Cisco 10000 Series Routers

Cisco IOS Release 12.0(17)SL3

  • Viewing Options

  • PDF (290.3 KB)
  • Feedback
Release Notes for the Cisco 10000 Series ESR for Cisco IOS Release 12.0(17)SL3

Table Of Contents

Release Notes for the Cisco 10000 Series ESR
for Cisco IOS Release 12.0(17)SL3


Upgrading to a New Software Release

Upgrading Cisco IOS Software from Earlier Cisco IOS Releases

System Requirements

New Features in Cisco IOS Release 12.0(17)SL

Cisco 10000 Series ESR Software Features

Limitations and Restrictions

Automatic Protection Switching Support

Testing Performance of High-Speed Interfaces

Important Notes

Inserting a New Line Card

Frame Relay and PPP Sessions

Cisco Discovery Protocol

Resolved Problems in Cisco IOS Release 12.0(17)SL3

Resolved Problems in Cisco IOS Release 12.0(17)SL2

Resolved Problems in Cisco IOS Release 12.0(17)SL1

Caveats in Cisco IOS Release 12.0(17)SL

Resolved Problems in Cisco IOS Release 12.0(17)SL

Other Resolved Caveats

Obtaining Documentation

World Wide Web

Documentation CD-ROM

Ordering Documentation

Documentation Feedback

Obtaining Technical Assistance

Technical Assistance Center

Contacting TAC by Using the Cisco TAC Website

Contacting TAC by Telephone

Release Notes for the Cisco 10000 Series ESR
for Cisco IOS Release 12.0(17)SL3

October 22, 2001

These release notes provide information about Cisco IOS Release 12.0(17)SL3 running on the Cisco 10000 series edge services router (ESR). They are identical to the release notes for Cisco IOS Release 12.0(17)SL2, but were updated to include fixes for caveats discovered and resolved since Cisco IOS Release 12.0(17)SL2 (see the "Resolved Problems in Cisco IOS Release 12.0(17)SL3" section).

These release notes are updated as needed to describe new features, memory requirements, hardware support, software platform deferrals, and changes to the microcode and related documents.

Cisco IOS Release 12.0(17)SL3 is based on these previous releases:

Cisco IOS Release 12.0(17)SL2

Cisco IOS Release 12.0(17)SL

Cisco 12.0ST features synchronized with Cisco IOS Release 12.0S

For a list of the software caveats that apply to Cisco IOS Release 12.0(17)SL, see the "Caveats in Cisco IOS Release 12.0(17)SL" section and the Release Notes for Cisco IOS Release 12.0(S).

To review the release notes for Cisco IOS Release 12.0S, go to and click Technical Documents > Cisco Product Documentation > Cisco IOS Software Configuration > Cisco IOS Release 12.0 > Release Notes > Cisco 12000 Series Router > Cisco 7000 Family and 12000 Series - Release Notes for Release 12.0(S).

Use these release notes in conjunction with the cross-platform Release Notes for Cisco IOS Release 12.0.


This document contains the following sections:

Upgrading to a New Software Release

System Requirements

New Features in Cisco IOS Release 12.0(17)SL

Cisco 10000 Series ESR Software Features

Limitations and Restrictions

Important Notes

Resolved Problems in Cisco IOS Release 12.0(17)SL3

Resolved Problems in Cisco IOS Release 12.0(17)SL2

Resolved Problems in Cisco IOS Release 12.0(17)SL1

Caveats in Cisco IOS Release 12.0(17)SL

Resolved Problems in Cisco IOS Release 12.0(17)SL

Obtaining Documentation

Obtaining Technical Assistance

Upgrading to a New Software Release

For specific information about upgrading your Cisco 10000 series ESR to a new software release, see the Cisco 10000 Series ESR Software Configuration Guide.

For general information about upgrading to a new software release, see the product bulletin Cisco IOS Upgrade Ordering Instructions located at:

For additional information about ordering Cisco IOS software, refer to the Cisco IOS Software Releases URL:

Upgrading Cisco IOS Software from Earlier Cisco IOS Releases

Caution If you are upgrading your Cisco 10000 series ESR from Cisco IOS Release 12.(14)SL or from earlier 12.0(x)SL-based releases, read this section.

Before you upgrade to Cisco IOS Release 12.0(17)SL3, save your current configuration file. If you decide to re-install Release 12.0(14)SL, or an earlier release, you must also re-install the configuration file associated with that release. This is because some BGP configuration-file entries in Release 12.0(17)SL3 are not compatible with Release 12.0(14)SL or earlier releases.

System Requirements

We recommend that you use 512 MB of memory on the Performance Routing Engine (PRE). New PREs are shipped with 512 MB of memory. In a redundant setup, both PREs should have the same amount of memory.

New Features in Cisco IOS Release 12.0(17)SL

The following new features and improvements are supported in Cisco IOS Release 12.0(17)SL:

Multiple Quality-of-Service (QoS) matches per phase—QoS matching logic was optimized to handle multiple non-ACL matches, with up to four matches in a single pass when the matches are in separate class maps.

QoS classification for voice trafficSupport was added for Real Time Protocol (RTP) to provide high priority classification for voice traffic.

QoS Priority Queueing (PQ)—Ensures minimum latency for delay-sensitive traffic.

QoS Class-Based Weighted Fair Queueing (CBWFQ)—Allows you to configure a portion of interface bandwidth for several different classes of traffic.

Frame Relay Traffic Shaping (FRTS)—A method of limiting excess traffic on a Frame Relay interface at the PVC level.

Generic Traffic Shaping—A method of limiting excess traffic at the interface level.

802.1q PXF switching for ARPA encapsulation—Supports the ability to link individual VLANs to MPLS VPNs.

Per-Packet Load Balancing (PPLB)—Ensures load balancing over multiple links by allowing the router to send successive data packets over paths, without regard to individual hosts or user sessions. PPLB uses a round-robin method to determine which path each packet takes to arrive at the destination.

ATM PVCs—The Cisco 10000 series ESR now supports 4000 ATM PVCs.

Cisco 10000 Series ESR Software Features

Table 1 lists the features supported in the Cisco 10000 Series ESR.

Table 1 Principal Software Features 


Cisco Discovery Protocol (CDP)

Simple Network Management Protocol (SNMP)


SONET 1+1 Automatic Protection Switching (APS)

Route Processing Redundancy Plus (RPR+)



High-Level Data Link Control (HDLC)

Frame Relay

Point-to-Point (PPP)

Multilink Point-to-Point (MLP)

Multiprotocol Label Switching

Multiprotocol Label Switching Virtual Private Network (MPLS/VPN) edge services

802.1q PXF switching for ARPA encapsulation

Multicast Features

Multicast Static Routes

Multicast Routing Monitor (MRM)

Multicast Services

Internet Group Management Protocol (IGMP)

Protocol-Independent Multicast (PIM)

Distance Vector Multicast Routing Protocol (DVMRP)

Cisco Group Management Protocol (CGMP)

Unidirectional Link Routing (UDLR)

Session Directory Protocol (SDP)

Multicast Source Discovery Protocol (MSDP)

Border Gateway Protocol (BGP)

Quality of Service

Committed Access Rate (CAR)

Class-Based Weighted Random Early Detection (CBWRED)

QoS Policy Propagation on BGP (QPPB)

Priority Queueing (PQ)

Class-Based Weighted Fair Queueing (CBWFQ)

Frame Relay Traffic Shaping (FRTS)

Generic Traffic Shaping (GTS)

Routing Protocols

Border Gateway Protocol (BGP)

Intermediate System-to-Intermediate System (IS-IS)

Open Shortest Path First (OSPF)

Interior Gateway Routing Protocol (IGRP)

Enhanced Interior Gateway Routing Protocol (EIGRP)

Routing Information Protocol (RIP)

Security Features

Standard and extended access lists

Authentication, Authorization, and Accounting (AAA)

Kerberos authentication and client support on Telnet

Radius authentication

Terminal Access Controller Access Control System Plus (TACACS+)

Limitations and Restrictions

This section describes any limitations and restrictions that you should review before you use the Cisco 10000 series ESR.

Automatic Protection Switching Support

Automatic protection switching (APS) is supported on the OC-12 Packet Over SONET (POS) and Channelized OC-12 (ChOC-12) line cards with this release. However, certain limitations apply if the PRE installed in your system is the ESR-PRE. These limitations do not apply to the ESR-PRE1. You can verify which PRE is installed in the ESR by using the show version command.

For APS to work properly with the ESR-PRE, you must ensure that the OC-12 POS or ChOC-12 line card is installed in the lower-numbered (odd) slot.

The system receives clocking information from the line card in the odd slot. If you remove the odd-numbered card (or if the clocking mechanism on that card fails), the clocking is lost and the data path is shut down (Caveat CSCdr81416).

As a workaround, we recommend the following:

1. For the card pair, fully configure the lower-numbered card, and leave the higher-numbered card set to its default configuration.

2. Before you remove a card from the odd slot, run the no associate command and shut down the card. The following is an example of disabling APS for cards in slots 3 and 4:

Router(config)# redundancy
Router(config-r)# no associate 3 4
Router(config-r-a-sl)# exit
Router(config)# interface pos 3/0/0
Router(config-if)# shutdown

You can now remove the card in slot 3.

3. Move the card located in the even slot to the odd slot and enter the no shutdown command. Traffic flow resumes. Insert a new card into the even slot and reconfigure the pair for redundancy.

Testing Performance of High-Speed Interfaces

Cisco IOS Release 12.0(17)SL is enhanced with multiple queues for all classes of traffic over high-speed interfaces. The software selects a queue based on the source and destination address for the packet. This ensures that a traffic flow always uses the same queue and the packets are transmitted in order.

When the Cisco 10000 series ESR is installed in a real network, the high-speed interfaces work efficiently to spread traffic flows equally over the queues. However, using single traffic streams in a laboratory environment may result in less-than-expected performance.

Therefore, to ensure accurate test results, you should test the throughput of the gigabit Ethernet, POS, or ATM uplink with multiple source or destination addresses.

Tip To determine if traffic is being properly distributed, use the show hardware pxf cpu queue command.

Important Notes

This section contains issues that you should be aware of with Cisco IOS Release 12.0(17)SL.

Inserting a New Line Card

If you insert a new line card into the Cisco 10000 series ESR chassis, the line card initially reports that the line is up.

Frame Relay and PPP Sessions

You can run up to 4200 Frame Relay sessions or 1300 PPP sessions, and you can configure up to 800 BGP peers on the Cisco 10000 series ESR. The router also supports up to 512 Multilink Point-to-Point (MLP) protocol sessions.

Note Each T1 interface in an MLP bundle represents a single PPP session. Thus, if you configure 130 MLP bundles of 10 T1 interfaces, each results in 1300 PPP sessions (which is the maximum number of PPP sessions that are supported on the Cisco 10000 series ESR).

Cisco Discovery Protocol

Starting with Cisco IOS Release 12.0(15)SL, the Cisco Discovery Protocol (CDP) is disabled by default. You can enable CDP on an interface using the cdp enable command.

Resolved Problems in Cisco IOS Release 12.0(17)SL3

This section lists problems that were found and resolved in Cisco IOS Release 12.0(17)SL3.


You cannot ping the Cisco 10000 ESR over the PPLB group.


When a recursive route is added and all of its output interfaces are configured as per-packet load sharing, packets switched to this new route are per-destination load-shared.


If multiple prefixes are configured through PPLB enabled interfaces, and all the output interfaces of the router are configured for per-packet load sharing, and you add a recursive route, the packets switched through this new route are per-destination load-shared.


When large FDL packets of invalid lengths are received by the channelized ChOC-12 line card, the contents of the packet are printed on the line card console. In the case of a large FDL packet, excessive printing on the line card console causes the line card to reset.

Resolved Problems in Cisco IOS Release 12.0(17)SL2

This section lists problems that were found and resolved in Cisco IOS Release 12.0(17)SL2.


If you preconfigure a line card using the card command, PRE performance is no longer affected.


When you use the Web interface, the access level issue that used to occur is fixed.


If you enter the wr mem command, the router no longer fails.


A PFX stall error with 126 multilink PPPs in a QoS configuration no longer occurs.


Priority queues no longer experience tail drops when the line card is under heavy load.


Duplicate caveat which was resolved (see CSCdu73749).


When you unconfigure and configure the router using the copy tftp run command, this no longer causes the router to stop responding.


A large increase in latency for multilink PPP bundles combined with an increase in the number of packet tail drops no longer causes a dramatic decrease in performance.


Duplicate caveat which was resolved (see CSCdv12192).


The PXF stall error no longer occurs in column 6 during low traffic.


There is no longer a slow buffer leak when you run multicast input on MLP.


There is no longer a buffer leak in multilink PPP column 7.

Resolved Problems in Cisco IOS Release 12.0(17)SL1

This section lists problems that are resolved in Cisco IOS Release 12.0(17)SL1.


If you enter the dir disk0/1 command at the rommon prompt, a TLB (Store) Exception error message no longer appears.


If the router receives an IP packet with Ethernet padding over the MLP bundle, it now properly passes the packet to the line card.


When the router was configured with large numbers of routes, clearing the entire routing table caused high CPU use. In rare cases, the line cards or Cisco IOS software rebooted. This problem no longer occurs.

Caveats in Cisco IOS Release 12.0(17)SL

Table 2 describes the caveats for the Cisco 10000 series ESR running Cisco IOS Release 12.0(17)SL.

Table 2 Cisco IOS Release 12.0(17)SL Caveats 



If you configure a DS3 BERT pattern 2^20-O153 on any unchannelized DS3 (by using the bert pattern 2^20-O153 interval 1-14400 command), and you then connect the line card to T-Bird 310 test set, the pattern does not synchronize with T-Bird 310.

Workaround: Use a different BERT pattern.


The router sends out DHCP INFORM and DISCOVER messages containing an incorrect Ethernet address.

Workaround: No workaround is necessary. This caveat is harmless because these DHCP messages are not used to acquire IP addresses. They are used to gather environmental data such as the domain name server address.


When you use the Frame Relay autosense feature, the Cisco 10000 Series ESR sends all three LMI status message types immediately after the interface starts responding. However, sometimes the switch at the other end is not ready to receive messages and as a result, misses one or two messages that were sent. LMI autosense waits until the next scheduled interval (default is 1 minute) to send the messages again.

This problem primarily affects clear channel CT3 interfaces.

Workaround: There is currently no workaround.


If you configure an STS-1 on a ChOC-12 line card as unchannelized and then configure the remote side to send idle-character marks (namely, 0xFF), the T3 line stops responding and transmits a Remote Alarm Indication (RAI).

Workaround: When you use unchannelized T3 mode, configure the remote side to send idle-character flags (0x7E). To set this value, use the interface configuration mode idle-character command.


When you send large numbers of packets from the Gigabit Ethernet line card to the PRE in the Cisco 10000 Series ESR, you may lose a small number of packets. This only occurs for some packet sizes at very high bandwidths, with loss rates of a few parts per million.

Workaround: There is currently no workaround.


If large MLP configurations are in use, and you attempt to copy the configuration from a TFTP server directly into the running config, the copy may fail. Failures may include interfaces not appearing, or IPCP or LCP states not opening correctly.

Workaround: These failures are far less likely to occur if the configuration is copied to bootflash, and then from bootflash to the running config. Copy the configuration file to the startup config and then reload the router.


Limited support exists for APS. For detailed information, refer to the "Automatic Protection Switching Support" section.


On rare occasions, the system cannot retrieve remote performance data if you are using a ChOC-12 line card that has its T1s configured with ANSI FDL enabled.

Workaround: There is currently no workaround.


WRED does not drop outbound packets correctly on the Channelized T3 line card (CT3) in the default WRED configuration.

Workaround: Change the WRED policy to a non-default value.


The Flash disk can fall into the chassis when you insert the disk into the empty space to the right of the slot B in the PRE flash assembly.

Workaround: Pay extra attention when inserting a flash disk into the PRE flash assembly. Do not insert the disk in the empty space to the right of the slot B—if you insert a card in that space, it will fall into the chassis.


Some MPLS packets are CEF switched when they should be label switched. This condition occurs if the Cisco 10000 ESR has two interfaces configured for label switching.

Workaround: Configure only one interface for label switching.


The default logging parameter (logging rate-limit console all 10 except critical) sets console logging to disabled.

Workaround: Enter the logging console critical command to view the most important events such as card up/down and toaster failure events.


Mass configuration (which occurs during boot/reload and can occur during link state changes) takes a long period of time (for example, more than 40 minutes for 2000 VCs associated with a main interface) with large numbers of PVCs (100s to 1000s). This problem occurs when you attempt to configure large numbers of PVCs on the main interface (or multipoint subinterfaces) with static maps on each PVC.

Workaround: Do not configure more than 500 PVCs on a single OC-12 ATM line card or more than 900 PVCs on a Cisco 10000 Series ESR.


After you enter the show controller command, occasionally an alarm LED appears as active even though no alarms are indicated

Workaround: Perform a shut/no shut configuration on the SONET controller. For example:

conf t
controller sonet 7/0/0
no shut


If you reload a Cisco 10000, some initialization messages are logged to the console before the startup-config is loaded. These initialization messages are transitional and may report an incorrect state, especially for the FastEthernet interface.

00:00:15: Downloading Microcode: file=system:pxf/ucode_file, 
version=2.0(21.4), description=Nightly Build Software created Wed 
13-Sep-00 00:38
00:00:21: %LINK-3-UPDOWN: Interface Ethernet0/0/0, changed state to up
00:00:21: %LINK-5-CHANGED: Interface FastEthernet0/0/0, changed state to 
00:00:23: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0/0, 
changed state to up
 0:00:23: %LINEPROTO-5-UPDOWN: Line protocol on Interface 
FastEthernet0/0/0, changed state to down

These messages do not appear in the buffered log.

Workaround: Ignore these messages.


The show atm pvc command displays "Unexpected QoS type" for its traffic parameters. This occurs when a PVC was previously configured with only an ATM vc-class, and then the vc-class was subsequently deleted.

For example:

 sw-apollo-3(config)#vc-class atm test
 sw-apollo-3(config-vc-class)#vbr-nrt 1000 1000 10
 sw-apollo-3(config)#int atm 3/0/0
 sw-apollo-3(config-if)#pvc 200
 sw-apollo-3(config-if-atm-vc)#class-vc test
 sw-apollo-3#sh atm vc
                VCD /                                     Peak Avg/Min 
Interface     Name   VPI   VCI  Type   Encaps     Kbps   Kbps  Cells Sts
 3/0/0         1       0   200   PVC    SNAP       1000   1000   10   UP
 Now delete the vc-class :
 sw-apollo-3#conf t
 sw-apollo-3(config)#no vc-class atm test
 sw-apollo-3#sh atm vc
                VCD /                                     Peak Avg/Min 
Interface     Name   VPI   VCI  Type   Encaps     Kbps   Kbps  Cells Sts
3/0/0          1      0    200   PVC    SNAP    %Unexpected qos type UP

Workaround: Configure the vc directly using conventional means (non ATM vc-classes), or remove the vc and re-create it with a new ATM vc-class.


The show interface output occasionally displays an extremely large number of configured VCs which do not really exist.

Workaround: There is currently no workaround.


When a segment on a MPLS traffic engineered path is disabled, the PXF engine reloads, temporarily causing all forwarding to stop.

Workaround: There is currently no workaround.


With multiple PVP tunnels, if the aggregate traffic received by one or more of the PVPs is heavily oversubscribed (starting at about 110% of the tunnel's PCR rate), the traffic on companion PVP tunnels on that interface may experience throughput that is lower than expected.

Workaround: There is currently no workaround.


When you boot the Cisco 10000, the system may display the following messages:

*Oct 17 12:32:48.287: %SNMP-3-TRAPBLOCK: Attempt to generate SNMP trap 
from a process with blocking disabled
 -Traceback= 60565064 606A6B34 60678238 60678438 6067AD88 6067AF30 
602FCBDC 6024817C 60248168

Workaround: Ignore the messages.


If incoming multicast packets match an input access list that has the log option enabled, the output of the show log command and show access-list commands display double the number of matches.

Workaround: There is currently no workaround.


Line Protocol on one or two T1s may not come up when you perform a reload with a large configuration (for example, 1008 T1s with PPP encap or 504 MLPPPs).

Workaround: Reload the line card using the command hw slot slot_number reset.


When a redundant power supply is removed or a line card is OIRed, SNMP traps are generated by the syslog mib. There is a request to generate these traps using the env, mon, and entity MIBs respectively.

Workaround: Filter the SNMP traps using the syslog MIB.


When a serial interface is configured to be part of a MPLS/VPN, if you enter the no channelized command on the T3 controller, this clears the interface. However, the sh ip vrf vrf_name continues to show the interface as part of the vrf.

Workaround: The only way to eliminate unwanted interfaces in the vrf table is to reload the box.


In the unlikely event of a total failure of the cooling fan tray, or any other scenario resulting in high-temperature operation, the Cisco 10000 continues running, and does not power off.

Workaround: If you observe fan failure or over-temperature alarms or log messages, immediately power off the chassis until the problem is corrected.


Ping traffic does not resume after you switch from an explicit path to a dynamic path.

Workaround: There is currently no workaround.


When MPLS TE is configured and the logging console is turned on, the following error message appears repeatedly in the window:

"00:58:10: %TFIB-7-SCANSABORTED:  TFIB scan not completing. MAC string 

Workaround: Leave the logging console turned off.


ISIS adjacencies become recalculated with 65 to 85 MB of TCP traffic to the router.

Workaround: Because this problem is caused by hackers, we recommend that you use access lists to block out hackers. Access lists prevent packets from punting to the RP and taking down the router.


A Cisco 10000 ESR router running Cisco IOS Release 12.0(10)SL may experience a buffer leak when interfaces are down (but not administratively down).

Workaround: Administratively shut down the interfaces.


If you request deletion of a file from flash storage, the flash file delete function may choose an incorrect default device. The incorrect default used is slot0:.

Workaround: When you specify the filename, prefix the filename with disk0:.


During the reloading process, the match input-interface Serial3/0/0/1:0 configuration statement is not recognized and disappears from the configuration files after the Cisco 10000 ESR is reloaded.

Workaround: Reenter the match input-interface Serial3/0/0/1:0 command.


PVCs in the down state can still pass traffic. When a PVP is created with associated F4 OAM VCs, and those F4 OAM VCs do not appear (for instance, because there is no VP at the far end or the VP at the far end did not create F4 OAM VCs), traffic can still be passed on the PVCs associated with the PVP in question. When the F4 OAM loopback cells are not returned, Cisco IOS software declares all PVP associated PVCs to be down. IOS does not, however, notify the forwarding engine or the line card. This allows traffic routed over the PVCs in question to pass.

Workaround: There is currently no workaround.


When the ACL is downloaded from the tftp server, the CPU advances to 100% utilization and several line cards lost IPC with the PRE and are reset.

Workaround: Do not configure all 8000 lines of ACL. Split the ACL into several smaller ACLs and download them separately.


In a chassis using TACACS security and running redundant PREs, you can access the console while the secondary PRE is cutting over to primary PRE. If no action is taken on the console for the length of the session timeout period, TACACS engages on the console. If the user does access the console during the cutover, the user enters exec mode (not enable mode).

Workaround: To help control security, set a short session timeout on the console port, and keep tight control of the enable password.


MALLOCFAIL with multicast traffic if a high rate of multicast traffic is sent out before multicast routing entries are updated.

Workaround: None. After the routing entries are updated, this problem disappears.


TFIB table failure.

Workaround: Currently none, but if you wait long enough the table updates.


Sometimes a traceback message is generated during an RPR+ switch over to the new primary PRE. A message similar to the following appears:

00:03:07: %IPC-5-INVALID: Sequence Structure port index=0x3
-Traceback= 60321EC0 60322868 60806A54 603348C8 60359924 60025B94 
602828CC 602828B8

Workaround: This message is harmless. Ignore the message.


On rare occasions, if a large number of ds0 interfaces are configured on a CT3 line card, spurious memory error messages may appear.

Workaround: There is currently no workaround.


On rare occasions in which relatively high rates of bursty traffic are received on the OC-12 ATM line card, some packets may be dropped but not counted by the software.

Workaround: There is currently no workaround.


If you use snmpwalk or other similar tool to display the value of the different objects associated with a Cisco 10000, you can see that when an unchannelized DS3 controller has been created in a ChOC-12 line card, the configuration values of the DS3 MIB are not correct. If subsequent configuration commands are issued, the values displayed are correct. This problem probably exists in a channelized STM-1 line card as well, when in unchannelized DS3 mode.

Workaround: Rely on the outcome of the show controller t3 and show interface serial commands.


Verilink-hibit mode does not work on the Cisco 10000 with ChOC-12 line cards whose paths are configured in unchannelized DS3 mode. When the Verilink-hibit mode is chosen by the network administrator, Verilink-lowbit mode is programmed in the hardware instead.

Workaround: There is currently no workaround. You must use Verilink-lowbit mode.


The message Bad file magic number - cannot load bootflash appears.

Workaround: Perform the following:

a. copy bootflash:<file> to disk0:<file>

b. delete bootflash:<file> and squeeze bootflash:

c. copy disk0:<file> bootflash:<file>


At the end of the line in the show run command output, is appended randomly.

Workaround: Make sure that is not in the running-config when saving it and then reusing it.


ChOC-12 DS3 subrate does not work in Kentrox mode at full bandwidth.

Workaround: Set the ChOC-12 interface to Digital Link mode and full bandwidth (no dsu bandwidth). This works the same as the Kentrox CSU/DSU when set to full bandwidth, and will work with scrambling enabled or disabled (set the same value at both ends).


With 500 Frame Relay interfaces on CT3 running IP Multicast, multicast packets get punted to the RP causing IPC OIR on the CT3. This causes the line protocol on the router connected to the Cisco 10000 to go down (and remain down) on some interfaces. The interface stats show no traffic over the affected interface. On the Cisco 10000 the Frame Relay PVC corresponding to it shows as Deleted.

Workaround: Perform a shut/no shut on the affected interface, or a hw-module slot reset on the line card to bring the line protocol back up.


In some cases, ATM counters display incorrect packet input values after receiving packets from several locations (for example, the line card, IOS, and the PXF forwarding engine).

Workaround: There is currently no workaround.


If you reload microcode, and you have changed IP addresses on interfaces just before you reload, traffic may be forwarded to an incorrect interface.

Workaround: Use the shutdown command to shutdown the interface experiencing the problem, and then reactivate it by using the no shutdown command.


When the Cisco 10000 series ESR is configured for 802.1q VLANs, the output of the show vlans command reports values that are higher than they should be, for the following parameters:

gigabit Ethernet received packets

gigabit Ethernet received bytes

VLAN received packets

Workaround: There is currently no workaround.


If you perform a reload, the values for the transmitted and received output of the show vlans command indicates, incorrectly, that those values incremented.

Workaround: There is currently no workaround.


When the destination IP address of an incoming 802.1q packet matches one of the IP addresses of the router, the output of the show vlans command for 802.1q packets increments two times. Ping request packets, however, are always counted correctly regardless of destination.

Workaround: There is currently no workaround.


If you configure fair queueing on a frame relay interface with a large number of PVCs, and the traffic exceeds the link rate, several PVCs may experience a greater number of drops than other PVCs on that interface.

Workaround: There is currently no workaround.


When the interface on the remote end is set to be administratively down, and you are attempting to bring up the PPP protocol, the status of the interface alternate between down and up until the PPP protocol is up.

Workaround: There is currently no workaround.


If you configure 998 VPNs over VLAN, and you configure over 146 BGP routes per VPN, the BGP neighbor may start flapping.

Workaround: There is no workaround, but the problem is less likely to occur if you configure fewer than 146 BGP routes per VPN.


If you configure more than 100 BGP routes per VPN, and there are more than 200 VPNs configured on the system, CEF may not function properly after redistributing.

Workaround: Reduce the number of BGP routes per VPN to 100 or less.


If you enable multicast replication with an MLP bundle as the source, and the MLP broadcaster may exhibit behavior that is not compliant with MLP standards, then replication may not occur for all interfaces.

Workaround: If replication does not occur on all interfaces, reload the microcode.

Resolved Problems in Cisco IOS Release 12.0(17)SL

This section lists problems that are resolved in Cisco IOS Release 12.0(17)SL. For a list of problems that were resolved in previous Cisco IOS Releases, refer to the release notes for those particular versions.


When you enter the hw-module slot_number reset command, the event sequence appears in a different order than that shown by the reload command if the logging console is configured to informational.

CSCdr52081 and CSCdj94209

The PRE may crash if you repeatedly change a port back and forth from channelized to unchannelized.

Repeated conversions of a T3 port from channelized mode to unchannelized mode and back, with intervening assignments of IP addresses to the interfaces and ping testing, may cause the PRE crash.


Large multicast groups may cause CPU hog issues with PIM.


When older CT3 line cards are powered on with live DS3 signals present at the receive BNC connector, the receive line interface device on the board may lock up, preventing the controller from running.


If the interface between a PE (PE1) and CE router goes down, MPLS labels disappear at the far end provider edge peer (PE2) MPLS interface.


If you enter the clear ip mroute command on a system with large multicast groups, CPU hog issues may arise that cause problems of moderate severity (such as losing keepalives).


If you perform an SNMP walk or view entries in the if table, cef-layer internal interfaces appear in the interface table.


Kentrox DS3 subrate mode does not work when you set it to full bandwidth (45.2 Mbps on Kentrox CSU, 44210 kbps on a Cisco 10000 Series ESR).

Workaround: Set the subrate mode on the ChOC-12 board to Digital Link mode, bandwidth = 44210. This fix works with and without scrambling.


If you issue the dir or show slot0: or show slot1: command, the router reports Open device slot0 failed (Device not ready).


If large OIDs (1024.1 fields) are sent to the router, the Cisco 10000 stops responding.


If you delete a T1/E1, IP routes associated with subinterfaces are not removed.


On a Cisco 10000 system with channelized OC-12 line cards, the output of the show controllers command is incomplete and incorrect.


When a large number of VBR-nrt VCs are configured (200 and above) and the link transitions DOWN the host software running on the OC-12 ATM line card may take a SW Watchdog timeout, forcing the line card firmware to reload.


If you perform OIR on a line card configured for 768 PPP sessions with traffic running on all interfaces, some interfaces fail to come up. The show interface command displays the IPCP state as "Listen".


On rare occasions, line cards may not be recognized when you perform an OIR of multiple cards on a new system, or in a system in which the configuration was erased (for example, using write erase).


If an access-list with logging option enabled is attached to an interface, and you send traffic through the interface, this brings down all of the interfaces.


Under circumstances where ATM VCs are created and deleted on a regular basis, the OC-12 ATM segmenter firmware can transition to a state in which it drops some packets without counting them in a data stream where packet sizes alternate from small to large. This manifests itself in lower throughput.


When a TU-AIS is received at a particular TU in TUG3#3, the next TU at the T1 or E1 level contains data corruption as well.


If you remove an APS configuration for a ChOC-12 line card, followed by the show controllers sonet <high slot number, for example 2/0/0> or the show controllers sonet command, the Cisco 10000 crashes.

Other Resolved Caveats

This section includes caveats listed in previous release notes that are listed as resolved because they are unreproducible or do not affect the behavior of the Cisco 10000 ESR. In the event a caveat listed in this section causes problems, please contact Cisco customer service.

For a list of unreproducible caveats in previous Cisco IOS Releases, refer to the release notes for those particular releases.


During periods of heavy traffic (approaching interface line rate), some interfaces may experience inconsistent performance between interfaces of the same type.


The number of VPNs that can be created on gigabit Ethernet subinterfaces is limited to under 100.


When the encapsulation mode is changed from PPP to HDLC or vice-versa, the system drops about 3 of the next 10 packets transmitted. After that, the packets are transmitted normally.


When a ChOC-12 line card is reconfigured from a channelized T3 configuration to an unchannelized T3 configuration or vice-versa, the initial packets are not forwarded.


If you send a large number of small packets in large multicast groups, this may cause the following certain debug messages to appear on the console.


Occasionally, after you reload routers (with background traffic load equal to no_drop rate), the throughput is some 3 to 400 pps below the expected rate.


On rare occasions, after a single reload while under load, the Gigabit Ethernet line card is up but drops nearly all packets on the output queue.


If, in a Frame-Relay environment, some interfaces flap continuously, the interface statistics report input errors (overruns) on the flapping interfaces.


Following a reload of the Cisco IOS software, the Gigabit Ethernet interface does not always come back up. The interface remains in the "GigabitEthernet1/0/0 is down, line protocol is down" state.


During a reload, if the router continuously receives IP packets, CPUHOG messages may appear in the log, and the router may take a period of time to come up.


After you reload line cards under background traffic load, one or more interfaces may not come up.


If you issue a write erase command on the primary PRE followed by an erase sec-nvram: command, and then reload both PREs simultaneously, some line cards may not be recognized correctly on reboot.


The Cisco 10000 ESR stops responding after several hours of testing with 500 CT3 ds0 interfaces configured for Frame Relay that were receiving multicast traffic at a rate of 10 pps of 260-byte packets.


ip address negotiate sends dhcp requests out to all serial line interfaces.


In some test instances, Frame Relay interfaces did not correctly join a multicast group when it should have. The result is that multicast packets destined for those interfaces will be punted to the route processor. Enough packets cause the cpu usages on the route processor to run at a high usage.


On rare occasions, when a large number of ds0 interfaces is configured on a CT3 line card, buffer with corrupt pool pointer error messages may appear.


Under rare conditions in which scripts of VC creates and VC deletes are executed in turn, some VBR-nrt VCs are not created.

Obtaining Documentation

The following sections provide sources for obtaining documentation from Cisco Systems.

World Wide Web

You can access the most current Cisco documentation on the World Wide Web at the following sites:

Documentation CD-ROM

Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or as an annual subscription.

Ordering Documentation

Cisco documentation is available in the following ways:

Registered Cisco Direct Customers can order Cisco Product documentation from the Networking Products MarketPlace:

Registered users can order the Documentation CD-ROM through the online Subscription Store:

Nonregistered users can order documentation through a local account representative by calling Cisco corporate headquarters (California, USA) at 408 526-7208 or, in North America, by calling 800 553-NETS (6387).

Documentation Feedback

If you are reading Cisco product documentation on the World Wide Web, you can submit technical comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco.

You can e-mail your comments to

To submit your comments by mail, use the response card behind the front cover of your document, or write to the following address:

Attn. Document Resource Connection
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-9883

We appreciate your comments.

Obtaining Technical Assistance

Cisco provides as a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools. For registered users, additional troubleshooting tools are available from the TAC website. is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information and resources at anytime, from anywhere in the world. This highly integrated Internet application is a powerful, easy-to-use tool for doing business with Cisco. provides a broad range of features and services to help customers and partners streamline business processes and improve productivity. Through, you can find information about Cisco and our networking solutions, services, and programs. In addition, you can resolve technical issues with online technical support, download and test software packages, and order Cisco learning materials and merchandise. Valuable online skill assessment, training, and certification programs are also available.

Customers and partners can self-register on to obtain additional personalized information and services. Registered users can order products, check on the status of an order, access technical support, and view benefits specific to their relationships with Cisco.

To access, go to the following website:

Technical Assistance Center

The Cisco TAC website is available to all customers who need technical assistance with a Cisco product or technology that is under warranty or covered by a maintenance contract.

Contacting TAC by Using the Cisco TAC Website

If you have a priority level 3 (P3) or priority level 4 (P4) problem, contact TAC by going to the TAC website:

P3 and P4 level problems are defined as follows:

P3—Your network performance is degraded. Network functionality is noticeably impaired, but most business operations continue.

P4—You need information or assistance on Cisco product capabilities, product installation, or basic product configuration.

In each of the above cases, use the Cisco TAC website to quickly find answers to your questions.

To register for, go to the following website:

If you cannot resolve your technical issue by using the TAC online resources, registered users can open a case online by using the TAC Case Open tool at the following website:

Contacting TAC by Telephone

If you have a priority level 1 (P1) or priority level 2 (P2) problem, contact TAC by telephone and immediately open a case. To obtain a directory of toll-free numbers for your country, go to the following website:

P1 and P2 level problems are defined as follows:

P1—Your production network is down, causing a critical impact to business operations if service is not restored quickly. No workaround is available.

P2—Your production network is severely degraded, affecting significant aspects of your business operations. No workaround is available.