Table Of Contents
Caveats for the Cisco uBR7200 Series Universal Broadband Routers in Cisco IOS Release 12.2SC
Open Caveats—Cisco IOS Release 12.2(33)SCB4
Resolved Caveats—Cisco IOS Releases 12.2(33)SCB4
Open Caveats—Cisco IOS Release12.2(33)SCB3
Resolved Caveats—Cisco IOS Release 12.2(33)SCB3
Open Caveats—Cisco IOS Release 12.2(33)SCB2
Resolved Caveats—Cisco IOS Release12.2(33)SCB2
Open Caveats—Cisco IOS Release 12.2(33)SCB1
Resolved Caveats—Cisco IOS Release 12.2(33)SCB1
Open Caveats —Cisco IOS Release 12.2(33)SCB
Open Caveats —Cisco IOS Release 12.2(33)SCA2
Resolved Caveats — Cisco IOS Release 12.2(33)SCA2
Open Caveats — Cisco IOS Release 12.2(33)SCA1
Resolved Caveats — Cisco IOS Release 12.2(33)SCA1
Open Caveats — Cisco IOS Release 12.2(33)SCA
Resolved Caveats — Cisco IOS Release 12.2(33)SCA
Obtaining Documentation and Submitting a Service Request
Caveats for the Cisco uBR7200 Series Universal Broadband Routers in Cisco IOS Release 12.2SC
September 23, 2009
OL-15875-08
This document lists severity 1 and 2 caveats and select severity 3 caveats for the Cisco uBR7200 Series Universal Broadband Routers in Cisco IOS Release 12.2SC, up to and including Cisco IOS Release 12.2(33)SCB1. This document applies to the Cisco uBR7246VXR and Cisco uBR7225VXR routers. Caveats describe unexpected behavior or defects in Cisco IOS software releases. Severity 1 caveats are the most serious caveats; severity 2 caveats are less serious. Severity 3 caveats are moderate caveats, and only selected severity 3 caveats are included in the caveats document.
Use this caveats document with the following release notes on Cisco.com:
•
Cross-Platform Release Notes for Cisco Universal Broadband Routers in Cisco IOS Release 12.2SC
•
•
Note
Caveats
This document describes open and resolved severity 1 and 2 caveats and select severity 3 caveats:
•
•
Within the sections, the caveats are sorted by component in alphabetical order. The caveats are also sorted in the alphanumerical method by caveat numbers.
In this section, the following information is provided for each caveat:
•
•
•
Open Caveats—Cisco IOS Release 12.2(33)SCB4
•
Symptom: A Cisco uBR7246VXR router may reload with the last reset from watchdog reset.
Condition: The router has a Cisco uBR7200-NPE-G1 processor board and is running Cisco IOS release 12.3(9a)BC.
Workaround: There is no workaround.
•
Symptom: The Cisco uBR7246VXR-MC28U line card resets with no crash file being generated in bootflash.
Condition: The problem may occur on some Cisco uBR7246VXR router with multiple MC28U cards.
Workaround: There is no workaround.
•
Symptoms: In syntax check mode, if there is a standby in SSO mode, the cts dot1x command does not work.
Workaround: There are no workarounds.
•
Symptom: A drop in multicast streams is seen after changing the IGMP query interval, using the ip igmp query-interval command.
Condition: This issue occurs in Cisco 7600 chassis with Sup720 engine running Cisco IOS release 12.2(33)SRB. The Cisco 7600 is configured with IGMPV3 and running Source Specific Multicast (SSM).The multicast stream(s) restore itself within 40-60 seconds.
Workaround: There is no workaround.
•
Symptom: ToS value on multicast packets are being incorrectly overwritten.
Condition: This issue occurs in routers using Cisco IOS release 12.2(33)SCB.
Workaround: There is no workaround.
•
Symptom: Tracebacks and duplicate ifIndex messages are observed on an MPLS layer interface.
Condition: These symptoms are observed add mpls configuration to a subinterface when interface was previously configured.
Workaround: Remove the MPLS configuration on the sub interface prior to deleting it.
•
Symptoms: CMTS crashes and the following error message is seen when the no ip routing or the no router bgp xx command is run.
%IPRT-3-IPDB_DEL_ERROR: i_pdb delete error bgp, 4, 210074C8, 20E322E0, 0, 0 -Process= "IP RIB Update", ipl= 0, pid= 117, -Traceback= 0x61FD7F58 0x62005498 0x62006D24Conditions: A large number of VRFs must be configured and BGP is also configured to support these VRFs.
Workaround: There is no workaround.
•
Symptom: The last character in the Service Class Name field is dropped in Subscriber Account Management Interface Specification (SAMIS) records as well as in the SNMP MIB docsQosServiceFlowLogServiceClassName.
Condition: This occurs fro deleted service flows.
Workaround: There is no workaround.
•
Symptom: A Cisco uBR7200 series router may experience cable line card memory leaks
Workaround: There is no workaround.
•
Symptom: Source verification of IPV6 packets does not happen, although the cable ipv6 source-verify command is configured on cable interface of a Cisco uBR7200 router.
Condition: This issue occurs when Cisco IOS 12.2S release is running on a Cisco uBR7200 router.
Workaround: There is no workaround.
•
Symptom: Cable metering fails and enters a "hung" state.
Condition: This occurs when the ip tcp timestamp command is configured globally.
Workaround: Do not use the ip tcp timestamp command.
•
Symptom: A Cisco uBR7246VXR router may crash when the cable monitor command is executed and when a shut command is run on the cable interface.
Condition: This occurs when the multicast traffic is transmitted using DSG.
Workaround: Do not execute the cable monitor command.
•
Symptom: The multicast traffic rate on one of the cable interfaces is less than the configured QoS rate limit when two or more cable interfaces are bundled together in a layer 3 bundle interface, and multicast traffic is sent on the bundle interface.
Workaround: There is no workaround.
•
Symptoms: The value range of the MIB object "ccmtrCollectionInterval" is not consistent with the command. The valid range for MIB object is 15 to 1440, but for the command, the range is 2 to 1440.
Conditions: This issue occurs while setting the MIB object "ccmtrCollectionInterval" using the SNMP set operation.
Workaround: Set the interval using the command.
•
Symptoms: A crash is observed on the CMTS.
Conditions: This issue is seen in cases ETDB show commands are paused and multicast sessions removed because a CPE leave or a CM goes offline.
Workaround: Set the term length to 0 for not pausing while displaying the command.
•
Symptom: The cable primary-sflow-qos11 keep snmp-only command is not working as expected and the primary service flow packet/byte count is not retained after the cable modem is reset.
Condition: This issue is observed in DOCSIS 1.1 specific modems after reset.
Workaround: Clear the cable modem counters associated with primary service flows.
•
Symptom: A Cisco uBR7200 series router may experience spurious memory access when the hw-module slot x stop and hw-module slot x start commands are executed.
Workaround: There is no workaround.
•
Symptom: A Cisco uBR7200 series router may crash due to igmp timer timeout or igmp leaves when the show interfaces multicast-session command is executed.
Workaround: There is no workaround.
•
Symptom: Multicast sessions are not created for static-group when the Group Config parameters are changed.
Workaround: Remove the static group by running the ip igmp static-group command and reapply the command.
•
Symptom: The downstream packet source MAC address is corrupted when a cable intercept is configured on the cable interface.
Workaround: There is no workaround.
•
Symptom: A Cisco uBR7246VXR router may report fan tray failure when the environmental temperature is lesser than 0 degrees C.
Workaround: There is no workaround.
•
Symptom: A Cisco uBR7246VXR router may report multiple memory leaks when the show memory debug leak command is executed.
Workaround: There is no workaround.
•
Symptoms: The "Gate Report State" counter in the output of the show packetcable cms verbose command does not increment for PacketCable Multimedia (PCMM) policy servers.
Conditions: This issue is seen for PCMM policy servers.
Workaround: There is no workaround.
•
Symptom: CMTS will accept inconsistent "per-SF L2VPN TLV" in the cable modem configuration file.
Conditions: This is seen in the following conditions:
–
–
–
Workaround: There is no workaround.
•
Symptoms: CMTS may crash when an MPLS sub interface is deleted.
Workaround: Do not delete the sub interface.
•
Symptom: A Cisco uBR7246VXR router with NPE G2 processor has wrongly assigned a common MAC address to two ports instead of unique MAC addresses.
Workaround: There is no workaround.
•
Symptom: Configuration synchronization issue has been observed between the NPE-G1 processor and a line card.
Workaround: Execute the cable dynamic-secret exclude oui command.
•
Symptom: A Cisco uBR7200 series router may report very high and unexpected multicast traffic on a default multicast service flow.
Workaround: There is no workaround.
•
Symptom: The EPC2100 may reset due to overload of the upstream traffic.
Symptom: This issue was observed on a Cisco uBR7200 series router with the MC5x20H or MC8x8 line cards.
Workaround: Configure ingress-noise-cancellation or disable rate-adapt.
•
Symptom: A Cisco uBR7246VXR router wrongly displayed the CPE MAC address rather than the MAC address of the cable modem when the show cable modem command was run.
Workaround: There is no workaround.
•
Symptom: The NPE of a Cisco uBR7246VXR router may crash while running the multicast protocol.
Condition: The router has a Cisco uBR7200-NPE-G1 processor board and is running Cisco IOS release 12.2(33)SCB.
Workaround: There is no workaround.
•
Symptoms: The show interface multicast-session command may show wrong multicast session instances.
Workaround: There is no workaround.
•
Symptoms: CMTS does not add IP address to the relayed DHCP packets.
Workaround: There is no workaround.
•
Symptom: A Cisco uBR7200 series router may report memory leaks when the dual stack CPE devices are each running FTP GET and FTP PUT application.
Workaround: There is no workaround.
•
Symptoms: CMTS watchdog timeout crash is observed at cmts_address_filter or cmts_cm_lookup.
Workaround: Downgrade the image version to Cisco IOS Release 12.2(33)SCB2.
Resolved Caveats—Cisco IOS Releases 12.2(33)SCB4
•
Symptom: A Cisco uBR7246VXR router may crash after displaying the following watchdog timeout error message:
%SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = CMTS METERING EXPORT Process.Condition: This issue is observed when the router crashed during the process of writing a file to the flash disk.
Workaround: There is no workaround.
•
Symptoms: The no ip dhcp relay info policy removal pad config command has no effect.
Workaround:
1.
2.
3.
•
Symptoms: The startup configuration information for a standby PRE is not displayed.
Workaround: There is no workaround.
•
Cisco devices running affected versions of Cisco IOS Software are vulnerable to a denial of service (DoS) attack if configured for IP tunnels and Cisco Express Forwarding.
Cisco has released free software updates that address this vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090923-tunnels.shtml.
•
Cisco IOS devices that are configured for Internet Key Exchange (IKE) protocol and certificate based authentication are vulnerable to a resource exhaustion attack. Successful exploitation of this vulnerability may result in the allocation of all available Phase 1 security associations (SA) and prevent the establishment of new IPsec sessions.
Cisco has released free software updates that address this vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090923-ipsec.shtml
•
Cisco IOS Software configured with Authentication Proxy for HTTP(S), Web Authentication or the consent feature, contains a vulnerability that may allow an unauthenticated session to bypass the authentication proxy server or bypass the consent webpage.
There are no workarounds that mitigate this vulnerability.
This advisory is posted at the following link:
http://www.cisco.com/warp/public/707/cisco-sa-20090923-auth-proxy.shtml
•
Symptom: The ifInOctets reported erroneous CPU usage.
Condition: The issue was observed on the Cisco uBR7200 series router.
Workaround: There is no workaround.
•
Symptom: A Cisco uBR7246VXR router may hang after it is reset with large downstream traffic passing through the Gigabit Ethernet line card.
Condition: The issues was observed on a uBR7200 series that had large traffic passing through the Gigabit Ethernet line card.
Workaround: Directly load the image by rommon.
•
Symptom: A few cable modems may be stuck at reject(pk) or w-reject(pk) permanently during OIR or hw-module reset.
Workaround: Power cycle the cable modem so that the state changes to online(pt) or w-online(pt) state.
•
Symptom: A Cisco uBR7200 series router may crash indicating the following error.
*Apr 22 22:40:50.363: %SYS-2-CHUNKBADREFCOUNT: Bad chunk reference count, chunk 92B3A70 data 92BB3C4 refcount FFFFFFFF alloc pc 69AFF4. -Process= "CMTS SID mgmt task", ipl= 3, pid= 74-Traceback= B5CB14 B5D334 CAB9F0 CABE1C 69BC50 73A850 762C38 641FF4 641C4C 641E80 646CE0 917318chunk_diagnose, code = 3chunk name is CMTSPCTYPECondition: The cable helper-address command is configured to be the same as the bundle IP address.
Workaround: There is no workaround.
•
Symptom: The test cable dcc frequency command moves one modem to target frequency does not work when the upstream channel ID of the modem does not belong to the target downstream channel.
Conditions: This issue only affect test cable dcc frequency command.
Workaround: Use test cable dcc frequency command to move the modem where the upstream channel ID belongs to the target downstream channel.
•
Symptom: The cdxIfUpChannelAvgUtil reports incorrect numbers when rate adapt is enabled on router
Conditions: This is seen when using SNMP to poll cdxIfUpChannelAvgUtil with rate adapt enabled.
Workaround:
1) Use CLI to obtain numbers
2) Disable rate-adapt
•
Symptom: A Cisco uBR7246VXR router may experience a silent reload.
Workaround: There is no workaround.
•
Symptom: Static routes that are configured may be lost after reloading the Cisco uBR7225VXR router.
Workaround: Re-configure the ip route command after reloading the router.
•
Symptoms: The PacketCable Multimedia (PCMM) calls fail as the Gate Set Ack/Err is not received.
Conditions: This issue is seen in PCMM calls with a small value used for timer T1 (such as 1 second).
Workaround: Use larger values for the PCMM timer T1 (at least 5 seconds).
•
Symptom: A Cisco uBR7225VXR router may fail to boot up at PCI Error Interrupt.
Workaround: Boot up the system using the Cisco IOS image directly.
•
Symptom: The cable primary-sflow-qos11 keep snmp-only command is not working as expected and the primary service flow packet/byte count is not retained after the cable modem is reset.
Condition: This issue is observed in DOCSIS 1.1 specific modems after reset.
Workaround: Clear the cable modem counters associated with primary service flows.
•
Symptom: A Cisco MC28U line card crashes with Data Bus Error exception.
Workaround: There is no workaround.
•
Symptoms: Dropped or delayed DOCSIS MAC management packets resulted in problems such as call failures.
Conditions: Combination of Multicast QoS configuration with BPI+ encryption coupled with the blocking of IGMP for those same multicast groups.
Workaround: Do not configure multicast QoS with BPI+ for groups where IGMP is blocked.
•
Symptom: After the CMTS reload, samis-cable metering source-interface configuration is removed from the running configuration.
Condition: This issue is observed on a Cisco uBR7200 series router running Cisco IOS Release 12.2(33)SCB.
Workaround: Re-configure the cable metering source-interface.
•
Symptoms: The ip dhcp relay info policy removal pad command is not ISSU compliant.
Workaround: ISSU cannot be conducted and the CMTS must be reloaded.
Workaround: There is no workaround.
•
Symptoms: CMTS crashes when removing the flash card.
Workaround: There is no workaround.
•
Symptom: The cable modem information is not displayed when executing the show cable modem command after using the DCC command.
Workaround: There is no workaround.
Open Caveats—Cisco IOS Release12.2(33)SCB3
•
Basic Description: CMTS crashes while operating the on a bad PCMCIA flash card.
Conditions: This issue is seen when using a bad PCMCIA flash card with a PCI issue and accessing the flash card using SNMP or dir.
Workaround: Avoid using a bad PCMCIA flash card.
•
Symptom: The Cisco uBR7246vxr-MC28U card resets with no crash file being generated in bootflash.
Conditions: The problem may happen on some Cisco uBR7246vxr with multiple Cisco MC28U cards.
Workaround: There is no workaround.
•
Symptom: Upon Online Insertion and Removal (OIR) or executing a hw-module reset command, some of the cable modems get stuck at reject (pk) state or w-reject (pk) state permanently.
Conditions: This issue in seen when BPI is enabled.
Workaround: Power cycle the cable modem to bring it to online(pt) or w-online (pt) state.
•
Symptom: The value range of MIB object "ccmtrCollectionInterval" is not consistent with the command range. The valid range is 15-1440 for MIB object, and for the range is 2-1440.:
Conditions: This is seen while setting "ccmtrCollectionInterval" using SNMP set operation.
Workaround: Set the interval using the command.
•
Symptom: A "ifInOcters item" after a normal roll-over closely follows a abnormal roll-over.
2009-03-24 15:15:39 - 40767587892009-03-24 15:20:39 - 524459145 <========== a normal roll-over2009-03-24 15:25:46 - 7266582472009-03-24 15:31:08 - 9391247842009-03-24 15:35:39 - 583325062 <===========an abnormal roll-over2009-03-24 15:41:11 - 801102043Condition: This is seen when there is a roll-over between the first and second polls on this list. This is a normal roll-over for a 32-bit counter. However, there is another roll-over between the fourth and fifth polls.
Workaround: There is no workaround.
•
Symptom: Modem cannot come online on the upstream. This issue was first detected in Cisco IOS Release 12.3(21a)BC6. The modem reaches the init(r1) or init(r2) but, fails to proceed further.
Condition: The issue appeared at customer site in Cisco IOS release 12.3(21a)BC6. It is a a very rare condition.
Workaround: Use shut/no shutdown command.
•
Symptom: The uBR7200 router crashes during IPC processing
Conditions: This is seen when One or more debug commands are enabled that can cause a large number of messages to be printed.
Workaround: Disable the debug commands
•
Symptoms: A memory leak is observed.
Conditions: This issue is seen in the following conditions:
–
–
–
–
Workaround: There is no workaround.
•
Symptom: Source verification of IPV6 packets does not happen, although the cable ipv6 source-verify command is configured on cable interface of a Cisco uBR7200 router.
Condition: This issue occurs when Cisco IOS 12.2S release is running on a Cisco uBR7200 router.
Workaround: There is no workaround.
•
Symptom: The downstream packet source MAC address is corrupted. The expected source address should be the MAC address of bundle interface.
Conditions: This is seen in when any cable intercept is configured on the cable interface.
Workaround: There is no workaround.
•
Symptom: String command fail to run in the Cisco IOS Tcl shell.
Conditions: This issue occurs while running string commands in Cisco IOS Tcl shell.
Workaround: There is no workaround.
•
Symptom: A spurious memory access is observed after issuing hw-module slot x stop and hw-module slot x start commands.
Condition: This issue is seen after issuing hw-module slot x stop and hw-module slot x start commands.
•
Symptoms: The primary service flow packet/byte count is not retained once after the cable modem reset.
Conditions: This is seen in DOCSIS 1.1 provisioned modems.
Workaround: Change the cable modem to not have DOCSIS 1.0 and ensure that the service flow flag for DOCSIS 1.1 (cmts_qos11_primary_sf_keep) is not set. Clear the cable modem counters associated with primary service flows.
•
Symptom: ToS value on multicast packets are being incorrectly overwritten.
Condition: This issue occurs in routers using Cisco IOS release 12.2(33)SCB.
Workaround: There is no workaround.
•
Symptom: The Cisco uBR7200 router reboots by itself
Conditions: This is was first seen in Cisco uBR7246VXR (Cisco uBR7200-NPE-G1) running Cisco IOS Release123-21a.BC4.
Workaround: There is no workaround.
•
Symptom: Multiple memory leaks are observed on issuing show memory debug leak on the Cisco uBR7246VXR line card.
Condition: This is seen on issuing show memory debug leak on the Cisco uBR7246VXR line card.
Workaround: There is no workaround.
•
Symptom: A crash is observed on the CMTS.
Conditions: This issue is seen in cases ETDB show commands are paused and multicast sessions removed because a CPE leaves or CM goes offline.
Workaround: Set the term length to 0 for no pausing while displaying the command.
•
Symptom: CMTS will accept inconsistent "per-SF L2VPN TLV" in the cable modem configuration file.
Conditions: This is seen in the following conditions:
–
–
–
Workaround: There is no workaround.
•
Symptom: When modifying the group configuration for multicast QoS, the static-group session is not being re-evaluated, if a new multicast session is required to be populated.
Condition: This issue is seen while modifying the group configuration.
Workaround: Unconfigure the ip igmp static-group command and re-apply.
•
Symptom: When 2 or more cable interfaces are bundle together in Layer3 bundle interface, and multicast traffic is sent on the bundle interface with multicast QoS configured, then the multicast traffic rate on one of the cable interface is less than configured QoS rate limit.
Condition: This is seen when multicast QoS is configured and 2 or more cable interfaces are bundled together.
Workaround: There is no workaround.
•
Symptom: While displaying the multicast session entries using show interface multicast-session command, one or more sessions may be torn down due to igmp timer timeout or igmp leaves. This may lead to crash as show interfaces multicast-session command may be displaying the corresponding session's details.
Condition: This issue is seen while displaying the multicast session entries.
Workaround: There is no workaround.
•
Symptom: The "Gate Report State" counter in the output of the show packetcable cms verbose does not increment for Packetcable Multimedia (PCMM) policy servers.
Conditions: This issue is seen for PCMM policy servers.
Workaround: There is no workaround.
•
Symptom: The Packetcable Multimedia (PCMM) calls fails as Gate Set Ack/Err is not received.
Conditions: This issue is seen in PCMM calls with small value used for timer T1 (such as 1 second).
Workaround: Use larger values for the PCMM timer T1 (at least 5 seconds).
•
Symptom: If there is large traffic passes through the Gigabit Ethernet interface, it may take a very long time to load the image by kboot.
Conditions: This is seen when large traffic passes through the Gigabit Ethernet interface (>200kbps).
Workaround: Directly load the image using Rommon.
•
Symptom: Static routes configured may be lost after reloading the Cisco uBR7225VXR router, even
the "ip route.." information is present in the running configuration.
Conditions: The issue happens on a Cisco uBR7225 router, but does not happen on Cisco uBR7246 router.
Workaround: Re-configure the "ip route.." after reloading.
•
Symptom: Multicast stream drop, after changing the "ip igmp query-interval". The following show the output before and after the change:
Before the change:
Router#show ip mroute<<..skipped..>>(, ), 01:09:04/00:02:52, flags: sTIIncoming interface: TenGigabitEthernet1/1, RPF nbr 10.x.x.x, RPF-MFDOutgoing interface list:Vlan50, Forward/Sparse, 00:48:45/00:02:52, H <<====After the change:
Router#show ip mroute<<..skipped..>>(, ), 01:28:19/00:02:36, flags: sPTIncoming interface: TenGigabitEthernet1/1, RPF nbr 10.x.x.x, RPF-MFDOutgoing interface list: Null <<====Conditions: The issue is was first seen in a Cisco 7600 chassis with Supervisor 720 engine running 12.2(33)SRB release.
Workaround: There is no workaround.
•
Symptom: A Cisco uBR7246VXR router may reload with the last reset from watchdog reset.
Condition: The router has a Cisco uBR7200-NPE-G1 processor board and is running Cisco IOS release 12.3(9a)BC.
Workaround: There is no workaround.
•
Symptom: Cable metering fails and enters a "hung" state.
Condition: The issue happens when the "ip tcp timestamp" option is configured globally. Workaround: Do not use the "ip tcp timestamp" option.
•
Symptom: The CMTS causes high CPU utilization on IPDR/SAMIS collector by sending multiple records for a flow with the same creation tim.e
Conditions: The service flow export and service flow deletion occur at the same time
Workaround: There is no workaround.
•
Symptoms: For deleted service flows associated with PCMM calls the last character in the Service Class Name field is dropped in SAMIS records as well as in the SNMP MIB object "docsQosServiceFlowLogServiceClassName".
Conditions: This issue is seen when the dynamic service flows associated with PCMM calls are deleted. The last character is missing from the service class name in the MIB object "docsQosServiceFlowLogServiceClassName" and SAMIS records.
•
Symptom: When multicast traffic is run using DSG and if the cable monitor command is configured, there is huge memory leak by "Pool Manager" process. When a shut is done on the cable interface, it crashes the Cisco uBR7246VXR crashes.
Condition: This is seen when cable monitor command is configured.
Workaround: Do not configure cable monitor command.
Resolved Caveats—Cisco IOS Release 12.2(33)SCB3
•
Symptom: The Cisco uBR7200 router freeze when enabling the cable monitor command.
Conditions: This is seen when cable monitor is configured for an unknown MAC address.
Workaround: Use cable intercept command.
•
Symptom: Cable metering collection enters the "write-error" state and does not recover.
Condition: This issue occurs when cable metering is configured with default TCP parameters.
Workaround: Enabling the ip tcp path-mtu-discovery command may help prevent occurrences of the issue; Running the test cable metering abort command clears the "hung" state and allows the next iteration of cable metering to occur.
•
Symptom: The CMTS fails to send Subscriber Account Management Interface Specification (SAMIS) data to the IPDR collector, though the TCP connection is still there.The show ipdr session command reports there is unacknowledged data, and show process event of IPDR process reports the process is in "sleep".
Condition: IPDR and cable metering is enabled.
Workaround: Disable IPDR and re-enable.
•
Symptom: When using a wideband-SIP, the total count for the SPA in slot 1/1/0 is a sum of both SPAs, rather than the sum of itself. This can be using the show hw-module bay all counters rf-channel command.
Conditions: This issue is seen in wideband-SIP when more than one SPAs are inserted in one SIP.
Workaround: There is no workaround.
•
Symptom: Enhanced Interior Gateway Routing Protocol (EIGRP) reports bad checksum.
Conditions: This is seen when EIGRP adjacency is configured over a Generic Routing Encapsulation (GRE) tunnel.
Workaround: Disable PXF on the Cisco uBR10012 router.
•
Symptoms: Tracebacks are seen with the following error after reloading the CMTS, during the initialization of downstream parameters:
*Mar 5 18:56:18.583 PST: %CR10K_CLNT-3-CR10K_CLNT_ASSERT_FAILED:Assert failed at line 185 from func cr10k_docsis_get_ses_info in file../src-cmts/cr10k/client-docsis/cr10k_docsis.c for client 0Conditions: The value of "code mc_idx" can range from 0 to 119. A value of 120 was observed on a Cisco uBR7200 router, and the unblocked IPC insertion from the RP to line card fails by producing the traces.
Workaround: The reg_add function is used to send RP to line card IPC.
•
Symptom: The calculated channel utilization percents can become inaccurate. The short term utilization seen via the output of the command show interface cable X/Y/Z mac-scheduler, shows "Avg upstream channel utilization" value much larger than the actual channel usage. The longer term utilization used by the load-balancing module may also be much larger than the actual channel usage.
Conditions: This issue is seen when "rate-adapt" is configured for a particular upstream channel, under certain configured conditions. The MAC scheduler for that upstream allocates additional data grants to one or more cable modems in a given MAP message. When the data grants go unused by the cable modem(s), the utilization calculations made by the scheduler become skewed.
Workaround: There is no workaround.
•
Symptom: Multiple memory leaks is observed while issuing show memory debug leak command on the line card.
Condition: The condition is unknown.
Workaround: There is no workaround.
•
Symptom: Cisco uBR7246VXR router incorrectly reports "docsIfDocsisBaseCapability" of "4",that is the DOCSIS 3.0 support.
Condition: This issue occurs in Cisco uBR7246VXR routers running the Cisco IOS release12.2(33)SCB.
Workaround: There is no workaround.
CSCsx70840
Symptom: The modems end up in reject (m) state and the log contains the following error on a Cisco uBR7200 series, after reloading it with Cisco IOS Release12.2(33)SCB,
*Dec 26 17:42:09.948: %UBR7200-4-REG_REJ_AUTH_FAIL_CMTS_MIC_INVALID: <133>CMTS[DOCSIS]:<73000500>Registration rejected authentication failure: CMTS MIC invalid. CM Mac Addr <0019.5e38.96ca>Condition: This issue is seen when the cable shared-secret command is configured on the interface
Workaround: One of the following three workarounds may be used:
1.
2.
3.
•
Symptom: Power supply is not displayed in the output of show inventory command on Cisco uBR7246 VXR platform.
Condition: This issue occurs on Cisco uBR7246VXR routers.
Workaround: Use the show environment command to see the power supply.
•
Symptom: Erroneous routing prefixes may be added to the routing table.
Conditions: This is seen when the DHCPv6 relay feature is enabled and a router receives a normal DHCPv6 relay reply packet, and this may lead to an erroneous route being added to the routing table.
Workaround: There is no workaround.
•
Symptom: IGMPv3 join is ignored by CMTS.
Conditions: This issue is seen when IGMPv3 is configured on the bundle interface. SSM-mapping is configured on the CMTS. The ignored IGMPv3 join is *,G join with group address in the SSM range.
Workaround: Use S,G IGMPv3 join OR use *,G IGMPv2 join.
•
Symptom: After configuring a multicast group configuration (GC) and then assigning the GC to the cable interface, a hw-module slot x stop command triggers a crash on the CMTS.
Condition: The issue is seen when hw-module slot x stop command is executed.
•
Symptom: The Gigabit ethernet output for a 24 downstream wideband and narrowband SPA can get
isolated from the port after repeated Online Insertion and Removal (OIR) of the SPA within
a short duration of time.
Conditions: This issue is seen with repeated OIR of the SPA within a short duration of time and
with repeated line protocol off/on within a short duration of time
Workaround: Reload the SPA using hw-module bay reload command.
•
Symptom: When setting a CA certificate to 'untrusted', any CM that uses an issuer of the same name is rejected, including the legitimate modems.
Conditions: The issue is found because of a newly created software "Haxorware" which generates these CA certificates that conflict with the existing CA certificates.
Workaround: The recommended method is always to not allow self-signed certificates on the CMTS and explicitly set specific self-signed certificates to trusted. This is the 'opt-in' model, rather than the 'opt-out' model.
•
Symptom: SNMP v3 walk with authentication does not complete against a virtual switch system (VSS).
Conditions: This issue occurs on snmp v3 walk with authentication on a VSS.
•
Symptom: On Cisco uBR10012 platform, during PRE module runversion of the ISSU upgrade process, the IPC connection between RP and cable line cards may take additional second to come up.
Conditions: This issue happens during PRE module runversion.
Workaround: There is no workaround.
•
Symptom: The downstream load is not balanced when downstream load balancing group (DS LB) is configured with us-across-ds policy.
Conditions: This is seen when us-across-ds policy is configured on DS LB group.
Workaround: Do not configure us-across-ds policy on DS LB group.
•
Symptom: When a wideband interface with w-online modems on it and a primary channel is shut down, an error is seen in the modems counter in load-balancing when these modems go offline. This issue has an affect on the load balancing.
Conditions: The issue is when a wideband interface with w-online modems and a primary channel is shut down.
Workaround: Configure the modem's primary channel is not part of channels in wideband interface.
•
Symptom: A crash occurs due to a bus error after displaying the following error messages:
%DATACORRUPTION-1-DATAINCONSISTENCY: copy error,%ALIGN-1-FATAL: Illegal access to a low address < isdn function decoded>Conditions: This crash happened on a Cisco 3825 running Cisco IOS Release12.4(22)T with ISDN connections going on. At the moment of the crash, the customer was monitoring the router using an SNMP Get program. After some minutes the router reloaded by itself.
Workaround: There is no workaround.
•
Symptom: SP syslog messages are logged on the RP console but are not sent as SNMP trap messages by route processor's (RP)s SNMP agent.
Condition: This issue occurs in routers running Cisco IOS release 12.2(18)SXF.
Workaround: There is no workaround.
•
Symptom: The ip tcp adjust-mss command results in packet loss for non-TCP traffic
Condition: This issue is seen when using the command ip tcp adjust-mss.
Workaround: Disable ip tcp adjust-mss on all interfaces in the device. This may however cause higher CPU due to fragmentation and reassembly in certain tunnel environments where the command is intended to be used.
•
Symptom: When a router (with a large-scaled config) is provisioned to perform a PRE module failover and a PXF crash occurs (for example, switchover pxf restart 1 0), this could result in missed IPC keepalives and a large crash information file is being written causing unexpected behavior, including line card reloads.
Conditions: This issue is seen in a router has a large configuration and has been configured with redundancy, mode switchover, main-cpu and switchover pxf restart 1 0.
•
Symptom: The cable metering options "flow-aggregate" and "cpe-list-suppress" get lost from the
cable metering configuration if cable metering data-per-session x timer y is present.
Condition: This is seen in cable metering command.
Workaround: Re-configure the metering options "flow-aggregate" and "cpe-list-suppress" in the command.
•
Symptom: The DHCPv6 relay process crashes on the active RP.
Conditions: The condition is unknown.
Workaround: There is no workaround.
Open Caveats—Cisco IOS Release 12.2(33)SCB2
•
Symptom: A Cisco uBR7246VXR router may reload with the last reset from watchdog reset.
Condition: The router has a Cisco uBR7200-NPE-G1 processor board and is running Cisco IOS release 12.3(9a)BC.
Workaround: There is no workaround.
•
Symptom: The Cisco uBR7246VXR-MC28U line card resets with no crash file being generated in bootflash.
Condition: The problem may occur on some Cisco uBR7246VXR router with multiple MC28U cards.
Workaround: There is no workaround.
•
Symptom: A drop in multicast streams is seen after changing the IGMP query interval, using the ip igmp query-interval command.
Condition: This issue occurs in Cisco 7600 chassis with Sup720 engine running Cisco IOS release 12.2(33)SRB. The Cisco 7600 is configured with IGMPV3 and running Source Specific Multicast (SSM).The multicast stream(s) restore itself within 40-60 seconds.
Workaround: There is no workaround.
•
Symptom: ToS value on multicast packets are being incorrectly overwritten.
Condition: This issue occurs in routers using Cisco IOS release 12.2(33)SCB.
Workaround: There is no workaround.
•
Symptom: Power supply is not displayed in the output of show inventory command on Cisco uBR7246 VXR platform.
Condition: This issue occurs on Cisco uBR7246VXR routers.
Workaround: Use the show environment command to see the power supply.
•
Symptom:Modem cannot come online on the upstream. This issue was first detected in Cisco IOS Release 12.3(21a)BC6. The modem reaches the init(r1) or init(r2) but, fails to proceed further.
Condition: The issue appeared at customer site in Cisco IOS release 12.3(21a)BC6. It is a a very rare condition.
•
Symptom: The last character in the Service Class Name field is dropped in Subscriber Account Management Interface Specification (SAMIS) records as well as in the SNMP MIB docsQosServiceFlowLogServiceClassName.
Condition: This occurs for deleted service flows.
Workaround: There is no workaround.
•
Symptom: Source verification of IPV6 packets does not happen, although the cable ipv6 source-verify command is configured on cable interface of a Cisco uBR7200 router.
Condition: This issue occurs when Cisco IOS 12.2S release is running on a Cisco uBR7200 router.
Workaround: There is no workaround.
•
Symptom: Cable metering fails and enters a "hung" state.
Condition: This occurs when the ip tcp timestamp command is configured globally.
Workaround: Do not use the ip tcp timestamp command.
•
Symptom: SP syslog messages are logged on the RP console but are not sent as SNMP trap messages by route processor's (RP)s SNMP agent.
Condition: This issue occurs in routers running Cisco IOS release 12.2(18)SXF.
Workaround: There is no workaround.
•
Symptom: Cable metering collection enters the "write-error" state and does not recover.
Condition: This issue occurs when cable metering is configured with default TCP parameters.
Workaround: Enabling the ip tcp path-mtu-discovery command may help prevent occurrences of the issue; Running the test cable metering abort command clears the "hung" state and allows the next iteration of cable metering to occur.
•
Symptom: SNMP GetNext requests for docsQosServiceFlowPrimary (also known as 1.3.6.1.2.1.10.127.7.1.3.1.8 or docsQosServiceFlowEntry.8) are rejected. And, if a certain docsQosServiceFlowPrimary entry is polled with SNMP Get directly (after some additional calculations are performed to determine the index value), the value is returned as expected.
Condition: This issue occurs in Cisco uBR7114E routers running Cisco IOS release 12.3(21a)BC3.
Workaround: Poll the individual values following the steps of the procedure suggested in SR 610144513.
•
Symptom: Cisco uBR7246VXR router incorrectly reports docsIfDocsisBaseCapability of "4",that is the DOCSIS 3.0 support.
Condition: This issue occurs in Cisco uBR7246VXR routers running the Cisco IOS release12.2(33)SCB.
Workaround: There is no workaround.
•
Symptom: DOCSIS 2.0-compliant cable modems are stuck in reject (na) state on a CMTS running Cisco IOS release 12.2(33)SCB.
Condition: This issue is seen in modems that register using service class names instead of service flow definitions.
Workaround: Do not use service class names during modem configuration or else check if the modem firmware ignores the unknown service flow Type Length Values (TLV)s, instead of being rejected.
Workaround: Use shut/no shutdown command.
Resolved Caveats—Cisco IOS Release12.2(33)SCB2
•
Symptom: Multilayer Switch Feature Card (MSFC) crashes with RedZone memory corruption.
Conditions: This problem is seen when processing an auto-RP packet and Network Address Translation (NAT) is enabled.
Workaround: There is no workaround.
•
Symptom: A router may write a crashinfo that lacks the normal command logs, crash traceback, crash context, or memory dumps.
Conditions: This might be seen in a memory corruption crash depending on precisely how the memory was corrupted.
Workaround: There is no workaround.
Open Caveats—Cisco IOS Release 12.2(33)SCB1
•
Symptom: A Cisco uBR7246VXR router may reload with the last reset from watchdog reset.
Condition: The router has a Cisco uBR7200-NPE-G1 processor board and is running Cisco IOS release 12.3(9a)BC.
Workaround: There is no workaround.
•
Symptom: The Cisco uBR7246VXR-MC28U line card resets with no crash file being generated in bootflash.
Condition: The problem may occur on some Cisco uBR7246VXR router with multiple MC28U cards.
Workaround: There is no workaround.
•
Symptom: A drop in multicast streams is seen after changing the IGMP query interval, using the ip igmp query-interval command.
Condition: This issue occurs in Cisco 7600 chassis with Sup720 engine running Cisco IOS release 12.2(33)SRB. The Cisco 7600 is configured with IGMPV3 and running Source Specific Multicast (SSM).The multicast stream(s) restore itself within 40-60 seconds.
Workaround: There is no workaround.
•
Symptom: ToS value on multicast packets are being incorrectly overwritten.
Condition: This issue occurs in routers using Cisco IOS release 12.2(33)SCB.
Workaround: There is no workaround.
•
Symptom: Power supply is not displayed in the output of show inventory command on Cisco uBR7246 VXR platform.
Condition: This issue occurs on Cisco uBR7246VXR routers.
Workaround: Use the show environment command to see the power supply.
•
Symptom: Modem cannot come online on the upstream. This issue was first detected in Cisco IOS Release 12.3(21a)BC6. The modem reaches the init(r1) or init(r2) but, fails to proceed further.
Condition: The issue appeared at customer site in Cisco IOS release 12.3(21a)BC6. It is a a very rare condition.
Workaround: Use shut/no shutdown command.
•
Symptom: The last character in the Service Class Name field is dropped in Subscriber Account Management Interface Specification (SAMIS) records as well as in the SNMP MIB docsQosServiceFlowLogServiceClassName.
Condition: This occurs fro deleted service flows.
Workaround: There is no workaround.
•
Symptom: SP syslog messages are logged on the RP console but are not sent as SNMP trap messages by route processor's (RP) SNMP agent.
Condition: This issue occurs in routers running Cisco IOS release 12.2(18)SXF.
Workaround: There is no workaround.
•
Symptom: Source verification of IPV6 packets does not happen, although the cable ipv6 source-verify command is configured on cable interface of a Cisco uBR7200 router.
Condition: This issue occurs when Cisco IOS 12.2S release is running on a Cisco uBR7200 router.
Workaround: There is no workaround.
•
Symptom: Cable metering fails and enters a "hung" state.
Condition: This occurs when the ip tcp timestamp command is configured globally.
Workaround: Do not use the ip tcp timestamp command.
•
Symptom: Cable metering collection enters the "write-error" state and does not recover.
Condition: This issue occurs when cable metering is configured with default TCP parameters.
Workaround: Enabling the ip tcp path-mtu-discovery command may help prevent occurrences of the issue; Running the test cable metering abort command clears the "hung" state and allows the next iteration of cable metering to occur.
•
Symptom: SNMP GetNext requests for docsQosServiceFlowPrimary (also known as 1.3.6.1.2.1.10.127.7.1.3.1.8 or docsQosServiceFlowEntry.8) are rejected. And, if a certain docsQosServiceFlowPrimary entry is polled with SNMP Get directly (after some additional calculations are performed to determine the index value), the value is returned as expected.
Condition: This issue occurs in Cisco uBR7114E routers running Cisco IOS release 12.3(21a)BC3.
Workaround: Poll the individual values following the steps of the procedure suggested in SR 610144513.
•
Symptom: Cisco uBR7246VXR router incorrectly reports docsIfDocsisBaseCapability of "4",that is the DOCSIS 3.0 support.
Condition: This issue occurs in Cisco uBR7246VXR routers running the Cisco IOS release12.2(33)SCB.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.2(33)SCB1
•
Multiple Cisco products are affected by denial of service (DoS) vulnerabilities that manipulate the state of Transmission Control Protocol (TCP) connections. By manipulating the state of a TCP connection, an attacker could force the TCP connection to remain in a long-lived state, possibly indefinitely. If enough TCP connections are forced into a long-lived or indefinite state, resources on a system under attack may be consumed, preventing new TCP connections from being accepted. In some cases, a system reboot may be necessary to recover normal system operation. To exploit these vulnerabilities, an attacker must be able to complete a TCP three-way handshake with a vulnerable system.
In addition to these vulnerabilities, Cisco Nexus 5000 devices contain a TCP DoS vulnerability that may result in a system crash. This additional vulnerability was found as a result of testing the TCP state manipulation vulnerabilities.
Cisco has released free software updates for download from the Cisco website that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml.
•
The server side of the Secure Copy (SCP) implementation in Cisco IOS software contains a vulnerability that could allow authenticated users with an attached command-line interface (CLI) view to transfer files to and from a Cisco IOS device that is configured to be an SCP server, regardless of what users are authorized to do, per the CLI view configuration. This vulnerability could allow valid users to retrieve or write to any file on the device's file system, including the device's saved configuration and Cisco IOS image files, even if the CLI view attached to the user does not allow it. This configuration file may include passwords or other sensitive information.
The Cisco IOS SCP server is an optional service that is disabled by default. CLI views are a fundamental component of the Cisco IOS Role-Based CLI Access feature, which is also disabled by default. Devices that are not specifically configured to enable the Cisco IOS SCP server, or that are configured to use it but do not use role-based CLI access, are not affected by this vulnerability.
This vulnerability does not apply to the Cisco IOS SCP client feature.
Cisco has released free software updates that address this vulnerability.
Workaround: There are no workarounds available for this vulnerability apart from disabling either the SCP server or the CLI view feature if these services are not required by administrators.
This advisory is posted at the following link:
http://www.cisco.com/warp/public/707/cisco-sa-20090325-scp.shtml.
•
Cisco IOS software contains a vulnerability in multiple features that could allow an attacker to cause a denial of service (DoS) condition on the affected device. A sequence of specially crafted TCP packets can cause the vulnerable device to reload.
Cisco has released free software updates that address this vulnerability.
Several mitigation strategies are outlined in the workarounds section of this advisory.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090325-tcp.shtml
•
Symptom: Ping request to a /31 loopback interface in VRF fails.
Condition: This issue occurs when the loopback has a /31 address configured in a VRF.
Workaround: There is no workaround.
•
Symptom: A memory leak is observed on the router for ARP packets.
Condition: This issue occurs on routers with CEF switching.
Workaround: There is no workaround.
•
Symptom: Three separate Cisco IOS Hypertext Transfer Protocol (HTTP) cross-site scripting (XSS) vulnerabilities and a cross-site request forgery (CSRF) vulnerability have been reported to Cisco by three independent researchers.
Condition: The Cisco Security Response is posted at the following link: http://www.cisco.com/warp/public/707/cisco-sr-20090114-http.shtml
See "Additional Information" section in the posted response for further details.
Workaround: See "Workaround" section in the posted response for further details.
•
Symptom: The Cisco uBR7200 router might hang when an unknown MAC address is used while running the cable monitor command.
Conditions: This occurs when an unknown MAC address (not present in the CMTS database) is used while executing the cable monitor command.
Workaround: Use a known MAC address.
•
Symptom: When the routers are booted sequentially, by bringing up the standby router after the active router is booted up, the routers fall into route processor redundancy (RPR) mode instead of stateful switchover (SSO) mode.
Conditions: This issue occurs in network analysis module (NAM) running Cisco IOS SRC2 image.
Workaround: There is no workaround.
•
Symptom: Address resolution fails for downstream packet when running cable source-verify dhcp command.
Condition: This issue occurs when a Cisco uBR Series router configured to verify a CPE device's IP address to MAC address resolution, through the use of DHCP LEASEQUERY messages instead of using ARP.
Workaround: Temporarily allow downstream ARP resolution using cable bundle interface commands cable arp and cable proxy-arp.
•
Symptom: User authentication is possible through a local server, although Terminal Access Controller Access Control System (TACACS) is configured.
Conditions: This issue occurs for the exec users under vty configuration.
Workaround: There is no workaround.
•
Symptom: Service type ID-based cable modem redirection may not work.
Condition: This issue occurs in routers running Cisco IOS release 12.2(33)SCB1.
Workaround: There is no workaround.
•
Symptom: DOCSIS 2.0-compliant cable modems are stuck in reject(na) state on a CMTS running Cisco IOS release 12.2(33)SCB.
Condition: This issue is seen in modems that register using service class names instead of service flow definitions.
Workaround: Do not use service class names during modem configuration or else check if the modem firmware ignores the unknown service flow Type Length Values (TLV)s, instead of being rejected.
•
Symptom: The output of show tech-support command contains snmp community string passwords.
Conditions: This issue occurs in the output of the show tech-support command.
Workaround: These passwords must be removed. Replace the show tech-support snmp community string show cable modem remote-query 30 mypassword and with show cable modem remote-query 30.
•
Symptom: The MAC destination address based classifier acts like a default catch-all classifier on the Cisco uBR 7200 router. This issue occurs when this classifier is checked (after the ones with higher rule priority), thus causing it to match all the packets.
Condition: This problem exists since Cisco IOS Release 12.3(23)BC6 release on uBR7225 router and uBR7100 platforms.
Workaround: There is no workaround except avoiding using the MAC classifier on Cisco uBR7200 router.
If a MAC destination address based classifier is configured, the classifiers with lower rule priority and the default classifier will not see any matches.
•
Symptom: A silent reload occurred on the Cisco uBR-MC28X line card and no crash information was written on the boot flash.
Condition: This issue occurred on the Cisco uBR-MC28X line card.
Workaround: Remove the load balancing configuration on the affected line card.
Open Caveats —Cisco IOS Release 12.2(33)SCB
•
Symptom: Modem cannot come online on upstream, problem first appear in 12.3(21a)BC6 The modem reach init(r1) maybe init(r2) but fail further Most of the poll are failing on that upstream.
Conditions: The issue appeared at customer site since 12.3(21a)BC6 it seems to be a very rare condition.
Workaround: Shut/no shut fix the issue.
•
Symptom: When using the cable monitor command and inserting as an argument an unknown MAC address (not in CMTS database) the ubr7200 might hang.
Conditions: Using the cable monitor command with a mac address not known in the CMTS database.
Workaround: Use the correct mac address.
•
Symptoms: A Cisco uBR7246VXR may reload with Last reset from watchdog reset.
Condition: The router has a UBR7200-NPE-G1 processor board and is running IOS version 12.3(9a)BC.
Workaround: None.
•
Symptom: The Cisco uBR7246vxr-MC28U Card resets with no crash file being generated in bootflash.
Conditions: The problem may happen on some Cisco uBR7246vxr with multiple MC28U cards.
Workaround: There is no workaround.
Open Caveats —Cisco IOS Release 12.2(33)SCA2
•
Symptoms: SNMP-trap for modems on penalty are not being sent out when modems enter the penalty state and when modems are getting off the penalty state.
Workarounds: There is no workaround.
•
Symptom: Traceback observed after a uBR10000 PRE switchover %COMMON_FIB-4-FIBNULLHWIDB: Missing hwidb for fibhwidb Tunnel1 (ifindex 144)
Conditions: Multicast VPNs are configured.
Workaround: None
Resolved Caveats — Cisco IOS Release 12.2(33)SCA2
•
Symptom: The DHCP relay information option (option 82) is not being removed from relayed DHCP responses properly. Specifically the length of the DHCP response is not being modified properly. This can cause some CPE to reject DHCP offers. For example some brands of cable modems on a Cisco uBR7200 or uBR10000 series CMTS may get stuck in init(io) state.
Conditions: When the ip dhcp relay information option command is configured which appends the DHCP relay information option to relayed DHCP messages.
Workaround: Configure the hidden command ip dhcp relay information policy removal pad which modifies the method that is used to remove option 82.
•
Symptom: Duplicate traps are generated at the end of 'file mode SAMIS' write operations when configuring SNMP traps for Cable billing operations.
Conditions: Setup per http://www.cisco.com/en/US/docs/ios/cable/configuration/guide/cmts_use-bsd_bill.html#wp1027195
Workaround: None
•
Symptom: SNMP request using the show cable modem remote-query command still shows 'YES' when cable modem remote-query is disabled.
Conditions: In configuration mode, disable the cable modem remote-query using the no cable modem remote-query command.
•
Symptom: The value of SNMP MIB object DOCS-IF-MIB::docsIfCmtsChannelUtilizationInterval does not persist after a reload of a Cisco uBR7200 or uBR10000 series CMTS.
Conditions: The issue becomes apparent after the CMTS is reloaded or reset.
Workaround: There is no workaround.
•
Symptom: 1. Router crashes when getnext object in cefIntTable with big ifIndex.
"getnext -v2c x.x.x.x public 1.3.6.1.4.1.9.9.492.1.5.1.1.1.34.1.xxxx /* xxxx can be any big numbers */"
2. The snmpwalk on cefIntTable will encounter infinite loop.
Conditions: Configure Lex interface on the router.
Router(config)#int lex 0Workaround: Remove the Lex interface.
•
Symptom: Running-config and show controllers have different value of upstream center frequency.
Also, 16 KHz resolution is not proper for newer line card.
Conditions: Configure fixed upstream center frequency.
Workaround: This is a sort of cosmetic issue, no side effect.
•
Symptom: When a cable modem is added to the "hotlist" with the cable privacy hotlist cm command the cable modem specified is not restricted from reaching online(pt) mode.
•
Symptom: Modem cannot come online on upstream. This issue first appeared in 12.3(21a)BC6. The modem never reach init-rc, they go at most in init(r1) maybe init(r2)
Conditions: The issue appeared at customer site since 12.3(21a)BC6.
Workaround: Shut/no shut fixes the issue.
•
Symptom: DHCP assignment failed to CPE
Conditions: Using 2 CPEs on a CM with the second using the UNICAST DHCP DISCOVER (broadcast bit == 0)
Workaround: Delete the modem using the clear cable modem <CmdArg> mac address delete command or by using a CPE setting Broadcast bit.
•
Symptom: In the walk output of the table 'cpmProcessTable', process corresponding to process id 256 is not listed.
Conditions: Steps to reproduce:
1. Configure snmp-server on the DUT.
2. On the DUT exec 'show processes cpu sorted | inc 256'. It returns the
details of the process for id 256.
3. For example, walk on the OID: '1.3.6.1.4.1.9.9.109.1.2.1.1'. This returns
the process names for all the running process. In this output the id 256 is
missing.
4. Get on the particular instance returns 'No Such Instance' error message.
Workaround: There is no workaround.
•
Symptom: Certain sprintf() calls in tcp/telnet.c are incorrect.
Condition: They have the potential to overflow the destination buffers:
Workaround: snprintf() should be used with a bounding length of the size of the destination buffer.
•
Symptom: Static upstream LB may be unbalanced in some scenarios. It doesn't happen with dynamic or static downstream LB.
Conditions: Static LB was configured on an interface with more than one upstream.
Workaround: Enable dynamic LB. If interface has more than two upstream. There should be a little chance to get unbalance result.
•
Symptom: This is a internal coding risk, and have the possibility to cause memory overflow.
Conditions: Found by source code analysis.
Workaround: No workaround for this issue.
•
Symptom: When doing OIR on Cisco uBR7246, NPE will crash.
Workaround: Add flag to avoid send IPC to remove the line card.
•
Symptom: AAA accounting records for commands executed from remote host using rsh are sent with empty user name. The user name sent in exec accounting record and command accounting record is empty.
Conditions: Occurs for the commands execute from remote host using rsh.
Workaround: One can consider stopping generation of accounting records with null username by configuring the aaa accounting suppress null-username command.
•
Symptoms: Service class name field empty for deleted PCMM flow SAMIS records, SNMP MIB docsQosServiceFlowLogServiceClassName is also empty for these flows.
Open Caveats — Cisco IOS Release 12.2(33)SCA1
The open caveats are grouped based on their component types. The open caveats documented from prior releases that are unresolved might also apply to this release.
CMTS-Management
•
Symptoms: The cable privacy hotlist command does not restrict the cable modem from reaching the online(pt) mode.
Workaround: There is no workaround.
CMTS-Platform
•
Symptoms: The show inventory command does not display the line card information in the Cisco uBR7200 series routers.
Conditions: This occurs though the line card is up and the modems are online. The line card information is displayed while using the write-mem and reload commands.
Workaround: There is no workaround.
•
Symptoms: The show inventory raw command does not display the voltage and temperature sensor values in the Cisco uBR7246VXR router with NPE-G2.
Conditions: This occurs when an I/O card is in slot 0.
Workaround: Remove the I/O card if it is not used.
Resolved Caveats — Cisco IOS Release 12.2(33)SCA1
The closed caveats are grouped based on their component types.
CMTS-Application
•
Symptoms: The Cisco uBR7246 router crashes due to bus error (Signal = 10, Code = 0x10) and spurious accesses are observed.
Conditions: This crash is observed with the Cisco uBR7246 router running Cisco IOS Release 12.3(21)BC and Scientific Atlanta EPC2203 modems.
Workaround: Do not ping or access the modem via telnet while a phone call is ongoing.
•
Symptoms: CMTS generates duplicate IPDR records for same service identifier (SID). This creates accounting issues for usage-based billing of cable modems.
Conditions: This occurs on Cisco uBR10012 and Cisco uBR7200 platforms running Cisco IOS Release 12.3(17b)BC4 when Subscriber Account Management Interface Specification (SAMIS) feature is used.
Workaround: There is no workaround.
•
Symptoms: CMTS sysUpTime parameter remains unchanged in IPDR document for all records thus making it unreliable for stop records. Similarly, IPDRcreationTime parameters are the same for interim records and are set to the data collection start time for the IPDR document. These may cause certain accounting issues.
Conditions: This issue occurs when Subscriber Account Management Interface Specification (SAMIS) feature is used.
Workaround: Poll the DOCS-QOS-MIB object directly.
•
Symptoms: A high CPU value is observed when many host IP addresses of modems are registered with static IP addresses.
Conditions: This is observed when some subinterfaces have cable source-verify command configured and the other subinterfaces in the same bundle have cable source-verify dhcp command configured.
Workaround: Configure the cable source-verify dhcp command on both the subinterfaces. For static IP addresses, reserve these addresses in the DHCP server.
•
Symptoms: On a cable modem termination system (CMTS), an upstream router incorrectly pings a MAC address of the wide area network (WAN) interface.
Conditions: This issue is observed when the ARP entry for the WAN interface is changed to an incorrect MAC address and then the WAN interface is pinged.
Workaround: There is no workaround.
•
Symptoms: DHCPDISCOVER from the client sent to the CMTS relay agent fails. Cable modems fail to complete DHCP and also fail to go online.
Conditions: This occurs when a router exists between the relay agent and the server.
Workaround: Configure the ip proxy-arp command on the network interface of the router that faces the CMTS. When this command is configured on the router that sits between the relay and the server, the problem is fixed.
•
Symptoms: When the CMTS DHCPv6 relay agent receives a relay reply from the server in which the interface ID option is included after the relay message option, the CMTS does not read the interface ID and drops the reply.
Conditions: This occurs while using a third-party DHCPv6 server instead of Cisco carrier-to-noise ratio (CNR). This type of reply from the server to the relay will cause the rely agent to drop the message.
Workaround: Change the third-party server code to include the interface ID option first and then add the relay message option.
•
Cisco 10000, uBR10012 and uBR7200 series devices use a User Datagram Protocol (UDP) based Inter-Process Communication (IPC) channel that is externally reachable. An attacker could exploit this vulnerability to cause a denial of service (DoS) condition on affected devices. No other platforms are affected.
Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080924-ipc.shtml.
CMTS-Management
•
Symptoms: The ccqmEnfRuleViolateTable is not getting the same service flow compared to show cable subscriber-usage over-consume command's output.
Conditions: This occurs when the IOS uses harsh table to organize the service flow.
Workaround: If all the service flow IDs are less than 8000, ccqmEnfRuleViolateTable works fine. Else, use the command to show the over-consumed subscribers and do not use ccqmEnfRuleViolateTable.
CMTS-mc28u
•
Symptoms: The Cisco uBR10-MC2X8U cable interface line card reloads after every software upgrade.
Workaround: There is no workaround.
•
Symptoms: The Cisco uBR10-MC2X8U line cards are not sending SNMP cable modem on off traps.
Conditions: This occurs only on the Cisco uBR10-MC2X8U cable cards.
Workaround: There is no workaround.
IPv6
•
Symptoms: The Cisco uBR7200 series router might crash while pasting (cut and paste) a set of IPv6 configuration commands for a router network interface to the router console.
Conditions: This occurs during router configuration.
Workaround: There is no workaround.
Operating System
•
Symptoms: The Cisco uBR7200 series router might experience spurious memory access error when running the show buffer assigned dump command.
%ALIGN-3-SPURIOUS: Spurious memory access made at 0xXXXXXXXX reading 0xXX%ALIGN-3-TRACE: -Traceback= XXXXXXXX XXXXXXXX XXXXXXXXWorkaround: There is no workaround. This is a cosmetic error and should not cause problems for the router's operation.
vpdn
•
Symptoms: Traceback is displayed when show vpdn sca command is used before the vpdn module is enabled.
Workaround: Use the vpdn enable command before configuring other vpdn commands.
Open Caveats — Cisco IOS Release 12.2(33)SCA
The open caveats are grouped based on their component types.
CMTS-Application
•
Symptoms: On a cable modem termination system (CMTS), an upstream router pings wrongly to an incorrect MAC address of the wide area network (WAN) interface.
Conditions: This issue is observed when the ARP entry for the WAN interface is changed to an incorrect MAC address and then the WAN interface is pinged.
Workaround: There is no workaround.
IP Multicast
•
Symptoms: A multicast route is removed unexpectedly when the RP PIM interface is shut down during the IGMP static configuration.
Conditions: This issue is observed when the igmp static group is configured as the default route interface.
Workaround: There is no workaround.
Resolved Caveats — Cisco IOS Release 12.2(33)SCA
There are no resolved caveats in Cisco IOS Release 12.2(33)SCA.
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Nurse Connect, Cisco Pulse, Cisco SensorBase, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Capital, Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store, Flip Gift Card, and One Million Acts of Green are service marks; and Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Lumin, Cisco Nexus, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Continuum, EtherFast, EtherSwitch, Event Center, Explorer, Follow Me Browsing, GainMaker, iLYNX, IOS, iPhone, IronPort, the IronPort logo, Laser Link, LightStream, Linksys, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, PCNow, PIX, PowerKEY, PowerPanels, PowerTV, PowerTV (Design), PowerVu, Prisma, ProConnect, ROSA, SenderBase, SMARTnet, Spectrum Expert, StackWise, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0910R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
© 2009 Cisco Systems, Inc. All rights reserved.
Guest
