Guest

Cisco IP Solution Center

Release Notes for Cisco IP Solution Center, 4.1.1

  • Viewing Options

  • PDF (555.1 KB)
  • Feedback
Release Notes for Cisco IP Solution Center, 4.1.1

Table Of Contents

Release Notes for
Cisco IP Solution Center, 4.1.1

Contents

Introduction

System Recommendations

Network Devices and Related Software Supported

Problems Fixed in ISC 4.1.1

New and Changed Information in ISC 4.1.1

Common ISC Infrastructure—Lock Manager Granting Locks on FIFO Basis (CSCsb85363)

Common ISC Infrastructure—Log Viewer (CSCsd90574)

L2VPN—Global Parameter Changing Causes Audit State of Lost (CSCsd82993, CSCsd83039, CSCsd83055, CSCsd84349, and CSCsd84364)

L2VPN—Tunnel Select Pseudo Wire to TE Tunnel

L2VPN and Layer 3 MPLS VPN—Service Inventory Discovery Support Added and Changed

Overview of Multiple Service Discovery Processes

L2VPN Service Discovery

MPLS Service Discovery

NPC Discovery

Initializing a New Discovery Task

Editing Device Configurations

New Discovery DCPL Properties

Existing PE Roles Are Editable, Causing Commit Aborting (CSCsd30074)

L2VPN, Layer 3 MPLS VPN, and TEM—Heap Size Increase for Large Deployments (CSCsd89114)

L2VPN Over MPLS Core—ATM VP Mode Support

L2VPN VPLS—UNI Modification Moves the Service Request to Failed Deploy State (CSCsd85346)

L2VPN and VPLS Policies—Keep Alive Option (CSCef14869)

Layer 2 Access to L3 MPLS VPN—U-PE Attributes Changed to UNI Attributes

Layer 3 MPLS VPN—10 Gigabit Ethernet Interface Support

MDE—IOS 12.2(28) SB Behavior Change

MDE—IOS Versions That Do Not Support MPLS OAM, Behavior Change

MDE—MTU Support Removed

NBI API—NPC Look Up Enhancement

TEM—Multilink Interface Enhancement (CSCsd73082)

TEM—New Configuration Parameter (CSCsd90642)

Installation Notes

Version Supported

Upgrade Paths

Uninstall

Important Notes

Known Problems in ISC 4.1.1

Obtaining Documentation

Cisco.com

Product Documentation DVD

Ordering Documentation

Documentation Feedback

Cisco Product Security Overview

Reporting Security Problems in Cisco Products

Obtaining Technical Assistance

Cisco Technical Support & Documentation Website

Submitting a Service Request

Definitions of Service Request Severity

Obtaining Additional Publications and Information


Release Notes for
Cisco IP Solution Center, 4.1.1


June 27, 2007

All documentation, including this Release Notes for Cisco IP Solution Center, 4.1.1 document and any or all of the parts of the Release 4.1 documentation set, might be upgraded.

Cisco IP Solution Center software is referred to as ISC.

This document gives you an overview of this maintenance release and helps you understand what has changed since ISC 4.1. Please read this document prior to reading any other manual for ISC.

Contents

The information in this document is organized into the following sections:

Contents

Introduction

System Recommendations

Problems Fixed in ISC 4.1.1

New and Changed Information in ISC 4.1.1

Installation Notes

Important Notes

Known Problems in ISC 4.1.1

Obtaining Documentation

Documentation Feedback

Cisco Product Security Overview

Obtaining Technical Assistance

Obtaining Additional Publications and Information

Introduction

Cisco IP Solution Center (ISC) 4.1.1 is a maintenance release for ISC 4.1, which includes the update to Cisco MPLS Diagnostics Expert (MDE) 1.0.2. The system recommendations for ISC 4.1.1 are based on those for ISC 4.1. To see these system recommendations, go to the "System Recommendations" section. URLs for base information about ISC 4.1 and an overview and suggested reading order of these documents is given in Cisco IP Solution Center Getting Started and Documentation Guide, 4.1. (http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/isc/4_1/docguide/index.htm)

Customer-found problems that were found in ISC 4.1 and fixed in this maintenance release are documented in the "Problems Fixed in ISC 4.1.1" section. Some of the problems resulted in product enhancements and behavioral changes. The changes are highlighted in the "New and Changed Information in ISC 4.1.1" section.

For problems that were found and might still exist in ISC 4.1.1, see the "Known Problems in ISC 4.1.1" section.

System Recommendations

The system recommendations and requirements are listed in Chapter 1, "System Recommendations" of Cisco IP Solution Center Installation Guide, 4.1 http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/isc/4_1/install/index.htm.

The recommendation is to thoroughly review this information before even planning your installation, to be sure you have all the hardware and software you must successfully install.

Network devices supported in ISC 4.1.1 are listed with the tested IOS release in the following section, Network Devices and Related Software Supported.

Network Devices and Related Software Supported

Table 1, "Network Devices and Related Software Supported with ISC 4.1.1," in this document replaces Table 1-3 in Cisco IP Solution Center Installation Guide, 4.1. This new table gives all the current information listed alphabetically, beginning with the application name.

Table 1 Network Devices and Related Software Supported with ISC 4.1.1 

Application
P and PE Network Devices, Exceptions Noted
ISC Supported with Specified Software

L2TPv3

Cisco 7200 Series

Cisco IOS 12.2(27) SBB

Cisco 7500 Series

Cisco IOS 12.2(27) SBB

Cisco 12000 (GSR) Series

Cisco IOS 12.0(31) S

L2VPN

Catalyst 2950 Series U-PE

Cisco IOS 12.1(22) EA1

Catalyst 3400 Series PE-AGG and U-PE

Cisco IOS 12.2(25r) EX

Catalyst 3550 Series
PE-AGG and U-PE

Cisco IOS 12.1(22) EA1

Catalyst 3750-ME Series
N-PE, PE-AGG, and U-PE

Cisco IOS 12.2(25) EY

Catalyst 4500 Series
PE-AGG and U-PE

Cisco IOS 12.2(25) EWA

Catalyst 6500 Series
N-PE, PE-AGG, and U-PE

Cisco IOS 12.2(18) SXF

Cisco 7200 Series N-PE

Cisco IOS 12.2(28) SB

Cisco 7600 Series
N-PE, PE-AGG, and U-PE

Cisco IOS 12.2(18) SXF

Cisco 12000 (GSR) Series N-PE

Cisco IOS 12.0(32)S

MPLS

Catalyst 3550 Series Multi-VRF CE

Cisco IOS 12.1(22) EA1a

Catalyst 3750-ME Series
Multi-VRF CE

Cisco IOS 12.2(25) EYa

Cisco 2800 Series

Cisco IOS 12.3(14) T

Cisco 3400 Series U-PE

Cisco IOS 12.2(25r) EX

Cisco 3800 Series

Cisco IOS 12.3(14) T

Cisco 4500 Series U-PE

Cisco IOS 12.2(25) EWA

Cisco 7200 Series

Cisco IOS 12.2(28) SB

Cisco 7400 Series Multi-VRF CE

Cisco IOS 12.2(4) B3

Cisco 7500 Series

Cisco IOS 12.2(28) SB

Cisco 7600 Series

Cisco IOS 12.2(18) SXF

Cisco 10000 (ESR) Series

Cisco IOS 12.2(28) SB

Cisco 12000 (GSR) Series

Cisco IOS 12.0(32) S

Using EIGRP

Cisco IOS 12.0(31) S

MPLS Diagnostics Expert (MDE)

Cisco 7200 Series

Cisco IOS 12.0(30) S1 and 12.2(28) SB

Cisco 7200 Series as PE only

Cisco IOS 12.3(10) e and 12.3(13) b

Cisco 7300 Series

Cisco IOS 12.2(28) SB

Cisco 7300 Series as PE only

Cisco IOS 12.2(20) S9 and 12.2(25) S4

Cisco 7500 Series

Cisco IOS 12.0(30) S1 and 12.2(28) SB

Cisco 7500 Series as PE only

Cisco IOS 12.2(18) S10

Cisco 7600 Series

Cisco IOS 12.2(18) SXE and 12.2(18) SXF

Cisco 10000 Series as PE only

Cisco IOS 12.2(28) SB and 12.3(7) X17a

Cisco 12000 (GSR) Series

Cisco IOS 12.0(30) S1

QoS (Ethernet QoS)

Catalyst 3550 Series

Cisco IOS 12.1(22) EA1a

Catalyst 3750-ME Series

Cisco IOS 12.2(25) EYa

Catalyst 6500 Series and Cisco 7600 Series

Cisco IOS 12.2(18) SXF

QoS (IP QoS)

As a CE on Cisco 800, 1700, 2600, 3600, 3745, and 7200 Series

Cisco IOS 12.3(5)

Cisco 2800 and 3800 Series (PE and CE)

Cisco IOS 12.3(14) T

Cisco 7200 Series

Cisco IOS 12.2(28) SB

Cisco 7500 Series

Cisco IOS 12.2(28) SB

Cisco 7600 Series

Cisco IOS 12.2(18) SXF

Cisco 10000 (ESR) Series

Cisco IOS 12.2(28) SB

Cisco 12000 (GSR) Series

Cisco IOS 12.0(32) S

Cisco RPM-PR

Cisco IOS 12.3(3)

Traffic Engineering Management (TEM)

Cisco 7200 Series in core

Cisco IOS 12.0(32) S

Cisco 7200 Series on edge

Cisco IOS 12.2(28) SB

Cisco 7500 Series in core

Cisco IOS 12.0(27) S4

Cisco 7600 Series in core

Cisco IOS 12.2(18) SXF

Cisco 10000 (ESR) Series in core

Cisco IOS 12.0(30) S3

Cisco 10000 (ESR) Series on edge

Cisco IOS 12.2(28) SB

Cisco 12000 (GSR) Series in core

Cisco IOS 12.0(32) S and Cisco IOS-XR 3.2

Cisco CRS-1 Series

Cisco IOS-XR 3.2


Problems Fixed in ISC 4.1.1

Table 2, "Customer-found Problems Fixed in ISC 4.1.1," describes all the customer-found problems that were fixed in this maintenance release.

Table 2 Customer-found Problems Fixed in ISC 4.1.1 

CDETS Number
Subject

CSCef30132

Role Based Access Control (RBAC): Invalid credentials when logging into ISC.

CSCei17629

Named Physical Circuit (NPC) discovery fails during common discovery.

CSCei31572

ISC provisioning changes Frame Relay encapsulation on main interface.

CSCei94326

Interface with multiple Cisco Discovery Protocol (CDP) neighbors blocks Named Physical Circuit (NPC) discovery.

CSCsb56903

Need to relax duplicate IP address check for Point-to-Point over Asynchronous Transfer Mode/Multi-Link Point-to-Point (PPPoATM/MLPPP) permanent virtual circuit (PVC) only.

CSCsb76853

Show ip bgp neighbors defaults to Internet Protocol version 4 (IPv4) Unicast.

CSCsb82716

NullPointer occurs when adding a LinkTemplate while modifying a Service Request through the Northbound Interface (NBI).

CSCsb87486

ISC Extended Markup Language (XML) Application Programming Interface (API) Role Based Access Control (RBAC) authentication failure.

CSCsb90379

Collect config fails with IMAGE_NAME error.

CSCsc01609

Allow square brackets in the hostname.

CSCsc16784

Logon fails for Inventory Manager and Topology Manager.

CSCsc43296

ISC can reuse an IP subnet from decommissioned Service Requests causing a duplicate subnet.

CSCsc57376

Service Assurance Agent (SA Agent) probes are not generating traps even after enabling the traps.

CSCsc57575

PE-MVRFCE Service Request is causing Border Gateway Protocol (BGP) loops due to the as-override option.

CSCsc61225

MplsSR.OpType does not match GUI OpType. Modify always shows Add.

CSCsc64820

PropertyList filter in enumerate CiscoRouter does not work for configuration.

CSCsc71829

Shutdown command is incorrect in MPLS Service Request with Switched Virtual Interface (SVI) and Shutdown Interface On.

CSCsc72260

Task created with a wrong start time if the scheduled time is 12 o'clock.

CSCsc72837

Common discovery: Editing device type creates an internal error.

CSCsc79157

Added non-Operation, Administration, and Maintenance (non-OAM) warning information to support IOS version 12.0(22) S.

CSCsc79164

Fixed non-Operation, Administration, and Maintenance (non-OAM) traceroute support for IOS versions 12.0(26) S and before.

CSCsc79175

Fixed VPN routing/forwarding instance (VRF) traceroute for IOS versions 12.0(26) S and before.

CSCsc79179

Fixed Cisco express forwarding (CEF) state commands for IOS versions 12.3 and later.

CSCsc79184

Fixed parsing of nonstandard interface statuses.

CSCsd00458

Protocol tunneling recovery interval is not generated for 7600 device and PE-AGG.

CSCsd01377

L2/VPLS: Ethernet Wire Service (EWS) speed nonegotiate command is not generated for 7600 device as U-PE.

CSCsd02790

Device discovery limits to 100 devices, even when more than 200 devices are in the device.xml file.

CSCsd07551

Add Cisco 7300 Series platform support for supported IOS versions.

CSCsd08716

Performance issue with Named Physical Circuit (NPC) discovery.

CSCsd14420

Traceroute output changes when MPLS is disabled on an egress PE (running IOS 12.0 S) and the previous hop is running Exodus R3.

CSCsd17013

Extended Markup Language (XML) integration: Need support to assign two values in a template to the same variable.

CSCsd17049

Traffic Engineering (TE) discovery fails when an IP address is duplicated.

CSCsd18270

MPLS discovery failed.

CSCsd22822

Label Switched Path (LSP) visualization and Maximum Transfer Unit (MTU) check on non-Operation, Administration, and Maintenance (non-OAM) edge causes unrecoverable errors.

CSCsd22963

Unrecoverable error occurs when testing to find access circuit fail scenario on the Cisco 7300 Series.

CSCsd24048

Redundant VPNs are created after discovery.

CSCsd26280

Launching device edit screen for non-admin accounts is too slow.

CSCsd27819

L2VPN Service: Pseudo Wire (PW) tunnel selection error occurs with Oracle database.

CSCsd30613

Failure to diagnose missing Route Target (RT).

CSCsd33924

Cannot negate speed nonegotiate on gigabit Ethernet port.

CSCsd35337

Missing VLAN ID in QoS Service Request window.

CSCsd35483

Filtering Service Request list by customer does not work.

CSCsd35498

PE filter for VPLS does not work.

CSCsd35537

Named Physical Circuit (NPC) filter by source or destination device does not work.

CSCsc49023

Link attribute editor windows for L2VPN and VPLS are not similar.

CSCsd51284

Collect configuration task on IOS-XR nulls out the IP addresses of interfaces.

CSCsd53994

Northbound Interface (NBI) device creation results in a null ID in the User Access Log.

CSCsd59551

ISC does not allow VPNs to be renamed.

CSCsd61492

ISC invokes the audit code for unmanaged CEs during Service Request decommissions.

CSCsd64358

Log4j-1.2.6.jar is missing from the SOAP directory.

CSCsd66661

ISC failed to parse random-detect precedence 6 10 ms 20 ms 1 command.

CSCsd67394

The srdump utility does not work correctly.

CSCsd74633

Unable to select channelized interfaces for Layer 3 VPN service.

CSCsd95857

Provisioning error occurs while adding Border Gateway Protocol (BGP) between unmanaged CE and PE devices.

CScsd98226

Template Manager response for non-admin users is unacceptable.

CSCse01309

Ethernet Relay Service (ERS) for Catalyst 6500 Series U-PE fails deployment due to MAC access-list.

CSCse01320

Discovery failure error 1371: Route Target (RT) value is in invalid format.

CSCse11804

Traffic Engineering Management (TEM) discovery fails because of inability to reconcile router ID.

CSCse13776

Editing MPLS uniport security properties causes the Graphical User Interface (GUI) to freeze.

CSCse15636

Deploying a managed primary tunnel fails when the head router does not support Fast Re-Route (FRR) protection.

CSCse27786

Cisco 7600 Series N-PE: Layer 2 access to MPLS speed and duplex commands are not generated.

CSCse29398

Unauthorized users might obtain web access to some .profile files in ISC.


New and Changed Information in ISC 4.1.1

The following are enhancement and changed behavior topics for this ISC Release 4.1.1 (listed alphabetically):

Common ISC Infrastructure—Lock Manager Granting Locks on FIFO Basis (CSCsb85363)

Common ISC Infrastructure—Log Viewer (CSCsd90574)

L2VPN—Global Parameter Changing Causes Audit State of Lost (CSCsd82993, CSCsd83039, CSCsd83055, CSCsd84349, and CSCsd84364)

L2VPN—Tunnel Select Pseudo Wire to TE Tunnel

L2VPN and Layer 3 MPLS VPN—Service Inventory Discovery Support Added and Changed

L2VPN, Layer 3 MPLS VPN, and TEM—Heap Size Increase for Large Deployments (CSCsd89114)

L2VPN Over MPLS Core—ATM VP Mode Support

L2VPN VPLS—UNI Modification Moves the Service Request to Failed Deploy State (CSCsd85346)

L2VPN and VPLS Policies—Keep Alive Option (CSCef14869)

Layer 2 Access to L3 MPLS VPN—U-PE Attributes Changed to UNI Attributes

Layer 3 MPLS VPN—10 Gigabit Ethernet Interface Support

MDE—IOS 12.2(28) SB Behavior Change

MDE—IOS Versions That Do Not Support MPLS OAM, Behavior Change

MDE—MTU Support Removed

NBI API—NPC Look Up Enhancement

TEM—Multilink Interface Enhancement (CSCsd73082)

TEM—New Configuration Parameter (CSCsd90642)

Common ISC Infrastructure—Lock Manager Granting Locks on FIFO Basis (CSCsb85363)

In previous ISC releases, the Lock Manager, which is common to all ISC components, simply had requesting threads sleep for one second when any of the devices it was attempting to lock were already locked. When multiple threads were waiting on locks, such as device(s) to be locked, the first thread to awaken when the lock was available got the lock, not necessarily the thread that requested it first.

In ISC 4.1.1, each lock request is placed in a queue. (See Appendix C of Cisco IP Solution Center Infrastructure Reference, 4.1 for an explanation of how to navigate to the Dynamic Component Properties Library (DCPL) properties.) A new Queue Manager thread allocates all locks. Periodically (every 100 milliseconds, by default, but modifiable by a new DCPL property: lockmanager > queueServicingInterval), the Queue Manager thread iterates through the queue from the oldest lock request to the newest, and attempts to grant locks. This new design ensures that lock requests are serviced in the order they are received. For cases when all lock requests are only attempting to lock a single device, the locks are granted on a strictly first-in, first-out (FIFO) basis. For cases where requests are attempting to lock multiple devices, system throughput is maximized at the expense of absolute fairness.

An example is when an older lock request is waiting for locks on devices 1, 2, and 3 and device 3 is locked by another job. In this case, if a new lock request to lock the currently unlocked devices 1 and 2 occurs, this request is granted.

Common ISC Infrastructure—Log Viewer (CSCsd90574)

A new DCPL property sets the file limit that can be viewed in the Log Viewer for discovery, host, and task logs. (See Appendix C of Cisco IP Solution Center Infrastructure Reference, 4.1 for an explanation of how to navigate to the DCPL properties. Then navigate to GUI > Common > logFileViewThreshold.) If the file size exceeds the set limit (default: 10MB and maximum value: 50MB), an error message appears, recommending that you view the file manually. The log file can then be viewed offline using other editors.

L2VPN—Global Parameter Changing Causes Audit State of Lost (CSCsd82993, CSCsd83039, CSCsd83055, CSCsd84349, and CSCsd84364)

If you modify a global parameter that can be shared by multiple L2VPN Service Requests, the modification affects all Service Requests that share that specific parameter. Therefore, if you audit one of the previously deployed Service Requests with that global parameter, you receive a Lost state when you look at the audit. We recommend you audit all the Service Requests. To correct this Lost state, modify the Service Requests in which a Lost state occurred in the audit, so the global parameter has the new value. Redeployment is not required.

Examples of global parameters that would act in this way are:

VLAN name for a VPLS service

Maximum Transfer Unit (MTU) size on the uplink/Switched Virtual Interface (SVI)

N-PE description for VPLS service

Errdisable recovery value on switches for L2VPN and VPLS services

Error recovery interval value on switches for L2VPN and VPLS services

L2VPN—Tunnel Select Pseudo Wire to TE Tunnel

In the TEM component, you can now select a specific Traffic Engineering (TE) tunnel you want to use for point-to-point transport on Layer 2 Any Transport over MPLS (AToM). This selection is available in Policy creation and Service Request creation. To do this, use the following steps:


Step 1 For Policy creation, navigate to Service Design > Policies > Create > L2VPN (P2P) Policy > L2VPN on MPLS Core and choose any of the Service Types: L2VPN ERS, L2VPN EWS, Frame Relay, or ATM. You will see a window similar to Figure 1, "Tunnel Selection in a Policy—PW Tunnel Selection Check Box," with the new ability to check a check box PW Tunnel Selection (for selecting the pseudo wire tunnel selection). The editable check box is selected by default, which allows you to edit the tunnel during Service Request creation time.

Figure 1 Tunnel Selection in a Policy—PW Tunnel Selection Check Box

Step 2 After you set up your policy, you use this policy during Service Request creation. Do the following:

a. Navigate to Service Inventory > Inventory and Connection Manager > Service Requests > Create > L2VPN.

b. Select the policy you created in Step 1 and click OK.

c. Select a link and interface, click Add Link, and click OK.

d. Select the other end link(s) and interface(s), click Add Link, and click OK.

e. In Figure 2, "EndToEnd Wire Editor," click Default in each of the Attachment Circuit Attributes columns for each link.

Figure 2 EndToEnd Wire Editor

f. To deploy your Service Request, in addition to the selected PW Tunnel Selection check box, which is already selected because of the setup you did for policy creation in Step 1, you additionally need to add the number of your Interface Tunnel, as shown in Figure 3, "Tunnel Selection in a Service Request." You can specify which tunnel you want for point-to-point transport on Layer 2 AToM. This functionality assumes you have specified a valid tunnel and does no validity checking.

Figure 3 Tunnel Selection in a Service Request


L2VPN and Layer 3 MPLS VPN—Service Inventory Discovery Support Added and Changed

Chapter 4, "Service Inventory—Discovery," in Cisco IP Solution Center Infrastructure Reference, 4.1 explains the functionality when you navigate to Service Inventory > Discovery in ISC 4.1 for L2VPN and Layer 3 MPLS VPN. All figure references starting with 4- are to that ISC 4.1 document.

This section explains the ISC 4.1.1 Service Inventory—Discovery additions and changes relative to ISC 4.1 in the following subsections:

Overview of Multiple Service Discovery Processes

L2VPN Service Discovery

MPLS Service Discovery

NPC Discovery

Initializing a New Discovery Task

Editing Device Configurations

New Discovery DCPL Properties

Existing PE Roles Are Editable, Causing Commit Aborting (CSCsd30074)

Overview of Multiple Service Discovery Processes

In ISC 4.1, only one service discovery process was allowed. (See Chapter 4, "Service Inventory—Discovery" of Cisco IP Solution Center Infrastructure Reference, 4.1.)

In ISC 4.1.1, you can now do multiple service discovery processes and you can restart from any of the previous steps. Support for multiple discovery processes allows you to do incremental discovery of the network. The ability to restart from previous steps helps you roll back the discovery process to a selected previous step. You can then resume discovery from that step instead of needing to restart the entire discovery process from the beginning.

The commit to ISC happens only at the end of the discovery phase, not after each step. See Figure 4, "Multiple Workflows," for an understanding of the new multiple workflows. Figure 5, "Discovery Workflow," shows an update to the discovery workflow from Figure 4-10 in the ISC 4.1 documentation.

In ISC 4.1, Providers, Customers, Sites, and Regions were created automatically, using the inventory file. In ISC 4.1.1, these must be created manually. Additionally, if Resource Pools are required, you must create Access Domains and Resource Pools manually. The user must create all of these objects before running service discovery.

In Figure 5, "Discovery Workflow," the new information is as follows:

Workflow category in the data pane gives the name and information about the current discovery request/workflow.

Click the Restart button and you receive a drop-down list of completed steps. Select a step and you will restart from that step.

In the left column, Current Request gives the discovery request/workflow that is currently running. If there is no currently running discovery request/workflow, an initialization window appears to create a new discovery request/workflow.

In the left column, Previous Requests lists all the discovered requests/workflows. You can look at the status and logs for any of these discovery requests/workflows.


Note There is no synchronization of NPCs or VPNs. Any modification must occur through the ISC user interface.

All existing devices in ISC show as Read Only on the device discovery GUI.


Figure 4 Multiple Workflows

Figure 5 Discovery Workflow

The new Workflow category in the data pane gives the name and information about the current discovery request/workflow.

L2VPN Service Discovery

In ISC 4.1, L2VPN service discovery was possible on either an Ethernet core or an MPLS core, but not a combination of the two.

ISC 4.1.1 supports mixed core service discovery. In a mixed core, the L2VPN services can span across the MPLS core or they can be confined to a local Ethernet domain alone (local switched services). ISC 4.1.1 supports discovering L2VPN services on a mixed core. Additionally, ISC 4.1.1 discovers local switched services that do not traverse N-PE devices. Figure 6, "Mixed Core," shows a mixed core.

Figure 6 Mixed Core

ISC 4.1.1 enhances the ISC 4.1 L2VPN service discovery by allowing multiple or incremental runs of L2VPN service discovery. Any new links configured on the network for existing VPLS services (present in ISC) can be discovered. However, you cannot discover modifications (synchronizations) or deletions of the existing services or links.

A new L2VPN service is discovered when any of the following are found compared to the services existing in ISC:

A new Virtual LAN Identifier (VLAN ID) in an Ethernet core (Ethernet access domain)

A new Virtual Circuit Identifier (VC ID) for virtual private wire service (VPWS) services on an MPLS core

A new VPLS Forwarding Instance Identifier (VFI ID) for virtual private LAN service (VPLS) services on an MPLS core

Any new links that are configured on NPCs marked as Existing Modified or Conflicting are not discovered.


Note There is no synchronization in L2VPN service discovery. Any modification must be done manually through the ISC user interface. Only new VPNs are discovered. Also, services that occur on Existing Modified NPCs and Conflicting NPCs are not discovered.


MPLS Service Discovery

In ISC 4.1.1, in addition to the N-PE to CE and N-PE to No CE support for ISC 4.1, there is also now support for Layer 2 Access over Layer 3 VPN (UNI/U-PE to N-PE Service Requests with UNI configured on the U-PE).

In ISC 4.1.1, incremental discovery occurs for existing VPN links. The existing VPNs are not editable in the discovery GUI and the existing VPN links are bypassed during commit.

For hub-and-spoke and full mesh VPNs, the VPN details window appears as shown in Figure 7, "MPLS VPN Links—Hub-and-Spoke," for ISC 4.1.1.


Note End-to-end connectivity is not shown. All the PE-CE links in a VPN are shown with HubRT and SpokeRT in the Route Target column. The PE device name is also shown in the From CE column.


For ISC 4.1.1, no changes occur for the partial mesh VPN detail window.

Figure 7 MPLS VPN Links—Hub-and-Spoke

When editing a VPN view window, the Edit button is enabled for multiple checks. When multiple checks are selected, however, only the Customer Name field is available, as shown in Figure 8, "Edit VPN."

Figure 8 Edit VPN

To discover large networks with a complex topology, we recommend you reset two DCPL properties, as follows:


Step 1 See Appendix C of Cisco IP Solution Center Infrastructure Reference, 4.1 for an explanation of how to navigate to the Dynamic Component Properties Library (DCPL) properties.

Step 2 Navigate to the property watchdog\server\discovery\heartbeat\timeout and set this property to 180000 milliseconds (3 minutes).

Step 3 Navigate to the property watchdog\server\discovery\java\flags and set this property to -Xmx3072m -XX:PermSize=256m -XX:MaxPermSize=512m

Step 4 Restart the ISC server.


NPC Discovery

In ISC 4.1, Named Physical Circuit (NPC) discovery results were written directly into the ISC database. In ISC 4.1.1, the NPC discovery results are written to the scratch pad and committed at the end of the discovery. The new incremental discovery compares the discovered NPCs with existing NPCs in ISC and determines the state. The states, as shown in Figure 9, "States," are as follows:

New—No corresponding NPC exists in ISC. Only the New NPCs are committed to ISC.

Existing—The discovered NPC is the same as the NPC in ISC.

Existing Modified—The NPC in ISC has the same source and endpoint but one or more of the intermediate links might not be the same.

Conflicting—The discovered NPC conflicts with the NPC in ISC.

Figure 9 States


Note There is no synchronization of NPCs. You must do this manually. Any modification must be done manually through the ISC user interface.


Initializing a New Discovery Task

When you first navigate to Service Inventory > Discovery, the first window that appears has changed from Figure 4-8 and Figure 4-9 in the ISC 4.1 documentation. The ISC 4.1.1 version, as show in Figure 10, "Device Discovery—CDP Fields," Figure 11, "Device Discovery—Device/Topology Fields," and Figure 12, "Device Discovery—Import Configuration File Fields," has the following change of information.

Identification > Name is new. In this optional field, you can enter a unique name of your choice for the Workflow name. If you do not enter a name in this field, the system automatically generates a unique name for you.

In the Device Discovery section, the fields that appear depend on the radio button you choose:

When you choose the CDP (default) radio button, as shown in Figure 10, "Device Discovery—CDP Fields," two additional fields of information were added for ISC 4.1.1 instead of what appears for ISC 4.1 in Figure 4-8. The editable Output Device File field is optional and defaults to an XML file of the discovered devices. This file can then be an input Devices File for rerunning discovery using the Device/Topology option, found later in this window. The editable Output Connection File is optional and defaults to an XML file that contains device connectivity information that is written during CDP Device Discovery. This file can then be an input NPC Topology File for rerunning discovery using the Device/Topology option, found later in this window.

When you choose the Device/Topology radio button, as shown in Figure 11, "Device Discovery—Device/Topology Fields," the Device File and NPC Topology File fields remain the same as for ISC 4.1 in Figure 4-9, with the exception that the NPC Topology File is no longer required.

A new Import Configuration Files radio button, as shown in Figure 12, "Device Discovery—Import Configuration File Fields," has been added for ISC 4.1.1. The required Directory field is the directory on the server that contains configuration files for the devices to be discovered. The format of these files must be <filename>.cfg. The NPC Topology File field contains an XML file that contains device connectivity information that is used to automatically create NPCs.

The Inventory File field no longer appears because during service discovery, Providers, Regions, Customers, and Sites are no longer automatically created. The user must manually create these files before running service discovery. If Resource Pools are required, Access Domains and Resource Pools must also be manually created before running service discovery.

Figure 10 Device Discovery—CDP Fields

Figure 11 Device Discovery—Device/Topology Fields

Figure 12 Device Discovery—Import Configuration File Fields

Editing Device Configurations

When setting Cisco CNS attributes, you have additional information in ISC 4.1.1 than was shown in Figure 4-15 for ISC 4.1. The information for ISC 4.1.1 is shown in Figure 13, "CNS Attributes Window." The two new columns of information are Terminal Server, which specifies the devices that represent the workstations that can be used to provision edge routers, and Port Number, which specifies the port numbers used by the terminal server.

Figure 13 CNS Attributes Window

New Discovery DCPL Properties

New DCPL properties were added to support the service discovery additions and changes. Navigate to the Discovery topic. (See Appendix C of Cisco IP Solution Center Infrastructure Reference, 4.1 for an explanation of how to navigate to the DCPL properties. There you will find the ISC 4.1 default settings and how to change them.)

Existing PE Roles Are Editable, Causing Commit Aborting (CSCsd30074)

When a device in ISC only has a hostname, the ISC device has no IP management address or domain name configured. If in Discovery, a device with the same hostname is discovered with an IP management address or is created manually in the Device Editor, the device might fail to commit to the ISC repository. The failure occurs because a match is determined with the existing ISC device, because both devices do not have a configured domain name.

The workaround is to do either 1. or 2., as follows:

1. Edit the device that exists in ISC and add the management IP address before Discovery. Discovery then treats that device as a duplicate and marks it read-only in the Device Editor.

or

2. During Discovery, in the Device Editor, enter a domain name for the discovered device. Discovery then treats this as a new device.

L2VPN, Layer 3 MPLS VPN, and TEM—Heap Size Increase for Large Deployments (CSCsd89114)

Heap is a block of memory segment for the L2VPN and Metro Ethernet, Layer 3 MPLS VPN, and TEM components. It is allocated for use by the Java virtual machine (JVM) process during runtime. It might need to be increased for large deployments. If the httpd process restarts, increase the heap size, as follows:


Step 1 cd $ISC_HOME/bin

Step 2 vi tomcat.sh

Step 3 Search for a line with -Xmx512m

Step 4 Set the heap size to 1GB or 2GB by replacing -Xmx512m with -Xmx1024m or -Xmx2048m, respectively.

Step 5 Save the tomcat.sh file.

Step 6 Enter stopall to stop the ISC server.

Step 7 Enter startwd to start the ISC server.


L2VPN Over MPLS Core—ATM VP Mode Support

In ISC 4.1.1, Asynchronous Transfer Mode (ATM) virtual path (VP) mode is now supported in addition to the previous ATM virtual circuit (VC) mode support for the L2VPN over MPLS core.

L2VPN VPLS—UNI Modification Moves the Service Request to Failed Deploy State (CSCsd85346)

In some situations for L2VPN VPLS, modifying and deploying a User-Network Interface (UNI) from one port to another results in the Service Request going to the Failed Deploy state.

To correct this situation, do the following:

Decommission the Attachment Circuit/Virtual Private LAN Service Link (AC/VPLSLink) on a particular UNI.

Create and deploy a new AC/VPLSLink on a different UNI.

L2VPN and VPLS Policies—Keep Alive Option (CSCef14869)

Previously, during a Metro Ethernet Service Request deployment, the command no keepalive was automatically provisioned on a UNI of a Metro Ethernet service, to prevent a CPE from sending keep alive packets to the U-PE, for security purposes.

In ISC 4.1.1, an attribute was added in both the L2VPN and VPLS policies. The new Keep Alive option, in the form of a check box, is by default unchecked to indicate the need for issuing a no keepalive command. When you check this check box, you indicate to select Keep Alive as an option. This attribute is editable to support modification on a per Service Request basis.

Layer 2 Access to L3 MPLS VPN—U-PE Attributes Changed to UNI Attributes

In ISC 4.1.1, for Layer 2 access into MPLS Service Requests, the combination of U-PE and PE-AGG attributes are now shown as UNI attributes.

Layer 3 MPLS VPN—10 Gigabit Ethernet Interface Support

In ISC 4.1.1 for Layer 3 MPLS VPN, 10 gigabit Ethernet interface support has been added for MPLS VPNs. This is in addition to the interfaces listed as supported for MPLS VPN in Chapter 3 of Cisco IP Solution Center MPLS VPN User Guide, 4.1
(http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/isc/4_1/mpls/index.htm).

MDE—IOS 12.2(28) SB Behavior Change

For IOS 12.2(28) SB as PE and P roles, the behavior of Cisco MPLS Diagnostics Expert (MDE) has changes relating to the detection of a failure. This is due to the command ip cef being disabled on a P or PE router.

The changes to the behavior of ip cef in IOS version 12.2(28) SB are as follows:

When ip cef is disabled on a P router, IP connectivity is lost in any VPN through the P router.

When ip cef is disabled on a PE router, IP connectivity is lost within a VPN from the PE to its connected CE.

For IOS version 12.2(28) SB with ip cef disabled:

As a P, MDE diagnoses and reports the problem as an IP connectivity issue.

As a PE, MDE diagnoses and reports an undetermined connectivity problem in the circuit between the PE and the CE.

For IOS 12.2(30) S, disabling ip cef does not cause any IP connectivity failure with the VPN. MDE diagnoses and reports that there is a problem with ip cef disabled on either the P or PE.

MDE—IOS Versions That Do Not Support MPLS OAM, Behavior Change

In MDE, a connectivity problem can be isolated to the MPLS core, edge, or Attachment Circuit. For non-MPLS Operation, Administration, and Maintenance (OAM) compliant IOS versions, if the problem is in the edge or Attachment Circuit areas, the problem is fully diagnosed and is MDE 1.0. This is about 70 percent of the problem types (failure scenarios) covered by MDE. If the problem is in the core, the system reports a connectivity failure, but cannot carry out further isolation and diagnosis. The system reports that there is a non-MPLS OAM IOS version present and that no troubleshooting was performed in the core.

In some circumstances where there is a problem in the core but non-MPLS OAM compliant IOS versions are present, MDE reports a mismatch between the forwarding information base (FIB) and label forwarding information base (LFIB) on the edge device. The presence of the message indicating non-MPLS OAM coupled with this failure condition could indicate a problem within the core and not, as reported, on the PE router.

The Label Switched Path (LSP) visualization function relies on MPLS OAM. Therefore, visualization cannot be initiated with a non-MPLS OAM compliant PE as a local endpoint. If the other PE is MPLS OAM compliant, we recommend you swap the local and remote endpoints.

MDE—MTU Support Removed

MDE Maximum Transfer Unit (MTU) Analysis support is no longer available in MDE 1.0.2 and ISC 4.1.1. The functionality has been withdrawn, because it did not satisfactorily solve the problem of identifying problems related to MTU.

NBI API—NPC Look Up Enhancement

A new northbound interface (NBI) application programming interface (API) has been introduced to look up NPCs. When given a U-PE as the starting device and an N-PE as a ending device, the API returns IDs of all the NPCs that match the starting device and ending device. For a ring topology, two NPCs are returned. Either identifier for either of the two NPCs can be chosen.

TEM—Multilink Interface Enhancement (CSCsd73082)

The Traffic Engineering Management (TEM) component now supports the multilink interface.

TEM—New Configuration Parameter (CSCsd90642)

In the TEM component, you can now determine whether the tunnel command mpls ip should be provisioned while provisioning Traffic Engineering primary tunnels. A new DCPL property has been introduced. (See Appendix C of Cisco IP Solution Center Infrastructure Reference, 4.1 for an explanation of how to navigate to the DCPL properties and change the settings.) Navigate to TE > Deployment > tunnelMplsIp. The default setting of true indicates to deploy the mpls ip command when provisioning Traffic Engineering tunnels. The setting of false indicates not to deploy the mpls ip command when provisioning Traffic Engineering primary tunnels.

Installation Notes

This section contains the following information:

Version Supported

Upgrade Paths

Uninstall

Version Supported

ISC 4.1.1 supports upgrading from ISC 3.2.2, 3.2.2.3, 3.2.2.5, 4.0, 4.0.1, or 4.1 after ISC 4.1 is installed.

If you have an existing VPNSC 1.x or 2.x repository, you must migrate it to be able to use it with ISC 4.1. Get the migration package, including the documentation that lists limitations, from isc-mktg@cisco.com.

Upgrade Paths

You must have ISC 4.1 installed before you download the software to upgrade to ISC 4.1.1 on the same server. Support for upgrading from 1SC 3.2.2, 3.2.2.3, 3.2.2.5, 4.0, or 4.0.1 to 4.1 is explained in Cisco IP Solution Center Installation Guide, 4.1.


Note If you are upgrading from an ISC release prior to ISC 4.1 and have an external Oracle database, you must upgrade your database to Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - 64bit Production
with the Partitioning, OLAP, and Data Mining options.


Then follow these steps:


Step 1 Before upgrading to this Maintenance Release, complete the discovery workflow. Otherwise, when you upgrade these previously initiated discovery workflows, the data discovered during that process might be lost.

Step 2 Before proceeding to install the ISC 4.1.1 Maintenance Release, be sure to back up your repository, as explained in Appendix C of Cisco IP Solution Center Installation Guide, 4.1 http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/isc/4_1/install/index.htm


Note If you need to revert to your prior version of ISC, this backed up repository is the one you need to point to after uninstalling ISC 4.1.1. When you uninstall ISC 4.1.1, you do not remove modifications made to the repository in Step 11. Any Service Requests provisioned under ISC 4.1.1 will then need to be reprovisioned.


Step 3 Go to http://www.cisco.com/cgi-bin/tablebuild.pl/isc (where, in tablebuild.pl, the last character is the lower-case letter "l") to retrieve the ISC 4.1.1 Maintenance Release (isc-4.1.1-maint.tar.gz) and the database schema upgrade package (ISC411_UpgradeTool.tar.gz).


Note Patches that use ISC 4.1.1 as the base will also be located at http://www.cisco.com/cgi-bin/tablebuild.pl/isc


Step 4 Prior to installing the ISC 4.1.1 Maintenance Release, verify that you have 100 MB of free space in the $ISC_HOME directory and that you are logged in with the same username as the owner of your supported version of ISC.

Step 5 Navigate to a directory other than $ISC_HOME.

Step 6 Use the following command to untar and unzip the appropriate isc-4.1.1-maint.tar.gz file:

gunzip -c isc-4.1.1-maint.tar.gz | tar xf -

Step 7 If ISC is running, use the following command to stop the database, name server, and WatchDog on the machine on which it is running:

$ stopall

Step 8 If you are running on ISC 3.2.2,3.2.2.3, 3.2.2.5, 4.0, or 4.0.1, install ISC 4.1, as documented in Cisco IP Solution Center Installation Guide, 4.1.


Note Prior to installing ISC 4.1, if you are moving a repository from one machine to another, the schema upgrade fails unless the repository has been initialized on the new machine. This requires that you successfully run initdb.sh on the repository to update the host entry.

Thus, when you are upgrading from an ISC version prior to ISC 4.0.1, you must have a running ISC installation on your new machine that is the same version as that on your old machine so that initdb.sh can be used to initialize your repository with the correct hostname.


Step 9 Use the following command to run the patch installation script:

$ ./iscpatchinstall

a. When you run this script, you will be asked to ensure that you have followed the equivalent of Step 7, and as part of the installation, you will be asked to confirm the equivalent of Step 4.

b. To accept the default value for a prompt indicated in [ ], for example, [n] or [y], press Enter. To terminate the installer at any time, press Ctrl-C. Specifically you will be asked to enter a new path or press Enter for the default [/opt/isc-4.1].

c. At the end of the installation, you will receive a message that the patch installation is complete.

Step 10 Use the following command on the ISC server to untar and unzip the database schema upgrade package:

gunzip -c ISC411_UpgradeTool.tar.gz | tar xf -

The directory ISC411_UpgradeTool is created. Before you proceed, read the README file that is located in this directory.

Step 11 Use the following commands on the ISC server to use the upgrade tool:

cd ISC411_UpgradeTool

./upgradeISCSchema.sh <full path of ISC_HOME>

The log messages are printed on the window and written in the log file contained in the log directory under the directory ISC411_UpgradeTool.

Step 12 If you choose to uninstall this patch after successfully installing, follow the steps in the "Uninstall" section.


Note For all Cisco 7600s, you must do a config collection to synchronize the Service Requests in the repository. This is needed because ISC changed the way it detects Cisco 7600 hardware information.



Uninstall

To uninstall the ISC 4.1.1 Maintenance Release that was successfully installed by following the steps in the "Upgrade Paths" section, follow these steps:


Step 1 Log in with the same username as the owner of ISC.

Step 2 If ISC 4.1.1 is running, use the following command to stop the database, name server, and WatchDog on the machine on which it is running:

$ stopall

Step 3 Navigate to the directory $ISC_HOME/patch/isc4.1.1.0-patch, where the files and executable prior to installing ISC 4.1.1 were stored.

Step 4 Use the following command to run the patch script to uninstall:

$ ./iscpatchrollback

a. When you run this script, you will be asked to ensure that you have followed the equivalent of Step 1 and Step 2.

b. To accept the default value for a prompt indicated in [ ], for example, [n] or [y], press Enter. To terminate the installer at any time, press Ctrl-C.

c. At the end of the uninstall, you will receive a message that the patch rollback is complete.

Step 5 Restore the repository that you backed up in Step 2 of the "Upgrade Paths" section, as explained in Appendix C of Cisco IP Solution Center Installation Guide, 4.1 http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/isc/4_1/install/index.htm


Note When you uninstall ISC 4.1.1, you do not remove modifications made to the repository. Any Service Requests provisioned under ISC 4.1.1 will then need to be reprovisioned.



Important Notes

1. All ISC patches are available at: http://www.cisco.com/cgi-bin/tablebuild.pl/isc

2. The supported Sybase and Oracle databases behave differently. All GUI queries are case-insensitive for Sybase and case-sensitive for Oracle.

3. ISC does not work with pop-up blockers in a web browser. If you have pop-up blockers installed, disable them.

4. When using an external Oracle database, the embedded Sybase database is still automatically launched for SLA support.

5. For all APIs, the Service Request name is unique and therefore, each Create Service Request API call needs to maintain this uniqueness.

Known Problems in ISC 4.1.1

To find known problems in Cisco IP Solution Center, use the following URL:

http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl

You must log into CCO.

You can search for specific bugs or search for a range by product name. This tool enables you to query for keywords, severity, range, or version.

The results display bug ID and title, found-in version, fixed-in version, and status. The bug ID is a hyperlink to detailed information for the bug ID's product, component, severity, first found-in, and release notes.

The results could be displayed in a feature matrix or spreadsheet.

Obtaining Documentation

Cisco documentation and additional literature are available on Cisco.com. Cisco also provides several ways to obtain technical assistance and other technical resources. These sections explain how to obtain technical information from Cisco Systems.

Cisco.com

You can access the most current Cisco documentation at this URL:

http://www.cisco.com/techsupport

You can access the Cisco website at this URL:

http://www.cisco.com

You can access international Cisco websites at this URL:

http://www.cisco.com/public/countries_languages.shtml

Product Documentation DVD

The Product Documentation DVD is a comprehensive library of technical product documentation on a portable medium. The DVD enables you to access multiple versions of installation, configuration, and command guides for Cisco hardware and software products. With the DVD, you have access to the same HTML documentation that is found on the Cisco website without being connected to the Internet. Certain products also have .PDF versions of the documentation available.

The Product Documentation DVD is available as a single unit or as a subscription. Registered Cisco.com users (Cisco direct customers) can order a Product Documentation DVD (product number DOC-DOCDVD= or DOC-DOCDVD=SUB) from Cisco Marketplace at this URL:

http://www.cisco.com/go/marketplace/

Ordering Documentation

Registered Cisco.com users may order Cisco documentation at the Product Documentation Store in the Cisco Marketplace at this URL:

http://www.cisco.com/go/marketplace/

Nonregistered Cisco.com users can order technical documentation from 8:00 a.m. to 5:00 p.m. (0800 to 1700) PDT by calling 1 866 463-3487 in the United States and Canada, or elsewhere by calling 011 408 519-5055. You can also order documentation by e-mail at tech-doc-store-mkpl@external.cisco.com or by fax at 1 408 519-5001 in the United States and Canada, or elsewhere at 011 408 519-5001.

Documentation Feedback

You can rate and provide feedback about Cisco technical documents by completing the online feedback form that appears with the technical documents on Cisco.com.

You can submit comments about Cisco documentation by using the response card (if present) behind the front cover of your document or by writing to the following address:

Cisco Systems
Attn: Customer Document Ordering
170 West Tasman Drive
San Jose, CA 95134-9883

We appreciate your comments.

Cisco Product Security Overview

Cisco provides a free online Security Vulnerability Policy portal at this URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

From this site, you will find information about how to:

Report security vulnerabilities in Cisco products.

Obtain assistance with security incidents that involve Cisco products.

Register to receive security information from Cisco.

A current list of security advisories, security notices, and security responses for Cisco products is available at this URL:

http://www.cisco.com/go/psirt

To see security advisories, security notices, and security responses as they are updated in real time, you can subscribe to the Product Security Incident Response Team Really Simple Syndication (PSIRT RSS) feed. Information about how to subscribe to the PSIRT RSS feed is found at this URL:

http://www.cisco.com/en/US/products/products_psirt_rss_feed.html

Reporting Security Problems in Cisco Products

Cisco is committed to delivering secure products. We test our products internally before we release them, and we strive to correct all vulnerabilities quickly. If you think that you have identified a vulnerability in a Cisco product, contact PSIRT:

For Emergencies only — security-alert@cisco.com

An emergency is either a condition in which a system is under active attack or a condition for which a severe and urgent security vulnerability should be reported. All other conditions are considered nonemergencies.

For Nonemergencies — psirt@cisco.com

In an emergency, you can also reach PSIRT by telephone:

1 877 228-7302

1 408 525-6532


Tip We encourage you to use Pretty Good Privacy (PGP) or a compatible product (for example, GnuPG) to encrypt any sensitive information that you send to Cisco. PSIRT can work with information that has been encrypted with PGP versions 2.x through 9.x.

Never use a revoked or an expired encryption key. The correct public key to use in your correspondence with PSIRT is the one linked in the Contact Summary section of the Security Vulnerability Policy page at this URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

The link on this page has the current PGP key ID in use.

If you do not have or use PGP, contact PSIRT at the aforementioned e-mail addresses or phone numbers before sending any sensitive material to find other means of encrypting the data.


Obtaining Technical Assistance

Cisco Technical Support provides 24-hour-a-day award-winning technical assistance. The Cisco Technical Support & Documentation website on Cisco.com features extensive online support resources. In addition, if you have a valid Cisco service contract, Cisco Technical Assistance Center (TAC) engineers provide telephone support. If you do not have a valid Cisco service contract, contact your reseller.

Cisco Technical Support & Documentation Website

The Cisco Technical Support & Documentation website provides online documents and tools for troubleshooting and resolving technical issues with Cisco products and technologies. The website is available 24 hours a day, at this URL:

http://www.cisco.com/techsupport

Access to all tools on the Cisco Technical Support & Documentation website requires a Cisco.com user ID and password. If you have a valid service contract but do not have a user ID or password, you can register at this URL:

http://tools.cisco.com/RPF/register/register.do


Note Use the Cisco Product Identification (CPI) tool to locate your product serial number before submitting a web or phone request for service. You can access the CPI tool from the Cisco Technical Support & Documentation website by clicking the Tools & Resources link under Documentation & Tools. Choose Cisco Product Identification Tool from the Alphabetical Index drop-down list, or click the Cisco Product Identification Tool link under Alerts & RMAs. The CPI tool offers three search options: by product ID or model name; by tree view; or for certain products, by copying and pasting show command output. Search results show an illustration of your product with the serial number label location highlighted. Locate the serial number label on your product and record the information before placing a service call.


Submitting a Service Request

Using the online TAC Service Request Tool is the fastest way to open S3 and S4 service requests. (S3 and S4 service requests are those in which your network is minimally impaired or for which you require product information.) After you describe your situation, the TAC Service Request Tool provides recommended solutions. If your issue is not resolved using the recommended resources, your service request is assigned to a Cisco engineer. The TAC Service Request Tool is located at this URL:

http://www.cisco.com/techsupport/servicerequest

For S1 or S2 service requests, or if you do not have Internet access, contact the Cisco TAC by telephone. (S1 or S2 service requests are those in which your production network is down or severely degraded.) Cisco engineers are assigned immediately to S1 and S2 service requests to help keep your business operations running smoothly.

To open a service request by telephone, use one of the following numbers:

Asia-Pacific: +61 2 8446 7411 (Australia: 1 800 805 227)
EMEA: +32 2 704 55 55
USA: 1 800 553-2447

For a complete list of Cisco TAC contacts, go to this URL:

http://www.cisco.com/techsupport/contacts

Definitions of Service Request Severity

To ensure that all service requests are reported in a standard format, Cisco has established severity definitions.

Severity 1 (S1)—An existing network is down, or there is a critical impact to your business operations. You and Cisco will commit all necessary resources around the clock to resolve the situation.

Severity 2 (S2)—Operation of an existing network is severely degraded, or significant aspects of your business operations are negatively affected by inadequate performance of Cisco products. You and Cisco will commit full-time resources during normal business hours to resolve the situation.

Severity 3 (S3)—Operational performance of the network is impaired, while most business operations remain functional. You and Cisco will commit resources during normal business hours to restore service to satisfactory levels.

Severity 4 (S4)—You require information or assistance with Cisco product capabilities, installation, or configuration. There is little or no effect on your business operations.

Obtaining Additional Publications and Information

Information about Cisco products, technologies, and network solutions is available from various online and printed sources.

The Cisco Product Quick Reference Guide is a handy, compact reference tool that includes brief product overviews, key features, sample part numbers, and abbreviated technical specifications for many Cisco products that are sold through channel partners. It is updated twice a year and includes the latest Cisco offerings. To order and find out more about the Cisco Product Quick Reference Guide, go to this URL:

http://www.cisco.com/go/guide

Cisco Marketplace provides a variety of Cisco books, reference guides, documentation, and logo merchandise. Visit Cisco Marketplace, the company store, at this URL:

http://www.cisco.com/go/marketplace/

Cisco Press publishes a wide range of general networking, training and certification titles. Both new and experienced users will benefit from these publications. For current Cisco Press titles and other information, go to Cisco Press at this URL:

http://www.ciscopress.com

Packet magazine is the Cisco Systems technical user magazine for maximizing Internet and networking investments. Each quarter, Packet delivers coverage of the latest industry trends, technology breakthroughs, and Cisco products and solutions, as well as network deployment and troubleshooting tips, configuration examples, customer case studies, certification and training information, and links to scores of in-depth online resources. You can access Packet magazine at this URL:

http://www.cisco.com/packet

iQ Magazine is the quarterly publication from Cisco Systems designed to help growing companies learn how they can use technology to increase revenue, streamline their business, and expand services. The publication identifies the challenges facing these companies and the technologies to help solve them, using real-world case studies and business strategies to help readers make sound technology investment decisions. You can access iQ Magazine at this URL:

http://www.cisco.com/go/iqmagazine

or view the digital edition at this URL:

http://ciscoiq.texterity.com/ciscoiq/sample/

Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineering professionals involved in designing, developing, and operating public and private internets and intranets. You can access the Internet Protocol Journal at this URL:

http://www.cisco.com/ipj

Networking products offered by Cisco Systems, as well as customer support services, can be obtained at this URL:

http://www.cisco.com/en/US/products/index.html

Networking Professionals Connection is an interactive website for networking professionals to share questions, suggestions, and information about networking products and technologies with Cisco experts and other networking professionals. Join a discussion at this URL:

http://www.cisco.com/discuss/networking

World-class networking training is available from Cisco. You can view current offerings at this URL:

http://www.cisco.com/en/US/learning/index.html