Cisco AON Software

Release Notes for Cisco Application-Oriented Networking 2.4

  • Viewing Options

  • PDF (417.1 KB)
  • Feedback
Release Notes for Cisco AON Release 2.4

Table Of Contents

Release Notes for Cisco AON Release 2.4


New Features in Cisco AON Release 2.4

AON Application System Requirements

AON Supported Hardware

AON Node Supported Software

Upgrade Paths

Using Cisco IOS Release 12.4(9)T

Important Notes

Resolved Caveats

Open Caveats

Related Documentation

Obtaining Documentation, Obtaining Support, and Security Guidelines

Release Notes for Cisco AON Release 2.4

July 31, 2007

Cisco Application-Oriented Networking (AON) is the first in a new line of Cisco products that embed intelligence into the network to meet the needs of application deployment. AON enables you to:

Integrate dissimilar applications by routing information to the appropriate destination, in the format required at the destination.

Enforce policies for information access and exchange.

Optimize bandwidth and reduce processing overhead for application traffic.

Increase management of information flow, including monitoring for business and infrastructure.

Enhance business continuity by transparently backing up or rerouting critical business data.

Working at the message rather than packet level, AON provides this support by understanding more about the content and context of information flow.


These release notes cover Cisco AON Release 2.4 and include the following topics:

New Features in Cisco AON Release 2.4

AON Application System Requirements

AON Supported Hardware

AON Node Supported Software

Upgrade Paths

Using Cisco IOS Release 12.4(9)T

Important Notes

Resolved Caveats

Open Caveats

Related Documentation

Obtaining Documentation, Obtaining Support, and Security Guidelines

New Features in Cisco AON Release 2.4

AON Release 2.4 includes the following new features and functionality:

Project Management

This feature introduces the concept of projects to partition the work performed by different development teams. Teams can manipulate the resources assigned to their projects without regard for the resources used by other projects.

Programmatic Management Interface

This feature provides an interface so that third-party applications can manipulate data in AMC.

Standalone Nodes with TACACS+ Support

AON nodes can be configured to operate in an environment without AMC. In standalone mode, nodes are managed by a third-party application such as AlterPoint, which configures the node using SSH and the command-line interface (CLI). Additionally, nodes can be configured to use TACACS+ for authentication, authorization, and accounting of users.

Promiscuous Mode Enhancements

PMode now has the ability to capture UDP packets. The feature is enabled by default; no further configuration is necessary. Pmode has also been enhanced to capture packets at time-based intervals.

Bladelet enhancements:

Support for a mix of one-way and two-way sends in a PEP

Support for Send bladelet exception handling

Support for LoadBalancing bladelet exception handling

URL rewriting

Port rewriting

Ability to cache Request Content

Ability to remove cache entries

Ability to cache PEP variable content

PEP support for HTTP 302 redirect response

Support for early reply (response)

Send Bladelet Specific Timeout Properties


Weblogic JMS adapter

SMTP adapter

Radius UDP

Thick Client deployment at adapter extension

Inbound Notification change/queue based adapter consistent use of dead letter queue (DLQ)

Adapter updates no longer require a restart of the AON node.

Ability to disable retry policy

Support for configurable AcccessDB connection pool

Distributed cache enhancements for virtual cluster

Specialized LoadBalancing custom bladelet APIs to allow user-defined policies

CLI extensions for troubleshooting

WCCP UDP Redirection

NTP enhancements

Command for TCPDump

Daylight Saving Time changes implemented because of U.S. Energy Policy Act of 2005

Scriptable interface for node deployment, promotion, and rollback

For more information on using these features, see the "Related Documentation" section.

AON Application System Requirements

Table 1 lists the minimum requirements for installing AON applications for Cisco AON Release 2.4.

Table 1 AON Minimum System Requirements

Operating System
Hard Drive
Software Image

AON Management Console (AMC)

Red Hat Enterprise Linux 3.0 or later

Single processor;
Pentium III or Xeon

1 GB (minimum)

2 GB (recommended for large adapters)

20 GB


AON Development Studio (ADS)

Windows 2000 or Windows XP with latest service packs.

Pentium IV

1 GB (minimum)

2 GB (recommended for large adapters)

40 GB


AON Supported Hardware

Table 2 lists the hardware platforms that are supported by Cisco AON Release 2.4.

Table 2 Supported Hardware

AON Appliance
AON Service Module (AON-SM)
AON Network Module (AON-NM)
AON Enhanced Network Module (AON NME)

Cisco 8340 AON Appliance


Cisco 8342 AON Appliance










Cisco 2610XM

Cisco 2611XM

Cisco 2620XM

Cisco 2650XM

Cisco 2651XM

Cisco 2691XM

Cisco 2811

Cisco 2821

Cisco 2851

Cisco 3725

Cisco 3745

Cisco 3825

Cisco 3845

Cisco 2811

Cisco 2821 

Cisco 2851

Cisco 3725

Cisco 3745

Cisco 3825

Cisco 3845

AON Node Supported Software

Table 3 lists the software levels for the Cisco platforms that support AON.

Table 3 Supported Software on Nodes

Minimum Software Release Supported
Latest Software Release Supported


Catalyst 6500 Series Switches with Supervisor Engine 720

Cisco IOS Release 12.2(18)SXF2

Cisco IOS Release 12.2(18)SXF7

AON-SM with Catalyst OS

Catalyst 6500 Series Switches with Supervisor Engine 720

Cisco IOS Release 12.2(18)SXF MCF2

Catalyst Operating System Release 8.5(3)

Cisco IOS Release 12.2(18)SXF7 MCF2

Catalyst Operating System Release 8.5(8)


Catalyst 6500 Series Switches with Supervisor Engine 2

Cisco IOS Release 12.2(18)SXF2

Cisco IOS Release 12.2(18)SXF7

AON-SM 2 with Catalyst OS

Catalyst 6500 Series Switches with Supervisor Engine 2

Cisco IOS Release 12.2(18)SXF2 MCF2

Catalyst Operating System Release 8.5(4)

Cisco IOS Release 12.2(18)SXF7 MCF2

Catalyst Operating System Release 8.5(8)


Cisco 2600, Cisco 2800, Cisco 3700,
and Cisco 3800 Series Routers

Cisco IOS Release 12.3(14)T1

Cisco IOS Release 12.4(9)T


Cisco 2800, Cisco 3700, and
Cisco 3800 Series Routers

Cisco IOS Release 12.4(9)T

Cisco 8340 AON Appliance

AON release

AON release
(with firmware upgrade)

Cisco AON Release

Cisco 8342 AON Appliance

AON release

Cisco AON Release

Upgrade Paths

Table 4 lists the valid upgrade paths for each AON software release. Previous AON releases did not require you to upgrade software on AON nodes. However, due to several architectural changes included in Cisco AON Release 2.4, you must upgrade all nodes for this release. A version 2.4 AMC cannot manage nodes running previous AON software releases.

Table 4 AON Upgrade Paths  

AON Release
Valid Upgrade Paths
Node Upgrade Required

AON 1.x

AON 2.1 only


AON 2.1

Any AON 2.x

Only if upgrading to AON 2.4

AON 2.1.x

Any AON 2.x

Only if upgrading to AON 2.4

AON 2.2

AON 2.4


Using Cisco IOS Release 12.4(9)T

Cisco IOS Release 12.4(9)T changes the name of the AON-NM in Cisco IOS. It is now referred to as AON-Engine instead of AONS-Engine. Because of this change, you must perform the following additional steps as part of your upgrade:

Back up your startup and running configurations.

After the upgrade, reenter the AON-NM's network configuration using the AON-Engine interface.

For further details on configuring the AON-NM, see the AON Installation and Upgrade Guide.

Important Notes

Important Notes that Affect AON Release 2.4

Due to several architectural changes in AON software, you must recompile custom adapters and custom bladelets used with previous AON releases before they can be used with Cisco AON Release 2.4.

Your AON environment may be affected by changes to Daylight Saving Time specified by the U.S. Energy Policy Act of 2005. See the following document for more complete details: Impact of U.S. Daylight Savings Time Changes on Cisco Application-Oriented Networking.

An excessive number of open SSL connections can cause an AON node to become inoperable. AON has been verified to handle up to 100 connections without effect. However, the node goes out of service when there are 350 open SSL connections.

Important Notes from Previous AON Releases

The AON Management Console (AMC) supports only Microsoft Internet Explorer 6. AMC pages may not render properly in other web browsers.

AON is implemented in Java, where memory is automatically managed by the Java runtime system. This means that there might be moments in the system when the garbage collection (automatic memory management) is still working at freeing up memory. The graceful-handling mechanism checks the free memory to determine if a message should be let into the system. So under high loads it is possible that AON will reject messages because the garbage collection is taking time to free up memory.

The following issues may affect AON Development Studio (ADS) installation; however, the root causes are beyond the control of Cisco:

Using the ALT key during ADS installation can cause some InstallShield screens to become corrupted. Despite this display problem, the ADS installer continues to function. If the display gets corrupted, minimize the ADS installer and then maximize it again. The display should return to normal. This is a known InstallShield issue when using JVMs with version 1.4.2.x.

In rare situations when initially launching ADS on Windows 2000, an error message may be returned indicating that the database is busy or unavailable. The error can occur even though the database is listed as started in the list of Windows Services. This occurs when a database port is chosen in the ADS installer that also appears in the output of the netstat -a command in a loopback situation. The port is shown as pointing to another server port which in turn points back to it. This behavior has been seen only with one port, although not always the same port on the system. Reboot the PC to correct this problem.

Resolved Caveats

Table 5 lists the caveats that have been resolved in this AON release.

Table 5 Caveats Resolved in AON 2.4

Defect ID


AON-NM MAC address should be displayed using show interface command.


TTL expiration fails.


Deprecate rollback feature from EMS delivery failure policy


Graceful handling activates in AON-SM within a few hours of processing 15 concurrent 600KB messages


Input stream truncated. Results in 0.03% failure.


Virtual cluster does not connect to Tibco server after Tibco is restarted.


JMS adapter source batch failure policy is not correctly applied.


JMS source and destination on different brokers cannot be statically linked.


Caching does not work with MQ messages.


Timestamp is incorrect on AON appliance after software upgrade.


AON does not preserve original proxy host and port in implicit mode.


MDS delete entry not deleting after a few hours.


Cookie header in 302 response is not correctly handled.


Unable to create a PEP with branch bladelet inside loop bladelet.


Xpath returns value of null from rule when processed the first time.


Multiple modifications to JMS Property & Single deployment does not work.


Message log bladelet asynchronous is not working with connection error.


Bootloader configuration deleted after log trace boot.


AON crashes when deploying schema validation.

Open Caveats

Table 6 lists the caveats for this AON release, including defect identification numbers and symptoms. When applicable, conditions under which the defects occur and workarounds are also included.

Table 6 Open Defects in Cisco AON Version 2.4  

Defect ID



Fastpath does not support wildcards in a uniform resource identifier (URI) for message-type classification.


In a message type URI, if a string such as "/index*" is specified, Fastpath classification does not classify messages with URIs "/index.html" or "/index1.html" to that message type.


Use complete URI for message-type classification. If more than one URI must be classified to a single message type and execute the same policy execution plan (PEP), define a message type for each URI and map all message types to the same PEP.



Tibco Enterprise Message Service (EMS) broker runs out of resources when the AON EMS adapter is misconfigured.


This symptom occurs when the broker's EMS queue and the AON EMS adapter are mismatched. For example, if the queue is configured within the AON adapter to receive messages, and the queue is in fact configured to send, the adapter continues to try to connect to the broker to register itself, causing resource issues for the EMS broker.


Correct the configuration of the EMS adapter.



Classification based on URI does not seem to work correctly. Messages are rejected even if there is an entry for that URI.


This occurs under the following sample configuration:

A message type named "T1" is based on 5-tuple named "A" and a URI of "/index-nomatch.html"

Another message type is named "T2" and based only on a URI of "/index.html"

Messages that match 5-tuple "A" and URI "/index.html" do not get classified to type "T2" and are rejected.


Use one of the following options:

Add a third message type that is based on 5-tuple "A" and URI "/index.html"

If 5-tuple based classification is not required for "T1" classification, remove the 5-tuple detail from that message type.



Following an upgrade, the log level for Fastpath resets to the default setting, as it is designed to do. However, the running configuration incorrectly shows the previous log level.


Configure the appropriate log level after each upgrade.



When the URI is, instead of sending the data to, AON sends the request to the destination specified in the "host" header field.


This occurs when the URI is incorrect. Although is a correct form of URI, Fastpath misinterprets it. Fastpath then reconstructs the URL from the "host" header field and attempts to connect to it.





A user starts a deployment, and it hangs indefinitely. If the user retries the deployment from a different browser window, or if the user attempts to deploy a different deployment request (DR) to one of the nodes involved in the hung deployment, the deployment fails with the error "another user is currently deploying to node."


This situation was observed when an AON-SM was out of service. No processes were running on the AON-SM.


To end the locked deployment, restart the AON-SM and AMC. Once AMC and the node are running again, attempt another deployment.



Port 6666 becomes unresponsive after a massive number of HTTPS requests. The port does not recover.


Restart AON.



DNS names are not resolved when they are used in BEA JMS naming configuration from AMC.


This happens when use DNS names from AMC BEA JMS Naming configuration but use IP address in the PEP.


Use IP address instead of DNS names.

Further Problem Description

There are four different scenarios to consider, and this issue only happens with the fourth scenario.

1. Use Weblogic server host-name in AMC under the JMS Naming configuration and use this host-name in PEP as the message destination.

2. Use Weblogic server IP address in AMC under the JMS Naming configuration and use this IP address in PEP as the message destination.

3. Use Weblogic server IP address in AMC under the JMS Naming configuration and use host-name in PEP as the message destination.

4. Use Weblogic server host-name in AMC under the JMS Naming configuration and use IP address in PEP as the message destination.



The JMS adapter is unable to take multiple URIs from a remote factory.


This is applicable only when a JMS adapter is configured with Tibco as the remote Java Naming and Directory Interface (JNDI) naming service.


Specify only a single JNDI name for the connection in the Tibco factory configuration file.



While attempting to register an HTTP adapter extension package, the following error dialog occurs:

Error registering the package. null.

The following error messages are logged by AMC:

01-Feb-2007 11:53:27    WARN    [http7010-Processor23]  AMC.Extensions.ExtensionLogic   Error 
deploying extension 
java.lang.NullPointerException; null 01-Feb-2007 11:53:27    WARN    [http7010-Processor23]  
AMC.Extensions.ExtensionsAction Error in Registration: java.lang.NullPointerException; null   

While attempting to configure a number of different global AON properties, an error similar to the following occurs:

Unable to get attribute domain for '' in the 
'AMCGLobalPolicy' context. Make sure the corresponding XML file is located in the $AMCROOT 
directory structure". 


Immediately after AMC is launched following a new installation, the application spends some time (usually 3 to 5 minutes) initializing its database. Interrupting this process causes this problem. To ensure that AMC completes this task, look for the following entry in amc.log before shutting down a newly installed AMC:

DBUtils.initializeDB() completed

This problem does not affect AMC following an upgrade.


None. Reinstall AMC if this problem occurs.



AON lacks correct time zone information for the U.S. state of Indiana.


Change your time zone setting to a locale that equates to the correct time for your area. See the following document for more complete details: Impact of U.S. Daylight Savings Time Changes on Cisco Application-Oriented Networking.



A custom bladelet was lost after rebooting an AON node. This occurs when the reload command is used in AON, and it also occurs when the reset button is pushed on the host switch or router.


Reload AON a second time.

Related Documentation

The AON documentation set includes the following guides:

AON Installation and Upgrade Guide—Covers the installation and upgrade of the AON environment.

AON Administration Guide—Covers the administration of AMC and AON nodes.

AON Development Studio User GuideCovers ADS, bladelets, and PEP creation.

AON Programming GuideCovers the development of custom bladelets, custom adapters, and other features related to extending AON functionality.

Obtaining Documentation, Obtaining Support, and Security Guidelines

For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at: