Guest

Cisco Content Services Gateway

Release Notes for Cisco Content Services Gateway - 2nd Generation Release 5.0 Cisco IOS Release 12.4(24)MDA13

  • Viewing Options

  • PDF (649.4 KB)
  • Feedback
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 5.0 Cisco IOS Release 12.4(24)MDA13

Table Of Contents

Release Notes for Cisco
Content Services Gateway -
2nd Generation Release 5.0
Cisco IOS Release 12.4(24)MDA13

Introduction

Features

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA13

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA12

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA11

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA10

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA9

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA8

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA7

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA6

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA5

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA4

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA3

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA2

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA1

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA

System Requirements

Memory Requirements

Hardware Supported

Software Requirements

Determining the Software Version

Prerequisites and Restrictions

Caveats for Cisco IOS Release 12.4(24)MDA13

CSG2 Software for Cisco IOS Release 12.4(24)MDA13 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA13 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA13 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA13 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA12

CSG2 Software for Cisco IOS Release 12.4(24)MDA12 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA12 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA12 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA12 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA11

CSG2 Software for Cisco IOS Release 12.4(24)MDA11 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA11 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA11 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA11 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA10

CSG2 Software for Cisco IOS Release 12.4(24)MDA10 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA10 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA10 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA10 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA9

CSG2 Software for Cisco IOS Release 12.4(24)MDA9 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA9 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA9 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA9 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA8

CSG2 Software for Cisco IOS Release 12.4(24)MDA8 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA8 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA8 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA8 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA7

CSG2 Software for Cisco IOS Release 12.4(24)MDA7 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA7 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA7 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA7 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA6

CSG2 Software for Cisco IOS Release 12.4(24)MDA6 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA6 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA6 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA6 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA5

CSG2 Software for Cisco IOS Release 12.4(24)MDA5 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA5 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA5 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA5 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA4

CSG2 Software for Cisco IOS Release 12.4(24)MDA4 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA4 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA4 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA4 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA3

CSG2 Software for Cisco IOS Release 12.4(24)MDA3 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA3 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA3 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA3 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA2

CSG2 Software for Cisco IOS Release 12.4(24)MDA2 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA2 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA2 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA2 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA1

CSG2 Software for Cisco IOS Release 12.4(24)MDA1 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA1 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA1 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA1 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA

CSG2 Software for Cisco IOS Release 12.4(24)MDA - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Documentation and Technical Assistance

Related Documentation

CSG2 Documentation

Release-Specific Documents

Platform-Specific Documents

Cisco IOS Software Documentation Set

Obtaining Documentation and Submitting a Service Request


Release Notes for Cisco
Content Services Gateway -
2nd Generation Release 5.0
Cisco IOS Release 12.4(24)MDA13


First Published: February 15, 2012
Last Updated: May 3, 2013
Current Release: Cisco IOS Release 12.4(24)MDA13
OL-22841-01

This publication describes the requirements, dependencies, and caveats for the Cisco Content Services Gateway - 2nd Generation, more commonly known as the Content Services Gateway 2 or CSG2. These release notes are updated for every maintenance release.

Use these release notes with the Cross-Platform Release Notes for Cisco IOS Release 12.4, located on Cisco.com.

Caveats

Caveats describe unexpected behavior in Cisco IOS software releases. Severity 1 caveats are the most serious caveats; severity 2 caveats are less serious. Severity 3 caveats are moderate caveats, and only select severity 3 caveats are included in the caveats document.

All caveats in Cisco IOS Release 12.4 and Cisco IOS Release 12.4 T are also in Cisco IOS Release 12.4(24)MDA13.

For a list of the software caveats that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDA13. see the "Caveats for Cisco IOS Release 12.4(24)MDA13" section.

For information on caveats in Cisco IOS Release 12.4, see Caveats for Cisco IOS Release 12.4, located on Cisco.com.

For information on caveats in Cisco IOS Release 12.4 T, see Caveats for Cisco IOS Release 12.4T, located on Cisco.com and the Documentation CD-ROM.

Using the Bug Navigator II

If you have an account with Cisco.com, you can use Bug Navigator II to find the most current list of caveats of any severity for any software release. To reach Bug Navigator II, log in to Cisco.com and click Software Center: Cisco IOS Software: Cisco Bugtool Navigator II.

This publication includes the following information:

Introduction

Features

System Requirements

Prerequisites and Restrictions

Caveats for Cisco IOS Release 12.4(24)MDA13

CSG2 Software for Cisco IOS Release 12.4(24)MDA13 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA13 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA13 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA13 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA12

CSG2 Software for Cisco IOS Release 12.4(24)MDA12 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA12 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA12 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA12 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA11

CSG2 Software for Cisco IOS Release 12.4(24)MDA11 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA11 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA11 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA11 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA10

CSG2 Software for Cisco IOS Release 12.4(24)MDA10 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA10 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA10 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA10 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA9

CSG2 Software for Cisco IOS Release 12.4(24)MDA9 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA9 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA9 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA9 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA8

CSG2 Software for Cisco IOS Release 12.4(24)MDA8 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA8 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA8 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA8 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA7

CSG2 Software for Cisco IOS Release 12.4(24)MDA7 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA7 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA7 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA7 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA6

CSG2 Software for Cisco IOS Release 12.4(24)MDA6 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA6 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA6 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA6 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA5

CSG2 Software for Cisco IOS Release 12.4(24)MDA5 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA5 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA5 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA5 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA4

CSG2 Software for Cisco IOS Release 12.4(24)MDA4 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA4 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA4 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA4 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA3

CSG2 Software for Cisco IOS Release 12.4(24)MDA3 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA3 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA3 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA3 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA2

CSG2 Software for Cisco IOS Release 12.4(24)MDA2 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA2 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA2 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA2 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA1

CSG2 Software for Cisco IOS Release 12.4(24)MDA1 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA1 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA1 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA1 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDA

CSG2 Software for Cisco IOS Release 12.4(24)MDA1 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA1 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA1 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA1 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Documentation and Technical Assistance

Introduction

The CSG2 is an application that runs on the Cisco Service and Application Module for IP (SAMI), a high-speed processing module. The CSG2 provides content-aware billing, service control, traffic analysis, and data mining in a highly scalable, fault-tolerant package. The CSG2 provides the software required by mobile wireless operating companies and other billing, applications, and service customers.

The CSG2 runs on the Cisco SAMI, a new-generation high performance service module for the Cisco 7600 series router platforms. The CSG2 is typically located at the edge of a network in an Internet service provider (ISP) point of presence (POP), or Regional Data Center.

Features

This section lists the CSG2 features and the CSG2 release in which the feature was introduced. For full descriptions of all of these features, see the Cisco Content Services Gateway - 2nd Generation Release 5 Installation and Configuration Guide.

To see the software part numbers associated with each CSG2 release; the Supervisor hardware required by each CSG2 release; the minimum Cisco IOS release required for new features in each CSG2 release; and the minimum IOS level supported by each CSG2 release, see the "Software Requirements" section.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA13

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA12

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA11

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA10

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA9

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA8

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA7

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA6

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA5

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA4

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA3

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA2

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA1

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA13

The CSG2 software for Cisco IOS Release 12.4(24)MDA13 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA12" section.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA12

The CSG2 software for Cisco IOS Release 12.4(24)MDA12 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA11" section.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA11

The CSG2 software for Cisco IOS Release 12.4(24)MDA11 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA10" section.

In addition, the CSG2 software for Cisco IOS Release 12.4(24)MDA11 supports the following new features:

CP/TP interface exposure

This feature has the following restrictions:

After upgrading to CSG2 R5 running with Cisco IOS Release 12.4(24)MDA11 or later, you must issue the write memory command, because the Ifindex table file in NVRAM is deleted when the SAMI comes online.

If you downgrade to a CSG2 release image that does not include the CSCtr09086 fix, we recommend that you delete the Ifindex table file in NVRAM, because the CSCtr09086 fix changes the logic for populating the ifIndex table file for the TP. However, if you choose not to delete the ifIndex-table file, no harm is done to your configuration.

If the SNMP ifIndex persistence feature is configured, you cannot configure more than 600 interfaces.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA10

The CSG2 software for Cisco IOS Release 12.4(24)MDA10 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA9" section.

In addition, the CSG2 software for Cisco IOS Release 12.4(24)MDA10 supports the following new features:

Optimized Selection of TCP and UDP Transactions for Acceleration

Upstream and Downstream Acceleration for HTTP Transactions

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA9

The CSG2 software for Cisco IOS Release 12.4(24)MDA9 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA8" section.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA8

The CSG2 software for Cisco IOS Release 12.4(24)MDA8 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA7" section.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA7

The CSG2 software for Cisco IOS Release 12.4(24)MDA7 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA6" section.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA6

The CSG2 software for Cisco IOS Release 12.4(24)MDA6 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA5" section.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA5

The CSG2 software for Cisco IOS Release 12.4(24)MDA5 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA4" section.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA4

The CSG2 software for Cisco IOS Release 12.4(24)MDA4 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA3" section.

In addition, the CSG2 software for Cisco IOS Release 12.4(24)MDA4 supports the following new feature:

Content Regex Match Capacity Increase—Up to 1408 match patterns per map; up to 1408 total match patterns per content; up to 1408 total match patterns per policy; and up to 8192 total match patterns per CSG2 (assuming there is enough memory available)

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA3

The CSG2 software for Cisco IOS Release 12.4(24)MDA3 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA2" section.

In addition, the CSG2 software for Cisco IOS Release 12.4(24)MDA3 supports the following new feature:

Configurable Service Lifetime (Forced Service Stop)

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA2

The CSG2 software for Cisco IOS Release 12.4(24)MDA2 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA1" section.

In addition, the CSG2 software for Cisco IOS Release 12.4(24)MDA2 supports the following new features:

Accelerated Flows for FTP, RTSP, and SIP

HTTP Header Insertion for IPv6

Packet Logging for IPv6

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA1

The CSG2 software for Cisco IOS Release 12.4(24)MDA1 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA" section.

In addition, the CSG2 software for Cisco IOS Release 12.4(24)MDA1 supports the following new features:

Accelerated Virtual Prepaid

Configurable REGEX Memory

Configurable URL Map Normalization

Reuse of Idle RADIUS Proxy Ports

RTSP Teardown Reply Delay

User Session Continuation After PCRF Timeout

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDA

The CSG2 Release 5 software for Cisco IOS Release 12.4(24)MDA supports the entire feature set for the CSG2 Release 4 software for Cisco IOS Release 12.4(22)MD1.

In addition, the CSG2 software for Cisco IOS Release 12.4(24)MDA supports the following new features:

Accelerated Flows

Conditional CDR Blocking

Configuring RADIUS Proxy—Reuse of Idle RADIUS Proxy Ports

Gx Event Trigger Usage Reporting

Gx Service Groups

IPv6 Bearer Support and Dual-Stack

Cisco 7600 LTE Integration

MIB Support—Support for the following MIBs was added:

CISCO-CONFIG-MAN-MIB

CISCO-ENTITY-ASSET-MIB

CISCO-ENTITY-FRU-CONTROL-MIB

CISCO-HSRP-EXT-MIB

CISCO-HSRP-MIB

CISCO-IP-STAT-MIB

CISCO-MEMORY-POOL-MIB

CISCO-QUEUE-MIB

CISCO-RTTMON-MIB

CISCO-VLAN-IFTABLE-RELATIONSHIP-MIB

ETHERLIKE-MIB

RSVP-MIB

NBAR Protocol Support—Support for Google Talk, MSN Messenger (Voice), Yahoo! Messenger (Voice)

System Requirements

This section describes the following memory and software requirements for CSG2:

Memory Requirements

Hardware Supported

Software Requirements

Determining the Software Version

For hardware requirements, such as power supply and environmental requirements, as well as hardware installation instructions, see the Service and Application Module for IP User Guide.

Memory Requirements

The CSG2 memory is not configurable.

The Cisco SAMI is available with a default 1 GB memory or an optional 2-GB memory.


Note Gx features in the CSG2 R5 and later require the 2 GB-SAMI option. The CSG2 R5 and later on the 1 GB-SAMI option does not support Gx.


Hardware Supported

Use of the CSG2 requires one of the following Cisco 7600 Series Routers and Supervisor Engines, and a module with ports to connect server and client networks:

Cisco 7600 Series Supervisor Engine 720 with a Multilayer Switch Feature Card 3 (WS-SUP720) running Cisco IOS Release 12.4(33)SRB1 or later

Cisco 7600 Series Supervisor Engine 720 with a Multilayer Switch Feature Card 3 and Policy Feature Card 3B (WS-SUP720-3B) running Cisco IOS Release 12.4(33)SRB1 or later

Cisco 7600 Series Supervisor Engine 720 with a Multilayer Switch Feature Card 3 and Policy Feature Card 3BXL (WS-SUP720-3BXL) running Cisco IOS Release 12.2(33)SRB1 or later

Cisco 7600 Series Supervisor Engine 32 with a Multilayer Switch Feature Card (WS-SUP32-GE-3B) running Cisco IOS Release 12.2(33)SRC or later and LCP ROMMON Version 12.2[121] or later on the Cisco SAMI

Cisco 7600 Series Supervisor Engine 32 with a Multilayer Switch Feature Card and 10 Gigabit Ethernet Uplinks (WS-SUP32-10GE-3B) running Cisco IOS Release 12.4(33)SRC or later and LCP ROMMON Version 12.2[121] or later on the Cisco SAMI

Cisco 7600 Series Route Switch Processor 720 with Distributed Forwarding Card 3C (RSP720-3C-GE) running Cisco IOS Release 12.4(33)SRC or later

Cisco 7600 Series Route Switch Processor 720 with Distributed Forwarding Card 3CXL (RSP720-3CXL-GE) running Cisco IOS Release 12.2(33)SRC or later

Software Requirements

When referring to this section, keep the following considerations in mind:

Do not use the Supervisor Hardware Supported column to infer supervisor hardware support. Consult the Cisco IOS Upgrade Planner to determine which Cisco IOS releases support the desired supervisor hardware.

Each feature set is limited to those features that can be configured at the Minimum Cisco IOS Level Supported.

The following table lists the CSG2 and Cisco SAMI module part numbers and associated information for each CSG2 release:

CSG2 Release
CSG2 and Cisco SAMI Module Part Numbers
Supervisor Hardware Supported
Supervisor Software Minimum Cisco IOS Release Required for New Features
Supervisor Software Minimum Cisco IOS Level Supported

12.4(24)MDA13
12.4(24)MDA12
12.4(24)MDA11
12.4(24)MDA10
12.4(24)MDA9
12.4(24)MDA8
12.4(24)MDA7
12.4(24)MDA6
12.4(24)MDA5
12.4(24)MDA4
12.4(24)MDA3
12.4(24)MDA2
12.4(24)MDA1
12.4(24)MDA

Cisco SAMI Module Part Numbers:

WS-SVC-SAMI-BB-K9
WS-SVC-SAMI-BB-K9=
MEM-SAMI-6P-2GB

CSG2 Software License Part Numbers:

SSAC50K9-12424MD
SSAC50K9-12424MD=

CSG2 Software Subscriber License Part Numbers:

FL-SC-10K-SUB
FL-SC-100K-SUB

CSG2 Software Upgrade License Part Numbers:

FL-SC-R4R5-K9-UP

CSG2 Software and Cisco SAMI Module Bundle Part Numbers:

SAMI-CSG2-R2AS-K9=

WS-SUP720
WS-SUP720-3B
WS-SUP720-3BXL

12.2(33)SRB1

12.2(33)SRB1

WS-SUP32-GE-3B
WS-SUP32-10GE-3B

12.2(33)SRC

12.2(33)SRC

RSP720-3C-GE
RSP720-3CXL-GE

12.2(33)SRC

12.2(33)SRC


Determining the Software Version

To determine the version of Cisco IOS software that is currently running on your Cisco network device, log in to the CSG2 or Supervisor Engine and enter the show version EXEC command.

To show CSG2 versions, log in to the Supervisor Engine and enter the show module command in privileged EXEC mode.

To provide meaningful problem determination information, log in to the CSG2 or Supervisor Engine and enter the show tech-support command in privileged EXEC mode.

Prerequisites and Restrictions

For the latest prerequisites and restrictions for the CSG2, see the "Overview" chapter of the Cisco Content Services Gateway - 2nd Generation Release 5 Installation and Configuration Guide.

Caveats for Cisco IOS Release 12.4(24)MDA13

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDA13.

CSG2 Software for Cisco IOS Release 12.4(24)MDA13 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA13 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA13 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA13 - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA13 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA13:

CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured

If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the write memory command on the PPC 3 results in the following error:

% Error saving SNMP ifIndexes No space left on device

The Ifindex table file in NVRAM is also deleted.

For this problem to occur, all of the following conditions must be met:

The SNMP ifIndex persistence feature must be configured.

The CSG2 release image must include the CSCtr09086 fix.

More than 600 interfaces must be configured.

Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex persistence feature.

CSCty02688—CSG2: Improper session synchronization during upgrade

When performing an in-service upgrade and synchronizing sessions from the active CSG2 Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the synchronization might not complete correctly. The standby CSG2 is synchronized with an unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the BMA, causing all sessions to be overcharged.

Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release, to CSG2 Release 5, or any later release.

CSG2 Software for Cisco IOS Release 12.4(24)MDA13 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA13:

CSCti49907—The CSG2 might prematurely mark the quota server or BMA as failed

The CSG2 might mark the quota server or BMA as failed even before the configured number of retries are performed. Only GTP keepalive messages are exchanged, no DTRs, and the quota server or BMA does not reply to some of the keepalives.

CSCub23935—The CSG2 reloads during bulksync with standby

Active and Standby CSG2s undergo rf-induced reloads attempting to bulk sync.

This problem can occur as a result of a configuration change for ip csg replicate during a bulk sync.

CSCub27714—User sessions stuck in CSG2 cause delayed Service Stop to go in sticky User Table

The CSG2 might send a Service Stop message to the quota server that was not associated with the user. This can occur even if Quota Server Reassignment is disabled.

For this problem to occur, all of the following conditions must be met:

A prepaid user must exist in the system.

The quota must expire and 0 quota must be received in the Service Reauth Response.

The reauthorization delay must be around 1200 seconds.

The CSG2 must block the traffic and clear some of the sessions.

The CSG2 must receive a RADIUS Accounting Stop message for the user (user logout) before the content idle timer expires.

A few established sessions must get stuck in the CSG2 and not cleared after the RADIUS Accounting Stop message.

The CSG2 must send out the Service Stop after the sessions are cleared by the content idle timer.

This results in the creation of a sticky user while sending the Service Stop, as the affinity is already cleared. While creating the sticky user, the CSG2 might assign a different quota server and forward the service stop to that quota server.

CSCub89563—The CSG2 crashed during automation run while performing preload

The CSG2 might crash during preload activity. The crash occurs randomly during startup, during preload, on a clean node, after the initial setup of the CSG2 (that is, after the configuration of the RADIUS, BMA, and quota server interfaces).

CSCuc54989—The SAMI reloaded with no ip csg iscsi profile command

The Cisco SAMI crashes when the no ip csg iscsi profile command is issued.

CSCuc95740—The CSG2 might crash while processing a DNS packet

The CSG2 PPC CPU might crash while handling DNS packets.

CSCud87639—Tracebacks seen in SAMI-CSGK9 with no ip csg iscsi profile command

The following error message displays, followed by a traceback:

%IFS-3-FSMAX: Failed to add sda4, maximum filesystems 64

This condition occurs when an operator configures the ip csg iscsi profile FAS-POZ-A format and then unconfigures the format using the no form of the command.

CSCue92492—The CSG2 might crash while enforcing QoS-rate limit parameters under a service

The CSG2 might crash when the debug diameter events command is issued and more than five levels of grouped Attribute Value Pairs (AVPs) are received in a message.

For this problem to occur, all of the following conditions must be met:

The debug diameter events command must be issued.

The PCRF must push grouped AVPs that contain five or more levels of grouped AVPs.

CSCuf78470—The CSG2 might generate a preload error even if mpcc preload is not configured

When the CSG2 comes up after a reload, it might try to send a preload request to the PCRF even if mpcc preload is not configured.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA13 - Open Caveats

There are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA13.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA13 - Closed Caveats

The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA13:

CSCsy00532—Continual sysmgr crashes with incomplete cores and no reboot

Due to an error in the coring process, file permissions on the core files are not set properly. Therefore, it is not possible to copy the cores from the core: directory using the copy command. Access to the debug shell is required to recover the cores.

CSCte53683—iSCSI sporadic write failures

Sporadic write failures are seen while writing to an iSCSI target. This issue is seen during a race condition when the files are created and deleted from the file system.

CSCtf07557—iSCSI sporadic write failures

File creation or file delete sporadically fails with a "File In Use in Incompatible mode" error message.

This condition occurs when file create and delete operations are executed simultaneously on the same path and both files have the same first six characters.

CSCtg27136—Not able to enable or disable the scada gateway feature

The scada gateway feature enable and disable commands do not work (scada gateway command and no scada gateway command).

CSCtu68726—%RF_INTERDEV-3-RELOAD: -Process= "HSRP Common" during supervisor engine hardware module reset

When the supervisor engine sends a hardware module reset for one of a pair of redundant Cisco SAMIs, the following message might be seen:

%RF_INTERDEV-3-RELOAD: -Process= "HSRP Common"

CSCtw60993—QNX: process "io-net" crashed.

The Cisco SAMI might reload with the following syslog error message:

%SAMI-2-SAMI_SYSLOG_CRIT: SAMI 1/0: %SAMI-2-443001: System experienced fatal failure.Service name:System Manager (core-server)(30380) has terminated on receiving signal 11,reloading system

As part of crash info, core file qnx_1_io-net_114693_core is generated. 114693 is the process-id for io-net, which might vary from case to case.

CSCtx85422—IXP: One thread in the lookup micro engine might fail to receive packets

One of 56 lookup threads in the IXP micro engine fails to process packets. There are no specific symptoms of this condition because syslogs are not generated and the other 55 threads are capable of handling packets. Additionally, this condition does not cause any noticeable degradation in performance.

This condition occurs because one of the lookup threads fails to initialize properly and fails to receive packets.

CSCty65255—Two commands to show SAMI temp sensors display two different values

The commands show sami temperature and show environment temperature display different temperature values for all columns except Base board sensor 0 & 1.

CSCtz07383—The SAMI card reloads due to unexpected termination of XScale qconn process

An unexpected termination of the qconn process on the IXP XScale processor can cause a Cisco SAMI card reload. After the reload, output from the show version command on the SAMI PPCs shows the following:

System returned to ROM by NP 1 Failed: NP Core Reset - Cause Unknown at timestamp

CSCua69750 —LCP process core and IXP coredump bundling into crashinfo tar ball

The ixp_csr_dump process in processor 0 crashes while collecting the IXP coredump. The crashinfo_collection-xxxxxxxx-xxxxxx.tar file does not contain coredump_proc1 or coredump_proc2, which are coredumps of IXPs, even though these coredump are present in processor 0 core: directory outside the crashinfo_collection file.

Also, if an LCP process has crashed, there is also be a core.xxx file in processor 0 core: directory which is also not part of the crashinfo_collection tar ball.

CSCub16776—IXP: No Buffer packet drops in IXP engine

On the CSG2 IXP processor, available buffers can become temporarily depleted, causing packet drops. This shows up in the output for the show sami ixp statistics command. In the output, both the Missing SOP (Start of Packet) and Drops - No Buffer fields are incremented whenever there are packet drops.

This problem can occur when contents are configured for acceleration and are inservice, and flows matching these contents are accelerated.

CSCub22727—The show sami ixp session command might result in a traceback

If acceleration is enabled, and the show sami ixp session command is issued, the following traceback might occur:

SAMI 5/3: Jul 24 17:18:13.686 EDT: %SAMI-4-WARNING: Unexpected condition: response too long for buffer
-Process= "Virtual Exec", ipl= 0, pid= 115, -Traceback= 0x5657B70z 0x5659EA4z 0x565A3BCz 0x55AD884z 0x55ADAD4z 0x55AF0E0z 0x5656C5Cz 0x5B0D6ACz 0x5B343CCz 0x68C3C2Cz 0x68C73B4z

CSCuc34571—CSG2 PCEF reload due to IXP failure on platform

The device might reload unexpectedly when IXP health monitoring detects several hung threads in MEs 4 through 10.

For this problem to occur, all of the following conditions must be met:

Flows must be accelerated by the IXP.

Flows must participate in some form of aggregate accounting (for example, service level CDRs, prepaid, Gx user volume threshold).

CSCuc65113—LCP Sysmgr Crash Due To Proc Mem Info Corruption

Core Dump File includes Proc Mem Info Details. LCP Sysmgr crashes due to Prco Memory Info Corruption

CSCud47702—QNX sysmgr_g_ns process crash

The LCP logs produce the following logs:

%SAMI-3-730205: SAMI User Space: ERROR: IXP xscale core rcvd. 1 collect crashinfo

The ixp1_crash.txt has this entry:

IXP CAUSE = NP Watchdog Reset

The 20121121-201846_crashinfo_collection-20121117-103238.tar contains qnx_1_sysmgr_g_ns_126985_core.

CSCud52370—The CSG2 might reload due to IXP multiple threads hung

The CSG2 might reload unexpectedly when IXP health monitoring detects several hung threads in MEs 4 through 10.

For this problem to occur, all of the following conditions must be met:

The flows must be accelerated by the IXP.

The flows must participate in some form of aggregate accounting, such as service-level CDRs, prepaid, or Gx user volume threshold.

CSCue28485—GGSN_SAMI-CPU-HOG-SAMI SCSI PROCESS

A GGSN_SAMI was unreachable for 20 minutes. During that time the server was not working any PDP context. After 20 minutes the GGSN came back up and ran in autonomy. The problem was determined to be iSCSI-related. When the iSCSI server was shut down the GGSN recovered.

Caveats for Cisco IOS Release 12.4(24)MDA12

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDA12.

CSG2 Software for Cisco IOS Release 12.4(24)MDA12 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA12 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA12 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA12 - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA12 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA12:

CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured

If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the write memory command on the PPC 3 results in the following error:

% Error saving SNMP ifIndexes No space left on device

The Ifindex table file in NVRAM is also deleted.

For this problem to occur, all of the following conditions must be met:

The SNMP ifIndex persistence feature must be configured.

The CSG2 release image must include the CSCtr09086 fix.

More than 600 interfaces must be configured.

Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex persistence feature.

CSCty02688—CSG2: Improper session synchronization during upgrade

When performing an in-service upgrade and synchronizing sessions from the active CSG2 Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the synchronization might not complete correctly. The standby CSG2 is synchronized with an unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the BMA, causing all sessions to be overcharged.

Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release, to CSG2 Release 5, or any later release.

CSG2 Software for Cisco IOS Release 12.4(24)MDA12 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA12:

CSCtx99828—CSG:CISCO-PROCESS-MIB cpmCPUTotalPhysicalIndex uses bad entPhysicalIndex

The CPU description is displayed incorrectly in the CISCO-PROCESS-MIB NMS report.

The cpmCPUTotalPhysicalIndex value in the CISCO-PROCESS-MIB might not match the CPU's Entity-MIB entPhysicalIndex value. The cpmCPUTotalPhysicalIndex contains values 0,2-6, but it should contain values 2-7 (where entPhysicalTable contains one row for the Cisco SAMI module, followed by six rows for the SAMI PPC processors).

CSCty49899—Standby PCEF sends Create Session Request to PCRF after reload

When a user is deleted on the active CSG2, the standby CSG2 also sends a CCR-F. That causes the "pcrf failure" counter to increment, as the Diameter connection is not established on the standby CSG2.

CSCty63686—The CSG2 times out the IPv6 fragmented packet when offset=0 and more frag=0

When a TCP (SYN-ACK) arrives from the server, the intermediate node (firewall) adds "fragmentation header" in the IPv6 packet and forwards the packet having offset=0 and more frag=0 to the CSG2. The CSG2 drops the packet while waiting for additional fragments even though this is the one and only packet applicable for this fragment ID.

CSCtz27702—RAR message sent with QoS value 0

When the PCRF sends a RAR request to the CSG2 to change the UE APN-AMBR QoS value, the PGW might reject CoA messages sent from the CSG2 with changes in the QoS for the default bearer.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA12 - Open Caveats

There are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA12.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA12 - Closed Caveats

There are no Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA12.

Caveats for Cisco IOS Release 12.4(24)MDA11

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDA11.

CSG2 Software for Cisco IOS Release 12.4(24)MDA11 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA11 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA11 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA11 - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA11 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA11:

CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured

If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the write memory command on the PPC 3 results in the following error:

% Error saving SNMP ifIndexes No space left on device

The Ifindex table file in NVRAM is also deleted.

For this problem to occur, all of the following conditions must be met:

The SNMP ifIndex persistence feature must be configured.

The CSG2 release image must include the CSCtr09086 fix.

More than 600 interfaces must be configured.

Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex persistence feature.

CSCty02688—CSG2: Improper session synchronization during upgrade

When performing an in-service upgrade and synchronizing sessions from the active CSG2 Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the synchronization might not complete correctly. The standby CSG2 is synchronized with an unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the BMA, causing all sessions to be overcharged.

Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release, to CSG2 Release 5, or any later release.

CSG2 Software for Cisco IOS Release 12.4(24)MDA11 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA11:

CSCtr09086—CSG2:R5:SNMPWALK for interface table displays only the CP's interfaces

An SNMP walk on the CSG2 interface table in the Cisco SAMI shows only the CP's interfaces. The TP interfaces and statistics are not shown.

CSCts13678—Charging ID missing in Service Stop message when Gx enabled

When a subscriber is Gx-enabled, and the user is deleted, the CSG2 sends a Service Stop message to the quota server, but the CSG2 does not include the RADIUS attribute Charging ID in the message.

CSCts47723—CSG2 sends wrong usage count in CCR-F when CCA-U timeout or failure occur

If a CCA-U timeout/failure occurs on the CSG2, the CSG2 might send the wrong usage count in the CCR-F. The CSG2 continues to count the usage even after the CCA-U timeout/failure occurs.

CSCts73889—CSG2 ACCEL encap lookup failed

If there is more than one path to the source or destination IP address, the CSG2 ACCEL encap lookup might fail.

CSCts84547—Include QoS in CCR-U for EPS users even without QoS change

The CSG2 might not include Quality of Service (QoS) information in the CCR-U.

CSCtt08817—RTSP protocol statistics report a 0 value

When control-url is configured for a content, the output for the show ip csg stats protocol command displays 0 for the RTSP protocol.

CSCtt45725—CSG2: Traceback seen on CP console

Traceback might be seen on the CP console. This can occur when there is no enough buffer space to accommodate all of the content. Part of the output for the show command for that particular content might be truncated. The traceback has no other functional impact.

CSCtu00081—CSG2 rejects a RAR with a nexthop of 0.0.0.0

When a RAR is sent with a nexthop uplink IP address of 0.0.0.0, the CSG2 discards it as an invalid address.

CSCtu19283—CSG2 needs to support 32 char VRF name in ExtendedUserIndex TLV of SCU

The CSG2 truncates VRF table names that are longer than 32 characters.

CSCtu23680—Failover in-between call, newly active CSG2 sends 5012 for RAR-rule-remove

If a failover occurs in-between a call, the newly active CSG2 sends 5012 for the RAR-rule-remove and does not send the COA.

When that issue is fixed, the newly active CSG2 sends a COA with an UNKNOWN source-IP address.

When that issue is fixed, tracebacks are generated when the sticky entry is created.

CSCtu31661—New CLI to stop counting if CCR-U failed

The CSG2 stops counting usage if the CCR-U fails. This CDETS introduces the ip csg ccr-u-fail stop-count command, which enables the CSG2 to continue to count usage in the event of a CCR-U failure.

CSCtu53660—CSG2- Diameter error- Dia Transport: TCP port unavailable

In the Gx interface, the TCP port to the PCRF server might become unavailable.

The TCP connection on the Gx interface between the CSG2 and the PCRF is not coming up. The issue is encountered after the PCRF connection goes down and comes up multiple times. This causes the local port leak to accumulate, and the local port becomes unavailable to establish the TCP connection.

CSCtw68505—User's billing is unknown

Some subscribers associated with a secondary PDP are not assigned a billing plan, because the 3GPP charging ID (as part of the RADIUS attributes) is missing in the user's Profile Request that is sent to the quota server.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA11 - Open Caveats

There are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA11.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA11 - Closed Caveats

The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA11:

CSCsx76826—SAMI SNMP ENTITY-MIB entPhysicalTable miscellaneous issues

When queried via SNMP, the Cisco SAMI Name and Desc values stored in the Entity-MIB (RFC4133) do not match the Name and Desc values and formats displayed using the show inventory command.

CSCsx82030—Specific configuration sequence causes configuration download/parse error on the Cisco SAMI

A specific configuration sequence causes a configuration download/parse error on the Cisco SAMI.

The condition is logged as follows:

SAMI 1/3: Feb 18 09:27:43.779: %IPC-0-CFG_DOWNLOAD_ERROR: Configuration
download/parse error: Failed to download config on one or more processors,
traffic will get blocked -Process= "Init", ipl= 0, pid= 3
 
   

If inter-device redundancy is configured, a peer SAMI might reload with the redundancy framework (RF)/Cisco IOS Hot Standby Routing Protocol (HSRP) state broken.

The following configuration sequence causes the configuration download/parse error:

a. The "snmp-server community" is using a standard ACL.

b. The standard ACL is removed.

c. A new extended ACL is created with the same name as the previous standard ACL.

d. The SAMI is reloaded.

After the reload, the SAMI receives the configuration download/parse error.

CSCtq39561—HSRP/RF running while writing debuginfo causes delayed switchover

A delayed switchover can occur in an active-standby pair of Cisco SAMIs. That is, when the active SAMI goes down, the standby SAMI might not become active for several minutes.

CSCts68928—SAMI: write erase and reload cause CFG_DNLD_ERROR

Issuing an erase bootflash on the PCOP results in a configuration download error with the following error message:

%IPC-0-CFG_DOWNLOAD_ERROR: Configuration download/parse error: Failed to download config on one or more processors, traffic will get blocked -Process= "Init", ipl= 0, pid= 3

CSCtt11430—IXP: Restrict QueueManager Microblock to hold 250 DRAM buffers

The Cisco SAMI reloads after a long run, with the following syslog error message on the PPC console:

%PLATFORM-4-DP_HM_WARN: Failed to receive response from IXP<1/2> in 22 retries, system will reboot if it continues to fail receiving response in another 8 retries (i.e. in the next 80 secs.) Check `sami health-monitoring' configuration and see `show sami health-monitoring' for more info

The PPCs send health monitoring (HM) messages to each of the two IXPs, expecting them to respond. When the IXP fails to allocate DRAM packet buffers for these HM messages successively, the PPCs take defensive action and reload the SAMI.

CSCtt21485—IXP: RX MB de-queues invalid buffer handle

The Cisco SAMI card reloads due to a health monitoring (HM) failure.

%PLATFORM-4-DP_HM_WARN: Failed to receive response from IXP<1/2> in 22 retries, system will reboot if it continues to fail receiving response in another 8 retries (i.e. in the next 80 secs.) Check `sami health-monitoring' configuration and see `show sami health-monitoring' for more info

The IXP fails to respond to HM messages sent from the PPC.

CSCtt32257—Mechanism to detect health of IXP Lookup threads

While debugging, it is observed on rare occasions that all of the lookup threads become stuck, resulting in the IXP not processing any packets. The Cisco SAMI IXP has more than 50 look threads. If a few threads fail, the system might not report the failure right away, but continue to work in degraded mode.

CSCtt37393—To disable write mem in TCOPS

Scheduled jobs (cron table jobs) execute the write memory command on the Cisco SAMI TCOPs. The cron job is a distributed command, which means it is propagated to the TCOPs.

The Cisco SAMI single IP architecture does not use TCOP configuration files in NVRAM. The TCOP configurations are driven by the PCOP, which retrieves the configuration file from the supervisor. Executing the write memory command in the TCOPs saves the configuration in the TCOP NVRAM. This is an unnecessary and redundant write to NVRAM.

With this fix, the write memory command is disabled at the TCOPs.

CSCtt45681—Active reset when standby is upgraded with less-than-default HSRP timer

When the Cisco SAMI HSRP timer values are configured to less than their default values, and the standby SAMI has a higher IP/priority configured, the active SAMI card might reset when the standby SAMI is upgraded

CSCtu50827—The Cisco SAMI reloads due to PPC-LCP HM failure after crash

The Cisco SAMI reloads due to an LCP-to-PPC health monitoring failure. This reload occurs only when a flash operation occurs at the same time a software issue causes a crash.

CSCtx38172—Red zone corruption on the CSG2 leads to a crash

When the TP receives bad trailers from the IXP, the bad trailer count on the TP increases, and the CSG2 might crash as a result of Memory Block Red Zone corruption.

Caveats for Cisco IOS Release 12.4(24)MDA10

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDA10.

CSG2 Software for Cisco IOS Release 12.4(24)MDA10 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA10 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA10 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA10 - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA10 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA10:

CSCtr09086—CSG2:R5:SNMPWALK for interface table displays only the CP's interfaces

An SNMP walk on the CSG2 interface table in the Cisco SAMI shows only the CP's interfaces. The TP interfaces and statistics are not shown.

Workaround: None.

CSCts13678—Charging ID missing in Service Stop message when Gx enabled

When a subscriber is Gx-enabled, and the user is deleted, the CSG2 sends a Service Stop message to the quota server, but the CSG2 does not include the RADIUS attribute Charging ID in the message.

Workaround: None.

CSCts47723—CSG2 sends wrong usage count in CCR-F when CCA-U timeout or failure occur

If a CCA-U timeout/failure occurs on the CSG2, the CSG2 might send the wrong usage count in the CCR-F. The CSG2 continues to count the usage even after the CCA-U timeout/failure occurs.

Workaround: None.

CSG2 Software for Cisco IOS Release 12.4(24)MDA10 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA10:

CSCtq94337—eGGSN- Packets are stuck in the quota server queue

In an eGGSN configuration, packets might become stuck in the quota server queue.

CSCtr08631—The CSG2 is reporting negative usage to the BMA after a failover

After a failover, the Service Usage reported as quadrans in an intermediate or final BMA CDR is less than that reported in a prior intermediate CDR.

For this problem to occur, all of the following conditions must be met:

Intermediate CDRs must be configured for type OTHER or NBAR.

A CSG2 failover must have occurred after an intermediate CDR has been generated for one or more long-lived Layer 4 sessions.

CSCtr88344—RAR received before CCA-I is dropped; further RARs after CCA-I handled

When the PCRF places the CCA-I and the RAR in the same packet, the RAR message and all subsequent RAR messages are ignored. Since no RAA is returned for the first RAR, all subsequent RARs are also rejected.

CSCts04905—CSG2: Socket leak in Diameter transport code

The CSG2 cannot get the socket to set up the Diameter TCP connection to the PCRF.

CSCts08568—Ability to tweak the TCP MSS for indirectly connected network

If the Diameter TCP peer is on a different subnet than the CSG2 diameter peer, the TCP MSS cannot be tuned for the indirectly connected network for the Diameter application. This occurs for either a Gx or a Gy implementation on the CSG2. By default, a value of 536 bytes is chosen for the TCP MSS, and the ip tcp mss 1460 global configuration command does not increase the MTU to 1460.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA10 - Open Caveats

There are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA10.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA10 - Closed Caveats

The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA10:

CSCtc95114—Flash file system raises interrupt level during write operations

When performing a write memory or copying a file to the bootflash of a PowerPC (PPC), the Cisco SAMI drops a few packets.

CSCtd26768—Configuring the banner motd delim command enters an unknown configuration mode

When a subscriber attempts to configure a multiline banner message, the session or console prompt goes into an "unknown mode" state and cannot recover.

This condition is not seen with preexisting multiline banner messages, but only when one is configured at the prompt.

CSCtj29848—SME crash on LCP while trying to collect coredump

The Cisco SAMI LCP crashes and reloads while attempting to collect core dump information. This condition occurs only when the IXP network processor is hung.

CSCtr32221—Decrease time-interval of PPC to IXP health-monitoring messages

In an active-standby Cisco SAMI pair, if the standby SAMI has a higher HSRP priority than the active SAMI, the active SAMI might reload when the IXP on the standby SAMI fails.

CSCtr81828—SRAM dequeue diagnostic in QM

The Cisco SAMI reloads with the following syslog error message:

%PLATFORM-1-DP_HM_FAIL: Failed to receive response from IXP<1/2>. Check `sami health-monitoring' configuration and see `show sami health-monitoring' for more info

The SAMI reloads when the IXP fails to respond to a health monitoring (HM) message sent by the PPCs. The IXP fails to respond to HM messages because the hardware assist that maintains the buffers known as the q-array is corrupted, A Null buffer handle (invalid) is de-queued.

The IXP maintains packets, including HM messages, in DRAM buffers, Pointers (buffer handles) to these buffers are maintained by q-arrays, and it is expected that q-arrays give valid buffer handles, when a Null buffer handle (invalid) is de-queued by a q-array, the IXP can no longer process incoming packets.

CSCts39548—The core: in LCP uses more bytes than the sum of the file sizes

The core: directory in the LCP shows more "total used" bytes than the sum of the size of the files that it contains.

CSCts39558—Free space script in LCP deletes crashinfo files at time of crash

If the core: directory in the LCP shows more "total used" bytes than the sum of the size of files that it contains, the CSG2 might reload due to a failure. The IXP core: is collected, but the IXP crashinfo file is missing in the crashinfo tar.

Caveats for Cisco IOS Release 12.4(24)MDA9

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDA9.

CSG2 Software for Cisco IOS Release 12.4(24)MDA9 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA9 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA9 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA9 - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA9 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA9:

CSCtq94337—eGGSN- Packets are stuck in the quota server queue

In an eGGSN configuration, packets might become stuck in the quota server queue.

Workaround: None.

CSCtr08631—The CSG2 is reporting negative usage to the BMA after a failover

After a failover, the Service Usage reported as quadrans in an intermediate or final BMA CDR is less than that reported in a prior intermediate CDR.

For this problem to occur, all of the following conditions must be met:

Intermediate CDRs must be configured for type OTHER or NBAR.

A CSG2 failover must have occurred after an intermediate CDR has been generated for one or more long-lived Layer 4 sessions.

Workaround: Disable intermediate CDR reporting.

CSCtr09086—CSG2:R5:SNMPWALK for interface table displays only the CP's interfaces

An SNMP walk on the CSG2 interface table in the Cisco SAMI shows only the CP's interfaces. The TP interfaces and statistics are not shown.

Workaround: None.

CSG2 Software for Cisco IOS Release 12.4(24)MDA9 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA9:

CSCtr69315—The CSG2 is delaying CCRs

The CSG2 might not send a CCR to the PCRF immediately after receiving accounting messages from the PGW. Therefore the CCR timeout occurs before the CCA is received, even though the CCA is received immediately. The retransmit CCR is sent to the next PCRF in the configuration. The CCA received for the retransmit CCR has 5012 - error in CCA Result code AVP.

A burst of 20 to 40 CCRs is sent to the PCRF, then no messages for almost two minutes.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA9 - Open Caveats

There are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA9.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA9 - Closed Caveats

The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA9:

CSCtq42221—Input Queue Drop Counters are Incrementing Continuously

When the image is loaded, the counter for gig 0/0 starts incrementing. If there is no traffic on the router, the inputs queue drops and continues to increment.

Caveats for Cisco IOS Release 12.4(24)MDA8

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDA8.

CSG2 Software for Cisco IOS Release 12.4(24)MDA8 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA8 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA8 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA8 - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA8 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA8:

CSCtq94337—eGGSN- Packets are stuck in the quota server queue

In an eGGSN configuration, packets might become stuck in the quota server queue.

Workaround: None.

CSCtr08631—The CSG2 is reporting negative usage to the BMA after a failover

After a failover, the Service Usage reported as quadrans in an intermediate or final BMA CDR is less than that reported in a prior intermediate CDR.

For this problem to occur, all of the following conditions must be met:

Intermediate CDRs must be configured for type OTHER or NBAR.

A CSG2 failover must have occurred after an intermediate CDR has been generated for one or more long-lived Layer 4 sessions.

Workaround: Disable intermediate CDR reporting.

CSCtr09086—CSG2:R5:SNMPWALK for interface table displays only the CP's interfaces

An SNMP walk on the CSG2 interface table in the Cisco SAMI shows only the CP's interfaces. The TP interfaces and statistics are not shown.

Workaround: None.

CSG2 Software for Cisco IOS Release 12.4(24)MDA8 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA8:

CSCtr64807—Enhanced diameter retry logic

A new user session might not be allowed when the PCRF responds with 5012 to a retransmitted packet. The CSG2 might show a very high number of CCA failures as a result of timeout and reject. The relevant CCA Failure statistics are:

CCA Failure: 
  pcrf failure    = 0 
  pcrf timeout    = 91893 
  pcrf reject       = 107559

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA8 - Open Caveats

Thee are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA8.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA8 - Closed Caveats

There are no Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA8.

Caveats for Cisco IOS Release 12.4(24)MDA7

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDA7.

CSG2 Software for Cisco IOS Release 12.4(24)MDA7 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA7 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA7 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA7 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA7 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA7:

CSCtq94337—eGGSN- Packets are stuck in the quota server queue

In an eGGSN configuration, packets might become stuck in the quota server queue.

Workaround: None.

CSCtr08631—The CSG2 is reporting negative usage to the BMA after a failover

After a failover, the Service Usage reported as quadrans in an intermediate or final BMA CDR is less than that reported in a prior intermediate CDR.

For this problem to occur, all of the following conditions must be met:

Intermediate CDRs must be configured for type OTHER or NBAR.

A CSG2 failover must have occurred after an intermediate CDR has been generated for one or more long-lived Layer 4 sessions.

Workaround: Disable intermediate CDR reporting.

CSCtr09086—CSG2:R5:SNMPWALK for interface table displays only the CP's interfaces

An SNMP walk on the CSG2 interface table in the Cisco SAMI shows only the CP's interfaces. The TP interfaces and statistics are not shown.

Workaround: None.

CSG2 Software for Cisco IOS Release 12.4(24)MDA7 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA7:

CSCtq76436—The ip csg rate-limit mid-flow-syn command might leak packet buffers

I/O memory (in the form of packet buffers) might be leaked on the CSG2 traffic processors (TPs).

To detect the leak:

Issue the show memory statistics command several times on the TPs and verify that the entry corresponding to row I/O and column Used (b) rises steadily.

Issue the show buffers command several times on the TPs and verify that the total number of buffers in use by any pool rises consistently.

For this problem to occur, all of the following conditions must be met:

The ip csg rate-limit mid-flow-syn command must be configured on the CSG2.

The mid flow SYN drop counters in the Session L4 Stats section of the output of the show ip csg stat command from the TPs must be non-zero.

CSCtq83846—Possible leak due to an out-of-order mid-flow SYN with the ACK bit set

The CSG2 might experience a memory leak due to an out-of-order mid-flow SYN with the ACK bit set. To detect the leak, examine the Pct Used value in the Application column in the CSG Buffer Management Stats section of the output of the show ip csg stats command.

CSCtr21100—Potential crash with a concurrent service idle timeout and RADIUS Accounting Stop

The CSG2 might crash when processing a service idle timeout and a RADIUS Accounting Stop for given user at the same time.

CSCtr33104—Accelerated TCP connections are not deleted or idled under high stress

When running under high stress and high CPU, the CSG2 might fail to free or clean up some accelerated flows after idling for a long time.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA7 - Open Caveats

There are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA7.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA7 - Closed Caveats

There are no Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA7.

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

The following list identifies Cisco PSIRT closed caveats that impact Cisco IOS Release 12.4(24)MDA7:

CSCth11006

The Cisco IOS Software network address translation (NAT) feature contains multiple denial of service (DoS) vulnerabilities in the translation of the following protocols:

NetMeeting Directory (Lightweight Directory Access Protocol, LDAP)

Session Initiation Protocol (Multiple vulnerabilities)

H.323 protocol

All the vulnerabilities described in this document are caused by packets in transit on the affected devices when those packets require application layer translation.

Cisco has released free software updates that address these vulnerabilities.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110928-nat.shtml.

CSCti48483

The Cisco IOS Software network address translation (NAT) feature contains multiple denial of service (DoS) vulnerabilities in the translation of the following protocols:

NetMeeting Directory (Lightweight Directory Access Protocol, LDAP)

Session Initiation Protocol (Multiple vulnerabilities)

H.323 protocol

All the vulnerabilities described in this document are caused by packets in transit on the affected devices when those packets require application layer translation.

Cisco has released free software updates that address these vulnerabilities.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110928-nat.shtml.

CSCtj04672

The Cisco IOS Software network address translation (NAT) feature contains multiple denial of service (DoS) vulnerabilities in the translation of the following protocols:

NetMeeting Directory (Lightweight Directory Access Protocol, LDAP)

Session Initiation Protocol (Multiple vulnerabilities)

H.323 protocol

All the vulnerabilities described in this document are caused by packets in transit on the affected devices when those packets require application layer translation.

Cisco has released free software updates that address these vulnerabilities.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110928-nat.shtml.

Caveats for Cisco IOS Release 12.4(24)MDA6

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDA6.

CSG2 Software for Cisco IOS Release 12.4(24)MDA6 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA6 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA6 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA6 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA6 - Open Caveats

There are no Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA6.

CSG2 Software for Cisco IOS Release 12.4(24)MDA6 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA6:

CSCtb17999—Tracebacks on DPR from server, client closes TCP before sending DPA

When the PCRF (Policy and Charging Rules Function) sends a Diameter DPR (Disconnect Peer Request) followed by a TCP FIN to the CSG2 that is acting as the PCEF (Policy Charging Enforcement Function), the CSG2 first sends a TCP FIN-ACK and then tries to send a Diameter DPA (Disconnect Peer Answer) back to the PCRF. However, the DPA is not delivered because the TCP connection has been closed, and tracebacks are seen on the CSG2/PCEF. The CSG2/PCEF should instead send the DPA message first and then follow up the TCP connection termination by sending the FIN-ACK.

CSCtn15950—Configuration rollback fails while taking a content out-of-service

Rolling back the CSG2 configuration might fail while taking a content out-of-service.

CSCtn80399—The CSG2 must include the default bearer's accounting session ID in the PoD

The CSG is sending the dedicated bearer session ID in Packet of Disconnect (PoD) requests to clear users instead of the default bearer ID.

CSCtn82586—For virtual prepaid users, the ip csg report block prepaid command should not block CDRs

For virtual prepaid users, the ip csg report block prepaid command is blocking all CDRs.

CSCto77259—CSG2 WAP storage corruption

If the CSG2 is performing Layer 7 WAP 1.x data packet inspection on a POST request that contains a segmented URL, the CSG2 might crash.

CSCtq46748—Standby CSG2 might reload when processing an HA update message

The standby CSG2 might reload.

For this problem to occur, all of the following conditions must be met:

The CSG2 must be operating as a standby device in a high availability (HA) configuration.

Many RADIUS attributes (10 or so) must be configured for reporting in the Packet of Disconnect (PoD).

The system must be under stress, such as would occur when processing a bulk HA state update soon after bootup.

CSCtq58734—Byte count reported by CSG2 to PGW does not match volume threshold in CDR

The PGW might report incorrect usage information in PGW CDRs. The final CDR (after the CSG2 user closes all services or decelerates all flows) does contain the correct accumulated usage information.

For this problem to occur, all of the following conditions must be met:

The PGW must be configured to query the CSG2 for usage information on a scheduled basis.

The CSG2 must be configured for eG-CDRs using time-based service-level CDRs.

The CSG2 contents must be configured for acceleration.

CSCtq60404—The CSG2 reloads when creating and deleting Gx users with traffic

The CSG2 might reload when creating and deleting tens of thousands of Gx users with traffic. The CSG2 must be under heavy load, creating and deleting 100,000 to 180,000 users and processing 10 sessions per user.

CSCtq60705—The CSG2 fails to parse egcdr_correlator_id correctly in RADIUS messages

When eG-CDRs are configured for use between the eGGSN/PGW and the CSG2, the eGGSN/PGW might reject GTP messages from the CSG2, with the following message:

%CSG-3-GTP_REJECT: GTP received

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA6 - Open Caveats

There are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA6.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA6 - Closed Caveats

The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA6:

CSCtn95286—SAMI: Summit registers workaround for FRU power failure

At high traffic loads, the Cisco SAMI might reload as a result of a failure of power convertor 0x5.

%OIR-SP-6-PWRFAILURE: Module 2 is being disabled due to power convertor failure 0x5
%C6KPWR-SP-4-DISABLED: power to module in slot 2 set off (FRU-power failed)

CSCto24878—IPv6 TCP connections do not end correctly when accelerate

Accelerated IPv6 sessions do not clean up properly on the CSG2 when they end. The output of the show ip csg sessions user command shows these sessions in FIN_NET state.

For this problem to occur, all of the following conditions must be met:

An IPv6 flow must hit a content that is marked for acceleration, and then accelerates.

The parsing on the content must be for type other.

Either side of the flow must send a FIN, which causes the IPv6 flow to decelerate.

The FIN/ACK and ACK signals must traverse the CSG2, and the endpoints must terminate the flow normally.

CSCto66682—The CSG2 is losing the RADIUS PoD

Under normal operation with subscriber traffic classification enabled, a RADIUS PoD sent through the CSG2 might never appear on the egress.

CSCto72922—SAMI IXP not dropping packets larger than maximum supported packet size

Packets larger than 3072 bytes, which is the maximum supported packet size for the Cisco SAMI, are being forwarded to the Cisco SAMI PowerPCs (PPCs), resulting in the following error message:

%ETSEC-1-ERROR_INT_CAUSE IEVENT_BABR

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

The following list identifies Cisco PSIRT closed caveats that impact Cisco IOS Release 12.4(24)MDA6:

CSCtj41194

Cisco IOS Software contains a vulnerability in the IP version 6 (IPv6) protocol stack implementation that could allow an unauthenticated, remote attacker to cause a reload of an affected device that has IPv6 enabled. The vulnerability may be triggered when the device processes a malformed IPv6 packet.

Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate this vulnerability.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110928-ipv6.shtml.

Caveats for Cisco IOS Release 12.4(24)MDA5

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDA5.

CSG2 Software for Cisco IOS Release 12.4(24)MDA5 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA5 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA5 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA5 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA5 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA5:

CSCtn80399—The CSG2 must include the default bearer's accounting session ID in the PoD

The CSG is sending the dedicated bearer session ID in Packet of Disconnect (PoD) requests to clear users instead of the default bearer ID.

Workaround: None.

CSCtn82586—For virtual prepaid users, the ip csg report block prepaid command should not block CDRs

For virtual prepaid users, the ip csg report block prepaid command is blocking all CDRs.

Workaround: None.

CSG2 Software for Cisco IOS Release 12.4(24)MDA5 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA5:

CSCtn11309—SAMI crash at nsd_proxy_send_dupack

For a proxied session, when an out-of-order packet is received which is fragmented and is not the first packet, the CSG2 queues the packet and sends a duplicate ACK. The Cisco SAMI might crash while building the duplicate ACK.

CSCtn62963—Support HTTPS URL redirection

Modify the CSG2 to support HTTPS URL redirection.

CSCtn86043—QoS parameters to QCI mapping is incorrect for REL99 QoS

The mapping of Quality of Service (QoS) parameters to QoS Class Identifier (QCI) is incorrect for Release 99 QoS.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA5 - Open Caveats

There are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA5.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA5 - Closed Caveats

The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA5:

CSCtl90606—Traffic is passed to and from the GGSN SAMI even if the SVCLCs have been removed

Traffic leaks between the Cisco SAMI and the Supervisor Engine even if the service line cards (SVCLCs) have been removed.

CSCtn31857—CSG2 R5 MDA3: Traceback seen on CP console

Traceback might be seen on the CP console.

For this problem to occur, all of the following conditions must be met:

There must be accelerated IPv6 concurrent TCP sessions/flows.

Sessions must be brought up at 2000 connections per second.

There must be a TCP handshake plus two packets each from client and server.

The session must be left open.

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

The following list identifies Cisco PSIRT closed caveats that impact Cisco IOS Release 12.4(24)MDA5:

CSCtl79577

A denial of service (DoS) vulnerability exists in the Cisco Content Services Gateway-Second Generation, that runs on the Cisco Service and Application Module for IP (SAMI). An unauthenticated, remote attacker could exploit this vulnerability by sending a series of crafted ICMP packets to an affected device. Exploitation could cause the device to reload.

There are no workarounds available to mitigate exploitation of this vulnerability other than blocking ICMP traffic destined to the affected device.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110706-csg.shtml

PSIRT Evaluation:

The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 7.8/6.4:

https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?
dispatch=1&version=2&vector=AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C

CVE ID CVE-2011-2064 has been assigned to document this issue.

Additional information on Cisco's security vulnerability policy can be found at the following URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

Caveats for Cisco IOS Release 12.4(24)MDA4

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDA4.

CSG2 Software for Cisco IOS Release 12.4(24)MDA4 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA4 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA4 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA4 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA4 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA4:

CSCtg97944—R5: IPC-4-CFG_SYNC_ERROR occurs during config stress test

If there are many configuration commands running on the CSG2 simultaneously from different Virtual Teletype (VTY) sessions, the following error message might be displayed on the console and in the error logs:

%IPC-4-CFG_SYNC_ERROR: Configuration Sync error: Command failed

Workaround: Use only one VTY line for configuration commands at a time. If you must use more than one VTY line for configuration commands at a time, ensure that they are not both scripted.

CSG2 Software for Cisco IOS Release 12.4(24)MDA4 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA4:

CSCtk75416—CSG2: Need to support QCT with virtual prepaid acceleration

Virtual prepaid acceleration does not support quota consumption time (QCT). When a session hits a service that is configured for QCT, and virtual prepaid is accelerated, the CSG2 charges for all idle time that occurs while the session is accelerated, regardless of the QCT value.

For this problem to occur, all of the following conditions must be met:

The content must be configured for acceleration.

The service must be configured as virtual prepaid.

The service must be configured with a QCT value.

CSCtl00179—AVP header string missing in RADIUS attribute in CoA for the Cont-Flag TLV

When an installed rule contains information that exceeds the maximum RADIUS attribute size of 255 bytes, the CSG2 creates a new attribute to hold the remainder of the information. However, the AVP header string is missing from the new attribute, so the PGW cannot process it.

CSCtl09496—CSG2 returns incorrect traffic class and flow label in IPv6 header

The CSG2 might report incorrect IPv6 traffic classes and flow labels in CDRs.

CSCtl48268—CSG2: Diameter protocol error can cause memory corruption and crash

The CSG2 might crash as a result of a memory corruption or accessing an invalid address. The logs from the crashinfo show that the PCRF sent Diameter protocol errors.

CSCtl55119—Warning: Fragment double unlock

The following error might be seen in the logs:

SAMI 1/7: %CSG-4-WARNING: Unexpected condition: Fragment double unlock
-Process= "CSG QUOTA RESOLVER", ipl= 1, pid= 174,
-Traceback= 0x44088EA8z 0x441EAE44z 0x441EB764z 0x4407D1D8z 0x4418D2ACz 0x4418D460z 0x4549F184z 0x454A2864z

CSCtl59093—CSG2 R5 crash during content inservice

When activating a content using the inservice command, the CSG2 might generate CPUHOG and CPUYIELD error messages.

For this problem to occur, all of the following conditions must be met:

A large number of match patterns must be configured.

A large number of the match patterns must be double-wildcard match patterns.

The CSG2 regular expression (regex) memory must be configured at or near the maximum setting.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA4 - Open Caveats

There are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA4.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA4 - Closed Caveats

The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA4:

CSCtj86047—Unable to disassociate iSCSI profile from the CSG2

The iSCSI configuration on the CSG2 cannot be modified. The following error is logged:

%Cannot modify in use target profile, first dissociate profile TEST from application

CSCtj96992—iSCSI classified name is not as per iSCSI specification; containing invalid characters

The iSCSI classified name does not conform to the iSCSI specification. It contains invalid characters.

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

The following list identifies Cisco PSIRT closed caveats that impact Cisco IOS Release 12.4(24)MDA4:

CSCtd10712

The Cisco IOS Software network address translation (NAT) feature contains multiple denial of service (DoS) vulnerabilities in the translation of the following protocols:

NetMeeting Directory (Lightweight Directory Access Protocol, LDAP)

Session Initiation Protocol (Multiple vulnerabilities)

H.323 protocol

All the vulnerabilities described in this document are caused by packets in transit on the affected devices when those packets require application layer translation.

Cisco has released free software updates that address these vulnerabilities.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110928-nat.shtml.

Caveats for Cisco IOS Release 12.4(24)MDA3

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDA3.

CSG2 Software for Cisco IOS Release 12.4(24)MDA3 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA3 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA3 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA3 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA3 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA3:

CSCtg97944—R5: IPC-4-CFG_SYNC_ERROR occurs during config stress test

If there are many configuration commands running on the CSG2 simultaneously from different Virtual Teletype (VTY) sessions, the following error message might be displayed on the console and in the error logs:

%IPC-4-CFG_SYNC_ERROR: Configuration Sync error: Command failed

Workaround: Use only one VTY line for configuration commands at a time. If you must use more than one VTY line for configuration commands at a time, ensure that they are not both scripted.

CSCtk75416—CSG2: Need to support QCT with virtual prepaid acceleration

Virtual prepaid acceleration does not support quota consumption time (QCT). When a session hits a service that is configured for QCT, and virtual prepaid is accelerated, the CSG2 charges for all idle time that occurs while the session is accelerated, regardless of the QCT value.

For this problem to occur, all of the following conditions must be met:

The content must be configured for acceleration.

The service must be configured as virtual prepaid.

The service must be configured with a QCT value.

Workaround: None.

CSCtl00179—AVP header string missing in RADIUS attribute in CoA for the Cont-Flag TLV

When an installed rule contains information that exceeds the maximum RADIUS attribute size of 255 bytes, the CSG2 creates a new attribute to hold the remainder of the information. However, the AVP header string is missing from the new attribute, so the PGW cannot process it.

Workaround: None.

CSG2 Software for Cisco IOS Release 12.4(24)MDA3 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA3:

CSCsh25384—CP crash in csg_gtp_queue_and_send when running simple_redund

If a failover occurs and the no ip csg bma or no ip csg quota-server command is issued, the CSG2 might crash.

CSCtj04285—Slow clearing of the quota server queues in the CSG2

During high traffic conditions the CSG2 clears the quota server queue too slowly.

CSCtj25636—CCR-I resent to the backup before the original CCR-I is sent

When Diameter does not receive a response to a Diameter request from the PCRF within the configured timeout interval, the primary Diameter peer sends a CCR-I shortly after the backup has sent out the same CCR-I with the retransmit flag set.

CSCtj47383—CSG2 crashes while preloading an invalid service AVP

If the PCRF sends an invalid RAR containing more than one object type, the CSG2 might crash when processing the message.

CSCtj73069—CSG2: Usage statistics are not replicated to redundant side during failover

The session usage statistics are not replicated to the standby CSG2.

CSCtj79912—NBAR: STUN traffic classified as Unknown

The CSG2 VoIP protocols can use STUN for NAT discovery. STUN packets might be interleaved with actual VoIP packets in the same session. To deal with that, NBAR classifies each packet of that session independently.

The CSG2 code currently ignores the STUN classification and waits for a more accurate classification, or for parse length number of bytes to elapse, before trying to assign a policy. If NBAR cannot ID the VoIP protocol before parse length bytes elapse, the CSG2 uses the classification result from the most recent packet (which would be Unknown) for policy assignment and CDR reporting.

CSCtj84347—CSG2: Relative URL matching fails due to bad host name in recomposed URL

If an HTTP.request-method: spans multiple TCP segments, with the host HTTP header field in the first TCP segment, relative URL matching might fail.

CSCtj98606—CSG2 R5: Preloaded Service-Rating-Group not applied on CSG2 services

A preloaded service rating plan (AVP 131162) from the PCRF might not install correctly on CSG2 services.

CSCtj99945—CSG2: Improper quota server load balancing

The assignment of user entries to quota servers for load-balancing might be askew. For example, if 100 user entries were created with two active quota servers configured, the expected behavior is that each quota server would be assigned about 50 user entries. However, the number of user entries assigned to each quota server might actually be asymmetric and inconsistent.

CSCtk13449—Simultaneous crashes on active/standby at dllobj_lite_add

A simultaneous reset might occur of two CSG2s operating in redundant mode.

CSCtk13992—CSG2 out of IDs: %IDMGR-3-INVALID_ID: bad id in id_get (Out of IDs!)

In an eGGSN deployment with Gx-enabled users, the CSG2 might stop processing certain requests, such as Gx (Diameter requests), causing subscriber outages. The CSG2 might also fail to log in remotely over SSH, generating the following message:

SAMI 4/3: %IDMGR-3-INVALID_ID: bad id in id_get (Out of IDs!) (id: 0x0)

CSCtk34795—CSG2 reauthorization attributes disappeared in User Table on standby CSG2

When two CSG2s operating in redundant mode are configured with RADIUS reauthorization attributes, and the active CSG2 receives the same configured attributes, the attributes are removed for the user on the standby CSG2.

CSCtk36462—Severe memory leak due to SNMP SMALL CHUNK - k_ccsProtocolStatsEntry_get

A severe memory leak might occur on the CSG2 when SNMP polling the following OIDs:

CISCO-CONTENT-SERVICES-MIB

ccsProtocolStatsEntry - 1.3.6.1.4.1.9.9.597.1.2.6.1
ccsBillingPlanStatsEntry - 1.3.6.1.4.1.9.9.597.1.2.7.1

CISCO-MOBILE-POLICY-CHARGING-CONTROL-MIB

cmpccPCRFMethodListStatsTableEntry - 1.3.6.1.4.1.9.9.690.1.2.2.1
cmpccProfileConfigTableEntry - 1.3.6.1.4.1.9.9.690.1.1.1.1

CSCtk55971—Memory leak on CSG2 with process fastblk backgrou

The fastblk backgrou process might exhaust all memory on the CSG2.

CSCtk62797—CSG2: HA update flag for Gx being set incorrectly

While updating packet filters in Gx, the HA update flag is being set incorrectly after the check to send HA update.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA3 - Open Caveats

There are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA3.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA3 - Closed Caveats

The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA3:

CSCtk12410—Crash in a standby processor causes an RF-induced self-reload of active

When two Cisco SAMIs are configured as an active and standby pair, any unexpected reload of one of the processors in the standby SAMI can cause the active SAMI to reload because of an RF-induced self-reload.

This condition can occur if the HSRP priority of the standby SAMI is greater than the priority of the active SAMI, either because of explicit configuration or based on the IP address of the active and standby SAMIs.

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

CSCtk35917

A service policy bypass vulnerability exists in the Cisco Content Services Gateway—Second Generation (CSG2) which runs on the Cisco Service Application Module for IP (SAMI). This vulnerability could allow in certain configurations:

Customers to access sites that would normally match a billing policy to be accessed without being charged to the end customer.

Customers to access sites that would normally be denied based on configured restriction policies.

Additionally Cisco IOS Software Release 12.4(24)MD1 on the CSG2 contains two vulnerabilities that can be exploited remotely, via an unauthenticated attacker resulting in a denial of service of traffic through the CSG2. Both these vulnerabilities require only a single content service to be active on the CSG2 and are exploited via crafted TCP packets. A three way hand-shake is not required to exploit either of these vulnerabilities.

No workarounds that mitigate these vulnerabilities are available.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110126-csg2.shtml

Caveats for Cisco IOS Release 12.4(24)MDA2

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDA2.

CSG2 Software for Cisco IOS Release 12.4(24)MDA2 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA2 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA2 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA2 - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA2 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA2:

CSCtg97944—R5: IPC-4-CFG_SYNC_ERROR occurs during config stress test

If there are many configuration commands running on the CSG2 simultaneously from different Virtual Teletype (VTY) sessions, the following error message might be displayed on the console and in the error logs:

%IPC-4-CFG_SYNC_ERROR: Configuration Sync error: Command failed

Workaround: Use only one VTY line for configuration commands at a time. If you must use more than one VTY line for configuration commands at a time, ensure that they are not both scripted.

CSCtj04285—Slow clearing of the quota server queues in the CSG2

During high traffic conditions the CSG2 clears the quota server queue too slowly.

Workaround: Reduce the quota server queue size, leaving the maximum transmission window size and the retransmission timer set to the defaults.

CSG2 Software for Cisco IOS Release 12.4(24)MDA2 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA2:

CSCti07167—SIP Invite method with map attributes matches wrong policy

A SIP Invite method with attribute maps always matches the default policy instead of the expected policy.

CSCti10611—CSG2 crash on show debug after CSG2 IPv6 ACL removed

If you create an IPv6 ACL using the following commands:

ipv6 access-list CSGV6ACL
deny icmp any any
 
   

then remove the IPv6 ACL using the no form of the deny icmp command:

ipv6 access-list CSGV6ACL
no deny icmp any any
 
   

then enter the show debug command, the CSG2 might crash.

CSCti18302—CSG2 software forced reload after configuring no ip csg bma activate

The CSG2 software forced a reload after a configuration change.

For this problem to occur, all of the following conditions must be met:

The active BMA queues must be full with 20,000 elements waiting to be acknowledged.

The no ip csg bma activate 4 command must be configured.

The ip csg bma activate 4 sticky 60 must be configured.

CSCti35812—Reload triggered when parsing POP3 packet

When the CSG2 is performing Layer 7 parsing of POP3 or SMTP e-mail traffic, and an e-mail packet is received with a crafted malformed, header, a watchdog might trigger a reload of the CSG2.

CSCti62262—CSG2 R5: IPv6L3flow TLV flags are incorrect

When the CSG2 is generating Layer 3 CDRs for non-TCP or non-UDP IPv6 sessions, the flags field reported in the IPv6L3flow TLV (0x0001) are incorrect in the CDRs.

CSCtj09087—CSG2: Cannot preload a content that conflicts with CLI content

If the CSG2 tries to preload a content definition with IP filter parameters that match a content that has already been configured with CLI, the CSG2 does not allow the preloaded content to be brought inservice. The following message is displayed:

SAMI 9/3: CSG-3-PRELOAD ERR: Cannot bring content IP_ANY_PRELOAD inservice, it duplicates content IP_ANY_CLI

CSCtj12698—Traceback during SAMI reload (Cisco IOS CLI) when redundancy is configured

In a redundant Cisco SAMI configuration, the RF-induced self-reload error message and traceback appear on the Supervisor Engine when the SAMI is reloaded or reset.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA2 - Open Caveats

There are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA2.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA2 - Closed Caveats

The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA2:

CSCej50237—Need to store debug information when performing self-induced reload

In a configuration with redundant Cisco SAMIs, if communication between the SAMIs fails, a self-induced reload of one of the SAMIs can occur. However, the necessary debug information is not stored in the SAMI.

CSCth66260—SAMI: core file not being written when the PPC crashes

When the PPC crashes, the core file is not dumped. A general write core command is successful

Caveats for Cisco IOS Release 12.4(24)MDA1

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDA1.

CSG2 Software for Cisco IOS Release 12.4(24)MDA1 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA1 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA1 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA1 - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA1 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA1:

CSCti07167—SIP Invite method with map attributes matches wrong policy

A SIP Invite method with attribute maps always matches the default policy instead of the expected policy.

Workaround: None.

CSCti10611—CSG2 crash on show debug after CSG2 IPv6 ACL removed

If you create an IPv6 ACL using the following commands:

ipv6 access-list CSGV6ACL
deny icmp any any
 
   

then remove the IPv6 ACL using the no form of the deny icmp command:

ipv6 access-list CSGV6ACL
no deny icmp any any
 
   

then enter the show debug command, the CSG2 might crash.

Workaround: Use one of the following workarounds:

Do not use the show debug command.

Do not delete IPv6 ACLs implicitly using the no form of the deny icmp command. Instead, delete IPv6 ACLs explicitly using the no form of the ipv6 access-list command. For example:

no ipv6 access-list CSGV6ACL
 
   

If the deletion is successful, the following messages are seen:

CSG ACL debugging is off
SAMI 1/4: CSG ACL debugging is off
SAMI 1/5: CSG ACL debugging is off
SAMI 1/6: CSG ACL debugging is off
SAMI 1/7: CSG ACL debugging is off
SAMI 1/8: CSG ACL debugging is off

CSCti18302—CSG2 software forced reload after configuring no ip csg bma activate

The CSG2 software forced a reload after a configuration change.

For this problem to occur, all of the following conditions must be met:

The active BMA queues must be full with 20,000 elements waiting to be acknowledged.

The no ip csg bma activate 4 command must be configured.

The ip csg bma activate 4 sticky 60 must be configured.

Workaround: Wait for the BMA queues to drain prior to making configuration changes, or make the changes during a maintenance window.

CSG2 Software for Cisco IOS Release 12.4(24)MDA1 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA1:

CSCth56243—Traceback when showing user with many flow descriptions in rules

In a CSG2 Gx environment in which there are more than 20 flow descriptions as part of a single Gx rule, the show ip csg users detail command might show a traceback and truncate the output.

CSCth61006—CSG2: %IPC-0-CFG_DOWNLOAD_ERROR seen upon reboot

After a reload, the CSG2 might log an IPC-0-CFG_DOWNLOAD_ERROR message, and the CSG2 might block user traffic. This problem can occur if more than 16 ip csg user profile or ip csg select commands are configured.

CSCti06218—Spurious memory access when sending fixed-format CDR

When the ip csg records format fixed command is configured to send fixed-format CDRs, a spurious memory access error might occur.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA1 - Open Caveats

There are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA1.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA1 - Closed Caveats

The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA1:

CSCtg50821—Crashed in crashdump

When the CSG2 crashes, the crash information file might be empty, or it might contain files with little or no content.

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

The following list identifies Cisco PSIRT closed caveats that impact Cisco IOS Release 12.4(24)MDA1:

CSCta20040

Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device when SIP operation is enabled.

Cisco has released free software updates that address these vulnerabilities. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerabilities.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20100922-sip.shtml.

Note: The September 22, 2010, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. Five of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses vulnerabilities in Cisco Unified Communications Manager. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on September 22, 2010, or earlier:

http://www.cisco.com/warp/public/707/cisco-sa-20100922-bundle.shtml

Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep10.html

Cisco Unified Communications Manager (CUCM) is affected by the vulnerabilities described in this advisory. The following Cisco Security Advisory has been published to disclose the vulnerabilities that affect the Cisco Unified Communications Manager at the following location:

http://www.cisco.com/warp/public/707/cisco-sa-20090826-cucm.shtml

CSCtc73759

The H.323 implementation in Cisco IOS Software contains two vulnerabilities that may be exploited remotely to cause a denial of service (DoS) condition on a device that is running a vulnerable version of Cisco IOS Software.

Cisco has released free software updates that address these vulnerabilities. There are no workarounds to mitigate these vulnerabilities other than disabling H.323 on the vulnerable device.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20100922-h323.shtml.

Note: The September 22, 2010, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. Five of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses vulnerabilities in Cisco Unified Communications Manager. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on September 22, 2010, or earlier:

http://www.cisco.com/warp/public/707/cisco-sa-20100922-bundle.shtml

Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep10.html

CSCte14603

A vulnerability in the Internet Group Management Protocol (IGMP) version 3 implementation of Cisco IOS Software and Cisco IOS XE Software allows a remote unauthenticated attacker to cause a reload of an affected device. Repeated attempts to exploit this vulnerability could result in a sustained denial of service (DoS) condition. Cisco has released free software updates that address this vulnerability.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20100922-igmp.shtml.

Note: The September 22, 2010, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. Five of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses vulnerabilities in Cisco Unified Communications Manager. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on September 22, 2010, or earlier:

http://www.cisco.com/warp/public/707/cisco-sa-20100922-bundle.shtml

Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep10.html

CSCtf17624

The Cisco IOS Software Network Address Translation functionality contains three denial of service (DoS) vulnerabilities. The first vulnerability is in the translation of Session Initiation Protocol (SIP) packets, the second vulnerability in the translation of H.323 packets and the third vulnerability is in the translation of H.225.0 call signaling for H.323 packets.

Cisco has released free software updates that address these vulnerabilities.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20100922-nat.shtml.

Note: The September 22, 2010, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. Five of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses vulnerabilities in Cisco Unified Communications Manager. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on September 22, 2010, or earlier:

http://www.cisco.com/warp/public/707/cisco-sa-20100922-bundle.shtml

Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep10.html

CSCtf91428

The Cisco IOS Software Network Address Translation functionality contains three denial of service (DoS) vulnerabilities. The first vulnerability is in the translation of Session Initiation Protocol (SIP) packets, the second vulnerability in the translation of H.323 packets and the third vulnerability is in the translation of H.225.0 call signaling for H.323 packets.

Cisco has released free software updates that address these vulnerabilities.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20100922-nat.shtml.

Note: The September 22, 2010, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. Five of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses vulnerabilities in Cisco Unified Communications Manager. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on September 22, 2010, or earlier:

http://www.cisco.com/warp/public/707/cisco-sa-20100922-bundle.shtml

Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep10.html

CSCtg21685

Cisco IOS Software contains a vulnerability when the Cisco IOS SSL VPN feature is configured with an HTTP redirect. Exploitation could allow a remote, unauthenticated user to cause a memory leak on the affected devices, that could result in a memory exhaustion condition that may cause device reloads, the inability to service new TCP connections, and other denial of service (DoS) conditions.

Cisco has released free software updates that address this vulnerability. There is a workaround to mitigate this vulnerability.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20100922-sslvpn.shtml.

Note: The September 22, 2010, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. Five of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses vulnerabilities in Cisco Unified Communications Manager. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on September 22, 2010, or earlier:

http://www.cisco.com/warp/public/707/cisco-sa-20100922-bundle.shtml

Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep10.html

Caveats for Cisco IOS Release 12.4(24)MDA

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDA.

CSG2 Software for Cisco IOS Release 12.4(24)MDA - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDA - Open Caveats

There are no Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA.

CSG2 Software for Cisco IOS Release 12.4(24)MDA - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDA:

CSCtf33305—CSG2: 150 Cisco-Flow-Description AVPs in a Gx rule freeze the card

When many Cisco-Flow-Description AVPs or Flow-Description AVPs are embedded within one Gx charging rule, the CSG2 might be unable to install the complete rule, the CSG2 console might become unresponsive, and the CSG2 CP CPU utilization might approach 100%.

CSCtg33015—Memory leak on standby CSG2 processors 4-8

A memory leak is observed on the standby CSG2 in a redundant CSG2 pair. The leak is seen only on processors 4-8 of the standby CSG2.

Comparing simultaneous show tech commands from the active and standby CSG2s, the show fastblk output of the show tech command on processors 4 through 8 of the standby CSG2 show a significantly higher memory consumption than the active CSG2. The memory consumption of the standby CSG2 also increases steadily over time.

The exact circumstances that cause this memory leak are unknown, but it is likely related to per-user or per-service QoS.

CSCtg42344—CSG2 crash in interim CDR processing

The CSG2 crashed unexpectedly. It might be related to a memory allocation error message seen prior to the crash.

CSCtg68095—Match attribute a & m for SIP INVITE messages is not working

The match attribute m command for a SIP INVITE message does not work.

CSCtg70982—The secret RADIUS key specified with the ip csg radius endpoint command changes after each write memory operation

The secret RADIUS key for the endpoint that is displayed in the show run output changes as write memory operations are performed.

CSCtg90246—The PoD IP address is not assigned if the sticky user was created before the gateway sends the RADIUS Accounting Start message

If a user is created as a sticky user before the gateway sends the RADIUS Accounting Start message, the CSG2 fails to send the PoD or CoA for the user.

CSCtg98342—The CSG2 freezes for a few seconds after RADIUS Accounting ON/OFF messages

When RADIUS Accounting Off and RADIUS Accounting On messages are sent from the GGSN to the CSG2, the CSG2 freezes for several seconds.

CSCth06554—R5: The CSG2 RADIUS attributes leak memory, resulting in a crash

The TPs might leak processor memory that belongs to fastblks earmarked for storing RADIUS Attributes.

For this problem to occur, all of the following conditions must be met:

RADIUS attributes must be configured under a user class.

A RADIUS Accounting Start message must be received for a subscriber, and some or all of the RADIUS attributes in that message must match those configured under a user class.

A subsequent RADIUS Accounting message (Start or Interim) must be received for the subscriber, and the list of user class attributes in the new message, and the value of each of the attributes, must be identical to what was received in the first RADIUS Accounting Start message.

CSCth07062—R5: DATACORRUPTION after going from standby to active

When the active CSG2 fails over to the standby CSG2, the following message is generated:

AMI 2/3: May 29 16:38:42.634: %DATACORRUPTION-1-DATAINCONSISTENCY: Attempt to memcpy 201 bytes should have been 64 bytes, -PC= 0x4415E7F8z, -Traceback= 0x446AA270z 0x453B3C64z 0x4415E7F8z 0x4416A0A0z 0x4416BCECz 0x44071F68z 0x4407295Cz 0x4407350Cz 0x443481ACz 0x443483B8z 0x44234ED4z 0x442375A4z 0x4547E26Cz 0x44207160z 0x44207160z 0x4547E328z

CSCth09467—CSG2: The Accounting session ID is not used for RADIUS correlation

The accounting session ID is not used for RADIUS correlation to stop the user. The output of the show user command does not show the user's Correlator attribute. The CP leaks fastblk memory allocated for the RADIUS Correlator attribute.

For this problem to occur, all of the following conditions must be met:

The ip csg radius correlation command must be configured.

The RADIUS Accounting Start message must have Cisco VSA subattributes, but not "user_session_correlator=", so that the Acct-Session-Id (RADIUS attribute 44) is used for correlation.

CSCth21954—The PCRF sends 30 rules per user, causing a crash

When using eGGSN and large numbers of Gx/RADIUS attributes, the CSG2 might crash on sending the CoA, generating the following message:

SAMI 6/3: .Jun 8 15:03:40.516: %SYS-6-BLKINFO: Corrupted redzone blk 54668EAC, words 2050, alloc 44172DA8, InUse, dealloc A4905706, rfcnt 1, -Traceback= 0x45377874z 0x453A1EF4z 0x453A23A8z 0x453A4EE4z 0x453A50ACz 0x4547FC64z 0x45483344z

CSCth43275—CSG2 R5 Gx Preload: Service not updated when billing basis is changed

When attempting to update an existing preloaded service with a change to basis seconds connect, the service might fail to preload.

CSCth45928—CSG2 R5 Gx Preload: The CSG2 clears before disabling global mining

When sending the Preload AVP with clear DNS table configured and mining disabled, the preload command might fail.

CSCth56243—Bad string length in csg_kut_show_user_gx_rule

In a CSG2 Gx environment in which there are more than 20 flow descriptions as part of a single Gx rule, the show ip users detail command might show a traceback and truncate the output.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA - Open Caveats

There are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDA - Closed Caveats

The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDA:

CSCta44366--iSCSI connection not getting initiated from the CSG2

If the CSG2 is rebooted, and none of the configuration starts with ip csg, entering the ip csg iscsi profile command after the reboot does not initiate an iSCSI connection.

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

CSCth17178

A service policy bypass vulnerability exists in the Cisco Content Services Gateway—Second Generation (CSG2) which runs on the Cisco Service Application Module for IP (SAMI). This vulnerability could allow in certain configurations:

Customers to access sites that would normally match a billing policy to be accessed without being charged to the end customer.

Customers to access sites that would normally be denied based on configured restriction policies.

Additionally Cisco IOS Software Release 12.4(24)MD1 on the CSG2 contains two vulnerabilities that can be exploited remotely, via an unauthenticated attacker resulting in a denial of service of traffic through the CSG2. Both these vulnerabilities require only a single content service to be active on the CSG2 and are exploited via crafted TCP packets. A three way hand-shake is not required to exploit either of these vulnerabilities.

No workarounds that mitigate these vulnerabilities are available.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110126-csg2.shtml

CSCth41891

A service policy bypass vulnerability exists in the Cisco Content Services Gateway—Second Generation (CSG2) which runs on the Cisco Service Application Module for IP (SAMI). This vulnerability could allow in certain configurations:

Customers to access sites that would normally match a billing policy to be accessed without being charged to the end customer.

Customers to access sites that would normally be denied based on configured restriction policies.

Additionally Cisco IOS Software Release 12.4(24)MD1 on the CSG2 contains two vulnerabilities that can be exploited remotely, via an unauthenticated attacker resulting in a denial of service of traffic through the CSG2. Both these vulnerabilities require only a single content service to be active on the CSG2 and are exploited via crafted TCP packets. A three way hand-shake is not required to exploit either of these vulnerabilities.

No workarounds that mitigate these vulnerabilities are available.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110126-csg2.shtml

Documentation and Technical Assistance

This section contains the following information:

Related Documentation

Obtaining Documentation and Submitting a Service Request

Related Documentation

Use these release notes with these documents:

CSG2 Documentation

Release-Specific Documents

Platform-Specific Documents

Cisco IOS Software Documentation Set

CSG2 Documentation

For more detailed installation and configuration information, see the following publication:

Cisco Content Services Gateway - 2nd Generation Release 5 Installation and Configuration Guide

Release-Specific Documents

The following documents are specific to Cisco IOS Release 12.4 and are located at Cisco.com:

Cisco IOS Release 12.4 Mainline Release Notes

Documentation > Cisco IOS Software > Cisco IOS Software Releases 12.4 Mainline > Release Notes

Cisco IOS Release 12.4 T Release Notes

Documentation > Cisco IOS Software > Cisco IOS Software Releases 12.4 T > Release Notes


Note If you have an account with Cisco.com, you can use Bug Navigator II to find caveats of any severity for any release. You can reach Bug Navigator II on Cisco.com at http://www.cisco.com/support/bugtools.


Product bulletins, field notices, and other release-specific documents on Cisco.com at:

Documentation > Cisco IOS Software > Cisco IOS Software Releases 12.4 Mainline

Platform-Specific Documents

These documents are available for the Cisco 7600 series router platform on Cisco.com and the Documentation CD-ROM:

Cisco Service and Application Module for IP User Guide

Diameter Credit Control Application feature guide

Cisco 7600 series routers documentation:

Cisco 7600 Series Cisco IOS Software Configuration Guide

Cisco 7600 Series Cisco IOS Command Reference

Release Notes for Cisco IOS Release 12.2SR for the Cisco 7600 Series Routers

Cisco IOS Software Documentation Set

The Cisco IOS software documentation set consists of the Cisco IOS configuration guides, Cisco IOS command references, and several other supporting documents that are shipped with your order in electronic form on the Documentation CD-ROM, unless you specifically ordered the printed versions.

Documentation Modules

Each module in the Cisco IOS documentation set consists of two books: a configuration guide and a corresponding command reference guide. Chapters in a configuration guide describe protocols, configuration tasks, Cisco IOS software functionality, and contain comprehensive configuration examples. Chapters in a command reference guide list command syntax information. Use each configuration guide with its corresponding command reference. The Cisco IOS documentation modules are available on Cisco.com at:

Documentation > Cisco IOS Software > Cisco IOS Software Releases 12.4 Mainline > Command References

Documentation > Cisco IOS Software > Cisco IOS Software Releases 12.4 Mainline > Command References > Configuration Guides


Note To view a list of MIBs supported by Cisco, by product, go to: http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml


Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.