Cross-Platform Release Notes for Cisco IOS Release 15.3S
Release 15.3(2)S Bugs
Downloads: This chapterpdf (PDF - 799.0KB) The complete bookPDF (PDF - 2.71MB) | Feedback

Table of Contents

Bugs for Cisco IOS Release 15.3(2)S

Open and Resolved Bugs

Resolved Bugs—Cisco IOS Release 15.3(2)S2

Resolved Bugs—Cisco IOS Release 15.3(2)S1

Open Bugs—Cisco IOS Release 15.3(2)S

Resolved Bugs—Cisco IOS Release 15.3(2)S

Bugs for Cisco IOS Release 15.3(2)S

Open and Resolved Bugs

The open and resolved bugs for this release are accessible through the Cisco Bug Search Tool. This web-based tool provides you with access to the Cisco bug tracking system, which maintains information about bugs and vulnerabilities in this product and other Cisco hardware and software products.

Within the Cisco Bug Search Tool, each bug is given a unique identifier (ID) with a pattern of CSCxxNNNNN, where x is any letter (a-z) and N is any number (0-9). The bug IDs are frequently referenced in Cisco documentation, such as Security Advisories, Field Notices and other Cisco support documents. Technical Assistance Center (TAC) engineers or other Cisco staff can also provide you with the ID for a specific bug.

You can save searches that you perform frequently. You can also bookmark the URL for a search and email the URL for those search results


Note If the defect that you have requested cannot be displayed, this may be due to one or more of the following reasons: the defect number does not exist, the defect does not have a customer-visible description yet, or the defect has been marked Cisco Confidential.


This section consists of the following subsections:

Resolved Bugs—Cisco IOS Release 15.3(2)S2

  • CSCsv74508

Symptom: If a linecard is reset (either due to an error or a command such as hw-module slot reload) at the precise time an SNMP query is trying to communicate with that linecard, the RP could reset due to a CPU vector 400 error.

Conditions: This symptom occurs when the linecard is reset (either due to error or a command such as hw-module slot reload) at the precise time an SNMP query is received.

Workaround: There is no workaround.

  • CSCtd45679

Symptom: The standby supervisor reloads after removing an IPSLA probe via CLI:

R7600(config)#no ip sla 1 R7600(config)# 06:53:31: Config Sync: Line-by-Line sync verifying failure on command: no ip sla 1 due to parser return error
06:53:31: rf_reload_peer_stub: RP sending reload request to Standby. User: Config-Sync, Reason: Configuration mismatch R7600(config)# 06:53:31: %RF-SP-5-RF_RELOAD: Peer reload. Reason: Proxy request to reload peer R7600(config)# 06:53:31: %OIR-SP-3-PWRCYCLE: Card in module 6, is being power-cycled (RF request) R7600(config)# 06:53:32: %PFREDUN-SP-6-ACTIVE: Standby processor removed or reloaded, changing to Simplex mode R7600(config)#
 

Conditions: This issue only occurs if the probe is configured via SNMP.

Workaround: Remove the probe via SNMP.

More Info: This issue is applicable to a Cisco Catalyst 6500 platform running Cisco IOS 12.2SX releases. It may also affect other high availability (HA) platforms running Cisco IOS 12.2 or 15.X releases.

  • CSCtz90697

Symptoms: EIGRP authentication is not working.

Conditions: This symptom is observed when authentication is configured with key-id 0.

Workaround: Use any other key-id for authentication.

  • CSCua18166

Symptoms: When sub appid is triggered by end points, the network does not recognize it and displays it as “Unknown identifier”.

Conditions: This symptom occurs when the limitation results in not supporting traffic classification based on sub appid.

Workaround: There is no workaround.

  • CSCua60785

Symptoms: Metadata class-map matches only the first of the following filter, if present, in a class map (the other media-type matches are skipped):

match application attribute [category, sub-category, media-type, device-class] value-string match application application-group value-string
 

Conditions: This symptom occurs when the class map has the aforementioned filters.

Workaround: There is no workaround.

  • CSCub04965

Symptom: Multiple symptoms may occur including the following:

Multiple sessions established to TACACS+ server which never clear are seen in the output of show tcp brief.

Pings to the loopback address from directly connected equipment suffers packet loss.

Traffic and pings through the switch suffers packet loss.

CPU utilization remained stable and below 10% when the issue was occurring, the interface counters were not reporting any errors or drops.

TACACS+ authentication errors, authorization errors, or accounting errors.

SSH/TELNET via VTY not accessible.

If condition exists for a period of time the switch may stop passing traffic.

Conditions: The symptom is observed when the device is configured with TACACS+. It is seen mostly on Cisco 3750/3760 switches, but has been observed on Cisco 6500 switches.

Workaround:

1. Remove the AAA and TACACS+ server configuration.

2. Clear the existing TCP connections with clear tcp tcb.

3. Reconfigure the TACACS+ server configuration to use "single-connection" mode.

4. Reconfigure the AAA configuration.

Mitigation using EEM: A Cisco IOS Embedded Event Manager (EEM) policy that is based on Tool Command Language (Tcl) can be used on vulnerable Cisco IOS devices to identify and detect a hung, extended, or indefinite TCP connection that causes the symptoms to be observed. The policy allows administrators to monitor TCP connections on a Cisco IOS device. When Cisco IOS EEM detects hung or stale TCP connections, the policy can trigger a response by sending a syslog message or a Simple Network Management Protocol (SNMP) trap to clear the TCP connection. The example policy provided in this document is based on a Tcl script that monitors and parses the output from two commands at defined intervals, produces a syslog message when the monitor threshold reaches its configured value, and can reset the TCP connection. The EEM script is available at:

https://supportforums.cisco.com/docs/DOC-19344

  • CSCub56842

Symptoms: The router stops passing IPsec traffic after some time.

Conditions: This symptom is observed when the show crypto eli command output shows that during every IPsec P2 rekey, the active IPsec-Session count increases, which does not correlate to the max IPsec counters displayed in SW.

Workaround: Reload the router before active sessions reach the max value.

To verify, do as follows:

router#sh cry eli
CryptoEngine Onboard VPN details: state = Active Capability : IPPCP, DES, 3DES, AES, GCM, GMAC, IPv6, GDOI, FAILCLOSE, HA
IPSec-Session : 7855 active, 8000 max, 0 failed <<<
 
  • CSCub95285

Symptoms: No logging messages are seen when configuring the syslog server in CLI mode until configuration mode is exited. However when unconfiguring the syslog server, syslog messages will appear within configuration mode.

Conditions: This symptom is observed when, in CLI configuration mode, you enter the following command:

Router(config)#logging host 1.2.3.4 transport tcp
 

Workaround: There is no workaround.

  • CSCuc03258

Symptom: Router crash due to IPC timeout during registering ICC request port.

Conditions: This symptom is observed when the router, which is in RPR mode, is reloaded. The active starts booting up as the standby and crashes.

Workaround: There is no workaround.

  • CSCuc11958

Symptom: 7600-SIP-400 linecard crash seen with SPA reload.

Conditions: This symptom is observed with an SPA reload.

Workaround: There is no workaround.

  • CSCuc22651

Symptom: A router may experience a crash in the “BGP Task” process during best path selection. In a rare corner case, when the last two remaining multipaths are deleted around the same time by two different threads of execution, a null pointer exception can be raised in the “BGP Task” process.

Conditions: This symptom occurs when a BGP multipath is configured as shown in the following example:

address-family ipv4 maximum-paths ibgp 4
 

Workaround: Disable BGP multipath.

  • CSCuc51879

Symptom: Traffic loss occurs on the Cisco ASR 1000 Series Routers during an RP SSO switchover.

Conditions: This symptom occurs during an RP SSO switchover on the Cisco ASR 1000 Series Routers.

Workaround: There is no workaround.

  • CSCuc65662

Symptom: Router crashes while configuring xconnect after traffic over SAToP over UDP.

Conditions: The symptom is observed when you send traffic using SAToP over UDP. After that try to configure SAToP over MPLS and router crashes.

Workaround: There is no workaround.

  • CSCuc85638

Symptom: Ethernet CFM and ELMI interworking. If CFM is configured on xconnect and interworking with ELMI, incorrect EVC state may be reported to ELMI on MPLS configuration changes.

Conditions: The symptom is observed with the following conditions:

CFM configured on xconnect EFP.

ELMI configured on same interface.

CFM-ELMI interworking enabled.

Workaround: There is no workaround.

  • CSCud55286

Symptoms: Traffic drops for sometime after doing a switchover.

Conditions: The symptom is observed when a switchover is performed on a Cisco ASR 903.

Workaround: Put a neighbor command where the neighbor has no meaning and will never be up. This will solve the timing issue.

  • CSCud58457

Symptom: Standby interface stays UP/UP after a reload:

BGL.S.15-ASR1004-1#sh int des Interface Status Protocol Description Te0/0/0 down down Te0/1/0 up up Te0/2/0 down down Te0/3/0 up up Gi0 admin down down
 

It should be like this :

BGL.S.15-ASR1004-1#sh int des Interface Status Protocol Description Te0/0/0 down down Te0/1/0 up up Te0/2/0 down down Te0/3/0 standby mode down Gi0 admin down down
 

Conditions: The symptom is observed when “backup interface” and “carrier-delay” are configured under the interface:

interface TenGigabitEthernet0/1/0 backup interface TenGigabitEthernet0/3/0 ip address 10.163.137.29 255.255.255.224 logging event link-status carrier-delay up 1 carrier-delay down msec 0 cdp enable hold-queue 4096 in hold-queue 4096 out ! interface TenGigabitEthernet0/3/0 mac-address d867.d9dd.ff10 no ip address logging event link-status carrier-delay up 1 carrier-delay down msec 0 cdp enable hold-queue 4096 in hold-queue 4096 out !
 

Workaround: Flap the standby interface.

  • CSCud58613

Symptom: Egress HQF policy needs to be blocked for MLPPP/MFR member links. Ingress HQF policy application needs to be blocked for MLPPP/MFR bundles without member links. Ingress HQF policy needs to be enabled for Gige subinterfaces and EVCs.

Conditions: The symptom is observed with HQF policy.

Workaround: There is no workaround.

  • CSCud96854

Symptom: Standby RSP crashes while unconfiguring interfaces on ACR controller.

Conditions: The symptom is observed when using a TCLSH script to teardown 450 CEM CKTs.

Workaround: There is no workaround.

  • CSCue09385

Symptom: Active RP crash during sessions bring up after clearing PDP.

Conditions: The symptom is observed after clearing PDP.

Workaround: There is no workaround.

More Info: This is a negative test where DHCP IP under APN on IWAG is the access interface IP. In real world, we do not configure access interface IP as a DHCP IP for an APN.

  • CSCue45934

Symptoms: This problem is specific to the Catalyst 6000 platform. With IPv4 crypto map, ICMP echo reply is not triggered from the remote end.

Conditions: This symptom is observed in IPv4 crypto map configuration and Catalyst 6000 platform.

Workaround: There is no workaround.

  • CSCue57495

Symptom: Traceback is observed with error message “standby cannot allocate VLAN for Tunnel Rsvd Vlan”.

Conditions: The issue seen while configuring L2VPN and L3VPN with scaled tunnel configurations.

Workaround: There is no workaround.

  • CSCue59592

Symptom: Multiple crashes observed with the following tracebacks after upgrading the Cisco IOS Release from 12.2(33)SRC1 to 12.2(33)SRE6:

*Jul 27 01:39:33 SUM: %SCHED-3-SEMLOCKED: CMFI RP process attempted to lock a semaphore, already locked by itself -Traceback= 87807BC 999A314 9E1684C 9E17E4C 9E18074 AA9B25C AA9B2C8 AAAA270 A1D33B4 A1D3474 A1D61A4 A1D14B0 AAC8A28 9E1909C 9E19F1C 9E1D4FC *Jul 27 01:39:33 SUM: %SCHED-3-SEMLOCKED: CMFI RP process attempted to lock a semaphore, already locked by itself -Traceback= 87807BC 999A314 9E1684C 9E17E4C 9E18074 AA9B25C AA9B2C8 AAAA270 A1D33B4 A1D3474 A1D61A4 A1D14B0 AAC8A28 9E1909C 9E19F1C 9E1D4FC *Jul 27 01:39:33 SUM: %SCHED-3-SEMLOCKED: CMFI RP process attempted to lock a semaphore, already locked by itself -Traceback= 87807BC 999A314 9E1684C 9E17E4C 9E18074 AA9B25C AA9B2C8 AAAA270 A1D33B4 A1D3474 A1D61A4 A1D14B0 AAC8A28 9E1909C 9E19F1C 9E1D4FC
 

Conditions: The symptom is observed with a combination of BGP VPNv4 prefixes + PBR enabled on the interface for the VRF and during upgrade of image or reload of the device. If “mls mpls recirc agg” is enabled in global mode, then this crash will not be observed.

Workaround: Enable “mls mpls recirc agg” in global mode.

  • CSCue68761

Symptoms: A leak in small buffer is seen at ip_mforward in Cisco IOS Release 15.1(4)M3. Device: Cisco 2911 Cisco IOS: c2900-universalk9-mz .SPA.151-4.M3.bin

Conditions: This symptom is observed with the Cisco 2911 running Cisco IOS Release 15.1(4)M3.

------------------ show buffers ------------------
Buffer elements: 156 in free list (500 max allowed) 11839912 hits, 0 misses, 617 created
Public buffer pools: Small buffers, 104 bytes (total 45187, permanent 50, peak 45187 @ 10:04:00): 0 in free list (20 min, 150 max allowed) 7968057 hits, 202704 misses, 2128 trims, 47265 created 71869 failures (680277 no memory)
------------------ show buffers usage ------------------
Statistics for the Small pool Input IDB : Mu1 count: 45180 Caller pc : 0x22CF95C4 count: 45180 Resource User: IP Input count: 45180 Caller pc : 0x22381654 count: 2 Resource User: Init count: 2 Output IDB : Mu1 count: 4 Caller pc : 0x2380114C count: 4 Resource User: PIM regist count: 4 Number of Buffers used by packets generated by system: 45187 Number of Buffers used by incoming packets:
+++++++++++++++++++++++++++++small buffer packet++++++++++++++++++++++++++++++++
<snip>
Buffer information for Small buffer at 0x2A815220 data_area 0xD9DEB04, refcount 1, next 0x0, flags 0x2080 linktype 7 (IP), enctype 16 (PPP), encsize 2, rxtype 1 if_input 0x30F21520 (Multilink1), if_output 0x0 (None) inputtime 00:02:46.212 (elapsed 05:55:11.464) outputtime 00:01:22.632 (elapsed 05:56:35.044), oqnumber 65535 datagramstart 0xD9DEB56, datagramsize 38, maximum size 260 mac_start 0xD9DEB56, addr_start 0x0, info_start 0xD9DEB58 network_start 0xD9DEB58, transport_start 0xD9DEB6C, caller_pc 0x22CF0044
source: 10.131.124.33, destination: 224.0.1.40, id: 0x55F0, ttl: 11, TOS: 192 prot: 17, source port 496, destination port 496
0D9DEB56: 002145C0 002455F0 .!E@.$Up 0D9DEB5E: 00000B11 F14C0A83 7C21E000 012801F0 ....qL..|!‘..(.p 0D9DEB6E: 01F00010 82211200 00000000 000000 .p...!.........
 

Workaround: There is no known workaround. Reboot frees memory.

  • CSCue74612

Symptom: FTP download fails in FTS client.

Conditions: The symptom is observed with FTS transfer over FTP via VRF.

Workaround: There is no workaround.

  • CSCue75986

Symptom: The active route processor crashes because of a segmentation fault in the PIM IPv6 process after de-configuring a VRF.

Conditions: This symptom is observed when BGP, multicast-routing, or a VRF is de-configured while VRF-forwarding for the affected VRF is still configured on some interfaces and IPv6 multicast state entries exist within the affected VRF.

Workaround: Before removing a VRF using no vrf definition xxx, de-configuring “router bgp ...” or de-configuring multicast-routing for any VRF or for the global routing table, de-configure the IPv6 and the IPv4 MDT tunnels for affected VRFs as follows:

1. Under the “vrf definition ...”/”address-family ipv6” configuration sub-mode, execute no mdt default ....

2. Under the “vrf definition ...”/”address-family ipv4” configuration sub-mode, execute no mdt default ....

  • CSCue76057

Symptom: On a SIP 400 with gigeV2 SPA, when EVC is configured with “encap default”, it is seen that sometimes the FUGU TCAM is not programmed with correct VVID for the EVC. This results in incoming traffic reaching the linecard with wrong VVID. This can impact traffic incoming on the EVC.

Conditions: The symptom is observed with an “encap default” configuration under EVC, or removal and re-application of “encap default” under EVC.

Workaround: There is no workaround.

  • CSCue76102

Symptoms: Redistributed internal IPv6 routes from v6 IGP into BGP are not learned by the BGP neighboring routers.

Conditions: This symptom occurs because of a software issue, due to which the internal IPv6 redistributed routes from IGPs into BGP are not advertised correctly to the neighboring routers, resulting in the neighbors dropping these IPv6 BGP updates in inbound update processing. The result is that the peering routers do not have any such IPv6 routes in BGP tables from their neighbors.

Workaround: There is no workaround.

  • CSCue79748

Symptom: When the system is under scaling conditions, and you issue the shut then no shut commands on the access interface, the IOSd process may crash.

Conditions: The symptom is observed when the system is under scaling conditions, and you issue the shut then no shut commands on the access interface.

Workaround: Do not issue shut then no shut on the access interface when the system has traffic running and the device is under load.

  • CSCuf09198

Symptom: After deleting a VRF, you are unable to reconfigure the VRF.

Conditions: The symptom is observed when BGP SAFI 129 address-family is not configured, but unicast routes are installed into multicast RIB to serve as upstream multicast hop, as described in RFC 6513. This applies to VRFs configured before BGP is configured.

Workaround: Beyond unconfiguring BGP, there is no workaround once the issue occurs. Configuring a dummy VRF multicast address-family under BGP before the issue occurs can prevent the problem from occurring.

  • CSCuf30798

Symptom: SIP 600 crashes.

Conditions: The symptom is observed with VPLS VC going over GRE tunnel and chassis having both ES+ and SIP 600 card.

Workaround: Remove VPLS over GRE. This configuration is not supported.

  • CSCuf56776

Symptom: After a linecard is removed and reinserted (OIR), traffic may fail to pass through some virtual circuits which have been configured for pseudowire redundancy.

Conditions: This symptom is observed when the first segment ID in the redundancy group is numerically greater than the second segment.

PE1#show ssm id | inc 1st 1stMem: 16394 2ndMem: 12301 ActMem: 12301 1stMem: 16394 2ndMem: 12301 ActMem: 12301
 

After the OIR is performed, it can be seen that the segments are reversed on the linecard.

ESM-20G-12#sh ssm id | inc 1st 1stMem: 12301 2ndMem: 16394 ActMem: 12301 1stMem: 12301 2ndMem: 16394 ActMem: 12301
 

Workaround: There is no workaround.

  • CSCuf62756

Symptom: If bandwidth qos-reference value is configured on an interface which bandwidth can change, then the actual interface bandwidth will be used for QoS service-policy validation when the interface bandwidth changes. This can result in a service-policy being removed if the interface bandwidth is insufficient to meet the requirements of the service-policy, such as bandwidth guarantees.

Conditions: Affects variable-bandwidth interfaces such as EFM interfaces or PPP multilink bundles.

Workaround 1: Use proportional actions in the QoS service-policy, such as “police rate percent....”, “bandwidth remaining ratio...”, “bandwidth remaining percent...”, and “priority percent”.

Workaround 2: You can configure bandwidth qos-reference with maximum bandwidth of the interface:

interface Ethernet0 bandwidth qos-reference <max bandwidth of interface>
 

This can prevent policy-map detached due to interface bandwidth change.

  • CSCuf68995

Symptom: Ping failures. Traffic gets dropped.

Conditions: The symptom is observed when you configure MPLSoMGRE tunnel on PE1 and PE2. Initiate ping from CE1 to CE2. Packets reach the CE2 and replay is coming back but these packets are getting dropped on PE2. After PE2 switchover, ping fails from CE1 to CE2. PE2 is configured with MPLSoMGRE on an HA system. Topology:

CE1---- PE1 ----PE2----CE2
 

Workaround: There is no workaround.

  • CSCuf82179

Symptom: BGP routes remain installed in multicast RIB even after “address-family” configuration has been removed from “vrf definition”.

Conditions: This symptom is observed in MVPN topology, where the stale routes are installed as an upstream multicast hop, as described in RFC: http://tools.ietf.org/html/rfc6513

Workaround: There is no workaround.

  • CSCug04187

Symptom: Build breakage.

Conditions: This symptom occurs due to CSCuf62756.

Workaround: There is no workaround.

  • CSCug17724

Symptom: When using session protection and graceful restart for LDP, LDP neighbor goes down immediately after filtering LDP hello between routers. The LDP neighbor should go down after 10 minutes (default value of forwarding state holding time for GR).

Conditions: The symptom is observed when you enable session protection and graceful restart for LDP

Workaround: There is no workaround.

  • CSCug17808

Symptom: Redistributed default route not advertised to EIGRP peer.

Conditions: This symptom is observed when Cisco ASR router is rebooted or the route is cleared via the clear ip route command, the route disappears form the spokes.

Workaround: Clearing the EIGRP Neighborship restores the route on the spokes.

  • CSCug23348

Symptom: The “mod” value in the SSRAM may be inconsistent to the number of ECMP paths.

Conditions: This occurs with ECMP TE tunnels with tunnel mpls traffic-eng load-share value commands configured.

Workaround: Remove the tunnel mpls traffic-eng load-share value commands from the TE tunnels.

  • CSCug24114

Symptom: CTS environment-data download fails from ISE.

Conditions: The symptom is observed if there is less PAC and environment-data refresh timer is configured in ISE. After multiple refreshes of PAC and environment data and the switch is reloaded, sometimes a CTS environment-data download fails from ISE on the switch.

Workaround: Unconfigure pac key CLI and configure it again as below:

no pac key pac key <key-id>
 
  • CSCug31561

A vulnerability in the DHCP implementation of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

The vulnerability occurs during the parsing of crafted DHCP packets. An attacker could exploit this vulnerability by sending crafted DHCP packets to an affected device that has the DHCP server or DHCP relay feature enabled. An exploit could allow the attacker to cause a reload of an affected device.

Cisco has released free software updates that address this vulnerability. There are no workarounds to this vulnerability.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-dhcp

Note: The September 25, 2013, Cisco IOS Software Security Advisory bundled publication includes eight Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the September 2013 bundled publication.

Individual publication links are in “'Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication” at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep13.html

  • CSCug33084

Symptom: SP/DFC crash is seen when churn on multicast is done, either through provisioning/unprovisioning or other network event.

Conditions: The issue occurs when a pointer to an already freed hal_context is still present in a replicate queue. Later during churn the same pointer is accessed which leads to the crash.

Workaround: There is no workaround.

  • CSCug34404

Symptom: RP crash seen at be_interface_action_remove_old_sadb.

Conditions: The symptom is observed while unconfiguring the 4K SVTI sessions after an HA test.

Workaround: There is no workaround.

  • CSCug34877

Symptom: Switch crashes with following message:

%SYS-2-LINKED: Bad enqueue of 901E0D40 in queue 1AABE690 -Process= "SSH Process", ipl= 0, pid= 392
 

Conditions: Making SSH connection to remote device from the switch, while having multiple SSH connections to the same switch.

Workaround: There is no workaround.

  • CSCug38011

Symptom: Device crashes with CPU hog messages.

Conditions: The symptom is observed when the device is reloaded after configuring NTP peer:

ntp server pool.ntp.org source cell0
 

Workaround: There is no workaround.

  • CSCug39278

Symptom: L3 QoS policy not working in EVC L3 VPN.

Conditions: The symptom is observed when CFM is enabled globally.

Workaround: Disable CFM.

  • CSCug44641

Symptom: The clear xconnect all command causes xconnect related CFM configuration to be removed permanently.

Conditions: This symptom is observed only when using xconnect related CFM configuration.

Workaround: Avoid issuing the clear xconnect all command.

  • CSCug50208

Symptom: A crash is seen due to double free of memory.

Conditions: The symptom is seen when the accept interface VLAN goes down.

Workaround: There is no workaround.

  • CSCug50340

Symptom: PW traffic is not flowing after SSO/card reset the active PTF card.

Conditions: The symptom is observed with the following conditions:

1. Create a unprotected tunnel between the active PTF card and create a PW.

2. Apply the table map. Bi-directional traffic is flowing fine.

3. SSO/reset the active PTF card in node 106 (4/1).

4. Now tunnel core port is in standby card.

5. Observed bi-directional traffic is not flowing once the card becomes up.

6. Again reset the active PTF card (5/4).

7. Observe uni-directional traffic only is flowing.

Workaround: Delete the PW and recreate it again. However, note that if you do an SSO/card reset, the issue reappears.

  • CSCug52119

Symptom: A RIB route is present for a prefix, but the router continues to LISP encapsulate.

Conditions: The symptom is observed when a LISP map-cache existed for a prefix and then the RIB route was added later.

Workaround: Use the following command:

clear ip/ipv6 lisp map-cache <prefix>
 
  • CSCug58617

Symptom: Usernames do not show up in CCP Express. Username shows up on a router with default configuration.

Conditions: The symptom is observed on routers with configurations that break show runn | format.

Workaround: Use default configuration.

  • CSCug59746

Symptom: A crash is seen on the RP in the SS manager process:

Exception to IOS Thread: Frame pointer 0x7F58BB22FE80, PC = 0x7C505FB
UNIX-EXT-SIGNAL: Segmentation fault(11), Process = SSS Manager -Traceback= 1#980611ad3b9665cd80fe5178bcd6036a :400000+78505FB :400000+7C68774 :400000+7C6871A :400000+1C13522 :400000+7852194 :400000+78512C8 :400000+7C68774 :400000+7C6871A :400000+33A8AC1 :400000+77DD92F :400000+33C3E4C :400000+33AFE89 :400000+33B2564 :400000+7824301 :400000+7823F37 :400000+77FA27F
 

Conditions: The issue appears to be related to NAS port. It looks like a key is being set when the issue occurred. The exact conditions are still being investigated.

Workaround: Possibly remove radius or more specifically, NAS port configurations. This still needs to be verified.

  • CSCug68193

Symptom: Multicast traffic across ES+ cards stop flowing across subinterfaces.

Conditions: The symptom is observed after a linecard OIR. After the linecard comes up, multicast traffic stops flowing across subinterfaces.

Workaround: Shut/no shut the subinterface.

  • CSCug69107

Symptom: Crypto session does not comes up in EZVPN.

Conditions: This symptom is observed when a Crypto session is being established.

Workaround: There is no workaround.

  • CSCug72891

Symptom: EIGRP neighbor flaps due to EIGRP SIA. Troubleshooting shows that a race condition causes EIGRP successor loop first and it leads to EIGRP QUERY loop resulting in the neighbor flaps.

Conditions: The issue is observed when a worse metric update is received from the successor, once the route is already in active state, in a partially peered multiaccess network.

Workaround: There is no workaround.

  • CSCug79857

Symptom: Router crash is seen.

Conditions: The symptom is observed when you issue the following command:

show ip subscriber mac e01d.3b70.108e
 

Workaround: Do show ip subscriber mac e01d.3b70.108e only for the sessions in connected state, i.e.: sessions should not be in “Attempting” state in sh sss sess | i mac address.

  • CSCug83238

Symptom: TE Tunnel constantly performs signalling attempts instead of holding down the path option, which causes CPU to become very busy.

Conditions: The symptom is observed with the following conditions:

Configuration of multiple verbatim explicit path options.

Path error during LSP signalling.

Workaround: There is no workaround.

  • CSCug94275

Symptom: ES+ card crashes with an unexpected exception to CPU: vector 200, PC = 0x0.

Conditions: The symptom is observed on the ES+ series linecards on a Cisco 7600 series router. Symptom is reported on the ES+ console and in the crashinfo file on the ES+ flash disk. It is not reported in the syslog.

Workaround: There is no workaround.

  • CSCuh07657

Symptom: Inter-AS/Aggregate label is not re-originated after the directly connected CE facing interface (in VRF) is shut down.

Conditions: Inter-AS MPLS VPN set-up with Cisco 7600(PE)Router running on Cisco IOS Release 12.2(33)SRE4.

Workaround: Downgrade to Cisco IOS Release 12.2(33)SRE3 or earlier.

  • CSCuh09412

Symptom: A Cisco ASR 1000 running ISG with “radius-proxy session-restart” crashes when WiFi clients are roaming between hotspots.

Conditions: The symptom is observed if a client roams between WiFi access points and the accounting-stop message from the initial access point does not reach the ISG where the subscriber session is active as can sometimes be the case of roaming between access points on a wireless LAN controller.

Workaround: Disable “radius-proxy session-restart” and reload the chassis to clear the session-cache.

  • CSCuh14012

Symptom: The crypto session remains UP-ACTIVE after tunnels are brought down administratively.

Conditions: This symptom occurs in tunnels with the same IPsec profile with a shared keyword.

Workaround: There is no workaround.

  • CSCuh16115

Symptom: With VPLS configuration with IP-FRR, on doing multiple churns SP/LC may crash.

Conditions: The issue occurs when xconnect internal data structre is to be freed up and IP FRR is still pointing to it.

Workaround: Remove IP-FRR configuration before unprovisioning xconnect.

  • CSCuh16927

Symptom: Mac entries learned on a trunk link are flushed after removing VLANs.

Conditions: The symptom is observed when some allowed VLANs are removed on a trunk link, all mac address entries learned on this link are flushed. This is issue is specific to extended VLAN IDs.

Workaround: Executing ping to destination IP after removing VLANs will recover this condition.

  • CSCuh24040

Symptom: BGP routes are not marked Stale and considered best routes even though the BGP session with the peer is torn down. A hard or soft reset of the BGP peering session does not help.

For BFD-related triggering, the following messages are normally produced with the BGP-5-ADJCHANGE message first, and the BGP_SESSION-5-ADJCHANGE message second. Under normal conditions, the two messages will have identical timestamps. When this problem is seen, the order of the messages will be reversed, with the BGP_SESSION-5-ADJCHANGE message appearing first, and with a slightly different timestamp from the BGP-5-ADJCHANGE message. In the problem case, the BGP_SESSION-5-ADJCHANGE message will also include the string “NSF peer closed the session”

For example when encountering this bug, you would see:

May 29 18:16:24.414: %BGP_SESSION-5-ADJCHANGE: neighbor x.x.x.x IPv4 Unicast vpn vrf VRFNAME topology base removed from session NSF peer closed the session May 29 18:16:24.526: %BGP-5-ADJCHANGE: neighbor x.x.x.x vpn vrf VRFNAME Down BFD adjacency down

Instead of:

May 29 18:16:24.354: %BGP-5-ADJCHANGE: neighbor x.x.x.x vpn vrf VRFNAME Down BFD adjacency down May 29 18:16:24.354: %BGP_SESSION-5-ADJCHANGE: neighbor x.x.x.x IPv4 Unicast vpn vrf VRFNAME topology base removed from session BFD adjacency down

Log messages associated for non-BFD triggers are not documented.

Conditions: This symptom is observed when BGP graceful restart is used in conjunction with BFD, but it is possible (but very low probability) for it to happen when BGP graceful restart processing happens when any other type of BGP reset (eg: clear command) is in progress.

Affected configurations all include: router bgp ASN ... bgp graceful-restart ...

The trigger is that BGP exceeds its CPU quantum during the processing of a reset, and gives up the CPU, and then BGP Graceful Restart processing runs before BGP can complete its reset processing. This is a very low probability event, and triggering it is going to be highly dependent on the configuration of the router, and on BGP’s CPU requirements.

It is not possible to trigger this bug unless BGP graceful-restart is configured.

Workaround: If you are engaged in active monitoring of router logs, and the bug is being triggered by a BFD-induced reset, you can detect this situation by watching for the reversal of log message order described in the Symptoms section, and then take manual steps to remedy this problem when it occurs.

On the problematic router, issue no neighbor <xxx> activate command under the proper address-family will clear the stale routes.

The other option is to manually shutdown the outgoing interface which marks the routes as “inaccessible” and hence not been used anymore. This prevents the traffic blackhole but the routes will stay in the BGP table.

More Info: This bug affects all releases where CSCsk79641 or CSCtn58128 is integrated. Releases where neither of those fixes is integrated are not affected.

  • CSCuh27770

Symptom: On a dual-RP system which is configured for stateful switchover (SSO), some VPLS virtual circuits may fail to be provisioned on the standby route processor.

Conditions: This symptom is observed when the VFI consists of VLAN interfaces that are also configured for IP.

Workaround: Reload the standby RP.

  • CSCuh43252

Symptom: After upgrading to Cisco IOS Release 15.0(2)SE3, you can no longer authenticate using TACACS. The TPLUS process on the switch will be pushing the CPU up to 99%.

Conditions: The symptom is observed when you use TACACS for authentication.

Workaround: Downgrade the switch to a version prior to 15.0(2)SE3.

  • CSCuh48666

Symptom: Router crashes and reloads with dynamic EID scaling.

Conditions: The symptom is observed with dynamic EID scaling.

Workaround: There is no workaround.

  • CSCuh63997

Symptom: Router crashes when service-policy is installed on the interface.

Conditions: The symptom is observed with service-policies having random-detect aggregate configuration.

Workaround: Use non-aggregate random-detect for WRED configurations. If the platform supports only aggregate random-detect, then there cannot be a workaround other than not using the WRED configuration altogether.

Resolved Bugs—Cisco IOS Release 15.3(2)S1

  • CSCtq26296

Symptom: Router crashes with DLFI configurations.

Conditions: The symptom is observed while doing a shut/no shut.

Workaround: There is no workaround.

  • CSCts60458

Symptom: There is a memory leak in PfR MIB.

Conditions: This symptom occurs when PfR is configured.

Workaround: There is no workaround.

  • CSCtx50235

Symptom: During a crash on the Cisco Catalyst 6500, the normal crash information from the crashinfo files may be missing due to the crashes showing the Routing processor (RP) being reset by the Switching Processor (SP) and the RP crashinfo also showing the RP being reset by the SP. This bug addresses this serviceability issue and it has nothing to do with the root cause of the crash itself.

In a majority of cases, the crash has been a single-event crash and has not repeated.

Conditions: Conditions of this symptom are not known currently. At this point, it is believed that the real fault of the crash belongs to the SP.

Workaround: There is no workaround.

  • CSCty59423

Symptom: Memory leak seen with following messages:

Alternate Pool: None Free: 0 Cause: No Alternate pool -Process= "VOIP_RTCP", ipl= 0, pid= 299 -Traceback= 0x25B1F0Cz 0x25AB6CBz 0x25B1029z 0x46C02Ez 0x46C89Bz 0x46BCC2z 0x471D12z 0x43EF59Ez 0x43DD559z 0x43DCF90z %SYS-2-MALLOCFAIL: Memory allocation of 780 bytes failed from 0x46C02E, alignment 32

Conditions: The conditions are unknown.

Workaround: There is no workaround.

  • CSCtz53214

Symptom: The “clear counter pseudowire <#>” commands do not clear the pseudowire specific counters.

Conditions: This symptom is reported to be present in all Cisco IOS Release 15.X(S) versions.

Workaround: Issuing global clear count (“clear counters”) will clear counters including pseudowire specific counters.

  • CSCua76157

Symptom: BGP routes are displayed.

Conditions: This symptom occurs after removing the “send-label” from PE.

Workaround: There is no workaround.

  • CSCub40547

Symptom: ES+ module is crashing with “%NP_DEV-DFC1-2-WATCHDOG: Watchdog detected on NP 0” error.

Conditions: The issue is specific to the type of packet and its content which is unique when vidmon is configured.

Workaround: Remove vidmon configuration.

  • CSCub93937

Symptom: PfR “OER border router” process might report exception and the router reloads under stress traffic.

Conditions: The symptom is observed with a PfR configuration with scaling traffic-class actively, and stress control traffic between PfR MC and BRs.

Workaround: There is no workaround.

  • CSCub95365

Symptom: An ES+ crashes upon the dynamic addition/deletion of class-maps.

Conditions: The symptom is observed with the dynamic addition/deletion of class-maps of a policy applied in scale number of PC EVCs.

Workaround: There is no workaround.

  • CSCuc23542

Symptom: The PXE client network boot fails when an ME3600 running 152-4.S is the DHCP relay agent.

Conditions: This symptom occurs when the ME3600 changes the option 54 “DHCP Server Identifier” address to its own IP address in the DHCP offer received from the PXE DHCP server. This causes the client to send the PXE boot request (port 4011) to the ME3600 instead of the PXE server.

Workaround: Downgrade ME3600 to Cisco IOS Release 15.1(2)EY.

  • CSCuc59858

Symptom: Valid dynamic authorization requests which are not retransmissions are marked as retransmission.

Conditions: This may occur when valid dynamic authorization requests with the same RADIUS packet identifier is sent from different source ports.

Workaround: There is no workaround.

  • CSCuc60297

Symptom: Redistribute or source (network statement) VRF route into BGP. BGP VRF prefix with next hop from global, the next-hop will be inaccessible.

Conditions: This symptom is observed when redistribute VRF routes into BGP with global NH.

Workaround: There is no workaround.

  • CSCud05497

Symptom: Rarely, the WCM fails to send the configuration to a WaasExpress device.

Conditions: This symptom occurs when CM tries to send the configuration to a WaasExpress device. Rarely, the “SSL peer shutdown incorrectly” error is seen, leading to failure to send the configuration.

Workaround: Go to any WAAS-EXP configuration page and click submit.

  • CSCud11078

Symptom: Removal of the service instance on the target device causes a crash.

Conditions: Not consistently reproducible on all configurations as the underlying cause is a race condition.

Workaround: De-schedule the probe before removing the service instance.

  • CSCud11627

Symptom: SUP720 supervisor module may hang in ROMMON after the module reset triggered by TM_DATA_PARITY_ERROR.

Conditions: The issue is observed after a module reset triggered by TM_DATA_PARITY_ERROR.

Workaround: Power off/power on the router.

  • CSCud22038

Symptom: When a PC is moved between two VLAN ports (on one port, ISG is enabled and the other port is non-ISG) several times by its LAN cable connection on the L2SW that is connected to the Cisco ASR 1000 router, the PC is unable to receive DHCP OFFER due to the wrong VLAN ID from the DHCP server on the Cisco ASR 1000 router.

Conditions: This symptom is observed with Cisco IOS Release 15.2(4)S1.

Workaround: There is no workaround.

  • CSCud24806

Symptom: Compared to V1 ATM SPA, V2 SPAs are having more latency and bad bandwidth partition.

Conditions: The symptom is observed under the following conditions:

1. V2 SPA configured in L3 QoS mode.

2. Policy map contains “no priority queue”.

3. Policy map has more than one QoS class.

4. Each class has a WRED profile configured.

Workaround: While using a policy-map with a WRED profile, use the drop-probability value as 8. This improves the partition.

  • CSCud31618

Symptom: DHCP client is not getting an IP address.

Conditions: The symptom is observed with an interface change like this:

1. Create one l2-connected single stack unclassified-mac IPv4 session on interface g0/2/1 using ping from client with mac 000a.000b.000c.

2. Do an interface-change with DHCP session (i.e.: send DHCP discover with same mac 000a.000b.000c on other interface g0/2/2.100).

Workaround: There is no workaround.

  • CSCud34711

Symptom: After multiple VRF transfers, the session goes down (i.e.: VRF transfer from global VRF to VRF2 then to VRF1).

Conditions: The symptom is observed with multiple VRF transfers.

Workaround: There is no workaround.

  • CSCud41058

Symptom: There is a route-map which matches tags and set a new value. This route-map is used in an EIGRP outbound distribute list. One in 10 times based on the received route tag, the correct route tag value is not set while advertising out.

Conditions: The symptom is observed when you use a route map which matches tags and sets a new tag. Used in distribute-list route-map name out.

Workaround: Clear the EIGRP process or re-advertise the route.

  • CSCud64870

Symptom: DMVPN hub ASR 1004 may crash after the fetching CRL from MS CRL server.

Conditions: The crash occurs when there are five CDPs for the hub router to fetch the CRL. Since there are multiple CDPs, the hub router fetches the CRL in a parallel way, which leads to a crash under a timing issue.

Workaround: Setting up one CDP instead of multiple CDPs will greatly reduce the timing condition that leads to the crash.

  • CSCud70629

Symptom: Incremental memory leaks are seen at IPSec background process.

Conditions: This symptom is observed with "clear nhrp cache".

Workaround: There is no workaround.

  • CSCud71773

Symptom: The cost-minimization test command is not accepted.

Conditions: This symptom is observed with the cost-minimization test command.

Workaround: There is no workaround.

  • CSCud79067

Symptom: The BGP MIB reply to a getmany query is not lexicographically sorted.

Conditions: This symptom is observed when IPv4 and IPv6 neighbor IP addresses are lexicographically intermingled, for example, 1.1.1.1, 0202::02, 3.3.3.3.

Workaround: There is no workaround.

  • CSCud86954

Symptom: Some flows are not added to the Flexible Netflow cache, as indicated by the “Flows not added” counter increasing in the show flow monitor statistics command output. “Debug flow monitor packets” shows “FNF_BUILD: Lost cache entry” messages, and after some time, all cache entries are lost. At that moment, debug starts showing “FLOW MON: ip input feature builder failed on interface couldn’t get free cache entry”, and no new entries are created and exported (“Current entries” counter remains at 0).

The following is sample output when all cache entries are lost:

Router#sh flow monitor FNF-MON stat
Cache type: Normal
Cache size: 4096
Current entries: 0
High Watermark: 882
 
Flows added: 15969
Flows not added: 32668
Flows aged: 15969
- Active timeout ( 1800 secs) 0
- Inactive timeout ( 15 secs) 15969
- Event aged 0
- Watermark aged 0
- Emergency aged 0

Conditions: This symptom occurs when all of the following are true:

Flexible Netflow is enabled on a DMVPN tunnel interface.

Local policy-based routing is also enabled on the router.

Local PBR references an ACL that does not exist or an ACL that matches IPsec packets.

Workaround:

1. Make sure that the ACL used in the local PBR route-map exists and does not match IPsec packets sent over the DMVPN tunnel interface.

2. Disabling encryption on the tunnel interface, or changing tunnel mode from mGRE to GRE also removes this bug.

3. The issue will not be seen if FNF is not configured, or if FNF is configured but is not monitoring VPN traffic.

  • CSCud99501

Symptom: There is a LISP control process crash when unconfiguring.

Conditions: The symptom is observed when you unconfigure LISP.

Workaround: There is no workaround.

  • CSCue05358

Symptom: “Collect Identifier mac-address” -- for routed session is not working for the client who roams to a new interface.

Conditions: This symptom is observed if the subscriber already has a session available in Interface 1.

Workaround: There is no workaround.

  • CSCue05927

Symptom: OTV ISIS adjacency keeps going down/up every ten minutes.

Conditions: The symptom is observed during normal operation, while IGMP snooping is enabled on switches connected to the routers.

Workaround: Disable IGMP snooping on the switches.

  • CSCue06116

Symptom: VG350 gateway crashes when the configuration file is downloaded from CUCM. This occurs when the VG350 has 144 ports configured.

Conditions: The VG350 supports a maximum of 144 FXS ports. Configure MGCP control and download configuration from CUCM, gateway crashes.

Workaround: Use no ccm-manager config to stop the configuration download from CUCM.

  • CSCue18133

Symptom: The Cisco 7600 router crashes at show_li_users.

Conditions: This symptom is observed under the following conditions: In li-view, create an username: lawful-intercept and li_user password: lab1. Then, attempt its delete by "no username li_user". Later, show users of LI.

Workaround: There is no workaround.

  • CSCue18806

Symptom: If an xTR enabled for LISP mobility is a “home xTR” (that is, it has the mobility subnet as a directly connected route) then traffic arriving non-LISP encapsulated for a host who has moved away, will not trigger a map-request. This means that this xTR does not have a pre-existing map-cache entry for the host who moved away, and traffic will be dropped.

Conditions: The symptom is observed if an xTR enabled for LISP mobility is a “home xTR”.

Workaround:

1. On the xTR use the lig tool to cause a map-cache entry to be created.

2. Configure the xTR as a PITR instead of an ITR.

  • CSCue25575

Symptom: The crash is observed for SDP pass through or call forward or antitrombone cases.

Conditions: The crash is observed for a basic call involving SDP pass through or call forward or antitrombone cases.

Workaround: There no workaround.

  • CSCue26213

Symptom: The connected interface that is enabled for EIGRP will not be redistributed into BGP.

Conditions: This symptom occurs when the prefix of the connected interface is in the EIGRP topology table with “redistribute eigrp” under BGP address-family IPv4.

Workaround: Redistribute the connected interface and EIGRP.

  • CSCue28318

Symptom: A Cisco router doing authentication proxy may unexpectedly reload when running the test aaa command command.

Conditions: This symptom occurs when the router is using LDAP authentication and has a misconfigured LDAP authentication configuration.

Workaround: Correct the misconfiguration.

  • CSCue35533

Symptom: Ping fails with security applied and IKE disabled.

Conditions: This symptom is observed when the Cisco IOS Release 15.3(1.15)T image is loaded.

Workaround: There is no workaround.

  • CSCue36197

Symptom: The Cisco 7600 router may crash while performing the NSF IETF helper function for a neighbor over a sham-link undergoing NSF restart.

Conditions: This symptom occurs when a router is configured as an MPLS VPN PE router with OSPF as PE-CE protocol. OSPF in VRF is configured with a sham-link and a neighbor router over a sham-link is capable of performing an NSF IETF restart on sham-links.

Note: This problem cannot be seen if both routers on sham-link ends are Cisco IOS routers.

Workaround: Disable the IETF Helper Mode protocol by entering the following commands:

enable
configure terminal
router ospf process-id [vrf vpn-name]
nsf ietf helper disable
end

Note: Disabling Helper Mode will result in an OSPF peer dropping adjacency if the peer is reloaded.

  • CSCue41031

Symptom: Extra IPsec flow is shown in the “show crypto session” output.

Conditions: This symptom is observed with the Cisco ASR 1000 RP1 FlexVPN Client.

Workaround: There is no workaround.

  • CSCue46236

Symptom: Router crash at ipigrp2_redistribute_process.

Conditions: The crash is observed when EIGRP is configured/unconfigured with redistribution from BGP continuously. Redistribution is being configured with route maps having both IPv4 and IPv6 prefixes. In a scenario with routes flapping, RIB has deleted the route while EIGRP has not yet finished processing.

Workaround: There is no workaround.

  • CSCue46590

Symptom: HTTP POST messages may not be fixed properly after adding scansafe headers.

Conditions: This symptom was first identified on a Cisco ISR running a Cisco IOS Release 15.2(4)M2 image. A Cisco IOS Release 15.2(4)M1 image does not show the problem.

Workaround: Whitelist the domain from being sent over to the towers.

  • CSCue46685

Symptom: Client MAC/framed IP missing in the coa:session query response from ISG.

Conditions: The symptom is observed when you do a COA account-query for lite-session.

Workaround: There is no workaround.

  • CSCue47586

Symptom: For an MGRE tunnel, internal VLANs are not allocated in the standby supervisor.

Conditions: The symptom is observed when an HA router boots up with MGRE tunnel configurations. Internal VLANs are not allocated in the standby supervisor due to a sync issue during bootup.

Workaround: There is no workaround.

  • CSCue59189

Symptom: Cisco ME-3600X-24FS-M switch drops R-APS PDU packets and the following error messages are seen in the debug:

ERR: Packet with wrong version 0 or opcode 40 Failed to decode packet, Invalid argument

Conditions: The symptom is observed when used with devices that support only G.8032 (2008) for ERPS.

Workaround: There is no workaround.

  • CSCue61691

Symptom: In a dual-homing topology, switching from the backup mode to the nominal mode ends up with the active “source” router sending a data MDT but transmitting on the default MDT.

Conditions: The symptom is observed on a dual-homing topology with CORE GRE tunnel.

Workaround: Use the following command:

clear ip mroute vrf <>
  • CSCue69535

Symptom: The Dynamic Performance Monitor fails to report the metrics.

Conditions: This symptom is observed after recreating the interface.

Workaround: There is no workaround.

  • CSCue73282

Symptom: VRF service applied on the L2 initiated DHCP session over EoGRE tunnel is not working.

Conditions: DHCP offer packets from the VRF pool are getting dropped under the above mentioned case.

Workaround: There is no workaround.

  • CSCue74543

Symptom: Adding an event listener returns an error.

Conditions: The symptom is observed when you do a no service set pathtrace and service set pathtrace.

Workaround: Do no onep and onep again.

  • CSCue76102

Symptom: Redistributed internal IPv6 routes from v6 IGP into BGP are not learned by the BGP neighboring routers.

Conditions: This symptom occurs because of a software issue, due to which the internal IPv6 redistributed routes from IGPs into BGP are not advertised correctly to the neighboring routers, resulting in the neighbors dropping these IPv6 BGP updates in inbound update processing. The result is that the peering routers do not have any such IPv6 routes in BGP tables from their neighbors.

Workaround: There is no workaround.

  • CSCue76251

Symptom: A BFD session is created for tunnel-tp without any BFD configuration underneath it.

Conditions: This symptom occurs only on bootup and when there is no BFD configuration underneath tunnel-tp.

Workaround: There is no workaround.

  • CSCue77265

Symptom: Increment memory leaks are seen at IPSec background proc.

Conditions: This symptom occurs when “clear cry session” is issued multiple times when bringing up the tunnel.

Workaround: There is no workaround.

  • CSCue81327

Symptom: Standby RP crashes during bulk sync with:

Unexpected exception to CPU: vector 1400

Conditions: The crash occurs while syncing a shutdown TE tunnel interface configuration.

Workaround: Delete the shutdown TE tunnel configuration, if not required.

  • CSCue84146

Symptom: A Cisco 10000 series router crashes.

Conditions: Seen while running the below script which churns the mixed sessions (DHCP SIP/PMIP/GTP).

1. Using landslide with performance accelerator enabled to emulate EoGRE client and GGSN:

Single test session with 37 test cases, 1 for GGSN and 36 for EoGRE tunnels
6 EoGRE v4 tunnels for GTP with TAL, each tunnel with 1,500 sessions for a total of 9,000 sessions
6 EoGRE v6 tunnels for GTP with TAL, each tunnel with 1,500 sessions for a total of 9,000 sessions
6 EoGRE v4 tunnels for PMIPv6 with TAL, each tunnel with 1,500 sessions for a total of 9,000 sessions
6 EoGRE v6 tunnels for PMIPv6 with TAL, each tunnel with 1,500 sessions for a total of 9,000 sessions
6 EoGRE v4 tunnels for SIP with TAL, each tunnel with 1,000 sessions for a total of 6,000 sessions
6 EoGRE v6 tunnels for SIP with TAL, each tunnel with 1,000 sessions for a total of 6,000 sessions
Session initiation rate is 1 subscriber per second for each tunnel.
With 36 tunnels, the aggregate initiation rate is 36 subs/sec.
Bring up session via DHCP initiator/TAL.

2. Per tunnel, after all sessions established, bi-directional traffic at 10pps per direction is applied per session.

3. Each session has absolute timeout of 45 minutes.

4. DHCP lease time is 45 minutes.

5. After all 48,000 sessions are established, landslide is stopped.

6. Wait till all sessions go down due to session absolute timeout.

7. Wait till all DHCP bindings are released.

8. Repeat steps 1-7.

Workaround: Without scaling the crash is not seen.

  • CSCue85737

Symptom: ASR with PKI certificate may crash when issuing show crypto pki certificate command.

Conditions: This symptom is observed when the show crypto pki certificate command is issued on ASR with PKI certificate.

Workaround: There is no workaround.

  • CSCue86147

Symptom: E-OAM state is going down when LACP is going down.

Conditions:

7600--------- ALU 72

There are LACP and E-OAM running on both the routers.

The behavior we observe is that the Cisco 7600 puts a member link into OPER DOWN state if LACP is not received on the port (on active mode). This OPER DOWN link state is propagated to all protocols including E-OAM.

This is incorrect as E-OAM runs below LACP and hence E-OAM must be able to receive/transmit and has a protocol state of UP irrespective of LACP indication if its state machine indicates so.

Workaround: There is no workaround.

  • CSCue87607

Symptom: LISP IOS xTR configured with {ip|ipv6} etr map-server server-address key key hash-function sha2 generates a SHA256 authentication incorrectly truncated to 160 bits causing registrations on a non-IOS map-server to fail.

When a registering xTR uses SHA2 authentication, the LISP IOS map-server expects a truncated authentication and will reject a correctly formatted SHA256 authentication.

Conditions: The symptom is observed on a router configured with LISP SHA2 map-server registration authentication.

Workaround: Configure SHA1 authentication instead of SHA2 on the xTR.

  • CSCue93355

Symptom: GM fails to register with keyserver.

Conditions: The symptom is observed when SGT tagging is enabled.

Workaround: There is no workaround.

  • CSCue94610

Symptom: DSP crash with the following console error:

%SPA_DSPRM-3-DSPALARMINFO: Checksum Failure:80000000,0000000e,d0156a80,d0156000 *Mar 14 17:56:05.851: %SPA_DSPRM-3-DSPALARM: Received alarm indication from dsp (1/3/6). %SPA_DSPRM-3-DSPALARMINFO: 0042 0000 0080 0000 0000 0000 4368 6563 6B73 756D 2046 6169 6C75 7265 3A38 3030 3030 3030 302C 3030 3030 3030 3065 2C64 3031 3536 6138 302C 6430 3135 3630 3030 0000 0000 0000 0000 0000

Conditions: Error occurs during an RP switchover process. The standby RP presents DSPs failing to come up.

Workaround: This command may clear up the DSPs:

Router# hw-module subslot x/y reload...
  • CSCue94653

Symptom: When the port-security configured interface goes to blocking state (MST), the VLANs configured on the port go to not-forwarding state temporarily. The secure mac-addresses are not added back resulting in loss of traffic.

Conditions: The symptom is observed when the port-security configured interface goes to blocking state.

Workaround: Shut and no shut the port-security interface to re-add the mac-addresses.

  • CSCue97986

Symptom: Calls hang at SIP, CCAPI and VOIP RTP components (but are cleared in the dataplane of the Cisco ASR 1000 series platform).

Conditions: This symptom occurs when a video call is setup as an audio call. The call then gets transferred with REFER but the caller hangs up the call before the call gets transferred. This is an intermittent problem.

Workaround: If there is an SIP call dangling (sh sip call sum), then use the clear cal voice causecode 16 command to clear the dangling call.

  • CSCuf01088

Symptom: Memory leaks are observed with a Cisco ASR router with CVP call flows.

Conditions: The symptom is observed under load conditions. Memory leaks are seen in Cisco IOS XE 3.8.

Workaround: There is no workaround.

  • CSCuf04674

Symptom: Standby continuously crashes with traceback on pm_vlan_deallocate.

Conditions: The symptom is observed when the router has both active and standby. When the router is coming up, the standby is crashing continuously though the active comes up without any issues. The router has an MDT configuration.

Workaround: There is no workaround.

  • CSCuf09006

Symptom: Upon doing a clear ip bgp * soft out or graceful shutdown on a PE, all VPNv4/v6 routes on an RR from this PE are purged at the expiry of enhanced refresh stale-path timer.

Conditions: The symptom is observed with the following conditions:

1. PE must have BGP peering with at least one CE (VRF neighbor) and at least one RR (VPN neighbor).

2. PE must have a rtfilter unicast BGP peering with the RR.

3. IOS version must have “Enhanced Refresh” feature enabled.

4. A clear ip bgp * soft out or graceful shutdown is executed on the PE.

Workaround: Instead of doing clear ip bgp * soft out, do a route refresh individually towards all neighbors.

  • CSCuf09032

Symptom: DHCP SIP database not cleared completely after session churning. Some sessions would end up in state “Waiting for cleanup” or “Down”.

Conditions: This can happen when there is a IP session and a renew comes to restart the DHCP session. Another case is DHCP renew comes but the LMA/GTP responded with a different IP. In that case, the ISG will NACK the client. If the client does not come back with a new discover the DHCP SIP session can be seen in down state.

Workaround: There is no workaround.

  • CSCuf15260

Symptom: A Cisco ASR router crashes while sending notify with KPML digit.

Conditions: The symptom is observed on a Cisco ASR router. It is seen when the DTMF type is changing to SIP-KPML midcall.

Workaround: Do not change DTMF type mid-call.

  • CSCuf17597

Symptom: No per-session features are applied on session if ISG first-sign-of-life is triggered by accounting-start from AZR.

Conditions: The symptom is observed when an accounting-start from AZR triggers MAC-TAL attempt on an ISG which fails to leave the session in unauthenticated-state. When subscriber logs into their sessions via the webauth-portal the ISG activates the features on the applied ISG-service but those applied to the ISG-session (e.g.: idle-timeout, accounting-method, etc.) are not applied. With no idle timer applied, sessions remain in stale-state indefinitely after subscriber had moved away from WiFi hotspot range without logging out their session.

Workaround: There is no workaround.

  • CSCuf20537

Symptom: The router crashes due to null pointer dereference.

Conditions: This symptom occurs with the C4 VSS system (2 sup vss) with dual- homed fex stack (This has not been seen on other platforms, but the fix is ported as a precautionary measure). During the first SSO, no crash is observed [Active and Standby (Hot-Standby)]. During the second SSO, a is crash observed.

Workaround: There is no workaround.

  • CSCuf21611

Symptom: TDM voice call gets terminated due to voice-port shutdown when T1/E1 module on other NIM slot is reloaded (OIR).

Conditions: The symptom is observed when an OIR of T1/E1 module in any NIM slot shuts down the voice-ports (if any) on all other T1/E1 NIM slots.

Workaround: There is no workaround.

  • CSCuf24592

Symptom:

1. Certain counter values will appear to wrap around for condition 1 under the section “Aggregate traffic distribution statistics”.

2. Certain counter values will appear to decrement instead of incrementing for condition 2 under the section "Aggregate traffic distribution statistics".

The following fields are affected:

Packet and byte counts
----------------------
Redirected Bytes
Redirected Packets
Received Bytes
Received Packets
 
Occurrences
-----------
Initial Redirects
Initial Redirects Accepted
Initial Redirect -> Passthrough
Redirect -> Passthrough

Conditions: The symptom is observed:

1. When counter values exceed 4294967296.

2. One of the following clear commands are run and value exceeds 4294967292:

clear service-insertion statistics

clear service-insertion statistics service-node

clear service-insertion statistics service-node-group

The symptom will occur when viewing the output from either of the two show commands: show service-insertion statistics service-node or show service-insertion statistics service-node-group.

Workaround: Avoid issuing clear service-insertion statistics service-node-group and clear service-insertion statistics service-node. The stats for the counter values can be monitored up to 2^32 and wraparound thereafter. This limits the counter values to 2^32 instead of 2^64.

  • CSCuf28017

Symptom: Sometimes some of the sessions will get stuck in authenticating/attempting state.

Conditions: The symptom is observed when the session is being restarted. At that point of time, the SSS will send a message to the policy to get the authorization details if we get a terminate/release from the DHCP. The session will start the terminate process. Since the session does not have an SSS handle it will not send a disconnect to SSS.

Workaround: Manually clear session using clear subscriber session. If there is an associated binding, then also clear it using clear ip dhcp binding.

  • CSCuf30554

Symptom: Traffic drops with scalable EoMPLS.

Conditions: This symptom occurs when the MPLS label allocates 21 bit for the label with TE tunnel in the core.

Workaround: There is no workaround.

  • CSCuf31322

Symptom: Mobility (PMIPv6/GTP) sessions fail to come up, get stuck at unauthen/service attempting state.

Conditions: The symptom is observed during session churning. Some mobility (PMIPv6/GTP) sessions fail to come up, but get stuck at unauthen/service attempting state.

Workaround: Manually clear the sessions.

  • CSCuf49959

Symptom: Router crashes when you flap the tunnel interface.

Conditions: The symptom is observed when sessions are there, and you do a shut/no shut multiple times.

Workaround: There is no workaround.

  • CSCuf51801

Symptom: CLI command show crypto session xxx results in memory leaks.

Conditions: Execution of show crypto CLI command appears to cause 168-byte memory leak for each of the following commands:

show crypto session brief
show crypto session local <IP> brief
show crypto session local <Mac> brief
show crypto session remote <Mac> brief
show crypto session remote <Mac> brief
show crypto session username <any> brief
show crypto tech-support peer <IP>
show crypto tech-support

Workaround: There is no workaround.

  • CSCuf64313

Symptom: Linecard crash is seen with machine-check exception.

Conditions: There is no trigger. The crash is random.

Workaround: There is no workaround.

  • CSCuf65255

Symptom: A CPU hog is caused by unnecessary requests to calculate the dynamic MPLS label range for each of the service instances configured (especially for L3VPN services).

Conditions: This symptom will occur if there is any MPLS ip-propagate-ttl, label range, or per-interface MPLS MTU configuration on the switch/router. When this configuration is present, and there are a large number of interfaces, any operation that involves generating the configuration will be slow (for example, show run, copy run, write mem, etc).

This can result in the copy operation taking more than 300 seconds (for an average configuration size of 1000kB). Note that it will complete in due course, and the generated configuration will be correct (it takes longer than it should).

Workaround: Reducing the number of BGP routes injected for L3VPN sessions causes the CPU hog to last for a smaller duration as it reduces the number of MPLS labels assigned and thus the amount of unnecessary work being done.

  • CSCuf65371

Symptom: On LAC, with “l2tp hidden” configured under VPDN template, L2TP sessions are failing to establish on existing L2TP tunnels after RP failover.

Conditions: The symptom is observed with “l2tp hidden” configured under VPDN template.

Workaround: Tear down L2TP tunnels after RP failover, or unconfigure “l2tp hidden”. Disabling L2TP redundancy with “no l2tp sso enable” will fix issue as well.

  • CSCuf65404

Symptom: Call is failing if transcoder is needed for DTMF interworking and offer-all is configured.

Conditions: CUBE will reserve transcoder for codec mismatch and release the transcoder since codec are same, but DTMF still requires transcoder for interworking.

Workaround: There is no workaround.

  • CSCuf65724

Symptom: LISP control packets dropped in the network.

Conditions: The symptom is observed when there are more than 32 hops between sender and receiver.

Workaround: There is no workaround.

More Info: LISP control packets are sent with an IP TTL of 32, meaning if there is more than 32 IP hops between the sender and receiver, they will be dropped in the network.

  • CSCuf82550

Symptom: Router displays malloc failure error message.

Conditions: The symptom is observed when the router is running IPsec.

Workaround: There is no workaround.

  • CSCuf93376

Symptom: CUBE reloads while testing SDP passthrough with v6.

Conditions: The symptom is observed while testing SDP passthrough with v6.

Workaround: There is no workaround.

  • CSCug11220

Symptom: GETVPN IPv6 packets get dropped.

Conditions: The symptom is observed whenever an IPv6 GETVPN group is configured.

Workaround: There is no workaround.

  • CSCug18677

Symptom: IPv6 sessions will not come up with this traceback “idle with blocking disabled”.

Conditions: The symptom is observed with IPv6 sessions.

Workaround: There is no workaround.

More Info: No workaround if you are trying IPv6 sessions. For IPv4 sessions tracebacks are seen but there is no effect in functionality.

  • CSCug18797

Symptom: Router crashes when it checks whether the interface is configured as DHCP SIP session initiator.

Conditions: The symptom is observed DHCP and ISG are configured.

Workaround: There is no workaround.

  • CSCug20048

Symptom: MPLS traffic engineering BC MAM model does not take effect when configured.

Conditions: The symptom is observed when you configure the BC MAM model.

Workaround: There is no workaround.

  • CSCug28904

Symptom: Router drops ESP packets with CRYPTO-4-RECVD_PKT_MAC_ERR.

Conditions: The symptom is observed when the peer router sends nonce with length 256 bytes.

Workaround: There is no workaround.

  • CSCug44667

Symptom: SG3 fax call fails in STCAPP set up.

Conditions: The symptom is observed when you disable fax and modem with no fax-relay sg3-to-g3 to use audio pass-through for voice port controlled by STCAPP. The CM tone detection is turn on and affected the fax.

Workaround: There is no workaround.

  • CSCug44944

Symptom: vg350-universalk9-mz.SSA image fails to build.

Conditions: Building image fails.

Workaround: There is no workaround.

  • CSCug76754

Symptom: A Cisco ISR 4451 router crashes under traffic.

Conditions: The symptom is observed with a Cisco ISR 4451, when used as CUBE under extended traffic.

Software Version: Cisco IOS Software, IOS-XE Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Experimental Version 15.3(20130501:122311) [v153_2_s_xe39_throttle-BLD-BLD_V153_2_S_XE39_THROTTLE_LATEST_20130501_111211-ios 170]

CallFlow:

Phone-A----CUCM10.0--------CUSP----(ISR4451-CUBE)----CUSP----ISR-3900-CUBE----CUSM10.0----PhoneB

Type of traffic: SIP-SIP (basic and supplementary services).

Traffic Rate: 200 concurrent calls.

Traceback:

1#1b67e6e760d4ea492a73b51cd18661d7 :400000+74BD589 :400000+78F5760 :400000+790432B :400000+78EBDC9 :400000+78E6B06 :400000+7915DE2

Workaround: There is no workaround.

Open Bugs—Cisco IOS Release 15.3(2)S

This section describes possibly unexpected behavior by Cisco IOS Release 15.3(2)S. All the bugs listed in this section are open in Cisco IOS Release 15.3(2)S. This section describes only severity 1, severity 2, and select severity 3 bugs.

  • CSCub56842

Symptoms: The router stops passing IPsec traffic after some time.

Conditions: This symptom is observed when the show crypto eli command output shows that during every IPsec P2 rekey, the active IPsec-Session count increases, which does not correlate to the max IPsec counters displayed in SW.

Workaround: Reload the router before active sessions reach the max value.

To verify, do as follows:

router#sh cry eli
 
CryptoEngine Onboard VPN details: state = Active
Capability : IPPCP, DES, 3DES, AES, GCM, GMAC, IPv6, GDOI, FAILCLOSE, HA
 
IPSec-Session : 7855 active, 8000 max, 0 failed <<<
  • CSCue74543

Symptoms: Add event listener returns error

Conditions: Do no service set pathtrace and service set pathtrace.

Workaround: Do no onep and onep again.

  • CSCue80245

Symptoms: Router crashes while bootup from sup-bootdisk.

Conditions: Issue seen in two routers and formatting the bootdisk.

Workaround: There is no workaround

  • CSCue93355

Symptoms: GM failed to register with KS.

Conditions: SGT tagging enabled.

Workaround: There is no workaround.

Resolved Bugs—Cisco IOS Release 15.3(2)S

All the bugs listed in this section are resolved in Cisco IOS Release 15.3(2)S. This section describes only severity 1, severity 2, and select severity 3 bugs.

  • CSCej00344

Symptoms: A router may reload unexpectedly when opening a terminal session.

Conditions: This can be seen on any platform. It can be seen when starting any terminal session from the router, including a mistyped command which the router by default will try to resolve as an address to telnet to.

This bugs is not specific to X.25 config and is seen when initiating an outbound telnet/ssh/rlogin session from the device. Occurs when there are multiple outbound sessions from the same terminal (console,vty).

Workaround: There is no workaround.

  • CSCsm40779

Symptoms: A router may go into initial configuration dialog on bootup.

Conditions: This symptom is observed on a router that is running Cisco IOS Release 12.4(11)T2 with the c7200p-adventerprisek9-mz image.

Workaround: There is no workaround.

  • CSCsr06399

Symptoms: A Cisco 5400XM may reload unexpectedly.

Conditions: This symptom is intermittent and is seen only when the DSPs available are insufficient to support the number of calls.

Workaround: Ensure that sufficient DSPs are available for transcoding.

  • CSCsr10335

Symptoms: A router loses its default gateway during autoinstall.

Conditions: This issue was seen on Cisco IOS Release 12.4(15)T5, but should affect every Cisco IOS version.

Workaround:

1. Manually do a shut followed by a no shut on the interface.

2. Create an EEM script, for example:

event manager applet Check-Default-Route event syslog pattern
"CNS-3-TRANSPORT: CNS_HTTP_CONNECTION_FAILED"
action 1.0 cli command <CmdBold>enable<noCmdBold>
action 1.1 cli command <CmdBold>config term<noCmdBold>
action 1.2 cli command <CmdBold>interface GigabitEthernet0/0<noCmdBold>
action 1.3 cli command <CmdBold>shut<noCmdBold>
action 1.4 cli command <CmdBold>no shut<noCmdBold>
action 1.5 cli command <CmdBold>end<noCmdBold>
action 1.6 cli command <CmdBold>write<noCmdBold>
!
end

3. In network-config, configure “ip address dhcp” for the interface which is supposed to get the default gateway from DHCP.

interface interface_name
ip address dhcp end
  • CSCsx57360

Symptoms: A Cisco 870 router may fail to write a crashinfo file and will display the following error on the console:

File flash:crashinfo_XXXXXXXX-XXXXXX open failed (-1): Not enough space

Conditions: The symptom is observed with certain types of memory corruption.

Workaround: There is no workaround.

  • CSCtc42734

Symptoms: A communication failure may occur due to a stale next-hop.

Conditions: This symptom is observed when the static route for an IPv6 prefix assigned by DHCP has a stale next-hop for terminated users.

Workaround: Reload the router.

  • CSCtg39957

The Resource Reservation Protocol (RSVP) feature in Cisco IOS Software and Cisco IOS XE Software contains a DoS vulnerability.

Cisco has released free software updates that address this vulnerability. There are no workarounds available to mitigate this vulnerability.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-rsvp

Note: The March 27, 2013, Cisco IOS Software Security Advisory bundled publication includes seven Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the March 2013 bundled publication.

Individual publication links are in “Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication” at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html

  • CSCtg82170

Symptoms: The IP SLA destination IP/port configuration changes over a random period of time. This issue is hard to reproduce but has been reported after upgrading to Cisco IOS Release 15.1(1).

So far, it only seems to have affected the destination IP and port. The destination IP may be changed to an existing destination IP that has already been used by another probe. The destination port is sometimes changed to 1967 which is reserved for IP SLA control packets. Other random destination ports have also been observed to replace the configured port for some of the IP SLA probes.Each time when the change happens, many of the IP SLA probes will stop running.

Conditions: This symptom is observed in Cisco IOS Release 15.1(1)XB and Cisco IOS Release 15.1(1)T. Other Cisco IOS versions may also be affected.

Workaround: A possible workaround is to downgrade to any Cisco IOS versions older than Cisco IOS Release 15.1.x.

  • CSCth03648

Symptoms: Cisco 2960 and 3750 series switches running Cisco IOS Release 12.2 (53)SE1 may crash.

Conditions: This symptom is observed if two traps are generated by two separate processes, and if one process suspends and the other process updates some variables used by the first process.

Workaround: Disable all snmp traps.

  • CSCth71093

Symptoms: Routers configured to dump core to flash: or flash0: fail to dump correctly to 4GB CompactFlash card.

Conditions: The symptom is observed with the following configuration:

(Cisco 3925) exception flash all flash0:
(Cisco 3825) exception flash all flash:

Then when you issue a wr core, it fails to dump core files.

Workaround: Dump cores to TFTP.

  • CSCti62247

Symptoms: If an IPv4 or IPv6 packet is sent to a null interface, a Cisco ASR 1000 series router will not respond with an ICMP or ICMPv6 packet.

Conditions: This symptom occurs with a prefix routed to Null0 interface.

Workaround: There is no workaround.

  • CSCtj89743

Symptoms: The Cisco Catalyst 4000 series switches running Cisco IOS Release 12.2(54)SG experiences high CPU when issuing an unsupported command, https://ip-address, in which ip-address is accessible from this device.

Conditions: This symptom is observed with the Cisco Catalyst 4000 series switches.

Workaround: There is no workaround.

Further Problem Description: Even if SSL handshake fails, the HTTP CORE process is looping and is scheduled repeatedly.

  • CSCtk00181

Symptoms: Password aging with crypto configuration fails.

Conditions: The symptom is observed when Windows AD is set with “Password expires on next log on” and the VPN client is initiating a call to NAS. NAS does not prompt for a new password and instead gives an Auth failure.

Workaround: There is no workaround.

  • CSCtk15666

Symptoms: IOS password length is limited to 25 characters.

Conditions: IOS password length is limited to 25 characters on NG3K products.

Workaround: There is no workaround.

  • CSCtq41512

Symptoms: After reload, ISDN layer 1 shows as deactivated. Shut/no shut brings the PRI layer 1 to Active and layer 2 to Multi-frame established.

Conditions: This symptom occurs when “voice-class busyout” is configured and the controller TEI comes up before the monitored interface.

Workaround: Remove the “voice-class busyout” configuration from the voice-port.

  • CSCtq91063

Symptoms: A Cisco router may unexpectedly reload due to bus error or generate a spurious access.

Conditions: The issue occurs when fragmentation of a tunneled packet fails due to the F/S particle pool running out of free particles. The F/S pool is used for fragmentation, so this exhaustion of this pool will occur when there is a large amount of traffic flowing for which fragmentation is required. By default, path MTU discovery is enabled for tunnels which means that fragmentation is done at the tunnel interface, rather than the underlying interface and this issue is not hit. If the MTU is overridden then it may become exposed to this issue. Assuming the tunnel is over an ethernet interface with MTU of 1500, then this will happen by setting the tunnel MTU to greater than 1476 bytes.

Workarounds:

1. Remove MTU override from the tunnel interface; or

2. Configure “service disable-ip-fast-frag”; or

3. Reduce hold queue sizes such that the total size of the queues for all active interfaces in the system does not exceed 512.

  • CSCts01653

Symptoms: Spurious memory access seen on video monitoring router.

Conditions: The issue is seen after recreating the interface.

Workaround: There is no workaround.

  • CSCts08224

Symptoms: Expected ACL/sessions not found for most of the protocols.

Conditions: The symptom is observed with expected ACL/sessions.

Workaround: There is no workaround.

  • CSCts47776

Symptoms: Router crashes due to Mediatrace performance monitor debug.

Conditions: The issue is seen with debug performance monitor database.

Workaround: There is no workaround.

  • CSCts52120

Symptoms: Tracebacks are seen for PLATFORM_INFRA-5-IOS_INTR_OVER_LIMIT.

Conditions: This symptom is observed with RPSO.

Workaround: There is no workaround.

  • CSCts60458

Symptoms: There is a memory leak in PfR MIB.

Conditions: This symptom occurs when PfR is configured.

Workaround: There is no workaround.

  • CSCts75737

Symptoms: Tracebacks are seen at swidb_if_index_link_identity on the standby RP.

Conditions: This symptom is observed when unconfiguring and reconfiguring “ipv4 proxy-etr” under the router LISP.

Workaround: There is no workaround.

  • CSCts89761

Symptoms:

1. Inline service policy Configuration: Unable to configure monitor parameters once the flow monitor is specified. See the following example:

Router(config)#interface GigabitEthernet0/2/1
Router(config-if)#service-policy type performance-monitor inline input
Router(config-if-spolicy-inline)#match access-group 110
Router(config-if-spolicy-inline)#flow monitor FM_DEF_TCP <--- After this point, all configs will print out an error message
Router(config-if-spolicy-inline)#monitor parameters <----- Not accepted
Router(config-spolicy-inline-mparam)#interval duration 10 <-------- Not accepted
Router(config-spolicy-inline-mparam)#history 5 <------------ Not accepted

2. Non-inline service policy: Unable to change monitor parameters once the flow monitor is bound to a policy-map and attached to an interface. See the following example:

If an attempt is made to change monitor parameters of an already attached policy as below, it will be rejected.

UUT_451(config)#policy-map type performance-monitor VM_POLICY
UUT_451(config-pmap)#class VM_CLASS
UUT_451(config-pmap-c)#flow monitor VM_MONITOR
UUT_451(config-pmap-c)#monitor parameters
UUT_451(config-pmap-c-mparam)#history 6 <----------- Error message will showup if previous history value is different
UUT_451(config-pmap-c-mparam)#interval duration 7 <----- Error message will show up if previous interval duration is different
UUT_451(config-pmap-c-mparam)#react 102 mrv <-------- Error message will show up if this react was not configured before or if the subsequent command changes the threshold value of the already-configured react.

Conditions:

1. This symptom is seen when configuring an inline service policy for performance monitor on ASR platform.

2. This symptom is seen when modifying monitor parameters of a non-inline service policy for performance monitor on a Cisco ASR platform.

Workaround:

1. To configure inline service policy, always specify all monitor parameters first and put the flow monitor monitor name command as the last command in the configuration.

2. To change monitor parameters, remove the service-policy by using the no service-policy command, make your changes, and then reattach the service-policy.

The above configuration restrictions do not apply if the enclosing policy-map is not attached to any interface. Also the changes do not apply if you specify an “empty” flow monitor, for example a flow monitor without an enclosing valid flow record.

  • CSCtt15963

Symptoms:

1. Inline service policy Configuration: Unable to configure monitor parameters once the flow monitor is specified. See the following example:

Router(config)#interface GigabitEthernet0/2/1
Router(config-if)#service-policy type performance-monitor inline input
Router(config-if-spolicy-inline)#match access-group 110
Router(config-if-spolicy-inline)#flow monitor FM_DEF_TCP <--- After this point, all configs will print out an error message
Router(config-if-spolicy-inline)#monitor parameters <----- Not accepted
Router(config-spolicy-inline-mparam)#interval duration 10 <-------- Not accepted
Router(config-spolicy-inline-mparam)#history 5 <------------ Not accepted

2. Non-inline service policy: Unable to change monitor parameters once the flow monitor is bound to a policy-map and attached to an interface. See the following example:

If an attempt is made to change monitor parameters of an already attached policy as below, it will be rejected.

UUT_451(config)#policy-map type performance-monitor VM_POLICY
UUT_451(config-pmap)#class VM_CLASS
UUT_451(config-pmap-c)#flow monitor VM_MONITOR
UUT_451(config-pmap-c)#monitor parameters
UUT_451(config-pmap-c-mparam)#history 6 <----------- Error message will show up if previous history value is different
UUT_451(config-pmap-c-mparam)#interval duration 7 <----- Error message will show up if previous interval duration is different
UUT_451(config-pmap-c-mparam)#react 102 mrv <-------- Error message will show up if this react was not configured before or if the subsequent command changes the threshold value of the already-configured react.

Conditions:

1. This symptom is seen when configuring an inline service policy for performance monitor on ASR platform.

2. This symptom is seen when modifying monitor parameters of a non-inline service policy for performance monitor on a Cisco ASR platform.

Workaround:

1. To configure inline service policy, always specify all monitor parameters first and put the flow monitor monitor name command as the last command in the configuration.

2. To change monitor parameters, remove the service-policy by using the no service-policy command, make your changes, and then reattach the service-policy.

The above configuration restrictions do not apply if the enclosing policy-map is not attached to any interface. Also the changes do not apply if you specify an “empty” flow monitor, for example a flow monitor without an enclosing valid flow record.

  • CSCtu02543

Symptoms: Sometimes, users may face a “peer leak” situation with EzVPN.

Conditions: This symptom may occur when an NAT box gets reloaded/rebooted with live translations.

Workaround: Reload the router to clear the leaked peers.

  • CSCtu28696

Symptoms: A Cisco ASR 1000 crashes with clear ip route *.

Conditions: The symptom is observed when you configure 500 6RD tunnels and RIP, start traffic and then stop, then clear the configuration.

Workaround: There is no workaround.

  • CSCtu54300

Symptoms: Tracebacks are seen when configuring the key server.

Conditions: This symptom occurs when configuring the key server.

Workaround: There is no workaround.

  • CSCtw65575

Symptoms: The router may unexpectedly reload when OSPFv3 MIB is polled via SNMP.

Conditions: This symptom occurs when OSPFv3 is configured with area ranges whose prefix length is /128. A router with no area ranges is not vulnerable.

Workaround: Configure area ranges to have a smaller prefix length (that is, in the range of /0 to /127).

  • CSCtw76527

Symptoms: The crypto session stays in UP-NO-IKE state.

Conditions: This symptom occurs when using EzVPN.

Workaround: There is no workaround.

  • CSCtw88689

Symptoms: A crash is seen while applying the policy map with more than 16 classes with the Cisco 3900e platform.

Conditions: This symptom occurs when applying the policy map with more than 16 classes.

Workaround: There is no workaround.

  • CSCtx15799

Symptoms: An MTP on a Cisco ASR router sends an “ORC ACK” message through CRC for the channel ID that is just received but does not reply to the ORC for the next channel.

Conditions: The symptom is observed when there is a very short time lapse between the ORC and CRC, say 1 msec.

Workaround: There is no workaround.

  • CSCtx31177

Symptoms: RP crash is observed on avl_search in a high scaled scenario.

Conditions: This symptom is observed in a high scaled scenario with continuous traffic flow.

Workaround: There is no workaround.

  • CSCtx36095

Symptoms: A traceback is seen after applying DMLP configurations while doing a line card reload.

Conditions: This symptom occurs during a line card reload.

Workaround: There is no workaround.

  • CSCtx75190

Symptoms: In a multihomed setup, set up the traffic as explained in the DDTS. Once end-to-end traffic flows fine, do a RP switchover on ED1. Traffic from Ixia 3 to Ixia 1 and Ixia 3 to Ixia 2 on odd VLANs (ED1 is the AED for odd VLANs) is dropped with UnconfiguredMplsFia counters incrementing.

Conditions: This symptom is observed when you do an RP switchover with a scaled OTV configuration in a multihomed setup.

Workaround: There is no workaround.

  • CSCtx92716

Symptoms: Cisco IOSd crashes.

Conditions: This symptom occurs when you remove and add service policies on unsupported interfaces.

Workaround: There is no workaround.

  • CSCty17288

Symptoms: MIB walk returns looping OID.

Conditions: The symptom is observed when a media mon policy is configured.

Workaround: Walk around CiscoMgmt.9999.

  • CSCty35726

Symptoms: The following is displayed on the logs:

InterOp:Cube-NavTel : LTI: Video Xcode Call with plain Audio FAILS

Conditions: This symptom is seen when video Xcode call with plain audio fails.

Workaround: There is no workaround.

  • CSCty37233

Symptoms: A layer-3 (routed) interface can be converted to layer-2 (switched) interface by applying the switchport configuration command. If the interface was configured as a vnet trunk the vnet subinterfaces are deleted. Subsequently, if the switchport command is removed the “vnet trunk” configuration will reappear but the vnet trunk will no longer be functional. When a switchover is performed following the sequence above the new active takes over as expected, but when the old active reboots as standby, configuration sync fails because the standby attempts to create the vnet subinterfaces which no longer exist on the active. This results in a ifindex-sync failure and a PRC error that causes the RP to go into a continuous reboot loop.

Conditions: The symptom only occurs on switch platforms with a redundant RP.

Workaround: Remove the “vnet trunk” configuration from an interface before converting it from layer-3 to layer-2.

  • CSCty44654

Symptoms: The router crashes when trying to test the MVPN6 functionality.

Conditions: This symptom is observed with the following conditions:

Configure the router to test the MVPN6 functionality.

Delete the VRF associated with the interface in the MVPN6 test configuration.

Workaround: There is no workaround.

  • CSCty51088

Symptoms: On a Cisco ME 3600X or Cisco ME 3800X, when traffic for a group (S2,G) is sent to an interface that is already acting as the source for another group (S1,G), it does not receive any traffic since no (S2,G) entry is formed.

Conditions: This symptom is observed when the receiver interface is already a source interface for another multicast stream.

Workaround: There is no workaround.

  • CSCty57476

Symptoms: The BGP GSHUT feature needs to add support for the AA:NN format for community.

Conditions: This symptom is observed when support is added for the AA:NN format for community when using the BGP GSHUT feature.

Workaround: The <1-4294967295> community number can be used instead of the AA:NN format.

  • CSCty57856

Symptoms: The Standby router crashes for an SRTP call on Active.

Conditions: This symptom occurs intermittently. This issue is seen due to a transient scenario, where unstable data from Active is checkpointed on Standby.

Workaround: There is no workaround.

  • CSCty71061

Symptoms: The Cisco ASR 901 router may lose rmon configuration post reload.

Conditions: This symptom occurs when you reload the Cisco ASR 901 router.

Workaround: Reconfigure rmon after bootup.

  • CSCty73682

Symptoms: A small percentage of IPv6 packets that should be blocked by an interface ACL is instead pass through.

Conditions: In certain conditions, when an IPv6 ACL is applied to an interface, a small percentage of IPv6 packets that would otherwise be dropped, will instead bypass an ACL and get through.

Workaround: There is no workaround.

PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 5/4.8:

https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N/E:F/RL:U/RC:C CVE ID CVE-2012-3946 has been assigned to document this issue. Additional information on Cisco’s security vulnerability policy can be found at the following URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

  • CSCty74859

Symptoms: Memory leaks on the active RP and while the standby RP is coming up.

Conditions: The symptom is observed when ISG sessions are coming up on an HA setup.

Workaround: There is no workaround.

  • CSCty79284

Symptoms: Source connected to dual home node is not forwarded to receivers in PIM SSM mode. The issue was due to the PIM joins not reaching the source node.

Conditions: This symptom occurs with dual home node with PIM SSM with traffic source.

Workaround: Add static group to forward the traffic to next hop router.

  • CSCty86039

Symptoms: Shut down the physical interface of tunnel source interface. The router crashes with traffic going through some of the tunnels.

Conditions: This symptom is seen with tunnel interface with QoS policy installed.

Workaround: There is no workaround.

  • CSCtz17977

Symptoms: Not able to ping HSRP VIP address over Routed VPLS.

Conditions: Two Cisco ME 3600s (me360x-universalk9-mz.152-2.S.bin) are connected together via VPLS. The Cisco ME 3600X-1 is configured with HSRP under VLAN50, and the R1 is able to ping. The R2 and Cisco ME 3600X-2 are not able to ping the VIP (HSRP) address. The R2 and Cisco ME 3600X-2 are able to ping physically the IP address of R1 and the Cisco ME 3600X-1. We do have ARP entry for the VIP address on all routers.

-----VPLS--------- R1(fa0/1)--------Vlan50 ME3600X-1-0/2--------Ten-------0/2- ME3600X-2-Vlan50-- -----fa0/1-R2

Workaround: There is no workaround.

  • CSCtz20839

Symptoms: IMA functionality does not work properly.

Conditions: Occurs after an RSP switchover when the router is running an IMA configuration.

Workaround: Reload the interface module with the IMA configuration.

  • CSCtz25042

Symptoms: When the system reloads, both active standby route processors (RP) crash.

Conditions: This symptom occurs when the standby RP crashes during RFS ISSU negotiation. This event causes the active RP to crash as well.

Workaround: There is no workaround.

  • CSCtz26682

Symptoms: Switchover/reload fails in the Cisco ASR 903 HA setup due to the “LICENSE-3-ISSU_ERR: ISSU start nego session FAILED, error:-287” error message.

Conditions: This symptom is observed with the Cisco ASR 903 router. This issue is seen only when doing a Route Processor (RP) switchover using the redundancy force-switchover command.

Workaround: There is no workaround.

  • CSCtz28023

Symptoms: Traffic is not forwarded for a few mroutes.

Conditions: This issue is seen when multiple routers in the network are reloaded simultaneously.

Workaround: Using the clear ip mroute vrf vrf name command may resolve the issue.

  • CSCtz55979

Symptoms: The router crashes.

Conditions: Occurs when you configure CFM, SCE over MPLS, VPLS, or G.8032 services while running SNMP polling.

Workaround: There is no workaround.

  • CSCtz58189

Symptoms: The router crashes on using the config replace command with certain QoS configured on the box.

Conditions: This symptom occurs when certain QoS are configured on the box are replaced with the configuration that is removing the configurations.

Workaround: There is no workaround.

  • CSCtz58391

Symptoms: Ingress QoS Tcams are not cleared after certain dynamic changes.

Conditions: This symptom is observed on removing the encapsulation from the service instance and then deleting the service instance. QoS Tcams are not cleared.

Workaround: Instead of deleting the encapsulation first, delete the service instance first.

  • CSCtz60398

Symptoms: Continuous “platform assert failure” tracebacks with CFM over Xconnect on the router.

Conditions: CFMoXconnect with mpls TE in core. Flap the core facing link.

Workaround: There is no workaround.

  • CSCtz69969

Symptoms: Changing the speed of one of the member interfaces of a port-channel causes a traceback on the Cisco ASR 901 and the node reloads.

Conditions: This symptom occurs when you execute the “speed” CLI to change the speed of one of the member interfaces belonging to a port-channel.

Workaround: In order to change the speed of one of the port-channel members, remove that member interface from the port-channel, change the speed, and add it back to the port-channel.

  • CSCtz74540

Symptoms: In a VSS system, the old Active Supervisor hangs after a mistral error interrupt occurs on the SP.

Conditions: This symptom occurs on a VSS system, after a mistral hardware error (such as a parity error) occurs on the SP of the router. There is no issue if the error occurs on the RP.

Workaround: There is no workaround. The switch with the old Active Supervisor must be power cycled.

  • CSCtz74604

Symptoms: With a scaled 6PE and 6VPE configuration, a crash is observed.

Conditions: This symptom is observed on flapping the interfaces, and defaulting the configurations with a scaled 6PE and 6VPE configuration.

Workaround: There is no workaround.

  • CSCtz87622

Symptoms: MLDP traffic is dropped for a few minutes a couple of times after SSO.

Conditions: This issue is seen soon after performing SSO.

Workaround: There is no workaround.

  • CSCtz88116

Symptoms: The MPLS-TP link number configured for the SVI interface is not cleared after deleting the SVI.

Conditions: This symptom is observed when the TP link number configured on the SVI is not allowed to be configured for any other interface.

Workaround: There is no workaround.

  • CSCtz88879

Symptoms: When testing for DMVPN in a HUB-SPOKE topology, where there are 170 tunnels protected with IPsec on Spoke and one mGRE tunnel on hub. B2B redundancy is configured. No QoS is applied on the scaled IPSec tunnels. Upon doing SSO with this configuration, the a “%VPNSMIOS-3-MACEDONTUNNELVLANERR: Tunnelx: allocated idb has invalid vlan id” error message is seen repeatedly on the new active and the router becomes almost inaccessible. As can be seen from show vlan int usage command output, there are more than 3K free VLANs on both the Hub and Spoke.

*May 14 12:31:10.315: %VPNSMIOS-3-MACEDONTUNNELVLANERR: Tunnel87: allocated idb
has invalid vlan id
*May 14 12:31:10.511: %VPNSMIOS-3-MACEDONTUNNELVLANERR: Tunnel26: allocated idb
has invalid vlan id
*May 14 12:31:10.543: %VPNSMIOS-3-MACEDONTUNNELVLANERR: Tunnel28: allocated idb
has invalid vlan id
*May 14 12:31:10.575: %VPNSMIOS-3-MACEDONTUNNELVLANERR: Tunnel90: allocated idb
has invalid vlan id

After a continuous flood of error messages, a Granikos crash is seen, and the show cry eli command shows only one SPA and this SPA is stuck in INIT state.

Conditions: This symptom occurs when doing a shut/no shut using the interface range command, and once all tunnels are up, doing an SSO.

Workaround: There is no workaround.

  • CSCtz92606

Symptoms: MFR memberlinks-T1 serial interfaces created under a CHOC12 controller, do not get decoupled from MFR even after the MFR bundle interface is deleted. Once the MFR bundle interface is reconfigured, the memberlinks do not appear under it.

Conditions: This symptom is seen with MFR with memberlinks as T1 serials from CHOC12 sonet controller.

Workaround: Unconfigure and reconfigure the “encap frame-relay MFRx” under each memberlink after reconfiguring the MFR bundle interface.

  • CSCua01641

Symptoms: The router’s NAS-IP address contained in the RADIUS accounting-on packet is 0.0.0.0:

RADIUS: Acct-Session-Id [44] 10 "00000001"
RADIUS: Acct-Status-Type [40] 6 Accounting-On
[7]
RADIUS: NAS-IP-Address [4] 6 0.0.0.0
 
RADIUS: Acct-Delay-Time [41] 6 0

Conditions: Occurs when you restart the router.

Workaround: There is no workaround.

  • CSCua12396

Symptoms: IPv6 multicast routing is broken when we have master switchover scenarios with a large number of members in stack. Issue is seen on platforms like Cisco 3750E and Cisco 3750X where IPV6 multicast routing is supported.

Conditions: This symptom is observed when IPV6 multicast routing is configured, mcast routes are populated and traffic is being forwarded. Now, in case of master switchover, synchronization between master and members is disrupted. This is seen only for IPv6 multicast routing. Observed the issue with 9-member stack and either during first or second master switchover. No issues are seen for IPv4 multicast routing.

Workaround: Tested with 5-member stack, and no issues are seen. It is recommended to enable IPv6 multicast routing when there is deployment with low members in stack.

  • CSCua13322

Symptoms: Routes for the converted dedicated P sessions are missing after a RP switchover.

Conditions: This symptom occurs when converted dedicated IP sessions are not HA aware. After a RP switchover, these sessions will be reestablished at the new active RP. Routes are not installed for some of these sessions. As a result, downstream traffic is dropped.

Workaround: There is no workaround.

  • CSCua13551

Symptoms: The Cisco Catalyst 6000 and Cisco ASR 1000 learning candidate default routes from the Cisco Nexus due to which the default route is not being learned properly and causes an outage.

Conditions: This symptom occurs when the Cisco Nexus is running into a bug CSCtz79151 because of which it is advertising the candidate defaults to its downstream neighbors.

Workaround: Configure “default-information in xxxx” on the Cisco Catalyst 6500, where xxx is an ACL denying all default candidates from being learned, except 0.0.0.0/0.

On the Cisco Catalyst 6500:

access-list 30 remark Workaround for Nexus_Bug
access-list 30 remark Deny all default candidates except DR
access-list 30 permit 0.0.0.0
access-list 30 remark Deny all other routes
access-list 30 deny any
 
router eigrp 109
default-information in 30
  • CSCua13561

Symptoms: After upgrading to Cisco IOS Release 15.2(2)S, users cannot get IP address via PPP IPCP from DHCP pool on Cisco ASR router. There is no configuration change.

Conditions: This symptom occurs with an upgrade to Cisco IOS Release 15.2(2)S.

Workaround: Remove the vpdn authen-before-forwardf command.

  • CSCua16492

Symptoms: IPv6 BFD sessions flap.

Conditions: This symptom occurs after SSO.

Workaround: There is no workaround.

  • CSCua18542

Symptoms: When service change occurs at the Cisco ISG, in some particular conditions, the SCE is not ready to accept the CoA. In such a case, the Cisco ISG resends an Update Session on the ISG-SCE Bus. The Update Session is sent but it is not populated with the required attribute for SCE (policy, service-monitor)

debug showing the issue:

-------------------------
SM: Sent EPD message attr list:
PM EPD SM: session-handle 0 2xxxxxxxxxx (0x9D1604BE)
PM EPD SM: session-guid 0 "4xxxxxxxxxxxxxxxx"
PM EPD SM: aaa-unique-id 0 xxxx (0x76EE2)
PM EPD SM: domainip-vrf 0 xxxxxxxxx
PM EPD SM: interface 0 "nas-port:xxxxxxxx:0/1/0/6"
PM EPD SM: authen-status 0 1 [authen]
PM EPD SM: command 0 "updateSess"
PM EPD SM: username 0 "xxxxxxxx"
PM EPD SM: addr 0 xxxxxx
==>
Missing
policy-name

Conditions: This symptom is observed with the Cisco ISG.

Workaround: There is no workaround.

  • CSCua20373

Symptoms: After SSO, all the GRE tunnels get admin down and stay down until the security module SSC-600/WS-IPSEC-3 comes up. Complete traffic loss is seen during this time.

Conditions: This symptom is observed when Vanilla GRE tunnels are configured in the system where HA and the IPsec Module SSC-600/WS-IPSEC-3 card is present, “crypto engine mode vrf” is configured and SSO is issued.

Workaround: Remove the “crypto engine mode vrf” configuration if IPsec is not enabled on the router.

  • CSCua21049

Symptoms: The recursive IPv6 route is not installed in the multicast RPF table.

Conditions: This symptom occurs in the multicast RPF table.

Workaround: There is no workaround.

  • CSCua21238

Symptoms: Cisco IOSd crashes at ipv6_address_set_tentative.

Conditions: This symptom occurs while unconfiguring IPv6 subinterfaces during the loading phase of a box with Netflow configuration.

Workaround: There is no workaround.

  • CSCua23826

Symptoms: The SIP-400 line card crashes with the below error message:

SLOT 1: *Jun 1 06:41:29.267: %SYS-2-CHUNKBADMAGIC: Bad magic number in chunk header, chunk 4D5E2FAC data 4D5EFD60 chunkmagic 25 chunk_freemagic 0 -Process= "Check heaps", ipl= 0, pid= 7 -Traceback= 4034038Cz 40341248z 40364C88z

Conditions: This symptom occurs when you reload the router running the Cisco IOS XE Release 3.8S mcp_dev supervisor image without any configurations. This issue is not reproducible every time.

Workaround: Reboot the line card.

  • CSCua24676

Symptoms: The VRF to the global packet’s length is corrupted by -1.

Conditions: This symptom occurs when the next-hop in the VRF is global and recursive going out labeled. This issue is seen from Cisco IOS Release 15.0(1)S3a onwards, but is not seen in Cisco IOS Release 15.0(1)S2.

Workaround: Use the next-hop interface IP instead of the recursive next-hop.

  • CSCua26981

Symptoms: A Cisco ASR router may crash due to a CPU Watchdog upon invocation of “show ip eigrp neighbor detail”.

sh ip eigrp nei detail
<snip>
ASR1000-WATCHDOG: Process = Exec
%SCHED-0-WATCHDOG: Scheduler running for a long time, more than the maximum
configured (120) secs.
-Traceback= ...
========= Start of Crashinfo Collection (09:21:44 EST Wed May 9 2012) ========== =

Conditions: This symptom occurs when the Cisco ASR router is experiencing rapid changes in EIGRP neighborship, such as during a flap. One way to artificially create this scenario is to mismatch the interface MTU.

Workaround: There is no workaround.

  • CSCua33788

Symptoms: The router does not pass multicast traffic consistently; only some traffic passes.

Conditions: Occurs when you configure 255 EVCs spanning across different slots on the router.

Workaround: There is no workaround.

  • CSCua42104

Symptoms: Malformed RTCP packets are observed.

Conditions: This symptom occurs when DTMF interworking is enabled or SRTP/SRTCP is in use.

Workaround: Disable DTMF interworking if not required for the call.

  • CSCua43111

Symptoms: DFC cards in a Cisco Catalyst 6500 with a single Sup720 may remain up, continue forwarding traffic, and create L2 loops when the “test crash” command is used.

Conditions: The symptom is observed on a Catalyst 6500 with a single Sup720 and DFC cards when the “test crash” command introducing a parity error in the ARP process is executed.

Workaround: Do not use the “test crash” command.

  • CSCua47056

Symptoms: The Cisco Catalyst 6000 crashes after the removal of the supervisor module from active VSS with the following traceback:

0x41048F64 ---> ospf_rcv_dbd+F48
0x41041FE8 ---> ospf_router+548
0x4166C0B0 ---> r4k_process_dispatch+14
0x4166C09C ---> r4k_process_dispatch

Conditions: This symptom occurs when the following reproduction procedure is performed: NSF is disabled including helper using the below given commands:

router ospf <AS>
no nsf
nsf cisco helper disable

Adjacency flapped. NSF enabled again. Performed switchover.

Workaround: Avoid the reproduction procedure in the production. Neighbors should see the router configured for “nsf cisco” as OOB resync capable:

Router#sh ip ospf nei <interface> detail
...
LLS Options is 0x1 (LR) <-- LR bit means OOB resync capability
...

If the router is configured for the “nsf cisco”, but the neighbor does not see LR bit set for router with “nsf cisco”, flap the adjacency, and OOB resync capability will be renegotiated.

  • CSCua47495

Symptoms: The nine-member stack of the Cisco Catalyst 3750 gets into a low memory condition.

Conditions: This symptom occurs with a default configuration on bootup.

Workaround: There is no workaround.

  • CSCua49803

Symptoms: The ingress PE in an MVPNv6 setup crashes.

Conditions: This symptom is observed on performing SSO with MVPNv6 SM and SSM traffic for 50 VRFs.

Workaround: There is no known workaround.

  • CSCua56209

Symptoms: PWs do not come up after SSO.

Conditions: This symptom is only a specific case, where the primary pseudowire path is DN when the active RP coming up, so the backup PW comes to UP state. Later, when the primary path is available, pseudowire redundancy switchover occurs and the primary PW becomes UP. At this stage, if the Software Switchover occurs, the PWs on the newly active RP is DN. This is a corner case and the chances of this issue occurring in the real deployment scenarios is very low.

Workaround: Issue the clear xconnect all command to bring the PWs UP.

  • CSCua56802

Symptoms: QoS will not work on one of the subinterfaces/EVC.

Conditions: This symptom occurs when HQoS policy is configured on more than one subinterface/EVC on ES+ and then add flat SG on them.

Workaround: Remove and reapply SG.

  • CSCua56999

Symptoms: Abnormal line card reload occurs.

Conditions: This symptom occurs when an MVPNv6 scaled router acts as PE on which source traffic is ingressing and the line card is connected on the access side.

Workaround: There is no workaround.

  • CSCua58100

Symptoms: The syslog is flooded with the following traceback message:

Jun 20 10:05:23.961 edt: %SYS-2-NOTQ: unqueue didn't find 7F3D26BDCCD8 in queue
7F3CA5E4A240 -Process= "RADIUS Proxy", ipl= 0, pid= 223
-Traceback= 1#e0ee0ce60492fdd11f0b03e0f09dc812 :400000+873623 :400000+2547652
:400000+20F9217 :400000+6C70C9C :400000+6C69C71 :400000+6C682BC :400000+6C68183

Conditions: Occurs under the following conditions:

You establish 36k EAPSIM sessions using a RADIUS client on server A.

You establish 36k roaming sessions using a RADIUS client on server B.

The roaming sessions have the same caller-station-id but use a different IP address than the EAPSIM sessions.

Workaround: There is no workaround.

  • CSCua61330

Symptoms: Traffic loss is observed during switchover if,

1. BGP graceful restart is enabled.

2. The next-hop is learned by BGP.

Conditions: This symptom occurs on a Cisco router running Cisco IOS XE Release 3.5S.

Workaround: There is no workaround.

  • CSCua63182

Symptoms: Incorrect minimum bandwidth is displayed when 0k bandwidth is received from a peer of a different version.

Conditions: This symptom occurs under the following conditions:

Different behavior in Cisco ASR code when the bandwidth for a route is very high, that is, more than 10G.

Cisco IOS XE Release 2.6.2 and earlier releases send 0K when the bandwidth for a route is more than 10G.

Cisco IOS XE Release 2.6.2 and earlier releases use incoming interface bandwidth, when BW = 0 is received.

Cisco IOS XE Release 3.4.3S and later releases send the real bandwidth, even if it is more than 10G.

Cisco IOS XE Release 3.4.3S and later releases use the lesser value between “received bandwidth” and “incoming interface bandwidth”.

Cisco IOS XE Release 3.4.3S and later releases convert incoming bandwidth to 1K in case BW = 0 received.

When the peers are of the same or compatible version, that is, both peers are Cisco IOS XE Release 2.6.2 and earlier releases or both peers are Cisco IOS XE Release 3.4.3S and later releases, there is no issue. However, when the peers are of different or incompatible version, that is, one peer is Cisco IOS XE Release 2.6.2 or an earlier release and the other peer is Cisco IOS XE Release 3.4.3S or a later release, then this issue is seen.

Workaround: There is no workaround.

  • CSCua65155

Symptoms: Label replication VLANs are leaked even after deleting VRFs.

Conditions: This symptom is observed with a plain MLDP feature configuration.

Workaround: There is no workaround.

  • CSCua67998

Symptoms: System crashes.

Conditions: This symptom occurs after adding or removing a policy-map to a scaled GRE tunnel configuration.

Workaround: There is no workaround.

  • CSCua68243

Symptoms: IGMP and PIM control packets are not reaching RP. As a result, the mac-address table for IGMP snooping entries is not populated.

Conditions: This can be seen on a Cisco 7600 series router that is running IOS where IGMP and PIM control packets come in on an SVI only after the condition where the SVI link state goes down and comes up again. This does not affect routed ports.

Workaround: In the SVI configuration mode:

1. Unconfigure PIM by using no ip pim.

2. Unconfigure IGMP snooping by using no ip igmp snooping.

3. Re-enable both PIM and IGMP snooping.

  • CSCua70065

Symptoms: CUBE reloads on testing DO-EO secure video call over CUBE when SDP passthru is enabled.

Conditions: The symptom is observed when running Cisco IOS interim Release 15.3(0.4)T.

Workaround: There is no workaround.

  • CSCua75069

Symptoms: BGP sometimes fails to send an update or a withdraw to an iBGP peer (missing update)

Conditions: This symptom is observed only when all of the following conditions are met:

1. BGP advertise-best-external is configured, or diverse-path is configured for at least one neighbor.

2. The router has one more BGP peers.

3. The router receives an update from a peer, which changes an attribute on the backup path/repair path in a way which does not cause that path to become the best path.

4. The best path for the net in step #3 does not get updated.

5. At least one of the following occurs:

A subsequent configuration change would cause the net to be advertised or withdrawn.

Dampening would cause the net to be withdrawn.

SOO policy would cause the net to be withdrawn.

Split Horizon or Loop Detection would cause the net to be withdrawn.

IPv4 AF-based filtering would cause the net to be withdrawn.

ORF-based filtering would cause the net to be withdrawn.

The net would be withdrawn because it is no longer in the RIB.

The following Cisco IOS releases are known to be impacted if they do not include this fix:

Cisco IOS Release 15.2T and later releases

Cisco IOS Release 15.1S and later releases

Cisco IOS Release 15.2M and later releases

Cisco IOS Release 15.0EX and later releases

Older releases on these trains are not impacted.

Workaround: If this issue is triggered by a configuration change, you can subsequently issue the clear ip bgp neighbor soft out command.

  • CSCua75566

Symptoms: Scalable EoMPLS traffic drop is observed at the disposition side after performing provision/unprovision of xconnect VCs.

Conditions: This symptom occurs when scalable EoMPLS is configured between PE routers and AC is the interface of ES+ model 76-ES+T+XC-40G, with ES+ HD as the core-facing interface.

Workaround: There is no workaround.

  • CSCua75781

Symptoms: CME reloads for E911 call ELIN translation for incoming FXS/FXO trunk.

Conditions: The symptom is observed from Cisco IOS interim Release 15.3(0.2)T.

Workaround: There is no workaround.

  • CSCua76157

Symptoms: BGP routes are displayed.

Conditions: This symptom occurs after removing the “send-label” from PE.

Workaround: There is no workaround.

  • CSCua78782

Symptoms: Authentication of EzVPN fails.

Conditions: The symptom is observed with BR-->ISP-->HQ.

Workaround: There is no workaround.

  • CSCua82440

Symptoms: FNF records do not get exported when a user reloads the router.

Conditions: This symptom occurs if a user configures a non-default export-protocol, i.e., anything other than “netflow-v9”. If the user configures a non-default export-protocol such as IPFIX or netflow-v5, after saving the configuration to the start-up configuration and reloading the router, the exporter will not export any records.

Workaround: Either one of the following methods will fix this issue:

1. Remove and reconfigure the exporter configuration after reload.

2. Change the export-protocol to the default value (netflow-v9).

  • CSCua82947

Symptoms: Encapsulation for CFM messages may not be correct after the service instance encapsulation is changed. IOS-FMAN-EAOM-ERR message may be observed.

Conditions: This symptom occurs on an Ethernet CFM configured on a bridge-domain or xconnect service instance.

Workaround: There is no workaround.

  • CSCua84923

Symptoms: Following a misconfiguration on a two-level hierarchical policy with a user-defined queue-limit on a child policy, the UUT fails to attach the QoS policy on the interface even when corrected queuing features are used.

Conditions: This symptom is observed with the following conditions:

1. The issue must have the user-defined queue-limit defined.

2. This error recovery defected is confirmed as a side effect with the c3pl cnh component project due to ppcp/cce infrastructure enhancement.

Workaround: There is no workaround.

  • CSCua85239

Symptoms: Flapping BGP sessions are seen if large BGP update messages are sent out and BGP packets are fragmented because midpoint routers have the smaller “mtu” or “ip mtu” configured.

*Jun 3 18:20:20.792 UTC: %TCP-6-BADAUTH: Invalid MD5 digest from 6.6.6.5(179)
to 2.2.2.5(17744) tableid - 0
*Jun 3 18:20:30.488 UTC: %TCP-6-BADAUTH: Invalid MD5 digest from 6.6.6.5(179)
to 2.2.2.5(17744) tableid - 0
*Jun 3 18:20:36.451 UTC: %BGP-5-ADJCHANGE: neighbor 6.6.6.5 Down BGP
Notification sent
*Jun 3 18:20:36.451 UTC: %BGP-3-NOTIFICATION: sent to neighbor 6.6.6.5 4/0
(hold time expired) 0 bytes
*Jun 3 18:20:36.569 UTC: %BGP_SESSION-5-ADJCHANGE: neighbor 6.6.6.5 VPNv4
Unicast topology base removed from session BGP Notification sent
*Jun 3 18:20:40.184 UTC: %TCP-6-BADAUTH: Invalid MD5 digest from 6.6.6.5(179)
to 2.2.2.5(17744) tableid - 0
*Jun 3 18:20:44.619 UTC: %BGP-5-ADJCHANGE: neighbor 6.6.6.5 Up
*Jun 3 18:20:49.926 UTC: %TCP-6-BADAUTH: Invalid MD5 digest from 6.6.6.5(179)
to 2.2.2.5(17744) tableid - 0
*Jun 3 18:20:59.604 UTC: %TCP-6-BADAUTH: Invalid MD5 digest from 6.6.6.5(179)
to 2.2.2.5(17744) tableid - 0

Conditions: This symptom is observed between two BGP peers with matching MD5 passwords configured and can be triggered by the following conditions:

If the midpoint path has the “mtu” or “ip mtu” setting that is smaller than the outgoing interface on BGP routers, it will be force the BGP router to fragment the BGP packet while sending packets through the outgoing interface.

Peering down and the MD5 error do not always occur. They occur only once or twice within 10 tests.

Workaround: There is no workaround.

  • CSCua85604

Symptoms: Ingress Qos on EVC stops working after reload or after interface flap.

Conditions: This symptom occurs only on EVC QOS.

Workaround: Remove and reconfigure the QOS on EVC.

  • CSCua90061

Symptoms: The WS-IPSEC-3 Module crashes post configuration change.

Conditions: This symptom occurs when you dynamically modify the GRE tunnel protected with IPsec to the sVTI tunnel and vice versa while traffic is traversing across the IPsec tunnel.

Workaround: There is no workaround.

  • CSCua91473

Symptoms: Memory leak occurs during rekey on the IPsec key engine process.

Conditions: This symptom occurs after rekey, when the IPsec key engine does not release KMI memory, causing the IPsec key engine holding memory to keep increasing.

Workaround: Clear crypto session for IPsec key engine to release memory.

  • CSCua93001

Symptoms: Auto-RP group is not automatically joined upon bootup.

Conditions: The symptom is observed when the router reboots and starts from the existing configurations.

Workaround: Manually re-enable “ip pim autorp” after bootup.

  • CSCua94334

Symptoms: Hung calls are seen on CME. Hung calls seen in “show call active voice brief” are as follows:

1502 : 26 36329310ms.1 +-1 pid:1 Answer XXXYYY4835 connected
dur 00:00:00 tx:0/0 rx:0/0
IP 0.0.0.0:0 SRTP: off rtt:0ms pl:0/0ms lost:0/0/0 delay:0/0/0ms g729r8
pre-ietf TextRelay: off
media inactive detected:n media contrl rcvd:n/a timestamp:n/a
long duration call detected:n long duration call duration:n/a timestamp:n/a

Conditions: This symptom is observed when an inbound H225 call setup request to a CME gateway results in a hung call if a release complete is received while still in alerting state. This issue occurs only when the shared line is configured on the phone and the shared line is not registered.

Workaround: Remove the shared line or register the shared line.

  • CSCua96354

Symptoms: Reload may occur when issuing the show oer and show pfr commands.

Conditions: This symptom is observed with the following commands:

show oer master traffic-class performance

show pfr master traffic-class performance

Workaround: There is no workaround.

  • CSCua97282

Symptoms: Router crashes.

Conditions: The no ip routing command is issued when router isis is running and there are thousands of ip routes being processed by isis.

Workaround: Only issue ip routing after deconfiguring isis ip by issuing no ip router isis before issuing no ip routing .

  • CSCua98421

Symptoms: RMEPs from a Cisco ASR 9000 are not learned on a Cisco ME 3800X with CFM running over an xconnect. The Cisco ASR 9000 does learn the RMEPs from the Cisco ME 3800X.

Conditions: This symptom is seen when QoS is enabled on the Cisco ME 3800X prior to enabling CFM.

Workaround: Apply the CFM configuration before QoS or reload the switch with both QoS and CFM enabled in the configuration.

  • CSCua98805

Symptoms: Tracebacks are seen at adjmgr_free_met.

Conditions: This symptom occurs on defaulting an attachment interface having an L2PT configuration and used for VPLS.

Workaround: There is no workaround.

  • CSCua98902

Symptoms: fibidb is not getting intialized.

Conditions: This symptom is observed when LFA FRR is configured in Cisco ME 3800x and ME 3600x switches.

Workaround: There is no workaround.

  • CSCua99969

Symptoms: IPv6 PIM null-register is not sent in the VRF context.

Conditions: This symptom occurs in the VRF context.

Workaround: There is no workaround.

  • CSCub01494

Symptoms: AD in the route installed by client is not updated to the configured value.

Conditions: This symptom is seen when the CLI “ip route 0.0.0.0 0.0.0.0 dhcp 5” is configured. AD is not updated to 5.

Workaround: There is no workaround.

  • CSCub04112

Symptoms: The router may lose OSPF routes pointing to the reconfigured OSPF interface.

Conditions: This symptom occurs after quick removal and adding of the interface IP address by script or copy and paste.

For example, configure the following:

interface Ethernet0/0
ip address 1.1.100.200 255.255.255.0
ip ospf network point-to-point
ip ospf 1 area 0
end

Then, quickly remove/add the IP address:

conf t
interface Ethernet0/0
no ip address 1.1.100.200 255.255.255.0
ip address 1.1.100.200 255.255.255.0
ip ospf network point-to-point
ip ospf 1 area 0
end

Workaround: Insert a short delay in between commands for removing/adding the IP address. The delay should be longer than the wait interval for LSA origination; by default, it is 500 ms. Or, refresh the routing table by “clear ip route *”.

  • CSCub04782

Symptoms: In a 1:1 (one active and one standby) scenario, when the hot standby converges to active, port-channel does not come down, but the REP reconverges. The fast-switchover occurs nearly in 1 second.

Conditions: This symptom occurs in a 1:1 (one active and one-standby) scenario, when the hot standby converges to active, port-channel does not come down, but the REP reconverges.

Workaround: There is no workaround.

  • CSCub04982

Symptoms: In an IPFRR configuration, a traceback is seen about changing the FRR primary OCE where the new OCE has a different interface and next-hop, which blocks such a linkage.

Conditions: This symptom occurs while changing the FRR primary OCE interface to a new OCE with a different interface.

Workaround: There is no workaround.

  • CSCub06131

Symptoms: The IPSLA sender box can reload with the following message:

SYS-6-STACKLOW: Stack for process IP SLAs XOS Event Processor running low, 0/6000

Conditions: This symptom is observed with the IPSLA sender box.

Workaround: There is no workaround.

  • CSCub06859

Symptoms: OSPFv2 NSR on quad-sup VSS does not work. The router stops sending hello packets after switchover.

Conditions: This symptom is observed with quad-sup VSS with OSPFv2 NSR.

Workaround: Clear the IP OSPF process after NSR switchover.

  • CSCub09099

Symptoms: When the BGP MDT address-family is configured with one or more VRFs having “mdt default x.x.x.x” with 4000 VRFs, of which 400 VRFs have “mdt default x.x.x.x” and with 8000 BGP neighbors in VRF (4K IPv4 & 4K IPv6), then the router takes close to 30 minutes to apply the configuration.

Conditions: This symptom occurs if neighbors are configured under BGP VRF address-family with the update-source command, that is, neighbor X.X.X.X update-source <interface>.

Workaround: Do not use neighbor X.X.X.X update-source <interface> under the BGP VRF address-family.

  • CSCub10950

Symptoms: Router crash when MR-APS switch is made. Crash is coming randomly.

Conditions: Configured for MLP with 12 links.

Workaround: There is no workaround.

  • CSCub12911

Symptoms: If we do not define the profile in the AAA and send DHCP discover for MN to MAG/ISG. ASR crashes immediately.

Conditions: This symptom occurs when the profile is not defined.

Workaround: Define the profile in ISG.

  • CSCub14044

Symptoms: A crash with traceback is seen, and all calls are dropped.

Conditions: This symptom is observed under all conditions.

Workaround: There is no known workaround. The gateway crashes, and the soak time appears to be six weeks.

  • CSCub14299

Symptoms: The router reloads when “no mediatrace initiator” is issued.

Conditions: This symptom occurs when traceroute is enabled for a mediatrace session.

Workaround: Disable traceroute under each configured mediatrace session.

  • CSCub15105

Symptoms: Traffic drop of MVPNv6 data MDT packets is seen.

Conditions: This symptom is observed on doing a VRF delete and adding it on the encapsulated PE in a scaled MVPNv6 setup; the L3 DENY RESULT drop counters increment for the encapsulated VLAN v4. From a multicast point of view, the drop is at the point where the packet reaches the encapsulated VLAN v4 to proceed further with backbone forwarding.

Workaround: There is no workaround.

  • CSCub15402

Symptoms: A VRF cannot be deleted. The following error message is displayed:

error message "% Deletion of VRF VPNA in progress; wait for it to complete".

Conditions: This symptom occurs after having previously issued “sh ip cef vrf * sum”.

Workaround: There is no workaround. Reboot is required to remove the VRF.

  • CSCub17584

Symptoms: Cisco IOSD crashes seen with 1K MVPN sessions. (When the sessions are cleared, all the IGMP joins are released, and then the sessions are brought up. When there are about 400 to 500 IGMP joins, the crash is seen.)

Conditions: This symptom occurs while clearing the 1K MVPN sessions on LAC using “clear pppoe all”.

Workaround: There is no workaround.

  • CSCub17770

Symptoms: MPLS TE LM error messages

Conditions: NA.

Workaround: There is no workaround.

  • CSCub17971

Symptoms: There is no re-registration after switching from HW to SW crypto engine.

Conditions: The symptom is observed after switching from HW to SW crypto engine.

Workaround: There is no workaround.

  • CSCub18997

Symptoms: A Cisco ME 3800 running Cisco IOS Release 15.2(2)S1 may crash under certain scenarios due to a stack overflow.

Conditions: This symptom is observed when QoS is configured.

Workaround: There is no workaround.

  • CSCub19185

Symptoms: Path confirmation fails for a SIP-SIP call with IPV6 enabled.

Conditions: This symptom occurs when UUTs are running Cisco IOS Release 15.2(2)T1.5.

Workaround: There is no workaround.

  • CSCub19921

Symptoms: Route flaps could occur after a switchover when a router is configure to use ISIS IETF NSF. The route timestamp is refreshed in the show ip route command output. Packet traffic going through the router could be dropped as a result of the switchover. This issue is seen only with a point-to-point interface or on a LAN configured as point-to-point.

Conditions: This symptom occurs when you configure ISIS NSF IETF and the point-to-point interface.

Workaround: There is no workaround.

  • CSCub22049

Symptoms: Native MCAST traffic is not forwarded over a nile1 after core interface shut/no shut.

Conditions: This symptom is observed after doing shut/no shut or interface flap a couple of times.

Workaround: “clear ip mroute <mcast_group>” or “clear ip route *”.

Further Problem Description: Not all the multicast groups will be affected. The behavior is inconsistent.

  • CSCub23231

Symptoms: Very specific events/packet types cause the ES20 LC to stop passing traffic. Information on these events and packets that lead to the issue are not known currently.

Conditions: This symptom occurs when the ES20 interface has an EVC or MPLS configuration.

Workaround: Reload LC.

  • CSCub23971

Symptoms: An Access-Request sent by a BRAS might miss ANCP-attributes.

Conditions: This symptom is observed if an ANCP-enabled subinterface is set up the first time or it gets removed/readded.

Workaround: Reconfigure the ANCP neighbor name.

  • CSCub28997

Symptom: Overlord crashes with 2000 crypto sessions (4000 IPSec SA’s) upon repeatedly clearing and reestablishing the SA’s.

Condition: The box is configured with 1K VRFs and 1K Virtual templates. And the crypto sessions are repeatedly cleared/reestablished.

Workaround: There is no workaround.

  • CSCub31477

Symptoms: A Cisco ISG router configured for Layer 2 Connected Subscriber Sessions does not respond to ARP replies once a subscriber ARP cache has expired.

Conditions: This symptom occurs when the router is configured as ISG L2-Connect, the router has configured HSRP as the high-availability method, and the subscriber-facing interface is configured with “no ip proxy arp”. This issue is not seen if either HSRP is removed or if “ip proxy arp” is enabled.

Workaround: Clear the subscriber session. After the subscriber is reintroduced, the issue is resolved. You can also configure “ip proxy arp” on the HSRP-configured interface.

  • CSCub32500

Symptoms: The router crashes in EIGRP due to chunk corruption.

Conditions: This symptom is observed on EIGRP flaps.

Workaround: There is no workaround.

  • CSCub33470

Symptoms: Default profiles showing up as custom.

Conditions: The symptom is observed with a Cisco Catalyst 3000/Catalyst 4000 platform which supports the IP SLA video operation. Has no affect on the operation itself.

Workaround: There is no workaround.

  • CSCub34018

Symptoms: The Remote-ID option received on the server does not contain the VLAN ID of the subinterface configured on the relay in Cisco IOS XE Release 3.8S.

Conditions: This symptom occurs when the connection between the client and relay is on a subinterface (VLAN).

Workaround: There is no workaround.

  • CSCub34534

Symptoms: A basic call between 2 SIP phones over SIP trunk (KPML-enabled) fails.

Conditions: This symptom is observed with Cisco ISR G2 platforms.

Workaround: There is no workaround

  • CSCub34595

Symptoms: Enabling Dynamic ARP Resolution (DAI) on a VLAN may cause ARP resolution to fail for hosts in other VLANs.

Conditions: This symptom is seen when enabling DAI on a VLAN.

Workaround: Enable DAI for the failing VLAN with the ip arp inspection vlan x command.

E.g.:

ip arp inspection vlan 30
int gi 0/10
ip arp inspection trust
int gi 0/11
ip arp inspection trust

Workaround: Enable DAI for the failing VLAN with the ip arp inspection vlan x command. Configure an ARP ACL to permit traffic for valid IP source + MAC source pair with the arp access- list acl_name command. Configure DAI filter and associate with the ARP ACL with the ip arp inspection filter acl_name vlan x command. Configure DAI trust on egress port with ip arp inspection trust.

E.g.:

ip arp inspection vlan 20
arp access-list testacl
permit ip 10.1.1.3 255.255.255.0 mac 01:00:00:0E:0E:0F
ip arp inspection filter testacl vlan 20
int gig0/10
ip arp inspection trust
  • CSCub34756

Symptoms: RP crash is observed at rrr_lm_resource_link_ready after performing SSO on the midpoint router on protect LSP.

Conditions: This symptom is observed when an RP card hosting the TP tunnel midpoint is undergoing the SSO operation. During SSO recovery, the TP fails to recover the TP tunnel midpoint interface (virtual) that is causing it to send a NULL interface to TE for checking its readiness. TE is not checking the NULL pointer condition and accessing the link elements that are causing the crash.

Workaround: There is no workaround.

  • CSCub36217

Symptoms: When the ME3800 router is running IOS 15.2(04)S software, if EVC maximum MAC security address limit is reached for a service instance, new MAC address is not rejected.

Conditions: When EVC MAC security is enabled under a service instance.

Workaround: There is no workaround.

PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 1.7/1.3:

https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:L/AC:L/Au:S/C:N/I:P/A:N/E:U/RL:OF/RC:C No CVE ID has been assigned to this issue. Additional information on Cisco’s security vulnerability policy can be found at the following URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

  • CSCub36356

Symptoms: Scaling up routes result in huge memory allocations, eventually depleting the SP memory, leading to MALLOC FAIL and subsequent system crash.

Conditions: This symptom occurs in normal conditions.

Workaround: There is no workaround.

  • CSCub36403

Symptoms: Standby reloads due to no switchport.

Conditions: Configure a port as “no switchport”. No IP configuration needed. Set the “tftp source interface <>”. Now defaulting the interface causes this issue.

Workaround: There is no workaround.

  • CSCub38559

Symptoms: When static recursive routes are used in an MVPNv6 environment, multicast traffic loss can occur due to failure to determine the correct RPF interface for a multicast source or rendezvous point.

Conditions: This symptom occurs if a static route to an IPv6 address at a remote site (remote side of a VPN cloud) resolves via a BGP route, resulting in a failure to install the required MDT alternate next-hop in the recursively referenced BGP route.

Workaround: Executing “show ipv6 rpf vrf X <address>” for any address within the recursively referenced BGP prefix range will cause installation of the required alternate next-hop.

  • CSCub39296

Symptoms: Unexpected exception to CPU: vector 200, PC = 0x0. Traceback decode is irrelevant.

Conditions: The symptom is observed on the ES+ series linecards on a Cisco 7600 series router. Symptom is reported on the ES+ console and in the crashinfo file on the ES+ flash disk. It is not reported in the syslog.

Workaround: There is no workaround.

  • CSCub41835

Symptoms: IGMP snooping debugs get turned on automatically.

Conditions: This symptom occurs when the console is flooded with debug messages.

Workaround: There is no workaround.

  • CSCub42181

Symptoms: The router crashes continuously after a normal reboot due to power or some other reason.

Cisco IOS Software, C3900 Software (C3900-UNIVERSALK9-M), Version 15.0(1)M4,
RELEASE SOFTWARE (fc1)
uptime is 4 days, 11 hours, 38 minutes
System returned to ROM by error - a Software forced crash, PC 0x88D26F0 at
07:42:45 UTC Sat May 5 2012
System restarted at 07:43:55 UTC Sat May 5 2012
System image file is "flash:c3900-universalk9-mz .SPA.150-1.M4.bin" ;
Last reload type: Normal Reload
----------------------------
generated Traceback:
 
Pre Hardware Replacement Crashinfo:
------------------------------------
#more flash0:crashinfo_20120519-165015-UTC
 
------------------
Traceback Decode:
------------------

 

tshakil@last-call-2% rsym c3900-universalk9-mz.150-1.M4.symbols.gz
Uncompressing and reading c3900-universalk9-mz.150-1.M4.symbols.gz via
/router/bin/zcat
c3900-universalk9-mz.150-1.M4.symbols.gz read in
Enter hex value: 0x88D1D88z 0x88D27C0z 0x729E558z 0x729E6F4z 0x495F298z 0x4962FC8z
0x88D1D88:fsm_crank(0x88d1d2c)+0x5c
0x88D27C0:fsm_exec_w_option(0x88d2650)+0x170
0x729E558:htsp_process_event(0x729e1d4)+0x384
0x729E6F4:htsp_main(0x729e62c)+0xc8
0x495F298:ppc_process_dispatch(0x495f274)+0x24
0x4962FC8:process_execute(0x4962e24)+0x1a4
Enter hex value: 0x88D1D88z 0x88D27C0z 0x729E558z 0x729E6F4z 0x495F298z 0x4962FC8z
0x88D1D88:fsm_crank(0x88d1d2c)+0x5c
 
0x88D27C0:fsm_exec_w_option(0x88d2650)+0x170
0x729E558:htsp_process_event(0x729e1d4)+0x384
0x729E6F4:htsp_main(0x729e62c)+0xc8
0x495F298:ppc_process_dispatch(0x495f274)+0x24
0x4962FC8:process_execute(0x4962e24)+0x1a4
Enter hex value:
 
 
--------------------------------
Crash File Post Installation:
------------------------------
 
#more flash0:crashinfo_20120519-185725-UTC
 
 
------------------
Traceback Decode:
-----------------
 
Enter hex value: 0x88D1D88z 0x88D27C0z 0x729E558z 0x729E6F4z 0x495F298z 0x4962FC8z
0x88D1D88:fsm_crank(0x88d1d2c)+0x5c
0x88D27C0:fsm_exec_w_option(0x88d2650)+0x170
0x729E558:htsp_process_event(0x729e1d4)+0x384
0x729E6F4:htsp_main(0x729e62c)+0xc8
0x495F298:ppc_process_dispatch(0x495f274)+0x24
0x4962FC8:process_execute(0x4962e24)+0x1a4
Enter hex value: 0x88D1D88z 0x88D27C0z 0x729E558z 0x729E6F4z 0x495F298z 0x4962FC8z
0x88D1D88:fsm_crank(0x88d1d2c)+0x5c
0x88D27C0:fsm_exec_w_option(0x88d2650)+0x170
0x729E558:htsp_process_event(0x729e1d4)+0x384
0x729E6F4:htsp_main(0x729e62c)+0xc8
0x495F298:ppc_process_dispatch(0x495f274)+0x24
0x4962FC8:process_execute(0x4962e24)+0x1a4
 
---------------------------------------------------

Conditions: This symptom is observed with the following conditions:

MGCP gateway.

Take out all the modules from the router.

Put the modules one by one.

Apply the configuration.

The router is stable.

The lab test recreated as follows:

1. Disable auto-configuration, that is, “no ccm-manager config”.

2. Reload the gateway.

3. Enable the CCM manager configuration and the router does not crash.

Workaround 1: Bypass the start-up configuration and log in via ROMmon without any configuration. Add the configuration one by one. Once the configuration is added, save the configuration and reload the gateway.

Workaround 2: Shut down the router and add the cards one by one in slots 0, 1, 2, 3, and 4. The device is stable until the third slot is inserted and brought up. As soon the router is powered on, after adding the fourth slot, the crash starts. Shut down the router and remove the card in slot 4 (EVM-HD-8FXS/DID). Bring the device up without the card in slot 4 (EVM-HD-8FXS/DID). Remove the “mgcp” and “ccm-manager fallback-mgcp” configuration from the device because the console log is displaying the “Call Manager backhaul registration failed” error message. Shut down the router and add the card which was removed. Bring up the router. Readd the ccm-manager fallback-mgcp command and do a “no mgcp/mgcp”. The router becomes stable.

Workaround 3: Remove the ccm-manager config command by no ccm-manager config which tears down the connection from the call manager to the MGCP gateway. The gateway will not download the configuration from the call agent at the time of startup. Reload the router. Once the router is back and stable, readd the command.

  • CSCub44898

Symptoms: Stale scansafe sessions are seen on the router. They do not get cleared even with the clear content-scan sessions * command.

Conditions: This issue occurs when one of the end points (client or server) does not properly close the connection. In TCP terms, when one end does not send an ACK to the FIN request sent by the other end in L4F UNPROXIED state.

Workaround: There is no workaround. The router needs to be rebooted to clear the stale sessions.

  • CSCub45054

Symptoms: OQD drop counters increment on the mGRE tunnel even though there are no drops.

Conditions: This symptom is observed with an mGRE tunnel when multicast traffic is sent over the tunnel. This issue is seen when EIGRP or OSPF is configured on the tunnel.

Workaround: There is no workaround.

  • CSCub45763

Symptoms: The switch may crash following SYS-2-FREEFREE and SYS-6-MTRACE messages while a CDP frame is being processed.

Conditions: device crash

Workaround: Disable CDP using “no cdp run”.

  • CSCub46423

Symptoms: Connecting from Windows 7 L2TP/IPSec client to the VPN fails when using HSRP virtual IP as a gateway IP and Error 788 is displayed.

Conditions: This symptom is observed with Cisco IOS Release 15.2(3)T or later releases, and the Windows 7 L2TP/IPsec VPN client.

Workaround: Downgrade to Cisco IOS Release 15.1(3)T.

  • CSCub46570

Symptoms: The image cannot be built with an undefined symbol.

Conditions: This symptom occurs as the commit error triggers the compiling issue.

Workaround: There is no workaround.

  • CSCub48120

Symptoms: Sp crash is observed @oce_to_sw_obj_type on a router reload.

Conditions: This symptom is seen with core link flap at remote end during IP- FRR cutover.

Workaround: There is no workaround.

  • CSCub49291

Symptoms: Static tunnels between hubs and spokes fail to rebuild.

Conditions: The symptom is observed when you reload the hub on the DMVPN IPv6 setup with DPD on-demand enabled on all spokes.

Workaround: There is no workaround.

  • CSCub49768

Symptoms: Trifecta may crash with watchdog timeout. No crashinfo is generated without this fix.

Conditions: This symptom can occur whenever there is a ROMmon read or write.

Workaround: There is no workaround.

  • CSCub49985

Symptoms: MPLS pseudowire ping from the peer to the Cisco ASR 903 fails if the peer is using TTL-based ping.

Conditions: This symptom occurs when the peer is using TTL-based ping.

Workaround: There is no workaround.

  • CSCub52825

Symptoms: The negotiated global IPv6 remains intact on the Dialer interface.

Conditions: This symptom is observed when the physical interface goes down.

Workaround: Remove the global IPv6 address manually from the Dialer interface.

  • CSCub52943

Symptoms: When executing Media Forking with midcall codec change, memory leaks are found in Cisco ASR for CCSIP_SPI_CONTROL. After decoding, the memory leak is found to be for the function is_x_participant_sips() as it is not releasing the memory after allocated with some memory. This seems to be a side effect of one of the DDTS that was committed to Cisco IOS Release 15.3M&T (CSCtz96408).

Conditions: This symptom occurs when executing Media Forking with midcall codec change.

Workaround: The fix is done and is committed to Cisco IOS Release 15.3M&T.

  • CSCub54261

Symptoms: In an MLDP + MVPNv6 setup, abnormal RP reload occurs after the deletion and addition of few subinterfaces on the encapsulated PE.

Conditions: This symptom occurs after deletion and addition of few subinterfaces on the router acting as the encapsulated PE on the access side for a few VRFs running MLCP inband.

Workaround: There is no workaround.

  • CSCub56064

Symptoms: Ping fails after doing EZVPN client connect if CEF is enabled.

Conditions: This symptom is observed with the Cisco IOS Release 15.3(0.8)T image. This issue is seen only for a specific topology, where the in/out interface is the same.

Workaround: There is no workaround.

  • CSCub56206

Symptoms: Traffic drop might be seen after reloading the router.

Conditions: This symptom is observed on a particular SFP interface (the issue is seen on ge0/8) after reloading the router.

Workaround: Shut/no-shut of the interface or clearing the IPv6 neighbor will recover the traffic.

  • CSCub58312

Symptoms: When IGMP query with source IP address 0.0.0.0 is received on an interface, it is marked as mrouter port for that VLAN.

Router#show ip igmp int vlan 1
Vlan1 is up, line protocol is up
IGMP querying router is 0.0.0.0 <----
 
Router#sh ip igmp snooping mrouter
vlan ports
-----+----------------------------------------
1 Po1,Po8,Router<-----

Conditions: This symptom is seen when IGMP query with source IP address 0.0.0.0 is received.

Workaround: There is no workaround.

  • CSCub58483

Symptom: The radius-server attribute 6 on-for-login-auth command is not configurable any more.

Conditions: There are no specific conditions under which this issue occurs.

Workaround: There is no workaround.

  • CSCub59493

Symptoms: The CPU remains at 100% after the SNMPv 2c walk even after 5 minutes.

Conditions: This symptom occurs when an SNMP walk is done on mplsLsrStdMIB.

Workaround: There is no workaround.

  • CSCub60422

Symptoms: ME-3600X-24CX-M Box crashes on executing the command “Diagnostic start test all”.

Conditions: On executing “Diagnostic start test all” command.

Workaround: There is no workaround.

  • CSCub60678

Symptoms: Standby RSP is periodically reset after memory exhaustion. This can be checked by checking free memory on standby SP by the show memory statistic command.

Conditions: This symptom is triggered by standby RSP restart or router reload.

Workaround: There is no workaround.

  • CSCub62897

Symptoms: SVI is not coming up for a long time even there are active ports in that VLAN.

Conditions: This symptom is seen with flexlink with preemption and VLAN load balance configuration.

Workaround: There is no workaround.

  • CSCub67101

Symptoms: The POS interface line protocol is down with encapsulation PPP in an MPLS setup.

Conditions: This symptom occurs when configuring encapsulation PPP on both ends of PE1 and CE1, and then configuring xconnect in the customer-facing interface of PE1.

Workaround: Reconfigure the xconnect settings. Then, the interface will come up in the proper state.

  • CSCub68069

Symptoms: Standby RP crash is seen on the Cisco ASR 1000 BRAS during the longevity test.

Conditions: This symptom is observed with a full scale churn test, with 28K PPPoEoA sessions with two ISG Services on each session, and the LI activated on 500 sessions, with 40cps churn rate.

Workaround: There is no workaround.

  • CSCub68933

Symptoms: Incorrect MAC learning is observed over pseudowires that are part of HVPLS, causing traffic failure.

Conditions: This symptom is observed when VPLS autodiscovery is in use, with MPLS over SVI in the core. This issue is also seen with LDP-based VPLS, when split horizon-enabled pseudowires are configured after the non-split horizon-enabled pseudowires.

Workaround: There is no workaround.

  • CSCub70336

Symptoms: The router can crash when “clear ip bgp *” is done in a large-scale scenario.

Conditions: This symptom is observed only in a large-scale scenario, with ten of thousands of peers and several VPNv4/v6 prefixes.

Workaround: “clear ip bgp *” is not a very common operation. Hence, this issue has not been observed by customers. The crash can only happen when “clear ip bgp *” is done. The workaround is not to execute “clear ip bgp *”.

  • CSCub71981

Symptoms: The show voice register pool on-hold brief command displays the same number (for both phone number and remote number) when both local and remote phone are put on-hold.

Conditions: This symptom is observed when with Cisco IOS Release 15.3(8)T.

Workaround: There is no workaround.

  • CSCub72198

Symptoms: CLI being executed failed to sync to standby and results in standby reload.

Conditions: This happens when the following conditions are met:

1. Active and standby are running different version of IOS image.

2. The CLI being applied is not PRC compliant. Meaning that this CLI does not return a valid parser return code.

Workaround: Avoid applying CLIs that are not PRC compliant during image upgrade or downgrade.

  • CSCub73159

Symptoms: IOSD crash is seen.

Conditions: This symptom occurs when bringing up 8000 PPP sessions with QOS and eBGP routes.

Workaround: There is no workaround.

  • CSCub73177

Symptoms: RP crash occurs.

Conditions: This symptom occurs upon router reload

Workaround: There is no workaround.

  • CSCub73787

Symptoms: The RSP720 may crash if a high rate of traffic is punted to the RP.

Conditions: This symptom occurs on a Cisco 7600 with RSP720. It is specific to a driver used only by the RSP720. Other supervisor models are not affected. The issue is only seen in Cisco IOS Release 15.1(03)S and later releases, because of a code change made to the RSP720 driver.

Workaround: Isolate and stop the traffic being punted to the RP.

  • CSCub74272

Symptoms: Intermittently during Phase II rekey, after new SPIs are negotiated and inserted into SPD, old SPIs are removed and then the VTI tunnel line protocol goes down.

Conditions: This symptom is observed with Cisco IOS Release 15.2(3)T, with VTI over GRE.

Workaround: There is no workaround.

  • CSCub76135

Symptoms: In the Cisco ASR 903, during SSO, the age of some of the ARP entries gets corrupted.

Conditions: This symptom is observed with the Cisco ASR 903.

Workaround: It has been observed that for few ARP entries the value of timeout gets corrupted during SSO. As of now, the following workaround has been done for the corrupted timeout ARP entries:

1. The refresh timer is set to the configured value.

2. The router sends an ARP request for the corrupted entries.

  • CSCub78299

Symptoms: Ping fails from host1 (192.168.1.2) to host2 (192.168.4.2).

Conditions: This symptom occurs when Suite-B is configured on IPsec sa.

Workaround: There is no workaround.

  • CSCub78917

Symptoms: PIM VRF neighbor is not coming up.

Conditions: This symptom is seen with MVPNv6 configurations.

Workaround: Use earlier images.

  • CSCub79035

Symptoms: Multicast traffic drops over the IPSec GRE tunnel.

Conditions: This symptom is observed when the mls mpls tunnel-recir command is configured on the router.

Workaround: There is no workaround.

  • CSCub79102

Symptoms: Router crashes with MVPNv6 setup.

Conditions: This symptom is seen while unconfiguring VRF.

Workaround: There is no workaround.

  • CSCub79318

Symptoms: Codec changes spontaneously during midsession without a RE-INVITE.

Conditions: This symptom occurs with the following conditions:

Fax passthrough is configured.

Codec negotiated is G711alaw, and changes to G729.

Workaround: There is no workaround.

  • CSCub79590

Symptoms: The match user-group commands do not appear in the running configuration after being configured.

Configure an inspection type class-map:

class-map type inspect TEST
match protocol tcp
match user-group cisco

Save the configuration. Try to view the configuration in the running configuration:

hostname# show run class-map
building configuration...
 
Current configuration : 66 bytes
!
class-map type inspect match-all TEST
match protocol tcp
end

But, view the configuration directly in the class-map:

hostname# show class-map type inspect
Class Map type inspect match-all TEST (id 1)
Match protocol tcp
Match user-group cisco

The configuration never shows up in the running configuration, but it is in the class-map configuration. As a note, the functionality exists on the ZBFW, but the configuration does not show up in the running configuration.

Conditions: This symptom is only observed with the match user-group commands.

Workaround: This issue only affects devices after a reload as the router will read the startup configuration, which will not have the match user-group command. As a result, the match user-group commands need to be reentered after ever reload.

  • CSCub80386

Symptoms: The following interface configuration should be used:

interface Ethernet2/1
description lanethernet1
ipv6 enable
ospfv3 100 network manet
ospfv3 100 ipv6 area 0

Dead interval is calculated according to network type; in this case, it is 120s. Issue the no ospfv3 dead-interval command on dead interval. Dead interval is set to the default of 40s instead of 120s, which is correct for manet or P2MP interface types.

Conditions: This symptom is an OSPFv3-specific issue (see the configuration example).

Workaround: Configure dead interval explicitly or reapply the network command.

  • CSCub80491

Symptoms: A Cisco router may experience alignment errors. These alignment errors may then cause high CPU.

Conditions: This symptom occurs as the alignment errors require using Get VPN. It is currently believed to be related to having the Get VPN running on a multilink interface, but this is not yet confirmed.

Workaround: There is no workaround.

  • CSCub80654

Symptoms: Randomly, there is no audio if a call comes from the following call flow using G729:

IP Phone -- CUCM -- ICT GK Controlled -- GK -- CME 9.1 -- Phone A and B

If one of the phones in CME tries to GPickup the call randomly, it will have no audio. When this happens, if you check the codec directly in the phone, it is G711. However, when it works, it is G729. Everything is configured for G729. Even if you hard code the phone in CME to use G729, this issue will occur. This issue does not occur in CME 7.1.

Conditions: This symptom occurs if a call comes from GK as G729 and CME 9.1 is being used.

Workaround: Use CME 7.1 or enable fast start in CUCM Trunk by enabling the following check boxes:

Media Termination Point Required

Enable Outbound FastStart

  • CSCub80710

Symptoms: SSL handshake between Cisco VCS and the Cisco ASR fails if the Cisco ASR is running Cisco IOS XE Release 3.7S.

Conditions: This symptom occurs in a working setup, if the Cisco ASR is upgraded to Cisco IOS XE Release 3.7S, then SSL handshake and subsequently SIP-TLS calls start to fail. If in the same setup, the Cisco ASR is downgraded back to Cisco IOS XE Release 3.5S or Cisco IOS XE Release 3.4.4S, then the calls work (without requiring any additional changes).

Workaround: There is no workaround.

  • CSCub82227

Symptoms: NTP broadcast mode does not work on the Cisco ASR 901 (client).

Conditions: This symptom occurs when the Cisco ASR 901 does not receive NTP “broadcast” messages from the NTP server.

Workaround: Use NTP unicast mode.

  • CSCub82471

Symptoms: BFD session flapping occurs or fails to get established on flapping REP ring.

Conditions: This symptom is observed with the software BFD session or echo mode.

Workaround: Disable echo mode.

  • CSCub83760

Symptoms: DSCP-based WRED does not work in egress on the member-link. This is a regression caused due to CSCty30952.

Conditions: This symptom occurs when a policy (not only WRED) is applied on an Etherchannel and a trunk port with allowed VLAN none is a member-link. This issue is seen because there is a new internal handling to take care of switchport trunk and access cases by CSCty30952 to handle VLAN combinations.

Workaround: There is no workaround.

  • CSCub85416

Symptoms: Router crashes with G8302 configs.

Conditions: 11k eompls vc and G8302 configs.

Workaround: There is no workaround.

  • CSCub85451

Symptoms: When scan safe is enabled on the interface, latency may be seen. Some pages may not load at all or show severe latency if the SYN request sent by the ISR does not receive an appropriate SYN ACK response from the Scan Safe Tower.

Conditions: Scan Safe must be enabled on the interface. In this case, there was an ASA in the path that was doing sequence number randomization.

Workaround: Disable sequence number randomization on the firewall in the path before the ISR.

PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 4.3/4.1:

https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:M/Au:N/C:N/I:N/A:P/E:F/RL:U/RC:C CVE ID CVE-2012-4651 has been assigned to document this issue. Additional information on Cisco’s security vulnerability policy can be found at the following URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

  • CSCub86706

Symptoms: After multiple RP switchover, the router crashes with the “UNIX-EXT-SIGNAL: Segmentation fault(11), Process = BGP HA SSO” error.

Conditions: This symptom is observed with MVPN with 500 VRFs, when performing multiple switchovers on PE1.

Workaround: There is no workaround.

  • CSCub87579

Symptoms: Multicast traffic gets forwarded to the wrong tunnel protected with IPsec.

Conditions: This symptom is observed when Multicast (PIM) is enabled on the GRE tunnel protected with IPsec on the Cisco 7600.

Workaround: Shut/no shut on the tunnel protected with IPsec resolves the issue.

  • CSCub88742

Symptoms: A crash occurs due to NULL pointer access in a BGP C-Route function.

Conditions: This symptom is very timing-sensitive and will occur only in a specific sequence of runtime events in a specific timing instance. In this case, this issue is triggered in a scaled setup when “mpls mldp” is toggled after two SSOs and when each SSO takes a very long time to complete due to HA Bulk Sync failure in IP Multicast that has addresses separately.

Workaround: There is no workaround.

  • CSCub88833

Symptoms: Running the clear ip access-list dynamic counters command triggers spurious memory access and adds traceback information in the logging buffer of the Cisco uBR router.

Conditions: This symptom occurs when running the clear ip access-list dynamic counters command.

Workaround: Do not configure the clear ip access-list dynamic counters command.

  • CSCub89144

Symptoms: In a VTI scenario with HSRP stateless HA, the tunnel state on standby is up/up.

Conditions: This symptom occurs when HSRP is configured and there is no SSO configuration.

Workaround: There is no workaround.

  • CSCub89711

Symptoms: The atm keyword for the show command disappears.

Conditions: This symptom occurs when you do a powered shutdown of the SPA card and bring it back up using the no form of the previous command.

Workaround: There is no workaround.

  • CSCub90459

Symptoms: If CUBE has midcall reinvite consumption enabled, it also consumes SIP 4XX responses. This behavior can lead to dropped or hung calls.

Conditions: This symptom occurs when midcall reinvite consumption is enabled.

Workaround: There is no workaround.

  • CSCub91428

Symptoms: Internal VLAN is not deleted even after waiting for 20 minutes, and the VLAN cannot be reused.

Conditions: This symptom is seen with any internal VLAN allocated dynamically that is not freed up after 20 minutes in the pending queue.

Workaround: There is no workaround.

  • CSCub91429

Symptoms: CEF does not get programmed and traffic does not flow across IPv6 VTI tunnels post router reload.

Conditions: This symptom occurs when reloading the box that has scale IPv6 sVTI IPsec tunnels configured.

Workaround: Shutdown/no shutdown on the IPv6 tunnels resolves the issue.

  • CSCub91546

Symptoms: Traffic is dropped silently on the VLAN.

Conditions: This symptom is observed when all the VLANs in the router are used (0 free VLAN). Any new internal VLAN creation will fail, and an appropriate error message is not shown.

Workaround: There is no workaround.

  • CSCub91815

Symptoms: Certificate validation fails with a valid certificate.

Conditions: This symptom is observed during DMVPN setup with an empty CRL cache. This issue is usually seen on the responder side, but the initiator can also show this behavior.

Workaround: There is no known workaround.

  • CSCub93496

Symptoms: One-way video from CTS-1000 to TS-7010 is seen in the following topology:

CTS-1000 (v1.9.1) >>> CUCM 8.6.2aSU2 >>> CUCM 9.0 >>> CUBE 15.1.2T (2811) >>> CUBE 15.1.4M4 (2951) >>> CUCM9.0 >>> VCS X7.1 >>> TS-7010 2.2

Conditions: This symptom occurs when SDP Passthru mode on CUBE is used.

Workaround: RTP payload types 96/97, which are associated with fax/faxack need to be remapped to some other unused values.

  • CSCub94438

Symptoms: Traceback is observed with the following message:

SP-STDBY: pm_get_standby_vlan:Cannot allocate VLAN for IPv6 VPN 0x1E000050 Egress multicast VLAN 1019 is use by Tunnel2

Conditions: This symptom is observed when applying a scaled MLDP configuration.

Workaround: There is no workaround.

  • CSCub94825

Symptoms: After Cisco IOS XE bootup, there are no static reverse routes inserted as a result of applying/installing and HA crypto map. The same issue is present on the HSRP standby device, namely, the static RRI routes will not get installed in case a failover occurs. The show cry map command can be used to verify that RRI is enabled. The show cry route command can be used to determine if RRI has happened and if it has been done correctly.

Conditions: This symptom is observed with the following conditions:

Cisco IOS XE Release 3.5 up to Cisco IOS XE Release 3.7

VRF-aware IPSec with stateless HA and static RRI - IPv4

Workaround: Removing and reentering the reverse-route static command into the configuration will actually trigger the route insertion.

  • CSCub96618

Symptoms: Error message seen on standby.

Conditions: The symptom is observed with tunnel configurations.

Workaround: There is no workaround.

  • CSCub96743

Symptoms: A packet loss is seen with a stateful switchover (SSO) in a Cisco ASR 1000 router with scaled configuration.

Conditions: This symptom is a day one issue and is seen with a scaled configuration.

Workaround: There is no workaround.

  • CSCub98588

Symptoms: The IPsec session does not come up for spa-ipsec-2g if you have disabled “Volume Rekey”.

Conditions: This symptom occurs when “Volume Rekey” is disabled on spa-ipsec-2g.

Workaround: Do not disable the “Volume Rekey” on spa-ipsec-2g.

  • CSCub98623

Symptoms: The show int command output displays the input queue size as bigger the 0, and never goes down. Shut/no shut does not help as well.

Conditions: This symptom is observed with the following conditions:

A Cisco IOS router actions as XOT.

The XOT Server becomes not reachable for sometime while the x25 client is attempting to send traffic.

Cisco IOS Release 12.4(24)T7, Cisco IOS Release 15.1M, or later releases.

Workaround: Increase the input hold queue size from default 75 to max. Monitor it periodically manually or by script and perform a planed reload when the queue size is close to max.

  • CSCub99756

Symptoms: The Cisco ASR 1000 router running Cisco IOS Release 15.2(4)S acting as a GM in a Get VPN deployment starts using the most recent IPsec SA upon KS rekey instead of using the old key up to 30 seconds of expiration.

Conditions: This symptom is observed only in Cisco IOS Release 15.2(4)S.

Workaround: There is no workaround.

  • CSCub99778

Symptoms: The Cisco ASR 1000 router being GM in a Get VPN deployment fails to start GDOI registration after a reload.

Conditions: This symptom occurs when running Cisco IOS Release 15.2(4)S. The following error is displayed in the show crypto gdoi command output after reload.

Registration status : Not initialized

Workaround: Use an EEM script to issue “clear crypto gdoi” some time after boot time or issue this manually.

  • CSCuc01575

Symptoms: The command no monitor capture name control-plane leads to a crash.

Conditions: The symptom is observed with the command no monitor capture name control-plane.

Workaround: There is no workaround.

  • CSCuc05570

Symptoms: The “PM-SP-STDBY-3-INTERNALERROR” error message is seen on Active for the Tunnel Reserved VLAN and the Tunnel Global Reserved VLAN.

Conditions: This symptom is observed with an HA router with a scale configuration of the MDT Tunnel.

Workaround: There is no workaround.

  • CSCuc05929

Symptoms: After reload, sometimes MPLS forwarding function on some interfaces was not enabled. Some interfaces which were configured “mpls ip” and link-state-up have not shown at “show mpls interface” command. This issue depends on a timing of the interface up.

Conditions: Sometimes it may occur after a router reload or SIP/SPA reload. It is not affected when you configure “mpls ip” on an interface, admin-shutdown/no shutdown, and link-flap.

Workaround: When the issue occurs, do an admin-shutdown/no shutdown on affected interface or disable/re-enable mpls on interface.

  • CSCuc06024

Symptoms: Traffic flowing through EVCs that do not belong to any service group will see incorrect bandwidth values because of wrong bandwidth value programmed on the port-default node.

Conditions: This symptom is seen when a mixture of flat and HQoS SGs having bandwidth configurations on their policies are applied on PC EVCs. Two mem- links are part of this PC, and default load-balancing is used.

Workaround: There is no workaround.

  • CSCuc06307

Symptoms: When an L2TPv3 xconnect with IP interworking is configured on a Switched Virtual Interface (interface vlan), it may fail to pass traffic. With debug subscriber packet error enabled, debug messages like the following are output:

AC Switching[Vl10]: Invalid packet rcvd in process path, dropping packet

Conditions: This symptom has been observed in Cisco IOS Release 15.2(3)T4 and earlier.

Workaround: There is no workaround.

  • CSCuc08061

Symptoms: IPv6 DMVPN spoke fails to rebuild tunnels with hubs.

Conditions: This symptom occurs when the tunnel interface on the spoke is removed and reapplied again.

Workaround: Reboot the spoke.

  • CSCuc08306

Symptoms: The cos-inner value is not preserved in the case of POP2.

Conditions: This symptom occurs when traffic is flowing from the service instance with POP2 configured to another service instance with POP2, which has a marking with cos. The cos-inner value also gets affected with the QOS policy-map. Without QOS, the current behavior is POP2 -> POP2. The outer VLAN cos value gets copied to both the inner and outer cos value of the egress VLAN tag.

Workaround: There is no workaround.

  • CSCuc08895

Symptoms: A switching failure occurs after applying the CEM configuration.

Conditions: This symptom occurs when there is a PW redundancy and the primary VC is down. Reapply configuration.

config term
controller e1 0/7
cem-group 0 unframed
end
 
config term
interface cem 0/7
cem 0
no xconnect 180.0.0.201 17 encap mpls
end

Workaround: Remove the xconnect configuration. Potentially, wait for 20 minutes in the worst case for “sh mpls l2 pwid” to age out labels.

  • CSCuc09483

Symptoms: Under certain conditions, running a TCL script on the box, may cause software traceback and reload of the affected device.

Conditions: Privilege 15 user may run TCL commands that may lead to an affected device reloading.

Workaround: There is no workaround.

PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 3.8/3.6:

https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:L/AC:H/Au:S/C:N/I:N/A:C/E:F/RL:U/RC:C No CVE ID has been assigned to this issue. Additional information on Cisco’s security vulnerability policy can be found at the following URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

  • CSCuc10586

Symptoms: In the Cisco 7600, multicast traffic does not flow in some scenarios. In the case of PIM SM mode, many times, (*,G) is present, but not (S,G) in mroute. In the case of PIM SSM mode, (S,G) is present but still traffic does not flow through.

Conditions: This symptom is observed only with Cisco IOS Release 15S-based releases.

Workaround:

Either use a different source IP or a different group IP.

Reload the module.

  • CSCuc10706

Symptoms: When Cisco IOS XE is configured to use subscriber-service for authorization, it will ignore this configuration for the named list and fall back on the default for subscriber-profile or, if this is not present, on the default authorization method for the network. If none of these default authorization methods are configured, authorization will not take place.

Conditions: This symptom occurs when a named authorization list is configured.

Workaround: Set the default authorization list (subscriber-service or network) to use the correct Radius server.

  • CSCuc11090

Symptoms: When the Cisco ME3600/ME3800 is the encapsulation box in MVPN, if the packet size if greater than the default MTU, packets will not flow out of the box.

Conditions: This symptom is observed when MVPN is configured on the Cisco ME3600/ME3800 box. The box should be a core the encapsulation box and traffic should be going on the tunnel to hit this situation. Only packets beyond the default MTU will not go out and get dropped.

Workaround: Send packets of a smaller size from the source so that after encapsulating with 24 bytes of the outer IP of the MDT tunnel, it does not go beyond the size of the egressing interface MTU.

  • CSCuc11853

Symptoms: T1 controller will stay DOWN after switchover.

Conditions: This symptom is seen when SATOP is configured on T1.

Workaround: Do a shut and no shut.

  • CSCuc12685

Symptoms: Address Error exception is observed with ccTDUtilValidateDataInstance.

Conditions: This symptom is observed with ccTDUtilValidateDataInstance.

Workaround: There is no workaround.

  • CSCuc13364

Symptoms: The egress service policy on EFP drops all traffic in egress. The offered rate equals the drop rate. The interface output rate is zero, and output drop increases.

Conditions: This symptom is observed with the Cisco ME36xx running Cisco IOS Release 15.2(2)S.

Workaround: There is no workaround.

  • CSCuc13992

Symptoms: The Cisco IOSd process crashes due to a segmentation fault in the PPP process:

UNIX-EXT-SIGNAL: Segmentation fault(11), Process = PPP Events

The root cause for the PPP process crash is wrong IPCP option processing inside PPP control packets.

Conditions: This symptom occurs when the BRAS functionality is configured, which includes ISG and PPPoE session termination.

Workaround: There is no workaround.

  • CSCuc14088

Symptoms: The default class is not being exported with the class option template.

Conditions: This symptom occurs when class-default is not exported when typing the option c3pl-class-table under the flow exporter.

Workaround: There is no workaround.

  • CSCuc15203

Symptoms: If the ISM-VPN module is turned on and ZBFW is configured, when asymmetric routing occurs, the router crashes.

Conditions: This symptom occurs when the ISM-VPN module is turned on and ZBFW is configured, and when asymmetric routing occurs.

Workaround: There is no workaround.

  • CSCuc15310

Symptoms: Ping failure is seen through poch for the g8032 ring.

Conditions: This symptom is observed on reloading all devices running g8032.

Workaround: Flap the poch.

  • CSCuc15548

Symptoms: Subscriber session on LAC/LNS in attempting state with “vpdn authen- before-forward” CLI configured and auto-service in the RADIUS profile is getting stuck.

Conditions: This issue is seen with CLI “vpdn authen-before-forward” and one auto-service in the user profile in RADIUS.

Workaround: Configure and apply one policy-map with SESSION-START rule with at least one action.

  • CSCuc15656

Symptoms: REP occasionally fails when a peer device that is running REP on the same segment is reloaded.

Conditions: This symptom is seen when a remote device is reloaded. The REP state machines on both devices can get stuck.

Workaround: Flap the link of the unit which did not go into the REP wait state. This will bring the REP state machines at both ends.

  • CSCuc15695

Symptoms: The counters are not polling the correct stats.

Conditions: This symptom was first observed on the ATM interfere, but it is not particular to the ATM as this issue was reproduced on the Gigabit Ethernet interface as well.

Workaround: There is no workaround.

  • CSCuc15810

Symptoms: MVPN over GRE PIM VRF neighbor is not up after SSO.

Conditions: This symptom is seen when MVPN over GRE PIM VRF neighbor is not up after SSO.

Workaround: There is no workaround.

  • CSCuc19046

Symptoms: Active Cisco IOSd was found to have crashed following the “clear ip mroute *” CLI.

Conditions: This symptom occurs with 4K mroutes (2k *,G and 2K S,G) running the FFM performance test suite.

Workaround: There is no workaround.

Further Problem Description: So far, this issue is only seen in the FFM performance test script.

  • CSCuc19862

Symptoms: Traceback and CPU hog is seen due to spurious memory access when Flexible NetFlow (FNF) is enabled.

Conditions: This symptom is seen when enabling FNF.

Workaround: Use classic netflow or configure FNF on the tunnel template interface (preferred).

Note: the first option of using classic netflow is not available on some platforms which only support FNF. Notably these are Cat 6k, Sup 2T and the Cat 4K K10.

  • CSCuc21610

Symptoms: The console displays a message indicating that offloading is not supported for BFD echo mode.

Conditions: Occurs when you configure a BFD session in echo mode.

Workaround: There is no workaround; however, the issue has no functionality impact.

  • CSCuc24937

Symptoms: The voice gateway router is configured as a CME for handling ephone reloads due to spurious memory access.

Conditions: This symptom occurs as the voice gateway router is capable of handling ephones. Reload is very specific to ephone handling.

Workaround: There is no workaround.

  • CSCuc28757

Symptoms: IPv6 HbH Traffic traversing across BD SVIs will not be rate-limited by HbH rate-limiter that is configured.

Conditions: This symptom is seen when enabling HbH rate-limiter on an NP of ES+ and IPv6 HbH traffic traversing across SVIs part of EVC BD of ES+ interface.

Workaround: There is no workaround.

  • CSCuc28931

Symptoms: The router crashes due to high CPU and lack of memory.

Conditions: This symptom occurs when using a local connect between an EFP with encap dot1q and an EFP with encap untagged.

Workaround: There is no workaround.

  • CSCuc29310

Symptoms: TD probes in fast mode are gone when the link flaps (not PfR external interfaces).

Conditions: This symptom is observed with TD, fast mode, and link flap, which cause SAF session flap.

Workaround: Issue “clear pfr mas tr”.

  • CSCuc29884

Symptoms: Outage and CPU remain astonishingly high against XDR MCAST process on a scaled HWO BFD testbed.

Conditions: This symptom is seen after a router reload, when OSPF converge is getting completed, and started 10g traffic through the box.

Workaround: There is no workaround.

  • CSCuc31534

Symptoms: With a primary PW in the down state, if the Xconnect redundancy configuration is removed and added, then switching may remain down and the VC goes down.

Conditions: This symptom is observed with the following conditions:

1. The platform supports hot standby (Cisco ASR 903/Cisco 7600/Cisco ASR 901).

2. PW redundancy with primary down.

3. Configuration removed + added or added afresh.

Workaround: Fix the primary PW and then remove/add the configuration.

  • CSCuc31725

Symptoms: CUBE fails to resolve the configured DNS through A query when the SRV query fails.

Conditions: This symptom occurs when running Cisco IOS Release 15.3(0.11)T.

Workaround: Use DNS SRV records for SIP servers.

  • CSCuc31761

Symptoms: Router crashes when removing GDOI groups.

Conditions: KS has 100 GDOI groups configured.

Workaround: There is no workaround.

  • CSCuc32119

Symptoms: Traffic drop is seen due to misprogramming in the VLAN RAM table.

Conditions: This symptom is observed when the router is reloaded multiple times.

Workaround: There is no workaround.

  • CSCuc33328

Symptoms: Memory leaks are seen in the statistics.

Conditions: This symptom occurs when the probe is executed and statistics are updated.

Workaround: There is no workaround.

  • CSCuc33528

Symptom: Active RP crashes on SSM connection manager during session disconnect after CoA got rejected (COA-NAK).

Conditions: This symptom is observed when established L2TP session send CoA to active 3 ISG services. One of the service failed to be applied with COA-NAK reply. Disconnect session and triggered RP crashes on SSM connection manager SegFault.

Workaround: This is considered as negative test case; apply working COA.

  • CSCuc34088

Symptoms: The traffic rate comes down to one IMA link rate.

Conditions: This symptom is observed on router reload or IM OIR.

Workaround: Delete the ATM PVP configuration and recreate it.

  • CSCuc34304

Symptoms: Crash in pim_reg_enc_src_update_mvrf in complex multicast setup.

Conditions: This symptom is observed if the traffic is active for a combination of different IPv4 multicast VPN features or scenarios, then Cisco IOS may crash upon interface coming up notification.

Workaround: There is no workaround.

  • CSCuc34574

Symptoms: A pending-issue-update is seen at SSL CPP CERT on the Cisco ASR 1002, ESP-1000 platform.

Conditions: This symptom is observed with the following configuration:

show platform software object-manager fp active pending-issue-update
 
Update identifier: 128
Object identifier: 117
Description: SSL CPP CERT AOM show
Number of retries: 0
Number of batch begin retries: 0

Workaround: There is no workaround.

  • CSCuc35935

Symptoms: Traffic coming in with a particular label might experience drops on ES+.

Conditions: This symptom is observed with traffic coming in on the ES+ interface with MPLS enabled. This issue is seen when the box has AToM (Scalable mode on the Cisco 7600) configured.

Workaround: Reset the core facing ES+ module.

  • CSCuc36049

Symptoms: The Cisco ME3600 and Cisco ME 3800 switches crash.

Conditions: This symptom occurs on triggering POCH LACP fast switchover that is part of G.8032 ring carrying UCAST and MCAST traffic.

Workaround: There is no workaround.

  • CSCuc36469

Symptoms: Crash is observed when removing the crypto call admission limit ike in-negotiation-sa value configuration and clear crypto sessions, which triggers a connection from all the clients burdening the server and forcing it to crash within seconds.

Conditions: This symptom happens only when 150 connections simultaneously try to establish connection with the head-end EzVPN server.

Workaround: Configure crypto call admission limit ike in-negotiation- sa 20 when scaling to 150 tunnels.

  • CSCuc37047

Symptoms: VSS crashes on reconfiguring “ipv6 unicast-forwarding” multiple times.

Conditions: This symptom occurs when CTS is configured on an interface and “ipv6 unicast” is toggled multiple times.

Workaround: There is no workaround.

  • CSCuc37407

Symptoms: If configuration replace is tried after session-based poll, which has an address type (IPv4/IPv6) mismatch with initiator source-IP, then a crash is seen.

Conditions: This symptom occurs when configuring Mediatrace initiator with a particular type of address, for example, IPv4 only or IPv6 only. This issue is seen when trying a session-based poll with the address type for a path-specifier not matching the address type of the initiator. Then, configuration replace on the same configurations leads to a crash.

Workaround: There is no workaround.

  • CSCuc38446

Symptoms: The upgrade for Handoff FPGA from version 3000F to 30017 fails.

Conditions: This symptom is observed when upgrading Handoff FPGA.

Workaround: There is no workaround.

  • CSCuc38851

Symptoms: DHCP snooped bindings are not restored after an RTR reload.

Conditions: This symptom might occur when bindings are learnt on Cisco ES20 EVCs.

Workaround: After the RTR is UP, renew from the agent database by issuing the renew ip dhcp snooping database URL command.

  • CSCuc40448

Symptoms: No-way audio is observed on hair-pinned calls back from CUBE to SIP Provider.

The call flow is as follows:

PSTN caller --Verizon---(sip)---ASR CUBE---(sip)---CUSP---(sip)---Genesis ( SIP Refer sent to transfer back to Verizon) -- CUSP - CUBE - Verizon -- PSTN

Conditions: This symptom is observed only after upgrading to Cisco IOS Release 15.2(2)S.

Workaround: Modify the diversion header on the transfer leg invite, so Verizon handles the call differently.

  • CSCuc41369

Symptoms: Complete traffic loss occurs for V6 mroutes.

Conditions: This symptom occurs during deletion and addition of VRFs for the MVPNv6 inband signaling configuration.

Workaround: There is no workaround.

  • CSCuc41531

Symptoms: Forwarding loop is observed for some PfR-controlled traffic.

Conditions: This symptom is observed with the following conditions:

Traffic Classes (TCs) are controlled via PBR.

The parent route is withdrawn on selected BR/exit.

Workaround: This issue does not affect configured or statically defined applications, but only affects learned applications so this can be used as one workaround. Another option is to issue shut/no shut on PfR master or clear the related TCs with the clear pfr master traffic-class ... command (this fixes the issue until the next occurrence).

  • CSCuc41879

Symptoms: Multicast traffic for few mroutes gets dropped on the bud node. This issue occurs as sub-LSPs are not created due to LSP IDs getting exhausted.

Conditions: This issue occurs after reload, TE-FRR, and churning of mroutes.

Workaround: There is no workaround.

  • CSCuc42002

Symptoms: The router crashes when configuring the ATM interface.

Conditions: This symptom is observed with the following sequence:

1. Move OC3 IM with the ATM configuration to a different bay.

2. Configure an ATM interface on the new bay.

3. Cisco IOSd crash is seen due to a segmentation fault.

Workaround: There is no workaround.

  • CSCuc42518

Symptoms: Cisco IOS Unified Border Element (CUBE) contains a vulnerability that could allow a remote attacker to cause a limited Denial of Service (DoS). Cisco IOS CUBE may be vulnerable to a limited Denial of Service (DoS) from the interface input queue wedge condition, while trying to process certain RTCP packets during media negotiation using SIP.

Conditions: Cisco IOS CUBE may experience an input queue wedge condition on an interface configured for media negotiation using SIP when certain sequence of RTCP packets is processed. All the calls on the affected interface would be dropped.

Workaround: Increase the interface input queue size. Disable Video if not necessary.

PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 4/3.1:

https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C CVE ID CVE-2012-5427 has been assigned to document this issue. Additional information on Cisco’s security vulnerability policy can be found at the following URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

  • CSCuc43943

Symptoms: A Cisco ASR 1000 hub on dual-hubs DMVPN crashes. This issue is only seen in Cisco IOS XE Release 3.9S.

Conditions: This symptom is observed with shut/no shut of the tunnel interface.

Workaround: There is no workaround.

  • CSCuc44306

Symptoms: The IPv6 HbH packets get punted to RP as a result of HbH rate-limiter not working.

Conditions: This symptom is observed when IPv6 HbH packets hit the bridged interface on SIP400/SIP200 with IPv6 HbH rate-limiter configured.

Workaround: There is no workaround.

  • CSCuc44367

Symptoms: The instance range command works only for the first index in a given range.

Conditions: This symptom is observed under normal conditions.

Workaround: Manually configure schema for all single indices.

  • CSCuc44438

Symptoms: There is a memory corruption issue with loading NBAR protocol pack.

Conditions: This symptom occurs when an NBAR protocol pack is loaded into the router using the ip nbar protocol-pack command.

Workaround: There is no workaround.

  • CSCuc44555

Symptoms: Multicast traffic is not forwarded to downstream, even when the groups show up in the group list.

Conditions: This issue is seen only when the traffic comes on RPF fail interface, and the downstream port is blocked due to STP or similar protocol.

Workaround: Disable IGMP snooping.

  • CSCuc44629

Symptoms: The switch/router crashes while processing NTP.

Conditions: This symptom occurs if NTP is configured using DNS, along with the source interface. For example:

config# ntp server <dns> source <interface>

Workaround 1: config# ntp server <dns>

Workaround 2: config# ntp server <ip>

Workaround 3: config# ntp server <ip> source <interface>

For workarounds 1 and 2, the device automatically selects the source interface. For workarounds 2 and 3, resolve the DNS and use the corresponding IP address for that DNS. For example:

Router# ping <dns>

The above command gives the IP address for DNS. Use that IP address to configure the NTP server.

  • CSCuc45045

Symptoms: The show ip eigrp neighbors detail vmi command displays large delay values.

Conditions: This symptom is observed only for the VMI interface in MANET networks.

Workaround: There is no functional impact because of this. For any other practical purposes, convert the displayed value from pico second to microsecond as the value displayed is in pico seconds and units displayed are in usec.

  • CSCuc45115

Symptoms: EIGRP flapping is seen continuously on the hub. A crash is seen at nhrp_add_static_map.

Conditions: This symptom is observed in the case where there are two Overlay addresses of a different Address Family on the same NBMA (such as IPv4 and IPv6 over Ipv4). This issue is observed after shut/no shut on the tunnel interface, causing a crash at the hub. A related issue is also seen when there is no IPv6 connectivity between the hub and spoke, causing continuous EIGRP flapping on the hub.

Workaround: There is no known workaround.

  • CSCuc45528

Symptoms: Leaks are seen at nhrp_recv_error_indication.

Conditions: This symptom occurs only when the fix of CSCub93048 is present in the image.

Workaround: There is no workaround.

  • CSCuc46087

Symptoms: CUBE does not send a response to an early dialog UPDATE in a glare scenario.

Conditions: This symptom occurs when CUBE receives an early dialog UPDATE when it sends 200OK to INVITE and expects ACK.

Workaround: There is no workaround.

  • CSCuc46356

Symptoms: Router hangs and crashes by WDOG.

Conditions: This symptom occurs when IPv6 ACL is applied to a port-ch sub-if. The sub-if is deleted followed by deletion of the ACL.

Workaround: Delete the ACL before deleting the port-ch sub-if.

  • CSCuc46827

Symptoms: There is an RP crash at __be_NetworkInterface_setAddressIDL.

Conditions: This symptom occurs when an interface IP address is removed through OnePk API.

Workaround: Use CLI to resolve the issue.

  • CSCuc47356

Symptoms: Static routes are not getting removed.

Conditions: This symptom is observed with Smap - Smap. Removal of CLI does not remove the static route.

Workaround: Remove the ACL before removing the SA.

  • CSCuc47399

Symptoms: IKEv2 STOP Accounting records show wrong counters for packets/octets, when the sessions are locally cleared using “clear crypto sa” or “clear crypto session” on ASR1K.

Conditions: This symptom is observed with latest Cisco IOS XE Release 3.8S images when IKEV2-Accounting is enabled. This issue is easily reproducible with a single session, and may be service impacting as STOP Accounting records are usually used for billing purposes.

Workaround: The STOP records reflect the right counters when the disconnect is through the remote-end.

  • CSCuc47879

Symptoms: Removing the channel group configuration on a CEM controller causes the device to hang in a particular scenario.

Conditions: This symptom is observed when the following steps are performed: (a) Configure CEM group (CESoPSN or SAToP) on a controller (b) Configure channel group on this controller with same time slots used in (a) for CEM group (c) Remove channel group configured in step (b)

Workaround: Perform hard reboot of the device.

  • CSCuc48162

Symptoms: EVC Xconnect UP MEP is sending CCMs when the remote EFP is shut.

Conditions: This symptom occurs when EFP is admin down.

Workaround: There is no workaround.

  • CSCuc48211

Symptoms: Traffic from the Label Edge Router (LER) is dropped at the Label Switch Router (LSR) peer. LER is using a invalid/outdated label, unknown to LSR. This issue can be seen with a regular MPLS connection over a physical interface or with a connection over an MPLS TE tunnel interface. The root cause is that LER is using CEF long-path extension, installed to the prefix by a different routing protocol in the past.

TUNNEL-HEADEND/LER#show ip cef 172.25.0.1 internal
172.25.0.0/16, epoch 6, flags rib only nolabel, rib defined all labels, RIB[B],
refcount 5, per-destination sharing
sources: RIB
feature space:
IPRM: 0x00018000
Broker: linked, distributed at 4th priority
LFD: 172.25.0.0/16 0 local labels
contains path extension list
ifnums:
TenGigabitEthernet1/0/0(31): 10.10.243.48
Tunnel11(38)
path 1F13EC1C, path list 1436FC80, share 1/1, type recursive, for IPv4
recursive via 10.10.254.3[IPv4:Default], fib 21B2A5CC, 1 terminal fib,
v4:Default:10.10.254.3/32
path 13A71668, path list 20C50DB0, share 1/1, type attached nexthop, for IPv4
MPLS short path extensions: MOI flags = 0x1 label 1683
nexthop 10.10.243.48 TenGigabitEthernet1/0/0 label 1683, adjacency IP adj
out of TenGigabitEthernet1/0/0, addr 95.10.243.48 20BCED00
path 13A745A8, path list 20C50DB0, share 1/1, type attached nexthop, for IPv4
MPLS short path extensions: MOI flags = 0x1 label 623
MPLS long path extensions: MOI flags = 0x1 label 18
nexthop 10.10.255.130 Tunnel11 label 18, adjacency IP midchain out of
Tunnel11 22923160
long extension for path if Tunnel11 next hop 10.10.255.130:
MPLS long path extensions: MOI flags = 0x1 label 18
long extension for path if Tunnel22 next hop 10.10.255.129:
MPLS long path extensions: MOI flags = 0x1 label 651
output chain:
loadinfo 212F8810, per-session, 2 choices, flags 0083, 4 locks
flags: Per-session, for-rx-IPv4, 2buckets
2 hash buckets
< 0 > label 1683 TAG adj out of TenGigabitEthernet1/0/0, addr
10.10.243.48 20BDC860
< 1 > label 18 TAG midchain out of Tunnel11 20C92B00 label implicit-null
TAG adj out of TenGigabitEthernet1/0/1, addr 10.10.243.50 20B21440
Subblocks:
None
TUNNEL-TAILEND/LSR# sh mpls forwarding-table labels 18
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
TUNNEL-TAILEND#

Conditions: This symptom occurs when the prefix is learned by both BGP and IGP, while BGP has lower Administrative Distance, pointing via the MPLS TE tunnel carrying MPLS. This issue is seen once the prefix is installed to RIB by IGP and then by BGP (Reload, BGP flap, etc.); then, the CEF will keep using the IGP/LDPs label without updating it in case of LDP label change.

Workaround: Issue the clear ip route prefix mask command.

  • CSCuc49335

Symptoms: An infinite loop is seen at tunnelInetConfigIfIndex.ipv6 while doing SNMP walk.

Conditions: This symptom occurs when an SNMP walk is done on the Cisco ISRG2 router and the Cisco ASR 1000 router.

Workaround: There is no workaround.

  • CSCuc49773

Symptoms: Observing CPU HOG at IP RIB Update after multiple flaps of IGP and MPLS TE tunnels.

Conditions: Multiple mpls enabled interface flaps results in IP RIB update crash.

Workaround: There is no workaround.

  • CSCuc50739

Symptoms: The Cisco ASR 901 router part of REP ring blocks traffic.

Conditions: This symptom occurs when on re-convergence of REP ring, the Cisco ASR 901 router blocks traffic even though it is in the open state and not alt port.

Workaround: There is no workaround.

  • CSCuc51692

Symptoms: The router crashes while enabling L2TP debugs using the debug l2vpn l2tp error | event command.

Conditions: This symptom always occurs on enabling the debug l2vpn l2tp error | event command.

Workaround: The same debugs can be enabled using the alternate command debug xcl2 error | event.

  • CSCuc52506

Symptoms: 6PE and 6VPE traffic drops on shutting the ECMP link.

Conditions: This symptom occurs after configuring the 6PE/6VPE between UPE-2 and UPE-1 with ECMP paths between both nodes and then shutting the ECMP link.

Workaround: There is no workaround.

  • CSCuc52519

Symptoms: ARP related traceback with isg_ha_sanity_diol SSR test script.

Conditions: This symptom is observed due to Cisco High Availability.

Workaround: There is no workaround.

  • CSCuc53135

Symptoms: LDP sessions are not established.

Conditions: This symptom is observed on a router with more than one LDP adjacency to a neighbor. This issue is seen when the TCP session establishment to that neighbor is delayed, and while it is delayed, the adjacency that is the active adjacency times out (no more UDP packets are received), resulting in the TCP listen socket being deleted and not created.

Workaround: Issue the clear mpls ldp neighbor * command.

  • CSCuc54220

Symptoms: The SVTI always-up feature is broken.

Conditions: This symptom occurs in clear and rekey cases.

Workaround: Use shut and no shut.

  • CSCuc54300

Symptoms: The following error message is seen during a system reboot/boot:

“Notification timer Expired for RF Client: Redundancy Mode RF(5030)”

Conditions: This symptom occurs during a system reboot/boot.

Workaround: There is no workaround. This is a rare bug which needs a specific timing sequence to occur. The system reloads after this error. In most cases, the system will come up smoothly after a reload, else it will come up after one or two reloads.

  • CSCuc55346

Symptoms: SNMP MIB cbQosCMDropPkt and cbQosCMDropByte report 0.

Conditions: This symptom is observed with Cisco IOS Release 15.1(3)S1 and Cisco IOS Release 15.2. This issue is not seen with Cisco IOS Release SRE4.

Workaround: Use SNMP MIB cbQosPoliceExceededPkt and cbQosPoliceExceededByte.

  • CSCuc55634

Symptoms: IPv6 static route cannot resolve the destination.

Conditions:

1. A VRF is configured by the old style CLI (for example “ip vrf RED”).

2. Configure “ip vrf forwarding RED” under an interface.

3. Configure IPv6 address under the same interface (for example 2001:192:44:1::2/64).

4. Configure IPv6 static route via the interface configured in item 3, (for example IPv6 route 2001:192:14:1::/64 2001:192:44:1::1).

5. Then, we are not able to ping the 2001:192:14:1::2 although we can reach 2001:192:44:1::1.

Workaround: There is no workaround.

  • CSCuc56259

Symptoms: A Cisco 3945 that is running 15.2(3)T2 and running as a voice gateway may crash. Just prior to the crash, these messages can be seen:

%VOIP_RTP-6-MEDIA_LOOP: The packet is seen traversing the system multiple times

and

Delivery Ack could not be sent due to lack of buffers.

Conditions: This happens when a media loop is created (which is due to misconfiguration or some other call forward/transfer scenarios).

Workaround: Check the configurations for any misconfigurations, especially with calls involving CUBE and CUCM.

  • CSCuc57130

Symptoms: Interface configurations do not work post HA switchover.

Conditions: This symptom occurs after HA switchover and is observed with OC3 IM.

Workaround: There is no workaround.

  • CSCuc59049

Symptoms: Crash info generation is incomplete.

Conditions: This symptom is observed when a crash occurs.

Workaround: There is no workaround.

  • CSCuc59105

Symptoms: The switch may crash when issuing “show platform qos policer cpu x x”.

Conditions: This symptom occurs only when issuing “show platform qos policer cpu x x” through an SSH session.

Workaround: Execute the command through Telnet or the console.

  • CSCuc59711

Symptoms: The Cisco ASR 901 router crashes with REP platform debugs enabled.

Conditions: This symptom is observed with REP functional on Cisco ASR 901 router and after enabling “debug platform rep”.

Workaround: Enabling REP debugs on customer nodes is not recommended.

  • CSCuc59765

Symptoms: Cisco ME 380x and ME 360x fail to trigger watchdog crash in certain scenarios.

Conditions: This symptom is seen when soaking over a prolonged period of time.

Workaround: There is no workaround.

  • CSCuc60245

Symptoms: Pseudowires stop passing traffic until the LSP is reoptimized.

Conditions: This symptom is observed when pseudowires stop passing traffic until the LSP is reoptimized.

Workaround: The common fix is reoptimizing the LSP onto a new path in one or both directions.

  • CSCuc60297

Symptoms: Redistribute or source (network statement) VRF route into BGP. BGP VRF prefix with next hop from global, the next-hop will be inaccessible.

Conditions: This symptom is observed when redistribute VRF routes into BGP with global NH.

Workaround: There is no workaround.

  • CSCuc61817

Symptoms: The crash occurs while removing MPLS TE tunnels.

Conditions: This symptom occurs when a shut/no shut on the interface is executed before performing “no mpls traffic-eng tunnels”.

Workaround: There is no workaround.

  • CSCuc62027

Symptoms: The SIP-400 LC card crashes during router boot up.

Conditions: This symptom does not occur under any specific conditions, as this issue is not consistent and rarely reproducible.

Workaround: There is no workaround.

  • CSCuc63531

Symptoms: The following traceback may be displayed after performing Stateful Switchover:

%SYS-2-NOBLOCK: may_suspend with blocking disabled.

Conditions: This symptom is observed when Stateful Switchover is performed with the template type pseudowire command configured.

Workaround: There is no workaround.

  • CSCuc64719

Symptoms: A Cisco ME 3600X HSRP failover is seen in VPLS.

Conditions: This symptom occurs when HSRP state changes from active to standby. The MAC address on the active router is not flushed.

Workaround: Clear MAC table on HSRP active router.

  • CSCuc64899

Symptom: The router does not learn remote Connectivity Fault Management (CFM) Maintenance Endpoint (MEPs).

Conditions: Occurs on interfaces with an xconnect statement after a reload on a peer device.

Workaround: Remove and re-apply the CFM configuration.

  • CSCuc65424

Symptoms: On dual RP configurations, a standby route processor might crash when establishing new interfaces (could be PPP sessions).

Conditions: This symptom is observed when IDB reuse is turned on on a dual RP configuration, and when some interfaces are deleted and created again.

Workaround: Turn off the IDB reuse option.

  • CSCuc66122

Symptoms: A crash occurs with the show ip sla summary command with the IP SLAs RTP-Based VoIP Operation.

Conditions: This symptom occurs when the IP SLAs RTP-Based VoIP Operation is configured on the box.

Workaround: Use the show ip sla statistics command to check the status and statistics of the IP SLAs RTP-Based VoIP Operation rather than show ip sla summary command, when the IP SLAs RTP-Based VoIP Operation is configured on the box.

  • CSCuc66895

Symptoms: Layer 2 traffic loop seen in REP topology for a transient time, when the Cisco ASR 903 which is a part of the REP ring is reloaded.

Conditions: This symptom is observed when the Cisco ASR 903 is part of an REP ring, and the box is reloaded with saved REP configurations.

Workaround: Traffic loop is transient, once REP convergence looping is stopped.

  • CSCuc66911

Symptoms: The port-channel goes down operationally thereby deleting remote mep information causing 1DM session to be inactive on initiator.

Conditions: This issue occurs when 1DM probe is started on the responder followed by initiator with cos value 7.

Workaround: There is no workaround.

  • CSCuc67687

Symptom: With a rare combination, and VRF-related RG configurations, the router may crash following the configuration commands.

Conditions: This symptom is observed with the following configuration:

R1-13RU(config-if)#ip vrf forwarding b2b-vrf
% Interface GigabitEthernet0/1/0 IPv4 disabled and address(es) removed due to
enabling VRF b2b-vrf
% Interface GigabitEthernet0/1/0 virtual IP address <ip> removed due to VRF change
% Zone security Z1 is removed due to VRF config change on interface
GigabitEthernet0/1/0
 
R1-13RU(config-if)#ip address <ip> <mask>
R1-13RU(config-if)#zone-member security Z1
R1-13RU(config-if)#redundancy group 1 ip <ip> exc dec 50

Workaround: There is no workaround.

  • CSCuc68246

Symptoms: The standby IOMD crashes on booting up the standby RSP.

Conditions: This symptom occurs when booting up the standby RSP with a configuration that is already present.

Workaround: Boot up the standby without any configurations and start configuration once the standby has reached STANDBY_HOT state.

  • CSCuc68743

Symptoms: A crash occurs while running CME smoke regression.

Conditions: This symptom is observed while running CME smoke regression.

Workaround: There is no workaround.

  • CSCuc69342

Symptoms: About 10 minutes after CUBE boot, the router crashes with the following traceback:

-Traceback= 5B01805 46158ED 45F4F57 45BB19E 45BA1CF 451D6DC 4525549 45252D9 4519C30 45196A9 4778FFD

After the reload from the crash, it may take some time before it crashes again.

Conditions: This symptom occurs when CUBE receives the SIP REFER message with the Refer-To header having no user part.

Workaround: There is no workaround.

  • CSCuc70310

Symptoms: RRI routes are not installed in DMAP. “reverse-route” is a configuration in the DMAP. This prevents packets from being routed through the intended interface, and hence packet loss occurs.

Conditions: This symptom is observed when a simple reverse-route is configured in DMAP without any gateway options.

Workaround: There is no workaround.

  • CSCuc71493

Symptoms: Significant transaction time degradation is observed when an e-mail with attachment(s) is sent from the Windows 7 client using Outlook to a server running Outlook 2010 on the Windows 2008 server and the WAN latency is low, that is, ~12ms RTT.

Conditions: This symptom is observed when the client is Windows 7 and data is being uploaded using the MAPI protocol and the connection is being optimized by WAAS-Express.

Workaround: Disable WAAS-Express.

  • CSCuc71706

Symptoms: Execution of the show run command and other commands such as copy run start and show access-list cause the router to stop for a few minutes before completing.

Conditions: This symptom is observed with Cisco ISR G2 routers. This issue is seen only with IPV6 configured and used.

Workaround: There is no workaround.

  • CSCuc72244

Symptoms: On the Cisco 7600, both sides running Cisco IOS Release SRE4, Ethernet SPA configured with “negotiation Auto” and changed to “no negotiation auto”. The interface is operating in half-duplex instead of full-duplex mode.

Conditions: This is a timing issue seen when configuring/un-configuring auto-negotiation or when doing continuous router reload.

Recovery action: Configuring “shut” and “no shut” on the interface changes the duplex state to full-duplex.

Workaround: There is no workaround.

  • CSCuc73473

Symptoms: The IPv6 default route is not redistributed in BGP(VRF).

Conditions: This symptom occurs when the OSPFv3 “default-information originate always” is configured in the same VRF.

Workaround: To clear the issue, enter “cle ip bg *”. To avoid the issue, remove “default-information originate always” from OSPFv3 in the respective VRF.

  • CSCuc73677

Symptoms: RSA keys are not generated correctly.

Conditions: This symptom occurs when you first clear the RSA keys that are already generated on the router, and then generate the RSA keys.

Workaround: There is no workaround.

  • CSCuc76130

Symptoms: IPsec SAs are not getting deleted even after removing ACL.

Conditions: This symptom occurs when using the IPsec feature with Cisco IOS Release 15.3(0.18)T0.1.

Workaround: There is no workaround.

  • CSCuc76298

Symptoms: In ASR B2B HA setup, the new active router crashes at ccsip_send_ood_options_ping immediately after switchover with OOD OPTIONS enabled.

Conditions: This crash is seen in the following scenario:

Standby router has OOD OPTIONS enabled either because it is present in startup configuration or enabled after boot-up.

Next, disable OOD OPTIONS.

Switchover happens.

Workaround: Reload standby router once after OOD OPTIONS configuration changes from enabled to disabled.

  • CSCuc76309

Symptom: Crash on rp2 : be_ip_arp_retry_

Conditions: None

Workaround: Disable arp retry feature. To disable arp retry feature following two commands are needed: no ip arp incomplete enable and no ip arp incomplete retry .

  • CSCuc76515

Symptoms: Xconnect fails to negotiate to the correct vc-type on reload.

Conditions: This symptom is seen in vc-type4 session.

Workaround: Clear xconnect peer.

  • CSCuc76670

Symptoms: 2X1GE-SYNCE (metronome) SPA does not boot on a 2RU (Cisco ASR 1002).

Conditions: This symptom is observed with Cisco IOS XE Release 3.7S onwards, when metronome SPA (2X1GE-SYNCE) fails to boot on a 2RU. An error message indicating that the SPA is not supported is displayed on the RP console.

Workaround: There is no workaround.

  • CSCuc77283

Symptoms: Upon reload or OIR, the CFM MEP configuration on an xconnect EFP is removed and cannot be reconfigured.

Conditions: This symptom is observed with a CFM MEP on xconnect service instance. This issue is seen when reload or OIR is performed.

Workaround: Remove the domain configuration.

  • CSCuc77704

Symptoms: The GETVPN/GDOI Secondary Cooperative Key Server (COOP-KS) does not download the policy (that is, when the show crypto gdoi ks policy command is issued on the Secondary COOP-KS and the command output shows that no policy is downloaded) and Group Members (GMs) registering to the Secondary COOP-KS fail to register without any warning/error message.

Conditions: This symptom is observed when the GETVPN/GDOI group (with COOP configured) has an IPsec profile configured with one of the following transforms in its transform-set:

esp-sha256-hmac

esp-sha384-hmac

esp-sha512-hmac

Workaround: Use esp-sha-hmac as the authentication transform instead.

  • CSCuc78328

Symptoms: Randomly, when the below condition is met, SP crashes followed by RP reset.

Conditions: Multicast enabled (PIM) on the tunnels protected with IPsec.

Workaround: There is no workaround.

  • CSCuc79161

Symptoms: Memory leak is observed.

Conditions: This symptom occurs after flapping the interface, keeping the setup idle, and executing “clear xconnect”.

Workaround: There is no workaround.

Further Problem Description: The PI front-end pseudoport is not deleted when the xconnect is removed, which causes the memory leak. This issue occurs because PD returns BDOMAIN_PP_FAILED to PI when pp_engine_context is a NULL pointer.

  • CSCuc79923

Symptoms: On a Cisco 7600 running Cisco IOS Release 15.2(4)S1, packets from FWSM are dropped when the servicemodule session is enabled. Ping fails for the VLAN interface on the FWSM module from the supervisor. The ARP entry is incomplete on the Cisco 7600.

Conditions: This symptom is observed with the following conditions:

This issue is seen on the Cisco 7600 with FWSM and SUP-720-3B running Cisco IOS Release 15.2(4)S1.

The FWSM is in Crossbar mode.

The system is in “distributed” egress SPAN replication mode.

This issue is not seen with Cisco IOS Release 12.2(33)SRE7.

Workaround:

Disable the servicemodule session.

Change the fabric switching mode to bus.

Change SPAN egress replication mode to “centralized”.

  • CSCuc82224

Symptoms: When a dynamic-EID host moves from one site to another, the hosts at the old site may not be able to communicate with the host that moved away.

Conditions: This symptom occurs if the xTR at the old site had a map-cache entry for the dynamic-EID host that moved, for example, due to lig self. Then, this map-cache entry prevents communication after the dynamic-EID host moved away.

Workaround: Clear the map-cache entry for the host prefix in question.

  • CSCuc82551

Symptoms: A Cisco ASR 1001 running Cisco IOS XE Release 3.6.2S or Cisco IOS XE Release 3.7.1S crashes with SNMP traffic.

Conditions: This symptom is observed with SNMP polling with an IP SLA configuration.

The crash signature is as follows:

UNIX-EXT-SIGNAL: Segmentation fault(11), Process = SNMP ENGINE

Workaround: Remove the SNMP configuration from the router or schedule the probe before polling via SNMP.

  • CSCuc83104

Symptoms: Path confirmation fails for blind transfer scenarios for both SIP Line and trunk-side scenarios.

Conditions: This symptom is observed if “no supplementary-service sip refer” is configured.

Workaround: Configure “supplementary-service sip refer”.

  • CSCuc85810

Symptoms: A VRF cannot be deleted from CLI.

Conditions: This symptom is observed when “no ipv6 pim vrf <vrf name> rp-address <ipv6 address>” is entered immediately after “no vrf definition <vrf name>”

Workaround: After “no vrf definition <vrf name>”, do not enter “no ipv6 pim vrf <vrf name> rp-address <ipv6 address>”, until VRF deletion is completed.

  • CSCuc87208

Symptoms: The router crashes while configuring inherit peer-session.

Conditions: A peer-session template is inheriting from another peer-session template where the inherited template has the “ha-mode sso” configured. For example:

router bgp 1
template peer-session ps.rmtAS.10000
remote-as 10000
exit-peer-session
template peer-session ps.rmtAS.10000.sso
inherit peer-session ps.rmtAS.10000
ha-mode sso
exit-peer-session
template peer-session ps.rmtAS.10000.sso.bfd
inherit peer-session ps.rmtAS.10000.sso

Workaround: There is no workaround.

  • CSCuc88175

Symptoms: When a dynamic cryptomap is used on the Virtual Template interface, SAs do not created and thus the testscripts fail. This issue occurs because the crypto map configurations are not added to the NVGEN, and hence there is no security policy applied on the Virtual Template interface.

Conditions: This symptom occurs only when a dynamic map is used on the Virtual Template interface. However, this issue is not seen when tunnel protection is used on the Virtual Template interface or when a dynamic map is used on the typical physical interface.

Workaround: There is no workaround apart from using tunnel protection on the Virtual Template interface.

  • CSCuc88312

Symptoms: A memory leak is seen at cca_realloc_cb_ce_mask.

Conditions: This happens when CCA is configured on multiple interfaces and one of them is brought down.

Workaround: There is no workaround.

  • CSCuc90011

Symptoms: Memory leak is caused by executing “show vpdn history failure” after PPP authentication failure.

Conditions: This symptom occurs when executing the “show vpdn history failure” CLI.

Workaround: There is no workaround.

  • CSCuc90061

Symptoms: Attaching the QoS policy on EFP with rewrite action as ingress rewrite push was not supported previously. Now, policy with only class-default can be attached to these EFPs.

Conditions: This symptom is observed only for EFPs with rewrite action configured as ingress rewrite push.

Workaround: There is no workaround.

  • CSCuc90580

Symptoms: Ping fails over RoutedPW.

Conditions: This symptom is seen with SVI based MPLS uplink.

Workaround: Disable mac learning.

  • CSCuc91582

Symptoms: Adding EFP to Bridge-Domain fails and errors are seen when reloading with Cisco IOS XE Release 3.7.1a.

Conditions: This symptom is observed when reloading the Cisco ASR 903 with Cisco IOS XE Release 3.7.1a, when EFP and PW are in the same Bridge-Domain.

Workaround: Post reload, remove the EFP configurations, and configure PW first and then EFP.

  • CSCuc92167

Symptoms: SSH use of Diffie-Hellman exchange to negotiate keying material is insecure and may lower the security of Diffie-Helman exchange.

Conditions: There are known attacks against DH that takes effort of the effectively halving the length of the private key. Due to SSH use of DH private values of certain lengths, if the SSH is negotiated using AES-128 and HMAC-MD5, the time needed to recover the keys is lower than expected.

Workaround: There is no workaround.

PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 3.6/3.2:

https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do? dispatch=1&version=2&vector=AV:N/AC:H/Au:S/C:P/I:P/A:N/E:POC/RL:U/RC:C No CVE ID has been assigned to this issue. Additional information on Cisco’s security vulnerability policy can be found at the following URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

  • CSCuc92974

Symptoms: The mDNS responses are not received by client in latest mcp_dev.

Conditions: This symptom does not occur under any specific conditions.

Workaround: There is no workaround.

  • CSCuc93082

Symptoms: Bulk Sync failure when standby comes up with ser-policy on CEM PW.

Conditions: Bulk-sync failure when standby is brought up from rommon while having service-policy configured on cem circuit on the active.

Workaround: There is no workaround.

  • CSCuc93135

Symptoms: The PTP processor boot failure may lead to file descriptor leakage.

Conditions: This symptom is observed when the PTP processor is enabled.

Workaround: There is no workaround.

  • CSCuc93361

Symptoms: “ip” protocol is not accepted in the ping command with the IPv6 address configured.

Conditions: This symptom occurs when a single interface is configured with an IP address, and later, the mask alone is changed. For example:

int e0/0
ip addr 10.1.1.1 255.255.255.0
no shut

Later,

int e0/0
ip addr 10.1.1.1 255.255.0.0

Workaround: Configure a different IP address and then revert to the same address with the changed mask. For example:

int e0/0
ip addr 10.1.1.1 255.255.255.0
no shut

Later,

int e0/0
ip addr 10.1.1.2 255.255.0.0
ip addr 10.1.1.1 255.255.0.0
  • CSCuc93739

Symptoms: Phase 2 for EzVPN client with split network and VTI does not come up if IPsec SA goes down.

Conditions: The root cause of the issue is that IPsec SA is not being triggered after IPsec SA is down due to no traffic. So in spite of traffic IPsec SA is not coming up leading to packet drops in client network. The same problem is not seen with Cisco IOS Release 15.0(1)M7. This behavior is introduced post-PAL where virtual-interface creates a ruleset where traffic cannot trigger IPsec SA again once IPsec SA is deleted.

Workaround 1: Configure “ip sla” on EZVPN client for split networks, so IPsec SA will not go down.

Workaround 2: Remove “virtual-interface” from EZVPN client profile if that is not needed.

Further Problem Description: The problem is not seen in Cisco IOS Release 15.2(4)M1 without virtual-interface.

  • CSCuc94687

Symptoms: SHA2 processing in software causes low throughput or high CPU.

Conditions: This symptom is observed with the Cisco 892 with SHA2 configured and the onboard crypto engine enabled running Cisco IOS Release 15.2(4)M and later releases.

Workaround: There is no workaround.

  • CSCuc94983

Symptoms: Node crashes.

Conditions: This symptom is seen with rigorous flapping of the core.

Workaround: Have a stable core network.

  • CSCuc95160

Symptoms: After receiving the CRCX message, the Cisco AS5400 does not send 200 ok to SSW. SSW sends the CRCX message to the Cisco AS5400 again. Between these messages, debug outputs are displayed. It seems that the call is not disconnected completely for the end point by the previous disconnect request (the DLCX is received after the CRCX message from SSW). The end point may be stuck in call_disconnecting state.

Conditions: This symptom is observed with MGCP. This issue occurs when the Cisco AS5400 receives DLCX before sending 200 ok for the first CRCX message.

Workaround: There is no workaround.

  • CSCuc96241

Symptoms: The Cisco Y.1731 Performance Monitoring SLM interworking between the Cisco ME3400 and the Cisco IOS-XR ASR 9000 is not functioning.

Conditions: This symptom is observed when SLM is running on the Cisco ME3400 and Cisco IOS-XR ASR 9000 router.

Workaround: There is no workaround.

  • CSCuc96345

Symptoms: ARP exchange between the Cisco 7600 and the client device fails. The Cisco 7600 has an incomplete ARP entry in its ARP table for the client. This issue is likely to be seen between the Cisco 7600 and other Cisco platforms with MAC address 6073.5Cxx.xxxx. The incoming ARP reply is parsed by the platform CEF as an IP packet and dropped.

The following OUIs (as of October 30, 2012) are affected: (first 3 bytes from MAC address/MAC starts with)

14-73-73

20-73-55

4C-73-67

4C-73-A5

54-73-98

60-73-5C (One of Cisco's OUI ranges)

64-73-E2

70-73-CB

8C-73-6E

98-73-C4

A0-73-32

C4-73-1E

D0-73-8E

F0-73-AE

F4-73-CA

Conditions: This symptom is observed with the EVC pseudowire and 802.1q subinterface on the same physical interface, and connectivity via the subinterface is affected.

Sample configuration:

interface TenGigabitEthernet3/1
service instance 2013 ethernet
encapsulation dot1q 411 second-dot1q 200
rewrite ingress tag pop 2 symmetric
xconnect 10.254.10.10 3350075 encapsulation mpls
interface TenGigabitEthernet3/1.906
encapsulation dot1Q 906
ip address 10.10.10.1 255.255.255.0

Workaround:

There should be a static ARP entry on the Cisco 7600 for the client’s MAC and IP.

Change the MAC address of client to a nonaffected OUI.

NOTE: This ddts is caused/exposed due to fix of CSCtc22745

  • CSCuc96631

Symptoms: Incoming calls through e1 r2 stop working in Cisco IOS Release 15.2(4)M1.

Conditions: This symptom is observed with incoming calls through e1 r2 in Cisco IOS Release 15.2(4)M1. Outgoing calls work fine.

Workaround: Use Cisco IOS Release 15.2(2)T.

  • CSCuc97506

Symptoms: MPLSTPoSVI: Working path goes down after shut/no shut on SVI interface.

Conditions: This symptom is not observed under any specific conditions.

Workaround: Remove and re-add TP link configuration on SVI interface.

  • CSCuc97711

Symptoms: After SSO, traffic on the P2P-GRE tunnel within an MVPN may be affected.

Conditions: This symptom is observed with Cisco IOS Release SREx- and RLSx-based releases.

Workaround: Shut/no shut the P2P tunnel interface.

  • CSCuc97995

Symptoms: The PPPoE subscribers stop coming online.

Conditions: This symptom is not observed under any specific conditions.

Workaround: The following workaround are used to resolve the issue:

1. Remove radius attribute “ip mtu x” from the user profile.

2. Remove accounting list from the service applied to the subscriber.

  • CSCuc98021

Symptoms: One-way voice audio issue is seen over CUBE after session re-INVITE is sent.

Conditions: This symptom is observed with the following call flows:

Signaling: Cisco IP phone ==> CUCM ==> CUBE ==> CCIPL ==> CCIPL IP phone Media: Cisco IP phone <=== sRTP ==> CUBE <== RTP ==> CCIPL IP phone

Workaround: Do not use SRTP on the CUCM <-> CUBE leg.

  • CSCuc98226

Symptoms: When a PC is moved between two VLAN ports (on one port, ISG is enabled, and the other is non-ISG) several times by its LAN cable connection on the L2SW that is connected to the Cisco ASR 1000 router, the PC becomes unable to acquire an IP address from DHCP on the router. At that time, an incorrect interface is shown in “show ip dhcp binding”.

Conditions: This symptom is observed with Cisco IOS Release 15.2(4)S1.

Workaround: There is no workaround.

  • CSCuc98232

Symptoms: The Embedded Packet Capture (EPC) for the Cisco ASR1000 platform is currently only available in the adventerprisek9 feature set. This is a basic infrastructure feature and needs to be enabled in all feature sets.

Conditions: this symptom is not observed under any specific conditions.

Workaround: There is no workaround.

  • CSCuc98469

Symptoms: The Cisco ME3800X hangs and crashes several times after receiving corrupted frames with CRC errors on TenGig interface.

Conditions: This symptom occurs due to bad quality optical link.

Workaround: Fix the link to remove line injected errors.

  • CSCuc99750

Symptoms: EIGRP routes, that are not FS are getting into the routing table.

Conditions: The issue happens when we increase variance and maximum paths.

Workaround: There is no workaround.

  • CSCud01502

Symptoms: A crash occurs in CME while accessing a stream in sipSPIDtmfRelaySipNotifyConfigd.

Conditions: This symptom occurs in CME.

Workaround: There is no workaround.

  • CSCud01774

Symptoms: Under an extremely rare occurrence, a router can crash during “no router ospf <pid>” execution.

Conditions: This symptom is observed when there is a redistribute statement configured under the OSPF process.

Workaround: There is no workaround.

  • CSCud02357

Symptoms: The extension mobility feature is failing.

Conditions: This symptom is observed in Cisco IOS Release 15.3(2)T.

Workaround: There is no workaround.

  • CSCud02391

Symptoms: The EIGRP routes are not coming up after removing and reenabling the tunnel interface.

Conditions: This symptom is observed when EIGRP routes do not populate properly.

Workaround: There is no workaround.

  • CSCud03016

Symptoms: The TCP HA connection gets closed with SSO disabled from standby.

Conditions: This symptom is observed when the connection is initiated from a non-HA box to an HA box.

Workaround: There is no workaround.

  • CSCud03273

Symptoms: All the paths using certain next-hops under the route-map are marked inaccessible.

Conditions: This symptom occurs under the following conditions:

1. Configure peer groups.

2. Apply BGP NHT with route-map (no BGP neighbors are created or added to peer groups).

3. Configure the Prefix-list.

4. Configure the route-map.

5. Configure the BGP neighbor and add them to peer groups.

Workaround: Configure “route-map permit <seq-num> <name>” or activate at least one neighbor in “address-family ipv4”.

  • CSCud03646

Symptoms: After SSO, sometimes the repair path over the remote LFA tunnel may point to drop adjacency.

Conditions: This symptom is a rare condition that appears infrequently in an older code base.

Workaround: Shut/no shut the interface to force recreating the tunnel.

  • CSCud04998

Symptoms: The Cisco 7600 LC crashes when the frame interval is set less than 25 ms and aggregate interval is greater than 10.

Conditions: This symptom is observed when the frame interval is set less than 25 ms and aggregate interval is greater than 10.

Workaround: Do not set the frame interval to less than 25ms.

  • CSCud05019

Symptoms: There is traceback after the Cisco SSO.

Conditions: This symptom is observed with Cisco EoMPLS and TE.

Workaround: There is no workaround.

  • CSCud05636

Symptom: The MAC-address gets corrupted when user sends the multicast traffic.

Conditions: This symptom is observed with Cisco IOS Release 15.1(4)M3 image, where as the same multicast traffic works as expected with Cisco IOS Release 12.4T image.

Workaround: A possible work around is to enable the ip pim nbma- mode command at the CPE end.

  • CSCud06171

Symptoms: The Cisco router crashes upon clearing of the AppNav counters.

Conditions: This symptom can occur in a normal running device.

Workaround: There is no workaround.

  • CSCud06237

Symptoms: Local ID is 0.0.0.0 in PfR target discover feature.

Conditions: This symptom is seen when manual EIGRP is used for PfR target discover feature.

Workaround: There is no workaround.

Further Problem Description: A site will not be able to publish its local prefixes.

  • CSCud06887

Symptoms: There is no sync of SADB on an active router when it reloads from the current standby router.

Conditions: This symptom occurs when the active and standby routers are up. Whenever a session is up, there is a sync of SADB from active to standby. When active reloads and is up, there is no sync of SADB from the current active router.

Workaround: Remove the isakmp-profile configuration under the crypto map.

  • CSCud07642

Symptom: The ASR 903 is unable to pass traffic to the ASR 9000. Conditions: Occurs with a clear-channel ATM over MPLS configuration using AAL0 encapsulation. Workaround: Enable MPLS control-word on the ASR 9000.

  • CSCud07856

Symptoms: SP crashes at “cfib_update_ipfrr_lbl_ref_count”.

Conditions: This symptom is observed with a scaled IP-FRR configuration.

Workaround: Remove the IP-FRR configuration.

  • CSCud08166

Symptoms: The Cisco ASR 1000 router crashes with “Exception to IOS Thread” and the following error: “UNIX-EXT-SIGNAL: Segmentation fault(11), Process = Virtual Exec”

Conditions: This symptom is observed when an ACL used with “ip pim rp-address” is moved from standard to extended and “no ip multicast-routing” is configured (either in global or in a mVRF). The standard ACL must be deleted and recreated as extended, for example:

The following series of commands are necessary to trigger the crash:

<begin-config>
!
ip multicast-routing
!
ip pim rp-address 10.200.255.42 STATIC-RP-LN-SERVER-FARMS override
!
no ip access-list standard STATIC-RP-LN-SERVER-FARMS
ip access-list extended STATIC-RP-LN-SERVER-FARMS
remark -- STATIC RP LN SERVER FARMS MCAST GROUP ACL --
permit ip 239.255.0.0 0.0.255.255 any
permit ip 224.0.0.0 15.255.255.255 any
!
!
no ip multicast-routing
<end-config>

Workaround: Crash can be prevented by any of the following methods:

1. Disassociate the standard ACL from “ip pim rp-address” before deleting ACL. For example.

no ip pim rp-address 10.200.255.42 STATIC-RP-LN-SERVER-FARMS override

and then

no ip access-list standard STATIC-RP-LN-SERVER-FARMS

2. Do not convert a standard ACL to extended while it is still being referenced in “ip pim rp-address”. Use a new name for the new extended ACL.

3. Do not disable multicast routing using “no ip multicast-routing”.

  • CSCud08595

Symptoms: After reload, ISDN layer 1 shows as deactivated. Shut/no shut brings the PRI layer 1 to Active and layer 2 to multiframe established.

Conditions: This symptom occurs when “voice-class busyout” is configured and the controller TEI comes up before the monitored interface.

Workaround: Remove the “voice-class busyout” configuration from the voice-port.

  • CSCud09627

Symptoms: The following error message is seen on the console:

npm_intfman_get_el3idc_vlan_index:interface el3id handle is NULL

Conditions: This symptom is seen under the following conditions:

no mpls traffic-eng tunnels

mpls traffic-eng tunnels

clear ip bgp * or

on doing IM OIR on peer end

Workaround: There is no workaround.

  • CSCud11453

Symptoms: The following traceback appears in the console:

:39:23.127: %IPV6_ROUTING-3-RIB: ipv6_is_addr_ours called for link-local address with wrong tableid -Process= "NCEF ADJ Refresh bg process", ipl= 0, pid= 84 -Traceback= 6FAF20z 10C1A44z BA391Cz 2AF5C04z 2BFFC6Cz 2C566CCz 2C519B8z

Conditions: This symptom is observed when you enable IPv6.

Workaround: There is no workaround. This symptom does not have a functional impact.

  • CSCud13862

Symptoms: The Cisco WS-SUP720 running Cisco IOS Release 12.2(33)SRE3 crashes.

Conditions: This symptom occurs during a CPU process history update.

Workaround: The issue can be avoided by removing the configuration statement for “CPU Utilization Statistics”.

conf t
no process cpu statistics limit
  • CSCud16693

Symptoms: The Cisco ME3600X/ME3800X switch crashes as soon as you apply policy-map referencing table-map.

Conditions: This symptom occurs when applying a service policy that has an unsupported combination of police action with table-map and without table-map.

Workaround: Configure a service policy which does not have the combination of police action with table-map and without table-map.

  • CSCud17448

Symptoms: The CoS-inner value is getting copied to CoS in case of Q-in-Q configuration on EVC bridge-domain.

Conditions: This symptom is observed with EVC bridge-domain with Q-in-Q and no rewrite configuration.

Workaround: There is no workaround.

  • CSCud17934

Symptoms: PW redundancy on the Cisco 7600 does not work when the primary VC goes down and the backup VC takes over, and CE to CE communication is broken.

Conditions: This symptom is observed with the following conditions:

The MPLS facing LC is WS-X6704-10GE.

The CE facing LC is ES+.

Workaround: Use another HW on the MPLS core.

  • CSCud19149

Symptoms: Traffic drops for few VPLS VCS when we have ECMP links.

Conditions: This symptom occurs when you shut one of the ECMP path when more than 200 VPLS VCS is configured.

Workaround: There is no workaround.

  • CSCud19230

Symptoms: ES+ line card reload occurs with the following error messages:

%PM_SCP-SP-1-LCP_FW_ERR: System resetting module 2 to recover from error: x40g_iofpga_interrupt_handler: LINKFPGA IOFPGA IO Bus Err val: 4214784 Bus Error Add:332 Bus Err data: 0
%OIR-SP-3-PWRCYCLE: Card in module 2, is being power-cycled Off (Module Reset due to exception or user request)
%C7600_PWR-SP-4-DISABLED: power to module in slot 2 set Off (Module Reset due to exception or user request)

Conditions: This symptom is observed with the ES+ line card.

Workaround: There is no workaround.

  • CSCud19257

Symptoms: NAT CLIs expose the vrf keyword on the Cisco 7600, which is not supported.

Conditions: This symptom is observed with a NAT configuration.

Workaround: Do not use the vrf keyword for NATing on the Cisco 7600.

  • CSCud19500

Symptoms: All L2PT protocols do not work when you have l2pt configured only on the port-channel EVC.

Conditions: This symptom is observed when you have a l2pt EVC only under port-channel interface and it does not configure the EARL redirect register.

Workaround: Configure a l2pt EVC under any physical interface.

  • CSCud19593

Symptoms: DHCP-Restart-session doesn’t get synced to the standby for dual-stack session

Conditions: First we have to create a dual-stack session (one stack should be DHCPv4) on the box and then clear it. Then we should restart the DHCP-session.

Workaround: There is no workaround.

  • CSCud22222

Symptoms: On a router running two ISIS levels and fast-reroute, the router may crash if “metric-style wide level-x” is configured for only one level.

Conditions: Issue may happen if metric-style wide is configured for only one level on router running both levels, and fast-reroute is configured.

Workaround: Configure metric-style wide for both levels (by default).

  • CSCud22399

Symptoms: The ICC 12.0 compiler warning on mcp_dev - policy.

Conditions: This symptom is observed during compilation warning thrown by policy code.

Workaround: There is no workaround.

  • CSCud22601

Symptoms: MPLS-TP tunnels remain down after the standby RSP boots.

Conditions: Occurs when you boot the standby RSP after applying an MPLS-TP configuration and performing an SSO. The issue occurs rarely.

Workaround: Issue a shutdown/no shutdown on the MPLS-TP tunnel. A nonintrusive workaround is to cause a flap on the protect label switched path (LSP) by reconfiguring the path or physically shutting down and restoring the interface.

  • CSCud24084

Symptoms: Performing a default MDT toggling on a VRF results in the encapsulation tunnel adjacency’s MTU being set to a lower MTU.

Conditions: This symptom is observed with Cisco IOS XE Release 3.7S (Cisco IOS Release 15.2(4)S) and later releases when the mdt default <> is toggled on a VRF.

Workaround: Delete and add the affected VRF.

  • CSCud24567

Symptoms: On shut/no shut on SVI with SRC and receivers connected on same VLAN on encape PE, causes the router to crash.

The same crash was reproducible while shut/no shut of the access interface on CE connected to the PE. At this point IGMP snooping was disabled and MLD is enabled.

Conditions: This symptom occurs under the following conditions:

1. IGMP snooping was disabled and mld is enabled

2. Cisco IOS version RLS 11 (15.2(01)S) and above

Workaround: Enabling IGMP resolves this issue.

Further Problem Description: An IGMP specific structure was getting accessed which would be invalid when IGMP is disabled. This leads to the crash.

  • CSCud26189

Symptom: The map cache entries are lost after RP switchover when lisp_patr is configured.

Conditions: This symptom occurs after RP switchover.

Workaround: There is no workaround.

  • CSCud26339

Symptoms: Changing policy-map parameters triggers a Cisco IOSd crash.

Conditions: This symptom is observed when the policy-map is attached to a service instance on the Cisco ASR 903.

Workaround: Remove the policy-map from the target and then make the changes.

  • CSCud27379

Symptoms: WS-SUP720-3B running Cisco IOS Release 12.2(33)SRE4 crashes at get_alt_mod after issuing “sh run int g4/13” with several trailing white spaces until the cursor stops moving.

Conditions: This symptom occurs when you issue the show run interface command with trailing spaces until the cursor stops moving.

Workaround: Do not specify trailing spaces at the end of the show run interface command.

  • CSCud28541

Symptoms: SP was crashing on doing no mpls ip followed by shut on port-channel acting as core link for scaled vpls and eompls setup.

Conditions: In case of VPLS going over port-channel protected by ip-frr, when port-channel is shut the atom vc was going down and getting created again - also the PPO object is getting created afresh. VC going down was not handled for vpls case and atom vc’s pointer were still stored in ip-frr’s eompls list which was getting access and hence crashing.

Workaround: There is no workaround.

  • CSCud28652

Symptoms: Configured DHCP routes is seen twice in show run.

Conditions: This symptom is observed when we configure a route through DHCP.

Workaround: There is no workaround.

  • CSCud28759

Symptoms: SPA crash is seen when invoking spa_choc_dsx_cleanup_atlas_ci_config with no data packed.

Conditions: This symptom is observed when the packed data size should be 1 and the status should be success.

Workaround: There is no workaround.

  • CSCud29000

Symptoms: Traffic with wrong tag is sent on dynamically modifying the rewrite tag.

Conditions: This symptom is observed when on dynamically changing the tag to be pushed, device sends traffic with previously configured tag.

Workaround: Remove the service instance and reconfigure with new rewrite tag to be pushed.

  • CSCud31012

Symptoms: MVPNv6 is not working with IPservices image.

Conditions: This symptom is observed as MVPNv6 is supported only from Cisco IOS Release 15.2(4)S. So, this issue is applicable for any release after Cisco IOS Release 15.2(4)S.

Workaround: Use the enterprise image.

  • CSCud31808

Symptoms: With the two commands configured listed under the conditions of this release note, the Cisco router might start advertising a low TCP receive window size to the TCP peer for a specific TCP transaction. The value of this receive window size becomes equal to the configured MSS value, and it will never exceed this value anymore. This might impact TCP performance.

Conditions: This symptom happens only if the following two commands are configured on the router:

ip tcp mss x
ip tcp path-mtu-discovery

Workaround: Either change the path-mtu discovery ager timeout to 0, or remove one of the two commands.

  • CSCud32967

Symptoms: Standby crash after doing account-logon with v4 session.

Conditions: Perform Account Logon.

Workaround: There is no workaround.

  • CSCud33159

Symptoms: Excessive loss of MPLS VPN traffic and high CPU utilization is observed due to the process switching of MPLS traffic over the ATM interface.

Conditions: This symptom occurs when MPLS is enabled on the ATM interface with aal5snap encapsulation.

Workaround: There is no workaround.

  • CSCud33489

Symptoms: The L2PT packets are not reaching the destination from one peer to another.

Conditions: This symptom is observed under the following conditions:

1. When you have L2PT EVC along with non-L2PT EVCs on the same interface or port-channel interface.

2. On LC OIR or reload, the L2PT packets does not get tunneled.

Workaround: Remove and add the L2PT config on the EVC.

  • CSCud33564

Symptoms: BFD sessions are not offloaded.

Conditions: This symptom occurs when XDR infra creates a split event for an XDR mcast_grp and the BFD client ignores it. For this bug, the reason for the split is that a slot is not able to process messages as fast as other slots, thus causing distribution for all slots to block while it catches up. This issue typically occurs with either of the following conditions:

1. The slot has a slower CPU than the others.

2. The amount of work being down during processing of messages is greater than on other slots.

Workaround: Reload ES+ cards.

  • CSCud33887

Symptoms: 6VPE packets get punted and policed.

Conditions: This symptom is seen when ESP header is enabled.

Workaround: There is no workaround.

  • CSCud34154

Symptoms: Router running IOS and having an LDP session configured to use a key-chain password crashes when the password expires.

Conditions: LDP configured to use a keychain for a session and that keychain is configured with a lifetime causing the password to expire.

Workaround: Do not configure the keychain with a lifetime - this causes the keychain to never expire.

  • CSCud35336

Symptoms: There is a trace back without any traffic loss.

Conditions: This symptom occurs when you disable and enable multicast routing on vrf without any delay.

Workaround: If disable/enable of multicast routing is given with a time gap, this issue does not occur.

  • CSCud35423

Symptoms: IOSD crashes on ISG policy handling process.

Conditions: This symptom is seen while handling ISG subscriber traffic.

Workaround: There is no workaround.

  • CSCud35462

Symptoms: Multicast traffic does not flow over mvpn.

Conditions: SVI is used as core interface.

Workaround: Use a physical interface as core interface.

  • CSCud36113

Symptoms: Ping fails between CE routers.

Conditions: This symptom is observed when you configure MPLS VPN Inter-AS IPv4 BGP Label Distribution and flaps “mpls bgp forwarding” in the interface between ASBRs.

Workaround: Removing and adding (flapping) the static routes between ASBRs resolves the issue.

  • CSCud36208

Symptoms: The multilink ID range has to be increased from the existing 65535.

Conditions: This symptom is observed specifically with the Cisco MWR1.

Workaround: There is no workaround. The range is now made configurable based on PD.

  • CSCud36723

Symptoms: RPF information for IPv6 multicast mroutes is not updated when routing changes.

Conditions: This symptom occurs when an IPv6 multicast configuration is present in the startup configuration.

Workaround: After startup, remove all IPv6 multicast configurations, if any, and then apply the configuration as needed.

  • CSCud36810

Symptoms: Scale 48k ISG IP sessions which are weblogon and tal authenticated sessions, and then churn the sessions.

Conditions: This symptom occurs when the system runs out of memory after churning for a couple hours.

Workaround: Reboot the system to recover memory.

  • CSCud38038

Symptom: The router records incorrect delay measurements after a reload.

Conditions: Occurs under the following conditions: You configure Delay Measurement Message (DMM) on a port-channel interface The port-channel member links are on different interface modules (IMs) You reload the router.

Workaround: You can use the following workarounds: Remove the ethernet cfm global command and re-apply it after the port-channel member links recover. Configure PTP clock synchronization.

  • CSCud38774

Symptoms: Router is showing CPU utilization at 99%. LDAP seems to be hogging the CPU process.

Conditions: This issue can occur randomly at any point of time where NTLM authentication is deployed. This issue is observed only when the server is not able to handle the churn of requests and requests are being stuck at Bind On-Going state, which can be verified with show ldap server server-name connections.

Workaround: Clearing LDAP server connections helps in resolving this issue:

clear ldap server server-name.

  • CSCud42938

Symptoms: After a clear crypto session, sometimes ident SM remains at responder side.

Conditions: Doing a clear crypto session multiple times, crypto map deletes but ident remains due to race condition between new connections also coming up. Since map is removed and ident remains, the new connections never come up.

Workaround: Router reboot.

  • CSCud43620

Symptoms: The Gateway fails to send ACK after 200 OK while testing DNS/SRV Lookup on a VOIP peer with weight/priority.

Conditions: This symptom is observed when a Cisco router is loaded with c2900-universalk9-mz.SSA.153-1.7.T image.

Workaround: There is no workaround.

  • CSCud45100

Symptoms: Router goes down due to crash.

Conditions: Have CFM over xconnect with PC in the core and run Y1731 DMM on it.

Workaround: There is no workaround.

  • CSCud46999

Symptoms: The NBAR error message with protocol discovery is activated when we move HTTP to another port [using “ip nbar port-map” command].

Conditions: This symptom occurs when we move HTTP to another port [using “ip nbar port-map” command].

Workaround: There is no workaround.

  • CSCud50768

Symptoms: For an elected BSR in an HA system, shortly after the standby becomes active, there is a 2-3 minutes period with no BSR messages sent.

Conditions: This symptom occurs when there is an HA switch on the elected BSR.

Workaround: There is no easy workaround other than not configuring a C-BSR on an HA system.

  • CSCud51791

Symptoms: Memory leak is seen on the router related to CCSIP_SPI_CONTRO.

Conditions: This symptom is observed in CME SIP phones with Presence in running-configuration.

Workaround: There is no workaround. You may try to remove Presence from running-configuration.

  • CSCud53872

Symptoms: After a reload on the Cisco ASR 1000 series router, several key syslogs are sent with the incorrect source address for a few seconds. Due to the wrong source address, the syslogs are dropped at the collector end.

Conditions: This symptom is observed when the loopback interface is configured as the source address of the syslogs.

Workaround: There is no workaround.

  • CSCud54365

Symptoms: The scansafe socket is not closed by reset from the client

Conditions: This symptom occurs when sending a connection request from the client (SYN packet). This issue is seen when ack is sent instead of syn+ack for a syn request from the server. The client will send a Reset(RST) signal for ack received instead of syn+ack. The L4F/scansafe box displays that the flow is not closed.

Workaround: Make sure that the server does not have a stale TCP tuple flow entry before trying for a connection from the client.

  • CSCud55695

Symptom: When you apply an QoS policy with a port level class-default configuration containing a shaper value to a serial interface. the router applies the shaper value to the channel-level PIR for all serial interfaces on the IM. Conditions: Occurs when you apply QoS policy with a port level class-default configuration containing a shaper value to a serial interface. Workaround: Add a dummy class-default level at the top of the policy and apply the shaper as a child policy of this class.

  • CSCud56400

Symptoms: Build breakage occurs due to CSCub81489 partial export to mcp_dec.

Conditions: This symptom is observed with export to mcp_dec.

Workaround: There is no workaround.

  • CSCud57143

Symptoms: The Cisco ASR1k router crash was observed while running the RPR switch- over test.

Conditions: This symptom occurs when the RPR switch-over test is performed.

Workaround: There is no workaround.

  • CSCud57414

Symptoms: The system crashes when monitoring traffic with performance monitoring policies on the incoming and outgoing interfaces.

Conditions: This symptom is observed when a large number of flows is being monitored and traffic changes.

Workaround: Redefine the match criteria to reduce the number of flows generated with the type of traffic being monitored.

  • CSCud57841

Symptoms: When the Ethernet SPA with Catskills SFPs (GLC-SX-MMD /GLC-LH-MMD) is reloaded, the SPA could go out of service with the following error message:

"%SMC-2-BAD_ID_HW: SIP0/0: Failed Identification Test in 0/0 [7/0]"

Conditions: This symptom occurs when the Ethernet SPA is booted with the Catskills SFPs (GLC-SX MMD/GLC-LH-MMD). The defect could be hit during both reload and initialization.

Workaround: Boot the Ethernet SPA without the Catskills SFPs and insert the Catskills SFPs after the Ethernet SPA has completely booted.

  • CSCud58016

Symptoms: The DHCP clients were not allocated IP addresses.

Conditions: This symptom occurs when a default session is configured on the interface and we receive DHCP discover on that interface.

Workaround: Keep the DHCP and Walkby sessions on different interfaces.

  • CSCud58633

Symptoms: The “initial-contact” configuration option not needed, as the behavior is already enabled.

Conditions: This symptom is observed when you use IKEv2, along with Cisco IOS Release 15.2(4)M.

Workaround: There is no workaround.

  • CSCud60360

Symptoms: Active router reloads, and standby takes over.

Conditions: This symptom occurs with continuous deletion of VRFs with much less time gap between the deletions.

Workaround: Delete a few VRFs at a time with time gap between deletions.

  • CSCud61276

Symptoms: The Cisco ASR 901 may crash while running an automated test script containing several tests to test the multi-nni feature.

Conditions: This symptom occurs when you run the automated tests several times.

Workaround: Do not run the test script (configure manually).

  • CSCud61517

Symptoms: CUBE crashes during a blind-transfer scenario and when “media preference IPv6” is configured.

Conditions: This symptom occurs only when “media preference IPv6” is configured but is not seen when “media preference IPv4” is configured.

Workaround: Configure “media preference IPv4”.

  • CSCud62774

Symptoms: The values reported for “application media packets rate variation [sum]” may be incorrect. The functionality of Media Rate Variation TCA (Threshold Crossing Alarm) may also be impacted by this.

Conditions: This symptom is observed when the user wants to obtain MRV metrics by including the following command in the Performance Monitor flow record configuration:

application media packets rate variation [sum]

Workaround: There is no workaround.

  • CSCud63146

Symptoms: In a GETVPN scenario, the GM fails to install policies on reload. A crypto map is applied on ethernet 0/0 while the local address of the crypto map is configured with ethernet 0/1.1

Conditions: This symptom occurs after a reload. The GM fails to install policies from the key server.

Workaround: Remove the crypto map configuration on the interface and reapply.

  • CSCud64506

Symptoms: HQF does not clear up when the Bandwidth remaining ratio is misconfigured on the Child Policy.

Conditions: This symptom is observed when an incorrect configuration triggers the policy rejection and fails on the cleanup with the nondefault queue-limit setting in the class-default class.

Workaround: Apply the configuration with the correct setting.

  • CSCud65119

Symptoms: A crash may occur while using GETVPN with fragmented IPv6 traffic.

Conditions: This symptom occurs when IPv6 IPsec is used. This issue is triggered by fragmented IPv6 packets.

Workaround: There is no workaround.

  • CSCud66669

Symptoms: On the Cisco 7200, the tunnel is established correctly and encryption and decryption occur correctly. However, after decryption, the packet is not punted to the iVRF in which the tunnel interface resides, leading to a broken IPSec-DataPath.

Conditions: This symptom is observed with the Cisco 7200 with VSA under the following conditions:

Tunnel (GRE/mGRE) in an iVRF with Tunnel protection configuration.

iVRF not equal to fVRF.

Workaround: This issue has been observed with Cisco IOS Release 15.0(1)M9 and Cisco IOS Release 12.4(24)T8, so downgrade might be an option. There is no known configuration-related workaround yet, although software crypto will work just fine.

  • CSCud67105

Symptoms: Virtual Access are not removed.

Conditions: Issue is seen only when CSCuc45115 is already in image.

Workaround: There is no workaround.

  • CSCud67779

Symptoms: One-way audio is observed when a call goes through BACD and comes over SIP trunk.

Conditions: This symptom occurs when a call comes through SIP trunk and is connected to an agent phone via BACD during the third call xfer, along with the “headset auto-answer” configuration in the ephone.

Workaround: Remove the “headset auto-answer” configuration in the ephone configuration.

  • CSCud68178

Symptoms: The Cisco ASR 1000 series router and Cisco ISR 4400 series hubs crash.

Conditions: This symptom occurs when the physical and tunnel interface are flapping.

Workaround: There is no workaround.

  • CSCud68830

Symptoms: End to end L3 traffic is affected if the host queue (cpu queue 2) increments continuously at high rates (2000 packets/s and above).

Conditions: This symptom occurs when the host queue (cpu queue 2) increments continuously at high rates (2000 packets/s and above).

Workaround: There is no workaround.

  • CSCud69592

Symptoms: The Call Progress Analysis (CPA) feature does not work. Though DSP is allocated and programmed for the CPA functionality, no CPA events are detected and reported.

Conditions: The symptom is observed for those call flows, where media bridging occurs after 200 OK responses.

Workaround: There is no workaround.

  • CSCud70629

Symptoms: Incremental memory leaks are seen at IPSec background proc.

Conditions: This symptom is observed with “clear nhrp cache”.

Workaround: There is no workaround.

  • CSCud71211

Symptoms: The mpls traffic-eng reoptimize timers delay cleanup command does not take effect in the path protection. When path protection kicks in and “mpls traffic-eng reoptimize timers delay installation” expires, the new best LSP is installed, but the protection path is torn down at the same time. This can cause a few seconds of packet drops, which are being carried over the protection LSP.

Conditions: This symptom occurs when the path protection switchover is triggered on the protected tunnel.

Workaround: There is no workaround.

  • CSCud72743

Symptoms: The router crashes after issuing the show platform nrm- mpls fid-chain handle value command.

Conditions: If the value entered is beyond the addressable memory, the router will crash. This is an engineering command that was not intended to be viewable by customers.

Workaround: Do not issue the command except under the direction of a Cisco engineer.

  • CSCud74670

Symptoms: When using RLFA repair paths traffic loss may occur during reconvergence following a link failure.

Conditions: RLFA tunnel is used as a repair path. The greater the number of prefixes affected by the topology change the more likely the traffic loss is to be seen.

Workaround: There is no workaround.

  • CSCud75003

Symptoms: The cos inner value gets changed on marking with cos in egress on QinQ service instance without rewrite.

Conditions: This symptom occurs on QinQ service instance without the rewrite operation.

Workaround: There is no workaround.

  • CSCud77498

Symptoms: L2 subscriber packets with new IP addresses on different interfaces would be dropped even when “ip subscriber l2-roaming” is enabled.

Conditions: This symptom occurs when both ISG and DHCP servers are in the same L2 broadcasting domains. ISG should not act as the DHCP server/client.

Workaround: Place ISG and DHCP servers in different broadcasting domains.

  • CSCud77762

Symptoms: The arp packets from the subscriber are not getting resolved.

Conditions: This symptom occurs when both HSRP and arp ignore local are configured on the same interface and there exists a session for that MAC address. The interfaces should be configured as l2-connected.

Workaround: Do not configure HSRP and arp ignore local on the same interface.

  • CSCud78618

Symptoms: Router crashes.

Conditions: This symptom is seen when applying IVRF configuration on IKE profile.

Workaround: There is no workaround.

  • CSCud83056

Symptoms: PTP session is stuck in HOLDOVER after PTP is unconfigured and configured on Master.

Conditions: This symptom occurs when unconfiguring and configuring PTP on Master.

Workaround: Do not configure below configurations as part of PTP configuration, when we do not have any physical ToD and 1PPS cables connected to Wh2.

tod 0/0 ntp
input 1pps 0/0
  • CSCud83835

Symptoms: An IPsec VPN tunnel fails to be established. The debug crypto ipsec command shows no output when attempting to bring up the tunnel.

Conditions: This symptom occurs when all of the following conditions are met:

1. The crypto map is configured on a Virtual-Template interface.

2. This Virtual-Template interface is configured with “ip address negotiated”.

3. The tunnel is initiated locally (in other words, if the tunnel is initiated by the peer, it comes up correctly).

Workaround: Downgrade to Cisco IOS Release 15.2(2)T3 or earlier releases or always initiate the VPN tunnel from the peer.

  • CSCud84695

Symptoms: Serial interface with FRF12 feature is not coming up.

Conditions: The flags related to FRF12 feature are not properly updated in elocal ucode table.

Workaround: There is no workaround.

  • CSCud86082

Symptoms: Abnormal CPUHUG is observed when doing “config replace”.

Conditions: This symptom is observed with “config replace” in a LISP scaling configuration.

Workaround: There is no workaround.

  • CSCud90752

Symptoms: The MAC flaps in the network happen on the reload of the device.

Conditions: The MAC flaps occur because multicast BPDUs are being sent back into the VPLS core after they reach the destination. This behavior causes MAC flaps on every device that is on the path through which the BPDU traverses.

Workaround: Apply split horizon at the bridge-domain where the MAC flaps happen.

  • CSCud90950

Symptoms: Multicast traffic might not flow through when the P2P tunnel is the incoming interface in the Cisco 7600 router.

Conditions: This symptom occurs in the Cisco IOS Release 12.2SREx and Cisco IOS Release 15.0x.

Workaround: Shut and no shut of the P2P tunnel interface.

  • CSCud94783

Symptoms: The Whales box crashes due to link flaps.

Conditions: This symptom occurs due to link flaps.

Workaround: There is no workaround.

  • CSCud95387

Symptoms: Call transfer with Trombone and ANAT fails.

Conditions: This symptom occurs when CUBE is configured with ANAT and Antitrombone, and during call transfer, the call fails due to wrong media negotiation.

Workaround: Disable ANAT.

  • CSCud95940

Symptoms: A Cisco 3900 running with CME and Skinny Phones could experience CPUHOGs and a Watchdog, resulting in a crash.

%SYS-3-CPUHOG: Task is running for (128000)msecs, more than (2000)msecs
(630/222),process = Skinny Msg Server.
-Traceback= 0xXXXXXXXX 0xXXXXXXXX 0xXXXXXXXX 0xXXXXXXXX
%SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = Skinny Msg Server.
-Traceback= 0xXXXXXXXX 0xXXXXXXXX 0xXXXXXXXX 0xXXXXXXXX

Conditions: This symptom is observed with Cisco 3900 running with CME and Skinny Phones.

Workaround: There is no known workaround.

  • CSCud96075

Symptoms: A router running Cisco IOS Release 15.2(4)M2 will reload with a bus error soon after the DSP reloads when there is a live transcoding session.

Conditions: This symptom is observed with Cisco IOS Release 15.2(4)M2.

Workaround: There is no workaround.

  • CSCud96997

Symptoms: IP SLA does not show any statistics and raw db will not be populated.

Conditions: This symptom occurs when the core interface is switch port trunk.

Workaround: There is no workaround.

  • CSCud98366

Symptoms: In a multi-home MLDP inband setup with different RDs configured, there is no MLDP state on ingress PE if BGP best path is different than multicast RPF PE.

Conditions:

1. MLDP inband profile is configured in multi-home setup with different RDs. #

2. BGP chosen best path is different than chosen RPF PE for multicast.

Workaround: Configure route policy on egress PE such that chosen RPF PE is same as BGP best path.

  • CSCud99034

Symptoms: Data encapsulation fails in the Cisco IOS Release 15.3(1.11)T image.

Conditions: This symptom occurs when ISM-VPN is enabled as the crypto engine.

Workaround: Disable ISM-VPN and use either the Onboard crypto engine or the Software crypto engine.

  • CSCud99911

Symptoms: There may be a delay of 15 or more seconds before switching over to a backup pseudowire in a pseudowire redundancy configuration.

Conditions: This symptom has been observed on the ME3600 platform when the attachment circuit is a VLAN.

Workaround: There is no workaround.

  • CSCue00006

Symptoms: A crash may happen while loading a protocol pack.

Conditions: The protocol pack buffer that is being used to load a protocol pack is not null-terminated

Workaround: The protocol pack buffer must be null terminated.

  • CSCue00690

Symptoms: User-defined classes in the policy-map applied on EVC with rewrite push are not supported. This configuration gets accepted in certain conditions.

Conditions: This symptom happens when the QoS policy is applied first to the EFP, and then the Bridge domain configuration is applied.

Workaround: There is no workaround.

  • CSCue01146

Symptoms: SNMP GET fails for VPDN related MIB.

Conditions: Receiving a SNMP GET for the MIB before all VPDN config is applied.

Workaround: Reloading the router.

  • CSCue01528

Symptoms: sla_sender gets crashed with resetting even with 50 active probes.

Conditions: The probes should be active while getting resetted.

Workaround: There is no workaround.

  • CSCue01579

Symptoms: Receivers on slot10 - 13 of the Cisco 7613 chassis cannot receive multicast traffic when the egress replication mode is used.

Conditions: This symptom occurs on RSP720-10G + CISCO7613 chassis and when using the egress replication mode.

Workaround: Change the replication mode to ingress by using the below given CLI:

mls ip multicast replication-mode ingress
  • CSCue01649

Symptoms: CPU errors are seen with (*, G/M) entries on ACL.

Conditions: This symptom is seen on ME3600CX boxes operating in Mode 3 or Mode 4.

Workaround: Operate the ME3600CX boxes in Mode 2.

  • CSCue01735

Symptoms: The Cisco ASR1k (ISG) router crashes when service-activate is pushed through CoA/web logon.

Conditions: This symptom occurs when a subscriber is already authenticated and gets a redirect to a web-portal page and tries to activate the service. The ISG receives the CoA and crashes.

Workaround: There is no workaround.

  • CSCue02242

Symptoms: VLAN-RAM is programmed with VPN as 0. Traffic destined to a particular vpnid is dropped though it comes on a proper VLAN.

Conditions: This symptom occurs during P2P scaled configuration when the router boots up and notices the VLAN-RAM is programmed with vpnid 0.

Workaround: Reload the line card.

  • CSCue02251

Symptoms: During archive download to upgrade a software version, an old image present in the board does not get deleted or displayed.

Conditions: This symptom occurs during an archive download.

Workaround: There is no workaround.

  • CSCue03316

Symptoms: Router crashes during scale testing.

Conditions: During scale, the box is running out of memory resulting in malloc fail. Memory malled is not checked for failure resulting in crash.

Workaround: There is no workaround.

  • CSCue03415

Symptoms: Remote CFM MEPs are not discovered with the command “show ethernet cfm maintenance-points remote”. CFM packet debug also does not show any received CCMs even though it is sent correctly from the other end.

Conditions: This symptom is seen when we have UP MEP on EVC-BD with VPLS L2 VFI in the core. The issue occurs in Cisco IOS Release 15.2(2)S2 and later releases.

Workaround: Downgrade to Cisco IOS Release 15.2(1)S2 or lower.

  • CSCue03598

Symptoms: Carrier-delay does not work on an ES+ card under the following specific condition:

Carrier-delay configured on gig 4/13 does not work on an ES+ card when we sh down gig0/1 on peer C3560 in the below given situation:

gig4/3[no sh] gig0/1[no sh]
7600 =================== 3560
gig4/13[sh] gig0/2[no sh]

1. do [no sh] on gig 4/13

2. do [ sh] on gig0/1 right after 1

gig4/1 will go up as soon as gig 4/3 gets down instead of waiting till the configured carrier-delay timer expires.

Conditions: This symptom occurs when we enter sh on the peer device.

Workaround: There is no workaround.

  • CSCue04709

Symptoms: The following error message is displayed:

sh mpls l2t vc detail show VC down with AC rx/tx faults
Last local AC circuit status rcvd: No fault
Last local AC circuit status sent: DOWN AC(rx/tx faults)
Last local PW i/f circ status rcvd: No fault
Last local LDP TLV status sent: No fault
Last remote LDP TLV status rcvd: DOWN AC(rx/tx faults)

Conditions: This symptom is an intermittent issue seen on a new standby RP after an RP switchover when a second fault, that is, the dataplane fault occurs while the VC is still recovering from RP failover.

Workaround: Remove the “aaa new-model” configuration and reconfigure xconnect.

  • CSCue05186

Symptoms: FRR LFA will wrongly switch to the alternate path if BFD is unconfigured on the peer router.

Conditions: None.

Workaround: Shut the interfaces with BFD configured, remove the BFD config on both routers, then re-enable the interfaces.

  • CSCue05492

Symptoms: DHCP Snooping client ignoring IPC flow control events from CF.

Conditions: This condition occurs when CF gives flow control off event and client does not handle it.

Workaround: There is no workaround.

  • CSCue05844

Symptoms: The Cisco 3925 router running Cisco IOS Release 15.0(2)SG reloads when connecting to a call manager.

Conditions: This symptom is observed with the Cisco 3925 router running Cisco IOS Release 15.0(2)SG.

Workaround: Remove SNMP.

  • CSCue06383

Symptoms: Classification based on the prec/dscp egress policy does not work as expected.

Conditions: This symptom occurs in L2VPN scenarios when the user has the below given configurations:

1. dscp/prec based policy on egress access EVC of SVI based EoMPLS

2. cos based policy on egress access EVC xconnect

Workaround: There is no workaround.

  • CSCue10844

Symptoms: Classification does not work properly.

Conditions: This symptom occurs only if we have classes based on ACL match and normal DSCP match. Only ACL class will classify properly and other classes do not work.

Workaround: There is no known workaround.

  • CSCue15092

Symptoms: A CPU hog is seen at nile_mgr_bdomain_get_efp_count and is followed by a crash.

Conditions: This symptom occurs on booting the router with some tunnel configurations.

Workaround: There is no workaround.

  • CSCue17104

Symptoms: When multipath static routes are added and if they exceed the maximum multipath route limit for the platform, the routes will not be installed in the RIB. Later, when installed routes go unreacheable, the previously uninstalled routes are not added back.

Conditions: This symptom is observed with multipath static routes. The maximum number of multipath routes for a destination depends on the platform. For instance, it is 8 for Cisco Catalyst 4500 Series.

Workaround: Issue the following command:

clear ip route <route>
  • CSCue20246

Symptoms: Executing “no ip icmp redirect” globally does not result in icmp redirects to stop.

Conditions: None.This command is not functioning as expected

Workaround: There is no workaround.

  • CSCue22345

Symptoms: The router crashes because of chunk corruption.

Conditions: This symptom occurs when mLDP Rosen and Inband are configured on the router.

Workaround: There is no workaround.

  • CSCue23668

Symptoms: This defect is to disable BGP PIC core in the code level for the time being.

Conditions: The conditions for this symptom are not known at present.

Workaround: There is no workaround.

  • CSCue27698

Symptoms: Configuring long list of rep block port preferred vlan will result in losing part of this config after the reload.

example: Config like this:

rep block port preferred vlan
76-86,94,98,200-201,400,592-593,606-607,611,633,635-636,638,640,643,901-902,1026,
1539,2007-2064

will result in two lines in running conf:

rep block port preferred vlan 76-86,94,98,200-201,400,592-593,606-607,611,633
rep block port preferred vlan 635-636,638,640,643,901-902,1026,1539,2007-2064

after the reload second line will overwrite first and only one will remain

rep block port preferred vlan 635-636,638,640,643,901-902,1026,1539,2007-2064

Conditions: Reload.

Workaround: Reconfigure rep block list after the reload.

  • CSCue28761

Symptoms: The ISG box crashes when a specific policy-map rule is applied.

Conditions: This symptom occurs when a “default-exit” action is being configured for a regular session.

Workaround: Do not configure the “default-exit” action for regular sessions as it is not a valid action for regular sessions.

  • CSCue30590

Symptoms: Packet loss seen over pseudowire and high CPU.

Conditions: When IPv6 site-local multicast mac traffic is sent over SVI EoMPLS, the traffic is looped between the PE of the eompls.

Workaround: There is no workaround.

  • CSCue31321

Symptoms: A Cisco Router or switch may unexpectedly reload due to bus error or SegV when running the command “show ip cef ... detail”.

Conditions: The crash happens when the output becomes paginated ( ---More---) and the state of the cef adjacency changes while the prompt is waiting on the more prompt.

Workaround: Set “term len 0” before running “show ip cef ... detail”.

  • CSCue32450

Symptoms: Filtering based on L4 ports does not happen for redirection to CE.

Conditions: This symptom occurs when the WCCP service uses a redirect-list and this ACL has its first entry as a “deny”.

Workaround: Make the first entry in the redirect-list ACL as a “permit”.

  • CSCue35533

Symptoms: Ping fails with security applied and IKE disabled.

Conditions: This symptom is observed when the Cisco IOS Release 15.3(1.15)T image is loaded.

Workaround: There is no workaround.

  • CSCue36197

Symptoms: Cisco IOS router may crash while performing NSF IETF helper function for neighbor over sham-link undergoing NSF restart.

Conditions: Router is configured as MPLS VPN PE router with OSPF as PE-CE protocol; OSPF in VRF is configured with sham-link; neighbor router over sham-link is capable of performing NSF IETF restart on sham-links.

Note: problem cannot be seen if both routers on sham-link ends are Cisco IOS routers.

Workaround: Disable the IETF Helper Mode protocol via:

enable
configure terminal
router ospf process-id [vrf vpn-name]
nsf ietf helper disable
end

Note: Disabling Helper Mode will result in an OSPF peer dropping adjacency if the peer is reloaded.

  • CSCue36321

Symptoms: A crash occurs when MLP is configured.

Conditions: This symptom is observed with an MLP configuration.

Workaround: There is no workaround.

  • CSCue39206

Symptoms: ES crashes after the second 401 challenge.

Conditions: This symptom occurs when the second 401 is received after SDP offer/answer with 183/PRACK is complete. This is a rare scenario.

Workaround: There is no workaround.

  • CSCue40008

Symptoms: The router crashes when the fair-queue policy is removed from the dialer interface.

Conditions: This symptom occurs when the fair-queue policy is removed from the dialer interface or a dynamic session.

Workaround: There is no workaround.

  • CSCue40354

Symptoms: CPU hog seen @ nile_mgr_bdomain_get_efp_count and followed by crash.

Conditions: On booting the router with scaled mVPN configurations.

Workaround: There is no workaround.

  • CSCue43050

Symptoms: VLAN-RAM is programmed with VPN 0. PIM neighborships of random sessions (10-12 out of 30) go DOWN.

Conditions: This symptom occurs when MVPN is configured with 30 L3VPN sessions. When there is a boot up, PIM neighborships of random sessions (10-12 out of 30) go DOWN.

Workaround: Remove and add the VRF configuration for these MVPN sessions.

  • CSCue43776

Symptoms: IOS memory leak at com.cisco.cxsc-cxsc-5651.

Conditions: Two firewall and kWAAS configured.

Workaround: There is no workaround.

  • CSCue44554

Symptoms: Traffic stops forwarding over port-channels configured with FAST LACP after an RP switch over.

Conditions: This symptom occurs after an RP fail over.

Workaround: A shut/no shut interface will help recover.

  • CSCue46302

Symptoms: TAL-failed lite sessions do not convert into dedicated sessions.

Conditions: This symptom occurs when VRF is applied on the access interface.

Workaround: There is no workaround.

  • CSCue51886

Symptoms: The SBC CUBE device rejects call connections.

Conditions: This symptom is observed when the Chunkmanager holds a lot of memory and calls do not get processed.

Workaround: Reloading the box helps to make the box stable.

  • CSCue52708

Symptoms: Crash upon defaulting and doing shut no shut on the backup switch interface.

Conditions: When the working and backup SVIs are connected back to back with the peer device.

Workaround: There is no workaround.

  • CSCue61765

Symptoms: Compilation error in tunnel_endpoints.c breaks the build.

Conditions: This symptom is observed in tunnel_endpoints.c.

Workaround: There is no workaround.

  • CSCue62031

Symptoms: A Cisco ME3600/ME3800 series switch may reload when a BGP session flaps.

Conditions: This will only been seen if there are more than one BGP neighbor configured on the ME3600/ME3800 and only applies to 15.3(1)S.

Workaround: There is no workaround. This issue is not present in 15.2(2)S and will be fixed in 15.3(1)S1.

  • CSCue62433

Symptoms: When using remote-LFA repair paths traffic loss may occur during reconvergence following a link failure.

Conditions: In a ring topology with a mix of fast and slower platform and remote-LFA tunnel is used as a repair path.The greater the number of prefixes affected by the topology change the more likely the traffic loss is to be seen.

Workaround: There is no workaround.

  • CSCue65523

Symptom: Archive download command is failing in mcp_dev/xe39 nightly image which is being used for software up gradation.

Conditions: Only on whales2 box.

Workaround: There is no workaround.

  • CSCue67751

Symptoms: Classification based on qos group egress policy is not working correctly.

Conditions: With L3VPN configuration, on the core interface packets should be classified based on exp and marked with qos-group. On the egress interface packets should be classified based on qos group on the service instance.

Workaround: There is no workaround.

  • CSCue69826

Symptoms: Crash in PD prefix update handler.

Conditions: In a 6vpe setup, after configuring an overlap ip address on the PE and then sending traffic.

Workaround: There is no workaround.

  • CSCue76102

Symptoms: Redistributed internal IPv6 routes from v6 IGP into BGP are not learned by the BGP neighboring routers.

Conditions: This symptom occurs because of a software issue, due to which the internal IPv6 redistributed routes from IGPs into BGP are not advertised correctly to the neighboring routers, resulting in the neighbors dropping these IPv6 BGP updates in inbound update processing. The result is that the peering routers do not have any such IPv6 routes in BGP tables from their neighbors.

Workaround: There is no workaround.

  • CSCue77265

Symptoms: Increment memory leaks are seen at IPSec background proc.

Conditions: This symptom occurs when “clear cry session” is issued multiple times when bringing up the tunnel.

Workaround: There is no workaround.

  • CSCue86845

Symptoms: Unexpected behavior caused with Ingress QoS, caused by commit CSCuc01040.

Conditions: Same as above.

Workaround: There is no workaround.

  • CSCuf03079

Symptoms: A router running IOS with ISIS remote-LFA configured could crash.

Conditions: Do shut and no shut on an interface multiple times

Workaround: Disable the ISIS remote-LFA configuration.

  • CSCuf16504

Symptoms: Classification based on qos group along with prec/dscp @ egress policy is not working correctly.

Conditions: With L2VPN/L3VPN configuration, on the core interface packets should be classified based on exp and marked with qos-group. On the egress interface packets should be classified based on qos group and prec/dscp/cos inner etc.

Workaround: There is no workaround.

  • CSCuf65724

Symptoms: LISP control packets dropped in the network.

Conditions: More than 32 hops between sender and receive.

Workaround: There is no workaround.

Further Problem Description: LISP control packets are sent with an IP TTL of 32, meaning if there is more than 32 IP hops between the sender and receiver, they will be dropped in the network.

  • CSCuf17009

Symptoms: With PIM enabled on a P2P GRE tunnel or IPSec tunnel, SP of 7600 might crash.

Conditions: Probability of seeing this issue is more when there are more number of tunnels going via the same physical interface.

This issue would be seen in SREx and 15.S based releases only.

Workaround: There is no workaround.

  • CSCug31561

A vulnerability in the DHCP implementation of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

The vulnerability occurs during the parsing of crafted DHCP packets. An attacker could exploit this vulnerability by sending crafted DHCP packets to an affected device that has the DHCP server or DHCP relay feature enabled. An exploit could allow the attacker to cause a reload of an affected device.

Cisco has released free software updates that address this vulnerability. There are no workarounds to this vulnerability.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-dhcp

Note: The September 25, 2013, Cisco IOS Software Security Advisory bundled publication includes eight Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the September 2013 bundled publication.

Individual publication links are in “'Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication” at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep13.html