Guest

Cisco IP Solution Center

Release Notes for Cisco IP Solution Center, 3.2.2

  • Viewing Options

  • PDF (427.3 KB)
  • Feedback
Cisco IP Solution Center Release Notes, 3.2.2

Table Of Contents

Cisco IP Solution Center Release Notes, 3.2.2

Contents

Introduction

System Recommendations

Hardware Supported

Problems Fixed in Cisco IP Solution Center, 3.2.2

New and Changed Information for Release 3.2.2 of ISC

API Enhancement (CSCef33854)

Auto Discovery Enhancements (CSCef14884)

Automatic Full Mesh VPN Membership Determination

Creation of a VPN from a VRF Name

UNIX File for Auto Discovery Results

CollectConfig Task Enhancement (CSCef18466)

CollectConfig Can Use LockManager

Downloading Commands to IOS Enhancements

Ability to Delay Before or After Downloading Commands and Before the write memory Command (CSCee46969)

New List of Messages to Ignore (CSCef33865)

L2VPN and VPLS Enhancement (CSCef04786)

User-Network Interface (UNI)

MPLS Enhancements

Controlling the Behavior of AGED IP Addresses Pools (CSCee24819)

Explicitly Removing Route Target Commands (CSCef30215)

Non-broadcast Type Static Route Command (CSCee70367)

Non-GE-WAN Ethernet Interface Support for the 650x and 760x Platforms (CSCef42803)

Static Route with Different Formats (CSCef33870)

Installation Notes

Version Supported

Upgrade Paths

Uninstall

Important Notes

Documentation Road Map for Cisco IP Solution Center, 3.2

Known Problems in Cisco IP Solution Center, 3.2

Obtaining Documentation

Cisco.com

Ordering Documentation

Documentation Feedback

Obtaining Technical Assistance

Cisco Technical Support Website

Submitting a Service Request

Definitions of Service Request Severity

Obtaining Additional Publications and Information


Cisco IP Solution Center Release Notes, 3.2.2


June 28, 2007


Note You will want to consider upgrading to this ISC 3.2.2 Maintenance Release if you need support for the SUP720-3BXL line card on the 6500 or 7600 platforms, the new enhancements listed in the "New and Changed Information for Release 3.2.2 of ISC" section, or immediate access to the DDTS fixes in this maintenance release. Note that the anticipated ISC 4.0 release will not have support for the SUP720-3BXL line card on the 6500 or 7600 platforms or the new enhancements, but is projected to have most of these DDTS fixes. Also, understand that there is no upgrade path from this ISC 3.2.2 Maintenance Release to the anticipated ISC 4.0 release. For more information about upgrading from the ISC 3.2.2 Maintenance Release to a post-ISC 4.0 release, contact your local account representative or isc-mktg@cisco.com.


All documentation, including this Cisco IP Solution Center Release Notes, 3.2.2 document and any or all of the parts of the Release 3.2 documentation set, might be upgraded.

Cisco IP Solution Center software is referred to as ISC.

This document gives you an overview of this maintenance release and helps you understand what has changed since ISC 3.2. Please read this document prior to reading any other manual for ISC.

Contents

The information in this document is organized into the following sections:

Contents

Introduction

System Recommendations

Problems Fixed in Cisco IP Solution Center, 3.2.2

New and Changed Information for Release 3.2.2 of ISC

Installation Notes

Important Notes

Documentation Road Map for Cisco IP Solution Center, 3.2

Known Problems in Cisco IP Solution Center, 3.2

Obtaining Documentation

Documentation Feedback

Obtaining Technical Assistance

Obtaining Additional Publications and Information

Introduction

Cisco IP Solution Center (ISC), 3.2.2 is a maintenance release for ISC 3.2. The system recommendations for ISC 3.2.2 are based on those for ISC 3.2. To see these system recommendations, go to the "System Recommendations" section. URLs for base information about ISC 3.2 and an overview and suggested reading order of these documents is given in the "Documentation Road Map for Cisco IP Solution Center, 3.2" section.

Problems that were found in ISC 3.2 and fixed in this maintenance release are documented in the "Problems Fixed in Cisco IP Solution Center, 3.2.2" section. Some of the problems resulted in product enhancements and behavioral changes. These enhancements and changes are highlighted in the "New and Changed Information for Release 3.2.2 of ISC" section.

For problems that were found and might still exist in ISC 3.2.2, see the URL in the "Known Problems in Cisco IP Solution Center, 3.2" section.

System Recommendations

The system recommendations and requirements are listed in Chapter 1, "System Recommendations" of Cisco IP Solution Center Installation Guide, 3.2 http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/isc/3_2/install. The recommendation is to thoroughly review this list before even planning your installation, to be sure you have all the hardware and software you must successfully install.

Additional hardware supported in ISC 3.2.2 is listed with the tested IOS release in the "Hardware Supported" section.

Hardware Supported

Chapter 1, "System Recommendations," of Cisco IP Solution Center Installation Guide, 3.2 http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/isc/3_2/install explains the hardware and the associated software releases tested.

All this information is also valid for ISC 3.2.2 except for the following, which has not been tested:

QoS (Ethernet QoS) Cisco 4000: Cisco IOS release is 12.1(12c) EW

The following hardware and its associated IOS release are additionally supported in this release:

For Metro Ethernet PE-CLE (U-PE) 3550: ISC supported with Cisco IOS 12.1(22) EA1

For Metro Ethernet PE-CLE (U-PE) 3750: ISC supported with Cisco IOS 12.1(14) AX1

For MPLS PE (Catalyst 650x or Cisco 760x with SUP720-3BXL): ISC supported with Cisco IOS 12.2(17a) SX3

For MPLS PE Cisco 12xxx (GSR): ISC supported with Cisco IOS 12.0(28) S

For Multi-VRF CE support of 3750: ISC supported with Cisco IOS 12.1(14) AX1

Problems Fixed in Cisco IP Solution Center, 3.2.2

Table 1, "Problems Fixed in ISC 3.2.2," describes all the problems that were fixed in this maintenance release.

Table 1 Problems Fixed in ISC 3.2.2 

DDTS Number
Subject

CSCec08924

CNS-CE: Upload times out when using IPsec IOS 12.3(1a)

CSCec23074

Support for GRE + IPsec with dynamic IP address

CSCec81882

Ability to search or filter device or CPE using IP address

CSCed01826

NBI enhancement for template blobs

CSCed18722

ME QoS: Unable to decommission QoS on shared UNI

CSCed20419

Patch install displays incorrect path

CSCed21277

Java process (javaw.exe) occupies 99% of CPU and never releases it

CSCed29994

ISC does not hide uplink ports

CSCed43609

NBI parser fails when ServiceOrder has propertiesList

CSCed49181

MPLS: Audit IP address using IP unnumbered loopback interface option

CSCed49307

QoS Policy creation sets rate limiting to enabled

CSCed50186

Needed performance improvement for getDevices() API

CSCed53056

MPLS: Support MLPPP on RPM-XFL with multilink and PVC auditing

CSCed53236

ISC should keep track of EWS/EMS UNIs

CSCed53675

changeMaxRoutesAndDeployToRouters() API missing

CSCed62440

Must config switch nonegotiate with services

CSCed63665

Need a SR state change event notification

CSCed64847

PIX NAT 0 statement not generated when no peer but Remote Access pool exists

CSCed67515

NBI execQuery can run Oracle installs out of cursors

CSCed67801

IPsec XML generation picks up previously deployed devices

CSCed71149

VPNSC > ISC migration: Maxroutes threshold is incorrect

CSCed72541

Customer UNI port smart display

CSCed75544

Create Named Physical Circuit Ring causes error

CSCed75996

Migration utility VRFPing

CSCed77438

Usage for importExportTemplateDB.sh is incorrect

CSCed78706

Migration utility down interface

CSCed78708

Migration utility up interface

CSCed79213

Deleting one secure MAC address removes all on UNI by ISC

CSCed81741

Unable to edit MVRF-CE SR

CSCed83156

Template failure should skip download of that device

CSCed83173

IPsec editor device table count is incorrect

CSCed83214

Adding CPEs changes current devices opType to Delete

CSCed88905

Sample NBI scripts

CSCed91285

Decommissioning utilizes wrong configlet for delta generation

CSCed92960

MVRF: Unmanaged MVRF SR goes to Invalid state

CSCee00836

Cannot deploy SR with VPLS policy/access port/no port-security

CSCee01475

CPE page to display color-coded services

CSCee01497

Ping exception and misbehavior for IPsec VPNs

CSCee02238

MPLS: Unmanaged CE backward compatibility

CSCee02369

Cannot apply QoS SR to VPLS SR

CSCee02410

API: UNI device interface should not be required for PE only SR

CSCee03573

VLAN ID being reused with manual VLAN ID assignment for VPLS

CSCee03934

IPsec DMVPN SR saves with duplicated GRE IP addresses

CSCee04936

AD hardcoded backendadmin as the owner of the objects

CSCee05323

Change of QoS profile does not work

CSCee06431

QoS: Need information regarding difference between purge and delete

CSCee06580

VLAN ID/VC ID resource pool

CSCee06979

NPC discovery fails due to core ring SRP interface

CSCee07272

NBI is throwing error when no records found

CSCee07460

QoS request for VPLS going to Invalid state

CSCee08205

NBI: Modification of MPLS SR to add templates does not work

CSCee08340

Deploy CPE does not show Firewall SR in the list of available SRs

CSCee08349

Not possible to remove/change configlet in Wait Deploy state

CSCee08429

API: UNI MAC address is not displayed while viewing a VPLS EWS policy

CSCee08497

ISC API cannot decommission a VPLS SR

CSCee08608

NBI scripts need updates for Oracle

CSCee09442

#systemCurrentTimeInIOSFormat() returns wrong clock format

CSCee09498

force_remove device from SR does not work

CSCee09579

NBI: Cannot disassociate template from an MPLS VPN link

CSCee10738

Default values for customer IP range flags not set in migration

CSCee10923

Migration: ora-schemaversion.sql file not found

CSCee11360

Decommissioning an MVRFCE: PE-CE MPLS SR leaves configuration commands

CSCee11520

HA: Hard-coded 3.1 path for isc_probe.ksh

CSCee12564

configSecurePort.sh does not enable the secure HTTP port

CSCee13185

L2VPN repository variables not being resolved properly

CSCee14154

PE cache does not populate with ISC Oracle database in use

CSCee14488

Not able to decommission a failed deployed service

CSCee15072

Wrong PE-POP uplink interface used when modifying UNI for VPLS

CSCee16508

Not all RMI server ports are fixed

CSCee16572

IP address handling enhancements for /30 and /32 addresses

CSCee19050

Modifying BGP AS ID on unmanaged CE causes SR to go to Invalid state

CSCee19754

Loopback validation: PE loopback should be part of interface list

CSCee19883

ISC does not add new line between template and SR config lines

CSCee20470

VPLS VPN always displays as ERS

CSCee21919

Backward compatibility for record XML element

CSCee23208

XML API response to CSV format utility required to remove/change configlet in Wait Deploy state

CSCee23253

MPLS cannot provision SR with Frame Relay IETF interface encapsulation

CSCee24450

NBI cannot manage AdvertisedRoutesForCe in MPLS SR

CSCee24819

Need DCPL flag to control the behavior of AGED IP addresses

CSCee24922

force_remove CPE from Firewall SR does not delete the device

CSCee25335

NPC creation must be validated

CSCee25426

Unlimited security activation license key is not working

CSCee25951

Sanity check during NPC creation

CSCee27981

RBAC bug: Internal error when adding a user

CSCee29738

Relax CERC checking for discovered SRs

CSCee31315

Cannot add access link only to QoS SR

CSCee34151

Provisioning upload bypasses repository/deviceConfigs/maxVersions

CSCee34208

NBI: Several issues with SLA report

CSCee34898

ERS: ISC allows deployment of Native VLAN SR over access port

CSCee34986

IPsec Fullmesh to hub and spoke hangs in Requested state

CSCee35008

Version info missing on rollback

CSCee35572

VC range checking relaxing for migration

CSCee35997

VPLS API: Unable to create NPC ring with cross connection

CSCee36036

IPsec site-to-site service no-NAT ACL does not match NAT service

CSCee36080

Internal error on clicking CPE if CPE is created from 3.2

CSCee39340

Incorrect message shown when rolling back the patch

CSCee39365

MPLS VPN decommission removes PE IP address through reapplyIpaddress=true

CSCee39520

MPLS service blade behaving incorrectly for connection timeout

CSCee39526

IP address checking to be relaxed for unmanaged CEs

CSCee44302

MR11644 and MR11657 Oracle exceptions and deadlocks

CSCee44996

Deadlock for Oracle database during service deployment

CSCee45803

GUI: Must remove group-lock from IOS tab

CSCee46405

ISC does not take care of NAT automatically

CSCee46935

Some SRs on decommission hangs SR

CSCee46969

Delay before or after downloading commands and wr mem

CSCee47144

NAT dynamic translation from prefix internal error

CSCee47472

ISC internal error when listing all SRs in GUI

CSCee48455

Enumerate with filters displays same child objects for all parents

CSCee48471

Auto-Discovery log: ISC skips services without warning

CSCee48687

Remote Access: Failed Deploy state on VPNSM

CSCee48701

Deploying IPsec SR fails with list.java.lang.NullPointerException

CSCee49418

NAT SR: Old route map is lost when new static translations added

CSCee52147

MVRF SR with manually assigned extra CE loopback address fails audit

CSCee52320

Template: Subtemplate call is not backward compatible

CSCee53727

Audit failed on redistribute OSPF command on IOS 12.0(27)S

CSCee53896

Route Distinguisher override failure due to NULL pointer exception

CSCee54500

QoS SR Failed Audit state

CSCee55090

Performance improvement while accessing config files

CSCee58175

NBI modifyce script not reporting errors correctly

CSCee58177

NBI collectconfig script not reporting status correctly

CSCee58747

GUI: Device group buttons enabled for read-only users

CSCee58764

GUI: IPsec policy Save buttons enabled for read-only users

CSCee58971

Modifying the CE AS number results in audit failure with as-override

CSCee59748

NAT SR goes to Failed Deploy state with multiple interfaces

CSCee60151

NAT GUI: Auto translation uncheck problem if more than 10 CPEs

CSCee60228

NBI QoS: Cannot create IP QoS SR from an MPLS SR

CSCee61768

MPLS: Cannot modify SR with data buffer template in GUI

CSCee61811

CNS: E-mail recipient still got message after being deleted from list

CSCee62877

Exception with large static routes

CSCee63923

Template Manager loads too slowly with RBAC usage

CSCee65562

NBI: NAT and Firewall SR force remove of CPEs not supported

CSCee65574

NBI: QoS SR does not support force remove of CPEs

CSCee65763

Cannot save unmanaged CE SR with manually assigned IP address

CSCee66609

NBI: Cannot create VPLS (ERMS/EWS) using API

CSCee66857

Extra CE loopback IP address should be marked as used

CSCee66875

Provide more detailed information for VRF/RD exception

CSCee68795

IP QoS: Constraint matrix incorrect for shaping

CSCee70367

Auditing static routes failed

CSCee74125

L2VPN-API: Unable to view the SR details

CSCee77176

L2VPN: ISC generating CDP and MAC access-group CLIs for port-channel

CSCee80585

NBI: No API to add configuration for a device in ISC

CSCee81694

L2VPN API: Unable to modify any of the SR attributes

CSCee84782

No database update invoked if VRF did not change

CSCee85540

NBI QoS: Cannot attach policy to ATM VC on SR modification

CSCee86763

ME QoS: RBAC QoS role does not allow ME QoS provisioning

CSCee93949

Push SR description to routers

CSCee95997

Ethernet QoS provisioning with ERS service on 3550 platform

CSCef04574

NBI must have create and modify data displayed for all objects

CSCef04786

Allow multiple customers to share a UNI for L2VPN

CSCef10672

Incorrect pool sizes displayed

CSCef13987

ISC provisions redistribute connected for BGP and static

CSCef14884

MPLS Service Discovery: Various enhancements

CSCef16523

ME QoS: Cannot save CoS in ME QoS policy

CSCef18466

Need DCPL option to allow Collect Config to use LockManager

CSCef23981

NBI must display StatusMsg on link when decommission fails

CSCef28938

Database unique constraint exceptions are not being propagated

CSCef30132

RBAC: Invalid credentials when logging into ISC

CSCef30215

ISC must remove route-target commands before removing IP VRF

CSCef30565

Multiple SRs are getting stuck in Requested state

CSCef33854

Synchronization issue of two-step disconnecting MLPPP PVC SRs

CSCef33865

Delete SR stuck in Pending state should go to Failed Deploy state

CSCef33870

Static route to next-hop issue

CSCef38501

Migration script should automatically detect the schema version

CSCef39516

Service Auto Discovery of intra-metro services not working consistently

CSCef42803

Sup 720 (7600/6500) MPLS support - VLAN termination

CSCef42811

3750 as MVRF CE support

CSCef45488

SR description edits will cause ISC repository to stop responding

CSCef55071

QoS audit failure. ISC must round mean rate value

CSCef57079

Transfer UNI description to VLAN name based on DCPL for ERS

CSCef58552

Internal error launching ISC on Netscape 7.0 on Windows 2000

CSCef65281

Runtime task cleanup service only reaping 100 tasks per cycle

CSCef66006

Must create DCPL properties dump tool

CSCef68264

Inventory Manager reports OutOfMemory error in all cases

CScef69607

Oracle upgrade: Schema version is wrong in updated database

CSCef70863

Multicast: Cannot modify VPN to add multicast option

CSCef73620

NBI: Create one-dimensional template and view template problems

CSCef74989

DCPL: IOSCWarningExpresisonRemoveCfg has no default value

CSCef75213

Add 3550 IOS version 12.1(22)EA1 to the QoS compatibility matrix

CSCef77591

Description spelling error for DCPL property

CSCef82078

NBI: MPLS CERC removal fails

CSCef85134

NBI: Error prepending/appending PE template blob

CSCef88099

VPLS SR does not go to Lost state after running Config Audit

CSCef89116

NBI: Static routes with next hop address provisioned incorrectly

CSCef93401

NPC discovery failed to perform (intermittent)

CSCeg03041

MPLS: SR fails audit for OSPF routing protocol

CSCeg04114

MPLS: SR creation failed for NO_CE and NO_CLE policy

CSCeg06747

Recovery of IP AGED pool throwing exception

CSCeg08472

QoS NBI: Should not allow modification of LinkProfile name

CSCeg08939

L2VPN: intraPOP service allows different VLANs if assigned manually

CSCeg11051

IP Link QoS parent-level CB shaper command queue-limit not generated for 3620

CSCeg13274

GUI: Remove next hop option for PE-MVCE static routing protocol

CSCeg16336

NBI: Device console utility interface API is incorrect

CSCeg16692

L2VPN SR goes to Failed Audit state for VLANs in the range of 1002-1005

CSCeg16754

API L2VPN: Unable to view ATM_NO_CE Service Definition

CSCeg18528

When decommissioning a MVRF SR, the switch mode is not cleaned up

CSCeg18698

MVRF SR always provisioned with dot1 q encapsulation

CSCeg18836

IP QoS: cRTP command for the 3745 is not generated when encapsulation type is HDLC

CSCeg20131

API: Cannot change static route option to next hop IP address

CSCeg23434

VRF not removed when last link is decommissioned

CSCin64964

Internal error while editing the created ring

CSCin66015

QoS cannot save single rate policer without entering Peak Info Rate value

CSCin69134

MPLS SR modification fails from HDLC to PPP or Frame Relay encapsulation

CSCin69547

MPLS: Modified IpUnNumbered SR goes to Failed Audit state

CSCin69600

Longevity test on Oracle9i-exceptions during heavy system load

CSCin69727

Edit Cross links button goes to No action instance for path error

CSCin70955

MPLS: SR goes to Failed Deploy state when VPN is modified

CSCin73674

Not able to save the modified MPLS SR

CSCin73684

Not able to save VPLS-ERS SR with no CE option

CSCin75056

L2VPN SR goes to Invalid state if PE/UNI interface description specified

CSCin78183

ME QoS: Cannot deploy SR. SR moves to Invalid state

CSCin78191

ME QoS: Cannot save CoS in ME-QoS policy

CSCin78615

L2VPN ERS SR description modification fails

CSCin83557

MPLS: Ping connectivity test in GUI gives exception message


New and Changed Information for Release 3.2.2 of ISC

The following are enhancement and changed behavior topics for this ISC Release 3.2.2 (listed alphabetically):

API Enhancement (CSCef33854)

Auto Discovery Enhancements (CSCef14884)

CollectConfig Task Enhancement (CSCef18466)

Downloading Commands to IOS Enhancements

L2VPN and VPLS Enhancement (CSCef04786)

MPLS Enhancements

API Enhancement (CSCef33854)

A new MPLS VPN link attribute, PE_Template_Action, was added in this release. With this new attribute, you can append (default) or prepend a PE template blob to an ISC-generated configlet through the API. The PE template blob is entered as a value to PE_Template and has no effect on templates managed by the Template Manager. Template Manager has its own method of appending and prepending templates.

To prepend the template blob in a decommission request, the service request must first be modified with the prepended template blob and set to the Requested state. Then decommission the modified service request.

Auto Discovery Enhancements (CSCef14884)

Three new enhancements are now available for Auto Discovery and they are all based on CSCef14884. They are:

Automatic Full Mesh VPN Membership Determination

Creation of a VPN from a VRF Name

UNIX File for Auto Discovery Results

Automatic Full Mesh VPN Membership Determination

The new DCPL property, AutoDiscovery.TopologyHandler, allows you to automatically determine Full Mesh VPN membership if the same Route Target has been used to achieve VPN connectivity.

Creation of a VPN from a VRF Name

The new DCPL property, AutoDiscovery.createVpnAndCustomerFromVRFName, allows you to attach the CERC created using AutoDiscovery.TopologyHandler if the VPN name is the same as the VRF name.

UNIX File for Auto Discovery Results

A UNIX file is now created in addition to the log files to quickly see the results of Auto Discovery. This simple report shows the objects created or skipped or shows any errors. The location is the directory: $ISC_HOME/tmp/autodiscovery.

CollectConfig Task Enhancement (CSCef18466)

One new enhancement is now available for CollectConfig, based on CSCef18466. It is:

CollectConfig Can Use LockManager

CollectConfig Can Use LockManager

The CollectConfig task can now place a software lock on the devices prior to executing the CollectConfig and can release this lock as soon as CollectConfig completes. This is done to handle concurrency issues in some IOS releases. A new DCPL property was added to enable this new feature: lockmanager.collectConfigLock. The default is false, which means this feature is disabled.


Note The CollectConfig task can execute the operations: CollectConfig (mandatory); Attributes (optional, using show commands); and Interfaces (using SNMP). The new software lock only applies to the CollectConfig operation.


Downloading Commands to IOS Enhancements

Two new enhancements are now available for downloading commands to IOS. They are:

Ability to Delay Before or After Downloading Commands and Before the write memory Command (CSCee46969)

New List of Messages to Ignore (CSCef33865)

Ability to Delay Before or After Downloading Commands and Before the write memory Command (CSCee46969)

This feature is actually two features implemented in one DDTS.

1. You can delay before or after downloading any IOS config command using Telnet or SSH. The range of the delays is 0-1800 seconds (0-30 minutes). Use the new DCPL properties: GTL.CSL.ios.delayBeforeDownloadingCmd and GTL.CSL.ios.delayAfterDownloadingCmd to delay before and after downloading IOS config commands, respectively. The default for both of these new properties is a blank field. The format of the input is: name of the command followed by a colon and then the number of seconds (0-1800). You can enter multiple commands and seconds by placing a semi-colon between the entries. For example:

no policy-map:30;no neighbor:10

2. You can also delay after downloading a configlet before issuing the write memory command by 0-300 seconds (0-5 minutes), using the new DCPL property: GTL.CSL.ios.delayBeforeWriteMem. The default for this property is 0.

New List of Messages to Ignore (CSCef33865)

Two new DCPL properties were added to allow you to create a list of messages to ignore when deleting (decommissioning) a service request. The list of messages to ignore are IOS device responses returned by the command line interface while downloading configuration commands.

An existing DCPL property: DCS.IOSWarningExpressions is called the primary list and lists messages that can be safely ignored when adding, modifying, and decommissioning service requests.

If you want to specify a separate list of IOS response messages to be ignored when decommissioning service requests, set the new property: DCS.IOSUsePrimaryWarningExprOnly to false. This directs DCS to use a new DCPL property: DCS.IOSWarningExpressionsRemoveCfg that specifies messages to safely ignore when decommissioning a service request. Use a $ to separate the messages in this new property. In this case, the primary list DCS.IOSWarningExpressions will still be used for add and modify operations.

When the setting for DCS.IOSUsePrimaryWarningExprOnly is the default of true, the behavior is not changed and the primary list defined in DCS.IOSWarningExpressions is used.

L2VPN and VPLS Enhancement (CSCef04786)

One new enhancement is now available for L2VPN and VPLS, based on (CSCef04786). It is:

User-Network Interface (UNI)

User-Network Interface (UNI)

Multiple customers can now share a User-Network Interface (UNI).

MPLS Enhancements

Five new enhancements are now available for MPLS. They are:

Controlling the Behavior of AGED IP Addresses Pools (CSCee24819)

Explicitly Removing Route Target Commands (CSCef30215)

Non-broadcast Type Static Route Command (CSCee70367)

Non-GE-WAN Ethernet Interface Support for the 650x and 760x Platforms (CSCef42803)

Static Route with Different Formats (CSCef33870)

Controlling the Behavior of AGED IP Addresses Pools (CSCee24819)

When an IP address used by MPLS is released, it goes to the AGED pool and typically cannot be reused until the Aging timer expires. Because in certain cases, you might want to use that same IP address before the Aging timer expires, a new DCPL property: repository.IPAddressPool.releaseAndReuseAgedAddresses was introduced to allow this early reuse. When this property is set to true and the same address is manually allocated, the address is released from the AGED Pool and moved to the Allocated pool. The default is false.

Explicitly Removing Route Target Commands (CSCef30215)

A new DCPL property: Provisioning.NOM.explicitlyRemoveRouteTargets is now available. When the no ip vrf command is issued, router target subcommands are automatically deleted after removing the ip vrf command. With this property set to true, all router target subcommands are deleted before removing the ip vrf command. A prerequisite to using this DCPL property is to delay the downloading of the no ip vrf command, as explained in the "Ability to Delay Before or After Downloading Commands and Before the write memory Command (CSCee46969)" section:

In the DCPL property: GTL.CSL.ios.delayAfterDownloadingCmd, enter no ip vrf:45.

In the DCPL property: GTL.CSL.ios.delayBeforeDownloadingCmd, enter do clear ip route vrf:90.

Non-broadcast Type Static Route Command (CSCee70367)

A new DCPL property: Provisioning.Service.mpls.forceRemoveNonBroadcastStaticRouteOnPE set to true allows ISC to remove the non-broadcast type static route command that has a pre-existing long syntax, even if that command was not provisioned by ISC. The non-broadcast type static route command is removed from a PE router prior to provisioning.


Note Long syntax contains both an outgoing interface name and a next hop IP address.


Non-GE-WAN Ethernet Interface Support for the 650x and 760x Platforms (CSCef42803)

Support for the 650x and 760x platforms for a Non-GE-WAN Ethernet Interface (Fast Ethernet and Gigabit Ethernet) as a PE device is through the VLAN interface only. You must pick the physical Ethernet Interface and additionally enter a VLAN ID or select the Auto-Pick VLAN ID check box. All other OSM interfaces remain supported.

Static Route with Different Formats (CSCef33870)

Static routes with different formats would typically generate an error message. However, with the new DCPL property: Provisioning.Service.mpls.passAuditForNonBroadcastStaticRouteOnPE set to true, the ISC auditor does not detect this different format as an error, for example when there is an outgoing interface name but a next hop IP address was found. The default for this new property is false.

A new API and GUI attribute configures static routing protocol at the link level. This attribute allows ISC to provision static routing protocol with the respective outgoing interface or next hop IP address.

The new GUI attribute for an MPLS Service Request is called the Next Hop Option and it resides in the MPLS Link Attribute Editor - Routing Information screen for Static Routing Protocol. You can find this by navigating Service Inventory > Inventory and Connection Manager > Service Requests. Then create or select an MPLS Service Request and edit it. In Step 3 of the editing (PE-CE Routing Information), the default value for the Next Hop Option is based on the value of the DCPL property: Provisioning.Service.mpls.useNextHopAddressForStaticRoutes.

To manage the setting of the interface name or IP address using the API, you can set the attribute Static_Next_Hop_Option (LinkAttrs section) with a value of either NEXT_HOP_IPADDR or OUTGOING_INTF_NAME.

Installation Notes


Note You will want to consider upgrading to this ISC 3.2.2 Maintenance Release if you need support for the SUP720-3BXL line card on the 6500 or 7600 platforms, the new enhancements listed in the "New and Changed Information for Release 3.2.2 of ISC" section, or immediate access to the DDTS fixes in this maintenance release. Note that the anticipated ISC 4.0 release will not have support for the SUP720-3BXL line card on the 6500 or 7600 platforms or the new enhancements, but is projected to have most of these DDTS fixes. Also, understand that there is no upgrade path from this ISC 3.2.2 Maintenance Release to the anticipated ISC 4.0 release. For more information about upgrading from the ISC 3.2.2 Maintenance Release to a post-ISC 4.0 release, contact your local account representative or isc-mktg@cisco.com.


This section contains the following information:

Version Supported

Upgrade Paths

Uninstall

Version Supported

ISC 3.2 is the base for the ISC 3.2.2 Maintenance Release. You must have ISC 3.2 installed before downloading the software to upgrade to ISC 3.2.2.


Note There is no upgrade path from this ISC 3.2.2 Maintenance Release to the anticipated ISC 4.0 release. For more information about upgrading from the ISC 3.2.2 Maintenance Release to a post-ISC 4.0 release, contact your local account representative or isc-mktg@cisco.com


Upgrade Paths

To upgrade from ISC 3.2 to ISC 3.2.2, follow these steps:


Step 1 Before proceeding to install the ISC 3.2.2 Maintenance Release, be sure to backup your repository, as explained in Appendix C of Cisco IP Solution Center Installation Guide, 3.2 http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/isc/3_2/install


Note If you need to revert to your ISC 3.2 code, this backed up repository is the one you need to point to after uninstalling ISC 3.2.2. When you uninstall ISC 3.2.2, you do not remove modifications made to the repository in Step 9. Any Service Requests provisioned under ISC 3.2.2 will then need to be reprovisioned.


Step 2 Go to http://www.cisco.com/cgi-bin/tablebuild.pl/isc (where in tablebuild.pl, the last character is the lower-case letter "l") to retrieve the ISC 3.2.2 Maintenance Release and the schema upgrade package for your Sybase database, upgrade32To322_Sybase.tar.gz, or your Oracle database, upgrade32To322_Oracle.tar.gz.


Note Patches that use ISC 3.2.2 as the base will also be located at http://www.cisco.com/cgi-bin/tablebuild.pl/isc


Step 3 Prior to installing the ISC 3.2.2 Maintenance Release, verify that you have 100 MB of free space in the $ISC_HOME directory.

Step 4 Navigate to a directory other than $ISC_HOME.

Step 5 Use the following command to untar and unzip the appropriate isc-3.2.2.0-patch.tar.gz file:

gzip -d < isc-3.2.2.0-patch.tar.gz | tar xf -

Step 6 Log in with the same username as the owner of ISC 3.2.

Step 7 If ISC 3.2 is running, use the following command to stop the database, name server, and WatchDog on the machine on which it is running:

$ stopall

Step 8 Use the following command to run the patch installation script:

$ ./iscpatchinstall

a. When you run this script, you will be asked to ensure that you have followed the equivalent of Step 6 and Step 7, and as part of the installation, you will be asked to confirm the equivalent of Step 3.

b. To accept the default value for a prompt indicated in [ ], for example, [n] or [y], press Enter. To terminate the installer at any time, press Ctrl-C. Specifically you will be asked to enter a new path or press Enter for the default [/opt/isc-3.2].

c. When asked, enter the ISC 3.2 admin username and password.

d. At the end of the installation, you will receive a message that the Patch installation is complete.

Step 9 Use the following command to untar and unzip the appropriate schema upgrade package that you retrieved in Step 2:

For Sybase: gzip -d < upgrade32To322_Sybase.tar.gz | tar xf -

For Oracle: gzip -d < upgrade32To322_Oracle.tar.gz | tar xf -

Use the README file contained in the schema upgrade package for the detailed instructions of how to apply the schema upgrade.

Step 10 If you choose to uninstall this patch after successfully installing, follow the steps in the "Uninstall" section.


Uninstall

To uninstall the ISC 3.2.2 Maintenance Release that was successfully installed by following the steps in the "Upgrade Paths" section, follow these steps:


Step 1 Log in with the same username as the owner of ISC 3.2.

Step 2 If ISC 3.2.2 is running, use the following command to stop the database, name server, and WatchDog on the machine on which it is running:

$ stopall

Step 3 Navigate to the directory $ISC_HOME/patch/isc3.2.2.0-patch, where the files and executable prior to installing ISC 3.2.2 were stored.

Step 4 Use the following command to run the patch script to uninstall:

$ ./iscpatchrollback

a. When you run this script, you will be asked to ensure that you have followed the equivalent of Step 1 and Step 2.

b. To accept the default value for a prompt indicated in [ ], for example, [n] or [y], press Enter. To terminate the installer at any time, press Ctrl-C.

c. At the end of the uninstall, you will receive a message that the Patch rollback is complete.

Step 5 Restore the repository that you backed up in Step 1 of the "Upgrade Paths" section, as explained in Appendix C of Cisco IP Solution Center Installation Guide, 3.2 http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/isc/3_2/install


Note When you uninstall ISC 3.2.2, you do not remove modifications made to the repository. Any Service Requests provisioned under ISC 3.2.2 will then need to be reprovisioned.



Important Notes


Note You will want to consider upgrading to this ISC 3.2.2 Maintenance Release if you need support for the SUP720-3BXL line card on the 6500 or 7600 platforms, the new enhancements listed in the "New and Changed Information for Release 3.2.2 of ISC" section, or immediate access to the DDTS fixes in this maintenance release. Note that the anticipated ISC 4.0 release will not have support for the SUP720-3BXL line card on the 6500 or 7600 platforms or the new enhancements, but is projected to have most of these DDTS fixes. Also, understand that there is no upgrade path from this ISC 3.2.2 Maintenance Release to the anticipated ISC 4.0 release. For more information about upgrading from the ISC 3.2.2 Maintenance Release to a post-ISC 4.0 release, contact your local account representative or isc-mktg@cisco.com.


1. All ISC patches are available at: http://www.cisco.com/cgi-bin/tablebuild.pl/isc

2. To download and upload configuration files to and from the VPN 3000 concentrator, the only supported mechanism is SSH.

3. If one or more users are logged into a VPN 3000 concentrator through a web interface or through Telnet, ISC cannot download to the VPN 3000. Prior to deploying a service request in ISC for a VPN 3000, you must log out of all active sessions to this VPN 3000.

4. The supported Sybase and Oracle databases behave differently. All GUI queries are case insensitive for Sybase and case sensitive for Oracle.

Documentation Road Map for Cisco IP Solution Center, 3.2

This section describes documentation resources to help you find information about Cisco IP Solution Center (ISC), 3.2.

The entire documentation set for Cisco IP Solution Center, 3.2 can be accessed at:

http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/isc/3_2

The following documents comprise the ISC 3.2 documentation set.


Note All documentation might be upgraded.


General documentation (these documents are listed in the recommended reading order):

1. Cisco IP Solution Center Documentation Guide, 3.2

The contents of this document are:

Product Documentation Set (URLs for all the documentation in this documentation set)

Obtaining Documentation

Documentation Feedback

Obtaining Technical Assistance

Obtaining Additional Publications and Information

2. Cisco IP Solution Center Release Notes, 3.2

This document, Cisco IP Solution Center Release Notes, 3.2.2, adds additional New and Changed Information for this maintenance release. Cisco IP Solution Center Release Notes, 3.2 indicates what was added in the base 3.2 release.

The contents of this document are:

Introduction

System Recommendations

Materials

New and Changed Information for Release 3.2 of ISC

Documentation Road Map for Cisco IP Solution Center, 3.2

Known Problems in Cisco IP Solution Center, Release 3.2

Obtaining Documentation

Documentation Feedback

Obtaining Technical Assistance

Obtaining Additional Publications and Information

3. Cisco IP Solution Center Installation Guide, 3.2

The contents of this document are:

System Recommendations

Installing and Logging Into ISC

Setting Up Oracle for ISC

Setting Up Cisco CNS IE2100 Appliances Running Cisco CNS Configuration Engine 1.3.x and 1.4 Software with ISC

Back Up and Restore of ISC Repository and Standby System

Troubleshooting

4. Cisco IP Solution Center System Error Messages, 3.2

The contents of this document are:

API Message Format

System Error Messages

5. Cisco IP Solution Center API Programmer Guide, 3.2

The contents of this document are:

Introduction

Getting Started

Common APIs

Monitoring APIs

Using Templates

MPLS Provisioning

L2VPN Provisioning

VPLS Provisioning

QoS Provisioning

IPsec Provisioning

NAT Provisioning

Firewall Provisioning

GUI to API Mapping

Implementing a Notification Servlet

6. Index: Cisco IP Solution Center API Programmer Reference, 3.2

The contents of this index are:

XML Examples

Integrated VPN Management Suite documentation (these documents are listed alphabetically):

Cisco IP Solution Center Integrated VPN Management Suite Infrastructure Reference, 3.2

The contents of this document are:

Getting Started

WatchDog Commands

Service Inventory > Inventory and Connection Manager

Service Inventory > Inventory and Connection Manager > Inventory Manager

Service Inventory > Deployment Flow Manager and Service Inventory > Device Console

Service Design

Monitoring

Administration

Cisco CNS IE2100 Appliances

Property Settings

Glossary

Cisco IP Solution Center Integrated VPN Management Suite L2VPN User Guide, 3.2

The contents of this document are:

ISC L2VPN and VPLS Concepts

Setting up the ISC Service

Creating an L2VPN Policy

Managing an L2VPN Service Request

Creating a VPLS Policy

Managing a VPLS Service Request

Auditing and Reports

Cisco IP Solution Center Integrated VPN Management Suite MPLS VPN User Guide, 3.2

The contents of this document are:

IP Solution Center—MPLS VPN

Provisioning an Unmanaged Multi-VRF CE

MPLS VPN Service Policies

MPLS VPN Service Requests

Provisioning Regular PE-CE Links

Provisioning MVRFCE PE-CE Links

Provisioning Management VPN

Provisioning Cable Services

Provisioning Carrier Supporting Carrier

Provisioning Multiple Devices

Spanning Multiple Autonomous Systems

Setting Up the Network

Service Request Transition States

Troubleshooting MPLS VPN

Cisco IP Solution Center Integrated VPN Management Suite Network-Based IPsec VPN User Guide, 3.2

The contents of this document are:

Preparing for Network-Based IPsec VPN Provisioning

One-Box Solution for IPsec-to-MPLS Mapping

Two-Box Solution for IPsec-to-MPLS Mapping

Provisioning Network-Based IPsec VPN Services

Using ISC FAQ

Cisco IP Solution Center Integrated VPN Management Suite Quality of Service User Guide, 3.2

The contents of this document are:

ISC Quality of Service Concepts

Network Architecture

QoS Service Model Overview

Prerequisites and Assumptions

Provisioning Process for IP QoS

QoS Policy Parameters

Applying QoS Policies to VPN Services

Auditing and Reports

Sample Configurations

Cisco IP Solution Center Integrated VPN Management Suite Security User Guide, 3.2

The contents of this document are:

ISC Security Concepts

Preparing for Security Provisioning

Site-to-Site VPN Services

Remote Access VPN Services

NAT Services

Firewall Services

Provisioning Services

Updating and Modifying Pre-shared Keys

Security Management Suite documentation (these documents are listed alphabetically):

Cisco IP Solution Center Security Management Suite Infrastructure Reference, 3.2

The contents of this document are:

Getting Started

WatchDog Commands

Administration

Inventory Manager

Policy Design

Provision

Monitoring

Cisco CNS IE2100 Appliances

Property Settings

Glossary

Cisco IP Solution Center Security Management Suite Quality of Service User Guide, 3.2

The contents of this document are:

ISC Quality of Service Concepts

Network Architecture

QoS Service Model Overview

Prerequisites and Assumptions

Provisioning Process for IP QoS

IP QoS Policy Parameters

Managing and Auditing Policy Configurations

Sample Configurations

Cisco IP Solution Center Security Management Suite Security User Guide, 3.2

The contents of this document are:

ISC Security Concepts

Preparing for Security Provisioning

Site-to-Site VPN Services

Remote Access VPN Services

NAT Services

Firewall Services

Managing Policy Configurations

Updating and Modifying Pre-shared Keys

Known Problems in Cisco IP Solution Center, 3.2

To find known problems in Cisco IP Solution Center, use the following URL:

http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl

You must log into CCO.

You can search for specific bugs or search for a range by product name. This tool enables you to query for keywords, severity, range, or version.

The results display bug ID and title, found-in version, fixed-in version, and status. The bug ID is a hyperlink to detailed information for the bug ID's product, component, severity, first found-in, and release notes.

The results could be displayed in a feature matrix or spreadsheet.

Obtaining Documentation

Cisco documentation and additional literature are available on Cisco.com. Cisco also provides several ways to obtain technical assistance and other technical resources. These sections explain how to obtain technical information from Cisco Systems.

Cisco.com

You can access the most current Cisco documentation at this URL:

http://www.cisco.com/univercd/home/home.htm

You can access the Cisco website at this URL:

http://www.cisco.com

You can access international Cisco websites at this URL:

http://www.cisco.com/public/countries_languages.shtml

Ordering Documentation

You can find instructions for ordering documentation at this URL:

http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm

You can order Cisco documentation in these ways:

Registered Cisco.com users (Cisco direct customers) can order Cisco product documentation from the Ordering tool:

http://www.cisco.com/en/US/partner/ordering/index.shtml

Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco Systems Corporate Headquarters (California, USA) at 408 526-7208 or, elsewhere in North America, by calling 1 800 553-NETS (6387).

Documentation Feedback

You can send comments about technical documentation to bug-doc@cisco.com.

You can submit comments by using the response card (if present) behind the front cover of your document or by writing to the following address:

Cisco Systems
Attn: Customer Document Ordering
170 West Tasman Drive
San Jose, CA 95134-9883

We appreciate your comments.

Obtaining Technical Assistance

For all customers, partners, resellers, and distributors who hold valid Cisco service contracts, Cisco Technical Support provides 24-hour-a-day, award-winning technical assistance. The Cisco Technical Support Website on Cisco.com features extensive online support resources. In addition, Cisco Technical Assistance Center (TAC) engineers provide telephone support. If you do not hold a valid Cisco service contract, contact your reseller.

Cisco Technical Support Website

The Cisco Technical Support Website provides online documents and tools for troubleshooting and resolving technical issues with Cisco products and technologies. The website is available 24 hours a day, 365 days a year, at this URL:

http://www.cisco.com/techsupport

Access to all tools on the Cisco Technical Support Website requires a Cisco.com user ID and password. If you have a valid service contract but do not have a user ID or password, you can register at this URL:

http://tools.cisco.com/RPF/register/register.do


Note Use the Cisco Product Identification (CPI) tool to locate your product serial number before submitting a web or phone request for service. You can access the CPI tool from the Cisco Technical Support Website by clicking the Tools & Resources link under Documentation & Tools. Choose Cisco Product Identification Tool from the Alphabetical Index drop-down list, or click the Cisco Product Identification Tool link under Alerts & RMAs. The CPI tool offers three search options: by product ID or model name; by tree view; or for certain products, by copying and pasting show command output. Search results show an illustration of your product with the serial number label location highlighted. Locate the serial number label on your product and record the information before placing a service call.


Submitting a Service Request

Using the online TAC Service Request Tool is the fastest way to open S3 and S4 service requests. (S3 and S4 service requests are those in which your network is minimally impaired or for which you require product information.) After you describe your situation, the TAC Service Request Tool provides recommended solutions. If your issue is not resolved using the recommended resources, your service request is assigned to a Cisco TAC engineer. The TAC Service Request Tool is located at this URL:

http://www.cisco.com/techsupport/servicerequest

For S1 or S2 service requests or if you do not have Internet access, contact the Cisco TAC by telephone. (S1 or S2 service requests are those in which your production network is down or severely degraded.) Cisco TAC engineers are assigned immediately to S1 and S2 service requests to help keep your business operations running smoothly.

To open a service request by telephone, use one of the following numbers:

Asia-Pacific: +61 2 8446 7411 (Australia: 1 800 805 227)
EMEA: +32 2 704 55 55
USA: 1 800 553-2447

For a complete list of Cisco TAC contacts, go to this URL:

http://www.cisco.com/techsupport/contacts

Definitions of Service Request Severity

To ensure that all service requests are reported in a standard format, Cisco has established severity definitions.

Severity 1 (S1)—Your network is "down," or there is a critical impact to your business operations. You and Cisco will commit all necessary resources around the clock to resolve the situation.

Severity 2 (S2)—Operation of an existing network is severely degraded, or significant aspects of your business operation are negatively affected by inadequate performance of Cisco products. You and Cisco will commit full-time resources during normal business hours to resolve the situation.

Severity 3 (S3)—Operational performance of your network is impaired, but most business operations remain functional. You and Cisco will commit resources during normal business hours to restore service to satisfactory levels.

Severity 4 (S4)—You require information or assistance with Cisco product capabilities, installation, or configuration. There is little or no effect on your business operations.

Obtaining Additional Publications and Information

Information about Cisco products, technologies, and network solutions is available from various online and printed sources.

Cisco Marketplace provides a variety of Cisco books, reference guides, and logo merchandise. Visit Cisco Marketplace, the company store, at this URL:

http://www.cisco.com/go/marketplace/

The Cisco Product Catalog describes the networking products offered by Cisco Systems, as well as ordering and customer support services. Access the Cisco Product Catalog at this URL:

http://cisco.com/univercd/cc/td/doc/pcat/

Cisco Press publishes a wide range of general networking, training and certification titles. Both new and experienced users will benefit from these publications. For current Cisco Press titles and other information, go to Cisco Press at this URL:

http://www.ciscopress.com

Packet magazine is the Cisco Systems technical user magazine for maximizing Internet and networking investments. Each quarter, Packet delivers coverage of the latest industry trends, technology breakthroughs, and Cisco products and solutions, as well as network deployment and troubleshooting tips, configuration examples, customer case studies, certification and training information, and links to scores of in-depth online resources. You can access Packet magazine at this URL:

http://www.cisco.com/packet

iQ Magazine is the quarterly publication from Cisco Systems designed to help growing companies learn how they can use technology to increase revenue, streamline their business, and expand services. The publication identifies the challenges facing these companies and the technologies to help solve them, using real-world case studies and business strategies to help readers make sound technology investment decisions. You can access iQ Magazine at this URL:

http://www.cisco.com/go/iqmagazine

Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineering professionals involved in designing, developing, and operating public and private internets and intranets. You can access the Internet Protocol Journal at this URL:

http://www.cisco.com/ipj

World-class networking training is available from Cisco. You can view current offerings at this URL:

http://www.cisco.com/en/US/learning/index.html