Table Of Contents
Release Notes for Cisco ACNS Software, Release 5.1
Manually Downloading the SmartFilter Control List
Downloading Websense Components and Obtaining an Evaluation Key
Change in the Meaning of Pending Status and Offline Status
Change in Root Content Engine Certificate Authority
Difference Between ACNS 5.1 and ACNS 5.0.x Software Regarding TFTP Access
Adjusting the TCP Window Size on a Content Engine
Media File System Issues When Downgrading to ACNS 5.0 Software
Websense Issues When Downgrading to ACNS 5.0 Software or ACNS 5.1 Software
Scheduling Live Events for Multiple Content Engines
Multicast Sender Nonretroactive Scheduling Rule
Pre-Positioned Content That Requires Playback Authentication
Open Caveats - ACNS Software, Release 5.1
Resolved Caveats - ACNS Software, Release 5.1
TACACS+ Enable Password Attribute
Configuration Requirements for Managed Live Events
Multicast Sender Interoperability
Restrictions Regarding Native FTP Caching in ACNS 5.1 and 5.1.x Software
FTP Caching Support in the Cisco ACNS Caching and Streaming Configuration Guide, Release 5.1
FTP Caching Support in the Cisco ACNS Software Command Reference, Release 5.1 Publication
Group-Type Patterns in Rule Pattern Lists
SmartFilter Software and the rule action no-auth Command Rule Interaction
Bandwidth Configuration for Interfaces and Content Services
Default Port of the Content Engine GUI
Playing Nonhinted IP/TV On-Demand Programs over an ACNS Network
Restriction on IP/TV Program Manager Configuration
Cisco Product Security Overview
Reporting Security Problems in Cisco Products
Obtaining Technical Assistance
Cisco Technical Support & Documentation Website
Definitions of Service Request Severity
Obtaining Additional Publications and Information
Release Notes for Cisco ACNS Software, Release 5.1
August 4, 2005
ACNS Build 5.1.1b3
Note
The most current Cisco documentation for released products is available at Cisco.com at http://www.cisco.com. The online documents may contain updates and modifications made after the hardcopy documents were printed.
Contents
These release notes contain information about the Cisco Application and Content Networking System (ACNS) software, Release 5.1. These release notes describe the following topics:
•
•
•
Introduction
ACNS software combines the technologies of demand-pull caching and pre-positioning for accelerated delivery of web applications, objects, files, and streaming media; ACNS software runs on Cisco Content Engines, Content Distribution Manager, and Content Router hardware platforms.
These release notes are intended for administrators who will be configuring, monitoring, and managing devices that are running ACNS 5.1 software. These release notes describe the new product features, the supported hardware, and the open and resolved caveats regarding ACNS software, Release 5.1.
New and Changed Information
This section describes new and changed features in the ACNS 5.1 release. It also lists the supported hardware.
New Features
Table 1 lists the new features in ACNS software, Release 5.1.
New or Changed Information
This section describes new or changed information for the ACNS 5.1 release. It covers the following topics:
•
•
•
•
•
Note
Manually Downloading the SmartFilter Control List
The intent of the SmartFilter Control List is not to categorize every available URL on the Internet. Instead, it focuses on categorizing those Internet sites that are considered unproductive or inappropriate for typical business or educational environments. The 30 predefined SmartFilter Control List categories encompass a wide variety of material. Some categories are focused on reducing legal liability of a company. These 30 categories are set to "Deny" in the default SmartFilter software policy. Some categories contain such sites as MP3 sites (sites that content that consumes excessive bandwidth). The remainder of these 30 categories are considered unproductive or inappropriate for business or educational environments.
SmartFilter software also provides ten user-defined categories that allow you to further tailor access by defining and filtering sites that are not included in the SmartFilter Control List. Additionally, you can exempt any site that you would like specific groups or individuals to access quickly and easily.
Secure Computing uses automated tools to search the Internet continuously for new sites and pages that meet the content criteria for the 30 predefined Control List categories. Candidate sites are presented to Secure Computing Control List technicians for personal review. As a rule, sites are not added to the SmartFilter Control List without first being viewed and approved by Secure Computing Control List technicians.
Note
You can use the SmartFilter Administration Console to define a SmartFilter Control List download schedule. The Download Setup window tracks the download site, your username, and your password. If you do not download an updated SmartFilter Control List at least monthly, the SmartFilter software considers the Control List "expired," and invokes the action that you specified in the SmartFilter License window.
If the SmartFilter Control List (sfcontrol file) was not properly downloaded from the Secure Computing FTP site and you used FTP to transfer this sfcontrol file from one Content Engine to another, this can cause the cache process to restart.
To stop SmartFilter from restarting the cache process, complete the following tasks, which include manually downloading the SmartFilter control list to the Content Engine:
1.
For example, enter the no url-filter http smartfilter enable global configuration command to disable this feature through the Content Engine CLI.
2.
3.
For example, enter the url-filter http smartfilter enable global configuration command to disable this feature through the Content Engine CLI.
4.
a.
b.
c.
d.
e.
f.
Note
Websense 5.0.1 Support
Cisco ACNS 5.1 software supports Websense server Version 5.0.1 on all Cisco Content Engine platforms. The integrated Websense server runs internally on the Content Engine (as opposed to running on a separate system and communicating with the Content Engine over the network) and uses approximately 60 MB to 140 MB of RAM in the Content Engine. We recommend that you run the integrated Websense server on Content Engines with at least 512 MB of RAM for best results.
When the Websense server is enabled and the Websense URL database is downloaded for the first time, CPU usage can be very high. Therefore, we recommend that you enable the Websense server during off-peak times or times of low network traffic. Otherwise, other processes running on the Content Engine might be affected. If the Websense server stalls, it restarts automatically.
Websense provides an image of the Websense server that resides in the /local/local1/WebsenseEnterprise/EIM directory. All the executables as well as the configuration and logging files are stored in this directory. This package requires about 150 MB of disk space in the /local/local1/WebsenseEnterprise/EIM directory. An additional 140 MB of disk space is required at the time of downloading the Websense URL database, increasing the total disk space requirement to 290 MB. To ensure that you have enough disk space to properly download the Websense software, we recommend that you increase the amount of sysfs disk space to be greater than the default sysfs configured on your Content Engine.
In ACNS 5.1 software, there is a new connections option for Websense URL filtering on a Content Engine:
url-filter http websense {allowmode enable | enable | server {[hostname | ip-address] | local} [port portnum [timeout seconds [connections connection]]]}
Use the connections option to change the default number of connections per CPU to the Websense server to fine-tune the performance of Websense. The default is 40 connections per CPU, and the range is 1 to 250. We recommend that you do not change the default number of Websense connections unless there is a known Websense performance problem. If there is a Websense performance problem, contact the Cisco Technical Assistance Center (TAC) for the correct number of connections.
Note
Downloading Websense Components and Obtaining an Evaluation Key
To download the Websense components, such as Explorer, Manager, and Reporter, or to obtain an evaluation key for the Websense server that runs on the locally deployed Content Engine, access the following URL and follow the steps:
http://www.websense.com/downloads
Change in the Meaning of Pending Status and Offline Status
In ACNS 5.0 software, the Content Distribution Manager GUI reported the status of a Content Engine as follows:
•
•
In ACNS 5.1 software, "offline" means that the Content Distribution Manager has not been contacted by the Content Engine for a getUpdate request for at least two polling intervals. "Pending" means that the Content Distribution Manager has not heard from the Content Engine yet, but that it is too soon after a restart (or switch from a standby to a primary Content Distribution Manager) to decide whether the Content Engine is actually offline. With this change, no Content Engine will remain "pending" for longer than two polling intervals. (By default, that is 10 minutes.)
Change in Root Content Engine Certificate Authority
Certificate checking is currently used by the acquirer component on the root Content Engine. Sometimes administrators of ACNS 5.0.x networks had to configure weak-certificate-checking to allow common HTTPS websites to be acquired. With ACNS 5.1 software, this need to configure the weak-certificate-checking option is greatly reduced, thereby enabling administrators of ACNS 5.1 networks to enforce stricter certificate checking on common HTTPS websites, often without having to configure weak-certificate-checking on the root Content Engine.
Difference Between ACNS 5.1 and ACNS 5.0.x Software Regarding TFTP Access
In ACNS 5.1 software, the administrator needs to configure the IP access list explicitly in order to allow or deny access to users through the TFTP protocol.
In ACNS 5.0 software, TFTP access was denied to users by default. ACNS administrators had to use the trusted-host command to allow TFTP access to users. The trusted-host command is not supported in ACNS 5.1 software. If this command is configured on Content Engines running a version of ACNS software earlier than Release 5.1, the command appears in the display but does not have any effect. Instances of this command can be deleted by using the no trusted-host command.
Adjusting the TCP Window Size on a Content Engine
Content download from certain origin web servers may be permanently stalled because of a bug on the origin web servers. You may be unable to proxy to a certain web server through the Content Engine because the origin web server is returning an extremely small TCP window size. The server decreases the window size with every packet until the server returns a window size of 0, and never increases the size after that.
This occurs because the Content Engine is sending exactly the amount of data allowed for the window size returned, and nothing more. A client going directly to the server (bypassing the Content Engine) sends the amount of data allowed by that window size plus 1 byte.
To avoid this problem, use the tcp server-satellite global configuration command on the Content Engine. This command uses a different set of window size calculations.
Upgrade Note
After upgrading to ACNS 5.1.1 software from ACNS 5.0.x software, update all of the manifest files so that their last-modified-time timestamps are updated, and click the Fetch Manifest button in the Content Distribution Manager Channel page to ensure that the root Content Engine parses the manifest files again. This step ensures that the root Content Engine converts all channel contents into the ACNS 5.1 software format.
Do not remove any channels carried over from ACNS 5.0.x software or remove any root Content Engines from a channel carried over from ACNS 5.0.x software before completing this step. Otherwise, the acquisition process on the root Content Engine could be stopped, which requires manual intervention to correct.
Important Notes
This section emphasizes important information regarding ACNS 5.1 software.
Media File System Issues When Downgrading to ACNS 5.0 Software
If you have configured the media file system (mediafs) with ACNS 5.1 software or later, and then downgrade to ACNS 5.0 software, the mediafs disk space assignment is lost and it reverts to ACNS network file system (cdnfs) disk space. (The mediafs is used for on-demand content that is fetched through the two streaming protocols [RTSP and WMT]. The cdnfs is used for pre-positioned content in the ACNS network.)
This situation occurs because of a design change that was implemented in ACNS 5.1 software. Because ACNS 5.0 software is not compatible with this change, the disk space becomes assigned to cdnfs instead of mediafs. To work around this problem, follow these steps:
1.
Use the Content Distribution Manager GUI for Content Engines that are registered with a Content Distribution Manager. Use the Content Engine GUI for standalone Content Engines (that is, Content Engines that are not registered with a Content Distribution Manager and are being managed through the Content Engine GUI or CLI).
2.
Websense Issues When Downgrading to ACNS 5.0 Software or ACNS 5.1 Software
If the local (internal) Websense server is enabled on the Content Engine and you downgrade from the ACNS 5.2.x software to ACNS 5.0 software or ACNS 5.1 software, the WebsenseEnterprise directory is removed from the Content Engine and the local Websense server stops working. Note that the ACNS 5.2.x software does not generate an error message indicating that the WebsenseEnterprise directory has been removed.
To avoid this problem when downgrading from ACNS 5.2.x software to ACNS software 5.1 or ACNS 5.0 software, follow these steps:
1.
2.
3.
Scheduling Live Events for Multiple Content Engines
When you schedule a program for a live event, we strongly recommend that you use Greenwich Mean Time (GMT) instead of the local time of the Content Engine that is delivering the program. If you are transmitting the live event across multiple Content Engines that span different time zones, and you schedule local time on each Content Engine instead of GMT, the live transmission is likely to fail.
Multicast Sender Nonretroactive Scheduling Rule
In ACNS 5.1 software, a primary multicast sender automatically schedules the first carousel pass, which sends multicast content to receiver Content Engines. However, ACNS software enforces a nonretroactive scheduling rule, which states that a multicast sender cannot send any files that arrived 10 minutes before it became a multicast sender. Thus, in ACNS software, Release 5.1, when a Content Engine becomes the active primary sender, it does not automatically schedule the first carousel pass to include content that is over 10 minutes old. If you want the old content sent, you must use the distribution multicast resend EXEC command without the on-demand-only option specified. (The on-demand-only option triggers a resend only when a negative acknowledgement [NACK] is issued. In this instance, you want to trigger the resend without a NACK from the receiver.)
After the first multicast carousel pass is complete (whether you manually triggered the resend using the distribution multicast resend command or whether the primary sender completed the pass automatically), the primary sender then determines whether the next carousel pass for content will follow a fixed schedule or whether it will be triggered by NACKs from receiver Content Engines.
In ACNS 5.1 software, you can configure the primary sender to disregard NACKs from receiver Content Engines and send content based on a fixed schedule of carousel passes. To enable this behavior, use the multicast fixed-carousel enable global configuration command. In contrast, a backup multicast sender cannot be enabled for fixed carousel passes; on backup senders, carousel passes must always be triggered by NACKs from receiver Content Engines.
Note
The multicast fixed-carousel enable command is only available for the ACNS 5.1 software primary multicast sender. The default is no fixed carousel; the first carousel pass is automatic and future carousel passes are ondemand only, that is, they are triggered by NACKs.
Limitations
This section describes some limitations regarding ACNS 5.1 software.
Pre-Positioned Content That Requires Playback Authentication
The requireAuth attribute in the manifest file determines whether users need to be authenticated before the specified content is played. When requireAuth is set to true, the Content Engine requires authentication to play back the specified content to users and communicates with the origin server to check credentials. If the requests pass the credential check, the content is played back from the Content Engine.
Cisco ACNS 5.1 software does not support RTSP playback when authentication is specified. If RTSP content is requested that needs to be authenticated before playback, the content is refetched from the origin server each time it is requested; pre-positioned RTSP content that needs to be authenticated cannot be played back from the Content Engine.
Thus, if you specify the requireAuth attribute for any content item, make sure that the origin server FQDN you entered in the Content Distribution Manager GUI Create New Web Site window or Modifying Web Site window (accessed through Channels > Web Sites) is accurate and can do the following:
1.
2.
This reminder is applicable even when you have multiple acquisition servers specified in the manifest file. Because the "true" origin server is still the website origin server FQDN, you need to make sure that content is accessible from the website origin server FQDN and that it can accept authentication requests.
Hardware Supported
ACNS software, Release 5.1 supports the following hardware platforms:
Caveats
This section lists and describes the open and resolved caveats in ACNS 5.1 software. Caveats describe unexpected behavior in ACNS 5.1 software. Severity 1 caveats are the most serious; severity 2 caveats are less serious. Severity 3 caveats are moderate caveats.
Open Caveats - ACNS Software, Release 5.1
This section lists and describes caveats that are open in ACNS software, Release 5.1.
•
Symptom: Content cannot be acquired using strong authentication from secure origin servers that use certificates from nonstandard certificate authorities (CAs). If strong authentication was chosen for content acquisitions from such a site, the acquirer error statistics will contain a 401 (Unauthorized) error code, and the acquirer error log contains the following error message:
Strong Cert Authentication rejects certificate due to error: ssl error codeCondition: This problem occurs if the origin server uses a certificate that is not known as a standard certificate to the ACNS software acquirer. For content acquisition from secure sites over HTTPS using strong authentication, only sites with certificates from standard certificate authorities are supported.
Note
Workaround: Use one of these workarounds:
–
–
•
Symptom: The Content Engine model CE-565 shows lower HTTP performance when it is attached to a Storage Array SA-7 device.
Condition: This problem occurs when the CE-565 has WMT enabled and is attached to an SA-7 device.
Note
Workaround: Allocate less space to the cfs if a Storage Array is attached to the Content Engine.
•
Condition 1: The ACNS network is set up for multicast distribution with Content Engines subscribed to multicast-enabled channels. Multicast sender and receiver Content Engines are running mixed versions of ACNS software. All Content Engines have been successfully enabled for multicasting. The Content Distribution Manager is running ACNS 5.1 software.
Symptom:
–
–
Note
Case 1: The primary sender is using an ACNS software release earlier than ACNS 5.1. The backup sender is using ACNS 5.1 software, as is the receiver.
–
–
–
Case 2: Both the primary sender and the backup sender are using ACNS 5.1 software. The receiver is using an ACNS software release earlier than ACNS 5.1.
–
–
Case 3: Both the primary sender and the receiver are using an ACNS software release earlier than ACNS 5.1. The backup sender is using a software release earlier than ACNS 5.1.
–
–
–
Condition 2: Although you may have received a warning message from the Content Distribution Manager, you can still configure a Content Engine as a backup sender if the Content Engine is registered with a Content Distribution Manager running ACNS 5.1 software and the Content Engine is running ACNS software earlier than ACNS Release 5.1. Cases 4 through 6 discuss the backup sender operating under these conditions.
Symptom: The Content Distribution Manager does not send related configuration information and configuration changes to the Content Engine running the earlier software version. This results in the the Content Engine not being able to identify itself as the multicast backup sender. This scenario might also occur if a backup sender using ACNS 5.1 software is downgraded to an earlier software version through the Content Engine CLI.
Case 4: Both the primary sender and the backup sender are using an ACNS software release earlier than ACNS 5.1. The receiver is using ACNS 5.1 software.
–
–
Case 5: The primary sender and receiver are using ACNS 5.1 software. The backup sender is using an ACNS software release earlier than ACNS 5.1
–
–
Case 6: The primary sender is using ACNS 5.1 software. Both the backup sender and the receiver are using an ACNS software release earlier than ACNS 5.1.
–
–
Condition 3: The Content Distribution Manager is using an ACNS software release earlier than ACNS 5.1. In software releases earlier than ACNS 5.1, only one sender is configurable for each cloud.
Case 7: The sender is using ACNS 5.1 software. The receiver is using a software release earlier than ACNS 5.1.
The sender behaves like an ACNS 5.1 software primary sender. That is, it sends the first round of content without requiring a NACK to trigger the carousel pass. However, the sender is unable to continue making carousel passes because the receiver is unable to send NACKs.
Workaround for Case 7: Use the distribution multicast resend EXEC command on the sender Content Engine to trigger a multicast carousel pass manually.
Case 8: Both the sender and the receiver are using ACNS 5.1 software.
The sender is able to perform carousel passes and the receiver is able to send NACKs for missing content; however, there is no support for a backup sender or for configuring the NACK interval multiplier.
Case 9: The sender is using an ACNS software release earlier than ACNS 5.1. The receiver is using ACNS 5.1 software.
–
–
Workaround for Cases 1 through 9: Upgrade both senders and receivers to ACNS 5.1 software. Upgrade the sender first, and then upgrade the receivers.
•
Symptom: When IP address changes are made on a WCCP-enabled Content Engine, existing connections break, and new connections are not accepted for 30 seconds.
Condition: This problem occurs when you change IP addresses on a Content Engine that has WCCP enabled.
Workaround: Disable WCCP on the Content Engine before changing IP addresses on the Content Engine.
•
Symptom: The Content Engine displays the following error message:
KERNEL: assertion (atomic_read(&sk->wmem_alloc) == 0) failedCondition: The Content Engines display this error message during normal operation.
Workaround: Ignore the error message.
•
Symptom: Users do not receive the requested page or the requested page loads very slowly.
Condition: This problem occurs when the origin server sends back a response with "Connection: close," but does not close the connection. The Content Engine waits for the server to close the connection, until the Content Engine times out. Subsequent requests are affected and are not processed until the previous request is completed, thus causing the delay.
Workaround: Configure the Content Engine for a static bypass entry for the server.
•
Symptom: The HTTP proxy cache hit response time increases dramatically over time.
Condition: The Content Engine is overloaded (200 requests per disk spindle is the maximum for the CE-7305 and CE-7325).
Workaround: Reduce the load.
•
Symptom: When you use Windows XP with Windows Media Player 9.0.0.3008 installed, embedded Microsoft media files (for example, .asf files) cannot be retrieved over HTTP from a Content Engine that has the media files pre-positioned.
Condition: When the Content Engine has media files pre-positioned, and the Content Engine is not configured for either WMT or proxy, media files must be retrieved over HTTP from a pre-positioned store on the Content Engine.
Workaround: You can avoid this problem by doing the following:
–
–
•
Symptom: An advanced program that uses a file having three streams (audio, video, and web presentation) launches the Web Presenter server. (When creating, duplicating, or editing a program, you must indicate the type of program. A program can be one of three types: live, file-based, or advanced. Advanced programs allow you to combine file-based and live information.)
Condition: This occurs only when an advanced program is file-based and includes a web presentation. The Presenter Server window should not be opened for a file-based program that contains URLs. When an advanced, file-based program is created, IP/TV Program Manager requires that the user specify a SlideCast or Web Presentation Server for the program. This should be optional; the user should not have to do this. IP/TV Program Manager then creates an sdp file that treats the Web Presenter portion as a live program rather than a file-based program (for example, the sdp file contains "a=x-iptv-svr:presentation 192.168.1.101 live" rather than "a=x-iptv-svr:presentation 192.168.1.101 file").
Workaround: Click the Play Web Presentation from File radio button if the presentation stream is from the file.
•
Symptom: The CE-7325 does not respond to a console or Telnet session.
Condition: This situation can occur if the CE-7325 is experiencing a heavy WMT proxy load (approximately 3000 concurrent sessions of 300-kbps media requests) and the majority of the requests are cache misses. Even after the heavy load no longer exists, the CD-7325 does not respond to a console or Telnet session for another few minutes.
Workaround: Reboot the device.
•
Symptom: Creating more than 24 bandwidth settings of the same type is not allowed. The default and maximum bandwidths are not included in this count.
Condition: A constraint error occurs if you create more than 24 bandwidths of the same type for a particular Content Engine. If this Content Engine's bandwidth is configured so that it enables aggregation, then the sum of all of its specified bandwidths and those of the device groups to which this Content Engine belongs cannot exceed 24 in total.
Workaround: Additional bandwidth (more than 24) has to be specified using the CLI on the individual Content Engines. You should disable the local central management (LCM) feature (from the Content Distribution Manager GUI, choose System > System Configuration and set System.Icm.enable to false). LCM is a new ACNS 5.1 software feature that allows a change made locally through the Content Engine CLI to be propagated to the Content Distribution Manager. Through LCM, the Content Distribution Manager is aware of all local changes to the Content Engines; such changes are reflected in the Content Distribution Manager GUI.
•
Symptom: A core file from "nmbd" is seen in the /local1/core_dir directory in Cisco ACNS software.
Condition: This occurs rarely and only when the CIFS server is enabled. The application is restarted immediately. There is virtually no loss of function.
Workaround: There is no known workaround.
•
Symptom: The CLI shell (in EXEC or CONFIG mode) exits unexpectedly in Cisco ACNS software.
Condition: This is very rare. When it occurs, there is a core.XXXX file in the /local1/core_dir directory, where XXXX is a number.
Workaround: Log in to the CLI shell again.
•
Symptom: During a pause in the multicast transmission, a small amount of network traffic from the multicast sender continues on the advertised multicast address.
Condition: This condition occurs when you use multicasting to distribute content.
Workaround: There is no workaround. The bandwidth that is being consumed is for PGM protocol source path messages (SPM).
•
Symptom: Windows Media Technologies (WMT) is enabled with no media file system (mediafs) after you downgrade from ACNS 5.1b300 software to ACNS 5.0.7b8 software.
Condition: This occurs if you upgrade from ACNS 5.0.7b8 to ACNS 5.1bx software, configure the disk, and then downgrade to ACNS 5.0.7b4.
Workaround: Reconfigure the disk with a mediafs partition and reload the software.
•
Symptom: You cannot configure the Content Engine TACACS+ client to authenticate administrative users if the TACACS+ encryption key is not defined.
Condition: This problem is reported for a TACACS+ server configuration in conjunction with a Rivest, Sharmir, Adelman (RSA) token server. The problem occurs when the TACACS+ encryption key is not defined and the TACACS+ authentication server configuration involves an RSA server. There are no problems if the encryption key is configured. There are no authentication problems if the encryption key is not defined and the RSA token server is not involved in the configuration.
Workaround: Configure the TACACS+ encryption key for secure authentication.
•
Symptom: A user initiates a data transfer (such as a GET operation). The user cancels the data transfer by simultaneously pressing Ctrl-C. If the network connection between the client and the FTP proxy is on a very slow link compared to the proxy-to-ftp server link, then the cancellation takes a long time to return control to the FTP client.
Condition: This symptom occurs on systems running ACNS 5.1 software that have the FTP transparent WCCP service enabled. This behavior is seen only if the file is a cache miss and the network connection between the client and the FTP proxy (the Content Engine) is very slow compared to the WAN connection (for example, the connection between the Content Engine and the origin FTP server).
Workaround: There is no known workaround.
•
Symptom: Rarely, core dumps from the login program may occur.
Condition: This problem appears to occur only very rarely when you try to use Telnet to access the Content Engine.
Workaround: There is no known workaround.
•
Symptom: Content Engines in an ACNS network delete acquired on-demand content when IP/TV Broadcast Server, which is configured to serve the program, does not have the media file available in its IP/TV media root directory.
Condition: This problem occurs when the media file is not available in the IP/TV media root directory, either because of a change in the IP/TV media root directory path or because the media file was renamed or deleted for the exported ACNS program. This situation will also occur if the IP/TV Broadcast Server fails or is deliberately removed from operation.
Workaround: Make sure the media file for an exported ACNS program is available in the IP/TV Broadcast Server even if the media root directory is changed. Also ensure that the media file is not deleted or renamed after the creation of the program.
•
Symptom: HTTPS requests show a 500 error code in the transaction log.
Condition: In ACNS 5.1 software, any HTTPS request over HTTP will cause an error code of 500 to be written to the transaction log.
Workaround: Ignore the 500 error code in the transaction log.
•
Symptom: When the disk add diskname cdnfs remaining EXEC command is used, the following erroneous output is displayed:
dc: stack emptydc: dc: dc: stack emptydc: stack emptydc: stack emptydc: stack emptydc: stack emptydc: dc: stack emptyruby_disk - manipulate disks on Ruby platformCondition: This problem occurs when the cdnfs remaining option is used with the disk add diskname command.
Workaround: Do not configure the cdnfs remaining option. Specify the disk space using a number and units of GB, MB, or percentage of the disk. After performing this disk add operation, reboot the Content Engine. The cdnfs space on the new disk drive will be used after the reboot.
•
Symptom: The SNMP agent process (snmpced) crashes on a CE-7320 that is running ACNS 5.1 software.
Conditions: This occurs on a CE-7320 that is running ACNS 5.1 software.
Workaround: There is no known workaround.
•
Symptom: Rules configured in the Rules Template do not change the host header correctly for the rewrite and use-server actions.
Condition: The rule rewrite and use-server actions do not change the request header as expected. The Host header on the request should be changed to the new host that the request is being sent to; otherwise, the request may risk rejection. The rule rewrite and use-server actions will change the server of the original request. HTTP/1.1 specifies that the Host header, which specifies the host name of the server, must be present in a request. If either the rule rewrite or use-server action is applied to a request (which effectively changes the server host), then the Host header of the corresponding action also needs to be changed to reflect the host name of this new server that is sent the request.
Workaround: There is no known workaround.
•
Symptom: The use-dns-server option under the rule global configuration command is visible when it should be hidden. This is a hidden CLI command intended to provide backward compatibility.
Conditions: This problem occurs if you configure the ACNS 4.2 software use-dns-server option of the rule command in an ACNS 5.1 software environment and the ACNS 5.1 software has pattern lists configured with an "AND" grouping. If the ACNS 4.2 software syntax is converted to ACNS 5.1 software, misconfiguration occurs.
Workaround: Do not use the ACNS 4.2 software use-dns-server action for configuring this action with the rule command; instead, use ACNS 5.1 software syntax for configuration.
•
Symptom: A configured on-demand program is not listed in the IP/TV Program Manager OnDemand Program Listing window if the associated media file is not available.
Condition: The problem occurs only when the associated on-demand program media file is not available in the configured IP/TV Broadcast Server after the program was created.
Workaround: We recommend that you do not remove or change the media file location in IP/TV Broadcast Server after you configure on-demand programs that use the media file. If you must remove or change the media file location, then you must edit all the programs that use that file on that server to use either another file or another server.
•
Symptom: The first network-attached storage (NAS) attachment that failed at bootup is not recovered by the health probe.
Condition: This problem occurs only when a transient Network File System (NFS) or Common Internet File System (CIFS) connection failure occurs during the NAS attachment process.
Workaround: Reconfigure the failed NAS configuration. If the NFS or CIFS connection failure is transient, reconfiguration will succeed.
•
Symptom: The audio stream sounds discontinuous when you listen to a rebroadcast or video on demand (VOD) of a recorded MP4 file.
Condition: The symptom occurs with IP/TV-generated MP4 files that are streamed from a Cisco Streaming Engine. The problem only occurs with MP4 files that contain an MP3 audio track sampled at 8000 Hz. Streaming the file directly from IP/TV Server does not result in this problem.
Workaround: Use a sampling frequency of 11025 Hz or 22050 Hz while creating a live program with MP3 audio if the recorded file is to be deployed in an ACNS network. Alternatively, use the AAC codec instead of MP3.
•
Symptom: The acquirer stops and the root Content Engine displays a message that the RPC to acquirer failed. The syslog also reports the following:
65-1#Service 'acquirer' died due to signal 3: QuitOct 22 11:36:24 565-1 Nodemgr: %CE-NODEMGR-5-330027: pid 3576 exits Oct 22 11:36:24 565-1 Nodemgr: %CE-NODEMGR-3-330025: Service 'acquirer' died due to signal 3: QuitOct 22 11:36:24 565-1 Nodemgr: %CE-NODEMGR-5-330032: Stopping service: 'acquirer'.Condition: If a channel is created and content is acquired by an early version of ACNS software (such as ACNS 5.0.x) and if after upgrading the root Content Engine to ACNS 5.1.1b3 software, you delete the channel or assigned another Content Engine as the new root Content Engine, the acquirer for the old root Content Engine will crash. But if you have modified the manifest file for this old channel and the manifest file has been re-parsed by ACNS 5.1 software (either by clicking the Fetch Manifest button in the Channel window or through the "Update Interval" for the manifest file), then deleting the old channel does not cause this problem.
Workaround: The workaround depends on which of the following conditions apply.
1.
a.
b.
2.
a.
b.
c.
d.
3.
a.
b.
c.
d.
•
Symptom: CPU usage on the Content Engine periodically spikes (every half minute).
Condition: This problem occurs under normal running conditions.
Workaround: There is no known workaround.
•
Symptom: Statistics reported by the show statistics tcp EXEC command may be inconsistent and incorrect under rare circumstances.
Condition: The exact conditions under which this problem happens are currently unknown, but it appears that this problem can occur after extended periods of operation.
Workaround: Clearing TCP statistics will usually bring all TCP-related statistics back to normal.
•
Symptom: A FreeBSD FTP client receives a "connection reset by peer error" message after it initiates a command that requires a data connection, such as "dir," "get," or "put" operation.
Condition: This problem occurs if FTP client traffic is intercepted by WCCP and redirected to a Content Engine that is running the FTP proxy cache for processing, and the FTP server to which the FTP client is connected supports the FTP command EPSV (Extended Passive). The symptom can also occur with any other FTP client application that issues the EPSV command.
Workaround: If the FTP client application has an option not to use the EPSV command and to use the PASV command instead, then use that option. This FTP client option is available in FreeBSD Release 4.7 and later and is called "epsv4." If this option is not available, then do not use passive mode if possible. Note that this may not be possible if there are firewalls that prevent the FTP server from initiating a connection back to the FTP client.
•
Symptom: The Content Engines fill up the / filesystem, and components then start to fail.
Conditions: This problem may be related to SmartFilter configurations.
Workaround: There is no known workaroud.
•
Symptom: When a new Content Engine is added to a device group that has a WMT license enabled, WMT fails to start on this new Content Engine until you manually enable WMT on this Content Engine.
Condition: This problem was not reproducible.
Workaround: There is no known workaround.
•
Symptom: In rare circumstances the bypass counters may be incorrect.
Condition: This problem is likely to be seen under the following conditions:
–
–
Workaround: If the first condition is true, change the IP address assignments on the router so that the IP address assigned to the router interface from which packets are redirected to the Content Engine becomes the WCCP router ID. If the second condition is true, there is no known workaround.
•
Symptom: Earlier versions of IP/TV supported encoding of Japanese characters in Windows native Shift JIS encoding. For IP/TV 5.1 software, Shift JIS Japanese data is applied to the following data items:
–
–
Japanese characters are corrupted on all on-demand program data items. For scheduled program data items, only certain characters are corrupted but not all.
Microsoft Internet Explorer and Netscape Navigator support UTF-8 encoding in which Japanese characters are available. With UTF-8, all Japanese data is corrupted for both on-demand and scheduled programs though they are corrupted in different ways.
Conditions: Multibyte Japanese text for on-demand program information (category name and program name) is corrupted. Also for scheduled programs, certain Shift JIS Japanese characters are corrupted (channel name, program name), although other characters are saved or restored correctly.
Workaround: Do not use multibyte character sets.
•
Symptom: The cache process restarts when proxy request authentication is enabled on a Content Engine.
Condition: This is an infrequent problem and can occur on the CE-7320.
Workaround: There is no known workaround.
•
Symptom: If the community string that is used for sending SNMP traps is not the same as the community string for SNMP read or read-write access, the Content Engine does not send traps.
Conditions: This occurs on Content Engines that are running any version of the ACNS software.
Workaround: Make sure that you specify the same community strings in the snmp-server host and the snmp-server community global configuration commands.
•
Symptom: The Content Engine WMT server refuses to stream content faster than 3500 kbps over MMST and MMSU. The server also sends WMT streaming packets at a faster rate than it should.
Conditions: The first symptom occurs only with Windows Media Player Version 8 or 9, and is caused by a player bug introduced after Microsoft released Windows Media Player Version 8.
The second symptom occurs only if the stream file is generated by the Windows Media Player 9 encoder. The higher the bit rate, the more serious the problem is. For a 1500-kbps stream, the Content Engine sends it at 1600 kbps; for a 2100-kbps stream, the Content Engine sends it at 3100 kbps.
The second symptom causes Windows Media Player 8 and 9 to exhaust the receive buffer and to start dropping packets, which will cause inferior audio and video quality. Windows Media Player 7 will experience the same problem when using MMSU. However, Windows Media Player 7 will operate better when using MMST or HTTP because it will stop receiving packets instead of dropping them, which triggers the TCP flow control on the Content Engine side to pause sending.
Workaround: Use Windows Media Player Version 7 to play back the high bit rate stream through MMST and HTTP.
•
Symptom: Pre-positioned content is proxied to the origin server.
Condition: When content is acquired, the manifest file has an item AuthFlag=True. For content to be authenticated, the request is then proxied to the origin server.
Workaround: Do not set the AuthFlag to true. If you need to authenticate content, then there is no known workaround for ACNS 5.1 software users.
•
Symptom: The media player cannot play smoothly if there is a proxy chain and a partial cache hit occurs during the initial playing of a cacheable file.
Condition: This problem can occur if there are two or more Content Engines in the proxy chain and one of the Content Engines is the outgoing proxy for the other Content Engine. The typical setup in which this problem occurs is the following: media player > CE1 > CE2 > origin server. The player plays a cacheable file and then stops in the middle and does not close the player. If the player is not closed, and if the user clicks the STOP button and then restarts the player by clicking the PLAY button again, during the second playing of the file the player stops where it stopped the first time.
Workaround: There is no known workaround.
•
Symptom: The device pauses indefinitely in all processing tasks. The kdb (kernel debugger) prompt appears.
Condition: This problem occurs when WMT live splitting is used with WMT video on demand on a Content Engine.
Workaround: Use the no wmt fast-live-split enable global configuration command to disable the high-performance live splitting feature on the Content Engine. This should bypass some kernel work. However, this workaround is not recommended if the highest WMT live-split performance is required from this Content Engine.
•
Symptom: The cache process restarts when it receives a username longer than 50 characters and both proxy authentication and SmartFilter URL filtering are enabled.
Condition: The problem occurs when all of the following conditions exist:
–
–
–
Workaround: There is no known workaround.
•
Symptom: The Centralized Management System (CMS) restarts on the Content Distribution Manager, and the syslog has the following entries:
va.lang.NullPointerException: java.lang.NullPointerException at com.cisco.unicorn.util.Asserter.notNull(Asserter.java:29) at com.cisco.unicorn.messaging.DistributionMessage.sendAsync(DistributionMessage.java: 590)Condition: This problem can occur if there are numerous Content Engines in the ACNS network and you use the Content Distribution Manager GUI to request an update about on-demand replication status.
Workaround: There is no known workaround.
•
Symptom: The syslog on the Content Distribution Manager displays the following warnings:
java.lang.NullPointerExc eption: java.lang.NullPointerException at com.cisco.unicorn.controller.ProxyInfoHelper.getConfigList(ProxyInfoH elper.java:31) at com.cisco.unicorn.controller.AServant.getListEntryTripleUpdates(AServant.java:1763) at com.cisco.unicorn.controller.ServantCe.calculateUpdates(ServantCe.jav a:352)Condition: This problem can occur when the Content Distribution Manager has a heavy load (for example, when there are more than 300 Content Engines in the ACNS network).
Workaround: Increase the data feed poll period that is set by default to 300 seconds; for example, increase it to 600 seconds or more. Change this setting through the Content Distribution Manager GUI (choose System > System Configuration > System.datafeed.PollRate).
•
Symptom: The CMS becomes unresponsive on a Content Distribution Manager or reports a timeout error.
Condition: This problem occurs if the CMS locks up on the Content Distribution Manager because of massive device registration and activation within a short time period.
Workaround: Restart CMS on the Content Distribution Manager.
•
Symptom: An SNMP cold start trap is not generated when the Content Engine boots up.
Condition: This problem occurs on all Content Engines that are running ACNS 5.1.1 software.
Workaround: There is no known workaround.
•
Sym
Guest
