Table Of Contents
Release Notes for Cisco ACNS Software, Release 5.0
Using a URL to Request Content
XML APIs for Content Distribution Manager and CDN Management
Content Acquisition and Distribution
Insufficient Bandwidth Errors Occur When Using the WMT Evaluation License
Media File System Issues When Downgrading to ACNS 5.0 Software
Websense Issues When Downgrading to ACNS 5.0 Software or ACNS 5.1 Software
Changes to the Cisco ACNS Software Deployment and Configuration Guide
Configuring WMT Live Splitting for Unicast and Multicast Transmissions
Configuring Unicast-In Unicast-Out
SmartFilter and the No-Auth Rule Interaction
Changes to the Cisco ACNS Software Caching Configuration Guide
Configuring WMT Live Splitting for Unicast and Multicast Transmissions
Omissions from the Cisco ACNS Software Caching Configuration Guide
Configuring Unicast-In Unicast-Out
Obtaining Technical Assistance
Obtaining Additional Publications and Information
Release Notes for Cisco ACNS Software, Release 5.0
February 17, 2004
Note
The most current Cisco documentation for released products is available at Cisco.com at http://www.cisco.com. The online documents may contain updates and modifications made after the hardcopy documents were printed.
Documentation Survey
Is Cisco documentation helpful? Click here to give us your feedback.
Contents
These release notes contain information about ACNS 5.0 software. These release notes describe the following topics:
•
Obtaining Technical Assistance
•
Obtaining Additional Publications and Information
Introduction
ACNS 5.0 software unifies the Content Networking components into a common Content Distribution Manager, Content Engine, and Content Router that can serve multiple market deployments.
In ACNS 5.0, Content Engines can be deployed as "standalone" proxy caches, or as part of a CDN solution using a Content Distribution Manager for central management and an optional Content Router for HTTP and Real-Time Streaming Protocol (RTSP) redirection. When Content Engines are deployed as standalone caches, configuration is implemented using the Content Engine comman-line language interface (CLI) or the Content Engine graphical user interface (GUI).
When Content Engines are deployed as part of a Content Delivery Network (CDN) solution, then a Content Distribution Manager is required to configure the services and topology necessary to enable content distribution from origin servers to authorized Content Engines. The ACNS 5.0 software content distribution system increases scalability of Content Engines which support unicast and multicast networks, tunnel between multicast network islands, distribute to Content Engines located behind firewalls, and support network bandwidth controls for distribution.
Client (browser, player) requests for content are intercepted and redirected to a Content Engine best- positioned to serve that client based on proximity. Enterprise edge routers can be configured to intercept user requests through Web-Cache Communication Protocol (WCCP) and redirect them to a Content Engine. Browsers and players can be set to proxy all requests through a Content Engine, or a Content Router can be used to intercept Domain Name System (DNS) requests and perform an HTTP or RTSP redirection to a Content Engine.
By significantly increasing scalability, ACNS 5.0 software can now address CDN deployments of up to 2000 Content Engines and up to 1,000,000 pre-positioned items in Content Engines with sufficient memory and disk space.
Content Acquisition
In ACNS 5.0 software, all content is pulled from a web server or an FTP server (the origin server) and sent directly to the Content Engines. Certain Content Engines are designated as "root" Content Engines. Root Content Engines are responsible for acquiring content from the origin servers and then distributing the content to other Content Engines subscribed to the same channel of content. This means that you do not need to store content on the Content Distribution Manager. Content now resides on the origin server that is accessible to the root Content Engines. The protocols supported in Cisco ACNS 5.0 Software for acquiring content are HTTP, Hypertext Transfer Protocol Secure (HTTPS) or FTP.
A manifest file is used to identify which files should be acquired from the origin server and then pre-positioned on the Content Engines. This manifest file is in Extensible Markup Language (XML) format and should be placed on a web server or FTP server that the Content Engines can access. The Content Distribution Manager facilitates management and configuration and determines which root Content Engines obtain which manifest file based on the channels of content for which they are responsible.
Many CDN installations will need to add a root Content Engine in order to take advantage of the new content distribution system. The root Content Engine should be placed in a location close to the origin servers and with good connectivity close to the origin servers.
Edge Intercept Methods
ACNS 5.0 software allows you to use either of the following edge-intercept methods to redirect clients to the best Content Engine regardless of whether the content is requested or pre-positioned:
•
WCCP supported on routers and switches running Cisco IOS software
•
Browser proxy auto configuration
Your router must support WCCP in order for you to use WCCP as an edge-intercept method. With edge-intercept methods, you do not need a Content Router in ACNS 5.0 software. The Content Distribution Manager no longer redirects requests, so if you do not use WCCP or proxy auto configuration, you must use a Content Router.
Using a URL to Request Content
In ACNS 5.0 software, when you use an edge-intercept method to request content the URLs that are used are the original URLs from the web server. However, when you use content routing the URL for pre-positioned content on the web server has change. In ACNS 4.2 software, the URL pointed to the Content Distribution Manager that redirected requests to the appropriate Content Engine. In ACNS 5.0 software, all requests are sent to a Content Router that then issues the redirected requests to a Content Engine. Requests are directed to a Content Router using the Domain Name System (DNS). The Content Router becomes authoritative for a domain which is hosted by the CDN. This means that all URLs referring to content served by the CDN must include the domain hosted by the content routers.
XML APIs for Content Distribution Manager and CDN Management
The following central management APIs are provided through the Content Distribution Manager:
•
Replication Status API
•
Provisioning APIs
•
Listing API
•
Streaming Statistics API
Installation Notes
Instructions for installing the hardware and initial installation and configuration of new devices are located in the Cisco Content Delivery Networking Products Getting Started Guide.
See the Cisco ACNS Migration Guide, Release 5.0 for instruction on migrating your system from ACNS 4.2 software to ACNS 5.0 software.The migration guide explains how to migrate your Cisco ACNS 4.2 CDN to a Cisco ANCS 5.0 CDN in two migration deployment scenarios as well as how to configure the Content Distribution Manager, the Content Engine, and the Content Router needed to control content delivery using the Content Distribution Manager graphical user interface (GUI).
CautionUsers who use the CDN features need to migrate their content from ACNS 4.2 software to ACNS 5.0 software. See the Cisco ACNS Migration Guide, Release 5.0 for instructions on migrating content. Users must follow instructions in the Migration Guide or the CDN will be non-functional.
Note
Users who only use caching functions do not have to make many changes to their system in order to upgrade. .
New and Changed Information
ACNS 5.0 software features can be organized into several subsystems, all of which contain new features. Subsystems include the following:
•
Management
•
Request routing
•
Acquisition and distribution
•
Content delivery
•
Software platform
•
Security
Management
The ACNS 5.0 software Configuration Management System (CMS) is responsible for the local and remote configuration and monitoring of the ACNS 5.0 software CDN services.
The role of the CMS is to enable you to configure, reconfigure, and monitor CDN services both locally (on the managed nodes) and centrally using the Content Distribution Manager.
This management is directly available through HTML GUI, XML-based system API, and CLI on each of the nodes. Clients are able to configure all aspects of the node including proxy cache, pre-positioned content cache, and playback media servers using the system API's. CMS features include the following:
•
Management through the GUI and CLI
•
Embedded database in the Content Distribution Manager
•
Crawler tool extended to meet any new manifest file rules
•
Low bit rate system messaging
•
Multicast and unicast system messaging
•
Multi-Cast island hopping messaging
•
Creating and configuring device groups using the Content Distribution Manager
•
Secure Content Distribution Manager login
•
Content Distribution Manager GUI timeouts
•
Configuring distribution topology using the GUI
•
Authentication, authorization, accounting (AAA) support
•
Redundant Content Distribution Manager
•
Basic access and usage log configuration
•
Audit and system logs
•
SNMP (Traps and MIBS) monitoring with CiscoWorks integration
•
Secure inter-box communication, authentication, messaging, logging
•
Application Licensing using license keys
•
Software Upgrades and downgrades using the Content Distribution Manager and CLI
•
Ability to enable and disable applications
•
Third-party licensing
•
Playlist management
•
Virtual CDN using device groups
Request Routing
Application level request routing in ACNS 5.0 software can be implemented through the Local Request Intercept or Centralized Request Intercept. In Local Request Intercept, Content Engines are deployed at the edges of enterprise network. In Centralized Request Intercept, Content Routers are deployed and DNS entries are required for hosted domains (channels). Request routing does not take content placement into account in either Local Intercept or Centralized Request Routing.
Local intercept, when available and enabled, provides the best CDN service proximity and does not impose any global scalability restrictions. It does not require deployment of a Content Router. In this mode the decision on whether and how to serve a request is done locally. Content is always served by local Content Engines. In some cases the Content Engine that intercepted request will not have the content. It can fetch content on demand, or if it was pre-positioned content return an Alternative Media, depending on the policy for this content category.
ACNS 5.0 software request routing consists of combining DNS intercept with HTTP redirection. Request routing features include the following:
•
WCCP Intercept for HTTP, RTSP, MMS
•
Centralized request routing through DNS/HTTP redirect in with coverage zones. Content Routing Service can be enabled in a dedicated Content Router as well on a Content Engine, with different performance expectations.
•
Intercepted request can be manipulated through a rules-based approach
•
DNS/HTTP content routing
•
DNS Cache
Content Acquisition and Distribution
ACNS 5.0 software is a new module and allows content to be fetched from an origin server through HTTP, HTTPS, or FTP. The fetching of content will be directed by a manifest file that lists the content items to be acquired, as well as a number of attributes about that content. Each manifest file assigns content to one or more channels.
•
Virtual import
•
Real live pull splitting through RealServer
•
WMT live pull splitting through WMT Server
•
HTTP and HTTPS Acquisition and distribution
•
FTP acquisition
•
Manifest File driven acquisition
•
Crawler-based acquisition
•
Settable content attributes, real-time Time-To-Live override, rules based content policy
•
Real-time acquisition and distribution status
•
Low bit rate distribution and messaging
•
Reliable multicast content replication
•
Pull replication for cache miss
•
Pull replication for new CE that does not have pre-positioned content
•
Push multicast replication for pre-positioning video on demand
•
Configurable bandwidth control for QoS
•
Content distribution fault tolerance
•
Content pre-positioning based on Content Engine group and assignment to a channel
•
Ability to identify amount of disk space (quotas) per file system and use for pre-positioning on a per device basis
Content Delivery
Content delivery, or request processing and streaming, contains the HTTP proxy, and Windows Media Technologies (WMT) server, RealServer, and the Quick Time Streaming Server (QTSS). Content Delivery features include:
•
Support for IETF standard based RTP/RTSP streaming
•
Extends HTTP caching rules template to Real and WMT services as allowed by protocols
•
Support for WMT proxy, live, and video on demand
•
WMT request authentication and authorization pass through for pre-position only, rules based request processing, QoS, URL filtering, unified name space, bandwidth control, and configuration of most WMT streaming features
•
Support for RealNetworks proxy, live, and video on demand
•
RealNetworks rules based request processing, QOS, URL filtering, unified namespace, bandwidth control, configuration of most WMT streaming features
•
QTSS integration and QTSS video on demand
•
Content Engine bandwidth control across WMT and RealNetworks servers
•
Access pre-positioned content through HTTP, WMT, and Real servers
•
TACACS+, RADIUS, content request authentication for HTTP content
•
Extend URL filtering to RealNetworks and WMT servers
Software Platform
ACNS 5.0 software platform features include the following:
•
TV-out Playlist with support for central playlist management, central playback controls, distributed playlist, multiple playlists, and flexible playlists
•
Diskless operation
•
Common disk access, namespace for pre-positioned and cached content is unified
•
Fibre channel on Thunder and/or Lightening
•
EtherChannel support
•
WCCP support for EARL6
•
HTTP caching performance enhancements
•
Disk fault monitoring
•
Multiple-NIC (Active-Active, and Active-Standby) support
•
IP spoofing support
Security
ACNS 5.0 software high-level security features include the following:
•
A CDN management system that offers role-based security and support of AAA system for very large-scale CDN deployments from a single Web GUI interface
•
Secure file replication from origin server to Content Engines and configurable through the Content Distribution Manager
•
Secure file replication to FTP servers through either SCP or FTP of encrypted Files
•
Content Distribution Manager GUI access through HTTPS session
•
Secure telnet session to CDN devices
•
License key that defines the Content Engine or Content Distribution Manager capability.
•
License key that defines which application services are supported such as WMT, RealNetworks, or QTSS.
•
Content Engine content delivery for HTTP authentication against TACACS+ and RADIUS management system.
Hardware Supported
ACNS 5.0 software supports the following existing and new platforms:
•
CDM-4630
•
CDM-4650
•
CE-7320
•
CR-4430
•
CE-590
•
CE-590-DC
•
CE-560
•
CE-560AV
•
CE-507
•
CE-507AV
•
CE-510-K9
•
CE-565-K9
•
CE-7325-K9
•
CE-7325-DC-K9
•
CE-7305-K9
•
CE-7305-DC-K9
The 1000BASE-TX twisted-pair cabling Gigabit Ethernet port is supported.
Note
ACNS5.0 software does not support the Content Engine Network Module for the 2600, 3600, and 3700 Series branch routers.
Note
ACNS 5.0 software does not support the 1000BASE-SX or 1000BASE-FX Gigabit Ethernet ports. Fiber-optic cabling is not supported.
Software Supported
The following features are incorporated in ACNS 5.0 software and can be optionally turned on through a license key:
•
RealProxy
•
RealSubscriber
•
Windows Media proxy and server
ACNS 5.0 software supports SmartFilter, Version 3.1.2 software for URL filtering. After upgrading to ACNS 5.0 software, you need to use SmartFilter, Version 3.1.2.
New and Changed CLI Commands
The following CLI commands are new or have changed syntax options in ACNS 5.0 software. See the Cisco ACNS Software Command Reference, Release 5.0 for detailed information about all ACNS 5.0 software CLI commands.
Important Notes
This section emphasizes important information regarding ACNS 5.0 software.
Insufficient Bandwidth Errors Occur When Using the WMT Evaluation License
Open Caveat CSCdz89924
Symptom: All users see the following error message on the Windows Media Play when playing any WMT stream:
"There is insufficient bandwidth available to fulfill the request."Condition: This condition occurs when "wmt evaluate" is first configured and the Content Engine has never been reloaded with the running configuration copied to the startup configuration.
Workaround: There are 3 possible workarounds.
1. The simplest workaround is to reload the Content Engine if this is feasible. Save the running configuration to the startup configuration and the reload the Content Engine using the following CLI Exec commands.
ContentEngine# copy running-config startup-configContentEngine# reload2. If a reload of the Content Engine is not feasible, another workaround is to explicitly set the WMT bandwidth limit in the running configuration using the bandwidth configuration command.
To determine the maximum bandwidth allowed during evaluation for your hardware platform, run the show wmt Exec command:
ContentEngine# show wmtIn the command output, look at the following line and note the value of "N":
WMT max bandwidth limit enforced during evaluation: "N" Kbits/secTo explicitly configure the maximum bandwidth allowed for all time slots, run the following config command. The following example uses 168000 as the value for "N":
ContentEngine(config)# bandwidth all 168000 wmt start-time Sunday 00:00 end-time Saturday 23:59To confirm the bandwidth has been set, run the show bandwidth Exec command to verify the output.
ContentEngine# show bandwidth
-------------------------------------------------------------------
MODULE Bandwidth Start Time End Time
Kbps
-------------------------------------------------------------------
wmt 168000 Sunday 00:00 Saturday 23:59
Note
It is not required to save this bandwidth configuration to the startup configuration for proper behavior after the next Content Engine reload as long as the wmt evaluate has been copied to the startup configuration before the next reload. If the bandwidth command is already being used for some time slots, then the workaround is to configure only the unused time slots with the maximum allowed bandwidth.
3. Another workaround is to purchase a permanent license key for WMT from Cisco if you are ready to purchase the feature.
Media File System Issues When Downgrading to ACNS 5.0 Software
If you have configured the media file system (mediafs) with ACNS 5.1 software or later, and then downgrade to ACNS 5.0 software, the mediafs disk space assignment is lost and it reverts to ACNS network file system (cdnfs) disk space. (The mediafs is used for on-demand content that is fetched through the two streaming protocols [RTSP and WMT]. The cdnfs is used for pre-positioned content in the ACNS network.)
This situation occurs because of a design change that was implemented in ACNS 5.1 software. Because ACNS 5.0 software is not compatible with this change, the disk space becomes assigned to cdnfs instead of mediafs. To work around this problem, follow these steps:
1.
After you downgrade to ACNS 5.0 software, use the CLI (disk config EXEC command) or the GUI to assign the mediafs disk space.
Use the Content Distribution Manager GUI for Content Engines that are registered with a Content Distribution Manager. Use the Content Engine GUI for standalone Content Engines (that is, Content Engines that are not registered with a Content Distribution Manager and are being managed through the Content Engine GUI or CLI).
2.
Reboot the Content Engine for the disk configuration changes to take effect.
Websense Issues When Downgrading to ACNS 5.0 Software or ACNS 5.1 Software
If the local (internal) Websense server is enabled on the Content Engine and you downgrade from the ACNS 5.2.x software to ACNS 5.0 software or ACNS 5.1 software, the WebsenseEnterprise directory is removed from the Content Engine and the local Websense server stops working. Note that the ACNS 5.2.x software does not generate an error message indicating that the WebsenseEnterprise directory has been removed.
To avoid this problem when downgrading from ACNS 5.2.x software to ACNS software 5.1 or ACNS 5.0 software, follow these steps:
1.
Disable the local (internal) Websense server on the Content Engine.
2.
Deactivate the Websense services on the Content Engine.
3.
Install the ACNS 5.1 software or ACNS 5.0 software downgrade image on the Content Engine.
Limitations and Restrictions
This section contains a list of limitations and restrictions regarding ACNS 5.0 software.
CLI Commands
•
The ACNS 5.0 software manages certain CLI commands that are particularly important for CDN functionality, and which are likely to be managed using device groups. If you configure any of these from the Content Engine, either through the Content Engine GUI or CLI, then the settings are not stored as part of the Content Distribution Manager's CDN-wide configuration data, and are likely to be overwritten by the Content Distribution Manager. These commands include the following:
–
cdp
–
ldap
–
logging
–
ntp
–
radius-server
–
tacacs
–
bandwidth
–
bypass
–
dns-cache
–
ftp
–
http
–
https
–
icp
–
multicast
–
ntlm
–
proxy-auto-config
–
proxy-protocols
–
rtsp
excluding:
rtsp server real-subscriber accept-license-agreement
rtsp proxy media-real accept-license-agreement
rtsp-proxy
–
rule
–
transaction-logs
–
url-filter
–
multicast accept-license-agreement
–
wmt
excluding:
wmt proxy
wmt accept-license-agreement
wmt live-url-stripping
authentication
error-handling
dns enable
Windows Media Player
•
If proxy mode is used for content routing, then Windows Media Player (WMP) version 6.4 cannot be used as it does not have the option to set mms proxy.
•
When the WMP issues an http request, it actually issues two http requests. The first request is to obtain the header from server, but it only reads some of the data received and terminates connection with the server without obtaining all the response data from the server. This causes the server to report a client (Content Engine) error. Then the WMP sends another request for the real media data.
Boomerang Commands
Boomerang commands are not supported in ACNS 5.0 software.
Netscape Browser
Only Netscape browser version 7.0 and later is supported by the Content Distribution Manager GUI. Netscape browser versions prior to version 7.0 are not supported.
When you use the Content Distribution Manager GUI online help from Netscape browser version 7.0, the Contents and Index pane on the left side of the help window cannot be displayed unless you install the following Java plugin: mime type: application/x-java-applet;version=1.1.1
You can find this plugin at the following location:
http://wp.netscape.com/plugins/search_pi.html?cp=plp
Websense
Only Websense version 4.4 is compatible with ACNS 5.0 software. Prior versions of Websense do not work with ACNS 5.0 software.
FTP
If you use FTP to acquire content using a CDN URL, and the content-type is not specified in the manifest file, then the CDN URL must have the correct extension. Otherwise the wrong content-type is be generated and you will not be able to play the content.
Caveats
This section lists and describes caveats that are open in ACNS 5.0 software.
Caveats describe unexpected behavior in ACNS 5.0 software. Severity 1 caveats are the most serious; severity 2 caveats are less serious. Severity 3 caveats are moderate caveats.
Open Caveats - Release 5.0
•
CSCdy64673
Symptom: Improper reverse DNS lookup configuration does not allow the Content Engine to obtain the DNS name of the origin server, which might cause additional traffic from the Content Engine.
Condition: This occurs when you are using WCCP interception and a Windows Media Player 6.4 for playback of pre-positioned content.
When the above conditions occur, the initial request sent by the Windows Media Player 6.4 to the Content Engine that intercepted the WCCP request has the IP address of the target server. The Content Engine matches the request with the pre-positioned content only if it can deduce the DNS name from the IP address (by doing reverse DNS lookup). Thus, if the DNS configuration is not correct, the Content Engine is not able to get the DNS name of the origin server.
Workaround: You need to make sure that all IP addresses are reverse-mapped to the DNS name of the origin server.
•
CSCdy82311
Symptom: Content cannot be acquired using strong authentication from secure origin servers that use certificates from nonstandard certificate authorities (CAs). If strong authentication was chosen for content acquisitions from such a site, the acquirer error statistics will contain a 401 (Unauthorized) error code, and the acquirer error log will contain the following error message:
Strong Cert Authentication rejects certificate due to error: ssl error codeCondition: This problem occurs if the origin server uses a certificate that is not known as a standard certificate to the ACNS acquirer. For content acquisition from secure sites over HTTPS using strong authentication, only sites with certificates from standard certificate authorities are supported.
Note
With strong authentication, if there are any errors during certificate verification by the ACNS acquirer, then content from that site will not be acquired. With weak authentication, certain errors (for example, errors such as certificate has expired, certificate is not yet valid, and subject issuer mismatch) are allowed during certificate verification.
Workaround: Use one of these workarounds:
–
Use weak authentication.
On the secure server, use a certificate that was generated by one of the standard certificate authorities. ACNS network administrators should refer to the following information to determine which CA certificate they should install on their origin servers. Note that the certificate list differs based on the version of the ACNS software. For the ACNS 5.0 software release, refer to the following certificate list:-----BEGIN CERTIFICATE-----Issuer: C=US, O=VeriSign, Inc., OU=Class 1 Public PrimaryCertification AuthorityValidityNot Before: Jan 29 00:00:00 1996 GMTNot After : Jan 7 23:59:59 2020 GMTSubject: C=US, O=VeriSign, Inc., OU=Class 1 Public PrimaryCertification Authority-----END CERTIFICATE----------BEGIN CERTIFICATE-----Issuer: C=US, O=VeriSign, Inc., OU=Class 2 Public PrimaryCertification AuthorityValidityNot Before: Jan 29 00:00:00 1996 GMTNot After : Jan 7 23:59:59 2004 GMTSubject: C=US, O=VeriSign, Inc., OU=Class 2 Public PrimaryCertification Authority-----END CERTIFICATE----------BEGIN CERTIFICATE-----Issuer: C=US, O=VeriSign, Inc., OU=Class 3 Public PrimaryCertification AuthorityValidityNot Before: Jan 29 00:00:00 1996 GMTNot After : Jan 7 23:59:59 2004 GMTSubject: C=US, O=VeriSign, Inc., OU=Class 3 Public PrimaryCertification Authority-----END CERTIFICATE----------BEGIN CERTIFICATE-----Issuer: C=US, O=RSA Data Security, Inc., OU=Secure ServerCertification AuthorityValidityNot Before: Nov 9 00:00:00 1994 GMTNot After : Jan 7 23:59:59 2010 GMTSubject: C=US, O=RSA Data Security, Inc., OU=Secure ServerCertification Authority-----END CERTIFICATE----------BEGIN CERTIFICATE-----Issuer: O=VeriSign, Inc, OU=www.verisign.com/repository/TestCPS Incorp. By Ref. Liab.LTD., OU=For VeriSign authorized testing only. No assurances (C)VS1997ValidityNot Before: Mar 4 00:00:00 1997 GMTNot After : Mar 4 23:59:59 2025 GMTSubject: O=VeriSign, Inc, OU=www.verisign.com/repository/TestCPS Incorp. By Ref. Liab. LTD., OU=For VeriSign authorized testing only. No assurances (C)VS1997-----END CERTIFICATE----------BEGIN CERTIFICATE-----Issuer: C=AU, ST=Queensland, O=CryptSoft Pty Ltd, CN=Test PCA (1024 bit)ValidityNot Before: Dec 2 21:38:51 1999 GMTNot After : Jul 10 21:38:51 2005 GMTSubject: C=AU, ST=Queensland, O=CryptSoft Pty Ltd, CN=Test CA (1024 bit)-----END CERTIFICATE----------BEGIN CERTIFICATE-----Issuer: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=PCAValidityNot Before: Jun 15 02:14:29 1997 GMTNot After : Jul 15 02:14:29 1997 GMTSubject: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=CA-----END CERTIFICATE----------BEGIN CERTIFICATE-----Issuer: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=PCAValidityNot Before: Jun 14 22:54:45 1997 GMTNot After : Jul 14 22:54:45 1997 GMTSubject: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=PCA-----END CERTIFICATE----------BEGIN CERTIFICATE-----Issuer: C=GB, O=UCL, OU=ICE-TEL Project, CN=TrustFactoryValidityNot Before: Apr 22 14:39:14 1997 GMTNot After : Apr 22 14:39:14 1998 GMTSubject: C=GB, O=UCL, OU=ICE-TEL Project, CN=TrustFactory-----END CERTIFICATE----------BEGIN CERTIFICATE-----Issuer: O=European ICE-TEL project, OU=V3-Certification AuthorityValidityNot Before: Apr 2 17:35:53 1997 GMTNot After : Apr 2 17:35:53 1998 GMTSubject: O=European ICE-TEL project, OU=V3-Certification Authority,L=Darmstadt-----END CERTIFICATE----------BEGIN CERTIFICATE-----Issuer: O=European ICE-TEL project, OU=V3-Certification AuthorityValidityNot Before: Apr 2 17:33:36 1997 GMTNot After : Apr 2 17:33:36 1998 GMTSubject: O=European ICE-TEL project, OU=V3-Certification Authority-----END CERTIFICATE----------BEGIN CERTIFICATE-----Issuer: O=European ICE-TEL project, OU=V3-Certification Authority, L=DarmstadtValidityNot Before: Apr 2 17:35:59 1997 GMTNot After : Apr 2 17:35:59 1998 GMTSubject: O=European ICE-TEL project, OU=V3-Certification Authority,L=Darmstadt, CN=USER-----END CERTIFICATE----------BEGIN CERTIFICATE-----Issuer: C=Ca, L=Nepean, OU=No Liability Accepted, O=For Demo Purposes Only, CN=Entrust Demo Web CAValidityNot Before: Apr 26 13:35:01 1996 GMTNot After : Apr 26 13:35:01 2006 GMTSubject: C=Ca, L=Nepean, OU=No Liability Accepted, O=For Demo PurposesOnly, CN=Entrust Demo Web CA-----END CERTIFICATE----------BEGIN CERTIFICATE-----Issuer: C=AU, ST=Queensland, O=CryptSoft Pty Ltd, CN=Test PCA (1024 bit)ValidityNot Before: Dec 2 21:35:48 1999 GMTNot After : Jul 11 21:35:48 2005 GMTSubject: C=AU, ST=Queensland, O=CryptSoft Pty Ltd, CN=Test PCA (1024 bit)-----END CERTIFICATE----------BEGIN CERTIFICATE-----Issuer: C=US, O=RSA Data Security, Inc., OU=Commercial CertificationAuthorityValidityNot Before: Nov 4 18:58:34 1994 GMTNot After : Nov 3 18:58:34 1999 GMTSubject: C=US, O=RSA Data Security, Inc., OU=Commercial CertificationAuthority-----END CERTIFICATE----------BEGIN CERTIFICATE-----Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc,OU=CertificationServices Division, CN=Thawte Server CA/Email=server-certs@thawte.comValidityNot Before: Aug 1 00:00:00 1996 GMTNot After : Dec 31 23:59:59 2020 GMTSubject: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc,OU=Certification Services Division, CN=Thawte Server CA/Email=server-certs@thawte.com-----END CERTIFICATE----------BEGIN CERTIFICATE-----Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc,OU=CertificationServices Division, CN=Thawte Premium Server CA/Email=premium-server@thawte.comValidityNot Before: Aug 1 00:00:00 1996 GMTNot After : Dec 31 23:59:59 2020 GMTSubject: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc,OU=Certification Services Division, CN=Thawte Premium Server CA/Email=premium-server@thawte.com-----END CERTIFICATE----------BEGIN CERTIFICATE-----Issuer: C=AU, ST=Queensland, L=Brisbane, O=CryptSoft Pty Ltd,OU=development, CN=CryptSoft Dev CAValidityNot Before: Mar 22 13:34:04 1997 GMTNot After : Mar 22 13:34:04 1998 GMTSubject: C=AU, ST=Queensland, L=Brisbane, O=CryptSoft Pty Ltd, OU=development, CN=CryptSoft Dev CA-----END CERTIFICATE----------BEGIN CERTIFICATE-----Issuer: C=AU, ST=Queensland, L=Brisbane, O=CryptSoft Pty Ltd,OU=WORTHLESS CERTIFICATION AUTHORITIES, CN=ZERO VALUE CA - DEMONSTRATION PURPOSES ONLYValidityNot Before: Apr 3 13:22:54 1997 GMTNot After : Apr 3 13:22:54 1998 GMTSubject: C=AU, ST=Queensland, L=Brisbane, O=CryptSoft Pty Ltd,OU=WORTHLESS CERTIFICATION AUTHORITIES, CN=ZERO VALUE CA - DEMONSTRATION PURPOSES ONLY-----END CERTIFICATE-----•
CSCdz27870
Symptom: The following systems that contain a FC2-133 card print repeated error messages to the boot log when they are booted: CE-510, CE-565, CE-7305, and CE-7325.
Condition: When WWN level zoning or port level zoning is configured on a Fibre Channel switch, the above Content Engine systems print repeated error messages to the boot log when systems are booted.
Workaround:Insert the FC2-133 card on the Content Engine. Wait until the Fibre Channel switch polls and recognizes the new device. Add the new Content Engine to the zones from the switch graphical user interface and reboot the Content Engine. Or, disable zoning temporarily, reboot the Content Engine and then add the zoning.
The workaround is a required procedure for zoning enabled situations. If if zoning is not enabled, then this symptom does not occur. Simply power down the system, insert the FC2-133 card and reboot the Content Engine.
•
CSCdz30808
Symptom:A "404 Object Not Found" response appears in the client browser.
Condition: This response occurs during the following conditions:
–
Request translation is done with the origin server IP
–
WCCP setup is configured
–
The Content Engine to which the request is being redirected does not have the pre-positioned content (The Content Engine is not subscribed to the channel.)
Workaround: Make sure that the request is redirected to the Content Engine that contains the pre-positioned content.
•
CSCdy34699
Symptom: Media does not play successfully. Windows Media Player experiences client errors and forced reloads.
Condition: This occurs when you are configuring manual proxy to play pre-positioned content using HTTP.
Workaround: Configure the browser proxy settings even if you are using Windows Media Player to play the media directly.
•
CSCdz35191
Symptom: For prepositioned windows media content, if the content is defined to be HTTP play from the manifest file and the NTLM authentication is enabled from the Content Distribution Manager. The Content Engine fails to handle the authentication with the original server properly. You are repeatedly prompted for an username and password although you have already entered the proper username and password.
Condition: This is a limitation and will be resolved in a future release.
Workaround: Choose one of the following options to avoid this problem.
–
Use MMS play rather than HTTP play in the manifest file definition.
–
Use HTTP play, but disable authentication.
–
Use HTTP play with Basic authentication.
•
CSCdz41188
Symptom:Cache process automatically reboots after running for three months
Condition:Cache process automatically reboots when it runs for a relatively long time under production traffic.
Workaround:The cache process is automatically restarted by a node manager.
•
CSCdz43701
Symptom: When you change a playlist's schedule while that playlist is currently active for tv-out playback, then all tv-out playback may stop. This generally occurs when that playlist's schedule is still applicable to the current time.
Condition: This occurs on CE -510 or CE-565 platforms which have optional AV decoder cards installed and are running ACNS 5.0 software.
Workaround: Change playlist schedules while they are not currently active for tv-out playback. Optionally, an active playlist's schedule can be first changed to unscheduled, and then changed to the desired play time. However, note that this may cause some interruption in the tv-out playback.
If the problem has already occurred, then you need to disable and then re-enable tv-out service on the Content Engine. To do this, enter the following CLI commands:
(config)# no tvout enable
(config)# tvout enable
•
CSCdz48578
Condition: The problems occurs when in an HTTP to the CE HTTP proxy in the following scenario: Client issued an IMS request to the Content Engine with a Pragma: no-cache header. The object is in the cache and the Content Engine determines it needs to revalidate the object because of the Pragma: no-cache. The Content Engine sends an IMS to the server and receives a 304 response. The Content Engine sends a 304 to the client.
Symptom: Under this condition, when using the Squid transaction log format, the Content Engine logs the transaction in the HTTP transaction log as a TCP_CLIENT_REFRESH_MISS/304. This is not considered a problem because this is the correct transaction log code based on the Squid documentation.
However, if a third party transaction log reporting tool is considering a TCP_CLIENT_REFRESH_MISS transaction a Content Engine cache miss, then the cache hit rate it reports will not be accurate.
Workaround: Since this is not a problem on the Content Engine, there is no workaround required. Note that third party transaction log reporting tools should consider a TCP_CLIENT_REFRESH_MISS as a Content Engine cache miss if they are not doing so already.
•
CSCdz62824
Symptom: WMT content is not served.
Condition: When using direct manual proxy or WCCP transparent proxy to serve pre-positioned WMT content from a Content Engine (assuming no authentication is required), the origin server does not need to be up and running. However, when using Layer 4 transparent proxy to serve content from a Content Engine, the origin server has to be up and running, or the content cannot be served.
Workaround: Make sure the origin server is up and running.
•
CSCdz67216
Condition: You use the cli to assign a device group to a channel, and multiple CEs have insufficient space for the channel quota.
Symptom: CLI will not allow you to assign the group, but will report only the first ce with insufficient space. You may have to try a few times.
Workaround: Either verify which ce's have space before you call the cli, or make sure device groups contain similar ce's and are assigned consistently to device groups.
•
CSCdz67759
Condition: More than one Content Engine is frequently sending Content Distribution Manager system messages.
Symptom: The system message log page can take up to one minute to appear.
Workaround: Currently there is no known workaround.
•
CSCdz68730
Symptom: Processes may restart automatically.
Condition: Processes restart while system is acquiring a large amount of content.
Workaround: Currently there is no known workaround.
•
CSCdz69318
Condition: A client browser requests pre-positioned content from CDNFS.
Symptom: The last modified date value returned in the response does not match that of the pre-positioned content "Last-Modifie" attribute. This will cause a "200 OK" to be return to the client instead of a "304 Not Modified" if the client browser issues an "If-Modified-Since" conditional GET request and the pre-positioned content is in the CFS cache, but needs revalidation because it is old.
Workaround: Currently there is no known workaround.
CSCdz70986
Symptom: Content Distribution Manager is responding slowly.
Condition: Multiple nodes on the network are communicating with the Content Distribution Manager by sending system messages as well as requesting full updates. A .cms on a node shuts down 10 consecutive StoreExceptions are detected, and therefore stops the flood of traffic from a troubled nodes to the Content Distribution Manager.
Workaround: Content Distribution Manager administrator needs to observe the activities in the system log GUI screen and correct events when necessary.
•
CSCdz71976
Symptom: The following error message appears in the Content Distribution Manager log: "Unexpected critical error on the node %CE-SCHED-2-189000: One worker thread is gone! Error code 3. We are quitting."
Condition: After running the copy ftp install command on the Content Engine, reloading the Content Engine, and starting WMT and RealNetworks streaming on the Content Engine.
Workaround: Currently there is no known workaround.
•
CSCdz74319
Condition: A DNS failure occurs.
Symptom: You will see a DNS failure while attempting to access a web site.
Workaround: Use the browser Reload function.
•
CSCdz75101
Condition: The Content Distribution Manager accepts invalid IP address's that you enter in the NTLM server.
Symptom: Error alert on system logs page indicates the failure to configure an IP address.
Workaround: Make sure you are enter a valid IP address.
•
CSCdz75188
Symptom: If you use the Content Router for routing WMT content and the content is not yet replicated to a Content Engine, and the playback request on the cr-fqdn is redirected to a Content Engine, then the Content Router returns an error instead of proxying the request from the origin server.
Condition: This occurs in ACNS 5.0 software when the following circumstances have occurred:
–
Administrator publishes an incorrect URL.
–
Administrator publishes a URL without first prepositioning the content.
Workaround: Publish the CR-fqdn URL only after content has been fully replicated on the Content Engine.
•
CSCdz76658
Symptom: After removing the primary IP address, the show running-config command output shows that the interface is in shutdown status. However, you may be able to ping external hosts.
Condition: A FastEthernet/GigabitEthernet interface originally has the primary IP address and a secondary IP address configured, and the primary IP address has been removed.
Workaround: Shut down the interface again using the shutdown command in the interface configuration submode.
•
CSCdz77130
Condition: When handling a large amount of I/O activity, the disk controller will, in rare situations, stop generating interrupts, which halts all disk activity.
Symptom: Anything that accesses the disk will freeze. Syslog cannot write to disk, so anything that writes to syslog will also freeze. The user will probably not be able to login, as Telnet cannot demand-page in its executable.
Workaround: Currently there is no known workaround.
•
CSCdz77555
Symptoms: Windows Media Player 6.4 only supports two levels of asx redirect. As a result, in a NATed network, the Content Router can only redirect the user request to only one Content Engine when the Content Engines are behind the NAT (rather than redirect the request further to the Content Engine closest to the client.)
Condition: The problem is more of a concern if many Content Engines are behind the NAT because our WMT redirection scheme ended at the first Content Engine behind the NAT.
Work around: Currently there is no known workaround.
•
CSCdz80600
Symptom: When you downgrade ACNS 5.0 software to ACNS 4.2 software, the show rtsp command does not appear in ACNS 4.2 software.
Condition: The RTSP redirectory and REAL PROXY are tied together in ACNS 4.2 software. If Real Proxy is not enabled, then the show rtsp command does not show incoming port information for the rtsp redirector. Either both (Real Proxy & rtsp redirector) are running or both are not running.
Workaround: Currently there is no known workaround.
•
CSCdz80758
Condition: A wrong version was entered into the upgrading meta file.
Symptom: The error message "upgrade Failed" appears in the Content Distribution Manager GUI Devices > Content Engine Status field although the Content Engine was upgraded successfully.
Workaround: Change the version of meta file to a correct version.
•
CSCdz88110
Symptom: The Content Router does note recognize any Content Engines. No Content Engines show when you use the show content-routing routes command.
Condition: When the Content Router's IP address is changed and the Content Engines are not aware of this change. Thus, the Content Engines are sending keep-alives to the wrong address, and the Content Router does not know that any of them are alive.
Workaround: On the Content Router, use the no cms enable configuration command followed by the cms enable configuration command.
•
CSCdz89825
Symptom:The BIOS configuration utility and BIOS boot menu cannot be accessed from the console because the F1 and F12 keys do not work properly.
Condition: The BIOS configuration utility and BIOS boot menu cannot be accessed using the F1 and F12 keys from a serial console. However, the F1 and F12 keys work when used from an attached keyboard.
Workaround: Use ESC-1 instead of F1 and ESC-@ instead of F12 on the CE-510 and CE-565 platforms. Note that the F1 and F12 keys work on the CE-7305 and CE-7325 platforms that have a serial console and a directly attached keyboard.
•
CSCdz89924
Symptom: All users see the following error message on the Windows Media Play when playing any WMT stream:
"There is insufficient bandwidth available to fulfill the request."Condition: This condition occurs when "wmt evaluate" is first configured and the Content Engine has never been reloaded with the running configuration copied to the startup configuration.
Workaround: There are 3 possible workarounds.
1. The simplest workaround is to reload the Content Engine if this is feasible. Save the running configuration to the startup configuration and the reload the Content Engine using the following CLI Exec commands.
ContentEngine# copy running-config startup-configContentEngine# reload2. If a reload of the Content Engine is not feasible, another workaround is to explicitly set the WMT bandwidth limit in the running configuration using the bandwidth configuration command.
To determine the maximum bandwidth allowed during evaluation for your hardware platform, run the show wmt Exec command:
ContentEngine# show wmtIn the command output, look at the following line and note the value of "N":
WMT max bandwidth limit enforced during evaluation: "N" Kbits/secTo explicitly configure the maximum bandwidth allowed for all time slots, run the following config command. The following example uses 168000 as the value for "N":
ContentEngine(config)# bandwidth all 168000 wmt start-time Sunday 00:00 end-time Saturday 23:59To confirm the bandwidth has been set, run the show bandwidth Exec command to verify the output.
ContentEngine# show bandwidth
-------------------------------------------------------------------
MODULE Bandwidth Start Time End Time
Kbps
-------------------------------------------------------------------
wmt 168000 Sunday 00:00 Saturday 23:59
Note


