Home | Skip to Content | Skip to Search | Skip to Navigation | Skip to Footer |
Worldwide [change] |Register |About Cisco
Guest

Hierarchical Navigation

Cisco Application and Content Networking System (ACNS) Software

Release Notes for Cisco ACNS Software, Release 5.3.3

Downloads

Table Of Contents

Release Notes for Cisco ACNS Software, Release 5.3.3

Contents

Introduction

New and Changed Information

New Features in the ACNS 5.3.3 Software

Introduction of the Wide-Area Application Engine

Restoring Factory-Default Settings for Real Networks License Keys

Enhancements to the Envivio-Cisco Streaming Engine Interoperability

Support of Dynamic Content Routing

Configuring TCP Memory Limits

New Rule Command for Converting Hostnames to IP Addresses

Modified Output of the show programs EXEC Command

Hardware Supported

Important Notes

Eliminated Upgrade/Downgrade Paths

Media File System Issues When Downgrading to ACNS 5.0 Software

SmartFilter Issues When Upgrading or Downgrading to Another ACNS Software Release

Websense Support

Websense Issues When Downgrading to the ACNS 5.0 Software or ACNS 5.1 Software

Interoperability with ICAP Vendors

ICAP Performance

Matrix of Supported Caching, Filtering, and Authentication Methods

Caveats

Open Caveats - ACNS 5.3.3 Software

Resolved Caveats—ACNS 5.3.3 Software

Acquisition and Distribution Resolved Caveats

ICAP Resolved Caveats

Management Resolved Caveats

Media and Streaming Resolved Caveats

Proxy and Caching Resolved Caveats

Rules Resolved Caveats

Other Resolved Caveats

Documentation Updates

New WAE Platform Support in the ACNS 5.3.3 Software Release

Enhancements to the Envivio-Cisco Streaming Engine Interoperability

Support of Dynamic Content Routing Added in the ACNS 5.3.3 Software Release

Content Distribution Manager GUI-Related Changes in the ACNS 5.3.3 Software Release

CLI-Related Changes in the ACNS 5.3.3 Software Release

Related Documentation

Product Documentation Set

Hardware Documentation

Software Documentation

Online Help

Obtaining Documentation

Cisco.com

Product Documentation DVD

Ordering Documentation

Documentation Feedback

Cisco Product Security Overview

Reporting Security Problems in Cisco Products

Obtaining Technical Assistance

Cisco Technical Support & Documentation Website

Submitting a Service Request

Definitions of Service Request Severity

Obtaining Additional Publications and Information


Release Notes for Cisco ACNS Software, Release 5.3.3

August 4, 2005

ACNS Build 5.3.3-b7

Note The most current Cisco documentation for released products is available at Cisco.com at http://www.cisco.com. The online documents may contain updates and modifications made after the hardcopy documents were printed.

Contents

These release notes contain information about the Cisco Application and Content Networking System (ACNS) 5.3.3 software. These release notes describe the following topics:

Introduction

New and Changed Information

Important Notes

Caveats

Documentation Updates

Related Documentation

Obtaining Documentation

Documentation Feedback

Cisco Product Security Overview

Obtaining Technical Assistance

Obtaining Additional Publications and Information

Introduction

The ACNS software combines the technologies of demand-pull caching and pre-positioning for accelerated delivery of web applications, objects, files, and streaming media; the ACNS software runs on Cisco Content Engines, Content Distribution Manager, and Content Router hardware platforms.

These release notes are intended for administrators who will be configuring, monitoring, and managing devices that are running the ACNS 5.3.3 software. These release notes describe the new product features, the supported hardware, and the open and resolved caveats regarding the ACNS 5.3.3 software release.

New and Changed Information

This section describes new and changed features in the ACNS 5.3.3 software release. It also lists the supported hardware.

New Features in the ACNS 5.3.3 Software

This section describes the new features in the ACNS 5.3.3 software release and includes the following sections:

Introduction of the Wide-Area Application Engine

Restoring Factory-Default Settings for Real Networks License Keys

Enhancements to the Envivio-Cisco Streaming Engine Interoperability

Support of Dynamic Content Routing

Configuring TCP Memory Limits

New Rule Command for Converting Hostnames to IP Addresses

Modified Output of the show programs EXEC Command

Introduction of the Wide-Area Application Engine

The Wide-Area Application Engine (WAE) is an integrated hardware platform that provides a comprehensive set of services for the remote office. The WAE platform operates with either the ACNS or the Wide Area File Services (WAFS) software. When the ACNS software is installed, the WAE functions as a Content Engine or one of the other ACNS device modes, such as Content Router or Content Distribution Manager. When the WAFS software is installed, the WAE functions as a File Engine.

Note The ACNS 5.3.3 software supports three new WAE appliances: the WAE-511, the WAE-611, and the WAE-7326. The software shows the device as a CE-511, CE-611, or a CE-7326. For a complete list of the supported hardware, refer to the "Hardware Supported" section.

In the ACNS 5.3.3 software, the Content Distribution Manager GUI supports Windows Media license keys and Real Networks Proxy and Subscriber license keys for the CE-511, the CE-611, and the CE-7326 in the following device group license settings windows:

Devices > Device Groups > Applications > Streaming > Window Media > License

Devices > Device Groups > Applications > Streaming > Real Networks > Real Proxy License

Devices > Device Groups > Applications > Streaming > Real Networks > Real Subscriber License

Restoring Factory-Default Settings for Real Networks License Keys

In the ACNS 5.3.3 software release, the ability to use the CLI or the Content Distribution Manager GUI to restore the Real Networks (RealProxy and RealSubscriber) license key settings to the factory defaults was added.

To restore the factory-default settings for RealProxy:

From the Content Distribution Manager GUI, click the new Restore all files to factory defaults icon (see Figure 1) in the following two Content Distribution Manager GUI windows:

Devices > Devices > Applications > Streaming > Real Networks > Real Proxy License

Devices > Device Groups > Applications > Streaming > Real Networks > Real Proxy License

Figure 1 Restore Factory Defaults Icon in the Content Distribution Manager GUI

From the CLI, enter the new rtsp real-proxy restore factory-default EXEC command. 

CONTENTENGINE# rtsp real-proxy restore ?

  factory-default  Restore real proxy configuration file and databases to default

To restore the factory-default settings for RealSubscriber:

From the Content Distribution Manager GUI, click the new Restore all files to factory defaults icon in the following two Content Distribution Manager GUI windows:

Devices > Devices > Applications > Streaming > Real Networks > Real Subscriber License

Devices > Device Groups > Applications > Streaming > Real Networks > Real Subscriber License

From the CLI, enter the new rtsp real-subscriber restore factory-default EXEC command. 

CONTENTENGINE# rtsp real-subscriber restore ?

  factory-default  Restore real subscriber configuration file and databases to default

In the ACNS 5.3.3 software release, the rtsp real-proxy default-configuration and the rtsp real-subscriber default-configuration EXEC commands were replaced with the rtsp real-proxy restore factory-default and the rtsp real-subscriber restore factory-default EXEC commands. In the ACNS 5.3.1 software and earlier releases, when you entered the rtsp real-proxy default-configuration or the rtsp real-subscriber default-configuration EXEC command, only the RealProxy or RealSubscriber configuration files were restored to the default setting; the databases that contain the Real Networks license key settings were not restored to the factory defaults.

Enhancements to the Envivio-Cisco Streaming Engine Interoperability

The Cisco Streaming Engine is a back-end RTSP server that can be enabled on a registered Content Engine. A Cisco Streaming Engine can be used to serve VoD files that are generated by Apple Computer's QuickTime VoD authoring tool. It can also relay live streams that are generated by QuickTime Live Broadcaster through RTP/RTSP.

The Envivio Broadcasting Studio creates contents that can be played back by the Cisco Streaming Engine and the Envivio Streaming Server. For the ACNS software, the Envivio Streaming Server implements a much larger set of the MPEG4 specifications in the industry than the QuickTime authoring tools and players.

The ACNS 5.3.3 software release includes the following enhancements that are related to Envivio-Cisco Streaming Engine interoperability:

Retention of m4e File Extensions for Envivio-Based Programs

Content Engine Support for Publishing of Multicast SDP Files for Cisco Streaming Engine Live Programs

Retention of m4e File Extensions for Envivio-Based Programs

The ACNS software supports Envivio-based programs and IP/TV programs as a stream source. For IP/TV-ACNS programs, the program description is generated as a Session Description Protocol (SDP) file by the IP/TV Program Manager. The ACNS software uses this SDP file to distribute the program specifications to the appropriate Content Engines.

Envivio generates the program description as an .m4e file. In the ACNS 5.3.3 software and later releases, m4e extensions in the reference URLs are retained. This new functionality allows you to use the Envivio TV plugin to render streams that are encoded by the Envivio encoder using specific codecs such as H.264. For CLI-based programs, you can now publish broadcast_id.m4e files if the source is an .m4e file.

Content Engine Support for Publishing of Multicast SDP Files for Cisco Streaming Engine Live Programs

In previous releases of the ACNS software, multicast SDP files were not published for Cisco Streaming Engine programs that were created through the Content Distribution Manager or the Content Engine CLI. In previous releases, you could publish the SDP files from any HTTP/FTP server.

In the ACNS 5.3.3 software release, support for multicast reference URLs (Announce URLs) for programs that are created through the Content Distribution Manager or the CLI was added. The multicast reference URL, which is in the form of http//Content Engine-IP address/ProgramID.sdp, is resolved by the Content Engines that are serving the live program.

Support of Dynamic Content Routing

In previous releases of the ACNS software, Content Routers used a static coverage zone file to describe the preferred routing path between Content Engines and client end systems.

A coverage zone is a mapping of client end-system IP addresses to Content Engines. The Content Router uses the Content Engine IP addresses to create a static redirection table that maps end-system IP addresses to Content Engines and provides information on the proximity of end systems to Content Engines. When content is requested by a client, the Content Router checks the client IP address to find the coverage zone that contains that IP address. The Content Router then selects the Content Engine that is serving this coverage zone.

In some ACNS network environments, Content Engine IP addresses keep changing, and coverage zones are dynamic instead of static. In such cases, the Content Router cannot create a static routing table, and it cannot successfully route the content.

When the following conditions are present, the content cannot be routed successfully by using static coverage zone tables in the Content Router:

Multiple Content Engines are deployed in multiple locations.

Each location contains a NAT firewall.

One Content Router serves all locations.

One root Content Engine serves all locations.

Each location is configured with two uplink lines to the Internet for redundancy.

Uplink lines for different locations can share an external public IP address pool so that the same IP address can be used by NAT firewalls in different locations at different times.

With multiple uplinks to the Internet, requests for content from clients and Content Engines that are in the same location can go out to the Content Router with different external IP addresses. The Content Router that is using static coverage zone files cannot accommodate sharing the same IP address pool among different locations.

In the ACNS 5.3.3 software and later releases, the Content Router can detect changes in Content Engine coverage zones and can dynamically adjust its routing tables.

Enabling Dynamic Content Routing

For each Content Router that you want to configure for dynamic content routing, you must indicate that dynamic content routing is to be used over static content routing.

To configure dynamic content routing, follow these steps:

Step 1 From the Content Distribution Manager GUI, choose Devices > Devices.

Step 2 Next to the name of the Content Router that you want to configure, click the Edit icon.

Step 3 In the Contents pane, choose Device Activation. The Device Activation window appears.

Step 4 To indicate that dynamic content routing is to be used over static content routing, check the Dynamic Content Routing check box.

Step 5 To save the Content Router settings, click Submit.

Changing the Content Engine Metric Value for Dynamic Content Routing in the Coverage Zone File

In the ACNS 5.3.3 software, a new tag has been defined in the coverage zone file that allows you to change the metric which assigns a preference to a particular Content Engine in the routing table. This optional tag is the <dynamic> tag.

When a coverage zone file containing the <dynamic> tag and elements is assigned to a Content Router, the following applications are made:

If dynamic content routing is enabled on a Content Router, the Content Router follows the specifications inside the <dynamic> tag, and it ignores the specifications in the <coverageZone> tag.

If dynamic content routing is not enabled, the Content Router follows the specifications in the <coverageZone> tag, and it ignores the specifications in the <dynamic> tag.

The <dynamic> tag is a standalone tag; it is not defined as a subelement of the <coverageZone> tag. The subelements <CE> and <metric> must be defined within the <dynamic> tag. Table 1 describes the elements of the <dynamic> tag.

Table 1 Coverage Zone File Elements for Dynamic Content Routing

Tag Name
Elements
Value
Description

<dynamic>

     
 

<CE>1

Content Engine name

Specifies the Content Engine for which the metric value is to be applied. The <dynamic> tag can contain the names of multiple Content Engines.

 

<metric>1

Number

Value indicates the proximity of the Content Engine to the end user. The lower the value, the greater the preference given to the Content Engine.

If no metric is specified, the default value of 10 is applied.

1 This element is required.


The following example shows how the <dynamic> tag can be used in a coverage zone file: 

<?xml version="1.0"?> 
<CDNNetwork> 
<revision>1.0</revision> 

<dynamic> 
<CE>hostname_of_ce</CE>-----------> NOTE: The tag is <CE> and not <ce>. 
<metric>number</metric> 
</dynamic> 

</CDNNetwork>

The following example shows an invalid coverage zone file where the <dynamic> tag is written as a subelement of the <coverageZone> tag: 

<?xml version="1.0"?> 
<CDNNetwork> 
<revision>1.0</revision> 

<coverageZone> 
<dynamic> 
<CE>hostname_of_ce</CE> 
<metric>number</metric> 
</dynamic> 
</coverageZone>

</CDNNetwork>

The following example shows that the <dynamic> tag and the <coverageZone> tag can exist together in a coverage zone file: 

<?xml version="1.0"?> 
<CDNNetwork> 
<revision>1.0</revision> 

<coverageZone> 
<network>a.b.c.d/mask</network> 
<CE>hostname_of CE</CE> 
<metric>0</metric> 
</coverageZone> 

<dynamic> 
<CE>name_of_ce</CE> 
<metric>number</metric> 
</dynamic> 

</CDNNetwork>

The following example shows that the <dynamic> tag can appear multiple times in a coverage zone file: 

<?xml version="1.0"?> 
<CDNNetwork>

<revision>1.0</revision> 

<dynamic> 
<CE>hostname_of_ce1</CE> 
<metric>number</metric> 
</dynamic> 

<dynamic> 
<CE>hostname_of_ce2</CE> 
<metric>number</metric> 
</dynamic>

</CDNNetwork>

The following example shows that the <dynamic> tag can contain the names of multiple Content Engines: 
<?xml version="1.0"?> 
<CDNNetwork> 
<revision>1.0</revision> 

<dynamic> 
<CE>hostname_of_ce1</CE> 
<CE>hostname_of_ce2</CE> 
<CE>hostname_of_ce3</CE>  
<metric>number</metric> 
</dynamic> 

</CDNNetwork>

You can use a coverage zone file with the <dynamic> tag, for example, when a preference order has to be given for a set of Content Engines that are serving the same client base. The following example shows that ce1 is preferred over ce2 because the metric value for ce1 is lower than that of ce2: 

<?xml version="1.0"?> 
<CDNNetwork> 
<revision>1.0</revision> 

<dynamic> 
<CE>hostname_of_ce1</CE> 
<metric>20</metric> 
</dynamic> 

<dynamic> 
<CE>hostname_of_ce2</CE> 
<metric>30</metric> 
</dynamic> 

</CDNNetwork>

Configuring TCP Memory Limits

In the ACNS 5.3.3 software release, the ability to use the CLI or the Content Distribution Manager GUI to configure TCP memory limits was added. The TCP memory limit settings allow you to control the amount of memory that can be used by the TCP subsystem's send and receive buffers.

Caution Do not modify the default values unless you know what you are doing. The default values are device dependent and have been chosen after extensive testing. They should not be changed under normal conditions. Increasing these values can result in the TCP subsystem using more memory, which might render the system unresponsive. Decreasing these values can result in increased response times and lower performance.

To configure TCP memory limit settings from the Content Distribution Manager GUI, choose Devices > Devices (or Device Groups) > General Settings > Network > TCP. The TCP Settings window appears.

To configure the TCP memory limit settings from the CLI, use the tcp memory-limit global configuration command.

Table 2 lists the TCP configuration fields that have been added under the TCP Memory Limit Settings heading in the Content Distribution Manager GUI and the corresponding CLI commands that were added in the ACNS 5.3.3 software release

Table 2 TCP Memory Limit Settings

Content Distribution
Manager GUI Parameter
Function
CLI Command

TCP Limit Low Water Mark

The lower limit (in MBytes) of memory pressure mode, below which TCP enters into normal memory allocation mode. The range is 4-600.

tcp memory-limit low-water-mark megabytes high-water-mark-pressure megabytes high-water-mark-absolute megabytes

TCP Memory Limit High Water Mark-Pressure

The upper limit (in megabytes) of normal memory allocation mode, beyond which TCP enters into memory pressure mode. The range is 5-610.

TCP Memory Limit High Water Mark-Absolute

The absolute limit (in MBytes) on TCP memory usage. The range is 6-620.


Table 3 describes the default values for each command parameter, which are based on the total amount of memory for the device.

Table 3 Default TCP Memory Limit Settings

Total System Memory
Low
Pressure
Absolute

1 GByte, 2 GBytes, or 4 GBytes

360 MBytes

380 MBytes

400 MBytes

512 MBytes

180 MBytes

190 MBytes

200 MBytes

256 MBytes

25 MBytes

28 MBytes

30 MBytes


The following conditions must be satisfied whenever these default values are changed:

The low water mark must be a number that is less than the high water mark pressure setting.

The high water mark pressure must be a number that is less than the high water mark absolute setting: 

low-water-mark < high-water-mark-pressure < high-water-mark-absolute

New Rule Command for Converting Hostnames to IP Addresses

In the ACNS 5.3.1 software and earlier releases, the use_proxy rule action and the failover option in the use-proxy rule action perform hostname to IP address translation at the time of the CLI configuration. If the IP address for the specified hostname were to change, the service rule would no longer function.

In the ACNS 5.3.3 software release, the rule dns-resolve each-request global configuration command was added. When this CLI command is enabled, the caching process on the Content Engine resolves the hostname each time that it processes the request and matches the pattern for the use-proxy rule action and the failover option in the use-proxy rule action.

For the ACNS 5.3.3 software and later releases, the caching process uses the initially resolved IP (done at the time of the CLI configuration) for processing the use-proxy rule action and the failover option in the use-proxy rule action when the rule dns-resolve each-request CLI command is disabled. For instance, the following is an example of the CLI command syntax for the yahoo and abc websites upon configuration with the ACNS 5.3.3 software: 

ContentEngine(config)# rule action use-proxy www.yahoo.com 8080 failover pattern-list 10 

ContentEngine(config)# rule action use-proxy www.abc.com 8090 pattern-list 20

In contrast, the following is an example of the CLI command syntax for the yahoo and abc websites upon configuration with the ACNS 5.3.1 software and earlier releases: 

ContentEngine(config)# rule action use-proxy 66.94.230.42 8080 failover pattern-list 10 

ContentEngine(config)# rule action use-proxy 199.181.132.250 8090 pattern-list 20

Modified Output of the show programs EXEC Command

In the ACNS 5.3.1 software and earlier releases, the output of the show programs EXEC command does not include information about programs that were configured in local mode through the CLI. The command output only includes information about programs that were configured through the Content Distribution Manager GUI.

In the ACNS 5.3.3 software release, the command output for the show programs command was enhanced to include information about CLI-based programs (for example, information about CLI-based programs for both the Cisco Streaming Engine and WMT).

In the ACNS 5.3.3 software release, the output of the show programs EXEC command was also modified to add an "e-" for Envivio-based programs that have a reference URL that contains an .m4e filename extension.

Hardware Supported

The ACNS 5.3.3 software supports the following hardware platforms.

Note All of the listed platforms also support the ACNS 5.3.1 software and the ACNS 5.2.x software releases except for the following three new Wide-Area Application (WAE) platforms that are only supported in the ACNS 5.3.3 software and later releases: the WAE-511, the WAE-611, and the WAE-7326.

NM-CE-BP-SCSI

CE-565-K9

NM-CE-BP-80G

CE-565A-72GB-K9

NM-CE-BP-40G

CE-565A-144GB-K9

NM-CE-BP

CE-590

CDM-4630

CE-590-DC

CDM-4650

CE-7320

CE-507

CE-7305-K9

CE-507AV

CE-7305A-K9

CE-510-K9

CE-7325-K9

CE-510A-80GB-K9

CE-560

CE-510A-160GB-K9

CE-560AV

CE-511

CE-7325A-K9

CE-566-K9

CE-7326

WAE-511

WAE-7326

WAE-611

CR-4430


Important Notes

This section emphasizes important information regarding the ACNS 5.3.x software. It includes the following sections:

Eliminated Upgrade/Downgrade Paths

Media File System Issues When Downgrading to ACNS 5.0 Software

SmartFilter Issues When Upgrading or Downgrading to Another ACNS Software Release

Websense Support

Websense Issues When Downgrading to the ACNS 5.0 Software or ACNS 5.1 Software

Interoperability with ICAP Vendors

ICAP Performance

Matrix of Supported Caching, Filtering, and Authentication Methods

Eliminated Upgrade/Downgrade Paths

In the ACNS 5.3.1 software release, the following upgrade and downgrade paths were eliminated:

Upgrading from the ACNS 4.2 software to the ACNS 5.3 software

Downgrading from the ACNS 5.3 software to the ACNS 4.2 software

Media File System Issues When Downgrading to ACNS 5.0 Software

If you have configured the media file system (mediafs) with the ACNS 5.1 software and later releases, and then downgrade to the ACNS 5.0 software, the mediafs disk space assignment is lost and reverts to the ACNS network file system (cdnfs) disk space. (The mediafs is used for on-demand content that is fetched through the two streaming protocols [RTSP and WMT]. The cdnfs is used for pre-positioned content in the ACNS network.)

This situation occurs because of a design change that was implemented in the ACNS 5.1 software. Because the ACNS 5.0 software is not compatible with this change, the disk space becomes assigned to cdnfs instead of mediafs. To work around this problem, follow these steps:

1. After you downgrade to the ACNS 5.0 software, use the CLI (disk config EXEC command) or the GUI to assign the mediafs disk space.

Use the Content Distribution Manager GUI for Content Engines that are registered with a Content Distribution Manager. Use the Content Engine GUI for standalone Content Engines (Content Engines that are not registered with a Content Distribution Manager and are being managed through the Content Engine GUI or CLI).

2. Reboot the Content Engine for the disk configuration changes to take effect.

SmartFilter Issues When Upgrading or Downgrading to Another ACNS Software Release

When you upgrade or downgrade the Content Engine to a different release of the ACNS software, if there is a difference in the SmartFilter plug-in version, the SmartFilter database and configuration files are deleted and default configurations are loaded. This change occurs because the configuration details might be changed with each new version of SmartFilter software. After each upgrade or downgrade of the SmartFilter plug-in, a fresh database has to be downloaded from the SmartFilter Administration Console to the Content Engine.

Websense Support

In the ACNS 5.3.x software, Websense server Version 5.2 is supported on all Cisco Content Engine platforms. With Websense 5.2.0 software, you can use a local or remote Websense Policy Server to activate the local EIM Server, the local RADIUS Agent, the local eDirectory Agent, the local Network Agent, and the local User Service individually on a Content Engine.

For detailed information about configuring the Websense software, go to the following URL on the Websense website:

http://ww2.websense.com/docs/support/documentation/setup/v52/WSPreinstall_CiscoCE_ACNS_53.pdf

Websense Issues When Downgrading to the ACNS 5.0 Software or ACNS 5.1 Software

If the local (internal) Websense server is enabled on the Content Engine and you downgrade from the ACNS 5.2.x software to either ACNS 5.0 software or ACNS 5.1 software, the WebsenseEnterprise directory is removed from the Content Engine and the local Websense server stops working. The ACNS 5.2.x software does not generate an error message indicating that the WebsenseEnterprise directory has been removed. However, in the ACNS 5.3.1 software and later releases, the following error message is displayed to notify you about this Websense downgrade issue: 

WARNING:

Websense does not support downgrade

Hence removing /local/local1/WebsenseEnterprise

Websense will stop working after copy ftp install

To avoid this problem when downgrading from the ACNS 5.3.x or ACNS 5.2.x software to either ACNS 5.1.x software or ACNS 5.0.x software, follow these steps:

Step 1 Disable the local (internal) Websense server on the Content Engine.

Step 2 Deactivate the Websense services on the Content Engine.

Step 3 Install the ACNS 5.1 software or ACNS 5.0 software downgrade image on the Content Engine.

Interoperability with ICAP Vendors

The Internet Content Adaptation Protocol (ICAP) is an open standards protocol for content adaptation, typically at the network edge. Content adaptation includes virus scanning, content translation, content filtering, content insertion, and other ways of improving the value of content to end users. ICAP specifies how a Content Engine, acting as an HTTP proxy server, can communicate with an external device that is acting as an ICAP server, which filters and adapts the requested content.

ICAP provides two content-processing modes for HTTP services. These modes define the transactions that can occur between a Content Engine acting as an ICAP client and an ICAP server. The two modes are as follows:

Request modification (reqmod)—Allows modification of requests as they are sent from the Content Engine to the ICAP server on their way to the origin server. The ICAP server can modify these requests depending on the services requested.

Response modification (respmod)—Allows modification of requests after they return from the origin server. The ICAP server only acts on requested objects after they return from the origin server.

The following is a complete list of the ICAP vendors that have been certified to interoperate with the Content Engine:

TrendMicro for reqmod and respmod

Symantec for respmod

ICAP Performance

With the respmod vectoring point, which is used by virus-scanning Internet Content Adaptation Protocol (ICAP) vendors, the performance of the Content Engine model CE-7305 will be 300 transactions per second.

With the reqmod-precache vectoring point, which is used by URL filtering ICAP vendors, the performance of the Content Engine model CE-7305 will drop 20 percent from the rated performance.

Note The performance of the Content Engine will be limited by the performance of the ICAP server.

Matrix of Supported Caching, Filtering, and Authentication Methods

Table 4 lists the caching, filtering, and authentication methods supported by Content Engines that are running the ACNS 5.3.x software. An asterisk (*) indicates a feature is supported for that particular protocol.

Table 4 Caching, Filtering, and Authentication Methods and Related Protocol Support 

   
Filtering
   
Proxy Authentication
Protocol
Caching
N2H2
Websense
SmartFilter
RADIUS
LDAP
NTML
TACACS+

HTTP

*

*

*

*

*

*

*

*

FTP-over-HTTP

*

*

*

*

*

*

*

*

HTTPS-over-
HTTP

*

*

*

*

*

*

*

*

RTSPG

*

             

MMSU

*

             

MMST

*

             

MMS-over-HTTP

*

     

*

*

   

HTTP-WCCP

*

 

*

*

*

*

*

*

FTP-WCCP
(native FTP)

*

             

HTTPS-WCCP

*

 

*

*

       

RTSPG-WCCP

*

             

MMSU-WCCP

*

             

MMST-WCCP

*

             

MMS-over-HTTP
-WCCP

*

     

*

*

   

Caveats

This section lists and describes the open and resolved Severity 1, 2, and 3 caveats in the ACNS 5.3.3 software. Caveats describe unexpected behavior in the ACNS 5.3.3 software. Severity 1 caveats are the most serious; Severity 2 caveats are less serious. Severity 3 caveats are moderate caveats.

Open Caveats - ACNS 5.3.3 Software

This section lists caveats that have not been resolved in the ACNS 5.3.3 software release.

CSCdy82311

Symptom: Content cannot be acquired using strong authentication from secure origin servers that use certificates from nonstandard certificate authorities (CAs). If strong authentication was chosen for content acquisitions from such a site, the acquirer error statistics will contain a 401 (Unauthorized) error code, and the acquirer error log contains the following error message: 

Strong Cert Authentication rejects certificate due to error: ssl error code

Condition: This problem occurs if the origin server uses a certificate that is not known as a standard certificate to the ACNS software acquirer. For content acquisition from secure sites over HTTPS using strong authentication, only sites with certificates from standard certificate authorities are supported.

Note With strong authentication, if any errors occur during certificate verification by the ACNS acquirer, then content from that site will not be acquired. With weak authentication, certain errors (for example, a certificate has expired, certificate is not yet valid, and a subject issuer mismatch has occurred) are allowed during certificate verification.

Workaround: Use one of these workarounds:

Use weak authentication.

On the secure server, use a certificate that was generated by one of the standard certificate authorities. ACNS network administrators should refer to the following information to determine which CA certificate to install on their origin servers. Note that the certificate list differs based on the version of the ACNS software. For the ACNS 5.1.x software release or later, refer to the certificate list in the Cisco ACNS Software Upgrade and Maintenance Guide, Release 5.x.

CSCea51815

Symptom: When a Content Engine model CE-565 is attached to a Storage Array SA-7 device, if too large a cache file system (cfs) partition is configured, and a combined streaming and caching workload is used, then a lower HTTP performance is observed.

Condition: This problem occurs when the CE-565 has Windows Media Technologies (WMT) enabled, a combined streaming and caching workload is used, and the Content Engine is attached to an SA-7 device.

Note The Storage Array device is used for the cache file system (cfs).

Workaround: Allocate less space to the cfs if a Storage Array is attached to the Content Engine.

CSCec52221

Symptom: Windows Media Technologies (WMT) is enabled with no media file system (mediafs) after you downgrade from the ACNS 5.1b300 software to the ACNS 5.0.7b8 software.

Condition: This problem occurs if you upgrade from the ACNS 5.0.7b8 to the ACNS 5.1bx software, configure the disk, and then downgrade to the ACNS 5.0.7b4 software.

Workaround: Reconfigure the disk with a mediafs partition and reload the software.

CSCec52319

Symptom: Using FTP inside the .meta file to have the Content Engine obtain the .bin file for a Content Distribution Manager GUI-initiated upgrade is unsuccessful if the user's home directory differs from the FTP root.

Condition: Either you receive an error in the Content Distribution Manager GUI when you are creating the definition for the upgrade (when the .bin file does not exist in the user's home directory), or the Content Engine displays an error message on the upgrade (when the .bin file does not exist in the FTP root directory).

Workaround: Copy the .bin file to both the FTP root and the user's home directory, or use a user whose home directory is the FTP root.

CSCed68360

Symptom: A constant stream of bandwidth error messages (one about every 2 seconds) is reported in the syslog. As the following sample messages indicate, these messages are not very useful. 

Feb 11 13:24:26 webcache01 bandwd: %CE-BANDWD-3-115002: BANDWD: Trying again in two 
seconds 

Feb 11 13:24:28 webcache01 bandwd: %CE-BANDWD-3-115003: BANDWD: verification 
registration failed, err=30

Condition: None.

Workaround: There is no known workaround.

CSCed68727

Symptom: The Content Distribution Manager only checks if coverage zone files refer to invalid Content Engines after there is a fresh import. When there is a configuration change that can cause already imported coverage zone files to refer to invalid Content Engines, the Content Distribution Manager does not check or display the correct error message until the next fresh import.

Condition: This problem occurs if there is a coverage zone configuration change that causes already-imported coverage zone files to refer to invalid Content Engines.

Workaround: There is no known workaround.

CSCed77655

Symptom: The Content Engine stops spoofing the client IP address and uses its own IP address to fetch content from the origin server.

Condition: The http l4-switch spoof-client-ip enable global configuration command turns on IP spoofing on a Content  Engine that is functioning as a caching engine. When a rule action use-server global configuration command is used, the Content Engine stops spoofing the client IP address and instead uses its own IP address to fetch the content.

Workaround: Remove the rule configurations.

CSCed84227

Symptom: The network management system (NMS) host does not know where SNMP traps are coming from.

Condition: This problem occurs if there are two interfaces and you configure interface redundancy using both interfaces. You must use a dummy address for the physical addresses. You then configure a real address that floats between the two interfaces. If you then configure SNMP traps, the traps are being sourced from the dummy address and not the routable address. Therefore, the NMS host does not know where the trap is coming from.

Workaround: Configure the Content Engine to generate SNMP version 2c type trap messages. Because the SNMP version 2c trap message does not contain the IP address of the SNMP agent, the NMS software will use the source IP address of the UDP message to identify the address of the SNMP agent.

CSCee17283

Symptom: The cdnfs files are turned into directories (which are visible if you enter the cdnfs browse EXEC command on the Content Engine).

Conditions: This problem is rare and occurs only when the file system corruption has caused a directory entry to be a subdirectory when it should have been a file. This problem occurs only if multiple cdnfs entries are being updated and the Content Engine crashes (for example, the Content Engine crashes because of a power failure).

Workaround: Enter the cdnfs cleanup start EXEC command on the Content Engine.

CSCee25042

Symptom: Even though you entered the url-filter wmt bad-sites-deny global configuration command on the Content Engine, the Content Engine is not filtering requests for content that is pre-positioned in its wmt_vod directory.

Condition: This problem occurs in the following situation:

a. You pre-position a file (for example, file.asf) on the Content Engine in its wmt_vod directory.

b. After pre-positioning the file, you configure the bad site list for URL filtering using mmst://Content Engine IP address/wmt_vod/file.asf.

c. A user makes a content request for this URL (mmst://Content Engine IP address/wmt_vod/file.asf).

Workaround: Configure the bad site list using mmst://127.0.0.1/wmt_vod/file.asf instead of mmst://Content Engine IP address/wmt_vod/file.asf.

CSCee38190

Symptom: A WMT live stream in a managed live event environment is accessible for a period longer than the scheduled duration.

Condition: This problem occurs only with WMT live programs that have unicast access enabled. In this situation, streams can be accessible for up to 24 hours after the last playtime of the event if "Auto Delete" is set to true or can be accessible indefinitely if "Auto Delete" is set to false.

Workaround: Control the live-stream source through the schedule for the event. Typically, this process involves starting and stopping the WMT encoder.

CSCee40593

Symptom: Syslog messages contain the following text: 

uns-server: %CE-CDNFS-0-480000: uns_read_meta: WOW! url mismatch:

wanted 'URL>', swaw '^C'

Condition: This problem occurs because of file system corruption; the cdnfs metadata files have the wrong content (the content is internally consistent but is in the incorrect file). This problem occurs infrequently. For example, it can occur if the cdnfs content is being updated and a crash occurred because of a kernel panic (which occurs infrequently).

Workaround: Although there is no known workaround to stop the syslog messages shown above, lookups for the target URL (listed in the syslog message) may succeed if the ACNS software has created a new cdnfs entry for the target URL.

You can enter the cdnfs lookup url EXEC command to see if the URL is found. If the URL is not found, a way to force it to be replicated is to modify the file on the origin server (for example, by entering the touch command on a UNIX-based origin server).

Alternatively, you can enter the acquisition-distribution database-cleanup start command on the affected Content Engine to query the cdnfs for all the objects that are supposed to be on the Content Engine. Missing objects should be detected and replicated.

CSCee49106

Symptom: The content replication status can show an incorrect manifest item count.

Condition: This problem can occur if too many channels share the same content (for example, if over 100 channels share the same 30 files in each channel). Even though all 100 channels should show the 30 files that were acquired and distributed, it takes an extended period (days) before the correct manifest item count is displayed.

Workaround: Reduce the number of channels that share the same contents.

CSCee56998

Symptom: The CPU usage on the Content Engine hits a peak of 100 percent.

Condition: This problem can occur if the internal (local) Websense server is enabled on the NM-CE-BP models.

Workaround: There is no known workaround.

CSCee67227

Symptom: If you specify foo as a folder URL in the manifest file, and there is a single item redirection from foo to foo/ by the web server, the ACNS acquirer fails to process such redirections and generates a 716 error message. If you are using the quick crawl tool in the Channel Content window, some of the files also report 716 error messages.

Condition: This problem occurs if you are using the quick crawl tool and there is a single item redirect from foo to foo/. However, if foo is a link from a crawl job, single item redirections from foo to foo/ are allowed.

Workaround: Specify foo/ in the manifest file, or specify a crawl job instead of using the quick crawl tool.

CSCee67330

Symptom: Microsoft NT LAN Manager (NTLM) authentication fails and the pop-up window is displayed again.

Condition: This problem occurs if NTLM authentication is being used and the specified domain name is longer than 50 characters.

Workaround: For NTLM authentication, use a domain controller (DC) that has a domain name shorter than 35 characters.

CSCee68339

Symptom: Proxy requests to the Content Engine proceed to allow mode (if allow mode is enabled) or are blocked (if allow mode is disabled) when the Websense URL filtering mechanism is configured to use the local Websense server.

Because the connections from the Content Engine to the Websense server time out, all requests go to allow mode until all 40 connections are exhausted. (This situation makes it appear as if the Websense server is not responding.) After all 40 connections are attempted, the Content Engine successfully connects to the Websense server and works properly thereafter.

Condition: This problem can occur under the following conditions:

The Content Engine is configured to use the local (internal) Websense server for URL filtering.

The local Websense server is running on the Content Engine.

There are long periods of inactivity.

The cache process has difficulty connecting to the local Websense server.

Workaround: Reconfigure Websense URL filtering on the Content Engine so that the Content Engine will attempt to establish new connections to the Websense server.

CSCee71157

Symptom: Channel routing causes loops for several Content Engines.

Condition: This problem can occur if there are Content Engines that are running the ACNS 5.1.x software or earlier, and these Content Engines are registered with a Content Distribution Manager that is running the ACNS 5.2.x software.

Workaround: Upgrade the Content Engines to the ACNS 5.2.x software. Currently, a Content Distribution Manager that is running the ACNS 5.2.x software does not propagate some configuration changes to Content Engines that are running an ACNS software release earlier than the ACNS 5.2.x software. Therefore, Content Engines that are running the ACNS 5.1.x software or earlier, may not recognize that the root Content Engine was changed from one Content Engine to another. Consequently, routing loops can develop within the system.

CSCee78190

Symptom: When a root Content Engine is downgraded from the ACNS 5.2.x software to the ACNS 5.1 software, some channels are disabled and some content fails to be acquired.

Condition: This problem occurs when the manifest file URL is a Server Message Block (SMB) URL with a uniform naming convention (UNC) path format (for example, \\host\share\file), or when an item or crawl task specified in either the src or start-url attribute has a UNC path format.

Because the ACNS 5.1 software does not support SMB file acquisition, the root Content Engine running the ACNS 5.1 software is not able to fetch the manifest file or acquire content from the SMB shares.

Workaround: Either before or after you downgrade the root Content Engine from the ACNS 5.2.x software to the ACNS 5.1 software, remove the SMB URL from the Manifest URL field in the Channel configuration window of the Content Distribution Manager GUI and use a URL with supported protocols (HTTP, FTP, or HTTPS).

Note From an ACNS 5.1 Content Distribution Manager GUI, choose Channels > Channels > Edit Channel.

From an ACNS 5.2.x Content Distribution Manager GUI, choose Content > Channels > Edit Channel > Channel Content.

Edit the manifest file by removing content items and crawl tasks that have UNC formatted paths.

Use the acquirer start-channel EXEC command to initiate channel acquisition and verify that the workaround is successful.

CSCee81376

Symptom: The CMS service on the Content Distribution Manager cannot start and fails to create the CMS database backup file.

Condition: This problem can occur if the ACNS network configuration is very large (for example, with 2000 configured Content Engines) and the sysfs partition is 2 GB or less.

Workaround: Create a sysfs partition that is greater than 2 GB.

CSCee90245

Symptom: Microsoft NT LAN Manager (NTLM) authentication occurs even though you disabled it on the Content Engine.

Condition: This problem occurs very rarely. In very rare situations, even though you entered the no ntlm server enable global configuration command to disable NTLM proxy authentication on the Content Engine, NTLM proxy authentication is still not turned off. In such cases, NTLM authentication can still occur, although the output of the show running EXEC command shows that the NTLM server is not enabled on the Content Engine.

Workaround: Enter the no ntlm server enable global configuration command again on the Content Engine.

CSCee92698

Symptom: The ICAP service is enabled on the Content Engine, but the Content Engine is unable to retrieve the content.

Condition: This problem can occur if the Content Engine is running the ACNS 5.x software, and you configure two or more ICAP services to subscribe to the same vectoring point (the response modification [RESPMOD] vectoring point).

Workaround: There is no known workaround.

CSCee92917

Symptom: A cleanup of the sysfs partition removes all pre-positioned RealMedia contents from the /local1/real_vod/ directory on the Content Engine.

Condition: This problem occurs if the sysfs partition is saturated because of the population of content in the real_vod directory.

Workaround: There is no known workaround.

CSCef11091

Symptom: The WCCP cache farm (a cluster of Content Engines that are running WCCP) is formed using the assignment method even though you specified the mask-assignment assign-method- strict option when configuring the WCCP service.

Condition: This problem occurs if the WCCP cache farm is associated with Cisco routers instead of switches.

Workaround: There is no known workaround. Mask assignment was only designed for Catalyst 6500 series switches and is not supported by Cisco routers.

CSCef16345

Symptom: The stream scheduler in the edge Content Engine retrieves stale Session Description Protocol (SDP) information from its forwarder and stores it in its local1/cse_live/ucast folder if the encoding is modified through IP/TV Program Manager. All further RTSP requests are served with this stale SDP content.

Condition: This problem occurs if the stream scheduler retrieves stale SDP information from its forwarder because the program has been edited and the encoding changed for a program. This situation occurs if the Content Distribution Manager notification at the edge Content Engine triggers the stream scheduler before the same occurs at the root Content Engine. Consequently, the edge Content Engine obtains the SDP content from its forwarder, which is valid content at that moment.

Workaround: Reload the Content Engine.

CSCef37606

The Content Engine becomes unresponsive, and it takes a long time for commands to be executed.

Condition: This problem occurs when the load that is running on the Content Engine is almost as high as the maximum permissible load for a Content Engine, and you then enable ICAP (especially with request modification [REQMOD] transactions). This situation causes the Content Engine to go into an overload state and not recover easily.

Workaround: The load on the Content Engine with ICAP enabled (for the response modification [respmod] transactions) should be kept to 50 percent of the load that it can handle without ICAP.

CSCef37947

Symptom: A URL in the Synchronized Multimedia Integration Language (SMIL) file that has the "repeatCount" value set, may not be requested as many times as specified by the "repeatCount" setting.

Condition: This problem occurs only when RealPlayer Version 10 is used. The player exhibits the same behavior whether or not there is a Content Engine between the client and the origin server.

Workaround: Use RealOne player instead of RealPlayer Version 10, or request the SMIL file again. The URL will be played at least once in the player.

CSCef44709

Symptom: An HTTP 1.0 request that is received by the Content Engine from a client web browser is sent as an HTTP 1.1 request by the Content Engine to the origin server.

Condition: This problem occurs only when the ICAP service is enabled on the Content Engine.

Workaround: There is no known workaround.

CSCef57641

Symptom: The cache process on the Content Engine restarts.

Condition: This problem occurs if a large volume of HTTPS and FTP traffic is being directed to the Content Engine, which is operating in transparent mode.

Workaround: There is no known workaround.

CSCef60282

Symptom: Even though you entered a write memory command, after an immediate reload, a prompt appears that the configuration has been changed.

Conditions: This problem occurs if the following conditions are met:

You have enabled Websense on the Content Engine.

The IP address of the Content Engine is removed or changed.

You enter a write memory command on the Content Engine.

You reload the Content Engine.

Workaround: Note that ACNS functionality is not affected if this problem occurs. However, if a prompt appears stating that the configuration has been changed, enter yes to save the configuration.

CSCef61845

Symptom: Unicast access to a live program does not work.

Condition: This problem occurs only when you use special characters ("?" and "#") in the unicast reference URL.

Workaround: To publish a live event, use URLs that do not contain special characters.

CSCef62968

Symptom: The Content Engine reboots suddenly when you are performing database maintenance.

Condition: The problem can occur because of a platform issue in the power supply of the device.

Workaround: Properly trim the power supply of the Content Engine.

CSCef65567

Symptom: You are not able to download the control list or apply a policy (for example, the policies that control when the SmartFilter subscription or control list expire) to the SmartFilter 3.x plug-in.

Condition: This problem occurs if you use the SmartFilter 4.0 Administrator Console to define the SmartFilter 3.x plug-ins as part of a plug-in group.

Workaround: Use the SmartFilter 4.0 Administrator Console to define the SmartFilter 3.x plug-ins as individual plug-ins.

CSCef67934

Symptom: The proxy autoconfiguration file is missing from the Content Engine after you switch from group settings to device settings, and then switch back to group settings.

Condition: This problem can occur in the following condition:

a. You have specified values in the Client Proxy Autoconfig Device Group window of the Content Distribution Manager GUI.

b. You override these values through the Client Proxy Autoconfig Device window of the Content Distribution Manager GUI.

c. You revert the Content Engine back to the device group settings (you click the Force device group settings button in the device group window or you select the device group from the drop-down menu in the device window).

The autoconfiguration file is not found but the proxy autoconfiguration feature is shown as enabled.

Workaround: Return to the device window in the Content Distribution Manager GUI, delete the values from the proxy autoconfiguration fields in the device window, and then select device group from the drop-down menu.

CSCef67938

Symptom: When using the quick start tool in the Content Distribution Manager GUI, if you repeatedly click the Add-Router to List button before the window completely loads in your browser, the following message appears in your browser: 

The system had trouble processing your last request.

This situation can occur under the following circumstances:

You click the BACK or REFRESH browser buttons.

Multiple browser windows from the same client machine are accessing the Content Distribution Manager GUI.

Another user deletes the item that you are working with in the Content Distribution Manager GUI.

Condition: This problem occurs only when there is a slow connection between the Content Distribution Manager and your browser and you perform any of the unsupported actions described above.

Workaround: Return to the Content Distribution Manager GUI and wait until the window is completely loaded in your browser before you click the Add-Router to List button.

CSCeg04809

Symptom: HTTP VoD file statistics are not being updated correctly.

Condition: This problem can occur if you enter the show statistics wmt requests EXEC command while you are using the HTTP protocol to play a stream. The command output shows the total unicast requests field as 2 but shows the other types of requests (for example, the number of served streaming requests) as only 1.

Workaround: Wait until the stream ends before you enter the show statistics wmt requests EXEC command.

CSCeg22697

Symptom: The Websense EIM server that is running on the Content Engine generates a core file.

Condition: This problem can occur when the Websense server is enabled on the Content Engine.

Workaround: No user intervention is required. If this problem occurs, the Websense server functionality is not affected. After generating a core file, the Websense server will be automatically restarted and the functionality is restored.

CSCeg47793

Symptom: If you modify a Content Engine GUI page and reload the page without first clicking the Update button, the new (unsaved) values are displayed on the page instead of the old (saved) values.