Table Of Contents
Release Notes for Cisco AON Release 2.4
July 31, 2007
Cisco Application-Oriented Networking (AON) is the first in a new line of Cisco products that embed intelligence into the network to meet the needs of application deployment. AON enables you to:
•Integrate dissimilar applications by routing information to the appropriate destination, in the format required at the destination.
•Enforce policies for information access and exchange.
•Optimize bandwidth and reduce processing overhead for application traffic.
•Increase management of information flow, including monitoring for business and infrastructure.
•Enhance business continuity by transparently backing up or rerouting critical business data.
Working at the message rather than packet level, AON provides this support by understanding more about the content and context of information flow.
These release notes cover Cisco AON Release 2.4 and include the following topics:
New Features in Cisco AON Release 2.4
AON Release 2.4 includes the following new features and functionality:
This feature introduces the concept of projects to partition the work performed by different development teams. Teams can manipulate the resources assigned to their projects without regard for the resources used by other projects.
•Programmatic Management Interface
This feature provides an interface so that third-party applications can manipulate data in AMC.
•Standalone Nodes with TACACS+ Support
AON nodes can be configured to operate in an environment without AMC. In standalone mode, nodes are managed by a third-party application such as AlterPoint, which configures the node using SSH and the command-line interface (CLI). Additionally, nodes can be configured to use TACACS+ for authentication, authorization, and accounting of users.
•Promiscuous Mode Enhancements
PMode now has the ability to capture UDP packets. The feature is enabled by default; no further configuration is necessary. Pmode has also been enhanced to capture packets at time-based intervals.
–Support for a mix of one-way and two-way sends in a PEP
–Support for Send bladelet exception handling
–Support for LoadBalancing bladelet exception handling
–Ability to cache Request Content
–Ability to remove cache entries
–Ability to cache PEP variable content
–PEP support for HTTP 302 redirect response
–Support for early reply (response)
–Send Bladelet Specific Timeout Properties
–Weblogic JMS adapter
–Thick Client deployment at adapter extension
–Inbound Notification change/queue based adapter consistent use of dead letter queue (DLQ)
–Adapter updates no longer require a restart of the AON node.
•Ability to disable retry policy
•Support for configurable AcccessDB connection pool
•Distributed cache enhancements for virtual cluster
•Specialized LoadBalancing custom bladelet APIs to allow user-defined policies
•CLI extensions for troubleshooting
•WCCP UDP Redirection
•Command for TCPDump
•Daylight Saving Time changes implemented because of U.S. Energy Policy Act of 2005
•Scriptable interface for node deployment, promotion, and rollback
For more information on using these features, see the "Related Documentation" section.
AON Application System Requirements
Table 1 lists the minimum requirements for installing AON applications for Cisco AON Release 2.4.
AON Supported Hardware
Table 2 lists the hardware platforms that are supported by Cisco AON Release 2.4.
AON Node Supported Software
Table 3 lists the software levels for the Cisco platforms that support AON.
Table 4 lists the valid upgrade paths for each AON software release. Previous AON releases did not require you to upgrade software on AON nodes. However, due to several architectural changes included in Cisco AON Release 2.4, you must upgrade all nodes for this release. A version 2.4 AMC cannot manage nodes running previous AON software releases.
Table 4 AON Upgrade Paths
AON Release Valid Upgrade Paths Node Upgrade Required
AON 2.1 only
Any AON 2.x
Only if upgrading to AON 2.4
Any AON 2.x
Only if upgrading to AON 2.4
Using Cisco IOS Release 12.4(9)T
Cisco IOS Release 12.4(9)T changes the name of the AON-NM in Cisco IOS. It is now referred to as AON-Engine instead of AONS-Engine. Because of this change, you must perform the following additional steps as part of your upgrade:
•Back up your startup and running configurations.
•After the upgrade, reenter the AON-NM's network configuration using the AON-Engine interface.
For further details on configuring the AON-NM, see the AON Installation and Upgrade Guide.
Important Notes that Affect AON Release 2.4
•Due to several architectural changes in AON software, you must recompile custom adapters and custom bladelets used with previous AON releases before they can be used with Cisco AON Release 2.4.
•Your AON environment may be affected by changes to Daylight Saving Time specified by the U.S. Energy Policy Act of 2005. See the following document for more complete details: Impact of U.S. Daylight Savings Time Changes on Cisco Application-Oriented Networking.
•An excessive number of open SSL connections can cause an AON node to become inoperable. AON has been verified to handle up to 100 connections without effect. However, the node goes out of service when there are 350 open SSL connections.
Important Notes from Previous AON Releases
•The AON Management Console (AMC) supports only Microsoft Internet Explorer 6. AMC pages may not render properly in other web browsers.
•AON is implemented in Java, where memory is automatically managed by the Java runtime system. This means that there might be moments in the system when the garbage collection (automatic memory management) is still working at freeing up memory. The graceful-handling mechanism checks the free memory to determine if a message should be let into the system. So under high loads it is possible that AON will reject messages because the garbage collection is taking time to free up memory.
•The following issues may affect AON Development Studio (ADS) installation; however, the root causes are beyond the control of Cisco:
–Using the ALT key during ADS installation can cause some InstallShield screens to become corrupted. Despite this display problem, the ADS installer continues to function. If the display gets corrupted, minimize the ADS installer and then maximize it again. The display should return to normal. This is a known InstallShield issue when using JVMs with version 1.4.2.x.
–In rare situations when initially launching ADS on Windows 2000, an error message may be returned indicating that the database is busy or unavailable. The error can occur even though the database is listed as started in the list of Windows Services. This occurs when a database port is chosen in the ADS installer that also appears in the output of the netstat -a command in a loopback situation. The port is shown as pointing to another server port which in turn points back to it. This behavior has been seen only with one port, although not always the same port on the system. Reboot the PC to correct this problem.
Table 5 lists the caveats that have been resolved in this AON release.
Table 6 lists the caveats for this AON release, including defect identification numbers and symptoms. When applicable, conditions under which the defects occur and workarounds are also included.
Table 6 Open Defects in Cisco AON Version 2.4
Defect ID Description
Fastpath does not support wildcards in a uniform resource identifier (URI) for message-type classification.
In a message type URI, if a string such as "/index*" is specified, Fastpath classification does not classify messages with URIs "/index.html" or "/index1.html" to that message type.
Use complete URI for message-type classification. If more than one URI must be classified to a single message type and execute the same policy execution plan (PEP), define a message type for each URI and map all message types to the same PEP.
Tibco Enterprise Message Service (EMS) broker runs out of resources when the AON EMS adapter is misconfigured.
This symptom occurs when the broker's EMS queue and the AON EMS adapter are mismatched. For example, if the queue is configured within the AON adapter to receive messages, and the queue is in fact configured to send, the adapter continues to try to connect to the broker to register itself, causing resource issues for the EMS broker.
Correct the configuration of the EMS adapter.
Classification based on URI does not seem to work correctly. Messages are rejected even if there is an entry for that URI.
This occurs under the following sample configuration:
•A message type named "T1" is based on 5-tuple named "A" and a URI of "/index-nomatch.html"
•Another message type is named "T2" and based only on a URI of "/index.html"
Messages that match 5-tuple "A" and URI "/index.html" do not get classified to type "T2" and are rejected.
Use one of the following options:
•Add a third message type that is based on 5-tuple "A" and URI "/index.html"
•If 5-tuple based classification is not required for "T1" classification, remove the 5-tuple detail from that message type.
Following an upgrade, the log level for Fastpath resets to the default setting, as it is designed to do. However, the running configuration incorrectly shows the previous log level.
Configure the appropriate log level after each upgrade.
When the URI is http:cisco.com/index.html, instead of sending the data to http://cisco.com/index.html, AON sends the request to the destination specified in the "host" header field.
This occurs when the URI is incorrect. Although http:www.cisco.com is a correct form of URI, Fastpath misinterprets it. Fastpath then reconstructs the URL from the "host" header field and attempts to connect to it.
A user starts a deployment, and it hangs indefinitely. If the user retries the deployment from a different browser window, or if the user attempts to deploy a different deployment request (DR) to one of the nodes involved in the hung deployment, the deployment fails with the error "another user is currently deploying to node."
This situation was observed when an AON-SM was out of service. No processes were running on the AON-SM.
To end the locked deployment, restart the AON-SM and AMC. Once AMC and the node are running again, attempt another deployment.
Port 6666 becomes unresponsive after a massive number of HTTPS requests. The port does not recover.
DNS names are not resolved when they are used in BEA JMS naming configuration from AMC.
This happens when use DNS names from AMC BEA JMS Naming configuration but use IP address in the PEP.
Use IP address instead of DNS names.
Further Problem Description
There are four different scenarios to consider, and this issue only happens with the fourth scenario.
1. Use Weblogic server host-name in AMC under the JMS Naming configuration and use this host-name in PEP as the message destination.
2. Use Weblogic server IP address in AMC under the JMS Naming configuration and use this IP address in PEP as the message destination.
3. Use Weblogic server IP address in AMC under the JMS Naming configuration and use host-name in PEP as the message destination.
4. Use Weblogic server host-name in AMC under the JMS Naming configuration and use IP address in PEP as the message destination.
The JMS adapter is unable to take multiple URIs from a remote factory.
This is applicable only when a JMS adapter is configured with Tibco as the remote Java Naming and Directory Interface (JNDI) naming service.
Specify only a single JNDI name for the connection in the Tibco factory configuration file.
While attempting to register an HTTP adapter extension package, the following error dialog occurs:Error registering the package. null.
The following error messages are logged by AMC:01-Feb-2007 11:53:27 WARN [http7010-Processor23] AMC.Extensions.ExtensionLogic Error deploying extension com.cisco.aons.amc.data.AdapterExtExtension: java.lang.NullPointerException; null 01-Feb-2007 11:53:27 WARN [http7010-Processor23] AMC.Extensions.ExtensionsAction Error in Registration: java.lang.NullPointerException; null
While attempting to configure a number of different global AON properties, an error similar to the following occurs:Unable to get attribute domain for 'com.cisco.aons.policies.mec.SendProperties' in the 'AMCGLobalPolicy' context. Make sure the corresponding XML file is located in the $AMCROOT directory structure".
Immediately after AMC is launched following a new installation, the application spends some time (usually 3 to 5 minutes) initializing its database. Interrupting this process causes this problem. To ensure that AMC completes this task, look for the following entry in amc.log before shutting down a newly installed AMC:DBUtils.initializeDB() completed
This problem does not affect AMC following an upgrade.
None. Reinstall AMC if this problem occurs.
AON lacks correct time zone information for the U.S. state of Indiana.
Change your time zone setting to a locale that equates to the correct time for your area. See the following document for more complete details: Impact of U.S. Daylight Savings Time Changes on Cisco Application-Oriented Networking.
A custom bladelet was lost after rebooting an AON node. This occurs when the reload command is used in AON, and it also occurs when the reset button is pushed on the host switch or router.
Reload AON a second time.
The AON documentation set includes the following guides:
•AON Installation and Upgrade Guide—Covers the installation and upgrade of the AON environment.
•AON Development Studio User Guide—Covers ADS, bladelets, and PEP creation.
•AON Programming Guide—Covers the development of custom bladelets, custom adapters, and other features related to extending AON functionality.
Obtaining Documentation, Obtaining Support, and Security Guidelines
For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
© 2007 Cisco Systems, Inc. All rights reserved.