Table Of Contents
Release Notes for Cisco IOS Release 12.4(24)GC4
Image and Documentation Information
New Features for Cisco IOS Release 12.4(24)GC4
New Features for Cisco IOS Release 12.4(24)GC2
Recommended Configuration Settings
Open Caveats for Cisco IOS Release 12.4(24)GC4
Closed Caveats for Cisco IOS Release 12.4(24)GC4
Open Caveats for Cisco IOS Release 12.4(24)GC3
Closed Caveats for Cisco IOS Release 12.4(24)GC3
Open Caveats for Cisco IOS Release 12.4(24)GC2
Obtaining Documentation, Obtaining Support, and Security Guidelines
Release Notes for Cisco IOS Release 12.4(24)GC4
Current Release:
12.4(24)GC4 - September 1, 2011
Previous Release:
12.4(24)GC3
12.4(24)GC2
The following release notes support Cisco IOS Release 12.4(24)GC4. They are updated to describe new features, limitations, troubleshooting, recommended configurations, caveats, and how to obtain support and documentation.
Contents
This publication consists of the following sections:
•Image and Documentation Information
•Recommended Configuration Settings
•Obtaining Documentation, Obtaining Support, and Security Guidelines
Image and Documentation Information
These images are bug compatible with Cisco IOS release 12.4(24)GC4.
The following Cisco IOS images are part of this release:
•c1861-adventerprisek9-mz
•c1861-advipservicesk9-mz
•c2800nm-adventerprisek9-mz
•c2800nm-advipservicesk9-mz
•c2801-adventerprisek9-mz
•c2801-advipservicesk9-mz
•c3250-adventerprisek9-mz
•c3270-adventerprisek9-mz
•c3825-adventerprisek9-mz
•c3825-advipservicesk9-mz
•c3845-adventerprisek9-mz
•c3845-advipservicesk9-mz
Note You must have a Cisco.com account to download the software.
The following documentation is available for use:
•Mobile Ad Hoc Networks for Router-to-Radio Communications (OL-19437-02)
New Features
New Features for Cisco IOS Release 12.4(24)GC4
No new features have been added to this release.
New Features for Cisco IOS Release 12.4(24)GC2
The following features have been added to this release:
•Support for QoS (MQC)
Limitations
The following limitations exist in this release:
•The QoS policy can only be applied to one outgoing interface the PPPoE session is traversing.
A QoS output policy can be applied to the Virtual Template or the VMI, but not at the same time. If a policy is attached, the outgoing physical interfaces (ie. physical-interface FastEthernet0/0) should not have output policy applied. It is recommended that the policy be attached to the Virtual Template. The other option is to apply the policy to the VMI but not to the Virtual Template or Ethernet interface.
•When a service policy is applied to the VMI and packets are dropped on the VA due to credit starvation, the show policy-map int VMI command will not show these dropped packets. There is no backpressure between the interfaces in this configuration. The VMI does not know that packets were dropped by the VA or the Ethernet physical interfaces.
•RFC 5578 credits do not tie into QoS formulas. Credits only indicate to QoS the ability to transmit a packet or not. If there are enough credits a packet will be transmitted from the highest priority queue. When there are not enough credits, packets will be queued.
•Software Release 12.4(24)GC4 may have OSPFv3 incompatibility issues with software versions 12.4(22)GC1 or older. To avoid any issues, ensure that all routers run the same version of Cisco IOS.
Troubleshooting
Use the following command to collect data when reporting router issues:
•show tech
Use the following command to collect data to confirm neighbor establishment:
•show vmi neighbor
Use the following command to display active PPPoE sessions:
•show pppoe session
Use the following command to examine QoS issues:
•show policy-map interface virtual-access interface-number
Use the following commands to debug vmi issues:
•debug vmi error
•debug vmi pppoe
Use the following commands to verify PPPoE and VMI interface operation related to credit information:
•show vmi neighbor detail
•show pppoe session all
Use the following command to debug PPPoE issues:
•debug pppoe error
Use the following command to display OSPFv3 traffic data including LSA counts:
•show ipv6 ospf traffic
Use the following command to display EIGRP traffic data:
•show ip eigrp traffic [as-number]
The following command is not supported, but may be useful in debugging EIGRP MANET metric issues:
•debug eigrp neighbor
Use the following command to collect data when reporting ROMMON issues:
•showmon
Complete the following procedure to collect data if a router reboot to rommon occurs:
1. dir flash: - Use to locate the Route Processor (crashinfo*) or Network Processor (pxf_crashinfo*) exception file.
2. E-mail the exception file with a write up to the Cisco Beta support email address.
Recommended Configuration Settings
Use the following configuration guidelines when enabling class-based weighted fair-queuing:
•Enter the following command to turn off creation of virtual-template subinterfaces:
no virtual-template subinterface
•Enter the following commands to create a policy map with class-based weighted fair-queuing and apply the newly created policy-map to the virtual template:
class-map match-any chatmatch dscp af11class-map match-any voicematch dscp efpolicy-map mypolicyclass chatbandwidth percent 40class voicebandwidth percent 40interface virtual-template number
service-policy output mypolicy•No additional configuration is supported on the policy-map.
Use the following configuration guidelines when disabling PPP keepalives:
•You can turn off the PPP keepalive messages to decrease overhead when the radio alerts the router with a PADT message that the layer-2 RF connection is no longer available. Turning off the PPP keepalive messages may also avoid the potential for the router to terminate the connection based on missed PPP keepalives over a poor RF link.
•To turn off the PPP keepalive messagess, enter the following command for the virtual-template.
interface virtual-template number
no keepaliveUse the following configuration guidelines for setting the recommended OSPF values of radio link metrics:
•You may have to dampen the amount of changes in order to reduce network-wide churn because cost components may change rapidly.
•The following recommended values are intended as a starting point for optimizing a OSPFv3 network and are based on network simulations that may reduce the rate of network changes. Each network may have unique characteristics that require different settings to optimize actual network performance.
You must configure these values for both OSPFv3 IPv4 and IPv6
S1 = ipv6 ospf dynamic weight throughout
Recommended value = 0
Default=100
S2 = ipv6 ospf dynamic weight resources
Recommended value = 29
Default = 100
S3 = ipv6 ospf dynamic weight latency
Recommended value = 29
Default = 100
S4 = ipv6 ospf dynamic weight L2 factor
Recommended value = 29
Default = 100The following is an example configuration for a VMI interface or on the virtual template when running bypass mode:
interface vmi1...ipv6 ospf cost dynamic weight throughput 0ipv6 ospf cost dynamic weight resources 29ipv6 ospf cost dynamic weight latency 29ipv6 ospf cost dynamic weight L2-factor 29...ospfv3 instance 64 cost dynamic weight throughput 0ospfv3 instance 64 cost dynamic weight resources 29ospfv3 instance 64 cost dynamic weight latency 29ospfv3 instance 64 cost dynamic weight L2-factor 29For more information on OSPF commands, refer to the following URL: http://www.cisco.com/en/US/docs/ios/iproute/command/reference/irp_book.html
Use the following configuration guidelines for disabling split horizon in EIGRP:
•By default split horizon is enabled in EIGRP. You can disable split horizon by entering the no ip split-horizon eigrp command for the respective autonomous system number.
interface vmi number
no ip split-horizon eigrp as-number
•Enter the following command to disable the ip redirects on the vmi interface when you are configuring the vmi interface for EIGRP.
interface vmi number
no ip redirectsUse the following configuration guidelines for setting EIGRP values of radio link metrics:
•EIGRP monitors the following metrics on an interface allowing the tuning of the EIGRP metric calculations; use the metric weights router configuration command:
metric weights tos k1 k2 k3 k4 k5where tos denotes type of service (currently, it must always be zero) and use the following default values for weights:
k1 - 1
k2 - 0
k3 - 1
k4 - 0
k5 - 0
Note The no metric weights command restores the K-values to the above listed defaults:
•Most configurations use the Delay and Bandwidth metrics with Bandwidth taking precedence.
•You must set the weights identically on all routers in an autonomous system.
Note If you wish to use the default k-values you do not need to enter the metric weights command.
– Change Based Dampening:
ip50-1(config)#int vmi 4ip50-1(config-if)#eigrp 100 interface dampening-change 40Default Value for Change Based Dampening: 50%
To enable change-based dampening using the default Value, enter the following command:
eigrp 100 interface dampening-changeTo disable change-based dampening, enter the following command:
no eigrp 100 interface dampening-change– Interval-based Dampening:
ip50-1(config)#int vmi 4ip50-1(config-if)#eigrp 100 interface dampening-interval 20Default Timer value for Interval-based Dampening: 30 seconds
To enable interval-based dampening using the default Value, enter the following command:
eigrp 100 interface dampening-intervalTo disable interval-based dampening, enter the following command:
no eigrp 100 interface dampening-interval•The following exceptions will result in an immediate update:
–a down interface
–a down route
–any change in a metric triggered outside the scope of the VMI metric update.
Note No recommended values other than default are currently available.
For more information on EIGRP commands, refer to the following URL: http://www.cisco.com/en/US/docs/ios/iproute/command/reference/irp_book.html
Caveats
Caveats describe unexpected behavior in Cisco IOS releases. Caveats listed as open in a prior release are carried forward to the next release as either open or resolved.
This section lists caveats in the Cisco IOS Release 12.4(24) images:
•Open Caveats for Cisco IOS Release 12.4(24)GC3
•Closed Caveats for Cisco IOS Release 12.4(24)GC3
•Open Caveats for Cisco IOS Release 12.4(24)GC3
•Closed Caveats for Cisco IOS Release 12.4(24)GC3
•Open Caveats for Cisco IOS Release 12.4(24)GC2
Open Caveats for Cisco IOS Release 12.4(24)GC4
Cisco IOS Release 12.4(24)GC4 has no open caveats.
Closed Caveats for Cisco IOS Release 12.4(24)GC4
This section lists closed caveats in the Cisco IOS Release 12.4(24)GC4:
•CSCth03022
Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device or trigger memory leaks that may result in system instabilities. Affected devices would need to be configured to process SIP messages for these vulnerabilities to be exploitable.
Cisco has released free software updates that address these vulnerabilities. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerabilities.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110928-sip.shtml.
•CSCtj41194
Cisco IOS Software contains a vulnerability in the IP version 6 (IPv6) protocol stack implementation that could allow an unauthenticated, remote attacker to cause a reload of an affected device that has IPv6 enabled. The vulnerability may be triggered when the device processes a malformed IPv6 packet.
Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate this vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110928-ipv6.shtml.
•CSCtb29889
OSPFv3 may get stuck in the Database Exchange state, which prevents routing updates from being propagated. The problem will only occur with large OSPFv3 LSA databases.
Workaround: There is no workaround.
•CSCth43582
•QoS policy may be dropped on an interface when it receives an invalid CDR value.
Workaround: There is no workaround.
•CSCti56177
•A Cisco 3250 router running the c3250-adventerprisek9-mz.124-24.GC2 image has a parcer error for all IPv6 commands.
Workaround: Do not use the ?. enter the complete command.
•CSCtk57597
If 40 OSPF MANET nmodes all attempt to come up at the same time, the router runs out of memory and may cause a crash in PPPoE.
Workaround: There is no workaround.
•CSCtl20508
A Cisco 3270 router may fail to decrypt a packet coming through a tunnel interface with a crypto IPSEC profile . and display the following system message for all received packets:
%sys-2-IPSEC(epa_des_crypt): decrypted packet failed SA identity check.
Workaround: There is no workaround.
•CSCto23334
A Cisco device running Cisco IOS may reload due to a software-forced reload that occurs after the forrowing system message:
%SYS-2-INTSCHED: 'may_suspend' at level 3 -Process= "PPPoE Flow Control Background"
Workaround: There is no workaround.
Open Caveats for Cisco IOS Release 12.4(24)GC3
This section lists open caveats in the Cisco IOS Release 12.4(24)GC3:
•CSCtb29889
OSPFv3 may get stuck in the Database Exchange state, which prevents routing updates from being propagated. The problem will only occur with large OSPFv3 LSA databases.
Workaround: There is no workaround.
•CSCth43582
•QoS policy may be dropped on an interface when it receives an invalid CDR value.
Workaround: There is no workaround.
•CSCti56177
•A Cisco 3250 router running the c3250-adventerprisek9-mz.124-24.GC2 image has a parcer error for all IPv6 commands.
Workaround: Do not use the ?. enter the complete command.
•CSCtk57597
If 40 OSPF MANET nmodes all attempt to come up at the same time, the router runs out of memory and may cause a crash in PPPoE.
Workaround: There is no workaround.
•CSCtl20508
A Cisco 3270 router may fail to decrypt a packet coming through a tunnel interface with a crypto IPSEC profile . and display the following system message for all received packets:
%sys-2-IPSEC(epa_des_crypt): decrypted packet failed SA identity check.
Workaround: There is no workaround.
•CSCto23334
A Cisco device running Cisco IOS may reload due to a software-forced reload that occurs after the forrowing system message:
%SYS-2-INTSCHED: 'may_suspend' at level 3 -Process= "PPPoE Flow Control Background"
Workaround: There is no workaround.
Closed Caveats for Cisco IOS Release 12.4(24)GC3
This section lists closed caveats in the Cisco IOS Release 12.4(24)GC3:
•CSCtb36964
Use of the show ospfv3 neighbor manet or show ipv6 ospf neighbor manet commands may cause the router to suffer an unexpected system reload.
If the show ospfv3 neighbor manet or the show ipv6 ospf neighbor manet command is entered, with the console at the --More-- prompt, and a VMI session terminates at the same time, the router will reboot.
Workaround:
–Disable the IOS automore feature with the following exec-level command to prevent the router reboot from occurring when the above conditions are present:
terminal length 0Open Caveats for Cisco IOS Release 12.4(24)GC2
This section lists open caveats in the Cisco IOS Release 12.4(24)GC2:
•CSCtb29889
OSPFv3 may get stuck in the Database Exchange state, which prevents routing updates from being propagated. The problem will only occur with large OSPFv3 LSA databases.
Workaround: There is no workaround.
•CSCtb36964
Use of the show ospfv3 neighbor manet or show ipv6 ospf neighbor manet commands may cause the router to suffer an unexpected system reload.
If the show ospfv3 neighbor manet or the show ipv6 ospf neighbor manet command is entered, with the console at the --More-- prompt, and a VMI session terminates at the same time, the router will reboot.
Workaround:
–Disable the IOS automore feature with the following exec-level command to prevent the router reboot from occurring when the above conditions are present:
terminal length 0•CSCth43582
•QoS policy may be dropped on an interface when it receives an invalid CDR value.
Workaround: There is no workaround.
•CSCti56177
•A Cisco 3250 router running the c3250-adventerprisek9-mz.124-24.GC2 image has a parcer error for all IPv6 commands.
Workaround: Do not use the ?. enter the complete command.
•CSCtk57597
If 40 OSPF MANET nmodes all attempt to come up at the same time, the router runs out of memory and may cause a crash in PPPoE.
Workaround: There is no workaround.
•CSCtl20508
A Cisco 3270 router may fail to decrypt a packet coming through a tunnel interface with a crypto IPSEC profile . and display the following system message for all received packets:
%sys-2-IPSEC(epa_des_crypt): decrypted packet failed SA identity check.
Workaround: There is no workaround.
•CSCto23334
A Cisco device running Cisco IOS may reload due to a software-forced reload that occurs after the forrowing system message:
%SYS-2-INTSCHED: 'may_suspend' at level 3 -Process= "PPPoE Flow Control Background"
Workaround: There is no workaround.
Obtaining Documentation, Obtaining Support, and Security Guidelines
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at the following URL:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service. Cisco currently supports RSS Version 2.0.
Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)
© 2010-2011 Cisco Systems, Inc. All rights reserved.