Guest

Cisco Content Services Gateway

Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB16

  • Viewing Options

  • PDF (1.0 MB)
  • Feedback

Table Of Contents

Release Notes for Cisco
Content Services Gateway -
2nd Generation Release 6.0
Cisco IOS Release 12.4(24)MDB16

Introduction

Features

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB16

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB15

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB14

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB13

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB12

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB11

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB10

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB9

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB8

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB7

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB6

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB5a

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB5

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB4

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB3

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB1

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB

System Requirements

Memory Requirements

Hardware Supported

Software Requirements

Determining the Software Version

Prerequisites and Restrictions

Caveats for Cisco IOS Release 12.4(24)MDB16

CSG2 Software for Cisco IOS Release 12.4(24)MDB16 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB16 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB16 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB16 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB15

CSG2 Software for Cisco IOS Release 12.4(24)MDB15 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB15 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB15 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB15 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB14

CSG2 Software for Cisco IOS Release 12.4(24)MDB14 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB14 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB14 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB14 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB13

CSG2 Software for Cisco IOS Release 12.4(24)MDB13 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB13 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB13 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB13 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB12

CSG2 Software for Cisco IOS Release 12.4(24)MDB12 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB12 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB12 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB12 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB11

CSG2 Software for Cisco IOS Release 12.4(24)MDB11 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB11 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB11 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB11 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB10

CSG2 Software for Cisco IOS Release 12.4(24)MDB10 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB10 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB10 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB10 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB9

CSG2 Software for Cisco IOS Release 12.4(24)MDB9 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB9 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB9 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB9 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB8

CSG2 Software for Cisco IOS Release 12.4(24)MDB8 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB8 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB8 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB8 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB7

CSG2 Software for Cisco IOS Release 12.4(24)MDB7 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB7 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB7 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB7 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB6

CSG2 Software for Cisco IOS Release 12.4(24)MDB6 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB6 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB6 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB6 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB5a

CSG2 Software for Cisco IOS Release 12.4(24)MDB5a - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB5a - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5a - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5a - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB5

CSG2 Software for Cisco IOS Release 12.4(24)MDB5 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB5 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB4

CSG2 Software for Cisco IOS Release 12.4(24)MDB4 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB4 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB4 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB4 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB3

CSG2 Software for Cisco IOS Release 12.4(24)MDB3 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB3 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB3 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB3 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB1

CSG2 Software for Cisco IOS Release 12.4(24)MDB1 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB1 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB1 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB1 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB

CSG2 Software for Cisco IOS Release 12.4(24)MDB - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Documentation and Technical Assistance

Related Documentation

CSG2 Documentation

Release-Specific Documents

Platform-Specific Documents

Cisco IOS Software Documentation Set

Obtaining Documentation and Submitting a Service Request


Release Notes for Cisco
Content Services Gateway -
2nd Generation Release 6.0
Cisco IOS Release 12.4(24)MDB16


First Published: March 30, 2011
Last Updated: October 14, 2013
Current Release: Cisco IOS Release 12.4(24)MDB16
OL-24560-01

This publication describes the requirements, dependencies, and caveats for the Cisco Content Services Gateway - 2nd Generation, more commonly known as the Content Services Gateway 2 or CSG2. These release notes are updated for every maintenance release.

Use these release notes with the Cross-Platform Release Notes for Cisco IOS Release 12.4, located on Cisco.com.

Caveats

Caveats describe unexpected behavior in Cisco IOS software releases. Severity 1 caveats are the most serious caveats; severity 2 caveats are less serious. Severity 3 caveats are moderate caveats, and only select severity 3 caveats are included in the caveats document.

All caveats in Cisco IOS Release 12.4 and Cisco IOS Release 12.4 T are also in Cisco IOS Release 12.4(24)MDB16.

For a list of the software caveats that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDB16, see the "Caveats for Cisco IOS Release 12.4(24)MDB16" section.

For information on caveats in Cisco IOS Release 12.4, see Caveats for Cisco IOS Release 12.4, located on Cisco.com.

For information on caveats in Cisco IOS Release 12.4 T, see Caveats for Cisco IOS Release 12.4T, located on Cisco.com and the Documentation CD-ROM.


Note The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB2 was not released.


This publication includes the following information:

Introduction

Features

System Requirements

Prerequisites and Restrictions

Caveats for Cisco IOS Release 12.4(24)MDB16

CSG2 Software for Cisco IOS Release 12.4(24)MDB16 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB16 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB16 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB16 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB15

CSG2 Software for Cisco IOS Release 12.4(24)MDB15 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB15 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB15 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB15 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB14

CSG2 Software for Cisco IOS Release 12.4(24)MDB14 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB14 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB14 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB14 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB13

CSG2 Software for Cisco IOS Release 12.4(24)MDB13 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB13 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB13 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB13 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB12

CSG2 Software for Cisco IOS Release 12.4(24)MDB12 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB12 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB12 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB12 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB11

CSG2 Software for Cisco IOS Release 12.4(24)MDB11 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB11 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB11 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB11 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB10

CSG2 Software for Cisco IOS Release 12.4(24)MDB10 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB10 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB10 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB10 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB9

CSG2 Software for Cisco IOS Release 12.4(24)MDB9 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB9 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB9 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB9 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB8

CSG2 Software for Cisco IOS Release 12.4(24)MDB8 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB8 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB8 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB8 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB7

CSG2 Software for Cisco IOS Release 12.4(24)MDB7 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB7 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB7 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB7 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB6

CSG2 Software for Cisco IOS Release 12.4(24)MDB6 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB6 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB6 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB6 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB5a

CSG2 Software for Cisco IOS Release 12.4(24)MDB5a - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB5a - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5a - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5a - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB5

CSG2 Software for Cisco IOS Release 12.4(24)MDB5 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB5 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB4

CSG2 Software for Cisco IOS Release 12.4(24)MDB4 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB4 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB4 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB4 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB3

CSG2 Software for Cisco IOS Release 12.4(24)MDB3 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB3 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB3 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB3 - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB1

CSG2 Software for Cisco IOS Release 12.4(24)MDB1 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB1 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB1 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB1 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Caveats for Cisco IOS Release 12.4(24)MDB

CSG2 Software for Cisco IOS Release 12.4(24)MDB - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

Documentation and Technical Assistance

Introduction

The CSG2 is an application that runs on the Cisco Service and Application Module for IP (SAMI), a high-speed processing module. The CSG2 provides content-aware billing, service control, traffic analysis, and data mining in a highly scalable, fault-tolerant package. The CSG2 provides the software required by mobile wireless operating companies and other billing, applications, and service customers.

The CSG2 runs on the Cisco SAMI, a new-generation high performance service module for the Cisco 7600 series router platforms. The CSG2 is typically located at the edge of a network in an Internet service provider (ISP) point of presence (POP), or Regional Data Center.

Features

This section lists the CSG2 features and the CSG2 release in which the feature was introduced. For full descriptions of all of these features, see the Cisco Content Services Gateway - 2nd Generation Release 5 Installation and Configuration Guide.

To see the software part numbers associated with each CSG2 release; the Supervisor hardware required by each CSG2 release; the minimum Cisco IOS release required for new features in each CSG2 release; and the minimum IOS level supported by each CSG2 release, see the "Software Requirements" section.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB16

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB15

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB14

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB13

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB12

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB11

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB10

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB9

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB8

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB7

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB6

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB5a

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB5

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB4

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB3

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB1

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB16

The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB16 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB15" section.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB15

The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB15 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB14" section.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB14

The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB14 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB13" section.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB13

The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB13 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB12" section.

In addition, the CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB13 supports the following new features:

IF-MIB Support for IXP Interface Errors and Drops

Generation of Syslog SNMP Traps When Threshold Exceeded

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB12

The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB12 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB11" section.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB11

The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB11 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB10" section.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB10

The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB10 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB9" section.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB9

The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB9 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB8" section.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB8

The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB8 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB7" section.

In addition, the CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB8 supports the following new feature:

Performance Enhancements

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB7

The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB7 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB6" section.

In addition, the CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB7 supports the following new features:

Accelerated Flow Enhancements:

Acceleration of Encapsulated Multipart Transactions

Acceleration of HTTP Chunk-Encoded Transactions

Idle Timeout for Accelerated Flows

ip csg accel idle

Support Up to 32 Accelerated Flows per Aggregate

Enhanced Output for show ip csg Command:

Display Aggregate Utilization Counts

show ip csg accel detail

Display Enhanced Out-of-Order Statistics

show ip csg stats

Performance Enhancements

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB6

The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB6 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB5a" section.

In addition, the CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB6 supports the following new feature:

Fast TCP retransmit


Note We strongly recommend that you enable this feature.


The CSG2 might queue out-of-order TCP packets for inspection, then forward those packets when the TCP stream catches up and fills in the sequence-number gap. However, because the packets are queued, it can appear that they were dropped from the network, and the TCP endpoint might not retransmit the missing packets until the timers expire. That can lead to long recovery times and low throughput.

To reduce recovery time and improve throughput, you can enable the CSG2 to emulate RFC 2581 behavior by sending a response for each queued out-of-order packet. The response is a duplicate of the last ACK sent by the other TCP endpoint. This triggers the TCP fast retransmit behavior at the sender, which can then retransmit any missing packets before the retransmit timer expires.

To enable the fast TCP retransmit feature, enter the ip csg mode dupack command in global configuration mode.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB5a

The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB5a supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB5" section.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB5

The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB5 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB4" section.

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB4

The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB4 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB3" section.

In addition, the CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB4 supports the following new features:

Configurable Counting Behavior for Gx CCR-U Timeouts or Errors

Enhanced Output for show ip csg Commands

New Counters for HTTP Multipart Flows

New Counters for Unusual TCP Conditions

- Out-of-Order Packets

- Session-Less Packets

New Error Counters for Diameter

Per-Content Flow Length Statistics

- HTTP Contents

- TCP Contents

- UDP Contents

Enhanced Output for show tech-support Command

Excluding TCP Bytes from TCP Counts for Retransmitted TCP Segments

Minimum Packet Count for Acceleration of TCP and UDP Contents

Performance Enhancements

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB3

The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB3 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB1" section.

In addition, the CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB3 supports the following new feature:

Gx Midpage URL-Redirect

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB1

The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB1 supports the entire feature set listed in the "CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB" section.

In addition, the CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB1 supports the following new features:

Configurable Rate Limits for New Sessions

Support for 64-Bit Volume Threshold over Gx Interface

CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB

The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB supports the entire feature set for the CSG2 Release 5 software for Cisco IOS Release 12.4(24)MDA5.

In addition, the CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB supports the following new features:

Accelerated Flow Enhancements

Accelerated Gx Volume Limit Thresholds

Accelerated Prepaid Flows

Accelerated Volume-Based Service-Level CDRs

Attribute Map Enhancements

Allow Different Field Identifiers in Attribute Maps

Supplemental Attribute Maps

Content Enhancements

Configurable Content Policy Priority

Configurable Content Description

Secondary Filters for Contents

CSG2 User Table Enhancements

GGSN User Release

Unknown User Blocking

Enhanced Output for show ip csg Command

Display Additional Route Injection Statistics
show ip csg stats > CSG User Stats

Display GTP' Round-Trip Statistics
show ip csg bma detail
show ip csg bma history
show ip csg psd detail
,
show ip csg psd history
show ip csg quota-server detail
show ip csg quota-server history

Display Non-Proxied RADIUS Proxy Statistics
show ip csg radius detail

Display PCRF Failure Statistics
show ip csg stats > CSG Gx Handler Stats

Display User Creation and Deletion Statistics
show ip csg stats > CSG User Stats and CSG Session Stats

Filter Output by Billing Plan
show ip csg users billing billing-plan-name

Enhanced Output for show tech Command

Added show fastblk, show preload, and show safeblk to Output

Added IXP Data to Output

Gx Enhancements

Dedicated Bearer Support

Distributed Gx

Gx Performance Improvements

Gx Usage Query

Gx User Agent Reporting

Reporting Gx Service Group Information in CDRs

Header Insertion Enhancements

Accelerated Header Insertion

Configurable Delimiter for Header Insertion

IP Addresses in Dotted-Decimal Notation for Header Insertion

RADIUS Enhancement

TLV Persistence for RADIUS Interim Updates

Regular Expression Match Capacity Increase—The CSG2 supports:

Up to 2048 match patterns per map

Up to 2048 total match patterns per policy

Up to 2048 total match patterns per content

Up to 8192 total match patterns per CSG2 (assuming there is enough memory available)

Service Enhancement

Configurable Service Lifetime (Forced Service Stop)

Expanded BMA/Quota Server Service Stop Information

Timestamp for Cleared Statistics—Display time since counters were last cleared for clear ip csg counters

System Requirements

This section describes the following memory and software requirements for CSG2:

Memory Requirements

Hardware Supported

Software Requirements

Determining the Software Version

For hardware requirements, such as power supply and environmental requirements, as well as hardware installation instructions, see the Service and Application Module for IP User Guide.

Memory Requirements

The CSG2 memory is not configurable.

The Cisco SAMI is available with a default 1 GB memory or an optional 2-GB memory.


Note Gx features in the CSG2 R6 and later require the 2 GB-SAMI option. The CSG2 R6 and later on the 1 GB-SAMI option does not support Gx.


Hardware Supported

Use of the CSG2 requires one of the following Cisco 7600 Series Routers and Supervisor Engines, and a module with ports to connect server and client networks:

Cisco 7600 Series Supervisor Engine 720 with a Multilayer Switch Feature Card 3 (WS-SUP720) running Cisco IOS Release 12.4(33)SRB1 or later

Cisco 7600 Series Supervisor Engine 720 with a Multilayer Switch Feature Card 3 and Policy Feature Card 3B (WS-SUP720-3B) running Cisco IOS Release 12.4(33)SRB1 or later

Cisco 7600 Series Supervisor Engine 720 with a Multilayer Switch Feature Card 3 and Policy Feature Card 3BXL (WS-SUP720-3BXL) running Cisco IOS Release 12.2(33)SRB1 or later

Cisco 7600 Series Supervisor Engine 32 with a Multilayer Switch Feature Card (WS-SUP32-GE-3B) running Cisco IOS Release 12.2(33)SRC or later and LCP ROMMON Version 12.2[121] or later on the Cisco SAMI

Cisco 7600 Series Supervisor Engine 32 with a Multilayer Switch Feature Card and 10 Gigabit Ethernet Uplinks (WS-SUP32-10GE-3B) running Cisco IOS Release 12.4(33)SRC or later and LCP ROMMON Version 12.2[121] or later on the Cisco SAMI

Cisco 7600 Series Route Switch Processor 720 with Distributed Forwarding Card 3C (RSP720-3C-GE) running Cisco IOS Release 12.4(33)SRC or later

Cisco 7600 Series Route Switch Processor 720 with Distributed Forwarding Card 3CXL (RSP720-3CXL-GE) running Cisco IOS Release 12.2(33)SRC or later

Software Requirements

When referring to this section, keep the following considerations in mind:

Do not use the Supervisor Hardware Supported column to infer supervisor hardware support. Consult the Cisco IOS Upgrade Planner to determine which Cisco IOS releases support the desired supervisor hardware.

Each feature set is limited to those features that can be configured at the Minimum Cisco IOS Level Supported.

The following table lists the CSG2 and Cisco SAMI module part numbers and associated information for each CSG2 release:

CSG2 Release
CSG2 and Cisco SAMI Module Part Numbers
Supervisor Hardware Supported
Supervisor Software Minimum Cisco IOS Release Required for New Features
Supervisor Software Minimum Cisco IOS Level Supported

12.4(24)MDB16
12.4(24)MDB15
12.4(24)MDB14
12.4(24)MDB13
12.4(24)MDB12
12.4(24)MDB11
12.4(24)MDB10
12.4(24)MDB9
12.4(24)MDB8
12.4(24)MDB7
12.4(24)MDB6
12.4(24)MDB5a
12.4(24)MDB5
12.4(24)MDB4
12.4(24)MDB3
12.4(24)MDB1
12.4(24)MDB

Cisco SAMI Module Part Numbers:

WS-SVC-SAMI-BB-K9
WS-SVC-SAMI-BB-K9=
MEM-SAMI-6P-1GB
MEM-SAMI-6P-2GB

CSG2 Software License Part Numbers:

SSAC60K9-12424MDB
SSAC60K9-12424MDB=

CSG2 Software Subscriber License Part Numbers:

FL-SC-10K-SUB
FL-SC-100K-SUB

CSG2 Software Upgrade License Part Numbers:

FL-SC-R5R6-K9-UP

CSG2 Software and Cisco SAMI Module Bundle Part Numbers:

SAMI-CSG2-R2AS-K9=

WS-SUP720
WS-SUP720-3B
WS-SUP720-3BXL

12.2(33)SRB1

12.2(33)SRB1

WS-SUP32-GE-3B
WS-SUP32-10GE-3B

12.2(33)SRC

12.2(33)SRC

RSP720-3C-GE
RSP720-3CXL-GE

12.2(33)SRC

12.2(33)SRC


Determining the Software Version

To determine the version of Cisco IOS software that is currently running on your Cisco network device, log in to the CSG2 or Supervisor Engine and enter the show version EXEC command.

To show CSG2 versions, log in to the Supervisor Engine and enter the show module command in privileged EXEC mode.

To provide meaningful problem determination information, log in to the CSG2 or Supervisor Engine and enter the show tech-support command in privileged EXEC mode.

Prerequisites and Restrictions

For the latest prerequisites and restrictions for the CSG2, see the "Overview" chapter of the Cisco Content Services Gateway - 2nd Generation Release 6 Installation and Configuration Guide.

Caveats for Cisco IOS Release 12.4(24)MDB16

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDB16.

CSG2 Software for Cisco IOS Release 12.4(24)MDB16 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB16 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB16 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB16 - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB16 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release

12.4(24)MDB16:

CSCty02688 — CSG2: Improper session synchronization during upgrade

When performing an in-service upgrade and synchronizing sessions from the active CSG2 Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the synchronization might not complete correctly. The standby CSG2 is synchronized with an unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the BMA, causing all sessions to be overcharged.

Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release, to CSG2 Release 5, or any later release.

CSCuh79944 — Backlog of IPC messages causes authentication failure in CSG2

Authentication failures occur during backlog IPC messages.

Workaround: Reload the Active CSG2.

CSCui11087 — CSG2:MDB13 crashes due to bus error

In rare situations, the CSG2 might reload due to a bus error when the CSG2 buffer (queue) reaches its maximum capacity to accept the packets, that arrive out of order.

Workaround: None.

CSCui11906 — CSG2:MDB12 crashes while processing the acceleration delete request

The CSG2 might reload while processing delete requests for the accelerated session.

This problem occurs in rare situations, wherein the accelerated session might be freed prior to the delete request.

Workaround: None.

CSCuh34277 — Incorrect location handling and diameter AVP RAI encoding

The CSG2 does not encode diameter/Gx AVP RAI in UTF-8 format.

This problem occurs when the RADIUS AVP 3GPP-User-Location-Info(3GPP/22) is received on the RADIUS interface.

Workaround: None.

CSG2 Software for Cisco IOS Release 12.4(24)MDB16 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB16:

CSCuj47099 — Attribute map not tagged to the policy in standby after bulksync

The map with type 'attribute' is not tagged to the corresponding policy in the standby after a reload.

After the CSG2 reloads and comes up as standby, bulk sync occurs. During the bulk sync, the active CSG2 syncs all the preload information to the standby CSG2. The map with type attribute is not synced appropriately to the standby CSG2. As a result, though the standby CSG2 gets the attribute map synced, the map is not tagged to the corresponding policy.

CSCug80879 — CSG behavior for diameter retry

CSG2 accepts a diameter error response with a 3003, 3004, or 3005 result code from the primary PCRF after the diameter transaction timer had expired. The CCA messages from a secondary PCRF are ignored when this occurs.

A late diameter error (3002, 3004, 3005) response is accepted from the primary peer after a time-out when the CCR is re-tried to a secondary PCRF. The problem occurs when the error response from the primary PCRF is received before a response from the secondary PCRF.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB16 - Open Caveats

The following list identifies open caveats in the Cisco SAMI software that impact the CSG2 software

for Cisco IOS Release 12.4(24)MDB16:

CSCtz76762 — IPC timed out for IXP1 syslogs from 2 TPs

%PLATFORM-3-SAMI_IPC_IXP_FAIL error messages was seen from one or more of the Traffic Processors (TPs) for IPCP_MSG_CSG2_P2I_DELETE_FLOW and IPCP_MSG_CSG2_P2I_DECEL_REQ messages, of a SAMI card running the CSG2 application software.

%PLATFORM-3-SAMI_IPC_IXP_FAIL: IPC timed out for IXP2 for Msgcode IPCP_MSG_CSG2_P2I_DELETE_FLOW, Num tries: 3

Workaround: The card may need to be reloaded manually to recover from this condition.

CSCui48107 — Lookup thread hung due to SRAM signals not posted during lock_flow_entry

SAMI blade reload was caused by hung lookup thread due to SRAM signals that was not posted during lock_flow_entry

Workaround: None

CSCui65391 — SAMI: Local memory corruption in Lookup ME

SAMI module reloaded generating the following crashinfo file:

SAMI 5/3: 000304: Jul 5 00:03:10: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP2 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)

Workaround: None

CSCuc79604 —124-24.MDB11_bad buffer handle

Crash files are generated and the following error is seen in the logs:

SAMI 13/3: 001107: Oct 4 05:18:16: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP2 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)

The problem occurs while passing normal traffic through the CSG2.

Workaround: None

CSCud12488 — CSG2 (SAMI) reloaded "Proc 7 - data path fail to Proc 1 (NP1)"

The Cisco SAMI might reload, generating the following:

Nov 7 07:34:17 CNCRCACZ94R05 23: SAMI 13/5: 000020: Nov 7 07:34:13: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)

Nov 7 07:34:17 CNCRCACZ94R05 23: SAMI 13/6: 000020: Nov 7 07:34:13: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)

Nov 7 07:34:17 CNCRCACZ94R05 24: SAMI 13/7: 000021: Nov 7 07:34:13: %PLATFORM-1-DP_HM_FAIL: Failed to receive response from IXP1. Check `sami health-monitoring' configuration and see `show sami health-monitoring' for more info

Workaround: None.

CSCue78945 — HM failure due to rx_info getting zeroed

The CSG2 reloads and one of the following two errors is seen in the logs:

1. SAMI 5/3: 000021: Apr 22 12:21:52: %PLATFORM-1-DP_HM_FAIL: Failed to receive response from IXP2. Check `sami health-monitoring' configuration and see `show sami health-monitoring' for more information

2. SAMI 5/3: 004633: Jun 21 21:10:37: %PLATFORM-0-DP_IXP_MULT_THR_FAIL: IXP:1 multiple:1 threads hung

In rare situations, this condition occurs due to HM failure or thread hung failure as a result of transient hardware failure or corruption in IXP.

Workaround: None.

CSCud83399 — HM fails in all PPCs due to Kabob full condition

All six PPCs face HM failure with the following logs:

SAMI 12/3: 000306: Dec 16 11:50:17: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (that is in the next 256 milliseconds.)

The logs can be checked from the debuginfo files in crashinfo.tar.

Workaround: None.

CSCug89458 — HM-Failure due to packet drop in RX ME

HM-Failure occurs due to packet drop in RX ME. This problem was noticed during normal operation.

Workaround: None.

CSCug22200 — CSG2 reloaded due to SAMI health monitoring failure

The device reloads when IXP health monitoring failure occurs.

This problem occurs when the PPCs in daughter card 1 fails to receive health-monitoring packets from IXP2.

Workaround: None.

CSCug59455 — IXP breakpoint assertion due to invalid SRAM address in Config ME

SAMI reloaded by the IXP breakpoint assertion due to an invalid SRAM address in config ME.

SAMI 13/6: 000020: Apr 22 12:21:51: PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP2 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)

SAMI 13/6: 000021: Apr 22 12:21:52: PLATFORM-1-DP_HM_FAIL: Failed to receive response from IXP2.

For more information, the logs can be checked from the debuginfo files in crashinfo.tar.

Workaround: None.

CSCuh73226 — SAMI Qnx kernel crash

SAMI gets reloaded with the message "IXP xscale core received". In the LCP core directory, the file ixp#.txt contains the qnx kernel core dump.

Workaround: None.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB16 - Closed Caveats

There are no Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB16.

Caveats for Cisco IOS Release 12.4(24)MDB15

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDB15.

CSG2 Software for Cisco IOS Release 12.4(24)MDB15 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB15 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB15 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB15 - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB15 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release

12.4(24)MDB15:

CSCty02688—CSG2: Improper session synchronization during upgrade

When performing an in-service upgrade and synchronizing sessions from the active CSG2 Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the synchronization might not complete correctly. The standby CSG2 is synchronized with an unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the BMA, causing all sessions to be overcharged.

Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release, to CSG2 Release 5, or any later release.

CSCuh79944— Backlog of IPC messages causes authentication failure in CSG2

Authentication failures occur during backlog IPC messages.

Workaround: Reload the Active CSG2.

CSCui11087—CSG2:MDB13 crashes due to bus error

In rare situations, the CSG2 might crash due to a bus error when the CSG2 buffer (queue) reaches its maximum capacity to accept the packets, that arrive out of order.

Workaround: None.

CSCui11906—CSG2:MDB12 crashes while processing the acceleration delete request

The CSG2 might crash while processing delete requests for the accelerated session.

This problem occurs in rare situations, wherein the accelerated session might be freed prior to the delete request.

Workaround: None.

CSCuh34277— Incorrect location handling and diameter AVP RAI encoding

The CSG does not encode diameter/Gx AVP RAI in UTF-8 format.

This problem occurs when the RADIUS AVP 3GPP-User-Location-Info(3GPP/22) is received on the RADIUS interface.

Workaround: None.

CSG2 Software for Cisco IOS Release 12.4(24)MDB15 - Closed Caveats

The following list identifies closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB15:

CSCue92492—The CSG2 might crash while enforcing QoS-rate limit parameters under a service

The CSG2 might crash when the debug diameter events command is issued and more than five levels of grouped Attribute Value Pairs (AVPs) are received in a message.

For this problem to occur, all of the following conditions must be met:

The debug diameter events command must be issued.

The PCRF must push grouped AVPs that contain five or more levels of grouped AVPs.

CSCua87018—CSG: MDB8: Traceback @ reading 0x0

A traceback occurs when the csg start preload command is executed manually.

For this problem to occur, all of the following conditions must be met:

Standby CSG blade should be manually reloaded.

Preload from Active CSG blade is cleared (Standby CSG blade is still not up and running).

Manually start CSG preload using the command csg start preload on the Active CSG blade (Standby CSG blade is still not up and running, with NEGOTIATION as its status).

Traceback is seen.

CSCuc54989—SAMI-CSGK9 reloaded with no ip csg iscsi profile command

The SAMI module reloads unexpectedly (crashes) when the no ip csg iscsi profile command is executed.

CSCuf28300— IXP CSG2 accel flags were not set correctly by PPC, which allows OOO forwarding

During a HTTP download using chunked packets, some packets are forwarded by the network processor out of order. Specifically, if the packets are followed immediately by a packet with a HTTP chunk boundary.

For this problem to occur, all of the following conditions must be met:

The CSG uses its network processor to accelerate HTTP traffic, which uses the transfer encoding that is chunked.

The content length is not specified.

Network processor accelerates a given transfer encoding chunk (each packet that carries the given chunk).

The CSG programs the sequence number that is to end acceleration (decelerate) on the network processor.

The network processor receives packets that contain the given sequence number out of order.

CSCuf78470—CSG2:MDB13 Preload error generated even though MPCC preload is not configured

The CSG2 sends preload request to PCRF even though the mpcc preload command is not configured, generating a preload error message.

This problem occurs when the CSG2 starts up after reload.

CSCug90143—The parse error drop command under content does not work efficiently

When the parse error drop command is configured, the CSG2 drops the session at the time of response from the server.

The CSG2 does not drop the session when the parsing error is found in the client's request message.

This problem occurs when the CSG is configured with parse error drop command under content.

CSCuh16847—Gx link is permanently shutdown on toggling Gx link multiple times

The Diameter connection is not established in CSG2 when the PCRF connection goes up and down for around 30-35 flaps.

CSCuh34877—Messages queued in PCI from PPC does not respond correctly by the IXPs

High volume usage is reported in the CDR.

This problem occurs when there is a failure of the IXP to respond to messages from the PPC, which leads to a high volume usage report.

CSCuh63321—CSG2 SAMI encap lookup failure

Accelerated packets of the downlink packets are not properly sent to the correct destination UE.

For this problem to occur, all of the following conditions must be met:

The gateway must have the same address configured on multiple interfaces that belong to different routing tables/VRFs. This gateway address is advertised as the downlink next hop to the CSG2.

The encap table on the CSG2 must have these entries in an incorrect order.

CSCuh85746—Incorrect service and policy mapping for HTTP traffic in the CSG2

There is incorrect service and policy mapping for HTTP traffic in the CSG2 when the HTTP packet is received without any message-header for HTTP/1.0 or HTTP/1.1.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB15 - Open Caveats

The following list identifies open caveats in the Cisco SAMI software that impact the CSG2 software

for Cisco IOS Release 12.4(24)MDB15:

CSCuc79604—124-24.MDB11_bad buffer handle

Crash files are generated and the following error is seen in the logs:

SAMI 13/3: 001107: Oct 4 05:18:16: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP2 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)

The problem occurs while passing normal traffic through the CSG2.

Workaround: None

CSCud12488—CSG2 (SAMI) reloaded "Proc 7 - data path fail to Proc 1 (NP1)"

The Cisco SAMI might reload, generating the following:

Nov 7 07:34:17 CNCRCACZ94R05 23: SAMI 13/5: 000020: Nov 7 07:34:13: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)

Nov 7 07:34:17 CNCRCACZ94R05 23: SAMI 13/6: 000020: Nov 7 07:34:13: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)

Nov 7 07:34:17 CNCRCACZ94R05 24: SAMI 13/7: 000021: Nov 7 07:34:13: %PLATFORM-1-DP_HM_FAIL: Failed to receive response from IXP1. Check `sami health-monitoring' configuration and see `show sami health-monitoring' for more info

Workaround: None.

CSCue78945—HM failure due to rx_info getting zeroed

All six PPCs face HM failure with the following logs:

SAMI 13/3: 001896: Jan 12 11:30:44: PLATFORM-2-DP_IXP_HM_WARN Failed to receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)

The logs can be checked from the debuginfo files in crashinfo.tar.

Workaround: None.

CSCud83399—HM fails in all PPCs due to Kabob full condition

All six PPCs face HM failure with the following logs:

SAMI 12/3: 000306: Dec 16 11:50:17: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (that is in the next 256 milliseconds.)

The logs can be checked from the debuginfo files in crashinfo.tar.

Workaround: None.

CSCug89458—HM-Failure due to packet drop in RX ME

HM-Failure occurs due to packet drop in RX ME. This problem is noticed during normal operation.

Workaround: None.

CSCug22200—MDB13: CSG2 reloaded due to SAMI health monitoring failure

The device reloads when IXP health monitoring failure occurs.

This problem occurs when the PPCs in daughter card 1 fails to receive health-monitoring packets from IXP2.

Workaround: None.

CSCug59455—IXP breakpoint assertion due to invalid SRAM address in Config ME

SAMI reloaded by the IXP breakpoint assertion due to an invalid SRAM address in config ME.

SAMI 13/6: 000020: Apr 22 12:21:51: PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP2 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)

SAMI 13/6: 000021: Apr 22 12:21:52: PLATFORM-1-DP_HM_FAIL: Failed to receive response from IXP2.

For more information, the logs can be checked from the debuginfo files in crashinfo.tar.

Workaround: None.

CSCuh73226—SAMI Qnx kernel crash

SAMI gets reloaded with the message "IXP xscale core received". In the LCP core directory, the file ixp#.txt contains the qnx kernel core dump.

Workaround: None.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB15 - Closed Caveats

The following list identifies closed caveats in the Cisco SAMI software that impact the CSG2 software

for Cisco IOS Release 12.4(24)MDB15:

CSCue00667—CSG2 show sami ipcp ipc ixp response code counters are always zero

The show sami ipcp ipc ixp command contains some counters that always display as zero. The counters are in the section ixp response code:

ixp response code:
      no error = 0
      unknown command = 0
      no resource = 0
      bad parameter = 0
      already existed = 0
      not found for deletion = 0
      error in locking = 0
      lock forced = 0
      unknown error = 0
 
 

CSCtz81440—Output of the show sami ixp stats command output is incorrect

The output of the show sami ixp statistics command is incomplete and inaccurate. Not all MEs are shown, and the counters for the MEs shown is incorrect.

CSCue54602—Qnx io-net process crash

The show tech command displays the message as "System returned to ROM by IXP xscale core received". A core file for the io-net process is collected in the LCP core directory.

This problem occurs when the io-net process, running on xscale (QNX 6.3) crashes.

CSCue28485—GGSN_SAMI-CPU-HOG-SAMI SCSI PROCESS

High CPU might occur when CSG2/GGSN detects a reset in the iSCSI target.

This problem occurs when the CSG2/GGSN detects a reset in the iSCSI target. The CSG2/GGSN disconnects itself from iSCSI target and destroys all the file system associated with the target, which leads to a high CPU usage.

The CSG2/GGSN recovers from high CPU usage once the target comes up again.

CSCue20764—SRAM Parity Error Not Getting Detected By Xscale SysMgr

Health Monitoring failures are seen.

This problem occurs in some of the cases where the IXP is not able to detect the SRAM parity errors.

CSCud53155—Committing the Qnx binaries and libs with symbols

Syslogs show that xscale core is received, and the core of the crashing process is collected by the LCP core directory.

This CDETS in not intended to fix any crashes, but to have debugging information present in the cores to analyze the root causes of qnx process crashes in the further occurrences.

Caveats for Cisco IOS Release 12.4(24)MDB14

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDB14.

CSG2 Software for Cisco IOS Release 12.4(24)MDB14 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB14 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB14 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB14 - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB14 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB14:

CSCty02688—CSG2: Improper session synchronization during upgrade

When performing an in-service upgrade and synchronizing sessions from the active CSG2 Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the synchronization might not complete correctly. The standby CSG2 is synchronized with an unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the BMA, causing all sessions to be overcharged.

Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release, to CSG2 Release 5, or any later release.

CSCue92492—The CSG2 might crash while enforcing QoS-rate limit parameters under a service

The CSG2 might crash when the debug diameter events command is issued and more than five levels of grouped Attribute Value Pairs (AVPs) are received in a message.

For this problem to occur, all of the following conditions must be met:

The debug diameter events command must be issued.

The PCRF must push grouped AVPs that contain five or more levels of grouped AVPs.

Workaround: Do not enable debugging.

CSG2 Software for Cisco IOS Release 12.4(24)MDB14 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB14:

CSCue42761—The CSG2 might not handle the pcrf timeout continue command properly for an interim update

If the CSG2 receives from the gateway an Interim Accounting message with the Change of Authorization (CoA) flag set as mandatory, and the PCRF does not respond to the CCR-U (the CCR-U times out), then the CSG2 sends the CoA with the Auth-Failure (0x02) flag set and the gateway deletes the PDP session.

CSCue67662—A charging ID overrun is not handled properly

When the charging ID is greater than 2^31, the CSG2 displays a negative session ID.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB14 - Open Caveats

The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB14:

CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured

If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the write memory command on the PPC 3 results in the following error:

% Error saving SNMP ifIndexes No space left on device

The Ifindex table file in NVRAM is also deleted.

For this problem to occur, all of the following conditions must be met:

The SNMP ifIndex persistence feature must be configured.

The CSG2 release image must include the CSCtr09086 fix (included in the CSG2 software for Cisco IOS Release 12.4(24)MDB7 or later).

More than 600 interfaces must be configured.

Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex persistence feature.

CSCuc79604—124-24.MDB11_bad buffer handle

Crash files are generated and the following error is seen in the logs:

SAMI 13/3: 001107: Oct 4 05:18:16: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP2 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)

The problem occurs while passing normal traffic through the CSG2.

Workaround: None.

CSCud07740—CSG2 IXP threads hung in MAC lookup

The Cisco SAMI might reload, with all ME 6 threads hung during MAC lookup.

SAMI 13/3: 001950: Nov 1 08:08:47: %PLATFORM-3-DP_IXP_THR_WARN: IXP:2 thread blocked. me:6 thr:7 num_consecutive_fail:3

SAMI 13/3: 001951: Nov 1 08:08:47: %PLATFORM-0-DP_IXP_MULT_THR_FAIL: IXP:2 multiple:3 threads hung

Workaround: None.

CSCud12488—CSG2 (SAMI) reloaded "Proc 7 - data path fail to Proc 1 (NP1)"

The Cisco SAMI might reload, generating the following:

Nov 7 07:34:17 CNCRCACZ94R05 23: SAMI 13/5: 000020: Nov 7 07:34:13: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)

Nov 7 07:34:17 CNCRCACZ94R05 23: SAMI 13/6: 000020: Nov 7 07:34:13: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)

Nov 7 07:34:17 CNCRCACZ94R05 24: SAMI 13/7: 000021: Nov 7 07:34:13: %PLATFORM-1-DP_HM_FAIL: Failed to receive response from IXP1. Check `sami health-monitoring' configuration and see `show sami health-monitoring' for more info

Workaround: None.

CSCud59868—IXP config stats are incorrect

The output for the show sami ixp statistics command contains a section with the heading PCI:

The following statistics are not correctly tracked:

Create flow V4

Create flow V6

Redundant create V4

Redundant create V6

Alloc fail V4

Alloc fail V6

Agg seq add

Agg seq update

These statistics are used to track activity for accelerated flows in the network processor. Running any traffic through the CSG2 that is eligible for flow acceleration might increment these counters.

Workaround: None.

CSCue00667—CSG2 show sami ipcp ipc ixp response code counters are always zero

The show sami ipcp ipc ixp command contains some counters that always display as zero. The counters are in the section ixp response code:

ixp response code:
      no error = 0
      unknown command = 0
      no resource = 0
      bad parameter = 0
      already existed = 0
      not found for deletion = 0
      error in locking = 0
      lock forced = 0
      unknown error = 0
 
 

Workaround: None.

CSCue45063—Qnx: Process setClock_g_ns crashed

A Qnx Xscale crash might occur with the core for the process qnx_2_setClock_g_ns.

Workaround: None.

CSCue54602—Qnx io-net process crash

The output for the show tech command displays the following reload reason:

System returned to ROM by IXP xscale core received...

There is a core file for the io-net process collected in the LCP core directory.

Workaround: None.

CSCue78945—HM failure due to rx_info getting zeroed

All six PPCs face HM failure with the following logs:

SAMI 13/3: 001896: Jan 12 11:30:44: PLATFORM-2-DP_IXP_HM_WARN Failed to receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)

The logs can be checked from the debuginfo files in Crashinfo.tar.

Workaround: None.

CSCud83399—HM failed in all PPCs in due to Kabob full condition

All six PPCs face HM failure with the following logs:

SAMI 12/3: 000306: Dec 16 11:50:17: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)

The logs can be checked from the debuginfo files in Crashinfo.tar.

Workaround: None.

CSCue82743—Qnx xscale kernel crash pointing to the process me_dump_g_ns

A Qnx Xscale kernel crash might occur with process me_dump_g_ns noted at the time of crash.

Workaround: None.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB14 - Closed Caveats

The following list identifies the Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB14:

CSCue20323—Uplink traffic might be dropped at the IXP Queue Manager

When Queue Manager drops in IXP occur, uplink traffic from the UE is not able to reach the internet, because the PGW does not forward the same data.

Caveats for Cisco IOS Release 12.4(24)MDB13

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDB13.

CSG2 Software for Cisco IOS Release 12.4(24)MDB13 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB13 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB13 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB13 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB13 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB13:

CSCty02688—CSG2: Improper session synchronization during upgrade

When performing an in-service upgrade and synchronizing sessions from the active CSG2 Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the synchronization might not complete correctly. The standby CSG2 is synchronized with an unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the BMA, causing all sessions to be overcharged.

Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release, to CSG2 Release 5, or any later release.

CSG2 Software for Cisco IOS Release 12.4(24)MDB13 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB13:

CSCty47919—Standby CSG2 RADIUS attributes added twice to Gx ASID Table

If the active CSG2 is running CSG2 software for Cisco IOS Release 12.4(24)MDB5a or later, and the standby CSG2's Gx ASID table is updated two or three times via RADIUS attributes, then the standby CSG2's Gx ASID Table RADIUS attributes are updated two or three times in the CSG2 User Table output.

This issue is seen only when creating an EPS bearer.

CSCub23935—The CSG2 reloads during bulksync with standby

Active and Standby CSG2s undergo rf-induced reloads attempting to bulk sync.

This problem can occur as a result of a configuration change for ip csg replicate during a bulk sync.

CSCub89537—The CSG2 might crash in function show_mpcc_session_all due to CPU HOG

The CSG2 CP might crash in function show_mpcc_session_all due to CPU HOG.

CSCub89563—The CSG2 crashed during automation run while performing preload

The CSG2 might crash during preload activity. The crash occurs randomly during startup, during preload, on a clean node, after the initial setup of the CSG2 (that is, after the configuration of the RADIUS, BMA, and quota server interfaces).

CSCuc68151—The CSG2 drops random HTTP GETs when header insertion is enabled

The CSG2 might drop random HTTP GET packets when the header insertion feature is enabled in the matching content or policy.

CSCuc95740—The CSG2 might crash while processing a DNS packet

The CSG2 PPC CPU might crash while handling DNS packets.

CSCud51998—SCI deceleration flag is set due to this SCR drop for accelerated traffic

An SCR drop might occur on the CSG2, eventually leading to high volume usage reporting for a few

users.

For this problem to occur, all of the following conditions must be met:

Acceleration must be enabled for the session, and the packet must be accelerated.

The PCRF must send the Gx_usage reporting (volume threshold) to the CSG2, and the CSG2 must send the deceleration request to the IXP.

The GW must send the accounting interm before the first deceleration request is complete.

CSCue00591—The CSG2 allows acceleration over a single interface

CPU utilization is very high at the CSG2.

For this problem to occur, all of the following conditions must be met:

Acceleration must be enabled for the session, and the packet must be accelerated.

Both ingress and egress encaps must be equal for a session flow acceleration request.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB13 - Open Caveats

The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB13:

CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured

If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the write memory command on the PPC 3 results in the following error:

% Error saving SNMP ifIndexes No space left on device

The Ifindex table file in NVRAM is also deleted.

For this problem to occur, all of the following conditions must be met:

The SNMP ifIndex persistence feature must be configured.

The CSG2 release image must include the CSCtr09086 fix (included in the CSG2 software for Cisco IOS Release 12.4(24)MDB7 or later).

More than 600 interfaces must be configured.

Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex persistence feature.

CSCuc79604—124-24.MDB11_bad buffer handle

Crash files are generated and the following error is seen in the logs:

SAMI 13/3: 001107: Oct 4 05:18:16: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP2 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)

The problem occurs while passing normal traffic through the CSG2.

Workaround: None.

CSCud07740—CSG2 IXP threads hung in MAC lookup

The Cisco SAMI might reload, with all ME 6 threads hung during MAC lookup.

SAMI 13/3: 001950: Nov 1 08:08:47: %PLATFORM-3-DP_IXP_THR_WARN: IXP:2 thread blocked. me:6 thr:7 num_consecutive_fail:3

SAMI 13/3: 001951: Nov 1 08:08:47: %PLATFORM-0-DP_IXP_MULT_THR_FAIL: IXP:2 multiple:3 threads hung

Workaround: None.

CSCud12488—CSG2 (SAMI) reloaded "Proc 7 - data path fail to Proc 1 (NP1)"

The Cisco SAMI might reload, generating the following:

Nov 7 07:34:17 CNCRCACZ94R05 23: SAMI 13/5: 000020: Nov 7 07:34:13: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)

Nov 7 07:34:17 CNCRCACZ94R05 23: SAMI 13/6: 000020: Nov 7 07:34:13: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)

Nov 7 07:34:17 CNCRCACZ94R05 24: SAMI 13/7: 000021: Nov 7 07:34:13: %PLATFORM-1-DP_HM_FAIL: Failed to receive response from IXP1. Check `sami health-monitoring' configuration and see `show sami health-monitoring' for more info

Workaround: None.

CSCud59868—IXP config stats are incorrect

The output for the show sami ixp statistics command contains a section with the heading PCI:

The following statistics are not correctly tracked:

Create flow V4

Create flow V6

Redundant create V4

Redundant create V6

Alloc fail V4

Alloc fail V6

Agg seq add

Agg seq update

These statistics are used to track activity for accelerated flows in the network processor. Running any traffic through the CSG2 that is eligible for flow acceleration might increment these counters.

Workaround: None.

CSCue00667—CSG2 show sami ipcp ipc ixp response code counters are always zero

The show sami ipcp ipc ixp command contains some counters that always display as zero. The counters are in the section ixp response code:

ixp response code:
      no error = 0
      unknown command = 0
      no resource = 0
      bad parameter = 0
      already existed = 0
      not found for deletion = 0
      error in locking = 0
      lock forced = 0
      unknown error = 0

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB13 - Closed Caveats

The following list identifies the Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB13:

CSCsy00532—Continual sysmgr crashes with incomplete cores and no reboot

Due to an error in the coring process, file permissions on the core files are not set properly. Therefore, it is not possible to copy the cores from the core: directory using the copy command. Access to the debug shell is required to recover the cores.

CSCtw60993—QNX: process "io-net" crashed.

The Cisco SAMI might reload with the following syslog error message:

%SAMI-2-SAMI_SYSLOG_CRIT: SAMI 1/0: %SAMI-2-443001: System experienced fatal failure.Service name:System Manager (core-server)(30380) has terminated on receiving signal 11,reloading system

As part of crash info, core file qnx_1_io-net_114693_core is generated. 114693 is the process-id for io-net, which might vary from case to case.

CSCub22727—The show sami ixp session command might result in a traceback

If acceleration is enabled, and the show sami ixp session command is issued, the following traceback might occur:

SAMI 5/3: Jul 24 17:18:13.686 EDT: %SAMI-4-WARNING: Unexpected condition: response too long for buffer
-Process= "Virtual Exec", ipl= 0, pid= 115, -Traceback= 0x5657B70z 0x5659EA4z 0x565A3BCz 0x55AD884z 0x55ADAD4z 0x55AF0E0z 0x5656C5Cz 0x5B0D6ACz 0x5B343CCz 0x68C3C2Cz 0x68C73B4z

CSCub45666—Per PPC HM counters at configuration ME to improve debugging of HM failures

The following message is seen:

SAMI 2/5: 000032: Jul 13 20:43:42: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)

SAMI 2/5: 000033: Jul 13 20:43:43: %PLATFORM-1-DP_HM_FAIL: Failed to receive response from IXP1. Check `sami health-monitoring' configuration and see `show sami health-monitoring' for more info

and the show sami health monitoring command has 32 consecutive misses, which triggers the reload of the Cisco SAMI.

------------------ show sami health-monitoring ------------------
IXP1: FAILED
        32/0 Missed/Rcvd consecutive responses
        50/14314449 Missed/Rcvd cumulative responses
        0 Failed to send
IXP2: ACTIVE
        0/14314453 Missed/Rcvd consecutive responses
        0/14314453 Missed/Rcvd cumulative responses
        0 Failed to send
 
 

CSCuc65113—LCP Sysmgr Crash Due To Proc Mem Info Corruption

Core Dump File includes Proc Mem Info Details. LCP Sysmgr crashes due to Prco Memory Info Corruption

CSCud26107—Sysmgr crash at sysmgr_stats_disable

The Cisco SAMI might crash with log Sysmgr(943) has terminated on receiving signal 11,reloading system. Sysmgr crash at sysmgr_stats_disable with specific configuration.

CSCud47702—QNX sysmgr_g_ns process crash

The LCP logs produce the following logs:

%SAMI-3-730205: SAMI User Space: ERROR: IXP xscale core rcvd. 1 collect crashinfo

The ixp1_crash.txt has this entry:

IXP CAUSE = NP Watchdog Reset

The 20121121-201846_crashinfo_collection-20121117-103238.tar contains qnx_1_sysmgr_g_ns_126985_core.

CSCud52370—The CSG2 might reload due to IXP multiple threads hung

The CSG2 might reload unexpectedly when IXP health monitoring detects several hung threads in MEs 4 through 10.

For this problem to occur, all of the following conditions must be met:

The flows must be accelerated by the IXP.

The flows must participate in some form of aggregate accounting, such as service-level CDRs, prepaid, or Gx user volume threshold.

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

The following list identifies Cisco PSIRT closed caveats that impact Cisco IOS Release 12.4(24)MDB13:

CSCtl99174

Cisco IOS Software contains a memory leak vulnerability that could be triggered through the processing of malformed Session Initiation Protocol (SIP) messages. Exploitation of this vulnerability could cause an interruption of services. Only devices that are configured for SIP inspection are affected by this vulnerability.

Cisco has released free software updates that address this vulnerability. There are no workarounds for devices that must run SIP inspection.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-cce

CSCtz35999

The Cisco IOS Software Protocol Translation (PT) feature contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

Cisco has released free software updates that address this vulnerability.

Workarounds that mitigate this vulnerability are available.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-pt

Note: The March 27, 2013, Cisco IOS Software Security Advisory bundled publication includes seven Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the March 2013 bundled publication.

Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html

Caveats for Cisco IOS Release 12.4(24)MDB12

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDB12.

CSG2 Software for Cisco IOS Release 12.4(24)MDB12 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB12 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB12 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB12 - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB12 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB12:

CSCty02688—CSG2: Improper session synchronization during upgrade

When performing an in-service upgrade and synchronizing sessions from the active CSG2 Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the synchronization might not complete correctly. The standby CSG2 is synchronized with an unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the BMA, causing all sessions to be overcharged.

Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release, to CSG2 Release 5, or any later release.

CSCty47919—Standby CSG2 RADIUS attributes added twice to Gx ASID Table

If the active CSG2 is running CSG2 software for Cisco IOS Release 12.4(24)MDB5a or later, and the standby CSG2's Gx ASID table is updated two or three times via RADIUS attributes, then the standby CSG2's Gx ASID Table RADIUS attributes are updated two or three times in the CSG2 User Table output.

This issue is seen only when creating an EPS bearer.

Workaround: None.

CSG2 Software for Cisco IOS Release 12.4(24)MDB12 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB12:

CSCub27714—User sessions stuck in CSG2 cause delayed Service Stop to go in sticky User Table

The CSG2 might send a Service Stop message to the quota server that was not associated with the user. This can occur even if Quota Server Reassignment is disabled.

For this problem to occur, all of the following conditions must be met:

A prepaid user must exist in the system.

The quota must expire and 0 quota must be received in the Service Reauth Response.

The reauthorization delay must be around 1200 seconds.

The CSG2 must block the traffic and clear some of the sessions.

The CSG2 must receive a RADIUS Accounting Stop message for the user (user logout) before the content idle timer expires.

A few established sessions must get stuck in the CSG2 and not cleared after the RADIUS Accounting Stop message.

The CSG2 must send out the Service Stop after the sessions are cleared by the content idle timer.

This results in the creation of a sticky user while sending the Service Stop, as the affinity is already cleared. While creating the sticky user, the CSG2 might assign a different quota server and forward the service stop to that quota server.

CSCub72278—Accelerated sessions fail to decelerate

Under heavy load conditions, frequent handling of ACCEL sync messages from the IXP could lead to some CSG2 accelerated sessions hanging in CSG_DECEL_PENDING state. If that occurs, it could tie up packets buffers that are queued to the accelerated sessions, which in turn could lead to I/O buffer depletion.

CSCuc01113—The CSG2 is not enforcing Block over RAR for accelerated traffic

The CSG2 is not enforcing Block for service group cisco_flow_status when user traffic that matches the service group is accelerated.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB12 - Open Caveats

The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB12:

CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured

If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the write memory command on the PPC 3 results in the following error:

% Error saving SNMP ifIndexes No space left on device

The Ifindex table file in NVRAM is also deleted.

For this problem to occur, all of the following conditions must be met:

The SNMP ifIndex persistence feature must be configured.

The CSG2 release image must include the CSCtr09086 fix (included in the CSG2 software for Cisco IOS Release 12.4(24)MDB7 or later).

More than 600 interfaces must be configured.

Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex persistence feature.

CSCub22727—The show sami ixp session command might result in a traceback

If acceleration is enabled, and the show sami ixp session command is issued, the following traceback might occur:

SAMI 5/3: Jul 24 17:18:13.686 EDT: %SAMI-4-WARNING: Unexpected condition: response too long for buffer
-Process= "Virtual Exec", ipl= 0, pid= 115, -Traceback= 0x5657B70z 0x5659EA4z 0x565A3BCz 0x55AD884z 0x55ADAD4z 0x55AF0E0z 0x5656C5Cz 0x5B0D6ACz 0x5B343CCz 0x68C3C2Cz 0x68C73B4z

Workaround: None.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB12 - Closed Caveats

The following list identifies the Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB12:

CSCtk98031—Target name not included in iSCSI login message

The iSCSI login might fail.

The SAMI debug reports:

iSCSI ERROR: login error status class 2, status details 7

The server log reports:

Initiator did not specify target name in LOGIN request

CSCty65255—Two commands to show SAMI temp sensors display two different values

The commands show sami temperature and show environment temperature display different temperature values for all columns except Base board sensor 0 & 1.

CSCua69750 —LCP process core and IXP coredump bundling into crashinfo tar ball

The ixp_csr_dump process in processor 0 crashes while collecting the IXP coredump. The crashinfo_collection-xxxxxxxx-xxxxxx.tar file does not contain coredump_proc1 or coredump_proc2, which are coredumps of IXPs, even though these coredump are present in processor 0 core: directory outside the crashinfo_collection file.

Also, if an LCP process has crashed, there is also be a core.xxx file in processor 0 core: directory which is also not part of the crashinfo_collection tar ball.

CSCuc34571—CSG2 PCEF reload due to IXP failure on platform

The device might reload unexpectedly when IXP health monitoring detects several hung threads in MEs 4 through 10.

For this problem to occur, all of the following conditions must be met:

Flows must be accelerated by the IXP.

Flows must participate in some form of aggregate accounting (for example, service level CDRs, prepaid, Gx user volume threshold).

Caveats for Cisco IOS Release 12.4(24)MDB11

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDB11.

CSG2 Software for Cisco IOS Release 12.4(24)MDB11 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB11 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB11 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB11 - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB11 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB11:

CSCty02688—CSG2: Improper session synchronization during upgrade

When performing an in-service upgrade and synchronizing sessions from the active CSG2 Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the synchronization might not complete correctly. The standby CSG2 is synchronized with an unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the BMA, causing all sessions to be overcharged.

Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release, to CSG2 Release 5, or any later release.

CSCty47919—Standby CSG2 RADIUS attributes added twice to Gx ASID Table

If the active CSG2 is running CSG2 software for Cisco IOS Release 12.4(24)MDB5a or later, and the standby CSG2's Gx ASID table is updated two or three times via RADIUS attributes, then the standby CSG2's Gx ASID Table RADIUS attributes are updated two or three times in the CSG2 User Table output.

This issue is seen only when creating an EPS bearer.

Workaround: None.

CSCub27714—User sessions stuck in CSG2 cause delayed Service Stop to go in sticky User Table

The CSG2 might send a Service Stop message to the quota server that was not associated with the user. This can occur even if Quota Server Reassignment is disabled.

For this problem to occur, all of the following conditions must be met:

A prepaid user must exist in the system.

The quota must expire and 0 quota must be received in the Service Reauth Response.

The reauthorization delay must be around 1200 seconds.

The CSG2 must block the traffic and clear some of the sessions.

The CSG2 must receive a RADIUS Accounting Stop message for the user (user logout) before the content idle timer expires.

A few established sessions must get stuck in the CSG2 and not cleared after the RADIUS Accounting Stop message.

The CSG2 must send out the Service Stop after the sessions are cleared by the content idle timer.

This results in the creation of a sticky user while sending the Service Stop, as the affinity is already cleared. While creating the sticky user, the CSG2 might assign a different quota server and forward the service stop to that quota server.

Workaround: None.

CSCub89537—CSG2 crash in function show_mpcc_session_all due to CPU HOG

The CSG2 might crash in function show_mpcc_session_all as a result of CPU HOG.

Workaround: None.

CSCub91436—CSG-4-LOAD_MGMT: Session Create transaction discarded due to high load

Noticed load management syslog with "session creations" getting discarded, memory allocation failures, and tracebacks.

For this problem to occur, all of the following conditions must be met:

220,000 or more users must be created.

Using IXIA, ICMP traffic must be started for 150K users, with no acceleration enabled.

Workaround: None.

CSG2 Software for Cisco IOS Release 12.4(24)MDB11 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB11:

CSCua22892—Interval seconds is not updating for first few iterations

The first PCDR closed for a 4G session might not report the correct time usage, based on the usage information sent by the CSG2 to the PGW.

The issue is observed only for the first PCDR closed for a 4G session. Subsequent closed PCDRs include the correct time usage.

CSCub54950—CSG2 reports SCU with 0 cause, corr.id

Syslogs might be seen on the PGW with reason "unexpected CSG usage report cause."

This problem can occur when there are multiple usage (CDR) requests received from the PGW when the CSG2 is waiting for DECEL to complete. This causes the CSG2 to omit the correlator ID in the usage sent to the PGW.

CSCub65777—R6 CSG2 needs to send duplicate ACKs on dropped out-of-order packets as well

Flows through the CSG2 that experience dropped packets take a long time to recover. Packets that the CSG2 drops for lack of queue space do not cause the CSG2 to respond with a duplicate ACK.

For this problem to occur, all of the following conditions must be met:

The CSG2 must be configured to respond with duplicate ACKs when queuing out-of-order packets.

The CSG2 must have a content configured for layer 7 inspection with parse protocol http.

The CSG2 must create a flow object for an HTTP that matches the content.

The HTTP request must use chunked transfer encoding with no content length, or it must contain pipelined requests.

Dropped packets near a chunked or transaction boundary must cause the CSG2 to queue what it considers packets beyond the beginning of the next chunk or transaction.

If these conditions occur, the queue used to hold out-of-order packets fills up and the CSG2 drops packets.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB11 - Open Caveats

The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB11:

CSCtk98031—Target name not included in iSCSI login message

The iSCSI login might fail.

The SAMI debug reports:

iSCSI ERROR: login error status class 2, status details 7

The server log reports:

Initiator did not specify target name in LOGIN request

Workaround: None.

CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured

If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the write memory command on the PPC 3 results in the following error:

% Error saving SNMP ifIndexes No space left on device

The Ifindex table file in NVRAM is also deleted.

For this problem to occur, all of the following conditions must be met:

The SNMP ifIndex persistence feature must be configured.

The CSG2 release image must include the CSCtr09086 fix (included in the CSG2 software for Cisco IOS Release 12.4(24)MDB7 or later).

More than 600 interfaces must be configured.

Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex persistence feature.

CSCub22727—The show sami ixp session command might result in a traceback

If acceleration is enabled, and the show sami ixp session command is issued, the following traceback might occur:

SAMI 5/3: Jul 24 17:18:13.686 EDT: %SAMI-4-WARNING: Unexpected condition: response too long for buffer
-Process= "Virtual Exec", ipl= 0, pid= 115, -Traceback= 0x5657B70z 0x5659EA4z 0x565A3BCz 0x55AD884z 0x55ADAD4z 0x55AF0E0z 0x5656C5Cz 0x5B0D6ACz 0x5B343CCz 0x68C3C2Cz 0x68C73B4z

Workaround: None.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB11 - Closed Caveats

The following list identifies the Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB11:

CSCtu68726—%RF_INTERDEV-3-RELOAD: -Process= "HSRP Common" during supervisor engine hardware module reset

When the supervisor engine sends a hardware module reset for one of a pair of redundant Cisco SAMIs, the following message might be seen:

%RF_INTERDEV-3-RELOAD: -Process= "HSRP Common"

Caveats for Cisco IOS Release 12.4(24)MDB10

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDB10.

CSG2 Software for Cisco IOS Release 12.4(24)MDB10 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB10 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB10 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB10 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB10 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB10:

CSCty02688—CSG2: Improper session synchronization during upgrade

When performing an in-service upgrade and synchronizing sessions from the active CSG2 Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the synchronization might not complete correctly. The standby CSG2 is synchronized with an unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the BMA, causing all sessions to be overcharged.

Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release, to CSG2 Release 5, or any later release.

CSCty47919—Standby CSG2 RADIUS attributes added twice to Gx ASID Table

If the active CSG2 is running CSG2 software for Cisco IOS Release 12.4(24)MDB5a or later, and the standby CSG2's Gx ASID table is updated two or three times via RADIUS attributes, then the standby CSG2's Gx ASID Table RADIUS attributes are updated two or three times in the CSG2 User Table output.

This issue is seen only when creating an EPS bearer.

Workaround: None.

CSCua22892—Interval seconds is not updating for first few iterations

The first PCDR closed for a 4G session might not report the correct time usage, based on the usage information sent by the CSG2 to the PGW.

The issue is observed only for the first PCDR closed for a 4G session. Subsequent closed PCDRs include the correct time usage.

Workaround: None.

CSG2 Software for Cisco IOS Release 12.4(24)MDB10 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB10:

CSCub16776—IXP: No Buffer packet drops in IXP engine

On the CSG2 IXP processor, available buffers can become temporarily depleted, causing packet drops. This shows up in the output for the show sami ixp statistics command. In the output, both the Missing SOP (Start of Packet) and Drops - No Buffer fields are incremented whenever there are packet drops.

This problem can occur when contents are configured for acceleration and are inservice, and flows matching these contents are accelerated.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB10 - Open Caveats

The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB10:

CSCtk98031—Target name not included in iSCSI login message

The iSCSI login might fail.

The SAMI debug reports:

iSCSI ERROR: login error status class 2, status details 7

The server log reports:

Initiator did not specify target name in LOGIN request

Workaround: None.

CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured

If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the write memory command on the PPC 3 results in the following error:

% Error saving SNMP ifIndexes No space left on device

The Ifindex table file in NVRAM is also deleted.

For this problem to occur, all of the following conditions must be met:

The SNMP ifIndex persistence feature must be configured.

The CSG2 release image must include the CSCtr09086 fix (included in the CSG2 software for Cisco IOS Release 12.4(24)MDB7 or later).

More than 600 interfaces must be configured.

Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex persistence feature.

CSCub22727—The show sami ixp session command might result in a traceback

If acceleration is enabled, and the show sami ixp session command is issued, the following traceback might occur:

SAMI 5/3: Jul 24 17:18:13.686 EDT: %SAMI-4-WARNING: Unexpected condition: response too long for buffer
-Process= "Virtual Exec", ipl= 0, pid= 115, -Traceback= 0x5657B70z 0x5659EA4z 0x565A3BCz 0x55AD884z 0x55ADAD4z 0x55AF0E0z 0x5656C5Cz 0x5B0D6ACz 0x5B343CCz 0x68C3C2Cz 0x68C73B4z

Workaround: None.

CSCub24207—SAMI might crash during a traffic pattern integration test

The Cisco SAMI might reboot unexpectedly during a traffic pattern integration test.

Workaround: None.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB10 - Closed Caveats

There are no Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB10.

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

The following list identifies Cisco PSIRT closed caveats that impact Cisco IOS Release 12.4(24)MDB10:

CSCtn76183

The Cisco IOS Software Network Address Translation (NAT) feature contains two denial of service (DoS) vulnerabilities in the translation of IP packets.

The vulnerabilities are caused when packets in transit on the vulnerable device require translation.

Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-nat

Caveats for Cisco IOS Release 12.4(24)MDB9

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDB9.

CSG2 Software for Cisco IOS Release 12.4(24)MDB9 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB9 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB9 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB9 - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB9 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB9:

CSCty02688—CSG2: Improper session synchronization during upgrade

When performing an in-service upgrade and synchronizing sessions from the active CSG2 Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the synchronization might not complete correctly. The standby CSG2 is synchronized with an unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the BMA, causing all sessions to be overcharged.

Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release, to CSG2 Release 5, or any later release.

CSCty47919—Standby CSG2 RADIUS attributes added twice to Gx ASID Table

If the active CSG2 is running CSG2 software for Cisco IOS Release 12.4(24)MDB5a or later, and the standby CSG2's Gx ASID table is updated two or three times via RADIUS attributes, then the standby CSG2's Gx ASID Table RADIUS attributes are updated two or three times in the CSG2 User Table output.

This issue is seen only when creating an EPS bearer.

Workaround: None.

CSCua22892—Interval seconds is not updating for first few iterations

The first PCDR closed for a 4G session might not report the correct time usage, based on the usage information sent by the CSG2 to the PGW.

The issue is observed only for the first PCDR closed for a 4G session. Subsequent closed PCDRs include the correct time usage.

Workaround: None.

CSG2 Software for Cisco IOS Release 12.4(24)MDB9 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB9:

CSCua14094—The CSG2 does not send a CCR-U for the service-group-report-usage-event-trigger for accelerated traffic

The CSG2 does not send a CCR-U for the service-group-report-usage-event-trigger for accelerated traffic.

For this problem to occur, all of the following conditions must be met:

A UE must be created with a service group with a service-group-report-usage-event-trigger (such as a PLMN change).

The UE's traffic that hits this service group must be accelerated.

The gateway must send an interim-update with a corresponding RADIUS VSA (such as a PLMN) value getting changed.

The CSG2 must not send a CCR-U when it receives the interim-update.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB9 - Open Caveats

The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB9:

CSCtk98031—Target name not included in iSCSI login message

The iSCSI login might fail.

The SAMI debug reports:

iSCSI ERROR: login error status class 2, status details 7

The server log reports:

Initiator did not specify target name in LOGIN request

Workaround: None.

CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured

If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the write memory command on the PPC 3 results in the following error:

% Error saving SNMP ifIndexes No space left on device

The Ifindex table file in NVRAM is also deleted.

For this problem to occur, all of the following conditions must be met:

The SNMP ifIndex persistence feature must be configured.

The CSG2 release image must include the CSCtr09086 fix (included in the CSG2 software for Cisco IOS Release 12.4(24)MDB7 or later).

More than 600 interfaces must be configured.

Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex persistence feature.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB9 - Closed Caveats

The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB9:

CSCtz07383—The SAMI card reloads due to unexpected termination of XScale qconn process

An unexpected termination of the qconn process on the IXP XScale processor can cause a Cisco SAMI card reload. After the reload, output from the show version command on the SAMI PPCs shows the following:

System returned to ROM by NP 1 Failed: NP Core Reset - Cause Unknown at timestamp

CSCua01873—R6 MDB5a: The CSG2 reloads with an IXP Health monitoring failure

The CSG2 reloads with the following message:

002940: SAMI 11/5: 000044: May 19 21:03:23: %PLATFORM-2-DP_IXP_HM_WARN:
Failed to receive response from IXP2 in 16 retries, system will reboot if it
continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)
System returned to ROM by Proc 6 - Proc 6 - data path fail to Proc 2 (NP2) at 12:34:28 PST Mon Mar 19 2012

Caveats for Cisco IOS Release 12.4(24)MDB8

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDB8.

CSG2 Software for Cisco IOS Release 12.4(24)MDB8 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB8 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB8 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB8 - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB8 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB8:

CSCty02688—CSG2: Improper session synchronization during upgrade

When performing an in-service upgrade and synchronizing sessions from the active CSG2 Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the synchronization might not complete correctly. The standby CSG2 is synchronized with an unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the BMA, causing all sessions to be overcharged.

Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release, to CSG2 Release 5, or any later release.

CSCty47919—Standby CSG2 RADIUS attributes added twice to Gx ASID Table

If the active CSG2 is running CSG2 software for Cisco IOS Release 12.4(24)MDB5a or later, and the standby CSG2's Gx ASID table is updated two or three times via RADIUS attributes, then the standby CSG2's Gx ASID Table RADIUS attributes are updated two or three times in the CSG2 User Table output.

This issue is seen only when creating an EPS bearer.

Workaround: None.

CSG2 Software for Cisco IOS Release 12.4(24)MDB8 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB8:

CSCty63686—The CSG2 times out the IPv6 fragmented packet when offset=0 and more frag=0

When a TCP (SYN-ACK) arrives from the server, the intermediate node (firewall) adds "fragmentation header" in the IPv6 packet and forwards the packet having offset=0 and more frag=0 to the CSG2. The CSG2 drops the packet while waiting for additional fragments even though this is the one and only packet applicable for this fragment ID.

CSCtz27702—RAR message sent with QoS value 0

The PGW might reject CoA messages sent from the CSG2 if they contain changes in the QoS values for the default bearer. This problem can occur after the PCRF sends a RAR request to the CSG2 to change the UE APN-AMBR QoS value.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB8 - Open Caveats

The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB8:

CSCtk98031—Target name not included in iSCSI login message

The iSCSI login might fail.

The SAMI debug reports:

iSCSI ERROR: login error status class 2, status details 7

The server log reports:

Initiator did not specify target name in LOGIN request

Workaround: None.

CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured

If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the write memory command on the PPC 3 results in the following error:

% Error saving SNMP ifIndexes No space left on device

The Ifindex table file in NVRAM is also deleted.

For this problem to occur, all of the following conditions must be met:

The SNMP ifIndex persistence feature must be configured.

The CSG2 release image must include the CSCtr09086 fix (included in the CSG2 software for Cisco IOS Release 12.4(24)MDB7 or later).

More than 600 interfaces must be configured.

Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex persistence feature.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB8 - Closed Caveats

The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB8:

CSCtw60222—Debugging information should be collected during HW Watchdog Timer expiration

The following hardware failure notice is seen on the LCP side:

%SAMI-3-730205: SAMI User Space: ERROR: Proc-3 hw watchdog timeout event received 
%SAMI-3-730205: SAMI User Space: ERROR: lcp handle ppc crash notice for proc 3 
%SAMI-5-730203: SAMI User Space: Notice: Reload reason: Proc 3 - hw watchdog failure
 
 

No specific conditions appear to trigger the failure notice; however, any process that has disabled interrupts for more than 3 seconds appears to trigger the failure notice.

Caveats for Cisco IOS Release 12.4(24)MDB7

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDB7.

CSG2 Software for Cisco IOS Release 12.4(24)MDB7 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB7 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB7 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB7 - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB7 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB7:

CSCty02688—CSG2: Improper session synchronization during upgrade

When performing an in-service upgrade and synchronizing sessions from the active CSG2 Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the synchronization might not complete correctly. The standby CSG2 is synchronized with an unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the BMA, causing all sessions to be overcharged.

Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release, to CSG2 Release 5, or any later release.

CSCty47919—Standby CSG2 RADIUS attributes added twice to Gx ASID Table

If the active CSG2 is running CSG2 software for Cisco IOS Release 12.4(24)MDB5a or later, and the standby CSG2's Gx ASID table is updated two or three times via RADIUS attributes, then the standby CSG2's Gx ASID Table RADIUS attributes are updated two or three times in the CSG2 User Table output.

This issue is seen only when creating an EPS bearer.

Workaround: None.

CSCty63686—The CSG2 times out the IPv6 fragmented packet when offset=0 and more frag=0

When a TCP (SYN-ACK) arrives from the server, the intermediate node (firewall) adds "fragmentation header" in the IPv6 packet and forwards the packet having offset=0 and more frag=0 to the CSG2. The CSG2 drops the packet while waiting for additional fragments even though this is the one and only packet applicable for this fragment ID.

Workaround: None.

CSG2 Software for Cisco IOS Release 12.4(24)MDB7 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB7:

CSCtu19283—CSG2 needs to support 32 char VRF name in ExtendedUserIndex TLV of SCU

The CSG2 truncates VRF table names that are longer than 32 characters.

CSCtx99828—CSG:CISCO-PROCESS-MIB cpmCPUTotalPhysicalIndex uses bad entPhysicalIndex

The CPU description is displayed incorrectly in the CISCO-PROCESS-MIB NMS report.

The cpmCPUTotalPhysicalIndex value in the CISCO-PROCESS-MIB might not match the CPU's Entity-MIB entPhysicalIndex value. The cpmCPUTotalPhysicalIndex contains values 0,2-6, but it should contain values 2-7 (where entPhysicalTable contains one row for the Cisco SAMI module, followed by six rows for the SAMI PPC processors).

CSCty01884—CSG2: One CPU statistic is missing from CISCO-ENHANCED-MEMPOOL-MIB

The CISCO-ENHANCED-MEMPOOL-MIB reports statistics for five processors instead of the full complement of six.

The following CISCO-ENHANCED-MEMPOOL-MIB tables cempMemPoolTable, cempMemBufferPoolTable, and cempMemBufferCachePoolTable are indexed by CPU (entPhysicalIndex) and by a table-specific index. The entPhysicalIndex contains values 2-6, but it should contain values 2-7 (where entPhysicalTable contains one row for the Cisco SAMI module, followed by six rows for the SAMI PPC processors).

CSCty49215—Aggregate bucket distribution counters (highwater) needs zero on alloc

In a show tech display, counters for aggregate flow count distribution buckets are incorrect.

When flows that participate in aggregate accounting are accelerated, they are attached to an aggregate object for tracking purposes. These distribution buckets indicate a highwater mark for the number of concurrent accelerated flows on each aggregate object. When the flows are complete, they are removed from the aggregate object and the aggregate object can then be reused for tracking future flows. The highwater count is not cleared when the aggregate object is reused. This can skew the distribution counters to the high end.

Sample output:

Aggregate distributions:
Accelerated flows [1,4] = 3
Accelerated flows [5,8] = 0
Accelerated flows [9,12] = 0
Accelerated flows [13,16] = 0
Accelerated flows [17,20] = 0
Accelerated flows [21,24] = 0
Accelerated flows [25,28] = 1
Accelerated flows [29,32] = 170

Flows that participate in aggregate accounting are accelerated. Examples of aggregate accounting include prepaid, service volume threshold, user volume threshold.

CSCty49899—Standby CSG2 sends Create Session Request to PCRF after reload

When a user is deleted on the active CSG2, the standby CSG2 also sends a CCR-F. That causes the "pcrf failure" counter to increment, as the Diameter connection is not established on the standby CSG2.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB7 - Open Caveats

The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB7:

CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured

If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the write memory command on the PPC 3 results in the following error:

% Error saving SNMP ifIndexes No space left on device

The Ifindex table file in NVRAM is also deleted.

For this problem to occur, all of the following conditions must be met:

The SNMP ifIndex persistence feature must be configured.

The CSG2 release image must include the CSCtr09086 fix (included in the CSG2 software for Cisco IOS Release 12.4(24)MDB7 or later).

More than 600 interfaces must be configured.

Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex persistence feature.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB7 - Closed Caveats

The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB7:

CSCtq39561—HSRP/RF running while writing debuginfo causes delayed switchover

A delayed switchover can occur in an active-standby pair of Cisco SAMIs. That is, when the active SAMI goes down, the standby SAMI might not become active for several minutes.

CSCtr09086—CSG2:R5:SNMPWALK for interface table displays only the CP's interfaces

An SNMP walk on the CSG2 interface table in the Cisco SAMI shows only the CP's interfaces. The TP interfaces and statistics are not shown.

CSCtt45681—Active reset when standby is upgraded with less-than-default HSRP timer

When the Cisco SAMI HSRP timer values are configured to less than their default values, and the standby SAMI has a higher IP/priority configured, the active SAMI card might reset when the standby SAMI is upgraded.

CSCtu50827—The Cisco SAMI reloads due to PPC-LCP HM failure after crash

The Cisco SAMI reloads due to an LCP-to-PPC health monitoring failure. This reload occurs only when a flash operation occurs at the same time a software issue causes a crash.

CSCtu73030—Sup-LCP Keepalive failure

The Cisco SAMI reboots with following logs displaying at the supervisor console:

Card in module slot_num, is being power-cycled off (Module not responding to Keep Alive polling)

After the reload, the dir core: in LCP does not contain any logs that indicate the reason for the reload.

CSCtx29111—PPC: PC & Stacks are not stored when Machine Check Exception is generated

After a reload, the show version command output displays the reload reason as "System returned to ROM by error - Bus Error, PC 0x0." This condition occurs when a PPC encounters a machine check exception due to a PC bus error.

CSCtx88394—Crashinfo/debuginfo does not get stored in flash

When a crash (RF-Induced reload/HM-failure) occurs, the "Crashinfo_proc/debuginfo_proc" is missing in the crashinfo_collection.tar file.

CSCty03443—IXP: Validate buffer handles at each stage (microblock) in IXP datapath

The Cisco SAMI reloads due to an IXP health monitoring failure. The following system log message is seen on the PPC console:

%PLATFORM-1-DP_HM_FAIL: Failed to receive response from IXP1. Check `sami health-monitoring' configuration and see `show sami health-monitoring' for more info

The null buffer handle is processed by data path processing in the IXP microengine. Each packet processed has an associated buffer handle, A null buffer handle is invalid. When a null buffer handle is processed by the IXP, it fails to respond to health monitoring messages from the PPCs.

CSCty22416—Machine Check Exception due to bus errors should generate crashinfo

A Machine Check Exception to any of the PowerPC processors might result in a reload of the Cisco SAMI without creating a crashinfo file.

CSCty37602—IXP: Debug enhancements to address crashes due to null buffer handle

The Cisco SAMI reboots after an IXP crash. The IXP crashinfo indicates that a QM microblock dequeued a null buffer handle. As a preventive measure, the system is reloaded.

Caveats for Cisco IOS Release 12.4(24)MDB6

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDB6.

CSG2 Software for Cisco IOS Release 12.4(24)MDB6 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB6 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB6 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB6 - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB6 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB6:

CSCtu19283—CSG2 needs to support 32 char VRF name in ExtendedUserIndex TLV of SCU

The CSG2 truncates VRF table names that are longer than 32 characters.

Workaround: Configure VRF table names of 15 characters or less.

CSCtx99828—CSG:CISCO-PROCESS-MIB cpmCPUTotalPhysicalIndex uses bad entPhysicalIndex

The CPU description is displayed incorrectly in the CISCO-PROCESS-MIB NMS report.

The cpmCPUTotalPhysicalIndex value in the CISCO-PROCESS-MIB might not match the CPU's Entity-MIB entPhysicalIndex value. The cpmCPUTotalPhysicalIndex contains values 0,2-6, but it should contain values 2-7 (where entPhysicalTable contains one row for the Cisco SAMI module, followed by six rows for the SAMI PPC processors).

Workaround: The CISCO-PROCESS-MIB cpmCPUTotalTable contains one row per PPC processor, where each column in the row provides statistics pertaining to that PPC processor. In addition to the table index cpmCPUTotalIndex, another column named cpmCPUTotalPhysicalIndex is also provided (containing the entPhysicalIndex value) to allow the NMS to correlate the processor row back to a managed entity (for example, to a row in the Entity-MIB entPhysicalTable).

For some NMS functionality and reporting, this correlation might not be used, or it might be used only to provide the entPhysicalDescr, which is a human-readable description of the processor entity (for example, MCP8500 CPU 4 at 1250HMz). If the label is the only thing showing up incorrectly, the following describes the mapping of 0,2-6 to 2-7 labels:

Observed entity description => map to actual entity description

Unknown => MPC8500 CPU 3 at 1250MHz
MPC8500 CPU 3 at 1250MHz => MPC8500 CPU 4 at 1250MHz
MPC8500 CPU 4 at 1250MHz => MPC8500 CPU 5 at 1250MHz
MPC8500 CPU 5 at 1250MHz => MPC8500 CPU 6 at 1250MHz
MPC8500 CPU 6 at 1250MHz => MPC8500 CPU 7 at 1250MHz
MPC8500 CPU 7 at 1250MHz => MPC8500 CPU 8 at 1250MHz

CSCty01884—CSG2: One set of CPU statistics is missing from the CISCO-ENHANCED-MEMPOOL-MIB

The CISCO-ENHANCED-MEMPOOL-MIB might report statistics for only five processors instead of six. The following CISCO-ENHANCED-MEMPOOL-MIB Tables are indexed by CPU (entPhysicalIndex) and by a table-specific index:

cempMemPoolTable

cempMemBufferPoolTable

cempMemBufferCachePoolTable

The entPhysicalIndex should contain values 2-7 (where entPhysicalTable contains one row for the SAMI module followed by six rows for the SAMI PPC processors), but only values 2-6 are seen.

Workaround: None.

CSCty02688—CSG2: Improper session synchronization during upgrade

When performing an in-service upgrade and synchronizing sessions from the active CSG2 Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the synchronization might not complete correctly. The standby CSG2 is synchronized with an unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the BMA, causing all sessions to be overcharged.

Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release, to CSG2 Release 5, or any later release.

CSG2 Software for Cisco IOS Release 12.4(24)MDB6 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB6:

CSCtt08817—RTSP protocol statistics report a 0 value

When control-url is configured for a content, the output for the show ip csg stats protocol command displays 0 for the RTSP protocol.

CSCtu36282—Send a duplicate ACK response when queueing an out-of-order packet for parsing

TCP packets that arrive out of order at the CSG2 are not forwarded until the missing segments arrive. Excess out-of-order packets are dropped, leading to long recovery times and low throughput.

When the CSG2 parses a transaction, it queues out-of-order packets. The queue depth is limited. When the network drops a packet, the TCP window size allows the sender to overrun the CSG2's out-of-order packet queue depth. This leads to both dropped packets and a retransmit timer expiry at the sender.

CSCtu53660—CSG2- Diameter error- Dia Transport: TCP port unavailable

In the Gx interface, the TCP port to the PCRF server might become unavailable.

The TCP connection on the Gx interface between the CSG2 and the PCRF is not coming up. The issue is encountered after the PCRF connection goes down and comes up multiple times. This causes the local port leak to accumulate, and the local port becomes unavailable to establish the TCP connection.

CSCtx01679—CSG2: Gx Service Group Volume Usage can be wrong for accelerated flows

When using Gx service groups with accelerated flows, the CSG2 might report and incorrect volume usage. This can occur when the PCRF modifies the service group for a user's service instance during the lifetime of the service, for example, due to user roaming.

CSCtx63728—CSG-3-PRELOAD ERR: Unexpected tlv 92 for policy during preload

If you upgrade to the CSG2 Release 6 from any earlier release, and policy preloading is configured, the upgrade might fail with the following error:

CSG-3-PRELOAD ERR: Unexpected tlv 92 for policy during preload

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB6 - Open Caveats

The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB6:

CSCtr09086—CSG2:R5:SNMPWALK for interface table displays only the CP's interfaces

An SNMP walk on the CSG2 interface table in the Cisco SAMI shows only the CP's interfaces. The TP interfaces and statistics are not shown.

Workaround: None.

CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured

If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the write memory command on the PPC 3 results in the following error:

% Error saving SNMP ifIndexes No space left on device

The Ifindex table file in NVRAM is also deleted.

For this problem to occur, all of the following conditions must be met:

The SNMP ifIndex persistence feature must be configured.

The CSG2 release image must include the CSCtr09086 fix (included in the CSG2 software for Cisco IOS Release 12.4(24)MDB7 or later).

More than 600 interfaces must be configured.

Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex persistence feature.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB6 - Closed Caveats

The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB6:

CSCsx76826—SAMI SNMP ENTITY-MIB entPhysicalTable miscellaneous issues

When queried via SNMP, the Cisco SAMI Name and Desc values stored in the Entity-MIB (RFC4133) do not match the Name and Desc values and formats displayed using the show inventory command.

The value of the Entity-MIB objects had been shown as follows for SAMI (entPhysicalIndex = 1)

entPhysicalDescr = WS-SVC-SAMI-BB-K9 1 ports Service and Application module for IP (SAMI) Rev 2.3

entPhysicalName = SAMI (instead of slot slot-number)

entPhysicalParentRelPos = slot-number (instead of -1)

CSCts68928—SAMI: write erase and reload cause CFG_DNLD_ERROR

Issuing an erase bootflash on the PCOP results in a configuration download error with the following error message:

%IPC-0-CFG_DOWNLOAD_ERROR: Configuration download/parse error: Failed to download config on one or more processors, traffic will get blocked -Process= "Init", ipl= 0, pid= 3

CSCtt21485—IXP: RX MB de-queues invalid buffer handle

The Cisco SAMI card reloads due to a health monitoring (HM) failure.

%PLATFORM-4-DP_HM_WARN: Failed to receive response from IXP<1/2> in 22 retries, system will reboot if it continues to fail receiving response in another 8 retries (i.e. in the next 80 secs.) Check `sami health-monitoring' configuration and see `show sami health-monitoring' for more info

The IXP fails to respond to HM messages sent from the PPC.

CSCtt32257—Mechanism to detect health of IXP Lookup threads

While debugging, it is observed on rare occasions that all of the lookup threads become stuck, resulting in the IXP not processing any packets. The Cisco SAMI IXP has more than 50 look threads. If a few threads fail, the system might not report the failure right away, but continue to work in degraded mode.

CSCtx38172—Red zone corruption on the CSG2 leads to a crash

When the TP receives bad trailers from the IXP, the bad trailer count on the TP increases, and the CSG2 might crash as a result of Memory Block Red Zone corruption.

Caveats for Cisco IOS Release 12.4(24)MDB5a

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDB5a.

CSG2 Software for Cisco IOS Release 12.4(24)MDB5a - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB5a - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5a - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5a - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB5a - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB5a:

CSCtt08817—RTSP protocol statistics report a 0 value

When control-url is configured for a content, the output for the show ip csg stats protocol command displays 0 for the RTSP protocol.

Workaround: Remove the control-url configuration from the content.

CSCtu19283—CSG2 needs to support 32 char VRF name in ExtendedUserIndex TLV of SCU

The CSG2 truncates VRF table names that are longer than 32 characters.

Workaround: Configure VRF table names of 15 characters or less.

CSCtu53660—CSG2- Diameter error- Dia Transport: TCP port unavailable

In the Gx interface, the TCP port to the PCRF server might become unavailable.

The TCP connection on the Gx interface between the CSG2 and the PCRF is not coming up. The issue is encountered after the PCRF connection goes down and comes up multiple times. This causes the local port leak to accumulate, and the local port becomes unavailable to establish the TCP connection.

Workaround: Reboot the CSG2.

CSCtx38172—Red zone corruption on the CSG2 leads to a crash

When the TP receives bad trailers from the IXP, the bad trailer count on the TP increases, and the CSG2 might crash as a result of Memory Block Red Zone corruption.

Workaround: None.

CSCty02688—CSG2: Improper session synchronization during upgrade

When performing an in-service upgrade and synchronizing sessions from the active CSG2 Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the synchronization might not complete correctly. The standby CSG2 is synchronized with an unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the BMA, causing all sessions to be overcharged.

Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release, to CSG2 Release 5, or any later release.

CSG2 Software for Cisco IOS Release 12.4(24)MDB5a - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB5a:

CSCtx25063—Increased CPU usage when using Gx service group volume thresholds

The CSG2 experiences increased CPU usage on its traffic processors (TPs) when using volume thresholds over Gx service groups.

CSCtx35215—Volume threshold aggregate objects are not being cleaned up

When volume thresholds are configured for acceleration via the hardware (that is, either the service is configured with records granularity bytes or volume threshold triggers are enabled via Gx), the CSG2 performance can degrade. The degraded performance is exhibited through higher than normal CPU usage, as more and more packets that had been accelerated and switched by the hardware are forced up to the transaction processor and switched by the software.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5a - Open Caveats

The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB5a:

CSCtr09086—CSG2:R5:SNMPWALK for interface table displays only the CP's interfaces

An SNMP walk on the CSG2 interface table in the Cisco SAMI shows only the CP's interfaces. The TP interfaces and statistics are not shown.

Workaround: None.

CSCts68928—SAMI: write erase and reload cause CFG_DNLD_ERROR

Issuing an erase bootflash on the PCOP results in a configuration download error with the following error message:

%IPC-0-CFG_DOWNLOAD_ERROR: Configuration download/parse error: Failed to download config on one or more processors, traffic will get blocked -Process= "Init", ipl= 0, pid= 3

Workaround: On PPC3, issue a CLI:Write Memory.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5a - Closed Caveats

There are no Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB5a.

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

The following list identifies Cisco PSIRT closed caveats that impact Cisco IOS Release 12.4(24)MDB5a:

CSCti46171

Cisco IOS Software contains four vulnerabilities related to Cisco IOS Zone-Based Firewall features. These vulnerabilities are as follows:

Memory Leak Associated with Crafted IP Packets

Memory Leak in HTTP Inspection

Memory Leak in H.323 Inspection

Memory Leak in SIP Inspection

Workarounds that mitigate these vulnerabilities are not available.

Cisco has released free software updates that address these vulnerabilities.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-zbfw

CSCtr28857

A vulnerability in the Multicast Source Discovery Protocol (MSDP) implementation of Cisco IOS Software and Cisco IOS XE Software could allow a remote, unauthenticated attacker to cause a reload of an affected device. Repeated attempts to exploit this vulnerability could result in a sustained denial of service (DoS) condition.

Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-msdp

CSCtr49064

The Secure Shell (SSH) server implementation in Cisco IOS Software and Cisco IOS XE Software contains a denial of service (DoS) vulnerability in the SSH version 2 (SSHv2) feature. An unauthenticated, remote attacker could exploit this vulnerability by attempting a reverse SSH login with a crafted username. Successful exploitation of this vulnerability could allow an attacker to create a DoS condition by causing the device to reload. Repeated exploits could create a sustained DoS condition.

The SSH server in Cisco IOS Software and Cisco IOS XE Software is an optional service, but its use is highly recommended as a security best practice for the management of Cisco IOS devices. Devices that are not configured to accept SSHv2 connections are not affected by this vulnerability.

Cisco has released free software updates that address this vulnerability. This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-ssh

CSCtr91106

A vulnerability exists in the Cisco IOS Software that may allow a remote application or device to exceed its authorization level when authentication, authorization, and accounting (AAA) authorization is used. This vulnerability requires that the HTTP or HTTPS server is enabled on the Cisco IOS device.

Products that are not running Cisco IOS Software are not vulnerable.

Cisco has released free software updates that address these vulnerabilities.

The HTTP server may be disabled as a workaround for the vulnerability described in this advisory.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-pai

CSCts38429

The Cisco IOS Software Internet Key Exchange (IKE) feature contains a denial of service (DoS) vulnerability.

Cisco has released free software updates that address this vulnerability. This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-ike

Caveats for Cisco IOS Release 12.4(24)MDB5

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDB5.

CSG2 Software for Cisco IOS Release 12.4(24)MDB5 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB5 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5 - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB5 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB5:

CSCtt08817—RTSP protocol statistics report a 0 value

When control-url is configured for a content, the output for the show ip csg stats protocol command displays 0 for the RTSP protocol.

Workaround: Remove the control-url configuration from the content.

CSCtu19283—CSG2 needs to support 32 char VRF name in ExtendedUserIndex TLV of SCU

The CSG2 truncates VRF table names that are longer than 32 characters.

Workaround: Configure VRF table names of 15 characters or less.

CSCtu53660—CSG2- Diameter error- Dia Transport: TCP port unavailable

In the Gx interface, the TCP port to the PCRF server might become unavailable.

The TCP connection on the Gx interface between the CSG2 and the PCRF is not coming up. The issue is encountered after the PCRF connection goes down and comes up multiple times. This causes the local port leak to accumulate, and the local port becomes unavailable to establish the TCP connection.

Workaround: Reboot the CSG2.

CSG2 Software for Cisco IOS Release 12.4(24)MDB5 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB5:

CSCtw59173—Time-based eG-CDR services should not track service-level volume aggregates

CPU performance begins to suffer when more than seven sessions are directed over a single user service that is configured with records granularity service seconds. This issue can also result in incrementing of the aggregate trig acceleration counter.

CSCtw59533—Tracebacks occur in the HTTP protocol handler

The following spurious memory access might be seen during URL-redirection:

0x80F03A4z 0x80F1DB0z 0x80884A8z 0x8089E20z 0x838E624z 0x838E830z 0x827ACECz 0x827D850z

This issue can occur if the same memory block used for relative redirection is deallocated, then allocated for non-relative redirection.

CSCtw68505—User's billing is unknown

Some subscribers associated with a secondary PDP are not assigned a billing plan, because the 3GPP charging ID (as part of the RADIUS attributes) is missing in the user's Profile Request that is sent to the quota server.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5 - Open Caveats

The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB5:

CSCtr09086—CSG2:R5:SNMPWALK for interface table displays only the CP's interfaces

An SNMP walk on the CSG2 interface table in the Cisco SAMI shows only the CP's interfaces. The TP interfaces and statistics are not shown.

Workaround: None.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5 - Closed Caveats

There are no Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB5.

Caveats for Cisco IOS Release 12.4(24)MDB4

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDB4.

CSG2 Software for Cisco IOS Release 12.4(24)MDB4 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB4 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB4 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB4 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB4 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB4:

CSCtt08817—RTSP protocol statistics report a 0 value

When control-url is configured for a content, the output for the show ip csg stats protocol command displays 0 for the RTSP protocol.

Workaround: Remove the control-url configuration from the content.

CSCtu19283—CSG2 needs to support 32 char VRF name in ExtendedUserIndex TLV of SCU

The CSG2 truncates VRF table names that are longer than 32 characters.

Workaround: Configure VRF table names of 15 characters or less.

CSCtu53660—CSG2- Diameter error- Dia Transport: TCP port unavailable

In the Gx interface, the TCP port to the PCRF server might become unavailable.

The TCP connection on the Gx interface between the CSG2 and the PCRF is not coming up. The issue is encountered after the PCRF connection goes down and comes up multiple times. This causes the local port leak to accumulate, and the local port becomes unavailable to establish the TCP connection.

Workaround: Reboot the CSG2.

CSG2 Software for Cisco IOS Release 12.4(24)MDB4 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB4:

CSCto53563—CSG2 R6: Deceleration not working for time/volume trigger with distributed Gx

The CSG2 is unable to accelerate flows for users with large volume thresholds. The CSG2 is also unable to clean up the session objects for these flows when the flows end.

For this problem to occur, the following conditions must be met:

Gx must send a rule for a user with a volume threshold that is larger than MAX_INT32, 2147483647.

Flows for the user must match a content that is configured for acceleration.

CSCtq94337—eGGSN- Packets are stuck in the quota server queue

In an eGGSN configuration, packets might become stuck in the quota server queue.

CSCtr08631—The CSG2 is reporting negative usage to the BMA after a failover

After a failover, the Service Usage reported as quadrans in an intermediate or final BMA CDR is less than that reported in a prior intermediate CDR.

For this problem to occur, all of the following conditions must be met:

Intermediate CDRs must be configured for type OTHER or NBAR.

A CSG2 failover must have occurred after an intermediate CDR has been generated for one or more long-lived Layer 4 sessions.

CSCtr69315—The CSG2 is delaying CCRs

The CSG2 might not send a CCR to the PCRF immediately after receiving accounting messages from the PGW. Therefore the CCR timeout occurs before the CCA is received, even though the CCA is received immediately. The retransmit CCR is sent to the next PCRF in the configuration. The CCA received for the retransmit CCR has 5012 - error in CCA Result code AVP.

A burst of 20 to 40 CCRs is sent to the PCRF, then no messages for almost two minutes.

CSCtr88344—RAR received before CCA-I is dropped; further RARs after CCA-I handled

When the PCRF places the CCA-I and the RAR in the same packet, the RAR message and all subsequent RAR messages are ignored. Since no RAA is returned for the first RAR, all subsequent RARs are also rejected.

CSCts04905—CSG2: Socket leak in Diameter transport code

The CSG2 cannot get the socket to set up the Diameter TCP connection to the PCRF.

CSCts08568—Ability to tweak the TCP MSS for indirectly connected network

If the Diameter TCP peer is on a different subnet than the CSG2 Diameter peer, the TCP MSS cannot be tuned for the indirectly connected network for the Diameter application. This occurs for either a Gx or a Gy implementation on the CSG2. By default, a value of 536 bytes is chosen for the TCP MSS, and the ip tcp mss 1460 global configuration command does not increase the MTU to 1460.

CSCts13678—Charging ID missing in Service Stop message when Gx enabled

When a subscriber is Gx-enabled, and the user is deleted, the CSG2 sends a Service Stop message to the quota server, but the CSG2 does not include the RADIUS attribute Charging ID in the message.

CSCts47723—CSG2 sends wrong usage count in CCR-F when CCA-U timeout or failure occur

If a CCA-U timeout/failure occurs on the CSG2, the CSG2 might send the wrong usage count in the CCR-F. The CSG2 continues to count the usage even after the CCA-U timeout/failure occurs.

CSCts73889—CSG2 ACCEL encap lookup failed

If there is more than one path to the source or destination IP address, the CSG2 ACCEL encap lookup might fail.

CSCts84547—Include QoS in CCR-U for EPS users even without QoS change

The CSG2 might not include Quality of Service (QoS) information in the CCR-U.

CSCtt45725—CSG2: Traceback seen on CP console

Traceback might be seen on the CP console. This can occur when there is no enough buffer space to accommodate all of the content. Part of the output for the show command for that particular content might be truncated. The traceback has no other functional impact.

CSCtu00081—CSG2 rejects a RAR with a nexthop of 0.0.0.0

When a RAR is sent with a nexthop uplink IP address of 0.0.0.0, the CSG2 discards it as an invalid address.

CSCtu13157—[CSG2 R6] Issue appending original URL after HTTP redirect

When relative URL processing is enabled, the CSG2 might not encode a fully qualified URL after a redirect URL. The host information might not be included in the redirection URL for a relative URL.

CSCtu23680—Failover in-between call, newly active CSG2 sends 5012 for RAR-rule-remove

If a failover occurs in-between a call, the newly active CSG2 sends 5012 for the RAR-rule-remove and does not send the COA.

When that issue is fixed, the newly active CSG2 sends a COA with an UNKNOWN source-IP address.

When that issue is fixed, tracebacks are generated when the sticky entry is created.

CSCtu31661—New CLI to stop counting if CCR-U failed

The CSG2 stops counting usage if the CCR-U fails. This CDETS introduces the ip csg ccr-u-fail stop-count command, which enables the CSG2 to continue to count usage in the event of a CCR-U failure.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB4 - Open Caveats

The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB4:

CSCtr09086—CSG2:R5:SNMPWALK for interface table displays only the CP's interfaces

An SNMP walk on the CSG2 interface table in the Cisco SAMI shows only the CP's interfaces. The TP interfaces and statistics are not shown.

Workaround: None.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB4 - Closed Caveats

The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB4:

CSCsx82030—Specific configuration sequence causes configuration download/parse error on the SAMI

A specific configuration sequence causes a configuration download/parse error on the SAMI.

The condition is logged as follows:

SAMI 1/3: Feb 18 09:27:43.779: %IPC-0-CFG_DOWNLOAD_ERROR: Configuration
download/parse error: Failed to download config on one or more processors,
traffic will get blocked -Process= "Init", ipl= 0, pid= 3
 
 

If inter-device redundancy is configured, a peer SAMI might reload with the redundancy framework (RF)/Cisco IOS Hot Standby Routing Protocol (HSRP) state broken.

The following configuration sequence causes the configuration download/parse error:

a. The "snmp-server community" is using a standard ACL.

b. The standard ACL is removed.

c. A new extended ACL is created with the same name as the previous standard ACL.

d. The SAMI is reloaded.

After the reload, the SAMI receives the configuration download/parse error.

CSCtc95114—Flash file system raises interrupt level during write operations

When performing a write memory or copying a file to the bootflash of a PowerPC (PPC), the Cisco SAMI drops a few packets.

CSCtj29848—SME crash on LCP while trying to collect coredump

The Cisco SAMI LCP crashes and reloads while attempting to collect core dump information. This condition occurs only when the IXP network processor is hung.

CSCtr32221—Decrease time-interval of PPC to IXP health-monitoring messages

In an active-standby Cisco SAMI pair, if the standby SAMI has a higher HSRP priority than the active SAMI, the active SAMI might reload when the IXP on the standby SAMI fails.

CSCtr81828—SRAM dequeue diagnostic in QM

The Cisco SAMI reloads with the following syslog error message:

%PLATFORM-1-DP_HM_FAIL: Failed to receive response from IXP<1/2>. Check `sami health-monitoring' configuration and see `show sami health-monitoring' for more info

The SAMI reloads when the IXP fails to respond to a health monitoring (HM) message sent by the PPCs. The IXP fails to respond to HM messages because the hardware assist that maintains the buffers known as the q-array is corrupted, A Null buffer handle (invalid) is de-queued.

The IXP maintains packets, including HM messages, in DRAM buffers, Pointers (buffer handles) to these buffers are maintained by q-arrays, and it is expected that q-arrays give valid buffer handles, when a Null buffer handle (invalid) is de-queued by a q-array, the IXP can no longer process incoming packets.

CSCts39548—The core: in LCP uses more bytes than the sum of the file sizes

The core: directory in the LCP shows more "total used" bytes than the sum of the size of the files that it contains.

CSCts39558—Free space script in LCP deletes crashinfo files at time of crash

If the core: directory in the LCP shows more "total used" bytes than the sum of the size of files that it contains, the CSG2 might reload due to a failure. The IXP core: is collected, but the IXP crashinfo file is missing in the crashinfo tar.

CSCtt37393—To disable write mem in TCOPS

Cron job might execute write memory CLI that executes on TCOPS. Check for the size of startup-config file in nvram: directory of TCOPS.

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

The following list identifies Cisco PSIRT closed caveats that impact Cisco IOS Release 12.4(24)MDB4:

CSCtg47129

The Cisco IOS Software implementation of the virtual routing and forwarding (VRF) aware network address translation (NAT) feature contains a vulnerability when translating IP packets that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-nat

Note: The March 27, 2013, Cisco IOS Software Security Advisory bundled publication includes seven Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the March 2013 bundled publication.

Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html

CSCti35326

The Cisco IOS Software Network Address Translation (NAT) feature contains a denial of service (DoS) vulnerability in the translation of Session Initiation Protocol (SIP) packets.

The vulnerability is caused when packets in transit on the vulnerable device require translation on the SIP payload.

Cisco has released free software updates that address this vulnerability. A workaround that mitigates the vulnerability is available.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-nat

Caveats for Cisco IOS Release 12.4(24)MDB3

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDB3.

CSG2 Software for Cisco IOS Release 12.4(24)MDB3 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB3 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB3 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB3 - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB3 - Open Caveats

CSCto53563—CSG2 R6: Deceleration not working for time/volume trigger with distributed Gx

The CSG2 is unable to accelerate flows for users with large volume thresholds. The CSG2 is also unable to clean up the session objects for these flows when the flows end.

For this problem to occur, the following conditions must be met:

Gx must send a rule for a user with a volume threshold that is larger than MAX_INT32, 2147483647.

Flows for the user must match a content that is configured for acceleration.

Workaround: If a content is configured for acceleration and is referenced by a Gx rule, do not set the rule's volume threshold larger than 2147483647.

CSCtq94337—eGGSN- Packets are stuck in the quota server queue

In an eGGSN configuration, packets might become stuck in the quota server queue.

Workaround: None.

CSCtr08631—The CSG2 is reporting negative usage to the BMA after a failover

After a failover, the Service Usage reported as quadrans in an intermediate or final BMA CDR is less than that reported in a prior intermediate CDR.

For this problem to occur, all of the following conditions must be met:

Intermediate CDRs must be configured for type OTHER or NBAR.

A CSG2 failover must have occurred after an intermediate CDR has been generated for one or more long-lived Layer 4 sessions.

Workaround: Disable intermediate CDR reporting.

CSG2 Software for Cisco IOS Release 12.4(24)MDB3 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB3:

CSCtl04589—CSG2 R6: Fix Diameter and MPCC statistics for distributed Gx

For distributed Gx, an SNMP GET for Diameter and MPCC statistics does not include Diameter connections or MPCC sessions statistics on the TPs. The output of the show diameter command does not include total Diameter connection statistics for all of the TPs, and the output of the show mpcc command does not include total MPCC session statistics for all of the TPs.

CSCtn62963—Support HTTPS URL redirection

Modify the CSG2 to support HTTPS URL redirection.

CSCtq46748—The standby CSG2 might reload when processing an HA update message

In a high-stress, high availability (HA) environment, with many RADIUS attributes configured for reporting in the Packet of Disconnect (PoD), the standby CSG2 might reload.

CSCtq60404—The CSG2 reloads when creating and deleting Gx users with traffic

The CSG2 might reload when creating and deleting tens of thousands of Gx users with traffic. The CSG2 must be under heavy load, creating and deleting 100,000 to 180,000 users and processing 10 sessions per user.

CSCtq60705—The CSG2 fails to parse the egcdr_correlator_id correctly in RADIUS messages

If eG-CDRs are configured for use between the eGGSN/PGW and the CSG2, the eGGSN/PGW might reject the GTP message from the CSG2. The CSG2 displays the following message:

%CSG-3-GTP_REJECT: GTP received

CSCtq76436—The ip csg rate-limit mid-flow-syn command might leak packet buffers

I/O memory (in the form of packet buffers) might be leaked on the CSG2 traffic processors (TPs).

To detect the leak:

Issue the show memory statistics command several times on the TPs and verify that the entry corresponding to row I/O and column Used (b) rises steadily.

Issue the show buffers command several times on the TPs and verify that the total number of buffers in use by any pool rises consistently.

For this problem to occur, all of the following conditions must be met:

The ip csg rate-limit mid-flow-syn command must be configured on the CSG2.

The mid flow SYN drop counters in the Session L4 Stats section of the output of the show ip csg stat command from the TPs must be non-zero.

CSCtq83846—Possible leak due to an out-of-order mid-flow SYN with the ACK bit set

The CSG2 might experience a memory leak due to an out-of-order mid-flow SYN with the ACK bit set. To detect the leak, examine the Pct Used value in the Application column in the CSG Buffer Management Stats section of the output of the show ip csg stats command.

CSCtr18288—CSG2 crash: Content not inservice with and without multiple attribute map

CSG2 processors might experience high CPU usage after changing CSG2 contents with CLI. The processes that cause the high CPU usage include the CSG BGCFG and the IPC message handler.

For this problem to occur, all of the following conditions must be met:

A content must be configured with Layer 7 parsing.

At least one policy on the content must be configured with an attribute map.

At least one policy on the content must be configured without an attribute map.

The content must be brought inservice.

The content must match traffic, or the content must be taken out of service.

CSCtr21100—Potential crash with a concurrent service idle timeout and RADIUS Accounting Stop

The CSG2 might crash when processing a service idle timeout and a RADIUS Accounting Stop for given user at the same time.

CSCtr33104—Accelerated TCP connections are not deleted or idled under high stress

When running under high stress and high CPU, the CSG2 might fail to free or clean up some accelerated flows after idling for a long time.

CSCtr54105—The CSG2 does not decelerate sessions after an eG-CDR usage request from the PGW

The CSG2 might report incorrect usage for accelerated users after a request from the PGW via the SCR.

CSCtr64807—Enhanced Diameter retry logic

A new user session might not be allowed when the PCRF responds with 5012 to a retransmitted packet. The CSG2 might show a very high number of CCA failures as a result of timeout and reject. The relevant CCA Failure statistics are:

CCA Failure: 
  pcrf failure    = 0 
  pcrf timeout    = 91893 
  pcrf reject       = 107559

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB3 - Open Caveats

There are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB3.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB3 - Closed Caveats

The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB3:

CSCto66682—The CSG2 is losing a RADIUS PoD

A RADIUS PoD sent through the CSG2 never appears on the egress.

CSCto72922—The SAMI IXP is not dropping packets larger than the maximum supported packet size

Packets larger than 3072 bytes (the maximum supported packet size for the Cisco SAMI) might be forwarded to the PowerPC processors, resulting in the following error:

%ETSEC-1-ERROR_INT_CAUSE IEVENT_BABR

Caveats for Cisco IOS Release 12.4(24)MDB1

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDB1.

CSG2 Software for Cisco IOS Release 12.4(24)MDB1 - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB1 - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB1 - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB1 - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB1 - Open Caveats

The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB1:

CSCto53563—CSG2 R6: Deceleration not working for time/volume trigger with distributed Gx

The CSG2 is unable to accelerate flows for users with large volume thresholds. The CSG2 is also unable to clean up the session objects for these flows when the flows end.

For this problem to occur, the following conditions must be met:

Gx must send a rule for a user with a volume threshold that is larger than MAX_INT32, 2147483647.

Flows for the user must match a content that is configured for acceleration.

Workaround: If a content is configured for acceleration and is referenced by a Gx rule, do not set the rule's volume threshold larger than 2147483647.

CSG2 Software for Cisco IOS Release 12.4(24)MDB1 - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB1:

CSCtb17999—Tracebacks on DPR from server, client closes TCP before sending DPA

When the PCRF (Policy and Charging Rules Function) sends a Diameter DPR (Disconnect Peer Request) followed by a TCP FIN to the CSG2 that is acting as the PCEF (Policy Charging Enforcement Function), the CSG2 first sends a TCP FIN-ACK and then tries to send a Diameter DPA (Disconnect Peer Answer) back to the PCRF. However, the DPA is not delivered because the TCP connection has been closed, and tracebacks are seen on the CSG2/PCEF. The CSG2/PCEF should instead send the DPA message first and then follow up the TCP connection termination by sending the FIN-ACK.

CSCto46730—CSG2 crash during creation of dual-stack user at high rate and MPCC error

The PCRF might stop responding to CCR-Is, and the PCRF timeout might cause the CSG2 MPCC error counter to keep incrementing.

For this problem to occur, the following conditions must be met:

A dual-stack user must be created.

Data traffic must flow at a high rate.

Many MPCC errors must occur.

CSCto77259—CSG2 WAP storage corruption

If the CSG2 is performing Layer 7 WAP 1.x data packet inspection on a POST request that contains a segmented URL, the CSG2 might crash.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB1 - Open Caveats

There are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB1.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB1 - Closed Caveats

The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB1:

CSCto93053—CSG2 SAMI IXP crash while sending a high volume of accelerated traffic

The CSG2 might stop passing traffic and reload.

For this problem to occur, the following conditions must be met:

The CSG2 must be configured to accelerate Layer 4 flows or Layer 7 HTTP transactions.

The CSG2 must accelerate flows that participate in aggregate accounting. Examples include prepaid accounting, service-level CDR reporting, and user-level volume thresholds via Gx.

Accelerated transactions using multiple aggregate types must occur at a high rate.

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

The following list identifies Cisco PSIRT closed caveats that impact Cisco IOS Release 12.4(24)MDB1:

CSCtj41194

Cisco IOS Software contains a vulnerability in the IP version 6 (IPv6) protocol stack implementation that could allow an unauthenticated, remote attacker to cause a reload of an affected device that has IPv6 enabled. The vulnerability may be triggered when the device processes a malformed IPv6 packet.

Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate this vulnerability.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110928-ipv6.shtml.

Caveats for Cisco IOS Release 12.4(24)MDB

This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI software for Cisco IOS Release 12.4(24)MDB.

CSG2 Software for Cisco IOS Release 12.4(24)MDB - Open Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB - Closed Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB - Open Caveats

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB - Closed Caveats

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

CSG2 Software for Cisco IOS Release 12.4(24)MDB - Open Caveats

There are no Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB.

CSG2 Software for Cisco IOS Release 12.4(24)MDB - Closed Caveats

The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB:

CSCtn15950—Configuration rollback fails while taking a content out-of-service

Rolling back the CSG2 configuration might fail while taking a content out-of-service.

CSCtn80399—The CSG2 must include the default bearer's accounting session ID in the PoD

The CSG is sending the dedicated bearer session ID in Packet of Disconnect (PoD) requests to clear users instead of the default bearer ID.

CSCtn82586—For virtual prepaid users, the ip csg report block prepaid command should not block CDRs

For virtual prepaid users, the ip csg report block prepaid command is blocking all CDRs.

CSCtn86043—QoS parameters to QCI mapping is incorrect for REL99 QoS

The mapping of Quality of Service (QoS) parameters to QoS Class Identifier (QCI) is incorrect for Release 99 QoS.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB - Open Caveats

There are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB.

Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB - Closed Caveats

The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS Release 12.4(24)MDB:

CSCtn95286—SAMI: Summit registers workaround for FRU power failure

At high traffic loads, the Cisco SAMI might reload as a result of a failure of power convertor 0x5.

%OIR-SP-6-PWRFAILURE: Module 2 is being disabled due to power convertor failure 0x5
%C6KPWR-SP-4-DISABLED: power to module in slot 2 set off (FRU-power failed)

Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats

The following list identifies Cisco PSIRT closed caveats that impact Cisco IOS Release 12.4(24)MDB:

CSCtl79577

A denial of service (DoS) vulnerability exists in the Cisco Content Services Gateway-Second Generation, that runs on the Cisco Service and Application Module for IP (SAMI). An unauthenticated, remote attacker could exploit this vulnerability by sending a series of crafted ICMP packets to an affected device. Exploitation could cause the device to reload.

There are no workarounds available to mitigate exploitation of this vulnerability other than blocking ICMP traffic destined to the affected device.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110706-csg.shtml

PSIRT Evaluation:

The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 7.8/6.4:

https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?
dispatch=1&version=2&vector=AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C

CVE ID CVE-2011-2064 has been assigned to document this issue.

Additional information on Cisco's security vulnerability policy can be found at the following URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

Documentation and Technical Assistance

This section contains the following information:

Related Documentation

Obtaining Documentation and Submitting a Service Request

Related Documentation

Use these release notes with these documents:

CSG2 Documentation

Release-Specific Documents

Platform-Specific Documents

Cisco IOS Software Documentation Set

CSG2 Documentation

For more detailed installation and configuration information, see the following publication:

Cisco Content Services Gateway - 2nd Generation Release 6 Installation and Configuration Guide

Release-Specific Documents

The following documents are specific to Cisco IOS Release 12.4 and are located at Cisco.com:

Cisco IOS Release 12.4 Mainline Release Notes

Documentation > Cisco IOS Software > Cisco IOS Software Releases 12.4 Mainline > Release Notes

Cisco IOS Release 12.4 T Release Notes

Documentation > Cisco IOS Software > Cisco IOS Software Releases 12.4 T > Release Notes

Product bulletins, field notices, and other release-specific documents on Cisco.com at:

Documentation > Cisco IOS Software > Cisco IOS Software Releases 12.4 Mainline


Note If you have an account with Cisco.com, you can use Bug Navigator II to find the most current list of caveats of any severity for any software release. You can reach Bug Navigator II on Cisco.com at http://www.cisco.com/support/bugtools.


Platform-Specific Documents

These documents are available for the Cisco 7600 series router platform on Cisco.com and the Documentation CD-ROM:

Cisco Service and Application Module for IP User Guide

Diameter Credit Control Application feature guide

Cisco 7600 series routers documentation:

Cisco 7600 Series Cisco IOS Software Configuration Guide

Cisco 7600 Series Cisco IOS Command Reference

Release Notes for Cisco IOS Release 12.2SR for the Cisco 7600 Series Routers

Cisco IOS Software Documentation Set

The Cisco IOS software documentation set consists of the Cisco IOS configuration guides, Cisco IOS command references, and several other supporting documents that are shipped with your order in electronic form on the Documentation CD-ROM, unless you specifically ordered the printed versions.

Documentation Modules

Each module in the Cisco IOS documentation set consists of two books: a configuration guide and a corresponding command reference guide. Chapters in a configuration guide describe protocols, configuration tasks, Cisco IOS software functionality, and contain comprehensive configuration examples. Chapters in a command reference guide list command syntax information. Use each configuration guide with its corresponding command reference. The Cisco IOS documentation modules are available on Cisco.com at:

Documentation > Cisco IOS Software > Cisco IOS Software Releases 12.4 Mainline > Command References

Documentation > Cisco IOS Software > Cisco IOS Software Releases 12.4 Mainline > Command References > Configuration Guides


Note To view a list of MIBs supported by Cisco, by product, go to: http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml


Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information, see What's New in Cisco Product Documentation at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html.

Subscribe to What's New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service.