peers. The link bandwidth extended community attribute should be used as a traffic sharing value relative to other paths while forwarding traffic. Two paths are designated as equal for load balancing if the weight, local-pref, as-path length, Multi Exit Discriminator (MED), and Interior Gateway Protocol (IGP) costs are the same.

For more information about the BGP Link Bandwidth feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsbgplb.htm

BGP Multipath Load Sharing for Both eBGP and iBGP in an MPLS-VPN

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The BGP Multipath Load Sharing for Both eBGP and iBGP in an MPLS-VPN feature allows you to configure multipath load balancing with both external BGP (eBGP) and internal BGP (iBGP) paths in Border Gateway Protocol (BGP) networks that are configured to use Multiprotocol Label Switching (MPLS) Virtual Private Networks (VPNs). This feature provides improved load-balancing deployment and service offering capabilities and is useful for multihomed autonomous systems and provider edge (PE) routers that import both eBGP and iBGP paths from multihomed and stub networks.

BGP installs up to the maximum number of paths allowed (configured using the maximum-paths command). BGP uses the best path algorithm to select one multipath as the best path, insert the best path into the routing information base (RIB), and advertise the best path to BGP peers. Other multipaths may be inserted into the RIB, but only one path will be selected as the best path.


Note See the maximum-paths command documentation to determine the maximum number of configurable paths.


The multipaths are used by Cisco Express Forwarding (CEF) to perform load balancing, which can be performed on a per-packet or per-source or destination-pair basis. The BGP Multipath Load Sharing for Both eBGP and iBGP in an MPLS-VPN feature performs unequal cost load balancing by default by selecting BGP paths that do not have an equal cost of the Interior Gateway Protocol (IGP). In order to enable this feature, configure the router with MPLS VPNs that contain VPN routing and forwarding instances (VRFs) that import both eBGP and iBGP paths. The number of multipaths can be configured separately for each VRF.


Note The BGP Multipath Load Sharing for Both eBGP and iBGP in an MPLS-VPN feature will operate within the configuration parameters of the existing outbound routing policy.


For more information about the BGP Multipath Load Sharing for Both eBGP and iBGP in an MPLS-VPN feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fseibmpl.htm

BGP Named Community Lists

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

Border Gateway Protocol (BGP) communities are attributes that are used to group and filter routes. Communities are designed to give the network operator the ability to apply policies to large numbers of routes by using match and set clauses in the configuration of route maps. Community lists are used in this process to identify and filter routes by their common attributes.

The BGP Named Community Lists feature introduces a new type of community list called the named community list. The BGP Named Community Lists feature allows the network operator to assign meaningful names to community lists and increases the number of community lists that can be configured. A named community list can be configured with regular expressions and with numbered community lists. All rules of numbered communities apply to named community lists except that there is no limitation on the number of community attributes that can be configured for a named community list.


Note Both standard and expanded community lists have a limitation of 100 community groups that can be configured within each type of list. A named community list does not have this limitation.


For more information about the BGP Named Community Lists feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsbgpncl.htm

BGP Policy Accounting

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The BGP Policy Accounting feature provides a means of charging customers according to the route that their traffic travels. Trans-Pacific, Trans-Atlantic, satellite, domestic, and other provider traffic can be identified and accounted for on a per-customer basis when customers are on a unique software interface. This feature also allows the accounting of traffic to known autonomous system numbers in order to better engineer and plan network circuit peering and transit agreements.

The BGP Policy Accounting feature classifies IP traffic by autonomous system number, autonomous system path, or community list, and increments packet and byte counters per input interface. It performs this function using route maps to classify the traffic into one of eight possible indexes, which represent a traffic classification.

For more information about the BGP Policy Accounting feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsbgppa.htm

BGP Prefix-Based Outbound Route Filtering

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The BGP Prefix-Based Outbound Route Filtering feature uses Border Gateway Protocol (BGP) outbound route filter (ORF) send and receive capabilities to minimize the number of BGP updates that are sent between peer routers. The configuration of this feature can help reduce the amount of resources required for generating and processing routing updates by filtering out unwanted routing updates at the source. For example, this feature can be used to reduce the amount of processing required on a router that is not accepting full routes from a service provider network.

The BGP Prefix-Based Outbound Route Filtering feature is enabled through the advertisement of ORF capabilities to peer routers. The advertisement of the ORF capability indicates that a BGP-speaking router will accept a prefix list from a neighbor and apply the prefix list to locally configured ORFs (if any exist). When this capability is enabled, the BGP speaker can install the inbound prefix list filter to the remote peer as an outbound filter, which reduces unwanted routing updates.

The BGP Prefix-Based Outbound Route Filtering feature can be configured with send, receive, or send and receive ORF capabilities. The local peer advertises the ORF capability in send mode. The remote peer receives the ORF capability in receive mode and applies the filter as outbound policy. The local and remote peers exchange updates to maintain the ORF for each router. Updates are exchanged between peer routers by address family depending on the ORF prefix list capability that is advertised. The remote peer starts sending updates to the local peer after it receives a route refresh request or an ORF prefix list with immediate status. The BGP speaker will continue to apply the inbound prefix list to received updates after the speaker pushes the inbound prefix list to the remote peer.

For more information about the BGP Prefix-Based Outbound Route Filtering feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsbgporf.htm

Bidirectional PIM

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

Bidirectional PIM (bidir-PIM) is a variant of the Protocol Independent Multicast (PIM) suite of routing protocols for IP multicast. In PIM, packet traffic for a multicast group is routed according to the rules of the mode configured for that multicast group. The Cisco IOS implementation of PIM supports three modes for a multicast group:

Bidirectional mode

Dense mode

Sparse mode

A router can simultaneously support all three modes or any combination of them for different multicast groups. In bidirectional mode, traffic is routed only along a bidirectional shared tree that is rooted at the rendezvous point (RP) for the group. In bidir-PIM, the IP address of the RP acts as the key to having all routers establish a loop-free spanning tree topology rooted in that IP address. This IP address need not be for a router, but can be any unassigned IP address on a network that is reachable throughout the PIM domain. This technique is the preferred configuration method for establishing a redundant RP configuration for bidir-PIM.

Membership to a bidirectional group is signalled via explicit join messages. Traffic from sources is unconditionally sent up the shared tree toward the RP and passed down the tree toward the receivers on each branch of the tree.

Bidir-PIM is designed to be used for many-to-many applications within individual PIM domains. Multicast groups in bidirectional mode can scale to an arbitrary number of sources without incurring overhead because of the number of sources.

Bidir-PIM is derived from the mechanisms of PIM-SM and shares many shortest-path tree (SPT) operations. Bidir-PIM also has unconditional forwarding of source traffic toward the RP upstream on the shared tree, but no registering process for sources as in PIM-SM. These modifications are necessary and sufficient to allow forwarding of traffic in all routers solely on the basis of the (*, G) multicast routing entries. This feature eliminates any source-specific state and allows scaling capability to an arbitrary number of sources.


Note As of Cisco IOS Release 12.2 and later releases, bidir-PIM is disabled by default and must be explicitly enabled by configuring the ip pim bidir-enable command in global configuration mode.


Cisco 7500 Single Line Card Reload

Supported platform: Cisco 7500 series

The Cisco 7500 Single Line Card Reload feature, the only method of correcting a line card hardware failure or a severe software error for one line card on a Cisco 7500 series router, requires the execution of a CBus Complex, a process that reloads every line card on the network backplane. The time it takes to complete the CBus Complex is often inconvenient, and no network traffic can be routed or switched during the CBus Complex process.

The Single Line Card Reload (SLCR) feature enables users to correct a line card failure on a Cisco 7500 series router by reloading the failed line card without reloading any other line cards on the network backplane. During the single line card reload process, all physical lines and routing protocols on the other line cards of the network backplane remain active. A single line card reload is also significantly faster than the CBus Complex process.

The SLCR feature works on all RSP images for all Cisco IOS releases that support the SLCR feature.

For more information about the SLCR feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121e/121e5/e5_slcr.htm

Cisco IOS Server Load Balancing (SLB)

Supported platforms: Cisco 7200 series

The Cisco IOS Server Load Balancing (SLB) feature is a Cisco IOS software-based solution that provides IP server load balancing. Using the Cisco IOS SLB feature, you can define a virtual server that represents a group of real servers in a cluster of network servers known as a server farm. In this environment, the clients connect to the IP address of the virtual server. When a client initiates a connection to the virtual server, the Cisco IOS SLB function chooses a real server for the connection based on a configured load-balancing algorithm.

Cisco IOS SLB also provides firewall load balancing, which balances flows across a group of firewalls called a firewall farm.


Note Cisco IOS SLB does not support load balancing of flows between clients and real servers that are on the same LAN or VLAN. The packets that are being load balanced cannot enter and leave the load-balancing device on the same interface.


Cisco IOS SLB provides the following functions and capabilities:

Algorithms for Server Load Balancing:

Weighted Round Robin

Weighted Least Connections

Alternate IP Addresses

Automatic Server Failure Detection

Automatic Unfail

Backup Server Farms

Bind ID Support (also referred to as "Specifying a Bind ID")

CISCO-SLB-MIB

Client-Assigned Load Balancing

Content Flow Monitor Support

Delayed Removal of TCP Connection Context

Dynamic Feedback Protocol for Cisco IOS SLB

Firewall Load Balancing

GPRS Load Balancing

Maximum Connections

Multiple Firewall Farm Support

Network Address Translation (NAT)

Port-Bound Servers

Probes (HTTP probes, ping probes, and WSP probes)

Protocol Support

Redundancy Enhancements (Stateless and Stateful Backup, and Active Standby)

Route Health Injection

Slow Start

Sticky Connections

SynGuard

TCP Session Reassignment

Transparent Webcache Load Balancing

WAP Load Balancing

For more information about Cisco IOS SLB, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsslb.htm

Cisco Quality of Service Device Manager

Supported platforms: Cisco 7200 series, Cisco 7500 series that are VIP-enabled

Cisco Quality of Service Device Manager (QDM) is a web-based Java application through which you can configure and monitor advanced IP-based quality of service (QoS) functionality within Cisco routers.

QDM is available as a separate product and may be downloaded free of charge.

For more information about QDM, see the Release and Installation Notes for Cisco Quality of Service Device Manager at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/qdm/

Class-Based Quality of Service MIB

Supported platforms: Cisco 7200 series, Cisco 7500 series

The Class-Based Quality of Service MIB (Class-Based QoS MIB) provides read access to QoS configurations. This MIB also provides QoS statistics information based on the modular quality of service command-line interface (MQC), including information regarding class-map and policy-map parameters.

The Class-Based QoS MIB actually consists of two MIBs: CISCO-CLASS-BASED-QOS-MIB and CISCO-CLASS-BASED-QOS-CAPABILITY-MIB.

For more information, see the Cisco Network Management Toolkit for the MIBs at the following location:

http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml

DCBWFQ, DWRED, and DLLQ Support for PA-A3-8E1IMA and PA-A3-8T1IMA Port Adapters on Cisco 7500 Series Routers

Supported platform: Cisco 7500 series

PA-A3-8E1IMA and PA-A3-8T1IMA port adapters on Cisco 7500 series now support Distributed Class-Based WFQ (DCBWFQ), Distributed Weighted Random Early Detection (DWRED), and Distributed Low Latency Queueing (DLLQ).

Distributed Class-Based WFQ

Weighted Fair Queueing (WFQ) offers dynamic, fair queueing that divides bandwidth across queues of traffic based on weights. WFQ ensures that all traffic is treated fairly, given its weight.

Distributed Class-Based WFQ (DCBWFQ) extends the standard WFQ functionality to provide support for user-defined traffic classes on the VIP. These user-defined traffic classes are configured in the Modular Quality of Service Command-Line Interface feature. For information on how to configure quality of service (QoS) with the modular quality of service command-line interface (MQC), see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120xe/120xe5/mqc/mcli.htm

For information on how to configure DCBWFQ, see the "Configuring Weighted Fair Queueing" chapter in the "Congestion Management" part of the Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.1, at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/qos_c/qcprt2/qcdwfq.htm

Distributed Weighted Random Early Detection

Weighted Random Early Detection (WRED), the Cisco implementation of Random Early Detection (RED), combines the capabilities of the RED algorithm with IP precedence to provide preferential traffic handling for higher priority packets. It can selectively discard lower priority traffic when the interface begins to get congested and can provide differentiated performance characteristics for different classes of service.

Distributed WRED (DWRED) is the Cisco high-speed version of WRED. The DWRED algorithm was designed with Internet service providers (ISPs) in mind; it allows an ISP to define minimum and maximum queue depth thresholds and drop capabilities for each class of service.

For more information about DWRED, see the "Quality of Service Overview" chapter of the Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.1, at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/qos_c/qcdintro.htm

Distributed Low Latency Queueing

Distributed Low Latency Queueing (DLLQ) enables you to specify low latency behavior for a traffic class. LLQ allows delay-sensitive data such as voice to be dequeued and sent first (before packets in other queues are dequeued), giving delay-sensitive data preferential treatment over other traffic.

DLLQ also introduces the ability to limit the depth of a device transmission ring. Before the introduction of DLLQ, the maximum transmission ring depth was not a user-configurable parameter. Therefore, particles could accumulate on a transmission ring without limitation, which could result in unavoidable high latencies. DLLQ allows users to limit the number of particles that may exist on a transmission ring, effectively lowering the latency incurred by packets sitting on that transmission ring.

For more information about DLLQ, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121t/121t5/dtllqvip.htm

PA-A3-8E1IMA and PA-A3-8T1IMA

For more information about the PA-A3-8E1IMA and PA-A3-8T1IMA port adapters, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7505/portadpt/atm_port/a3_8t_8e/index.htm

DFP Agent Subsystem

Supported platforms: Cisco 7200 series

The Dynamic Feedback Protocol (DFP) enables a DFP agent in a local load-balancing environment to collect status information from one or more real host servers, convert the information to relative weights, and report the weights to a DFP manager, such as a Cisco IOS Server Load Balancing (SLB) device. The DFP manager factors in the weights when load balancing the real servers. DFP also supports global load-balancing environments, with Cisco IOS SLB reporting weights to DistributedDirector.

In earlier Cisco IOS releases, the DFP agent was implemented only in Cisco IOS SLB. The new DFP Agent Subsystem feature enables client subsystems other than Cisco IOS SLB to act as DFP agents. However, currently Cisco IOS SLB is the only supported subsystem. You can use multiple DFP agents from different client subsystems at the same time.

For more information about DFP, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsdfp.htm

DiffServ Compliant Weighted Random Early Detection

Supported platform: Cisco 7500 series


Note The DiffServ Compliant Weighted Random Early Detection feature is also referred to as the Differentiated Services Compliant Distributed Weighted Random Early Detection feature or as the DiffServ Compliant DWRED feature.


The DiffServ Compliant Weighted Random Early Detection feature enables Weighted Random Early Detection (WRED) to use the differentiated services code point (DSCP) value when it calculates the drop probability for a packet. The DSCP value is the first six bits of the IP type of service (ToS) byte.

For more information about the DiffServ Compliant Weighted Random Early Detection feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121e/121e5/dsdwrede.htm

Distributed GRE Tunneling Support

Supported platform: Cisco 7500 series

The Distributed GRE Tunneling Support feature allows Cisco IOS software to switch packets into and out of the generic routing encapsulation (GRE) tunnels using distributed Cisco Express Forwarding (dCEF). The tunneling is performed using recursive or "double" switching techniques that are currently deployed on existing nondistributed platforms. The relevant bits are ported into this development.

Double switching is performed by the handling of the received IP packet in the existing code path until it is determined that the packet needs encapsulation or de-encapsulation. Recursively forwarding the IP packet through the IP switching path again explains the "double" aspect of the switching.

For more information about the Distributed GRE Tunneling Support feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fs_dgre.htm

Distributed Network-Based Application Recognition

Supported platforms: Cisco 7500 series

Distributed Network-Based Application Recognition (dNBAR) introduces the existing NBAR feature for Cisco 7500 series that are configured with a Versatile Interface Processor (VIP).

The dNBAR feature allows packet classification by adding intelligent network classification to network infrastructures. dNBAR is a classification engine that recognizes a wide variety of applications, including web-based and other difficult-to-classify protocols that utilize dynamic TCP/UDP port assignments.

When an application is recognized and classified by dNBAR, a network can invoke services for that specific application. dNBAR ensures that network bandwidth is used efficiently by working with quality of service (QoS) features to provide the following features:

Guaranteed bandwidth

Bandwidth limits

Traffic shaping

Traffic policing

Packet marking

For more information about the dNBAR feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsnbarad.htm

DLR Enhancements: PGM RFC-3208 Compliance

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

In compliance with RFC 3208, the DLR Enhancements feature adds off-tree designated local repairer (DLR) support and redirecting poll response (POLR) capability for upstream DLRs to the Cisco implementation of Pragmatic General Multicast (PGM).

Enhanced Password Security, Phase I

Supported platforms: Cisco 7200 series, Cisco 7500 series

Using the Enhanced Password Security feature, you can configure Message Digest 5 (MD5) encryption for username passwords. Before the introduction of this feature, there were two types of passwords associated with usernames. Type 0 is a clear text password visible to any user who has access to privileged mode on the router. Type 7 is a password with a weak, exclusive-or type encryption. Type 7 passwords can be retrieved from the encrypted text by using publicly available tools.

MD5 encryption is a one-way hash function that makes reversal of an encrypted password impossible, providing strong encryption protection. Using MD5 encryption, you cannot retrieve clear text passwords. MD5 encrypted passwords cannot be used with protocols that require that the clear text password be retrievable, such as Challenge Handshake Authentication Protocol (CHAP).

Use the username (secret) command to configure a username and an associated MD5 encrypted secret.

For more information about the Enhanced Password Security, Phase I feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121e/121e8/8e_md5.htm

EXEC Commands in Configuration Mode

Supported platforms: Cisco 7200 series, Cisco 7500 series

You can now issue EXEC-level Cisco IOS commands (such as show, clear, and debug commands) from within global configuration mode or other modes by issuing the do command followed by the EXEC command.

For more information about the EXEC-level Cisco IOS commands, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122b/122b_15/12e_exe.htm

Express RTP Header Compression

Supported platform: Cisco 7200 series

Before the introduction of the Express RTP Header Compression feature, if compression of Real-Time Transport Protocol (RTP) headers was enabled, compression was performed in the process-switching path. That meant that packets traversing interfaces that had RTP header compression enabled were queued and passed up to the process to be switched. This procedure slowed down transmission of the packet, and therefore some users preferred to fast-switch uncompressed RTP packets.

Now, if RTP header compression is enabled, it occurs by default in the fast-switched path or the Cisco Express Forwarding switched (CEF-switched) path, depending on which switching method is enabled on the interface. Furthermore, the number of RTP header compression connections was increased to 1000 connections each.

If neither fast switching nor CEF switching is enabled, then if RTP header compression is enabled, it will occur in the process-switched path as before.

For more information about the Express RTP Header Compression feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121e/121e4/rtpfast.htm

Frame Relay Queueing and Fragmentation at the Interface

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The Frame Relay Queueing and Fragmentation at the Interface feature introduces support for low latency queueing (LLQ) and FRF.12 end-to-end fragmentation on a Frame Relay interface. This new feature simplifies the configuration of low latency, low jitter quality of service (QoS) by enabling the queueing policy and fragmentation configured on the interface to apply to all permanent virtual circuits (PVCs) and subinterfaces under that main interface. Before the introduction of this feature, queueing and fragmentation had to be configured on each individual PVC. Subrate shaping can also be configured on the interface.

For more information about the Frame Relay Queueing and Fragmentation at the Interface feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsfrintq.htm

Functionality Changed for the tunnel mpls traffic-eng autoroute metric Command

Supported platforms: Cisco 7200 series, Cisco 7500 series

The default behavior of the tunnel mpls traffic-eng autoroute metric interface configuration command has been changed in Cisco IOS Release 12.2(14)S. This command now combines the costs of all Intermediate System-to-Intermediate System (IS-IS) routes that are downstream from a Traffic Engineering (TE) tunnel into an additive path metric. IS-IS uses the additive path metric to set the metric of the TE tunnel.

Generic Routing Encapsulation (GRE) Tunnel Keepalive

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The Generic Routing Encapsulation (GRE) Tunnel Keepalive feature provides the capability of configuring keepalive packets to be sent over IP-encapsulated GRE tunnels. You can specify the rate at which keepalives will be sent and the number of times that a device will continue to send keepalive packets without a response before the interface becomes inactive.

For more information about the Generic Routing Encapsulation (GRE) Tunnel Keepalive feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/s_grekpa.htm

GLBP: Gateway Load Balancing Protocol

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The Gateway Load Balancing Protocol (GLBP) feature provides automatic router backup for IP hosts that are configured with a single default gateway on an IEEE 802.3 LAN. Multiple first-hop routers on the LAN combine to offer a single virtual first-hop IP router while sharing the IP packet forwarding load between them. Other routers on the LAN may act as redundant GLBP routers that will become active if any of the existing forwarding routers fail.

For more information about GLBP, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fs_glbp2.htm

iBGP Multipath Load Sharing

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

When a Border Gateway Protocol (BGP) speaking router with no local policy configured receives multiple network layer reachability information (NLRI) from the internal BGP (iBGP) for the same destination, the router will choose one iBGP path as the best path. The best path is then installed in the IP routing table of the router.

The iBGP Multipath Load Sharing feature enables the BGP speaking router to select multiple iBGP paths as the best paths to a destination. The best paths or multipaths are then installed in the IP routing table of the router. The iBGP Multipath Load Sharing feature functions similarly in a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) with a service provider backbone.

For multiple paths to the same destination to be considered as multipaths, the following criteria must be met:

All attributes must be the same. The attributes include weight, local preference, autonomous system path (entire attribute and not just length), origin code, Multi Exit Discriminator (MED), and Interior Gateway Protocol (IGP) distance.

The next hop router for each multipath must be different.

Even if the criteria are met and multiple paths are considered multipaths, the BGP speaking router will still designate one of the multipaths as the best path and advertise this best path to its neighbors.

For more information about the iBGP Multipath Load Sharing feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsbgpls.htm

IGMP State Limit

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The IGMP State Limit feature provides protection against denial of service attacks caused by Internet Group Management Protocol (IGMP) packets. The new command-line interface (CLI) introduced by this feature allows you to configure a limit on the number of IGMP states that results from IGMP, IGMP Version 3 lite, and URL Rendezvous Directory (URD) membership reports on a per-interface or global basis. Membership reports in excess of the configured limits will not be entered in the IGMP cache, and traffic for those excess membership reports will not be forwarded.

IGMP Version 3—Explicit Tracking of Hosts, Groups, and Channels

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series


Note The IGMP Version 3—Explicit Tracking of Hosts, Groups, and Channels feature is also referred to as the Explicit Tracking of Hosts, Group, and Channels for IGMP Version 3 feature.


The Internet Group Management Protocol (IGMP) is used by IP hosts to report their multicast group memberships to neighboring multicast routers. IGMP is available in versions 1, 2, and 3. The Explicit Tracking of Hosts, Groups, and Channels for IGMP Version 3 feature enables a multicast router to explicitly track the membership of all multicast hosts in a particular multiaccess network. This enhancement to the Cisco IOS implementation of IGMPv3 enables the router to keep track of each individual host that is joined to a particular group or channel. The main benefits of this feature are that it provides minimal leave latencies, faster channel changing, and improved diagnostics capabilities for IGMP.

For more information about IGMPv3 and related features such as Source Specific Multicast (SSM), see the Cisco IOS IP Configuration Guide, Release 12.2, at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/index.htm

For more information about the IGMP Version 3—Explicit Tracking of Hosts, Groups, and Channels feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fs_xtrc.htm

Integrated IS-IS Point-to-Point Adjacency over Broadcast Media

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

When a network consists of only two networking devices that are connected to broadcast media and uses the integrated Intermediate System-to-Intermediate System (IS-IS) protocol, it is better for the system to handle the link as a point-to-point link instead of as a broadcast link. This feature introduces a new command to make IS-IS behave as a point-to-point link between the networking devices.

Using this feature provides performance improvements to the network convergence times of the customer network because the feature saves the system from electing a designated router (DR), prevents flooding from using complete sequence number PDUs (CSNPs) for database synchronization, and simplifies shortest path first (SPF) computations.

For more information about the Integrated IS-IS Point-to-Point Adjacency over Broadcast Media feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fissp2p.htm

Interface Range Configuration Mode

Supported platforms: Cisco 7200 series, Cisco 7500 series

The interface range configuration mode allows you to configure multiple interfaces with the same configuration parameters. Once you enter the interface range configuration mode, all command parameters that you enter are attributed to all interfaces within that range until you exit the interface range configuration mode.

The interface range command mode has the following syntax:

interface range {vlan vlan_ID - vlan_ID} | {{ethernet | fastethernet | gigabitethernet | macro macro_name} slot/interface - interface} [, {{ethernet | fastethernet | gigabitethernet | macro macro_name} slot/interface - interface}]

Note that the space before the dash is required, you can enter up to five comma-separated ranges, and you are not required to enter spaces before or after the comma.

Interface Range Specification

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The Interface Range Specification feature allows specification of a range of interfaces to which subsequent commands are applied and supports definition of macros that contain an interface range. The Interface Range Specification feature is implemented with the range keyword, which is used with the interface command. In the interface configuration mode with the range keyword, all entered commands are applied to all interfaces within the range until you exit interface configuration mode.

IP Access List Entry Sequence Numbering

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The IP Access List Entry Sequence Numbering feature allows the user to add a sequence number to every access control element (ACE) in an access control list (ACL) and simplifies and accelerates ACE resequencing.

Before the release of this feature, there is no way to specify the position of an ACE within an ACL. When a user wants to insert an ACE in the middle of an existing list, all of the ACEs after the desired position must be removed, the new ACE is then applied, and finally all deleted ACEs must be reapplied in their new positions after the new ACE. This method is cumbersome and error prone.

This feature allows users to add sequence numbers to ACEs and resequence existing ACEs. When a user adds a new ACE, the user chooses the sequence number so that it is in a desired position in the ACL. And when a new ACE must be inserted, the ACEs currently on the ACL can be resequenced to create room on the ACL to insert the new ACE.

This feature works with numbered and named ACLs, and it supports standard and extended ACLs.

For backward compatibility with previous releases, if ACEs with no sequence numbers are applied, the first ACE will have a sequence number of 10, and successive ACEs will have sequence numbers incremented by 10. The maximum sequence number is 2147483647. If the generated sequence number exceeds this maximum number, the following message is displayed:

Exceeded maximum sequence number.

If an ACE that already belongs to an existing ACL is entered without a sequence number, then it is assigned a sequence number that is 10 greater than the last sequence number in that ACL and is placed at the end of the list.

Distributed support will be provided so that the sequence numbers of ACEs in the Route Processor (RP) and LC are in synchronization at all times. Sequence numbers will not be nvgened.

If an ACE matches an already existing entry (except for the sequence number), then no changes are made. If a new ACE has a sequence number that is already present, the following error message is generated:

Duplicate sequence number.

If an ACL is entered from global configuration mode, then sequence numbers for that ACL are generated automatically.

For more information about the IP Access List Entry Sequence Numbering feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsaclseq.htm

IP Event Dampening

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The IP Event Dampening feature introduces a configurable exponential decay mechanism to suppress the effects of excessive interface flapping events on routing tables and protocols. This feature allows the network operator to configure a router to identify and dampen flapping interfaces, which reduces the utilization of system processing resources and improves network stability and performance. This feature is configured on a per-interface basis and supports Connectionless Network Service (CLNS) and IP routing protocols.

For more information about the IP Event Dampening feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsipevdp.htm

IP MMLS Global Threshold

Supported platforms: Cisco 7200 series, Cisco 7500 series

The IP Multicast Multilayer Switching (MMLS) Global Threshold feature allows you to configure a global multicast rate threshold, specified in packets per second, below which all multicast traffic is routed by the Multilayer Switch Feature Card, which prevents creation of switching cache entries for low-rate Layer 3 flows.

IPSec—SNMP Support

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The IPSec—SNMP Support feature introduces support for industry standard IP Security (IPSec) MIBs and Cisco IOS software specific IPSec MIBs. The IPSec MIBs allow IPSec configuration monitoring and IPSec status monitoring using Simple Network Management Protocol (SNMP), and can be integrated into a variety of Virtual Private Network (VPN) management solutions. Cisco IOS command-line interface (CLI) commands allow you to examine the version of the MIBs, to enable (or disable) SNMP notifications for IPSec, and to monitor and control the size of the buffers that are used by this feature.

Full details of management options can be found in the CISCO-IPSEC-FLOW-MONITOR- MIB, the CISCO-IPSEC-MIB, and the CISCO-IPSEC-POLICY-MAP-MIB. These MIB modules can be obtained from Cisco Network Management Toolkit for the MIBs at the following location:

http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml

For more information about the IPSec—SNMP Support feature and related Cisco IOS commands, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121e/121e4/dtipmib.htm

IPv6 Features

The following sections describe various IP version 6 (IPv6) features. For more information about the IPv6 features, see the Cisco IOS IPv6 Configuration Library at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t13/ipv6_vgf.htm

CEFv6/dCEFv6—Cisco Express Forwarding

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

Cisco Express Forwarding for IPv6 (CEFv6) is advanced, Layer 3 IP switching technology for the forwarding of IPv6 packets. Distributed CEF for IPv6 (dCEFv6) performs the same functions as CEFv6 but for distributed architecture platforms such as the Cisco 12000 series Internet routers. CEFv6 and dCEFv6 function the same and offer the same benefits as CEFv4 and dCEFv4.

In Cisco IOS Release 12.2S, dCEFv6 and CEFv6 support IPv6 addresses and prefixes, separate Forwarding Information Bases (FIBs) for IPv6 global, site-local, and link-local addresses, and a separate global FIB for each Virtual Private Network (VPN).

IPv6 CEF supports a subset of the IPv4 CEF commands using the ipv6 cef root rather than ip cef. The behavior of all commands is analogous to that of the IPv4 CEF commands. Furthermore, a number of existing CEF commands that start with the root show cef now display IPv6 CEF information in addition to IPv4 CEF information.C

Table 32 lists the IPv6 commands that are related to the CEFv6/dCEFv6—Cisco Express Forwarding feature and that are supported in Cisco IOS Release 12.2S.

Table 32 IPv6 Commands Related to the CEFv6/dCEFv6—Cisco Express Forwarding
Feature 

Command
Description
Global Configuration Commands

ipv6 cef

Enables/disables IPv6 CEF forwarding globally. To enable IPv6 CEF, IPv4 CEF must first be enabled by configuring ip cef.

ipv6 cef accounting [per-prefix] [prefix-length]

Configures per IPv6 prefix accounting and/or prefix length accounting.

ipv6 cef distributed

Enables/disables IPv6 distributed forwarding globally. To enable distributed IPv6 CEF, distributed IPv4 CEF must first be enabled by configuring ip cef distributed.

Debug Commands

debug ipv6 cef drops

Enables debugging of packets dropped by CEFv6 switching.

debug ipv6 cef events

Enables debugging of control plane events for CEFv6.

debug ipv6 cef hash

Enables debugging of load balancing hash setup events for CEFv6.

debug ipv6 cef receive

Enables debugging packets passed to IPv6 process level switching.

debug ipv6 cef table

Enables debugging of CEFv6 table modification events.

Show Commands

show ipv6 cef interface [detail]

Shows all IPv6 prefixes using the specified interface.

show ipv6 cef prefix [detail]

Shows IPv6 CEF information for the specified prefix.

show ipv6 cef adjacency adjacency

Shows all IPv6 prefixes resolving through the specified adjacency.

show ipv6 cef non-recursive [detail]

Shows nonrecursive prefixes.

show ipv6 cef summary

Shows CEF table summary information.

show ipv6 cef traffic prefix-length

Shows per-prefix length accounting statistics.

show ipv6 cef unresolved

Shows unresolved prefixes

Other Commands

show cef drop

Shows counters of IPv6 and IPv4 dropped packets.

show cef interface [detail] [statistics] interface

Shows CEF interface status and configuration.

show cef linecard [detail] [internal] slot

Shows CEF information related to line cards.

show cef not-cef-switched

Show counters of IPv6 and IPv4 packets passed on to the next switching layer.


CEFv6 Switching for Tunnels

This section discusses the following three features:

CEFv6 Switching for 6to4 Tunnels

CEFv6 Switching for Automatic IPv6 over IPv4 Tunnels

CEFv6 Switching for IPv6 ISATAP Tunnels

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

Cisco Express Forwarding (CEF) switching is on by default when the IP version 6 (IPv6) protocol is configured on an interface. IPv6 overlay tunneling mechanisms (6to4, automatic, and Intra-Site Automatic Tunnel Addressing Protocol [ISATAP]) use CEF to transport IPv6 packets.

For information about implementing tunneling for IPv6, see the Cisco document at the following location:

http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-tunnel.html

Cisco Discovery Protocol (CDP) - IPv6 Address Family Support for Neighbor Information

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The CDP IPv6 Address Family Support for Neighbor Information feature adds the ability to transfer IP version 6 (IPv6) addressing information between two Cisco devices using Cisco Discovery Protocol (CDP). CDP support for IPv6 addresses allows CDP to exchange IPv6 addressing information. CDP support for IPv6 addresses provides IPv6 information to network management products and troubleshooting tools.

DNS Lookups over an IPv6 Transport

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The DNS Lookups over an IPv6 Transport feature adds support for IPv6 AAAA record types over an IPv6 transport in the Domain Name System (DNS) name-to-address and address-to-name lookup processes.

IPv6 Extended Access Control Lists

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

Extended access control lists in IPv6 function the same and offer the same benefits as access control lists in IPv4—IPv6 extended access lists use source and destination addresses for matching operations and IPv6 option headers and optional, upper-layer protocol type information for finer granularity of control.

IPv6 access lists are identified by user selected names and are defined by a list of permit and deny statements entered within IPv6 access list configuration mode. Each access list statement must specify the protocol and source and destination prefixes to match against (where the any keyword is equivalent to the IPv6 prefix ::/0). Every IPv6 access list has implicit permit icmp any any nd-na, permit icmp any any nd-ns, and deny ipv6 any any statements as its last match conditions. (The former two match conditions allow for Internet Control Message Protocol for IPv6 [ICMPv6] neighbor discovery.) IPv6 access lists can be used only to filter traffic; IPv6 prefix lists must be used to filter routing protocol prefixes.

Table 33 lists the IPv6 commands that are related to the IPv6 Extended Access Control Lists feature and that are supported in Cisco IOS Release 12.2S.

Table 33 IPv6 Commands Related to the IPv6 Extended Access Control Lists Feature 

Command
Description
Global Configuration Commands

ipv6 access-list name

Defines the IPv6 extended access list and enters IPv6 access list configuration mode.

ipv6 access-list log-update threshold value

Specifies the access list entry hit threshold when entries marked as log or log-input are logged.

IPv6 Access List Configuration Commands

deny protocol {src-prefix | any | host addr} [eq | neq | lt | gt | range src-ports] {dst-prefix | any | host addr} [eq | neq | lt | gt | range dst-ports] [undetermined-transport] [dscp value] [flow-label value] [fragments] [routing] [reflect reflexive-acl-name [timeout val]] [time-range time-range-name] [log | log-input] [sequence value]

Specifies deny conditions for the defined access list.

permit protocol {src-prefix | any | host addr} [eq | neq | lt | gt | range src-ports] {dst-prefix | any | host addr} [eq | neq |lt | gt | range dst-ports] [undetermined-transport] [dscp value] [flow-label value] [fragments] [routing] [reflect reflexive-acl-name [timeout val]] [time-range time-range-name] [log | log-input] [sequence value]

Specifies permit conditions for the defined access list.

evaluate reflexive-acl

Evaluates a reflexive access list.

remark text-string

Allows a user to specify a description for this access list.

Clear and Debug Commands

clear ipv6 access-list [name]

Clears the access list hit counters. Use the show ipv6 access-list command to display the number of matches for each entry.

debug ipv6 packet [ access-list ipv6-acl-name ] [ detail ]
Enables IPv6 packet-level debugging. The default setting is off. An access list can be specified such that only packets matching the access list permit entries are displayed.
Other Commands

show ipv6 access-list [name]

Displays the currently defined access lists. The number of matches made against each access list entry is displayed and can be cleared using the ipv6 clear access-list command.


IPv6 for Cisco IOS Software

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

IPv6, formerly called IPng (next generation), is the latest version of IP and offers many benefits, such as a larger address space, over the previous version of IP (version 4).

In Cisco IOS Release 12.2(14)S, the IPv6 for Cisco IOS Software feature is being integrated into the 12.2S Cisco IOS software release train along with the following additional, new feature enhancements:

Integrated Intermediate System-to-Intermediate System (IS-IS) for IPv6

Static cache entry for IPv6 neighbor discovery

Use of the first MAC address as the IPv6 interface identifier for point-to-point links

Link-local address peering in multiprotocol BGP extensions for IPv6

IPv6 ISATAP Tunnel Support

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) is an automatic overlay tunneling mechanism that uses the underlying IP version 4 (IPv4) network as a nonbroadcast multiaccess (NBMA) link layer for IP version 6 (IPv6). The IPv4 address is encoded in the last 32 bits of the IPv6 address, enabling automatic IPv6-in-IPv4 tunneling within an IPv4 network. ISATAP tunnels allow individual IPv4/IPv6 dual-stack hosts within a site to connect to an IPv6 network using the IPv4 infrastructure. ISATAP uses a normal global IPv6 prefix (/64) which can be used with both local and global unicast IPv6 prefixes, enabling IPv6 routing on the Internet.

For information about implementing tunneling for IPv6, see the Cisco document at the following location:

http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-tunnel.html

IPv6 MIBs

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The IPv6 MIBs feature adds network management support for IP version 6 (IPv6) using Simple Network Management Protocol (SNMP). New MIB tables have been added for monitoring IP and IP forwarding traffic in an IPv6 environment.

No new or modified Cisco IOS commands are associated with this feature. For details on the MIB enhancements, see the CISCO-IETF-IP-FORWARD-MIB.my and CISCO-IETF-IP-MIB.my MIB files, available from the Cisco MIB FTP site at http://tools.cisco.com/ITDIT/MIBS/servlet/index.

IPv6 Provider Edge Router over MPLS

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The IPv6 Provider Edge Router over MPLS feature (also referred to as Cisco 6PE) enables IPv6 sites to communicate over a Multiprotocol Label Switching (MPLS) IPv4 network with no software or hardware upgrades in the core MPLS infrastructure and with no disruption to existing customer services.

IPv6 RIP Enhancements

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The IPv6 RIP Enhancements feature adds support for a separate IPv6 Routing Information Protocol (RIP) routing table, the ability to delete routes from the IPv6 RIP routing table, and the ability to set route tags. The hold-down timer default is now set to zero, and a maximum number of parallel routes can be configured.

Secure Shell (SSH) over an IPv6 Transport

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

Secure Shell (SSH) in IPv6 functions the same as and offers the same benefits as SSH in IPv4—the SSH Server feature enables an SSH client to make a secure, encrypted connection to a Cisco router and the SSH Client feature enables a Cisco router to make a secure, encrypted connection to another Cisco router or to any other device running an SSH server. IPv6 enhancements to SSH consist of support for IPv6 addresses that enable a Cisco router to accept and establish secure, encrypted connections with remote IPv6 nodes over an IPv6 transport.

IS-IS: Allows BGP to Control the Configuration of the Overload Bit

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The Intermediate System-to-Intermediate System (IS-IS) protocol defines a special bit in each link-state packet (LSP) called the overload-bit. IS-IS uses the overload bit to "tell" other routers to ignore this router in their shortest path first (SPF) calculations. This function prevents transit traffic from passing through the router before the routing table has converged, and transit traffic is not lost.

This feature provides IS-IS with the ability to set the overload bit and then to wait for Border Gateway Protocol (BGP) convergence. After the BGP routing table has fully converged, BGP sends a notification to IS-IS that BGP is ready for the IS-IS protocol to unset the overload bit. When the IS-IS protocol receives the notification from BGP, IS-IS unsets the overload bit and returns the router to normal operation, allowing transit traffic to pass through the router.

The configuration of this feature allows a network operator to bring a new router into a network without immediately routing traffic through the new router. The network operator can configure the router that is running IS-IS to wait until the BGP routing table converges or the configured timer expires. The configuration of this feature can improve network performance and stability by making the router available much faster without the risk of losing traffic that is destined for other networks.


Note This feature is configured on the router that is running IS-IS and does not require any specific configuration for BGP.


This feature introduces three configuration options for the set-overload-bit IS-IS router configuration command. See Table 34 for syntax descriptions.

set-overload-bit [on-startup {announce-time | wait-for-bgp}]

no set-overload-bit [on-startup {announce-time | wait-for-bgp}]

Table 34 set-overload-bit Syntax Descriptions 

on-startup
(Optional)

Configures IS-IS to set the overload bit at startup.

announce-time (Optional)

Sets the overload bit for the specified time interval. The configurable range is from 5 to 86,400 seconds. There is no default timer value for this configuration option.

wait-for-bgp (Optional)

Sets the overload bit on the router until BGP routing tables have converged and BGP notifies IS-IS or the default timer has expired. The default timer is 600 seconds.


IS-IS HMAC-MD5 Authentication and Enhanced Clear Text Authentication

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The IS-IS HMAC-MD5 Authentication and Enhanced Clear Text Authentication feature adds an HMAC-MD5 digest to each Intermediate System-to-Intermediate System (IS-IS) protocol data unit (PDU). HMAC is a mechanism for message authentication codes (MAC) using cryptographic hash functions. The digest allows authentication at the IS-IS routing protocol level, which prevents unauthorized routing messages from being injected into the network routing domain. IS-IS clear text (plain text) authentication is enhanced so that passwords are encrypted when the software configuration is displayed and passwords are easier to manage and change.

For more information about the IS-IS HMAC-MD5 Authentication and Enhanced Clear Text Authentication feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/ftismd5.htm

Low Latency Queuing for the VIP Enhancement

Supported platform: Cisco 7500 series

The optional bytes argument has been added to the priority command.

For more information about the Low Latency Queuing for the VIP feature, including information about the bytes argument in the priority command, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120xe/120xe5c/llqvip.htm

Manual TFTP Certificate Enrollment

Supported platforms: Cisco 7200 series, Cisco 7500 series

The Manual TFTP Certificate Enrollment feature allows users to generate a certificate request and accept certification authority (CA) certificates, as well as the router's certificates; these tasks are accomplished via a TFTP server or manual cut-and-paste operations. Users may wish to use TFTP or manual cut-and-paste enrollment in the following situations:

Their CA does not support Simple Certificate Enrollment Protocol (SCEP) (which is the most commonly used method for sending and receiving requests and certificates).

A network connection between the router and CA is not possible (which is how a router running Cisco IOS software obtains it certificate).

MPLS Label Distribution Protocol (LDP)

Supported platforms: Cisco 7200 series, Cisco 7500 series

The Cisco Multiprotocol Label Switching (MPLS) label distribution protocol (LDP), as standardized by the Internet Engineering Task Force (IETF) and as enabled by Cisco IOS software, allows the construction of highly scalable and flexible IP Virtual Private Networks (VPNs) that support multiple levels of services.

LDP provides a standard methodology for hop-by-hop, or dynamic label, distribution in an MPLS network by assigning labels to routes that have been chosen by the underlying Interior Gateway Protocol (IGP) routing protocols. The resulting labeled paths, called label switch paths or LSPs, forward label traffic across an MPLS backbone to particular destinations. These capabilities enable service providers to implement the Cisco MPLS-based IP VPNs and IP+ATM services across multivendor MPLS networks.

LDP provides the means for label switch routers (LSRs) to request, distribute, and release label prefix binding information to peer routers in a network. LDP enables LSRs to discover potential peers and to establish LDP sessions with those peers for the purpose of exchanging label binding information.

From an historical and functional standpoint, LDP is a superset of the Cisco prestandard Tag Distribution Protocol (TDP), which also supports MPLS forwarding along normally routed paths. For those features that LDP and TDP share in common, the pattern of protocol exchanges between network routing platforms is identical. The differences between LDP and TDP for those features supported by both protocols are largely embedded in their respective implementation details, such as the encoding of protocol messages.

This release of LDP, which supports both the LDP and TDP protocols, provides the means for transitioning an existing network from a TDP environment to an LDP environment. Thus, you can run LDP and TDP simultaneously on any router platform. The routing protocol that you select can be configured on a per-interface basis for directly connected neighbors and on a per-session basis for nondirectly connected (targeted) neighbors. In addition, an LSP across an MPLS network can be supported by LDP on some hops and by TDP on other hops.

For more information about MPLS LDP, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fs2sldp.htm

MPLS Label Distribution Protocol (LDP) MIB

Supported platforms: Cisco 7200 series, Cisco 7500 series

The Multiprotocol Label Switching (MPLS) label distribution protocol (LDP) MIB (MPLS LDP MIB) has been implemented to enable standard, Simple Network Management Protocol (SNMP)-based network management of the label switching features in Cisco IOS software. Providing this capability requires SNMP agent code to execute on a designated network management system (NMS) in the network. The NMS serves as the medium for user interaction with the network management objects in the MPLS LDP MIB.

The SNMP agent embodies a layered structure that is compatible with Cisco IOS software and presents a network administrative and management interface to the objects in the MPLS LDP MIB and, thence, to the rich set of label switching capabilities supported by Cisco IOS software.

By means of an SNMP agent, you can access MPLS LDP MIB objects using standard SNMP GET operations to accomplish a variety of network management tasks. All the objects in the MPLS LDP MIB follow the conventions defined in the Internet Engineering Task Force (IETF) draft MIB entitled "draft-ietf-mpls-ldp-mib-07.txt," which defines network management objects in a structured and standardized manner. This draft MIB is continually being evolved toward the status of a standard. Accordingly, the MPLS LDP MIB will be implemented in a manner that tracks the evolution of this IETF document.

Slight differences that exist between the IETF draft MIB and the implementation of equivalent functions in Cisco IOS software require some minor translations between the MPLS LDP MIB objects and the internal data structures of Cisco IOS software. Such translations are accomplished by the SNMP agent, which runs in the background on the NMS workstation as a low-priority process.

The extensive label switching capabilities supported in Cisco IOS software provide an integrated approach to managing the large volumes of traffic carried by WANs. These capabilities are integrated into the Layer 3 network services, thus optimizing the routing of high volume traffic through Internet service provider backbones while, at the same time, ensuring the resiliency of the network to link or node failures.

This release of Cisco IOS software supports the following functionality in relation to the MPLS LDP MIB:

Generation and sending of event notification messages to signal changes in the status of LDP sessions.

Enabling and disabling of event notification messages by means of extensions to existing SNMP command-line interface (CLI) commands.

Specification of the name or the IP address of an NMS workstation in the operating environment to which Cisco IOS event notification messages are to be sent to serve network administrative and management purposes.

Storage of the configuration that pertains to an event notification message into the NVRAM of the NMS.

The structure of the MPLS LDP MIB conforms to Abstract Syntax Notation One (ASN.1), thereby forming a highly structured and idealized database of network management objects.

Using any standard SNMP application, you can retrieve and display information from the MPLS LDP MIB by means of standard SNMP GET operations; similarly, you can traverse and display information in the MIB by means of SNMP GETNEXT operations.


Note Because the MPLS LDP MIB was not given an Internet Assigned Numbers Authority (IANA) Experimental object identifier (OID) at the time of its implementation, Cisco chose to implement the MIB under the Cisco Experimental OID number, as follows:

ciscoExperiment 1.3.6.1.4.1.9.10
mplsLdpMIB 1.3.6.1.4.1.9.10.65

If the MPLS LDP MIB is assigned an IANA Experimental OID number, Cisco will deprecate all objects in the MIB under the ciscoExperimental OID and reposition the objects under the IANA Experimental OID.


For more information about the MPLS LDP MIB, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/ldpmb2.htm

MPLS Label Switching Router MIB

Supported platforms: Cisco 7200 series, Cisco 7500 series

The Multiprotocol label Switching (MPLS) label switch router (LSR) MIB (MPLS LSR MIB) allows you to use the Simple Network Management Protocol (SNMP) to remotely monitor an LSR that is using the MPLS technology. The MPLS LSR MIB mirrors the Cisco Label Switching subsystem, specifically, the LSR management information that is provided by the Label Forwarding Information Base (LFIB).

The MPLS LSR MIB contains managed objects that support the retrieval of label switching information from a router and is based on Revision 05 of the IEFT MPLS LSR MIB. This implementation enables a network administrator to get information on the status, character, and performance of the following:

MPLS capable interfaces on the LSR

Incoming MPLS segments (labels) to an LSR and their associated parameters

Outgoing segments (labels) at an LSR and their associated parameters

In addition, the network manager can retrieve the status of cross-connect entries that associate MPLS segments with each other.

For more information about the MPLS LSR MIB, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fslsrm2s.htm

MPLS Traffic Engineering (TE) Features

The following sections describe various Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) features.

MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels

Supported platforms: Cisco 7200 series, Cisco 7500 series

Traffic engineering automatic bandwidth adjustment provides the means to automatically adjust the bandwidth allocation for traffic engineering tunnels on the basis of their measured traffic load.

Traffic engineering autobandwidth samples the average output rate for each tunnel marked for automatic bandwidth adjustment. For each marked tunnel, it periodically (for example, once per day) adjusts the tunnel's allocated bandwidth to be the largest sample for the tunnel since the last adjustment.

The frequency with which tunnel bandwidth is adjusted and the allowable range of adjustments is configurable on a per-tunnel basis. In addition, the sampling interval and the interval over which to average tunnel traffic to obtain the average output rate are user-configurable on a per-tunnel basis.

For more information about the MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsbandaj.htm

MPLS Traffic Engineering (TE)—Configurable Path Calculation Metric for Tunnels

Supported platforms: Cisco 7200 series, Cisco 7500 series

When Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) is configured in a network, the Interior Gateway Protocol (IGP) floods two metrics for every link: the normal IGP (Open Shortest Path First [OSPF] or Intermediate System-to-Intermediate System [IS-IS]) link metric and a TE link metric. The IGP uses the IGP link metric in the normal way to compute routes for destination networks. In previous releases, MPLS TE used the TE link metric to calculate and verify paths for TE tunnels. When the traffic engineering metric was not explicitly configured, the traffic engineering metric was the IGP metric.

The current enhancement enables you to control the metric used in path calculation for TE tunnels on a per-tunnel basis. It allows you to specify that the path calculation for a given tunnel be based on either of the following:

IGP link metrics.

TE link metrics, which you can configure so that they represent the needs of a particular application. For example, the TE link metrics can be configured to represent link transmission delay.

For more information about the MPLS Traffic Engineering (TE)—Configurable Path Calculation Metric for Tunnels feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsmetric.htm

MPLS Traffic Engineering—Diff-Serv Aware (DS-TE)

Supported platforms: Cisco 7200 series, Cisco 7500 series

Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) allows constraint-based routing of IP traffic. One of the constraints satisfied by constraint-based routing (CBR) is the availability of required bandwidth over a selected path. Diff-Serv Aware Traffic Engineering (DS-TE) extends MPLS TE to enable you to perform CBR of "guaranteed" traffic, which satisfies a more restrictive bandwidth constraint than that satisfied by CBR for regular traffic. The more restrictive bandwidth is termed a sub-pool, while the regular TE tunnel bandwidth is called the global pool. (The sub-pool is a portion of the global pool.) This ability to satisfy a more restrictive bandwidth constraint translates into an ability to achieve higher quality of service (QoS) performance (in terms of delay, jitter, or loss) for the guaranteed traffic.

For example, DS-TE can be used to ensure that traffic is routed over the network so that, on every link, there is never more than 40 percent (or any assigned percentage) of the link capacity of guaranteed traffic (for example, voice), while there can be up to 100 percent of the link capacity of regular traffic. Assuming QoS mechanisms are also used on every link to queue guaranteed traffic separately from regular traffic, it then becomes possible to enforce separate "overbooking" ratios for guaranteed and regular traffic. (In fact, for the guaranteed traffic it becomes possible to enforce no overbooking at all—or even an underbooking—so that very high QoS can be achieved end-to-end for that traffic, even while for the regular traffic a significant overbooking continues to be enforced.)

Also, through the ability to enforce a maximum percentage of guaranteed traffic on any link, the network administrator can directly control the end-to-end QoS performance parameters without having to rely on over-engineering or on expected shortest path routing behavior. This is essential for transport of applications that have very high QoS requirements (such as real-time voice, virtual IP leased line, and bandwidth trading), where over-engineering cannot be assumed everywhere in the network.

DS-TE involves extending the Open Shortest Path First (OSPF) routing protocol, so that the available sub-pool bandwidth at each preemption level is advertised in addition to the available global pool bandwidth at each preemption level. And DS-TE modifies CBR to take this more complex advertised information into account during path computation.

DS-TE enables service providers to perform separate admission control and separate route computation for discrete subsets of traffic (for example, voice and data traffic).

Therefore, by combining DS-TE with other Cisco IOS features such as QoS, the service provider can do the following:

Develop QoS services for end customers on the basis of signaled rather than provisioned QoS.

Build the higher-revenue generating "strict-commitment" QoS services, without over-provisioning.

Offer virtual IP leased-line, Layer 2 service emulation and point-to-point guaranteed bandwidth services including voice-trunking.

Use the scalability properties offered by MPLS.

For more information about the DS-TE feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fs_diff.htm

MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion

Supported platforms: Cisco 7200 series, Cisco 7500 series

The MPLS Traffic Engineering (TE) IP Explicit Address Exclusion feature provides a means to exclude a link or node from the path for a Multiprotocol Label Switching (MPLS) traffic engineering label-switched path (LSP).

The feature is accessible via the ip explicit-path command that allows you to create an IP explicit path and enter a configuration submode for specifying the path. The feature adds to the submode commands the exclude-address command for specifying addresses to exclude from the path.

If the exclude-address for an MPLS traffic engineering LSP identifies a flooded link, the constraint-based shortest path first (CSPF) routing algorithm does not consider that link when it computes paths for the LSP. If the exclude-address specifies a flooded MPLS traffic engineering router ID, the CSPF routing algorithm does not allow paths for the LSP to traverse the node that is identified by the router ID.

For more information about the MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion feature, see the Cisco document at the following location:

http://www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_te_expl_address_ps6017_TSD_Products_Configuration_Guide_Chapter.html

MPLS Traffic Engineering (TE) MIB

Supported platforms: Cisco 7200 series, Cisco 7500 series

The Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) MIB (MPLS TE MIB) enables a standardized, Simple Network Management Protocol (SNMP)-based approach to managing the MPLS traffic engineering features in Cisco IOS software. Providing this capability requires SNMP agent code implementation of the MPLS TE MIB.

The MPLS TE MIB is based on the Internet Engineering Task Force (IETF) draft MIB entitled "draft-ietf-mpls-te-mib-05.txt," which includes objects describing features that support MPLS traffic engineering. This IETF draft MIB, which undergoes revisions from time to time, is being evolved toward becoming a standard. Accordingly, the Cisco implementation of the MPLS TE MIB is expected to track the evolution of the IETF draft MIB.

Slight differences between the IETF draft MIB and the implementation of the traffic engineering capabilities within Cisco IOS software require some minor translations between the MPLS TE MIB and the internal data structures of Cisco IOS software. These translations are accomplished by means of the SNMP agent code that is installed and operating on various hosts within the network. This SNMP agent code, running in the background as a low priority process, provides a management interface to Cisco IOS software.

The SNMP objects defined in the MPLS TE MIB can be viewed by any standard SNMP utility. All MPLS TE MIB objects are based on the IETF draft MIB; accordingly, no specific Cisco SNMP application is required to support the functions and operations that pertains to the MPLS TE MIB.

The following functionality is supported in the MPLS TE MIB:

The ability to generate and queue notification messages that signal changes in the operational status of MPLS traffic engineering tunnels.

Extensions to existing SNMP command-line interface (CLI) commands that provide the ability to enable, disable, and configure notification messages for MPLS traffic engineering tunnels.

The ability to specify the name or the IP address of a network management system (NMS) in the operating environment to which notification messages are to be sent.

The ability to write notification configurations into non-volatile memory.

For more information about the MPLS TE MIB, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/temib2.htm

MPLS Traffic Engineering (TE)—Scalability Enhancements

Supported platforms: Cisco 7200 series, Cisco 7500 series

Implementation of Multiprotocol Label Switching (MPLS) traffic engineering scalability has been improved so that scalability performs better for large numbers of traffic engineering tunnels. These improvements enable the following:

An increase in the number of traffic engineering tunnels that a router can support when acting as a tunnel headend and when acting as a tunnel midpoint.

A reduction in the time required to establish large numbers of traffic engineering tunnels.

User-observable scalability enhancements include the following:

Pacing for Resource Reservation Protocol (RSVP) messages.

Signaling and management for MPLS traffic engineering tunnels.

Controlling Intermediate System-to-Intermediate System (IS-IS) and MPLS traffic engineering topology database interactions.

Improved diagnostic capabilities for MPLS traffic engineering and RSVP signaling.

Pacing for RSVP Messages

A burst of RSVP traffic engineering signaling messages can overflow the input queue of a receiving router, causing some messages to be dropped. Dropped messages cause a substantial delay in completing label-switched path (LSP) signaling.

A new mechanism controls the transmission rate for RSVP messages and reduces the likelihood of input drops on the receiving router. The default transmission rate is 200 RSVP messages per second to a given neighbor. The rate is configurable.

Signaling and Management for MPLS Traffic Engineering Tunnels

The following changes improve the responsiveness of LSP recovery when a link used by an LSP fails:

When the upstream end of a failed link detects the failure, it generates an RSVP No Route path error message. This enables the LSP headend to detect the link failure and initiate recovery, even when the Interior Gateway Protocol (IGP) update that announces the link failure is delayed.

The LSP headend marks the link in question so that subsequent constraint-based shortest path first (SPF) calculations ignore the link until either a new IGP update arrives or a configurable timeout occurs. This ensures that resignaling to restore the LSP avoids the failed link.

Controlling IS-IS and MPLS Traffic Engineering Topology Database Interactions

The delay between when the IS-IS protocol receives an IGP update and when it delivers the update to the MPLS traffic engineering topology database has been reduced in most situations.

Previously, when IS-IS received a new LSP that contained traffic engineering type, length, and value (TLV) objects, a delay of several seconds could occur before IS-IS passed the traffic engineering TLVs to the traffic engineering database. The purpose of the delay was to provide better scalability during periods of network instability and to give the router an opportunity to receive more fragments of the LSP before passing the information to the traffic engineering database. However, this delay increased the convergence time for the traffic engineering database.

Now IS-IS extracts traffic engineering TLVs from received LSPs and passes them to the traffic engineering database immediately. The exception to this occurs when there are large numbers of LSPs to process and it is important to limit CPU consumption, such as during periods of network instability.

The arguments that control IS-IS delivery of traffic engineering TLVs to the traffic engineering topology database are configurable.

Improved Diagnostic Capabilities for MPLS Traffic Engineering and RSVP Signaling

The following enhancements improve diagnostic and troubleshooting capabilities for MPLS traffic engineering and RSVP:

Counters record tunnel headend error events such as no route (link down), preemption, and insufficient bandwidth on a per-tunnel basis.

Counters record RSVP messages. The counters are per-interface and record the number of RSVP messages of each type sent and received on the interface.

More Information

For more information about the MPLS Traffic Engineering (TE)—Scalability Enhancements feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fssclenh.htm

MPLS VPN Features

The following sections describe various Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) features.

MPLS Virtual Private Networks

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The IP Virtual Private Network (VPN) feature for Multiprotocol Label Switching (MPLS) allows a Cisco IOS network to deploy scalable IP version 4 (IPv4) Layer 3 VPN backbone services. An IP VPN is the foundation that companies use for deploying or administering value-added services including applications and data hosting network commerce, and telephony services to business customers. In private LANs, IP-based intranets have fundamentally changed the way companies conduct their business. Companies are moving their business applications to their intranets to extend over a WAN. Companies are also embracing the needs of their customers, suppliers, and partners by using extranets (an intranet that encompasses multiple businesses). With extranets, companies reduce business process costs by facilitating supply-chain automation, electronic data interchange (EDI), and other forms of network commerce. To take advantage of this business opportunity, service providers must have an IP VPN infrastructure that delivers private network services to businesses over a public infrastructure.

MPLS VPNs offer the following benefits:

A platform for rapid deployment of additional value-added IP services, including intranets, extranets, voice, multimedia, and network commerce.

Privacy and security equal to that provided by Layer 2 VPNs by limiting the distribution of VPN routes to only those routers that are members of the VPN seamless integration with customer intranets.

Increased scalability over current VPN implementations, with thousands of sites per VPN and hundreds of thousands of VPNs per service provider IP class of service (CoS), with support for multiple classes of service and priorities within VPNs, as well as between VPNs.

Management of VPN membership and provisioning of new VPNs for rapid deployment.

Scalable any-to-any connectivity for extended intranets and extranets that encompass multiple businesses.

For more information about the MPLS Virtual Private Networks feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsmvpns.htm

MPLS VPN Carrier Supporting Carrier

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

Carrier supporting carrier is a term that is used to describe a situation in which one service provider allows another service provider to use a segment of its backbone network. The service provider that provides the segment of the backbone network to the other provider is called the backbone carrier. The service provider that uses the segment of the backbone network is called the customer carrier.

The carrier supporting carrier feature enables one Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN)-based service provider to allow other service providers, such as Internet service providers (ISPs) or a Border Gateway Protocol (BGP)/MPLS VPN service providers, to use a segment of its backbone network.

For more information about the MPLS VPN Carrier Supporting Carrier feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fs2scsc.htm

MPLS VPN Carrier Supporting Carrier—IPv4 BGP Label Distribution

Supported platforms: Cisco 7200 series, Cisco 7500 series

The MPLS VPN Carrier Supporting Carrier—IPv4 BGP Label Distribution feature enables you to configure your carrier supporting carrier network to enable Border Gateway Protocol (BGP) to transport routes and Multiprotocol Label Switching (MPLS) labels between the backbone carrier provider edge (PE) routers and the customer carrier customer edge (CE) routers. The backbone carrier offers BGP and MPLS Virtual Private Network (VPN) services. The customer carrier can be either of the following:

An Internet service provider (ISP) with an IP core

An MPLS service provider with or without VPN services

Previously you had to use Label Distribution Protocol (LDP) and an Internal Gateway Protocol (IGP) between PE and CE routers to achieve the same goal. Using BGP to distribute IPv4 routes and MPLS label routes has the following benefits:

BGP takes the place of an IGP and LDP. You can use BGP to distribute routes and MPLS labels. Using a single protocol instead of two simplifies the configuration and troubleshooting.

BGP is the preferred routing protocol for connecting two ISPs, mainly because of its routing policies and ability to scale. ISPs commonly use BGP between two providers. This feature enables those ISPs to use BGP.

For more information about the MPLS VPN Carrier Supporting Carrier—IPv4 BGP Label Distribution feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fscsclbl.htm

MPLS VPN ID

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

Using the MPLS VPN ID feature, you can identify Virtual Private Networks (VPNs) by a VPN identification (ID) number, as described in RFC 2685. This implementation of the MPLS VPN ID feature is used for identifying a VPN. The MPLS VPN ID feature is not used to control the distribution of routing information or to associate IP addresses with Multiprotocol Label Switching (MPLS) VPN ID numbers in routing updates.

Multiple VPNs can be configured in a router. You can use a VPN name (a unique ASCII string) to reference a specific VPN configured in the router. Alternately, you can use a VPN ID to identify a particular VPN in the router. The VPN ID follows a standard specification (RFC 2685). To ensure that the VPN has a consistent VPN ID, assign the same VPN ID to all the routers in the service provider network that services that VPN.

You can use several applications, such as RADIUS and Dynamic Host Configuration Protocol (DHCP), to manage VPNs by VPN ID.


Note Configuration of a VPN ID for a VPN is optional. You can still use a VPN name to identify configured VPNs in the router. The VPN name is not affected by the VPN ID configuration. The VPN name and the VPN ID configuration are two independent mechanisms to identify VPNs.


For more information about the MPLS VPN ID feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/vpnid2.htm

MPLS VPN Inter-AS—IPv4 BGP Label Distribution

Supported platforms: Cisco 7200 series, Cisco 7500 series

The MPLS VPN Inter-AS—IPv4 BGP Label Distribution feature enables you to set up a Virtual Private Network (VPN) service provider (SP) network to exchange IPv4 routes with Multiprotocol Label Switching (MPLS) labels. You can configure the VPN service provider network as follows:

Route reflectors exchange VPNv4 routes, using multihop, multiprotocol External Border Gateway Protocol (EBGP). This configuration also preserves the next hop information and the VPN labels across the autonomous systems.

A local provider edge (PE) router needs to know the routes and label information for the remote PE router. This information can be exchanged between the PE routers and autonomous system boundary routers (ASBRs) in one of two ways:

Internal Gateway Protocol (IGP) and Label Distribution Protocol (LDP): the ASBR can redistribute the IPv4 routes and MPLS labels that it learned from EBGP into IGP and LDP and vice versa.

Internal Border Gateway Protocol (IBGP) IPv4 label distribution: the ASBR and PE router can use direct IBGP sessions to exchange VPNv4 and IPv4 routes and MPLS labels.

Alternatively, if you enable the ASBR to exchange IPv4 routes and MPLS labels with the route reflector, the route reflector can reflect the IPv4 routes and MPLS labels learned from the ASBR to the PE routers in the VPN. The route reflector also reflects the VPNv4 routes to the PE routers in the VPN (as mentioned in the first bullet). Using the route reflectors to store the VPNv4 routes and forward them through the PE routers and ASBRs allows for a scalable configuration.

ASBRs exchange IPv4 routes and MPLS labels for the PE routers, using EBGP.

Using Border Gateway Protocol (BGP) to distribute IPv4 routes and MPLS label routes has the following benefits:

Improved scalability because the route reflectors store VPNv4 routes.

Ability to enable a non-VPN core network to act as a transit network for VPN traffic.

Elimination of the need for any other LDP between adjacent label switch routers (LSRs).

For more information about the MPLS VPN Inter-AS—IPv4 BGP Label Distribution feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fscsclbl.htm

MPLS VPN—SNMP MIB Support

Supported platforms: Cisco 7200 series, Cisco 7500 series

Simple Network Management Protocol (SNMP) agent code that is operating in conjunction with the Provider-Provisioned Virtual Private Network (PPVPN) Multiprotocol Label Switching (MPLS) VPN MIB (PPVPN MPLS VPN MIB) enables a standardized, SNMP-based approach in managing MPLS VPNs in Cisco IOS software.

The PPVPN MPLS VPN MIB is based on the Internet Engineering Task Force (IETF) draft MIB "draft-ietf-ppvpn-mpls-vpn-mib-03.txt," which includes objects describing features that support MPLS VPN events. This IETF draft MIB, which undergoes revisions from time to time, is evolving toward becoming a standard. The Cisco implementation of features of the PPVPN MPLS VPN MIB is expected to track the evolution of the IETF draft MIB and may change accordingly.

Some slight differences between the IETF draft MIB and the actual implementation of MPLS VPNs within Cisco IOS software require some minor translations between the PPVPN MPLS VPN MIB and the internal data structures of Cisco IOS software. These translations are accomplished by means of the SNMP agent code. Also, while running as a low priority process, the SNMP agent provides a management interface to Cisco IOS software. SNMP adds little overhead to the normal functions of the device.

The SNMP objects that are defined in the PPVPN MPLS VPN MIB can be viewed by any standard SNMP utility. The network administrator can retrieve information in the PPVPN MPLS VPN MIB using standard SNMP get and getnext operations for SNMP v1, v2, and v3.

All PPVPN-MPLS-VPN MIB objects are based on the IETF draft MIB; thus, no specific Cisco SNMP application is required to support the functions and operations that pertain to the PPVPN MPLS VPN MIB features.

In Cisco IOS Release 12.2(14)S, the PPVPN MPLS VPN MIB provides you with the ability to do the following:

Gather routing and forwarding information for MPLS VPNs on a router.

Expose information in the VPN routing/forwarding (VRF) routing table.

Gather information on Border Gateway Protocol (BGP) configuration related to VPNs and VRF interfaces and statistics.

Emit notification messages that signal changes when critical MPLS VPN events occur.

Enable, disable, and configure notification messages for MPLS VPN events by using extensions to existing SNMP command-line interface (CLI) commands.

Specify the IP address of a network management system (NMS) in the operating environment to which notification messages are sent.

Write notification configurations into nonvolatile memory.

For more information about the MPLS VPN—SNMP MIB Support feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsvnmb2s.htm

Multicast-VPN—IP Multicast Support for MPLS VPNs

Supported platforms: Cisco 7200 series, Cisco 7500 series

The Multicast-VPN—IP Multicast Support for MPLS VPNs feature enables a service provider to configure and support multicast traffic in a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) environment. This feature supports routing and forwarding of multicast packets for each individual VPN routing and forwarding (VRF) instance, and it also provides a mechanism to transport VPN multicast packets across the service provider backbone.

The Multicast-VPN—IP Multicast Support for MPLS VPNs feature in Cisco IOS software provides the ability to support the multicast feature over a Layer 3 VPN. As enterprises extend the reach of their multicast applications, service providers can accommodate these enterprises over their MPLS core network. IP multicast is used to stream video, voice, and data to an MPLS VPN network core.

A VPN is network connectivity across a shared infrastructure, such as an internet service provider (ISP). Its function is to provide the same policies and performance as a private network, at a reduced cost of ownership, thus creating many opportunities for cost savings through operations and infrastructure.

Historically, IP in IP generic route encapsulation (GRE) tunnels was the only way to connect through a service provider network. Although such tunneled networks tend to have scalability issues, they represent the only means of passing IP multicast traffic through a VPN.

MPLS was derived from tag switching and various other vendor methods of IP-switching support enhancements in the scalability and performance of IP-routed networks by combining the intelligence of routing with the high performance of switching. MPLS is now used for VPNs, which is an appropriate combination because MPLS decouples information used for forwarding of the IP packet (the label) from the information carried in the IP header.

A Multicast-VPN allows an enterprise to transparently interconnect its private network across the network backbone of a service provider. The use of a Multicast-VPN to interconnect an enterprise network in this way does not change the way that enterprise network is administered, nor does it change general enterprise connectivity.

Because MPLS VPNs support only unicast traffic connectivity, deploying the Multicast-VPN feature in conjunction with MPLS VPN allows service providers to offer both unicast and multicast connectivity to MPLS VPN customers.

For more information about the Multicast-VPN—IP Multicast Support for MPLS VPNs feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fs_mvpn.htm

Multilink Frame Relay (FRF.16)

Supported platforms: Cisco 7200 series, Cisco 7400 series

The Multilink Frame Relay (FRF.16) feature introduces functionality that is based on the Frame Relay Forum's Multilink Frame Relay UNI/NNI Implementation Agreement (FRF.16). This feature provides a cost-effective way to increase bandwidth for particular applications by enabling multiple serial links to be aggregated into a single bundle of bandwidth. Multilink Frame Relay is supported on User-Network Interfaces (UNI) and Network-to-Network Interfaces (NNIs) in Frame Relay networks.

For more information about the Multilink Frame Relay feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fs_mfr.htm

Multilink PPP Minimum Links Mandatory

Supported platforms: Cisco 7200 series, Cisco 7500 series

Multilink PPP (MLP) allows for the establishing of multiple PPP links in parallel to the same destination. This is often used with dialup lines or ISDN connections to easily increase the amount of bandwidth between points.

With the introduction of the Multilink PPP Minimum Links Mandatory feature, you can configure the minimum number of links in an MLP bundle required to keep that bundle active by entering the multilink min-links links mandatory command. When you configure this command, all Network Control Protocols (NCPs) for an MLP bundle are disabled until the MLP bundle has the required minimum number of links. When a new link is added to the MLP bundle that brings the number of links up to the required minimum number of links, the NCPs are activated for the MLP bundle. When a link is removed from an MLP bundle, and the number of links falls below the required minimum number of links for that MLP bundle, the NCPs are disabled for that MLP bundle.

For more information about the Multilink PPP Minimum Links Mandatory feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121e/121e11/12e_mlp.htm

NetFlow Features

The following sections describe various NetFlow features.

NetFlow Multiple Export Destinations

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The NetFlow Multiple Export Destinations feature enables configuration of multiple destinations of the NetFlow data. With this feature enabled, two identical streams of NetFlow data are sent to the destination host. Currently, the maximum number of export destinations allowed is two. The NetFlow Multiple Export Destinations feature is available only if NetFlow is configured.

For more information about the NetFlow Multiple Export Destinations feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s19/12s_mdnf.htm

NetFlow Subinterface Support

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The NetFlow Subinterface Support feature provides the ability to enable NetFlow on a per-subinterface basis. In a scenario in which your network contains thousands of subinterfaces and you want to collect export records for only a few interfaces, you can fine-tune your collection of data to only specified subinterfaces. The result is a lower bandwidth requirement for NetFlow Data Export (NDE) and reduced platform requirements for NetFlow data collection devices.

For more information about the NetFlow Subinterface Support feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fs_nfsub.htm

NetFlow ToS-Based Aggregation

Supported platforms: Cisco 7200 series, Cisco 7200 series, Cisco 7500 series

The NetFlow ToS-Based Router Aggregation feature provides the ability to enable limited router-based type of service (ToS) aggregation of NetFlow Export data, which results in summarized NetFlow Export data to be exported to a collection device. The results are lower bandwidth requirements for NetFlow Export data and reduced platform requirements for NetFlow data collection devices.

For more information about the NetFlow ToS-Based Router Aggregation feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s15/dtnfltos.htm

Network-Based Application Recognition

Supported platform: Cisco 7200 series

Network-Based Application Recognition (NBAR) allows you to add intelligent network classification to network infrastructures. NBAR is a classification engine that recognizes a wide variety of applications, including web-based and other difficult-to-classify protocols that utilize dynamic TCP/UDP port assignments. When an application is recognized and classified by NBAR, a network can invoke services for that specific application.

NBAR ensures that network bandwidth is used efficiently by working with quality of service (QoS) features to provide the following:

Guaranteed bandwidth

Bandwidth limits

Traffic shaping

Packet coloring

Packet marking

In addition, NBAR supports the following:

Citrix, including matching on Citrix application name.

Novadigm and Printer protocols.

Subport classification of HTTP traffic by host name. You can classify HTTP traffic by web server names. To perform a match on the host-name portion of the URL, use the new Host matching criteria.

For more information about the NBAR feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsnbarad.htm

Network-Based Application Recognition RTP Payload Classification

Supported platforms: Cisco 7200 series, Cisco 7500 series that are VIP-enabled


Note The Network-Based Application Recognition RTP Payload Classification feature is also referred to as NBAR Heuristics and NBAR Heuristics Matching.


The RTP Payload Type Matching enhancement has been added to the Network-Based Application Recognition (NBAR) feature. With the addition of NBAR RTP Payload Type Matching, Real-Time Transport Protocol (RTP) traffic can now be classified as a protocol within the modular quality of service command-line interface (MQC) framework.

For additional information about the NBAR feature, including NBAR RTP Payload Type Matching, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsnbarad.htm

OSPF Features

The following sections describe various Open Shortest Path First (OSPF) features.

OSPF Sham-Link Support for MPLS VPN

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series


Note The OSPF Sham-Link Support for MPLS VPN feature is also referred to as the MPLS VPN - OSPF and Sham-Link Support feature.


In a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) configuration, the Open Shortest Path First (OSPF) protocol is one way you can connect customer edge (CE) routers to service provider edge (PE) routers in the VPN backbone. OSPF is often used by customers who run OSPF as their intrasite routing protocol, subscribe to a VPN service, and want to exchange routing information between their sites using OSPF (during migration or on a permanent basis) over an MPLS VPN backbone.

Using an OSPF sham-link in an MPLS VPN has the following benefits:

Client site connection across the MPLS VPN backbone: a sham-link overcomes the OSPF default behavior for selecting an intra-area backdoor route between VPN sites instead of an interarea (PE-to-PE) route. A sham-link ensures that OSPF client sites that share a backdoor link can communicate over the MPLS VPN backbone and participate in VPN services.

Flexible routing in an MPLS VPN configuration: nn an MPLS VPN configuration, the OSPF cost configured with a sham-link allows you to decide if OSPF client site traffic will be routed over a backdoor link or through the VPN backbone.

For more information about the OSPF Sham-Link Support for MPLS VPN feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/shamlink.htm

OSPF Shortest Paths First Throttling

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The OSPF Shortest Paths First Throttling feature makes it possible to configure Shortest Paths First (SPF) scheduling in intervals of milliseconds and to delay SPF calculations during network instability. SPF calculates the Shortest Path Tree (SPT) when there is a change in topology. One SPF run may include multiple topology change events.

The interval at which SPF runs is dynamically chosen, based on the frequency of topology changes. However, this automatically selected interval is still within the range of values that are defined by the user. If the network topology is unstable, SPF throttling calculates SPF scheduling intervals to be of longer duration until the network topology becomes stable again.

For more information about the OSPF Shortest Paths First Throttling feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsspftrl.htm

OSPF Stub Router Advertisement

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The OSPF Stub Router Advertisement feature allows you to bring a new router into a network without immediately routing traffic through the new router and allows you to gracefully shut down or reload a router without dropping packets that are destined for other networks. This feature introduces three configuration options that allow you to configure a router that is running the Open Shortest Path First (OSPF) protocol to advertise a maximum or infinite metric to all neighbors.

When any of these three configuration options are enabled on a router, the router will originate link-state advertisements (LSAs) with a maximum metric (LSInfinity: 0xFFFF) through all nonstub links. The advertisement of a maximum metric causes other routers to assign a cost to this router that is higher than the cost of using an alternate path. Because of the high cost that is assigned to paths that pass through this router, other routers will not use a path through this router as a transit path to forward traffic that is destined for other networks, allowing switching and routing functions to be up and running and routing tables to converge before transit traffic is routed through this router.


Note Directly connected links in a stub network are not affected by the configuration of a maximum or infinite metric because the cost of a stub link is always set to the output interface cost.


For more information about the OSPF Stub Router Advertisement feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsospfau.htm

OSPF Support for Multi-VRF on CE Routers

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The OSPF Support for Multi-VRF on CE Routers feature provides the capability of suppressing provider edge (PE) checks. The checks are needed to prevent loops when the PE is performing a mutual redistribution of packets between Open Shortest Path First (OSPF) and Border Gateway Protocol (BGP). When Virtual Private Network routing/forwarding (VRF) is used on a router that is not a PE (that is, one that is not running BGP), the checks can be turned off to allow for correct population of the VRF routing table with routes to IP prefixes.

The OSPF Support for Multi-VRF on CE Routers feature allows you to split the router into multiple virtual routers, where each contains its own set of interfaces, routing table, and forwarding table. On the basis of routing information that is stored in the VRF IP routing table and VRF Cisco Express Forwarding (CEF) table, packets are forwarded to their destination using Multiprotocol Label Switching (MPLS).

The OSPF Support for Multi-VRF on CE Routers feature gives you the ability to segment or single out parts of your network and to configure those segments to perform specific functions, yet still maintaining correct routing information.

For more information about the OSPF Support for Multi-VRF on CE Routers feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/ospfvrfl.htm

OSPF Update Packet-Pacing Configurable Timers

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

In rare situations, you might need to change Open Shortest Path First (OSPF) packet-pacing default timers to mitigate CPU or buffer utilization issues that are associated with flooding large numbers of link-state advertisements (LSAs). The OSPF Update Packet-Pacing Configurable Timers feature allows you to configure the rate at which OSPF LSA flood pacing, retransmission pacing, and group pacing updates occur.

Configuring OSPF flood pacing timers allows you to control interpacket spacing between consecutive link-state update packets in the OSPF transmission queue. Configuring OSPF retransmission pacing timers allows you to control interpacket spacing between consecutive link-state update packets in the OSPF retransmission queue. Cisco IOS software groups the periodic refresh of LSAs to improve the LSA packing density for the refreshes in large topologies. The group timer controls the interval that is used for group LSA refreshment; however, this timer does not change the frequency at which individual LSAs are refreshed (the default refresh occurs every 30 minutes).


Note The default settings for OSPF packet pacing timers are suitable for the majority of OSPF deployments. You should change the default timers only as a last resort.


For more information about the OSPF Update Packet-Pacing Configurable Timers feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsospfct.htm

Per-VC Queueing for ATM

Supported platforms: Cisco 7200 series, Cisco 7400 series

The Cisco IOS quality of service (QoS) software includes queueing mechanisms such as low latency queueing (LLQ), weighted fair queueing (WFQ) and class-based WFQ (CBWFQ). These mechanisms are typically configured at the interface level, the subinterface level, or the per-virtual circuit (VC) level. With the Per-VC Queueing for ATM feature, these queueing mechanisms are configured at the per-VC level using Parallel Express Forwarding (PXF).

When configuring CBWFQ and LLQ on a per-VC level using PXF, the following functionality is not supported:

Classifying traffic based on MAC address, QoS groups, input interfaces, or Multiprotocol Label Switching (MPLS) experimental (EXP) value.

Queueing Frame Relay class maps.

Configuring hierarchical policy maps.


Note PXF does not include support for VC bundles. If VC bundles are configured in the Per-VC Queueing for ATM feature, PXF will not be used as the packet forwarding mechanism. Instead, Cisco Express Forwarding (CEF) will be used.


PIM Features

The following sections describe various Protocol Independent Multicast (PIM) features.

Multicast Subsecond Convergence

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The Multicast Subsecond Convergence feature comprises a comprehensive set of features and protocol enhancements that provide for improved scalability and convergence in multicast-based services. This feature set provides for the ability to scale to larger services levels and to recover multicast forwarding after service failure in subsecond time frames.

Multicast subsecond convergence allows you to send Protocol Independent Multicast (PIM) router-query messages (PIM hellos) every few milliseconds. In earlier releases, you could send the PIM hellos every few seconds. By enabling a router to send PIM hello messages more often, this feature allows the router to discover unresponsive neighbors more quickly. As a result, the router can implement failover or recovery procedures more efficiently.

The scalability enhancements improve on the efficiency of handling increases (or decreases) in service users (receivers) and service load (sources or content). Scalability enhancements in this release include the following:

Improved Internet Group Management Protocol (IGMP) and PIM state maintenance through new timer management techniques

Improved scaling of the Multicast Source Discovery Protocol (MSDP) Source-Active (SA) cache

The scalability enhancements provide the following benefits:

Increased potential PIM multicast route (mroute), IGMP, and MSDP SA cache state capacity

Decreased CPU usage

For more information about the Multicast Subsecond Convergence feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fs_subcv.htm

PIM MIB Extension for IP Multicast

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

Protocol Independent Multicast (PIM) is an IP multicast routing protocol used for routing multicast data packets to multicast groups. The PIM MIB Extension for IP Multicast feature introduces the Cisco implementation of the PIM MIB (CISCO-PIM-MIB), which is based on RFC 2934 (Protocol Independent Multicast MIB for IPv4). The PIM MIB describes objects that enable users to remotely monitor and configure PIM using Simple Network Management Protocol (SNMP). It supports dense mode and sparse mode operations of PIM.

The Cisco implementation of the PIM MIB provides the following trap enhancements to the existing version of the PIM MIB for IPv4:

Traps for indicating when a multicast neighbor on a multicast interface is lost.

Traps for monitoring Auto-RP sessions.

Traps for monitoring the PIM protocol on PIM-enabled interfaces.

The Cisco implementation of the PIM MIB introduces the following modifications to the existing version of the PIM MIB for IPv4:

The "pimIpMRouteTable" table was added. It displays PIM-specific ipMRoute entries.

The "pimIpMRouteNextHopTable" table was added. It displays PIM-specific ipMRouteNextHop entries.

The "pimInterfaceVersion" object was deleted.

The "pimNeighborLoss" trap was added. It detects the loss of a multicast neighbor on a multicast interface.

For complete details on the Cisco implementation of the PIM MIB, see the CISCO-PIM-MIB.my file available from the Cisco MIB website on Cisco.com at the following location:

http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml

For more information about the PIM MIB Extension for IP Multicast feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fs_pmmib.htm

PIM Multicast Scalability

Supported platforms: Cisco 7200 series, Cisco 7500 series

This feature enhances the Protocol Independent Multicast (PIM) protocol in Cisco IOS software by adding a new level of scalability. With this feature, edge devices can have a large number of multicast groups and users without increasing the CPU utilization of the router.

Quality of Service Feature for Parallel Express Forwarding (PXF)

Supported platforms: Cisco 7200 VXR routers with the Cisco Network Services Engine (NSE-1) Services Accelerator, Cisco 7400 series

The Quality of Service (QoS) feature, Generic Traffic Shaping (GTS), is being introduced for Parallel Express Forwarding (PXF). Note the following points:

The shape (policy-map class) command was revised to include the following usage guideline for supporting PXF:

When configuring GTS, a maximum of 256 classes can be configured in a policy map. However, for traffic shaping to be enabled along the PXF path, the maximum number of classes that can be configured in a policy map is 64. If more than 64 classes are configured, packets switched to interfaces using the policy map will be redirected to the route processor (RP).

The shape adaptive command and the shape fecn-adapt command are not supported in the PXF path. If either command is configured, packets switched to interfaces using the policy map will be redirected to the RP.

For more information about QoS features, see the Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2, and the Cisco IOS Quality of Service Solutions Command Reference, Release 12.2 T.

Quality of Service over LAN Emulation

Supported platforms: Cisco 7200 series, Cisco 7500 series


Note The Quality of Service over LAN Emulation feature is also referred to as the Local-Area Network Emulation Quality of Service feature.


The Quality of Service over LAN Emulation feature provides the capability to differentiate multiple classes of traffic by creating virtual channel connections (VCCs) with the desired quality of service (QoS) parameters. When prioritized traffic is received, the LAN Emulation (LANE) Client (LEC) forwards this traffic on a VCC with matching QoS parameters.

Currently, LANE QoS supports the creation of Unspecified Bit Rate+ (UBR+) VCCs. A UBR+ VCC is a UBR VCC for which the minimum cell rate (MCR) is guaranteed by the switch. If the switch cannot guarantee the rate you that you have specified for the UBR+ VCC, the LEC will revert to UBR with no MCR guarantee.

You can enable or disable the LANE QoS feature on a per-LEC basis by entering the qos option in the lane client command. The same emulated LAN (ELAN) can contain both QoS-capable and non-QoS-capable LECs.

For more information about the Quality of Service over LAN Emulation feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121e/121e2/lqos.htm

Route Processor Redundancy Plus (RPR+)

Supported platform: Cisco 7500 series

The Route Processor Redundancy Plus (RPR+) feature is an enhancement to the RPR feature. RPR+ keeps Versatile Interface Processors (VIPs) or Supervisor Engines from being reset and reloaded when a switchover occurs between the active and standby Route Switch Processors (RSPs) or Supervisor Engine.

Because VIPs are not reset on the Cisco 7500 series router, microcode is not reloaded on the VIPs, the time needed to parse the configuration is eliminated, and switchover time is reduced to 30 to 40 seconds.

Feature
Switchover Time
Notes

High System Availability (HSA)

8 to 10 minutes

System default

RPR

4 to 5 minutes

VIPs and legacy interface processors supported

RPR+

30 to 40 seconds

VIPs supported1

Stateful Switchover

7 seconds

1 Legacy interface processors default to RPR. A message similar to the following is displayed during switchover:

1 %HA-2-NO_Quiesce: Slot 11 did not quiesce, it will be disabled and then reloaded.


For more information about the RPR+ redundancy feature for the Cisco 7500 series, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s22/fs22rpr.htm

RSVP Scalability Enhancements

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

Resource Reservation Protocol (RSVP) typically performs admission control, classification, policing, and scheduling of data packets on a per-flow basis and keeps a database of information for each flow. RSVP scalability enhancements let you select a resource provider (formerly called a quality of service [QoS] provider) and disable data packet classification so that RSVP performs admission control only. This facilitates integration with service provider (differentiated services [Diff-Serv]) networks and enables scalability across enterprise networks.

Class-based weighted fair queueing (CBWFQ) provides the classification, policing, and scheduling functions. CBWFQ puts packets into classes based on the differentiated services code point (DSCP) value in the packet's Internet Protocol IP header, thereby eliminating the need for per-flow state and per-flow processing.

For more information about the RSVP Scalability Enhancements feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122s/122snwft/release/122s14/fsrsvpsc.htm

SNMP Support for VLAN Subinterfaces

Supported platforms: Cisco 7200 series, Cisco 7500 series

The SNMP Support for VLAN Subinterfaces feature provides MIB-2 interfaces sparse table support for Fast Ethernet subinterfaces. This enhancement is similar to the functionality supported in Frame Relay subinterfaces.

For more information about the SNMP Support for VLAN Subinterfaces feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121e/121e7/ft_snmpv.htm

Tunnel Type of Service (ToS)

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

The Tunnel Type of Service (ToS) feature allows you to configure the ToS and Time-to-Live (TTL) byte values in the encapsulating IP header of tunnel packets for an IP tunnel interface on a router. The Tunnel ToS feature is supported on Cisco Express Forwarding (CEF), fast switching, and process switching forwarding modes.

Turbo Access Control Lists

Supported platforms: Cisco 7200 series, Cisco 7500 series

Access control lists (ACLs) are normally searched sequentially to find a matching rule, and ACLs are ordered specifically to take this factor into account. Because of the increasing needs and requirements for security filtering and packet classification, ACLs can expand to the point at which searching the ACL adds a significant amount of time and memory when packets are being forwarded. Moreover, the time taken by the router to search the list is not always consistent, adding a variable latency to the packet forwarding. A high CPU load is necessary for searching an ACL with several entries.

The Turbo Access Control Lists feature, also referred to as the Turbo ACL feature, compiles the ACLs into a set of lookup tables, while maintaining the first match requirements. Packet headers are used to access these tables in a small, fixed number of lookups, independently of the existing number of ACL entries.

The feature has the following benefits:

For ACLs larger than three entries, the CPU load required to match the packet to the predetermined packet-matching rule is lessened. The CPU load is fixed, regardless of the size of the ACL, allowing for larger ACLs without incurring any CPU overhead penalties. The larger the ACL, the greater the benefit.

The time taken to match the packet is fixed, so that latency of the packets is smaller (significantly in the case of large ACLs) and more importantly, consistent, providing better network stability and more accurate transit times.

For more information about the Turbo ACL feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121e/121e4/turbacl.htm

Virtual Router Redundancy Protocol

Supported platforms: Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

There are several ways a LAN client can determine which router should be the first hop to a particular remote destination. The client can use a dynamic process or static configuration. Examples of dynamic router discovery are as follows:

Proxy ARP—The client uses Address Resolution Protocol (ARP) to get the destination it wants to reach, and a router will respond to the ARP request with its own MAC address.

Routing protocol—The client listens to dynamic routing protocol updates (for example, from Routing Information Protocol [RIP]) and forms its own routing table.

IRDP (ICMP Router Discovery Protocol) client—The client runs an Internet Control Message Protocol (ICMP) router discovery client.

The drawback to dynamic discovery protocols is that they incur some configuration and processing overhead on the LAN client. Also, in the event of a router failure, the process of switching to another router can be slow.

An alternative to dynamic discovery protocols is to statically configure a default router on the client. This approach simplifies client configuration and processing but creates a single point of failure. If the default gateway fails, the LAN client is limited to communicating only on the local IP network segment and is cut off from the rest of the network.

The Virtual Router Redundancy Protocol (VRRP) feature can solve the static configuration problem. VRRP enables a group of routers to form a single virtual router. The LAN clients can then be configured with the virtual router as their default gateway. The virtual router, representing a group of routers, is also known as a VRRP group.

VRRP is supported on Ethernet, Fast Ethernet, and Gigabit Ethernet interfaces, and on MPLS VPNs and VLANs.

For more information about the Virtual Router Redundancy Protocol feature, see the Cisco document at the following location:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120st/120st18/st_vrrpx.htm

MIBs

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://tools.cisco.com/ITDIT/MIBS/servlet/index

If Cisco MIB Locator does not support the MIB information that you need, you can also obtain a list of supported MIBs and download MIBs from the Cisco MIBs page at the following URL:

http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml

To access Cisco MIB Locator, you must have an account on Cisco.com. If you have forgotten or lost your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will verify that your e-mail address is registered with Cisco.com. If the check is successful, account details with a new random password will be e-mailed to you. Qualified users can establish an account on Cisco.com by following the directions found at this URL:

http://tools.cisco.com/RPF/register/register.do

Limitations and Restrictions

The following sections contain information about limitations and restriction in Cisco IOS Release 12.2S that can apply to the Cisco 7200 series routers, Cisco 7301 router, Cisco 7304 routers, Cisco 7400 series routers, Cisco 7500 series routers, Cisco ONS 15530 platform, and Cisco ONS 15540 platform.

SNMP Version 1 BGP4-MIB Limitations

You may notice incorrect BGP trap OID output when you use the SNMP version 1 BGP4-MIB that is available for download at http://tools.cisco.com/ITDIT/MIBS/servlet/index. When a router sends BGP traps (notifications) about state changes on an SNMP version 1 monitored BGP peer, the enterprise OID is incorrectly displayed as .1.3.6.1.2.1.15 (bgp) instead of .1.3.6.1.2.1.15.7 (bgpTraps). The problem is not due to any error with Cisco IOS software. This problem occurs because the BGP4-MIB does not follow RFC 1908 rules regarding version 1 and version 2 trap compliance. This MIB is controlled by IANA under the guidance of the IETF, and work is currently in progress by the IETF to replace this MIB with a new version that represents the current state of the BGP protocol. In the meantime, we recommend that you use the SNMP version 2 BGP4-MIB or the CISCO-BGP4-MIB to avoid an incorrect trap OID.

Important Notes

The following sections contain important notes about Cisco IOS Release 12.2  S that can apply to the Cisco 7200 series routers, Cisco 7301 router, Cisco 7304 routers, Cisco 7400 series routers, Cisco 7500 series routers, Cisco ONS 15530 platform, and Cisco ONS 15540 platform.

Deferrals

Cisco IOS software images are subject to deferral. Cisco recommends that you view the deferral notices at the following location to determine if your software release is affected:

http://www.cisco.com/kobayashi/sw-center/sw-ios-advisories.shtml

Field Notices and Bulletins

For general information about the types of documents listed in this section, see the following document:

http://www.cisco.com/warp/customer/cc/general/bulletin/software/general/index.shtml

Field Notices—We recommend that you view the field notices for this release to see if your software or hardware platforms are affected. If you have an account with Cisco.com, you can find field notices at http://www.cisco.com/kobayashi/support/tac/fn_index.html. If you do not have a Cisco.com login account, you can find field notices at http://www.cisco.com/public/support/tac/fn_index.html.

Product Bulletins—If you have an account with Cisco.com, you can find product bulletins at http://www.cisco.com/warp/customer/cc/general/bulletin/index.shtml. If you do not have a Cisco.com login account, you can find product bulletins at http://www.cisco.com/warp/public/cc/general/bulletin/iosw/index.shtml.

Important Notes for Cisco IOS Release 12.2(25)S15

This section describes important issues that you should be aware of for Cisco IOS Release 12.2(25)S15.

NBAR Classification for HTTP Traffic on NPE-G100

When using a NPE-G100 to classify HTTP traffic with NBAR, the configuration is different than how it would be done on software-based platforms. To get the feature to function correctly on the NPE-G100, it requires an *action* accompanied under the class referenced in the policy-map i.e. police, set, etc. It is not enough to configure just "match protocol http". Here is a working example:

class-map match-any http

match protocol http

!

policy-map nbar_test

class http

set ip precedence 2

!

interface GigabitEthernet2

ip address 211.1.1.1 255.255.255.0

service-policy output nbar_test

!

Important Notes for Cisco IOS Release 12.2(25)S

This section describes important issues that you should be aware of for Cisco IOS Release 12.2(25)S.

High-Capacity Counters in the Output of the show interfaces Command

The counters in the output of the show interfaces command for the Cisco ONS 15530 and Cisco ONS 15540 now support a higher capacity than in previous Cisco IOS releases.

Memory Requirements for the VIP2-40 and VIP2-50

The minimum memory requirements for both a VIP2-40 and a VIP2-50 are 64 MB. These requirements apply to all Cisco IOS 12.2S releases.

Important Notes for Cisco IOS Release 12.2(22)S

This section describes important issues that you should be aware of for Cisco IOS Release 12.2(22)S.

Changes to the Output of the show version Command

The output of the show version EXEC command has been modified slightly to reflect general updates to Cisco IOS software. If you are currently using any automated tools (such as scripts) that parse the output of the show version EXEC command, you should review the new output format and make changes as needed.

Important Notes for Cisco IOS Release 12.2(20)S

This section describes important issues that you should be aware of for Cisco IOS Release 12.2(20)S.

Protocol Independent Multicast on Cisco 7304 Routers

Beginning in Cisco IOS Release 12.2(20)S, Protocol Independent Multicast (PIM) does not function on Cisco 7304 routers. This is a temporary situation that we plan on correcting as soon as we possibly can in a future Cisco IOS release.

Important Notes for Cisco IOS Release 12.2(14)S18

This section describes important issues that you should be aware of for Cisco IOS Release 12.2(14)S18.

RPR and RPR+ for the Cisco 7500 Series Routes

Cisco IOS Release 12.2(14)S18 does not support Route Processor Redundancy (RPR+) and RPR Plus (RPR)+ for the Cisco 7500 series routers.

Important Notes for Cisco IOS Release 12.2(14)S

This section describes important issues that you should be aware of for Cisco IOS Release 12.2(14)S.

Configuring MD5 Authentication for BGP Peering Sessions

This document provides general information about deploying MD5 authentication for a BGP session. You can configure MD5 authentication between two BGP peers, meaning that each segment sent on the TCP connection between the peers is verified. MD5 authentication must be configured with the same password on both BGP peers; otherwise, the connection between them will not be made. Configuring MD5 authentication causes the Cisco IOS software to generate and check the MD5 digest of every segment sent on the TCP connection. If authentication is invoked and a segment fails authentication, then an error message will be displayed in the console.

Old Behavior

In previous versions of Cisco IOS software, configuring MD5 authentication for a BGP peering session was generally considered to be difficult because the initial configuration and any subsequent MD5 configuration changes required the BGP neighbor to be reset.

New Behavior

This behavior has been changed in current versions of Cisco IOS software. CSCdx23494 (integrated in Cisco IOS release 12.2(14)S) introduced a change to MD5 authentication for BGP peering sessions. The BGP peering session does not need to be reset to maintain or establish the peering session for initial configuration or after the MD5 configuration has been changed. However, the configuration must be completed on both the local and remote BGP peer before the BGP hold timer expires. If the hold down timer expires before the MD5 configuration has been completed on both BGP peers, the BGP session will time out.

The following example enables the authentication feature between this router and the BGP neighbor at 10.108.1.1. The password that must also be configured for the neighbor is bla4u00=2nkq. The remote peer must be configured before the holddown timer expires.

router bgp 109

 neighbor 10.108.1.1 password bla4u00=2nkq

When the password has been configured, the MD5 key is applied to the tcp session immediately. If one peer is configured before the other, the TCP segments will be discarded on both the local and remote peers due to an authentication failure. The peer that is configured with the password will print an error message in the console similar to the following:

  00:03:07: %TCP-6-BADAUTH: No MD5 digest from 10.0.0.2(179) to 10.0.0.1(11000)

The time period in which the password must changed is typically the life time of a stale BGP session. When the password or MD5 key is configured, incoming TCP segments will only be accepted if the key is known. If the key is unknown on both the remote and local peer, the TCP segments will be dropped, and the BGP session will time out when the holddown timer expires.

If the BGP session has been preconfigured with a hold time of 0 seconds, no keepalive messages will be sent. The BGP session will stay up until one of the peers, on either side, tries to transmit a message (For example, a prefix update).


Note Configuring a new timer value for the holddown timer will only take effect after the session has been reset. So, it is not possible to change the configuration of the holddown timer to avoid resetting the BGP session.


PPP over MPLS Restrictions

The following restrictions pertain to the PPP over MPLS feature:

Zero hops between provider edge (PE) routers: Zero hops on one router is not supported. However, you can configure back-to-back PE routers.

Asynchronous interfaces: Asynchronous interfaces are not supported. The connections between customer edge (CE) and PE routers on both ends of the backbone must have similar link layer characteristics. The connections between the CE and PE routers must both be synchronous.

Multilink PPP: Multilink PPP (MLP) is not supported.

Distributed CEF (dCEF): On the Cisco 7500 series, distributed processing for PPP over MPLS is not supported. This restriction does not affect other features that are processed in distributed mode.

Caveats

Caveats describe unexpected behavior in Cisco IOS software releases. Severity 1 caveats are the most serious caveats; severity 2 caveats are less serious. Severity 3 caveats are moderate caveats, and only select severity 3 caveats are included in this section.

Because Cisco IOS Release 12.2S is based on Cisco IOS Release 12.2, many caveats that apply to Cisco IOS Release 12.2 also apply to Cisco IOS Release 12.2S. For information on severity 1 and 2 caveats in Cisco IOS Release 12.2, see the Caveats for Cisco IOS Release 12.2 document located on Cisco.com.

In this section, the following information is provided for each caveat:

Symptoms—A description of what is observed when the caveat occurs.

Conditions—The conditions under which the caveat has been known to occur.

Workaround—Solutions, if available, to counteract the caveat.


Note If you have an account on Cisco.com, you can also use the Bug Toolkit to find select caveats of any severity. To reach the Bug Toolkit, log in to Cisco.com and click Technical Support &
Documentation > Tools & Resources > Bug Toolkit
(which is listed under Troubleshooting). Another option is to go to http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl. (If the defect that you have requested cannot be displayed, this may be due to one or more of the following reasons: the defect number does not exist, the defect does not have a customer-visible description yet, or the defect has been marked Cisco Confidential.)


The Dictionary of Internetworking Terms and Acronyms contains definitions of acronyms that are not defined in this document:

http://www.cisco.com/univercd/cc/td/doc/cisintwk/ita/index.htm

This section consists of the following subsections:


Release 12.2(30)S and its rebuilds:

Resolved Caveats—Cisco IOS Release 12.2(30)S1

Open Caveats—Cisco IOS Release 12.2(30)S

Resolved Caveats—Cisco IOS Release 12.2(30)S


Release 12.2(25)S and its rebuilds:

Resolved Caveats—Cisco IOS Release 12.2(25)S15

Resolved Caveats—Cisco IOS Release 12.2(25)S14

Resolved Caveats—Cisco IOS Release 12.2(25)S13

Resolved Caveats—Cisco IOS Release 12.2(25)S12

Resolved Caveats—Cisco IOS Release 12.2(25)S11

Resolved Caveats—Cisco IOS Release 12.2(25)S10

Resolved Caveats—Cisco IOS Release 12.2(25)S9

Resolved Caveats—Cisco IOS Release 12.2(25)S8

Resolved Caveats—Cisco IOS Release 12.2(25)S7

Resolved Caveats—Cisco IOS Release 12.2(25)S6

Resolved Caveats—Cisco IOS Release 12.2(25)S5

Resolved Caveats—Cisco IOS Release 12.2(25)S4

Resolved Caveats—Cisco IOS Release 12.2(25)S3

Open Caveats—Cisco IOS Release 12.2(25)S2

Resolved Caveats—Cisco IOS Release 12.2(25)S2

Resolved Caveats—Cisco IOS Release 12.2(25)S1

Open Caveats—Cisco IOS Release 12.2(25)S

Resolved Caveats—Cisco IOS Release 12.2(25)S


Release 12.2(22)S and its rebuilds:

Resolved Caveats—Cisco IOS Release 12.2(22)S2

Resolved Caveats—Cisco IOS Release 12.2(22)S1

Open Caveats—Cisco IOS Release 12.2(22)S

Resolved Caveats—Cisco IOS Release 12.2(22)S


Release 12.2(20)S and its rebuilds:

Resolved Caveats—Cisco IOS Release 12.2(20)S14

Resolved Caveats—Cisco IOS Release 12.2(20)S13

Resolved Caveats—Cisco IOS Release 12.2(20)S12

Resolved Caveats—Cisco IOS Release 12.2(20)S11

Resolved Caveats—Cisco IOS Release 12.2(20)S10

Resolved Caveats—Cisco IOS Release 12.2(20)S9

Resolved Caveats—Cisco IOS Release 12.2(20)S8

Resolved Caveats—Cisco IOS Release 12.2(20)S7

Resolved Caveats—Cisco IOS Release 12.2(20)S6

Resolved Caveats—Cisco IOS Release 12.2(20)S5

Resolved Caveats—Cisco IOS Release 12.2(20)S4

Resolved Caveats—Cisco IOS Release 12.2(20)S3

Resolved Caveats—Cisco IOS Release 12.2(20)S2

Resolved Caveats—Cisco IOS Release 12.2(20)S1

Open Caveats—Cisco IOS Release 12.2(20)S

Resolved Caveats—Cisco IOS Release 12.2(20)S


Release 12.2(18)S and its rebuilds:

Resolved Caveats—Cisco IOS Release 12.2(18)S13

Resolved Caveats—Cisco IOS Release 12.2(18)S12

Resolved Caveats—Cisco IOS Release 12.2(18)S11

Resolved Caveats—Cisco IOS Release 12.2(18)S10

Resolved Caveats—Cisco IOS Release 12.2(18)S9

Resolved Caveats—Cisco IOS Release 12.2(18)S8

Resolved Caveats—Cisco IOS Release 12.2(18)S7

Resolved Caveats—Cisco IOS Release 12.2(18)S6

Resolved Caveats—Cisco IOS Release 12.2(18)S5

Resolved Caveats—Cisco IOS Release 12.2(18)S4

Resolved Caveats—Cisco IOS Release 12.2(18)S3

Resolved Caveats—Cisco IOS Release 12.2(18)S2

Resolved Caveats—Cisco IOS Release 12.2(18)S1

Open Caveats—Cisco IOS Release 12.2(18)S

Resolved Caveats—Cisco IOS Release 12.2(18)S


Release 12.2(14)S and its rebuilds:

Resolved Caveats—Cisco IOS Release 12.2(14)S19

Resolved Caveats—Cisco IOS Release 12.2(14)S18

Resolved Caveats—Cisco IOS Release 12.2(14)S17

Resolved Caveats—Cisco IOS Release 12.2(14)S16

Resolved Caveats—Cisco IOS Release 12.2(14)S15

Resolved Caveats—Cisco IOS Release 12.2(14)S14

Resolved Caveats—Cisco IOS Release 12.2(14)S13

Resolved Caveats—Cisco IOS Release 12.2(14)S12

Resolved Caveats—Cisco IOS Release 12.2(14)S10

Resolved Caveats—Cisco IOS Release 12.2(14)S9

Resolved Caveats—Cisco IOS Release 12.2(14)S7

Resolved Caveats—Cisco IOS Release 12.2(14)S5

Resolved Caveats—Cisco IOS Release 12.2(14)S3

Resolved Caveats—Cisco IOS Release 12.2(14)S2

Resolved Caveats—Cisco IOS Release 12.2(14)S1


Resolved Caveats—Cisco IOS Release 12.2(30)S1

Cisco IOS Release 12.2(30)S1 is a rebuild release for Cisco IOS Release 12.2(30)S. The caveats in this section are resolved in Cisco IOS Release 12.2(30)S1 but may be open in previous Cisco IOS releases.

Basic System Services

CSCei61732

Cisco IOS may permit arbitrary code execution after exploitation of a heap-based buffer overflow vulnerability. Cisco has included additional integrity checks in its software, as further described below, that are intended to reduce the likelihood of arbitrary code execution.

Cisco has made free software available that includes the additional integrity checks for affected customers.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20051102-timers.shtml.

Open Caveats—Cisco IOS Release 12.2(30)S

This section describes possibly unexpected behavior by Cisco IOS Release 12.2(30)S. All the caveats listed in this section are open in Cisco IOS Release 12.2(30)S. This section describes only severity 1, severity 2, and select severity 3 caveats.

Miscellaneous

CSCsb26802

Symptoms: When a client or trunk laser failure occurs, the output of the show facility-alarm status reports that a "Line laser failure detected" but does not indicate which laser has failed.

Conditions: This symptom is observed on a Cisco ONS15530 and ONS15540 when there are transparent transponders.

Workaround: There is no workaround.

CSCsb29080

Symptoms: A flapping or intermittent laser failure alarm may be reported with a 15540-TSP2 2.5-Gbps transponder module even though both the lasers are in a good state. Such a spurious alarm stops in less than 20 seconds after it has started.

Conditions This symptom is observed very rarely on a Cisco ONS15540. If the alarm stops in less than 20 seconds after it has started, the alarm is spurious and can be ignored.

Workaround: There is no workaround.

CSCsb36475

Symptoms: An FC or FICON link may not initialize correctly through a 2.5-Gbps transponder module. The interface may remain in the down state while the link LEDs flap continuously.

Conditions: This symptom is observed rarely on a Cisco ONS15530 that is configured with a 15530-TSP1-xxxx transponder module and a Cisco ONS15540 that is configured with a 15540-TSP1-xxxx or 15540-TSP2-xxxx transponder module. The transponder modules run a functional image with version 1.A3 or an earlier image. The symptom occurs when Speed Negotiation is enabled on the client device and when FLC is enabled on all transponder interfaces on the link.

Workaround: There is no workaround.

Resolved Caveats—Cisco IOS Release 12.2(30)S

All the caveats listed in this section are resolved in Cisco IOS Release 12.2(30)S. This section describes only severity 1, severity 2, and select severity 3 caveats.

Basic System Services

CSCdx38037

Symptoms: A router may reset unexpectedly with a bus error when the command- line interface (CLI) test gssapi init_sec_contxt server name command is issued.

Conditions: This symptom is observed on any platform that supports the CLI test gssapi init_sec_contxt server name command.

Workaround: Configure the kerberos local-realm kerberos-realm global configuration command.

CSCed05135

Symptoms: A Cisco platform that is configured for Kerberos authentication may crash.

Conditions: This symptom is observed when you attempt to make an encrypted Kerberized Telnet connection.

Workaround: There is no workaround.

CSCee28796

Symptoms: A Cisco 7304 may crash because of low I/O memory as a result of an IPC storm that is associated with writing the CDP multicast address to an Ethernet MAC filter.

Conditions: This symptom is observed on Cisco 7304 with an Ethernet, Fast Ethernet, or Gigabit Ethernet port adapter. However, the symptom is platform-independent and may occur on any Cisco platform.

Workaround: If CDP is not required for network management (SNMP), enter the no cdp run command in the startup configuration.

If CDP is required for network management (SNMP), enter the no cdp enable command on each interface and subinterface in the startup configuration, except for the management interfaces and subinterfaces. (There is a maximum of 10 management interfaces and subinterfaces.)

CSCee71685

Symptoms: A Cisco router may crash because of low I/O memory as a result of an IPC storm that is associated with writing the CDP multicast address to an Ethernet MAC filter.

Conditions: This symptom is observed on Cisco 7304 with an Ethernet, Fast Ethernet, or Gigabit Ethernet port adapter. However, the symptom is platform-independent and could occur on any Cisco platform.

Workaround: If CDP is not required for SNMP network management, enter the no cdp run command in the startup configuration.

If CDP is required for SNMP network management, enter the no cdp enable command on each interface and subinterface in the startup configuration, except for the management interfaces and subinterfaces. (There is a maximum of 10 management interfaces and subinterfaces.)

CSCee91044

Symptoms: A network operations center (NOC) may receive many false alerts indicating that an IKE tunnel is down. (The IKE tunnel is torn down but immediately rebuilt.)

Conditions: This symptom is observed when SNMP traps are sent for every IKE timeout or rekey but not for an IPSec timeout or rekey.

Workaround: There is no workaround.

Further Problem Description: When the NMS receives an ikeTunnelStop message for the IKE tunnel, the NMS can issue an SNMP get request for the cikeTunnelHistTable in order to receive details about the IKE tunnel. The History Table provides the reason why the IKE tunnel was deleted. The cikeTunHistTermReason object is particularly useful because it provides the following information:

The reason the IPSec Phase-1 IKE Tunnel was terminated.

Possible reasons include:

1 = other

2 = normal termination

3 = operator request

4 = peer delete request was received

5 = contact with peer was lost

6 = local failure occurred.

7 = operator initiated check point request

The NMS can then use this information to identify whether or not the ikeTunnelStop message was sent because of an error.

CSCuk50643

Symptoms: A router reloads when the NTP server association is set via SNMP.

Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.2(22)S.

Workaround: Enter the ntp peer command.

IP Routing Protocols

CSCea59206

Symptoms: When you configure the distribute-list router configuration command under the address-family ipv4 vrf vrf name router configuration command, the distribute-list router configuration command may appear under the main routing process as may be displayed in the output of the show running-config EXEC command.

Conditions: This symptom is observed in either a Routing Information Protocol version 2 (RIPv2) or a Border Gateway Protocol (BGP) configuration when you specify the interface-type and interface-number arguments of the distribute-list {access-list-number | access-list-name} {in | out} [interface-type interface-number] router configuration command.

The symptom does not occur when you do not define the interface-type and interface-number arguments and only enter the distribute-list {access-list-number | access-list-name} {in | out} router configuration command.

Workaround: There is no workaround.

CSCec07636

Symptoms: When the following Open Shortest Path First (OSPF) MIB tables are queried via snmpwalk, some interfaces may not be displayed:

ospfNbrTable

ospfIfTable

ospfIfMetricTable

Conditions: This symptom is observed on any Cisco platform that runs OSPF.

Workaround: There is no workaround.

CSCec22723

Symptoms: A router may unexpectedly reload because of a watchdog timeout or bus error in OSPF.

Conditions: This symptom is observed when iSPF is configured under OSPF.

Workaround: Remove the iSPF configuration from OSPF by entering the no ispf command.

CSCed68668

Symptoms: A Cisco router that runs Cisco IOS Release 12.3(5.13)T may reload because of a bus error. The output of the show version command may show the following:

System returned to ROM by bus error at PC 0xXXXXXXXX, address 0xYYYYYYYY

Conditions: These symptoms occur when clear ip nat * is executed on the CLI.

Workaround: Do not perform clear ip nat *.

The following link provides general information about bus errors: http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_tech_note09186a00800cdd51.shtml

CSCee36721

Symptoms: An OSPF Designated Router (DR) may fail to regenerate the network LSA when you reload the router.

Conditions: This symptom is observed on a Cisco router that functions as a DR for an OSPF interface when another interface with the same interface address is present in the area but is in a shut down state.

Workaround: Remove the duplicate interface address and enter the clear ip ospf process command.

CSCee49764

Symptoms: The redistribute maximum-prefix command may not take effect.

Conditions: This symptom is observed when you enter this command while OSPF is processing an SSO switchover.

Workaround: Enter the clear ip ospf redistribution command.

CSCef00535

Symptoms: An OSPF router may reload unexpectedly.

Conditions: This symptom is observed after a neighbor has performed a switchover.

Workaround: Disable LLS under the OSPF process on the router by entering the no capability lls command or disable OSPF NSF under the OSPF process on the neighbor by entering the no nsf command.

CSCef11304

Symptoms: When performing a snmpwalk on OSPF-MIB that supports the ospfExtLsdbTable, a router can crash. In other instances alignment errors are observed when you enter the show alignment command.

Conditions: These symptoms are observed on a Cisco platform that runs Open Shortest Path First (OSPF) and supports the ospfExtLsdbTable in OSPF-MIB.

Workaround: There is no workaround.

CSCef18838

Symptoms: Tracebacks that are related to spurious memory accesses may occur and the spurious memory accesses may increase over time. When multicast video streaming is viewed using an IP-TV viewer, this situation causes the browser to hang.

Conditions: This symptom is observed when NAT and multicast are configured on the same router.

Workaround: There is no workaround. To return the browser to normal operation, reload the router.

CSCef19137

Symptoms: There are duplicate entries in the flow cache after an interface bounces, causing packet loss. The output of the show ip cache flow command may show information similar to the following:

SrcIf SrcIPaddress DstIf DstIPaddress Pr SrcP DstP Pkts

Gi0/0.1 10.2.0.1 Fa2/0 10.3.0.1 06 2C26 00B3 5

Gi0/0 10.2.0.1 Null 10.3.0.1 06 2C26 00B3<<<< 7

Conditions: This symptom is observed on a Cisco 7304 that is configured with an NSE-100 and that runs Cisco IOS Release 12.2(20)S4 when an interface bounces quickly and when the CEF structures are flushed while the ARP cache is not flushed. This situation causes incomplete adjacencies because the CEF process expects a fresh ARP entry to complete its adjacency. The symptom is platform-independent and may also occur on other platforms when the same conditions occur.

Workaround: Clear the ARP cache or enter the shutdown command followed by the no shutdown command on the affected interface.

CSCef26976

Symptoms: When VRFS are removed through the no ip vrf vrf-name command, OSPF VRF router processes may run into nvgen problems and the output of the show running-config command may not include a protocol name as in the following example:

router

network 10.10.0.0 0.0.255.255 area 0

...

A correct output would be:

router ospf 1

network 10.10.0.0 0.0.255.255 area 0

...

Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.2S or a release that is based on Release 12.2S when you remove VRFs that are not assigned to any OSPF VRF processes.

Workaround: There is no workaround.

CSCef57022

Symptoms: OSPF route redistribution in an OSPF VRF process does not function.

Conditions: This symptom is observed when you associate the OSPF process with a VRF by entering the router ospf process-id vrf vrf-name command and configure redistribution under the OSPF VRF process by entering the redistribute command.

Workaround: Do not associate the OSPF process with a VRF; only enter the router ospf process-id command.

CSCef65500

Symptoms: A Cisco router that is configured for OSPF may generate recurring SYS-3-CPUHOG messages and tracebacks that are caused by the OSPF process:

%OSPF-5-ADJCHG: Process 100, Nbr 10.52.0.186 on ATM1/0.381 from LOADING to FULL, Loading Done
%SYS-3-CPUHOG: Task ran for 4568 msec (243/31), process = OSPF Router, PC = 60B9DFA8.
-Traceback= 60B9DFB0 60B7E6E0 60B7EE58
%OSPF-5-ADJCHG: Process 100, Nbr 10.53.0.66 on ATM1/0.115 from FULL to DOWN, Neighbor Down: Dead timer expired
%OSPF-5-ADJCHG: Process 100, Nbr 10.53.0.66 on ATM1/0.115 from LOADING to FULL, Loading Done
%SYS-3-CPUHOG: Task ran for 4988 msec (569/120), process = OSPF Router, PC = 60B9DFA8.
-Traceback= 60B9DFB0 60B7E6E0 60B7EE58

At another date, the following error messages and tracebacks are generated:

%SYS-3-CPUHOG: Task ran for 2224 msec (368/9), process = OSPF Router, PC = 60BA80BC.
-Traceback= 60BA80C4 60B8876C 60B88EE4
%OSPF-5-ADJCHG: Process 100, Nbr 10.61.0.26 on ATM2/0.179 from FULL to DOWN, Neighbor Down: Dead timer expired
%OSPF-5-ADJCHG: Process 100, Nbr 10.61.0.26 on ATM2/0.179 from INIT to DOWN, Neighbor Down: Interface down or detached
%OSPF-5-ADJCHG: Process 100, Nbr 10.61.0.26 on ATM2/0.179 from LOADING to FULL, Loading Done
%SYS-3-CPUHOG: Task ran for 2028 msec (647/283), process = OSPF Router, PC = 60BA80BC.
-Traceback= 60BA80C4 60B8876C 60B88EE4
%SYS-3-CPUHOG: Task ran for 2904 msec (552/153), process = OSPF Router, PC = 60BA80BC.
-Traceback= 60BA80C4 60B8876C 60B88EE4

Conditions: This symptom is observed on a Cisco 7200 series that is configured with an NPE-225 and that runs Cisco IOS Release 12.2(15)T5 or 12.2(15)T13. However, the symptom may be platform-independent and could also occur in other releases.

Workaround: There is no workaround.

CSCef95026

Symptoms: When interfaces flap, a Cisco router may reload unexpectedly because of a bus error.

Conditions: This symptom is observed when OSPF accesses a freed LSDB entry.

Workaround: There is no workaround.

CSCeg19442

Symptoms: A router that is configured with the OSPF routing protocol may reload.

Conditions: This symptom is observed when the OSPF process is simultaneously deconfigured via one session and configured via another session.

Workaround: There is no workaround. Cisco strongly discourages you to configure a router via two different but simultaneous sessions.

CSCeg41363

Symptoms: Traffic is not load-balanced, and only a backdoor path is used to forward traffic.

Conditions: This symptom is observed on a PE router with a parallel path to a destination when one path is over an OSPF sham-link and the other path is over a backdoor link.

Workaround: Configure an OSPF metric in such a way that the OSPF sham-link path and the backdoor path do not have the same cost.

CSCeg52889

Symptoms: TE tunnels do not come up.

Conditions: This symptom is observed when a new loopback interface is created with an IP address on an MPLE TE head router that is configured with MPLS TE tunnels and when you reload the router. The symptom occurs because of a change in router ID.

Workaround: Shut down the newly created loopback interface, save the configuration, and reload the router.

CSCeg74205

Symptoms: In a simple network that consists of two routers, SPF calculations occur every minute although no topology changes occur.

Conditions: This symptom is observed on a Cisco router that runs a Cisco IOS release later than Release 12.3(6b) or Release 12.3(7)T4 and that functions as an ABR router when there are static routes in the network. However, the symptom may also occur in other releases.

Workaround: There is no workaround. Note that the symptom does not occur in Release 12.3(6b) and Release 12.3(7)T4: SPF calculations do not occur every minute.

CSCeh04837

Symptoms: ARP entries may be purged unexpectedly.

Conditions: This symptom is observed on a Cisco router when there is a large number of ARP entries and a Stateful Switchover (SSO) occurs.

Workaround: There is no workaround.

CSCeh07510

Symptoms: A traceback occurs on a router when you terminate an OSPF routing process by entering the no router ospf command.

Conditions: This symptom is observed when MPLS TE and more than one OSPF process are configured on the router.

Workaround: There is no workaround.

CSCeh09588

Symptoms: During an NSF switchover on a RP, the convergence may be delayed up to five minutes.

Conditions: This symptom is observed when a DBD exchange error occurs while the adjacency is brought up.

Workaround: Enter the clear ip ospf process command on the affected router.

CSCeh14015

Symptoms: Connected routes cannot be redistributed from one protocol to another.

Conditions: This symptom is observed on EIGRP routes when you enter the shutdown command followed by the no shutdown command. The symptom may also affect other routing protocols.

Workaround: There is no workaround.

CSCin65241

Symptoms: IS-IS redistribute commands are not synchronized to the standby RP. The routes that depend on these commands fail after a switchover.

Conditions: This symptom is observed on a Cisco 7500 series but is platform-independent.

Workaround: There is no workaround.

CSCin87277

Symptoms: CPUHOG messages are generated when you bring up OSPF adjacencies on hundreds of subinterfaces.

Conditions: This symptom is observed when LSAs are configured to be refreshed every 30 minutes.

Workaround: There is no workaround.

CSCin89317

Symptoms: The following CPUHOG message and tracebacks are generated when you create a NAT pool of the type "match-host" with a mask that is smaller than /12:

%SYS-3-CPUHOG: Task is running for (2000)msecs, more than (2000)msecs (87/11),process = Exec.

Conditions: This symptom is observed when you enter one of the following global configuration commands:

ip nat pool name start-ip end-ip netmask netmask type match-host and the value of the netmask argument is smaller than 12.

ip nat pool name start-ip end-ip prefix-length prefix-length type match-host and the value of the prefix-length argument is smaller than 12.

Workaround: Create a NAT pool with a mask that is larger than /12.

CSCsa77947

Symptoms: After you reload a router, the CEF adjacency or hardware route for a peer is unexpectedly removed from the FIB hardware table, causing connectivity problems.

Conditions: This symptom is observed on a Cisco router that has a statically configured ARP alias for the peer.

Workaround: There is no workaround.

Miscellaneous

CSCec63011

Symptoms: A router may reload because of an NVRAM corruption.

Conditions: This symptom is observed when NVRAM is accessed simultaneously by two processes, when one the processes has a file open, and when the second process attempts to open a nonexistent file. The error handling for the second process clears the global NVRAM pointer that is used by the first process. This situation is more likely to occur in a configuration with redundant Route Processors (RPs) but may also occur in a configuration with a single RP when two terminal windows are open.

Workaround: There is no workaround.

CSCed45942

Symptoms: A router with a configuration size that is larger than the NVRAM size reloads because of a bus error and stack overflow or stack corruption when you enter the show config command simultaneously with the write terminal or show running-config command.

Conditions: This symptom is observed when the service compress-config command or boot config command is enabled.

Workaround: Do not enter the above-mentioned commands simultaneously, reduce the size of the configuration, or increase the size of the NVRAM.

Further Problem Description: This problem was introduced in Cisco IOS Release 12.1(8a)E1, so most Cisco IOS 12.1E releases are exposed to this problem. The problem may also occur in Release 12.2S.

CSCee50294

Cisco IOS devices running branches of Cisco IOS version 12.2S that have Dynamic Host Configuration Protocol (DHCP) server or relay agent enabled, even if not configured, are vulnerable to a denial of service where the input queue becomes blocked when receiving specifically crafted DHCP packets. Cisco is providing free fixed software to address this issue. There are also workarounds to mitigate this vulnerability. This issue was introduced by the fix included in CSCdx46180 and is being tracked by Cisco Bug ID CSCee50294.

This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml.

There are multiple workarounds for this issue:

There are four possible workarounds for this vulnerability:

Disabling the dhcp service

Control Plane Policing

Two versions of Access Control Lists

a. Disabling the DHCP Service

This vulnerability can be mitigated by utilizing the command:

no service dhcp

However, this workaround will disable all DHCP processing on the device, including the DHCP helper functionality that may be necessary in some network configurations.

a. Control Plane Policing Feature

The Control Plane Policy feature may be used to mitigate this vulnerability, as in the following example:

access-list 140 deny udp host 192.168.13.1 any eq bootps

access-list 140 deny udp any host 192.168.13.1 eq bootps

access-list 140 deny udp any host 255.255.255.255 eq bootps

access-list 140 permit udp any any eq bootps

class-map match-all bootps-class

match access-group 140

policy-map control-plane-policy

class bootps-class

    police 8000 1500 1500 conform-action drop exceed-action drop

control-plane

service-policy input control-plane-policy

For this example 192.168.13.1 is a legitimate DHCP server.

Additional information on the configuration and use of the CPP feature can be found at this link:

http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps1838/
products_feature_guide09186a00801afad4.html
.

This workaround is only applicable to Cisco IOS 12.2S, as this feature is only available in Cisco IOS versions 12.2S and 12.3T. Cisco IOS 12.3T is not impacted by this advisory.

a. Access Lists - Two Methods

Access lists can be applied to block DHCP/BootP traffic destined to any router interface addresses, as in the following example:

In this example, the IP address192.168.13.1 represents a legitimate DHCP server, the addresses 10.89.236.147 and 192.168.13.2 represent router interface addresses, and 192.168.61.1 represents a loopback interface on the router.

In this example, any bootp/dhcp packets destined to the router interface addresses are blocked.

access-list 100 remark permit bootps from the DHCP server

access-list 100 permit udp host 192.168.13.1 any eq bootps

access-list 100 remark deny bootps from any to router f1/0

access-list 100 deny udp any host 10.89.236.147 eq bootps

access-list 100 remark deny bootps from any to router f0/0

access-list 100 deny udp any host 192.168.13.2 eq bootps

access-list 100 remark deny bootps from any to router loopback1

access-list 100 deny udp any host 192.168.61.1 eq bootps

access-list 100 remark permit all other traffic

access-list 100 permit ip any any

access-list 100 is applied to f0/0 and f1/0 physical interfaces.

interface FastEthernet0/0

ip address 192.168.13.2 255.255.255.0

ip access-group 100 in

interface FastEthernet1/0

ip address 10.89.236.147 255.255.255.240

ip access-group 100 in

ip helper-address 192.168.13.1

An alternate configuration for the interface access-list workaround.

This example would also need to be applied to all physical interfaces, but deny statements for all of the IP addresses configured on the router are not necessary in this approach. In this example, the address 192.168.13.1 represents a legitimate DHCP server.

access-list 100 permit udp host 192.168.13.1 any eq bootps

access-list 100 permit udp any host 192.168.13.1 eq bootps

access-list 100 permit udp any host 255.255.255.255 eq bootps

access-list 100 deny udp any any eq bootps

interface FastEthernet0/0

ip address 192.168.13.2 255.255.255.0

ip access-group 100 in

interface FastEthernet1/0

ip address 10.89.236.147 255.255.255.240

ip access-group 100 in

ip helper-address 192.168.13.1

CSCee59383

Symptoms: The entitySensorMIB does not function.

Conditions: This symptom is observed on a Cisco ONS 15530 that runs Cisco IOS Release 12.2S.

Workaround: There is no workaround.

CSCee91327

Symptoms: Loss of synchronization occurs, causing traffic drops.

Conditions: This symptom is observed on an uplink interface of a 10G ITU trunk line card of a peer platform of a Cisco ONS15530 when a CPU switchover occurs on the Cisco ONS15530. The traffic drops occur on the 10G ITU trunk line card of the peer platform.

Workaround: There is no workaround.

CSCef67682

Reception of certain IPv6 fragments with carefully crafted illegal contents may cause a router running Cisco IOS to reload if it has IPv6 configured. This applies to all versions of Cisco IOS that include support for IPv6.

The system may be protected by installing appropriate access lists to filter all IPv6 fragments destined for the system. For example:

interface Ethernet0/0

ipv6 traffic-filter nofragments in

!

ipv6 access-list nofragments

deny ipv6 any <my address1> undetermined-transport

deny ipv6 any <my address2> fragments

permit ipv6 any any

This must be applied across all interfaces, and must be applied to all IPv6 addresses which the system recognizes as its own.

This will effectively disable reassembly of all IPv6 fragments. Some networks may rely on IPv6 fragmentation, so careful consideration should be given before applying this workaround.

We would recommend for customers to upgrade to the fixed IOS release. All IOS releases listed in IPv6 Routing Header Vulnerability Advisory at http://www.cisco.com/warp/public/707/cisco-sa-20070124-IOS-IPv6.shtml contain fixes for this issue.