Cisco IOS Software Releases 11.2

Table Of Contents

Release Notes
for the Cisco 2500 Series Routers
for Cisco IOS Release 11.2

Introduction

Determining Your Cisco IOS Release

Cisco 2500 Series Routers and Access Servers

New Cisco 2500 Series Routers and Access Servers Supported by Release 11.2

Cisco AS2509-RJ and Cisco AS2511-RJ Access Servers

Generated SysObjectID's

Documentation

Online Navigation

New Features in Release 11.2(1)

Routing Protocols

IP Protocol and Feature Enhancements

Network Address Translation

Named IP Access Control List

Multimedia and Quality of Service

Multiprotocol Routing

Switching Features

Desktop Protocols

AppleTalk Features

Novell Features

Wide-Area Networking Features

ISDN/DDR Enhancements

Frame Relay Enhancements

IBM Functionality

New Features

APPN Enhancements

Data Link Switching+ Features and Enhancements

Security Features

New Features

TACACS+ Enhancements

Network Management

MIBs Supported

Cisco IOS Feature Sets for Cisco 2500 Series Routers and Access Servers

Feature Set Tables

Table 8 Cisco 2500 Fixed FRAD Series 

		Feature Sets
Features	CFRAD	LAN FRAD	OSPF LAN FRAD1
Platforms Supported
Cisco 2501FRAD-FX	X	—	—
Cisco 2501LANFRAD-FX and Cisco  2502LANFRAD-FX	—	X	X
LAN Support
AppleTalk 1 and 22	—	—	—
GRE	—	X	X
Integrated routing and bridging (IRB)3	X	X	X
IP	X	X	X
Multiring	—	X	X
Novell IPX4	—	X	X
Source-route bridging	X	X	X
Transparent bridging	X	X	X
Transparent and translational bridging5	X	X	X
WAN Services
Combinet Packet Protocol (CPP)	X	X	X
Dialer profiles	X	X	X
Frame Relay	X	X	X
Frame Relay traffic shaping	X	X	X
Half bridge/half router for CPP and PPP	X	X	X
IPXWAN 2.0	—	X	X
PPP6	X	X	X
WAN Optimization
Custom and priority queuing	X	X	X
Header7 , link and payload compression8	X	X	X
Weighted fair queuing	X	X	X
IP Routing
BGP49	X	—	—
Enhanced IGRP	X	X	X10
Enhanced IGRP Optimizations	X	X	X10
IGRP	X	X	X
On Demand Routing (ODR)	X	X	X
OSPF	X	—	X
OSPF Not-So-Stubby-Areas (NSSA)	X	—	X
OSPF On Demand Circuit (RFC 1793)	X	—	X
RIP	X	X	X
RIP Version 2	X	X	X
Other Routing
IPX RIP	—	X	X
Multimedia and  Quality of Service
Generic traffic shaping	X	X	X
Random Early Detection (RED)	X	X	X
Resource Reservation Protocol (RSVP)	X	X	X
Management
AutoInstall	X	X	X
HTTP Server	X	X	X
RMON events and alarms11	X	X	X
SNMP	X	X	X
Telnet	X	X	X
Security
Access lists	X	X	X
Access security	X	X	X
Extended access lists	X	X	X
Kerberos V client support	X	X	X
Lock and Key	X	X	X
MD5 routing authentication	X	X	X
TACACS+12	X	X	X
IBM Support
BAN for SNA Frame Relay support	X	X	X
Bisync	X	X	X
Caching and filtering	X	X	X
DLSw+13	X	X	X
Frame Relay SNA support (RFC 1490)	X	X	X
NetView Native Service Point	X	X	X
Polled async (ADT, ADPLEX)	X	X	X
QLLC	X	X	X
DLSw (RFC 1795)	X	X	X
RSRB	X	—	—
SDLC integration	X	X	X
SDLC transport (STUN)	X	X	X
SDLC-to-LAN conversion (SDLLC)	X	X	X
SNA and NetBIOS WAN optimization via local acknowledgment	X	X	X
SRB/RSRB14	—	X	X
SRT	—	X	X

1 The OSPF LANFRAD feature set for the Cisco 2500 Fixed FRAD routers is available in Release 11.2(6)P and later. 2 Includes AppleTalk load balancing. 3 IRB supports IP, IPX, and AppleTalk; it is supported for transparent bridging, but not for SRB; it is supported on all media-type interfaces except X.25 and ISDN bridged interfaces; and IRB and concurrent routing and bridging (CRB) cannot operate at the same time. 4 The Novell IPX feature includes display SAP by name, IPX Access Control List violation logging, and plain-English IPX access lists. 5 Translational bridging is fast switched, but this can be disabled. 6 PPP includes support for LAN protocols supported by the feature set, address negotiation, PAP and CHAP authentication, PPP compression, and Multilink PPP. 7 IPX header compression (RFC 1553) is available in the feature sets that support IPX. 8 X.25 and Frame Relay payload compression. 9 BGP4 includes soft configuration, multipath support, and prefix filtering with inbound route maps. 10 Enhanced IGRP in the OSPF LANFRAD feature set is only available in Release 11.2(4). Cisco does not support this functionality in any releases of the OSPF LANFRAD feature set, and this feature is subject to removal without notice. 11 RMON events and alarms is supported on all interfaces. 12 TACACS+ Single Connection and TACACS+ SENDAUTH enhancements are supported. 13 Cisco IOS Release 11.2 introduces several DLSw+ enhancements available in the Plus, Plus 40, and Plus 56 feature sets. 14 SRB/RSRB is fast switched. This enhancement is on by default, but can be disabled.

Upgrading to a New Software Release

Cisco IOS Upgrade Procedure

Memory Requirements

Caveats for Release 11.2(1) Through 11.2(12)

Caveats for Release 11.2(1) Through 11.2(11)

Caveats for Release 11.2(1) Through 11.2(10)

Caveats for Release 11.2(1) Through 11.2(9)

Caveats for Release 11.2(1) Through 11.2(8)

Caveats for Release 11.2(1) Through 11.2(7)

Caveats for Release 11.2(1) Through 11.2(6)

Caveats for Release 11.2(1) Through 11.2(5)

Caveats for Release 11.2(1) Through 11.2(4)

Caveats for Release 11.2(1) Through 11.2(3)

Cisco Connection Online

Documentation CD-ROM

Release Notes
for the Cisco 2500 Series Routers
for Cisco IOS Release 11.2

---

March 2, 1998

These release notes describe the new features and significant software components for Cisco IOS Release 11.2, up to and including Release 11.2(11) for Cisco 2500 series routers and access servers. These release notes also describe the new software features only available with Release 11.2(12) and above.

Introduction

These release notes discuss the following topics:

•Determining Your Cisco IOS Release

•Cisco 2500 Series Routers and Access Servers

•New Cisco 2500 Series Routers and Access Servers Supported by Release 11.2

•Documentation

•Online Navigation

•New Features in Release 11.2(1)

•Cisco IOS Feature Sets for Cisco 2500 Series Routers and Access Servers

•Upgrading to a New Software Release

•Memory Requirements

•Caveats for Release 11.2(1) Through 11.2(12)

•Caveats for Release 11.2(1) Through 11.2(11)

•Caveats for Release 11.2(1) Through 11.2(10)

•Caveats for Release 11.2(1) Through 11.2(9)

•Caveats for Release 11.2(1) Through 11.2(8)

•Caveats for Release 11.2(1) Through 11.2(7)

•Caveats for Release 11.2(1) Through 11.2(6)

•Caveats for Release 11.2(1) Through 11.2(5)

•Caveats for Release 11.2(1) Through 11.2(4)

•Caveats for Release 11.2(1) Through 11.2(3)

•Cisco Connection Online

•Documentation CD-ROM

Determining Your Cisco IOS Release

To determine which version of Cisco IOS software is running on your Cisco 2500 series router or access server, log in to the router, and enter the show version user EXEC command:

router# show version

Cisco Internetwork Operating System Software

IOS (tm) 2500 Software (C2500-J-L), Version 11.2(12), RELEASE SOFTWARE (fc1)

Copyright (c) 1986-1997 by cisco Systems, Inc.

Compiled Mon 10-Feb-97 13:03 by ajchopra

Image text-base: 0x0303D558, data-base: 0x00001000

ROM: System Bootstrap, Version 11.0(10c), SOFTWARE

ROM: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c), RELEASE

SOFTWARE (fc1)

burns uptime is 1 minute

System restarted by reload

System image file is "flash:username/c2500-j-l.112-4", booted via flash

cisco 2500 (68030) processor (revision A) with 4096K/2048K bytes of memory.

Processor board ID 01207404, with hardware revision 00000000

Bridging software.

SuperLAT software copyright 1990 by Meridian Technology Corp).

X.25 software, Version 2.0, NET2, BFE and GOSIP compliant.

TN3270 Emulation software (copyright 1994 by TGV Inc).

1 Ethernet/IEEE 802.3 interface(s)

2 Serial network interface(s)

32K bytes of non-volatile configuration memory.

8192K bytes of processor board System flash partition 1 (Read ONLY)

8192K bytes of processor board System flash partition 2 (Read/Write)

Configuration register is 0x0

Cisco 2500 Series Routers and Access Servers

The following Cisco 2500 series routers and access servers are supported by Release 11.2:

•Single LAN: Cisco 2501, 2502, 2503, and 2504

•Dual LANs: Cisco 2513, 2514, and 2515

•Integrated HUBs: Cisco 2505, 2507, and 2516

•High Density Serial: Cisco 2520, 2521, 2522, and 2523

•Modular Routers: Cisco 2524 and 2525

•Access Servers: Cisco AS2509, AS2511, AS2512 , AS2509-RJ, AS2511-RJ, and 2509-ET.

New Cisco 2500 Series Routers and Access Servers Supported by Release 11.2

Cisco IOS Release 11.2 supports Cisco AS2509-RJ and Cisco AS2511-RJ access servers. and summarize the interfaces supported for these devices.

Table 1 LAN Interfaces Supported 

Interface	Cisco AS2509-RJ and Cisco AS2511-RJ
Ethernet (AUI)	Yes
4-Mbps Token Ring	No
16-Mbps Token Ring	No

"Yes" means that a particular data rate or interface is supported. "No" means it is not supported.

Table 2 WAN Interfaces Supported 

	Cisco AS2509-RJ and Cisco AS2511-RJ
EIA/TIA-232	Yes
X.21	Yes
V.35	Yes
EIA/TIA-449	Yes
EIA-530	Yes
Serial, synchronous and asynchronous	Yes
ISDN BRI S/T	No
ISDN BRI U	No

Cisco AS2509-RJ and Cisco AS2511-RJ Access Servers

The Cisco AS2509-RJ and Cisco AS2511-RJ access servers connect asynchronous serial devices to LANs and WANs. The access servers combine the functions of a terminal server, protocol translator, and a router and perform both synchronous and asynchronous routing of supported protocols.

These access servers provide the following interfaces and ports:

•8 (Cisco AS2509-RJ) or 16 (Cisco AS2511-RJ) asynchronous serial ports for connection to modems, terminals, or other asynchronous devices

•One Ethernet attachment unit interface (AUI) port for connection to a LAN

•One synchronous serial port for connection to a WAN

•One EIA/TIA-232 console port for connection to a console terminal

•One EIA/TIA-232 auxiliary port for connection to a terminal or modem

Generated SysObjectID's

The Generated SysObjectID feature generates a unique sysObjectID for each Cisco 2500 series router and its derived partner product. For example, the sysObjectID values for a Cisco 2511, a partner's 2511, and another partner's 2511 will each be different. The sysObjectID Simple Network Management Protocol (SNMP) MIB object is used to identify the device to be managed and make application-specific decisions. In some network management programs, this object determines which graphical element or name to display for a device.

Documentation

For Cisco IOS Release 11.2, the Cisco IOS documentation set consists of eight documentation modules. Each documentation module has a configuration guide, a command reference, and five supporting documents.

---

Note   The most up-to-date Cisco IOS documentation can be found on the latest Documentation CD-ROM and on the Web. These electronic documents contain updates and modifications made after the paper documents were printed.

---

The books and chapter topics are as follows:

Books	Chapter Topics
•Configuration Fundamentals Configuration Guide •Configuration Fundamentals Command Reference	Access Server and Router Product Overview User Interface System Images and Configuration Files Using ClickStart, AutoInstall, and Setup Interfaces System Management
•Security Configuration Guide •Security Command Reference	Network Access Security Terminal Access Security Accounting and Billing Traffic Filters Controlling Router Access Network Data Encryption with Router Authentication
•Access Services Configuration Guide •Access Services Command Reference	Terminal Lines and Modem Support Network Connections AppleTalk Remote Access SLIP and PPP XRemote LAT Telnet TN3270 Protocol Translation Configuring Modem Support and Chat Scripts X.3 PAD Regular Expressions
•Wide-Area Networking Configuration Guide •Wide-Area Networking Command Reference	ATM Dial-on-Demand Routing (DDR) Frame Relay ISDN LANE PPP for Wide-Area Networking SMDS X.25 and LAPB
•Network Protocols Configuration Guide, Part 1 •Network Protocols Command Reference, Part 1	IP IP Routing
•Network Protocols Configuration Guide, Part 2 •Network Protocols Command Reference, Part 2	AppleTalk Novell IPX
•Network Protocols Configuration Guide, Part 3 •Network Protocols Command Reference, Part 3	Apollo Domain Banyan VINES DECnet ISO CLNS XNS
•Bridging and IBM Networking Configuration Guide •Bridging and IBM Networking Command Reference	Transparent Bridging Source-Route Bridging Remote Source-Route Bridging DLSw+ STUN and BSTUN LLC2 and SDLC IBM Network Media Translation DSPU and SNA Service Point Support SNA Frame Relay Access Support APPN NCIA Client/Server Topologies IBM Channel Attach
•Feature Guide for Cisco IOS Release 11.2 P •Cisco IOS Software Command Summary •Access Services Quick Configuration Guide •System Error Messages •Debug Command Reference •Cisco Management Information Base (MIB) User Quick Reference

These documents are available as printed manuals or electronic documents. For electronic documentation of Release 11.2 router and access server software features, refer to the Cisco IOS Release 11.2 configuration guides and command references located in the Cisco IOS Release 11.2 database on the Documentation CD-ROM. You can also access Cisco technical documentation on the World Wide Web at http://www.cisco.com.

Online Navigation

The Cisco IOS software documentation set is available as printed manuals or electronic documents. You can access the electronic documents either on the Cisco Documentation CD-ROM or at Cisco Connection Online (CCO) on the World Wide Web:

•On the Documentation CD-ROM, go to Cisco Product Documentation, select Cisco IOS Software Configuration, and then select Cisco IOS Release 11.2.

•On CCO, go to Software and Support and select Documentation. Next, select Documentation, click Cisco IOS Software Configuration, and then click Cisco IOS Release 11.2

New online navigation enhancements for Release 11.2 include:

•Online hot-linked master indexes for configuration guide and command reference documentation sets.

On the Documentation CD-ROM or CCO, go to Cisco IOS Release 11.2, and select Cisco IOS Release 11.2 Configuration Guides, Command References. Then select Configuration Guide Master Index or Command Reference Master Index. To access documentation related to an index entry, click the page number following the entry.

•Online hot-linked list of features that are new since Release 11.2.

On the Documentation CD-ROM or CCO, go to Cisco IOS Release 11.2, and select Cisco IOS Release 11.2 Configuration Guides, Command References. Next, select Cisco IOS 11.2 New Features.

To access configuration documentation for a feature, do one of the following:

•Click the page number following the feature name.

•Using your browser Search function, search on one or more keywords from the feature name.

For additional information about the Documentation CD-ROM and CCO, refer to the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of these release notes.

New Features in Release 11.2(1)

The features described in this section are supported in 11.2 and 11.2 P images or feature sets. This section is divided into the following subjects:

•Routing Protocols

•Desktop Protocols

•Wide-Area Networking Features

•IBM Functionality

•Security Features

•Network Management

Routing Protocols

This section describes routing protocol features that are new in the initial release of Cisco IOS Release 11.2.

IP Protocol and Feature Enhancements

The following new IP protocol software features are available:

•On Demand Routing—On Demand Routing (ODR) is a mechanism that provides minimum-overhead Internet Protocol (IP) routing for stub sites. The overhead of a general dynamic routing protocol is avoided, without incurring the configuration and management overhead of using static routing.

A stub router is the peripheral router in a hub-and-spoke network topology. Stub routers commonly have a WAN connection to the hub router and a small number of LAN network segments (stub networks) that are connected directly to the stub router. To provide full connectivity, the hub routers can be statically configured to know that a particular stub network is reachable via a specified access router. However, if there are multiple hub routers, many stub networks, or asynchronous connections between hubs and spokes, the overhead required to statically configure knowledge of the stub networks on the hub routers becomes too great.

ODR simplifies installation of IP stub networks in which the hub routers dynamically maintain routes to the stub networks. This is accomplished without requiring the configuration of an IP routing protocol at the stub routers. With ODR, the stub advertises IP prefixes corresponding to the IP networks that are configured on its directly connected interfaces. Because ODR advertises IP prefixes, rather than IP network numbers, ODR is able to carry Variable Length Subnet Mask (VLSM) information.

Once ODR is enabled on a hub router, the router begins installing stub network routes in the IP forwarding table. The hub router can also be configured to redistribute these routes into any configured dynamic IP routing protocols. IP does not need to be configured on the stub router. With ODR, a router is automatically considered to be a stub when no IP routing protocols have been configured on it.

The routing protocol that ODR generates is propagated between routers using Cisco Discovery Protocol (CDP). Thus, ODR is partially controlled by the configuration of CDP. Specifically,

•If CDP is disabled, the propagation of ODR routing information ceases.

•By default, CDP sends updates every 60 seconds. This update interval might not be frequent enough to provide fast reconvergence of IP routers on the hub router side of the network. A faster reconvergence rate might be necessary if the stub connects to several hub routers via asynchronous interfaces (such as modem lines).

•ODR might not work well with dial-on-demand routing (DDR) interfaces, as CDP packets do not cause a DDR connection to be made.

It is recommended that IP filtering be used to limit the network prefixes that the hub router will permit to be learned dynamically through ODR. If the interface has multiple logical IP networks configured (via the IP secondary command), only the primary IP network is advertised through ODR.

Open Shortest Path First Enhancements

The following features have been added to Cisco OSPF software:

•OSPF On-Demand Circuit—OSPF On-Demand Circuit is an enhancement to the OSPF protocol, as described in RFC 1793, that allows efficient operation over demand circuits such as ISDN, X.25 SVCs, and dial-up lines. Previously, the period nature of OSPF routing traffic mandated that the underlying data-link connection needed to be open constantly, resulting in unwanted usage charges. With this feature, OSPF Hellos and the refresh of OSPF routing information is suppressed for on-demand circuits (and reachability is presumed), allowing the underlying data-link connections to be closed when not carrying application traffic.

The feature allows the consolidation on a single routing protocol and the benefits of the OSPF routing protocol across the entire network, without incurring excess connection costs.

If the router is part of a point-to-point topology, only one end of the demand circuit needs to be configured for OSPF On-Demand Circuit operation. In point-to-multipoint topologies, all appropriate routers must be configured with OSPF On-Demand Circuit. All routers in an area must support this feature—that is, be running Cisco IOS Software Release 11.2 or greater.

•OSPF Not-So-Stubby Areas (NSSA)—As part of the OSPF protocol support for scalable, hierarchical routing, peripheral portions of the network can be defined as "stub" areas so that they do not receive and process external OSPF advertisements. Stub areas are generally defined for low-end routers with limited memory and CPU, that have low-speed connections, and are in a default route configuration.

OSPF NSSA defines a more flexible, hybrid method, whereby stub areas can import external OSPF routes in a limited fashion so that OSPF can be extended across the stub to backbone connection.

NSSA enables OSPF to be extended across a stub area to backbone area connection to become logically part of the same network.

Border Gateway Protocol Version 4 (Enhancements

The following features have been added to Cisco BGP4 software:

•BGP4 Soft Configuration—BGP4 soft configuration allows BGP4 policies to be configured and activated without clearing the BGP session, hence without invalidating the forwarding cache. This enables policy reconfiguration without causing short-term interruptions to traffic being forwarded in the network.

•BGP4 Multipath Support— BGP4 Multipath Support provides BGP load balancing between multiple Exterior BGP (EBGP) sessions. If there are multiple EBGP sessions between the local autonomous system (AS) and the neighboring AS, multipath support allows BGP to load balance among these sessions. Depending on the switching mode, per packet or per destination load balancing is performed.

BGP4 Multipath Support can support up to six paths.

•BGP4 Prefix Filtering with Inbound Route Maps—This feature allows prefix-based matching support to the inbound neighbor route map. This feature allows an inbound route map to be used to enforce prefix-based policies.

Network Address Translation

Network Address Translation (NAT) provides a mechanism for a privately addressed network to access registered networks, such as the Internet, without requiring a registered subnet address. This eliminates the need for host renumbering and allows the same IP address range to be used in multiple intranets.

With NAT, the privately addressed network (designated as "inside") continues to use its existing private or obsolete addresses. These addresses are converted into legal addresses before packets are forwarded onto the registered network (designated as "outside"). The translation function is compatible with standard routing; the feature is required only on the router connecting the inside network to the outside domain.

Translations can be static or dynamic in nature. A static address translation establishes a one-to-one mapping between the inside network and the outside domain. Dynamic address translations are defined by describing the local addresses to be translated and the pool of addresses from which to allocate outside addresses. Allocation is done in numeric order and multiple pools of contiguous address blocks can be defined.

NAT:

•Eliminates readdressing overhead. NAT eliminates the need to readdress all hosts that require external access, saving time and money.

•Conserves addresses through application port-level multiplexing. With NAT, internal hosts can share a single registered IP address for all external communications. In this type of configuration, relatively few external addresses are required to support many internal hosts, thus conserving IP addresses.

•Protects network security. Because private networks do not advertise their addresses or internal topology, they remain reasonably secure when used in conjunction with NAT to gain controlled external access.

Because the addressing scheme on the inside network might conflict with registered addresses already assigned within the Internet, NAT can support a separate address pool for overlapping networks and translate as appropriate.

Applications that use raw IP addresses as a part of their protocol exchanges are incompatible with NAT. Typically, these are less common applications that do not use fully qualified domain names.

Named IP Access Control List

The Named IP Access Control List (ACL) feature gives network managers the option of using names for their access control lists. Named IP ACL function similarly to their numbered counter-parts.

This feature also includes a new configuration mode that supports addition and deletion of single lines in a multiline access control list.

This feature eliminates some of the confusion associated with maintaining long access control lists. Meaningful names can be assigned, making it easier to remember which service is controlled by which access control list. Moreover, this feature removes the limit of 100 extended and 99 standard access control lists so that additional IP access control lists can be configured.

The new configuration feature allows a network manager to edit access control lists, rather than re-creating the entire list.

Currently, only packet and route filters can use Named IP ACL. Also, named IP ACLs are not backward-compatible with earlier releases of Cisco IOS software.

Named IP ACLs are not currently supported with Distributed Fast Switching.

Multimedia and Quality of Service

The following features have been added to Cisco multimedia and quality of service software:

•Resource Reservation Protocol—Resource Reservation Protocol (RSVP) enables applications to dynamically reserve necessary network resources from end-to-end for different classes of service. An application, which acts as a receiver for a traffic stream, initiates a request for reservation of resources (bandwidth) from the network, based on the application required quality of service. The first RSVP-enabled router that receives the request informs the requesting host whether the requested resources are available or not. The request is forwarded to the next router toward the sender of the traffic stream. If the reservations are successful, an end-to-end pipeline of resources is available for the application to obtain the required quality of service. RSVP enables applications with real-time traffic needs, such as multimedia applications, to coexist with bursty applications on the same network. RSVP works with both unicast and multicast applications.

RSVP requires both a network implementation and a client implementation. Applications need to be RSVP-enabled to take advantage of RSVP functionality. Currently, Precept provides an implementation of RSVP for Windows-based PCs. Companies such as Sun and Silicon Graphics have demonstrated RSVP on their platforms. Several application developers are planning to take advantage of RSVP in their applications.

•Random Early Detection—Random Early Detection (RED) helps eliminate network congestion during peak traffic loads. RED uses the characteristics of a robust transport protocol (TCP) to reduce transmission volume at the source when traffic volume threatens to overload a router buffer resources. RED is designed to relieve congestion on TCP/IP networks.

RED is enabled on a per-interface basis. It "throttles back" lower-priority traffic first, allowing higher-priority traffic (as designated by an RSVP reservation or the IP precedence value) to continue.

RED works with RSVP to maintain end-to-end quality of service during peak traffic loads. Congestion is avoided by selectively dropping traffic during peak load periods. This is performed in a manner designed to damp out waves of sessions going through TCP slow start.

Existing networks can be upgraded to better handle RSVP and priority traffic. Additionally, RED can be used in existing networks to manage congestion more effectively on higher-speed links where fair queuing is expensive.

Exercise caution when enabling RED on interfaces that support multiprotocol traffic (in addition to TCP/IP), such as IPX or AppleTalk. RED is not designed for use with these protocols and could have deleterious affects.

RED is a queuing technique; it cannot be used on the same interface as other queuing techniques, such as Standard Queuing, Custom Queuing, Priority Queuing, or Fair Queuing.

•Generic Traffic Shaping—Generic Traffic Shaping (also called Interface Independent Traffic Shaping) helps reduce the flow of outbound traffic from a router interface into a backbone transport network when congestion is detected in the downstream portions of the backbone transport network or in a downstream router. Unlike the Traffic Shaping over Frame Relay features that are specifically designed to work on interfaces to Frame Relay networks, Generic Traffic Shaping works on interfaces to a variety of Layer 2 data-link technologies ( Frame Relay, SMDS, Ethernet, and so on.)

Topologies that have high-speed links feeding into lower-speed links—such as a central site to a remote or branch sites—often experience bottlenecks at the remote end because of the speed mismatch. Generic Traffic Shaping helps eliminate the bottleneck situation by throttling back traffic volume at the source end.

Routers can be configured to transmit at a lower bit rate than the interface bit rate. Service providers or large enterprises can use the feature to partition, for example, T1 or T3 links into smaller channels to match service ordered by customers.

Generic Traffic Shaping implements a Weighted Fair Queuing (WFQ) on an interface or subinterface to allow the desired level of traffic flow. The feature consumes router memory and CPU resources, so it must be used judiciously to regulate critical traffic flows while not degrading overall router performance.

Multiprotocol Routing

The following enchancement has been made to Cisco multiprotocol routing:

•Enhanced IGRP Optimizations—With the wide-scale deployment of Enhanced Interior Gateway Routing Protocol (Enhanced IGRP) in increasingly large and complex customer networks, Cisco has been able to continuously monitor and refine Enhanced IGRP operation, integrating several key optimizations. Optimizations have been made in the allocation of bandwidth, use of processor and memory resources, and mechanisms for maintaining information about peer routers, as described below.

•Intelligent Bandwidth Control: In network congestion scenarios, packet loss, especially the dropping of routing protocol messages, adversely affects convergence time and overall stability. To prevent this problem, Enhanced IGRP now takes into consideration the available bandwidth (at a granularity of per subinterface/virtual circuit if appropriate) when determining the rate at which it will transmit updates. Interfaces can also be configured to use a certain (maximum) percentage of the bandwidth so that even during routing topology computations, a defined portion of the link capacity remains available for data traffic.

•Improved Processor and Memory Utilization: Enhanced IGRP derives the distributed routing tables from topology databases that are exchanged between peer routers. This CPU computation has now been made significantly more efficient as has the protocol queuing algorithm, resulting in improved memory utilization. The combination of these factors further increases Enhanced IGRP suitability for deployment, particularly on low-end routers.

•Implicit Protocol Acknowledgments: Enhanced IGRP running within a router maintains state and reachability information about neighboring routers. This mechanism has been modified so that it no longer requires explicit notifications to be exchanged, but rather accepts any traffic originating from a peer as a valid indication that the router is operational. This provides greater resilience under extreme load.

•IPX Service Advertisement Interleaving: Large IPX environments are typically characterized by many service advertisements, which can saturate lower-speed links at the expense of routing protocol messages. Enhanced IGRP now employs an interleaving technique to ensure that both traffic types receive sufficient bandwidth in large IPX networks.

These enhancements are particularly applicable in networking environments having many low-speed links (typically in hub-and-spoke topologies); in Non-Broadcast-Multiple-Access (NBMA) wide-area networks such as Frame Relay, ATM, or X.25 backbones; and in highly redundant, dense router-router peering configurations. It should be noted that the basic Enhanced IGRP routing algorithm that exhibits very fast convergence and guaranteed loop-free paths has not changed, so there are no backwards compatibility issues with earlier versions of Cisco IOS software.

Switching Features

The following feature has been added to Cisco switching software:

Integrated Routing and Bridging—Integrated routing and bridging (IRB) delivers the functionality to extend VLANs and Layer 2 bridged domains across the groups of interfaces on Cisco IOS software-based routers and interconnect them to the routed domains within the same router.

The ability to route and bridge the same protocol on multiple independent sets of interfaces of the same Cisco IOS software-based router makes it possible to route between these routed and the bridged domains within that router. IRB provides a scalable mechanism for integration of Layer 2 and Layer 3 domains within the same device.

Integrated routing and bridging provides:

•Scalable, efficient integration of Layer 2 and Layer 3 domains: The IRB functionality allows you to extend the bridge domains or VLANs across routers while maintaining the ability to interconnect them to the routed domains through the same router.

•Layer 3 address conservation: You can extend the bridge domains and the VLAN environments across the routers to conserve the Layer 3 address space and still use the same router to interconnect the VLANs and bridged domains to the routed domain.

•Flexible network reconfiguration: You can extend the bridge domain across the router interfaces to provide temporary solutions for moves, adds, and changes. This can be useful during migration from a bridged environment to a routed environment or when making address changes on a scheduled basis.

•Currently, IRB supports three protocols: IP, IPX, and AppleTalk, in both fast-switching and process-switching modes.

•IRB is supported for transparent bridging, but not for source-route bridging.

•IRB is supported on all media-type interfaces except X.25 and ISDN bridged interfaces.

•IRB and concurrent routing and bridging (CRB) cannot operate at the same time.

Desktop Protocols

This section describes the desktop protocol features that are new in the initial release of Cisco IOS Release 11.2.

AppleTalk Features

The following feature has been added to Cisco AppleTalk software:

AppleTalk Load Balancing—This feature allows AppleTalk data traffic to be distributed more evenly across redundant links in a network.

AppleTalk load balancing can reduce network costs by allowing more efficient use of network resources. Network reliability is improved because the chance that network paths between nodes will become overloaded is reduced. For convenience, load balancing is provided for networks using native AppleTalk routing protocols such as Routing Table Maintenance Protocol (RTMP) and Enhanced IGRP.

AppleTalk load balancing operates with process and fast switching.

Novell Features

The following features have been added to Cisco Novell software:

•Display SAP by Name—Network managers can display Service Advertisement Protocol (SAP) entries that match a particular server name or other specific value. The current command that displays IPX servers has been extended to allow the use of any regular expression (including supported special characters) for matching against the router SAP table.

•IPX Access Control List Violation Logging—Routers can use existing router logging facilities to log IPX access control list (ACL) violations whenever a packet matches a particular access-list entry. The first packet to match an entry is logged immediately; updates are sent at approximately 5-minute intervals.

This feature allows logging of

•Source and destination addresses

•Source and destination socket numbers

•Protocol (or packet) type (for example, IPX, SPX, or NCP)

•Action taken (permit/deny)

Matching packets and logging-enabled ACLs are sent at the process level. Router logging facilities use the IP protocol.

•Plain English IPX access list—The most common protocol and socket numbers used in IPX extended ACLs can be specified by either name or number instead of numbers, as required previously.

Protocol types supported include RIP, SAP, NCP, and NetBIOS. Supported socket types include Novell Diagnostics Packet Enhanced IGRP and NLSP.

Plain English IPX Access Lists greatly reduce the complexity and increase the readability of IPX extended access control lists, reducing network management expense by making it easier to build and analyze the access control mechanisms used in IPX networks.

Wide-Area Networking Features

This section describes the wide-area networking features that are new in the initial release of Cisco IOS Release 11.2.

ISDN/DDR Enhancements

The following features have been added to Cisco ISDN and DDR software:

•Multichassis Multilink PPP (MMP)—Multichassis Multilink Point-to-Point Protocol (MMP) extends Multilink PPP (MLP) by providing a mechanism to aggregate B channels transparently across multiple routers or access servers. MMP defines the methodology for sharing individual links in a MLP bundle across multiple, independent platforms. The primary application for MMP is the ISDN dial-up pool; however, it can also be used in a mixed technology environment.

MMP is based on the concept of a stackgroup—a group of routers or access servers that operate as a group when receiving MLP calls. Any member of the stackgroup can answer any call into the single access number applied to all WAN interfaces. Typically, the access number corresponds to a telco hunt group.

Cross-platform aggregation is performed via tunneling between members of a stackgroup using the Level 2 Forwarding (L2F) protocol, a draft IETF standard.

MMP is flexible and scalable. Because the L2F protocol is IP-based, members of a stackgroup can be connected over many types of LAN or WAN media. Stackgroup size can be increased by increasing the bandwidth available to the L2F protocol, for example, by moving from shared to switched Ethernet.

•New devices can be added to the dial-up pool at any time.

•The load for reassembly and resequencing can be shared across all devices in the stackgroup. MMP is less CPU-intensive than MLP.

•MMP provides an interoperable multivendor solution because it does not require any special software capabilities at the remote sites. The only remote requirement is support for industry standard MLP (RFC 1717).

---

Note   This feature is documented in the PPP for wide-area networking chapters of the Wide-Area Networking Configuration Guide and the Wide-Area Networking Command Reference.

---

•Virtual Private Dial-up Network— Virtual Private Dial-up Network (VPDN) provides users from multiple disparate domains with secure access to their corporate home gateways via public networks or the Internet. This functionality is based on the Layer 2 Forwarding (L2F) specification that Cisco has proposed to the Internet Engineering Task Force (IETF) as an industry standard.

Service providers who wish to offer private dial-up network services can use VPDN to provide a single telephone number for all their client organizations. A customer can use dial-up access to a local point of presence where the access server identifies the customer by PPP username. The PPP username is also used to establish a home gateway destination. When the home gateway is identified, the access server builds a secure tunnel across the service provider backbone to the customer home gateway. The PPP session is also transported to this home gateway, where local security measures can ensure the person is allowed access to the network behind the home gateway.

Of special interest to service providers is the VPDN independence of WAN technology. Because L2F is TCP/IP-based, it can be used over any type of service-provider backbone network.

---

Note   This feature is documented in the PPP for wide-area networking chapters of the Wide-Area Networking Configuration Guide and the Wide-Area Networking Command Reference.

---

•Dialer Profiles—Dialer profiles are used to separate the network layer, encapsulation, and dialer parameters portion of the configuration from that of the interface used to place or receive calls.

Dialer profile extends the flexibility of current dial-up configurations. For example, on a single ISDN PRI or PRI rotary group, it is now possible to allocate separate profiles for different classes of user. These profiles might define normal DDR usage or backup usage.

Each dialer profile uses an Interface Descriptor Block (IDB) distinct from the IDB of the physical interface used to place or receive calls. When a call is established, both IDBs are bound together so that traffic can flow. As a result, dialer profiles use more IDBs than normal DDR.

This initial release of dialer profiles does not support Frame Relay, X.25, or Link Access Procedure Balance (LAPB) encapsulation on DDR links or Snapshot Routing capabilities.

•Combinet Packet Protocol (CPP) Support—CPP is a proprietary encapsulation used by legacy Combinet products for data transport. CPP also defines a methodology for performing compression and load sharing across ISDN links. The Cisco IOS software implementation of CPP supports both compression and load sharing using this proprietary encapsulation.

A large installed base of early Combinet product users could not upgrade to later software releases that support interoperability standards such as PPP. With CPP support, these users can integrate their existing product base into new Cisco IOS software-based internetworks.

CPP does not provide many of the functions available in the Cisco implementation of the PPP standards. These functions include address negotiation and support for protocols like AppleTalk. Where possible, Cisco recommends that customers migrate to software that supports PPP.

•Half Bridge/Half Router for Combinet Packet Protocol (CPP) and PPP—Half bridge/half router allows low-end, simply configured bridge devices to bridge either PPP or CPP-encapsulated data to a Cisco IOS core network router. Half bridge/half router is designed for networks that have small-remote Ethernet segments, each with a single PPP- or CPP-compatible bridging device connected to a core network. The serial or ISDN interface on the core network router appears as a virtual Ethernet port to the network. Layer 3 data packets transported across this type of link are first encapsulated within an Ethernet encapsulation. A PPP or CPP bridging header is then added. This facility allows bridged traffic arriving at the core device to be routed from that point on.

This feature is process switched.

Frame Relay Enhancements

The following features have been added to Cisco Frame Relay software:

•Frame Relay SVC Support (DTE)—Currently, access to Frame Relay networks is through private leased lines at speeds ranging from 56 kbps to 45 Mbps. Bandwidth within the Frame Relay network is permanently committed to providing permanent virtual circuits (PVCs) between the endpoints. Switched virtual circuits (SVCs) allow access through a Frame Relay network by setting up a path to the destination endpoints only when the need arises. This is similar to X.25 SVCs, which allow connections to be set up and torn down based upon data traffic requirements. Although SVCs entail overhead for setting up and tearing down links, the VC is only established when data must be transferred, so the number of VCs is proportional to the number of actual conversations between sites rather than the number of sites.

Frame Relay SVCs offer cost savings via usage-based pricing instead of fixed pricing for a PVC connection, dynamic modification of network topologies with any-to-any connectivity, dynamic network bandwidth allocation, or bandwidth-on-demand for large data transfers such as FTP traffic, backup for PVC backbones, and conservation of resources in private networks.

To use Frame Relay SVCs, Frame Relay SVC must be supported by the Frame Relay switches used in the network. Also, a Physical Local Loop Connection, such as a leased or dedicated line, must exist between the router (DTE) and the local Frame Relay switch.

•Traffic Shaping over Frame Relay

---

Note   Traffic shaping over Frame Relay is not available in Release 11.2(1). This feature will be available in a subsequent maintenance release of Release 11.2. Refer to software defect ID CSCdi60734.

---

The Frame Relay protocol defines several parameters that are useful for managing network traffic congestion. These include Committed Information Rate (CIR), Forward/Backward Explicit Congestion Notification (FECN/BECN), and Discard Eligibility (DE) bit. Cisco already provides support for FECN for DECnet and OSI, BECN for Systems Network Architecture (SNA) traffic using direct LLC2 encapsulation via RFC 1490, and DE bit support. The Frame Relay Traffic Shaping feature builds upon this support by providing the following three capabilities:

•Rate Enforcement on a per virtual circuit (VC) basis: A peak rate can be configured to limit outbound traffic to either the CIR or some other defined value such as the Excess Information Rate (EIR).

•Generalized BECN support on a per VC basis: The router can monitor BECNs and throttle traffic based upon BECN marked packet feedback from the Frame Relay network.

•Priority/Custom/First In, First Out Queuing (PQ/CQ/FIFO) support at the VC level: This allows for finer granularity in the prioritization and queuing of traffic, providing more control over the traffic flow on an individual VC.

Frame Relay Traffic Shaping:

•Eliminates bottlenecks in Frame Relay network topologies with high-speed connections at the central site, and low-speed connections at the branch sites. Rate Enforcement can be used to limit the rate at which data is sent on the VC at the central site.

•Provides a mechanism for sharing media by multiple VCs. Rate Enforcement allows the transmission speed used by the router to be controlled by criteria other than line speed, such as the CIR or EIR. The Rate Enforcement feature can also be used to pre-allocate bandwidth to each VC, creating a Virtual Time Division Multiplexing network.

•Dynamically throttles traffic, based on information contained in BECN-tagged packets received from the network. With BECN-based throttling, packets are held in the router's buffers to reduce the data flow from the router into the Frame Relay network. The throttling is done on a per VC basis and the transmission rate is adjusted based on the number of BECN-tagged packets received.

•Defines queuing at the VC or subinterface level. Custom Queuing with the Per VC Queuing and Rate Enforcement capabilities enable Frame Relay VCs to be configured to carry multiple traffic types (such as IP, SNA and IPX), with bandwidth guaranteed for each traffic type.

The three capabilities of the Traffic Shaping for Frame Relay feature require the router to buffer packets to control traffic flow and compute data rate tables. Because of this router memory and CPU utilization, these features must be used judiciously to regulate critical traffic flows while not degrading overall Frame Relay performance.

IBM Functionality

This section describes the IBM network software features and support that are new in the initial release of Cisco IOS Release 11.2.

New Features

The following new IBM software features are available:

•Native Client Interface Architecture Server—The native client interface architecture (NCIA) server, introduced by Cisco Systems for access of IBM SNA applications over routed internetworks, is more flexible and scalable. The NCIA client, implemented in the client workstation, encapsulates the full SNA stack inside TCP/IP packets. These packets are sent to the NCIA Server implemented in Cisco IOS software. The NCIA server unencapsulates the TCP/IP packet and sends the LLC data to the host processor via remote source-route bridging (RSRB) or Data Data link switching plus (DLSw+).

The NCIA server supports SNA and NetBIOS sessions over a variety of LAN and WAN connections, including dial-up connections. The NCIA architecture supports clients with full SNA stacks, providing all advanced SNA capabilities, unlike some split-stack solutions.

NCIA server enhancements provide:

•Simplified client configuration: It is no longer necessary to predefine ring numbers, and the NCIA server supports optional dynamic assignment of MAC addresses. There is no Logical Link Control, type 2 (LLC2), at the client. The client is configured as an end station, not a router peer.

•Scalability: The limit is based on the number of LLC connections in the central site router rather than on RSRB peer connections.

Note that each client is a full SNA physical unit (PU) with one or more logical unit (LU)s. As such, each device requires one LLC connection at the central site router. The Cisco 4700 currently supports 3000 to 4000 LLC connections.

•TN3270 Server—The TN3270 Server is a new feature of the Channel Interface Processor (CIP) for the Cisco 7000 family of routers. The TN3270 Server allows TN3270 and TN3270E clients access to IBM and IBM-compatible mainframes without the limitations of existing alternatives. It off-loads 100 percent of the TCP/IP and TN3270 cycles from the mainframe and offers a robust, scalable, and dynamic implementation that meets the stringent requirements of the data center.

The TN3270 Server on the CIP supports up to 8000 concurrent sessions on a CIP and up to 16,000 concurrent sessions on a CIP2 card. The TN3270 Server offers the following advanced capabilities:

•Load Balancing and Redundancy: Provides effective utilization of CIP resources and more consistent response times.

•End-to-End Session Visibility: Provides enhanced management of resources.

•SNA Session Switching: The SNA Session Switch enables cross-domain traffic to bypass the owning virtual telecommunications access method (VTAM).

•TN3270E Support: In combination with a TN3270E client, provides advanced SNA management and SNA functionality, including printer support.

•Dynamic Definition of Dependent LUs: Provides simplified configuration and network definition at the router and in VTAM.

•Dynamic Allocation of LUs: Removes the need to pool LU resources while supporting multiple SNA model types.

TN3270 Server requires 32 MB of CIP DRAM to support up to 4000 sessions, 64 MB to support 8000 sessions, and 128 MB to support 16000 sessions. TN3270 Server can run concurrently with any of the other CIP applications (IP Datagram, TCP/IP Off-load, or CSNA), but operation of any of these features affects the total number of sessions supported due to contention for CIP processor cycles.

•Fast Switched Source-Route Translational Bridging —With Software Release 11.2, Switched Source-Route Translational Bridging (SR/TLB) is fast switched. No queuing is done, and resource utilization is low. This enhancement is on by default, but can be disabled. It is supported across all router platforms.

Fast Switched SR/TLB improves performance on all platforms by a factor of at least two. It is ideal for IBM environments (for example, where low-cost Ethernet adapters are being installed on campus, but Token Ring connectivity to a front-end processor (FEP) is still required) and for campus environments with a mix of Token Ring and Ethernet LANs or switches that rely on the Cisco IOS software for translational bridging.

•Response Time Reporter—The Response Time Reporter (RTR) feature allows you to monitor network performance, network resources, and applications by measuring response times and availability. RTR statistics can be used to perform troubleshooting, problem notifications, and pre-problem analysis. RTR offers enhanced functionality over a similar IBM product, NetView Performance Monitor.

RTR enables the following functions to be performed:

•Troubleshoot problems by checking the time delays between devices (such as a router and a MVS host) and the time delays on the path from the source device to the destination device at the protocol level.

•Send Simple Network Management Protocol (SNMP) traps or SNA Alerts/Resolutions when one of the following has occurred: a user-configured threshold is exceeded, a connection is lost and reestablished, or a timeout occurs and clears. Thresholds can also be used to trigger additional collection of time delay statistics.

•Perform pre-problem analysis by scheduling the RTR and collecting the results as history and accumulated statistics. The statistics can be used to model and predict future network topologies.

The RTR feature is currently available only with feature sets that include IBM support. A CiscoWorks Blue network management application will be available to support the RTR feature. Both the CiscoWorks Blue network management application and the router use the Cisco Round Trip Time Monitor (RTTMON) MIB. This MIB is also available with Release 11.2.

APPN Enhancements

The following features have been added to Cisco Advanced Peer-to-Peer Networking (APPN) software:

•APPN Central Resource Registration—APPN Central Resource Registration (CRR) support allows a Cisco IOS software-based router acting as a network node (NN) to register the resources of end nodes (ENs) to the Central Directory Service (CDS) on advanced communication facility/virtual telecommunication Access Method (ACF/VTAM). A Cisco IOS NN now registers resource names with a VTAM CDS as soon as it establishes connectivity with it. Prior to this enhancement, the router acting as a NN could not register EN resources. ACF/VTAM could, however, query the router to find these resources.

The CDS reduces broadcast traffic in the network. Without an active CDS on ACF/VTAM, the NN must send a broadcast message to the network to locate nonlocal resources required for a session. With an active CDS, the NN sends a single request directly to the CDS for the location of the resource. A network broadcast is used only if the resource has not registered with the CDS.

ACF/VTAM must be configured as a CDS. The Cisco IOS NN learns of the capability when network topology is exchanged. To most effectively use the CDS, ENs should register the resources with the NN. Depending on the EN implementation, registration might occur automatically, might require configuration on the EN, or might not be a function of the EN.

•APPN DLUR MIB—The existing APPN Management Information Base (MIB) does not contain information about Dependent Logical Units (DLUs) accessing the APPN network through the DLU Requester (DLUR) function in the Cisco IOS NN. A standard MIB for DLUR has been defined by the APPN Implementers Workshop (AIW), the standards body for APPN, and is implemented in this release of the Cisco IOS software.

With the APPN DLUR MIB, users have access to information collected about the DLUR function in the Cisco IOS NN and the DLUs attached to it for more complete network management information.

Data Link Switching+ Features and Enhancements

The following features have been added to Cisco DLSw+ software. These features had previously been available with Remote Source-Route Bridging (RSRB). To provide these features for DLSw+, the Cisco IOS software uses a component known as Virtual Data Link Control (VDLC) that allows one software component to use another software component as a data link.

•LAN Network Manager (LNM) over DLSw+—LAN Network Manager (LNM) over DLSw+ allows DLSw+ to be used in Token Ring networks that are managed via IBM LNM software.

With this feature, LNM can be used to manage Token Ring LANs, Control Access Units (CAUs), and Token Ring attached devices over a DLSw+ network. All management functions continue to operate as they would in an RSRB network or source-route bridged network.

•Native Service Point (NSP) over DLSw+—Native Service Point (NSP) over DLSw+ allows the Cisco NSP feature to be used in conjunction with DLSw+ in the same router.

With this feature, NSP can be configured in remote routers, and DLSw+ can provide the path for the remote service point PU to communicate with NetView. This allows full management visibility of resources from a NetView 390 console, while concurrently offering the value-added features of DLSw+ in an SNA network.

•Down Stream Physical Unit (DSPU) over DLSw+—Down Stream Physical Unit (DSPU) over DLSw+ allows the Cisco DSPU feature to operate in conjunction with DLSw+ in the same router. DLSw+ can be used either upstream (towards the mainframe) or downstream (away from the mainframe) of DSPU.

DSPU concentration consolidates the appearance of up to 255 physical units into a single PU appearance to VTAM, minimizing memory and cycles in central site resources (VTAM, NCP, and routers) and speeding network startup. Used in conjunction with DLSw+, network availability and scalability can be maximized.

•Advanced Peer-to-Peer Networking (APPN) over DLSw+—Advanced Peer-to-Peer Networking (APPN) over DLSw+ allows the Cisco APPN feature to be used in conjunction with DLSw+ in the same router.

With this feature, DLSw+ can be used as a low-cost way to access an APPN backbone or APPN in the data center. In addition, DLSw+ can be used as a transport for APPN, providing nondisruptive recovery from failures and high-speed intermediate routing. In this case, the DLSw+ network appears as a connection network to the APPN network nodes (NNs).

•Source-Route Bridging (SRB) over FDDI to DLSw+—This feature allows access to DLSw+ over source-route bridged Fiber Distributed Data Interface (FDDI) LANs. In the past, the supported local DLCs were only Token Ring, Ethernet, or SDLC. With this extension, Token Ring-attached devices can access a DLSw+ router using source-route bridging over an FDDI backbone. At the remote site, the device can be attached over Token Ring, Ethernet, SDLC, or FDDI. This is useful either in environments with Token Ring switches that use FDDI as a campus backbone or in environments with Cisco 7000 and Cisco 7500 series routers providing SRB over an FDDI backbone.

This feature allows SRB over FDDI to provide the highest speed access between campus resources, while concurrently allowing DLSw+ for access to remote resources.

Currently, SRB over FDDI is supported by the Cisco 7000 and Cisco 7500 series platforms only.

Security Features

This section describes the security features that are new in the initial release of Cisco IOS Release 11.2.

New Features

The following new security features are new to this release:

•Router Authentication and Network-Layer Encryption—This feature provides a mechanism for secure data transmission. It consists of two components:

•Router Authentication: Prior to passing encrypted traffic, two routers perform a one-time, two-way authentication by exchanging Digital Signature Standard (DSS) public keys. The hash signatures of these keys are compared to authenticate the routers.

•Network-Layer Encryption: For IP payload encryption, the routers use Diffie-Hellman key exchange to securely generate a DES 40- or 56-bit session key. New session keys are generated on a configurable basis. Encryption policy is set by crypto-maps that use extended IP Access Lists to define which network, subnet, host, or protocol pairs are to be encrypted between routers.

This feature can be used to build multiprotocol Virtual Private Networks (VPNs), using encrypted Generic Routing Encapsulation (GRE) tunnels. It can also be used to deploy secure telecommuting services, Intranet privacy, and virtual collaborative or community-of-interest networks.

All components of this feature are subject to U.S. Department of Commerce export regulations. Encryption is currently IP only, though it does support multiprotocol GRE tunnels. This feature is most appropriately deployed in a relatively small number of routers, with a logically flat or star-shaped encryption topology. Load-sharing of the encryption/decryption function is not supported. Without a Certification Authority (CA), the one-time authentication effort increases exponentially with the number of routers. Router authentication requires the network administrator to compare the hashes produced by the router, once during initial configuration. This version of encryption is not IPSEC compliant.

•Kerberos V Client Support—This feature provides full support of Kerberos V client authentication, including credential forwarding.

Systems with existing Kerberos V infrastructures can use their Key Distribution Centers (KDCs) to authenticate end-users for network or router access.

This is a client implementation, not a Kerberos KDC. Kerberos is generally considered a legacy security service and is most beneficial in networks already using Kerberos.

TACACS+ Enhancements

The following features have been added to the Cisco Terminal Access Controller Access Control System (TACACS)+ software:

•TACACS+ Single Connection—Single Connection is an enhancement to the network access server that increases the number of transactions-per-second supported. Prior to this enhancement, separate TCP connections would be opened and closed for each of the TACACS+ services: authentication, authorization, and accounting. This became a bottleneck for improving throughput on authentication services for large networks.

Single Connection is an optimization whereby the network access server maintains a single TCP connection to one or more TACACS+ daemons. The connection is maintained in an open state for as long as possible, instead of being opened and closed each time a session is negotiated. It is expected that Single Connection yields performance improvements on a suitably constructed daemon.

Currently, only the CiscoSecure daemon V1.0.1 supports Single Connection. The network access server must be explicitly configured to support a Single Connection daemon. Configuring Single Connection for a daemon that does not support this feature generates errors when TACACS+ is used.

•TACACS+ SENDAUTH Function—SENDAUTH is a TACACS+ protocol change to increase security. SENDAUTH supersedes SENDPASS. SENDAUTH and SENDPASS are documented in Version 1.63 of the TACACS+ protocol specification, which is available from CCO or via anonymous FTP from ftp-eng.cisco.com.

The network access server can support both SENDAUTH and SENDPASS simultaneously. It detects if the daemon is able to support SENDAUTH and, if not, will use SENDPASS instead. This negotiation is virtually transparent to the user, with the exception that the down-rev daemon can log the initial SENDAUTH packet as unrecognized.

SENDAUTH functionality requires support from the daemon, as well as the network access server.

Network Management

This section describes the network management features that are new in the initial release of Cisco IOS Release 11.2.

MIBs Supported

The following MIB support has been added:

•APPN DLUR MIB

•Cisco IP Encryption MIB

•Cisco Modem Management MIB

•Cisco SYSLOG MIB

•Cisco TN3270 Server MIB

Cisco IOS Feature Sets for Cisco 2500 Series Routers and Access Servers

This section lists Cisco IOS software feature sets available in Cisco IOS Release 11.2.
These features are available in specific features sets on specific platforms.

Table 3 through Table 8 use these feature set matrix symbols to identify features:

Feature Set Matrix Symbol	Description
Basic	This feature is offered in the basic feature set.
—	This feature is not offered in the feature set.
Plus	This feature is offered in the Plus feature set, not in the basic feature set.
Encrypt	This feature is offered in the encryption feature sets, which consist of 40-bit (Plus 40) or 56-bit (Plus 56) data encryption feature sets.

Cisco IOS images with 40-bit Data Encryption Standard (DES) support may legally be distributed to any party eligible to receive Cisco IOS software. 40-bit DES is not a cryptographically strong solution and should not be used to protect sensitive data.

Cisco IOS images with 56-bit DES are subject to International Traffic in Arms Regulations (ITAR) controls and have a limited distribution. Images to be installed outside the U.S. require an export license. Customer orders may be denied or subject to delay because of U.S. government regulations. Contact your sales representative or distributor for more information, or send e-mail to export@cisco.com.

Table 3 Cisco IOS Release 11.2 Feature Set Matrix 

	Cisco AS2509-RJ Cisco AS2511-RJ	Cisco Fixed FRAD	All Other Cisco 2500 Series Routers
Standard Feature Sets
CFRAD 1	—	Basic	Basic
LAN FRAD2	—	Basic	Basic
OSPFLAN FRAD2	—	Basic	Basic
IP	Basic	—	Basic, Plus, Encrypt
Remote Access Server	Basic	—	Basic
ISDN	—	—	Basic
IP/IPX/IBM/APPN	—	—	Basic
IP/IPX/AT/DEC	—	—	Basic, Plus, Encrypt
Enterprise	—	—	Basic, Plus, Encrypt
Enterprise APPN	—	—	Plus, Encrypt

1 Supported only on the Cisco 2501CF, 2502CF, and 2520CF-2523CF. 2 Supported only on the Cisco 2501LF, 2502LF, and 2520LF-2523LF.

Table 4 Cisco 2500 Series Software Feature Sets 

	Feature Set
Feature	IP Routing	IP/IPX/IBM/APPN1	Desktop (IP/IPX/AppleTalk/DEC)	Enterprise2
LAN Support
Apollo Domain	—	—	—	Basic
AppleTalk 1 and 23	—	—	Basic	Basic
Banyan VINES	—	—	—	Basic
Concurrent routing and bridging (CRB)	Basic	Basic	Basic	Basic
DECnet IV	—	—	Basic	Basic
DECnet V	—	—	—	Basic
GRE	Basic	Basic	Basic	Basic
Integrated routing and bridging (IRB)4	Basic	Basic	Basic	Basic
IP	Basic	Basic	Basic	Basic
LAN extension host	Basic	Basic	Basic	Basic
Multiring	Basic	Basic	Basic	Basic
Novell IPX5	—	Basic	Basic	Basic
OSI	—	—	—	Basic
Source-route bridging6	—	—	—	—
Transparent and translational bridging	Basic	Basic	Basic	Basic
XNS	—	—	—	Basic
WAN Services
Combinet Packet Protocol (CPP)	Basic	Basic	Basic	Basic
Dialer profiles	Basic	Basic	Basic	Basic
Frame Relay	Basic	Basic	Basic	Basic
Frame Relay SVC Support (DTE)	—	—	—	Basic
Frame Relay traffic shaping	Basic	Basic	Basic	Basic
Half bridge/half router for CPP and PPP	Basic	Basic	Basic	Basic
HDLC	Basic	Basic	Basic	Basic
IPXWAN 2.0	—	Basic	Basic	Basic
ISDN7	Basic	Basic	Basic	Basic
Multichassis Multilink PPP (MMP)	—	—	—	Basic
NetBEUI over PPP	—	—	—	Basic
PPP8	Basic	Basic	Basic	Basic
SMDS	Basic	Basic	Basic	Basic
Switched 56	Basic	Basic	Basic	Basic
Virtual Private Dial-up Network (VPDN)	—	—	Basic	Basic
X.259	Basic	Basic	Basic	Basic
WAN Optimization
Bandwidth-on-demand	Basic	Basic	Basic	Basic
Custom and priority queuing	Basic	Basic	Basic	Basic
Dial backup	Basic	Basic	Basic	Basic
Dial-on-demand	Basic	Basic	Basic	Basic
Header10 , link and payload compression	Basic	Basic	Basic	Basic
Snapshot routing	Basic	Basic	Basic	Basic
Weighted fair queuing	Basic	Basic	Basic	Basic
IP Routing
BGP	Basic	Basic	Basic	Basic
BGP411	Basic	Basic	Basic	Basic
EGP	Basic	Basic	Basic	Basic
Enhanced IGRP	Basic	Basic	Basic	Basic
Enhanced IGRP Optimizations	Basic	Basic	Basic	Basic
ES-IS	—	—	—	Basic
IGRP	Basic	Basic	Basic	Basic
IS-IS	—	—	—	Basic
Named IP Access Control List	Basic	Basic	Basic	Basic
Network Address Translation (NAT)	Plus	—	Plus	Plus
NHRP	Basic	Basic	Basic	Basic
On Demand Routing (ODR)	Basic	Basic	Basic	Basic
OSPF	Basic	Basic	Basic	Basic
OSPF Not-So-Stubby-Areas (NSSA)	Basic	Basic	Basic	Basic
OSPF On Demand Circuit (RFC 1793)	Basic	Basic	Basic	Basic
PIM	Basic	Basic	Basic	Basic
Policy-based routing	Basic	Basic	Basic	Basic
RIP	Basic	Basic	Basic	Basic
RIP Version 2	Basic	Basic	Basic	Basic
Other Routing
AURP	—	—	Basic	Basic
IPX RIP	—	Basic	Basic	Basic
NLSP	—	Basic	Basic	Basic
RTMP	—	—	Basic	Basic
SMRP	—	—	Basic	Basic
SRTP	—	—	—	Basic
Multimedia and Quality of Service
Generic traffic shaping	Basic	Basic	Basic	Basic
Random Early Detection (RED)	Basic	Basic	Basic	Basic
Resource Reservation Protocol (RSVP)12	Basic	Basic	Basic	Basic
Management
AutoInstall	Basic	Basic	Basic	Basic
Automatic modem configuration	Basic	Basic	Basic	Basic
HTTP Server	Basic	Basic	Basic	Basic
RMON events and alarms13	Basic	Basic	Basic	Basic
RMON full	Plus	Plus	Plus	Plus
SNMP	Basic	Basic	Basic	Basic
Telnet	Basic	Basic	Basic	Basic
Security
Access lists	Basic	Basic	Basic	Basic
Access security	Basic	Basic	Basic	Basic
Extended access lists	Basic	Basic	Basic	Basic
Kerberized login	—	—	—	Basic
Kerberos V client support	—	—	—	Basic
Lock and key	Basic	Basic	Basic	Basic
MAC security for hubs14	Basic	Basic	Basic	Basic
MD5 routing authentication	Basic	Basic	Basic	Basic
Router authentication and network layer encryption (40-bit or export controlled 56-bit DES)	Encrypt	—	Encrypt	Encrypt
RADIUS	Basic	Basic	Basic	Basic
TACACS+15	Basic	Basic	Basic	Basic
IBM Support (Optional)
APPN (optional)2	—	Basic	—	Basic
BAN for SNA Frame Relay support	Plus	Basic	Plus	Basic
Bisync	Plus	Basic	Plus	Basic
Caching and filtering	Plus	Basic	Plus	Basic
DLSw+ 16	Plus	Basic	Plus	Basic
Downstream PU concentration (DSPU)	Plus	Basic	Plus	Basic
Frame Relay SNA support (RFC 1490)	Plus	Basic	Plus	Basic
Native Client Interface Architecture (NCIA) Server	Plus	Basic	Plus	Basic
NetView Native Service Point	Plus	Basic	Plus	Basic
QLLC	Plus	Basic	Plus	Basic
Response Time Reporter (RTR)	Plus	Basic	Plus	Basic
SDLC integration	Plus	Basic	Plus	Basic
SDLC transport (STUN)	Plus	Basic	Plus	Basic
SDLC-to-LAN conversion (SDLLC)	Plus	Basic	Plus	Basic
SNA and NetBIOS WAN optimization via local acknowledgment	Plus	Basic	Plus	Basic
SRB/RSRB17	Plus	Basic	Plus	Basic
SRT	Plus	Basic	Plus	Basic
TG/COS	—	—	—	Basic
TN3270	—	—	—	Basic
Protocol Translation
LAT	—	—	—	Basic
Rlogin	—	—	—	Basic
Remote Node
ARAP 1.0/2.0	—	—	Basic	Basic
Asynchronous master interfaces	Basic	Basic	Basic	Basic
ATCP	—	—	Basic	Basic
CPPP	Basic	Basic	Basic	Basic
CSLIP	Basic	Basic	Basic	Basic
DHCP	Basic	Basic	Basic	Basic
IP pooling	Basic	Basic	Basic	Basic
IPX and ARAP on virtual async interfaces	—	—	—	Basic
IPXCP10	—	Basic	Basic	Basic
MacIP	—	—	Basic	Basic
NASI	—	Basic	Basic	Basic
PPP	Basic	Basic	Basic	Basic
SLIP	Basic	Basic	Basic	Basic
Terminal Services
LAT18	—	—	—	Basic
Rlogin	Basic	Basic	Basic	Basic
Telnet	Basic	Basic	Basic	Basic
TN3270	—	—	—	Basic
X.25 PAD	Basic	Basic	Basic	Basic
Xremote	—	—	—	Basic

1 This feature set has no additional options. It offers a low-end APPN solution for this set of hardware platforms. This feature set is not available for AccessPro PC Cards. 2 Enterprise is available with APPN in a separate feature set. APPN includes APPN Central Registration (CRR) and APPN over DLSw+. APPN is not available on the AccessPro PC Card. 3 Includes AppleTalk load balancing. 4 IRB supports IP, IPX, and AppleTalk; it is supported for transparent bridging, but not for SRB; it is supported on all media-type interfaces except X.25 and ISDN bridged interfaces; and IRB and concurrent routing and bridging (CRB) cannot operate at the same time. 5 The Novell IPX feature includes display SAP by name, IPX Access Control List violation logging, and plain-English IPX access lists. 6 Translational bridging is fast switched by default but can be disabled. 7 ISDN support includes calling line identification (ANI), X.25 over the B channel, ISDN subaddressing, and applicable WAN optimization features. 8 PPP includes support for LAN protocols supported by the feature set, address negotiation, PAP and CHAP authentication, Multilink PPP, and PPP compression. 9 X.25 includes X.25 switching. 10 IPX header compression (RFC 1553) is available in the feature sets that support IPX. 11 BGP4 includes soft configuration, multipath support, and prefix filtering with inbound route maps. 12 The RMON events and alarms groups are supported on all interfaces. Full RMON support is available with the Plus feature sets. 13 The RMON events and alarms groups are supported on all interfaces. Full RMON support is available with the Plus feature sets. 14 MAC security for hubs is applicable to the following Cisco 2500 series Ethernet hub models: Cisco 2505, Cisco 2507, Cisco 2516, and Cisco 2518. 15 TACACS+ Single Connection and TACACS+ SENDAUTH enhancements are supported. 16 Cisco IOS Release 11.2 introduces several DLSw+ enhancements available in the Plus, Plus 40, and Plus 56 feature sets. 17 SRB/RSRB is fast switched. This enhancement is on by default, but can be disabled. 18 Use of LAT requires terminal license (FR-L8-10.X= for an 8-user license or FR-L16-10.X= for a 16-user license).

Table 5 Cisco 2500 Series Software Feature Sets 

	Feature Set
Feature	ISDN	CFRAD	LAN FRAD	OSPF LANFRAD1	Remote Access Server
Platforms Supported
Cisco 2500 series routers: models 2501, 2502, 2505, 2507, 2509-2515, 2524, and 2525	—	—	—	—	—
Cisco 2503I,  Cisco 2504I	Basic	—	—	—	—
Cisco 2501CF, Cisco 2502CF, Cisco 2520CF-2523CF	—	Basic	—	—	—
Cisco 2501LF, Cisco 2502LF, Cisco 2520LF-2523LF	—	—	Basic	Basic	—
Cisco 2509-2512, Cisco AS5100	—	—	—	—	Basic
LAN Support
AppleTalk 1 and 22	Basic	—	—	—	Basic
Concurrent routing and bridging (CRB)	—	—	—	—	—
DECnet IV	—	—	—	—	—
GRE	Basic	—	Basic	Basic	Basic
Integrated routing and bridging (IRB)3	Basic	Basic	Basic	Basic	Basic
IP	Basic	Basic	Basic	Basic	Basic
Multiring	Basic	—	Basic	Basic	Basic
Novell IPX4	Basic	—	Basic	Basic	Basic
Source-route bridging	—	Basic	Basic	Basic	—
Transparent bridging	—	Basic	Basic	Basic	Basic
Transparent and translational bridging5	Basic	Basic	Basic	Basic	Basic
WAN Services
Combinet Packet Protocol (CPP)	Basic	Basic	Basic	Basic	Basic
Dialer profiles	Basic	Basic	Basic	Basic	Basic
Frame Relay	—	Basic	Basic	Basic	Basic
Frame Relay traffic shaping	Basic	Basic	Basic	Basic	Basic
Half bridge/half router for CPP and PPP	Basic	Basic	Basic	Basic	Basic
HDLC	—	—	—	—	Basic
IPXWAN 2.0	—	—	Basic	Basic	Basic
ISDN6	Basic	—	—	—	—
Multichassis Multilink PPP (MMP)	—	—	—	—	Basic
NetBEUI over PPP	—	—	—	—	Basic
PPP7	Basic	Basic	Basic	Basic	Basic
SMDS	—	—	—	—	—
Switched 56	—	—	—	—	Basic
Virtual Private Dial-up Network (VPDN)	—	—	—	—	Basic
X.258	—	—	—	—	Basic
WAN Optimization
Bandwidth-on-demand9	Basic	—	—	—	Basic
Custom and priority queuing	Basic	Basic	Basic	Basic	Basic
Dial backup	Basic	—	—	—	Basic
Dial-on-demand	Basic	—	—	—	Basic
Header10 , link and payload compression11	—	Basic	Basic	Basic	Basic
Header9 and link compression	Basic	—	—	—	—
Snapshot routing	Basic	—	—	—	Basic
Weighted fair queuing	Basic	Basic	Basic	Basic	Basic
IP Routing
BGP	Basic	—	—	—	—
BGP412	Basic	Basic	—	—	—
EGP	Basic	—	—	—	—
Enhanced IGRP	Basic	Basic	Basic	Basic13	Basic
Enhanced IGRP Optimizations	Basic	Basic	Basic	Basic10	Basic
IGRP	Basic	Basic	Basic	Basic	Basic
NHRP	Basic	—	—	—	—
On Demand Routing (ODR)	Basic	Basic	Basic	Basic	Basic
OSPF	Basic	Basic	—	Basic	—
OSPF Not-So-Stubby-Areas (NSSA)	Basic	Basic	—	Basic	—
OSPF On Demand Circuit (RFC 1793)	Basic	Basic	—	Basic	—
PIM	Basic	—	—	—	Basic
Policy-based routing	Basic	—	—	—	Basic
RIP	Basic	Basic	Basic	Basic	Basic
RIP Version 2	Basic	Basic	Basic	Basic	Basic
Other Routing
AURP	Basic	—	—	—	Basic
IPX RIP	Basic	—	Basic	Basic	Basic
NLSP	—	—	—	—	—
RTMP	Basic	—	—	—	Basic
Multimedia and  Quality of Service
Generic traffic shaping	Basic	Basic	Basic	Basic	Basic
Random Early Detection (RED)	Basic	Basic	Basic	Basic	Basic
Resource Reservation Protocol (RSVP)	Basic	Basic	Basic	Basic	Basic
Management
AutoInstall	—	Basic	Basic	Basic	Basic
Automatic modem configuration	—	—	—	—	Basic
HTTP Server	Basic	Basic	Basic	Basic	Basic
RMON events and alarms14	Basic	Basic	Basic	Basic	Basic
SNMP	Basic	Basic	Basic	Basic	Basic
Telnet	Basic	Basic	Basic	Basic	Basic
Security
Access lists	Basic	Basic	Basic	Basic	Basic
Access security	Basic	Basic	Basic	Basic	Basic
Extended access lists	Basic	Basic	Basic	Basic	Basic
Kerberos V client support	Basic	Basic	Basic	Basic	Basic
Lock and Key	Basic	Basic	Basic	Basic	Basic
MAC security for hubs15	—	—	—	—	—
MD5 routing authentication	Basic	Basic	Basic	Basic	Basic
TACACS+16	Basic	Basic	Basic	Basic	Basic
IBM Support (Optional)
BAN for SNA Frame Relay support	—	Basic	Basic	Basic	—
Bisync	—	Basic	Basic	Basic	—
Caching and filtering	—	Basic	Basic	Basic	—
DLSw+17	—	Basic	Basic	Basic	—
Frame Relay SNA support (RFC 1490)	—	Basic	Basic	Basic	—
Native Client Interface Architecture (NICA) Server	—	—	—	—	—
NetView Native Service Point	—	Basic	Basic	Basic	—
Polled async (ADT, ADPLEX)	—	Basic	Basic	Basic	—
QLLC	—	Basic	Basic	Basic	—
DLSw (RFC 1795)	—	Basic	Basic	Basic	—
RSRB	—	Basic	—	—	—
SDLC integration	—	Basic	Basic	Basic	—
SDLC transport (STUN)	—	Basic	Basic	Basic	—
SDLC-to-LAN conversion (SDLLC)	—	Basic	Basic	Basic	—
SNA and NetBIOS WAN optimization via local acknowledgment	—	Basic	Basic	Basic	—
SRB/RSRB18	—	—	Basic	Basic	—
SRT	—	—	Basic	Basic	—
Protocol Translation
LAT	—	—	—	—	Basic
PPP	—	—	—	—	Basic
Rlogin	—	—	—	—	Basic
Telnet	—	—	—	—	Basic
TN3270	—	—	—	—	Basic
X.25	—	—	—	—	Basic
Remote Node19
ARAP 1.0/2.0	—	—	—	—	Basic
Asynchronous master interfaces	—	—	—	—	Basic
ATCP	—	—	—	—	Basic
CPPP	—	—	—	—	Basic
CSLIP	—	—	—	—	Basic
DHCP	—	—	—	—	Basic
IP pooling	—	—	—	—	Basic
IPX and ARAP on virtual async interfaces	—	—	—	—	Basic
IPXCP20	—	—	—	—	Basic
MacIP	—	—	—	—	Basic
PPP	—	—	—	—	Basic
SLIP	—	—	—	—	Basic
Terminal Services15
LAT21	—	—	—	—	Basic
Rlogin	—	—	—	—	Basic
Telnet	—	—	—	—	Basic
TN3270	—	—	—	—	Basic
X.25 PAD	—	—	—	—	Basic
Xremote	—	—	—	—	Basic

1 The OSPF LANFRAD feature set is available in Release 11.2(4) and later. 2 Includes AppleTalk load balancing. 3 IRB supports IP, IPX, and AppleTalk; it is supported for transparent bridging, but not for SRB; it is supported on all media-type interfaces except X.25 and ISDN bridged interfaces; and IRB and concurrent routing and bridging (CRB) cannot operate at the same time. 4 The Novell IPX feature includes display SAP by name, IPX Access Control List violation logging, and plain-English IPX access lists. 5 Translational bridging is fast switched, but this can be disabled. 6 ISDN support includes calling line identification (ANI), X.25 over the B channel, ISDN subaddressing, and applicable WAN optimization features. 7 PPP includes support for LAN protocols supported by the feature set, address negotiation, PAP and CHAP authentication, PPP compression, and Multilink PPP. 8 X.25 includes X.25 switching. 9 Bandwidth-on-demand means two B-channel calls to the same destination. 10 IPX header compression (RFC 1553) is available in the feature sets that support IPX. 11 X.25 and Frame Relay payload compression. 12 BGP4 includes soft configuration, multipath support, and prefix filtering with inbound route maps. 13 Enhanced IGRP in the OSPF LANFRAD feature set is only available in Release 11.2(4). 13 Cisco does not support this functionality in any releases of the  OSPF LANFRAD feature set, and this feature is subject to removal without notice. 14 RMON events and alarms are supported on all interfaces. 15 Applicable to the following Cisco 2500 series Ethernet hub models: Cisco 2505, Cisco 2507, Cisco 2516, and Cisco 2518. 16 TACACS+ Single Connection and TACACS+ SENDAUTH enhancements are supported. 17 Cisco IOS Release 11.2 introduces several DLSw+ enhancements available in the Plus, Plus 40, and Plus 56 feature sets. See the section  "IBM Functionality" in the "New Features in Release 11.2(1)" section for more details. 18 SRB/RSRB is fast switched. This enhancement is on by default, but can be disabled. 19 Remote node and terminal services supported on access servers (with limited support on router auxiliary ports). 20 IPX header compression (RFC 1553) is available in the feature sets that support IPX. 21 Use of LAT requires terminal license (FR-L8-10.X= or FR-L16-10.X=).

lists the standard feature sets supported in Release 11.2 P.

Table 6 Feature Set Matrix for Cisco 2500 Series Low-End Access Servers and Routers 

Standard Feature Sets	Cisco AS2509-RJ and Cisco AS2511-RJ
IP	Basic
Remote Access Server	Basic

Feature Set Tables

The Cisco IOS software is available in different feature sets depending upon the platform. lists the feature sets for the Cisco AS2509-RJ and Cisco AS2511-RJ. lists the feature sets for the Cisco 2500 Fixed FRAD series.

Table 7 Cisco AS2500-RJ and Cisco AS2511-RJ Feature Sets 

	Feature Sets
Features	IP Routing	Remote Access Server
LAN Support
AppleTalk 1 and 21	—	Basic
Concurrent routing and bridging (CRB)	Basic	—
GRE	—	Basic
Integrated routing and bridging (IRB)2	Basic	Basic
IP	Basic	Basic
Multiring	Basic	Basic
Novell IPX	—	Basic
Source-route bridging	Basic	—
Transparent bridging	—	Basic
Transparent and translational bridging3	—	Basic
WAN Services
Combinet Packet Protocol (CPP)	Basic	Basic
Dialer profiles	Basic	Basic
Frame Relay	—	Basic
Frame Relay traffic shaping		Basic
Half bridge/half router for CPP and PPP	—	Basic
HDLC	Basic	Basic
IPXWAN 2.0	Basic	Basic
ISDN4	Basic	—
Multichassis Multilink PPP (MMP)	Basic	Basic
PPP5	Basic	Basic
SMDS	Basic	—
Switched 56	—	Basic
Virtual Private Dial-up Network (VPDN)	Basic	Basic
X.256	Basic	Basic
WAN Optimization
Bandwidth-on-demand7	—	Basic
Custom and priority queuing	Basic	Basic
Dial backup	—	Basic
Dial-on-demand	Basic	Basic
Header8 , link and payload compression9	Basic	Basic
Header9 and link compression	Basic	—
Snapshot routing	—	Basic
Weighted fair queuing	Basic	Basic
IP Routing
BGP	Basic	—
BGP410	Basic	—
EGP	Basic	—
Enhanced IGRP	Basic	Basic
Enhanced IGRP Optimizations	Basic	Basic
IGRP	Basic	Basic
NHRP	Basic	—
On Demand Routing (ODR)		Basic
OSPF	Basic	—
OSPF Not-So-Stubby-Areas (NSSA)	Basic	—
OSPF On Demand Circuit (RFC 1793)	Basic	—
PIM	Basic	Basic
Policy-based routing	Basic	Basic
RIP	—	Basic
RIP Version 2	Basic	Basic
Other Routing	—
AURP	Basic	Basic
IPX RIP	Basic	Basic
NLSP	Basic	—
RTMP	Basic	Basic
Multimedia and  Quality of Service
Generic traffic shaping	Basic	Basic
Random Early Detection (RED)	Basic	Basic
Resource Reservation Protocol (RSVP)	Basic	Basic
Management
AutoInstall	Basic	Basic
Automatic modem configuration	Basic	Basic
HTTP Server		Basic
RMON events and alarms11	—	Basic
SNMP	—	Basic
Telnet	—	Basic
Security
Access lists	—	Basic
Access security	—	Basic
Extended access lists		Basic
Kerberos V client support	Basic	Basic
Lock and Key	Basic	Basic
MAC security for hubs	Basic	—
MD5 routing authentication		Basic
RADIUS	Basic	Basic
TACACS+12	Basic	Basic
IBM Support (Optional)
BAN for SNA Frame Relay support	Basic	—
Bisync	Basic	—
Caching and filtering	Basic	—
DLSw+13	Basic	—
Frame Relay SNA support (RFC 1490)		—
Native Client Interface Architecture (NICA) Server	Basic	—
NetView Native Service Point	Basic	—
Polled async (ADT, ADPLEX)	Basic	—
QLLC	—	—
DLSw (RFC 1795)	—	—
RSRB	Basic	—
SDLC integration	Basic	—
SDLC transport (STUN)	Basic	—
SDLC-to-LAN conversion (SDLLC)	Basic	—
SNA and NetBIOS WAN optimization via local acknowledgment	Basic	—
SRB/RSRB14	Basic	—
SRT	Basic	—
Protocol Translation
LAT	—	Basic
PPP	Basic	Basic
Rlogin	Basic	Basic
Telnet	Basic	Basic
TN3270	Basic	Basic
X.25	Basic	Basic
Remote Node15
ARAP 1.0/2.0	Basic	Basic
Asynchronous master interfaces	Basic	Basic
ATCP	Basic	Basic
CPPP	Basic	Basic
CSLIP	Basic	Basic
DHCP	Basic	Basic
IP pooling	Basic	Basic
IPX and ARAP on virtual async interfaces	Basic	Basic
IPXCP16	Basic	Basic
MacIP	Basic	Basic
PPP	—	Basic
SLIP	—	Basic
Terminal Services15
LAT17	—	Basic
Rlogin	—	Basic
Telnet		Basic
TN3270	—	Basic
X.25 PAD	Basic	Basic
Xremote	—	Basic

1 Includes AppleTalk load balancing. 2 IRB supports IP, IPX, and AppleTalk; it is supported for transparent bridging, but not for SRB; it is supported on all media-type interfaces except X.25 and ISDN bridged interfaces; and IRB and concurrent routing and bridging (CRB) cannot operate at the same time. 3 Translational bridging is fast switched, but this can be disabled. 4 ISDN support includes calling line identification (ANI), X.25 over the B channel, ISDN subaddressing, and applicable WAN optimization features. 5 PPP includes support for LAN protocols supported by the feature set, address negotiation, PAP and CHAP authentication, PPP compression, and Multilink PPP. 6 X.25 includes X.25 switching. 7 Bandwidth-on-demand means two B-channel calls to the same destination. 8 IPX header compression (RFC 1553) is available in the feature sets that support IPX. 9 X.25 and Frame Relay payload compression. 10 BGP4 includes soft configuration, multipath support, and prefix filtering with inbound route maps. 11 RMON events and alarms are supported on all interfaces. 12 TACACS+ Single Connection and TACACS+ SENDAUTH enhancements are supported. 13 Cisco IOS Release 11.2 introduces several DLSw+ enhancements available in the Plus, Plus 40, and Plus 56 feature sets. 14 SRB/RSRB is fast switched. This enhancement is on by default, but can be disabled. 15 Remote node and terminal services supported on access servers (with limited support on router auxiliary ports). 16 IPX header compression (RFC 1553) is available in the feature sets that support IPX. 17 Use of LAT requires terminal license (FR-L8-10.X= or FR-L16-10.X=).

Table 8 Cisco 2500 Fixed FRAD Series 

		Feature Sets
Features	CFRAD	LAN FRAD	OSPF LAN FRAD1
Platforms Supported
Cisco 2501FRAD-FX	X	—	—
Cisco 2501LANFRAD-FX and Cisco  2502LANFRAD-FX	—	X	X
LAN Support
AppleTalk 1 and 22	—	—	—
GRE	—	X	X
Integrated routing and bridging (IRB)3	X	X	X
IP	X	X	X
Multiring	—	X	X
Novell IPX4	—	X	X
Source-route bridging	X	X	X
Transparent bridging	X	X	X
Transparent and translational bridging5	X	X	X
WAN Services
Combinet Packet Protocol (CPP)	X	X	X
Dialer profiles	X	X	X
Frame Relay	X	X	X
Frame Relay traffic shaping	X	X	X
Half bridge/half router for CPP and PPP	X	X	X
IPXWAN 2.0	—	X	X
PPP6	X	X	X
WAN Optimization
Custom and priority queuing	X	X	X
Header7 , link and payload compression8	X	X	X
Weighted fair queuing	X	X	X
IP Routing
BGP49	X	—	—
Enhanced IGRP	X	X	X10
Enhanced IGRP Optimizations	X	X	X10
IGRP	X	X	X
On Demand Routing (ODR)	X	X	X
OSPF	X	—	X
OSPF Not-So-Stubby-Areas (NSSA)	X	—	X
OSPF On Demand Circuit (RFC 1793)	X	—	X
RIP	X	X	X
RIP Version 2	X	X	X
Other Routing
IPX RIP	—	X	X
Multimedia and  Quality of Service
Generic traffic shaping	X	X	X
Random Early Detection (RED)	X	X	X
Resource Reservation Protocol (RSVP)	X	X	X
Management
AutoInstall	X	X	X
HTTP Server	X	X	X
RMON events and alarms11	X	X	X
SNMP	X	X	X
Telnet	X	X	X
Security
Access lists	X	X	X
Access security	X	X	X
Extended access lists	X	X	X
Kerberos V client support	X	X	X
Lock and Key	X	X	X
MD5 routing authentication	X	X	X
TACACS+12	X	X	X
IBM Support
BAN for SNA Frame Relay support	X	X	X
Bisync	X	X	X
Caching and filtering	X	X	X
DLSw+13	X	X	X
Frame Relay SNA support (RFC 1490)	X	X	X
NetView Native Service Point	X	X	X
Polled async (ADT, ADPLEX)	X	X	X
QLLC	X	X	X
DLSw (RFC 1795)	X	X	X
RSRB	X	—	—
SDLC integration	X	X	X
SDLC transport (STUN)	X	X	X
SDLC-to-LAN conversion (SDLLC)	X	X	X
SNA and NetBIOS WAN optimization via local acknowledgment	X	X	X
SRB/RSRB14	—	X	X
SRT	—	X	X

1 The OSPF LANFRAD feature set for the Cisco 2500 Fixed FRAD routers is available in Release 11.2(6)P and later. 2 Includes AppleTalk load balancing. 3 IRB supports IP, IPX, and AppleTalk; it is supported for transparent bridging, but not for SRB; it is supported on all media-type interfaces except X.25 and ISDN bridged interfaces; and IRB and concurrent routing and bridging (CRB) cannot operate at the same time. 4 The Novell IPX feature includes display SAP by name, IPX Access Control List violation logging, and plain-English IPX access lists. 5 Translational bridging is fast switched, but this can be disabled. 6 PPP includes support for LAN protocols supported by the feature set, address negotiation, PAP and CHAP authentication, PPP compression, and Multilink PPP. 7 IPX header compression (RFC 1553) is available in the feature sets that support IPX. 8 X.25 and Frame Relay payload compression. 9 BGP4 includes soft configuration, multipath support, and prefix filtering with inbound route maps. 10 Enhanced IGRP in the OSPF LANFRAD feature set is only available in Release 11.2(4). Cisco does not support this functionality in any releases of the OSPF LANFRAD feature set, and this feature is subject to removal without notice. 11 RMON events and alarms is supported on all interfaces. 12 TACACS+ Single Connection and TACACS+ SENDAUTH enhancements are supported. 13 Cisco IOS Release 11.2 introduces several DLSw+ enhancements available in the Plus, Plus 40, and Plus 56 feature sets. 14 SRB/RSRB is fast switched. This enhancement is on by default, but can be disabled.

Upgrading to a New Software Release

If you are upgrading to Cisco IOS Release 11.2 from an earlier Cisco IOS software release, you should save your current configuration file before configuring your access server with the Cisco IOS Release 11.2 software. An unrecoverable error could occur during download or configuration.

Cisco IOS Upgrade Procedure

For instructions on downloading a current Cisco IOS release from the CCO Trivial File Transfer Protocol (TFTP) server, go to the following URL. (This URL is subject to change without notice.)

http://www.cisco.com/kobayashi/sw-center

The Software Center window is displayed.

---

Step 1 Click Cisco IOS Software. The Cisco IOS Software window is displayed.

Step 2 Click Cisco IOS 11.2. The Cisco 11.2 Software Upgrade Planner window is displayed.

Step 3 Click Download Cisco IOS 11.2 Software. The Software Checklist window is displayed.

Step 4 Select the appropriate information in each section of the Software Checklist window.

•Hardware

•Release

•Software and hardware release

Step 5 Click Execute. The software release is downloaded to your desktop computer.

Step 6 Transfer the software release to a local TFTP server on your network, using a terminal emulation application, such as TCP Connect.

Step 7 Log in to your router. Copy the software release from your TFTP server to your router, using the copy tftp command.

Memory Requirements

through describe the memory requirements for each Cisco 2500 series platform feature set supported by Cisco IOS Release 11.2.

Table 9 Release 11.2 Minimum Memory Requirements for the Cisco 2500 Series Routers 

Cisco 2500 Series	Code Memory (Flash)	Main Memory (DRAM)	Release 11.2 Runs from
IP Set	8 MB	4 MB	Flash
IP Plus1 Set	8 MB	4 MB	Flash
IP Plus 40 Set	8 MB	4 MB	Flash
IP Plus 56 Set	8 MB	4 MB	Flash
IP/IPX/IBM/APPN Set	8 MB	8 MB	Flash
IP/IPX/AT/DEC Set	8 MB	4 MB	Flash
IP/IPX/AT/DEC Plus Set	8 MB	4 MB	Flash
IP/IPX/AT/DEC Plus 40 Set	8 MB	4 MB	Flash
IP/IPX/AT/DEC Plus 56 Set	8 MB	4 MB	Flash
Enterprise Set	8 MB	6 MB	Flash
Enterprise Plus Set	8 MB	6 MB	Flash
Enterprise Plus 40 Set	8 MB	6 MB	Flash
Enterprise Plus 56 Set	8 MB	6 MB	Flash
Enterprise/APPN Plus Set	16 MB	8 MB	Flash
Enterprise/APPN Plus 40 Set	16 MB	8 MB	Flash
Enterprise/APPN Plus 56 Set	16 MB	8 MB	Flash
Cisco Frame Relay Access       Device (CFRAD) Set	4 MB	4 MB	Flash
Remote Access Server	8 MB	4 MB	Flash
ISDN Set	8 MB	4 MB	Flash
LAN FRAD Set	4 MB	4 MB	Flash
OSPF LANFRAD Set2	4 MB	4 MB	Flash
Cisco 2501- Cisco 2507
IP Set	8 MB	4 MB	Flash
Cisco 2509-Cisco 2512
IP Set	8 MB	4 MB	Flash
Remote Access Server	8 MB	4 MB	Flash
Cisco 2513-Cisco 2519	Required Flash Memory	Required DRAM Memory	Release 11.2 P Runs from
IP Set	8 MB	4 MB	Flash

1 Plus for the Cisco 2500 series includes NAT, RMON, and IBM (if IBM is not already included). 2 The OSPF LANFRAD feature set is available in Release 11.2(4) and later.

Table 10 Cisco AS2509-RJ and Cisco AS2511-RJ—Memory Requirements 

Feature Set	Required Flash Memory	Required DRAM Memory	Release 11.2 P Runs from1
IP	8 MB	4 MB	Flash
Remote Access Server	8 MB	4 MB	Flash

1 When a system is running from Flash memory, you cannot update the system while it is running. You must use the Flash load helper.

Table 11 Cisco 2500 Fixed FRAD Series—Memory Requirements 

Feature Set	Required Flash Memory	Required DRAM Memory	Release 11.2 P Runs from1
CFRAD	4 MB	4 MB	Flash
LAN FRAD	4 MB	4 MB	Flash
OSPF LAN FRAD	4 MB	4 MB	Flash

1 When a system is running from Flash memory, you cannot update the system while it is running. You must use the Flash load helper.

Caveats for Release 11.2(1) Through 11.2(12)

Possibly unexpected behavior in Cisco IOS Release 11.2 exists in the following areas:

•Access Server

•AppleTalk

•Basic System Services

•IBM Connectivity

•Interfaces and Bridging

•IP Routing Protocols

•ISO CLNS

•Novell IPX, XNS, and Apollo Domain

•TCP/IP Host-Mode Services

•Wide-Area Networking

A complete list of the caveats, including descriptions and possible workarounds, is available on the Documentation CD-ROM and on CCO:

•On the Documentation CD-ROM, go to Cisco Product Documentation, select Cisco IOS Software Configuration, click on Cisco IOS Release 11.2, then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, select Important Notes and Caveats for Release 11.2.

•On CCO, go to Software and Support and select Documentation. Next, go to Cisco Documentation, click on Cisco IOS Software Configuration, select Cisco IOS Release 11.2, and then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, click on Important Notes and Caveats for Release 11.2.

Caveats for Release 11.2(1) Through 11.2(11)

Possibly unexpected behavior in Cisco IOS Release 11.2 exists in the following areas:

•Access Server

•AppleTalk

•Basic System Services

•EXEC and Configuration Parser

•IBM Connectivity

•Interfaces and Bridging

•IP Routing Protocols

•LAT

•LLC Type 2

•Novell IPX, XNS, and Apollo Domain

•TCP/IP Host-Mode Services

•Wide-Area Networking

A complete list of the caveats, including descriptions and possible workarounds, is available on the Documentation CD-ROM and on CCO:

•On the Documentation CD-ROM, go to Cisco Product Documentation, select Cisco IOS Software Configuration, click on Cisco IOS Release 11.2, then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, select Important Notes and Caveats for Release 11.2.

•On CCO, go to Software and Support and select Documentation. Next, go to Cisco Documentation, click on Cisco IOS Software Configuration, select Cisco IOS Release 11.2, and then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, click on Important Notes and Caveats for Release 11.2.

Caveats for Release 11.2(1) Through 11.2(10)

Possibly unexpected behavior in Cisco IOS Release 11.2 exists in the following areas:

•Access Server

•AppleTalk

•Basic System Services

•IBM Connectivity

•Interfaces and Bridging

•IP Routing Protocols

•ISO CLNS

•LLC Type 2

•Novell IPX, XNS, and Apollo Domain

•Wide-Area Networking

A complete list of the caveats, including descriptions and possible workarounds, is available on the Documentation CD-ROM and on CCO:

•On the Documentation CD-ROM, go to Cisco Product Documentation, select Cisco IOS Software Configuration, click on Cisco IOS Release 11.2, then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, select Important Notes and Caveats for Release 11.2.

•On CCO, go to Software and Support and select Documentation. Next, go to Cisco Documentation, click on Cisco IOS Software Configuration, select Cisco IOS Release 11.2, and then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, click on Important Notes and Caveats for Release 11.2.

Caveats for Release 11.2(1) Through 11.2(9)

Possibly unexpected behavior in Cisco IOS Release 11.2 exists in the following areas:

•Basic System Services

•IBM Connectivity

•Interfaces and Bridging

•IP Routing Protocols

•LAT

•Novell IPX, XNS, and Apollo Domain

•Protocol Translation

•TCP/IP Host-Mode Services

•VINES

•Wide-Area Networking

A complete list of the caveats, including descriptions and possible workarounds, is available on the Documentation CD-ROM and on CCO:

•On the Documentation CD-ROM, go to Cisco Product Documentation, select Cisco IOS Software Configuration, click on Cisco IOS Release 11.2, then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, select Important Notes and Caveats for Release 11.2.

•On CCO, go to Software and Support and select Documentation. Next, go to Cisco Documentation, click on Cisco IOS Software Configuration, select Cisco IOS Release 11.2, and then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, click on Important Notes and Caveats for Release 11.2.

Caveats for Release 11.2(1) Through 11.2(8)

Possibly unexpected behavior in Cisco IOS Release 11.2 exists in the following areas:

•Access Server

•AppleTalk

•Basic System Services

•DECnet

•EXEC and Configuration Parser

•IBM Connectivity

•Interfaces and Bridging

•IP Routing Protocols

•ISO CLNS

•LAT

•Novell IPX, XNS, and Apollo Domain

•TCP/IP Host-Mode Services

•TN3270

•VINES

•Wide-Area Networking

A complete list of the caveats, including descriptions and possible workarounds, is available on the Documentation CD-ROM and on CCO:

•On the Documentation CD-ROM, go to Cisco Product Documentation, select Cisco IOS Software Configuration, click on Cisco IOS Release 11.2, then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, select Important Notes and Caveats for Release 11.2.

•On CCO, go to Software and Support and select Documentation. Next, go to Cisco Documentation, click on Cisco IOS Software Configuration, select Cisco IOS Release 11.2, and then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, click on Important Notes and Caveats for Release 11.2.

Caveats for Release 11.2(1) Through 11.2(7)

Possibly unexpected behavior in Cisco IOS Release 11.2 exists in the following areas:

•Access Server

•AppleTalk

•Basic System Services

•IBM Connectivity

•Interfaces and Bridging

•ISO CLNS

•Novell IPX, XNS, and Apollo Domain

•Wide-Area Networking

A complete list of the caveats, including descriptions and possible workarounds, is available on the Documentation CD-ROM and on CCO:

•On the Documentation CD-ROM, go to Cisco Product Documentation, select Cisco IOS Software Configuration, click on Cisco IOS Release 11.2, then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, select Important Notes and Caveats for Release 11.2.

•On CCO, go to Software and Support and select Documentation. Next, go to Cisco Documentation, click on Cisco IOS Software Configuration, select Cisco IOS Release 11.2, and then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, click on Important Notes and Caveats for Release 11.2.

Caveats for Release 11.2(1) Through 11.2(6)

Possibly unexpected behavior in Cisco IOS Release 11.2 exists in the following areas:

•AppleTalk

•Basic System Services

•IBM Connectivity

•Interfaces and Bridging

•IP Routing Protocols

•ISO CLNS

•TCP/IP Host-Mode Services

•Wide-Area Networking

A complete list of the caveats, including descriptions and possible workarounds, is available on the Documentation CD-ROM and on CCO:

•On the Documentation CD-ROM, go to Cisco Product Documentation, select Cisco IOS Software Configuration, click on Cisco IOS Release 11.2, then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, select Important Notes and Caveats for Release 11.2.

•On CCO, go to Software and Support and select Documentation. Next, go to Cisco Documentation, click on Cisco IOS Software Configuration, select Cisco IOS Release 11.2, and then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, click on Important Notes and Caveats for Release 11.2.

Caveats for Release 11.2(1) Through 11.2(5)

Possibly unexpected behavior in Cisco IOS Release 11.2 exists in the following areas:

•Basic System Services

•EXEC and Configuration Parser

•IBM Connectivity

•Interfaces and Bridging

•IP Routing Protocols

•Novell IPX, XNS, and Apollo Domain

•TCP/IP Host-Mode Services

•Wide-Area Networking

A complete list of the caveats, including descriptions and possible workarounds, is available on the Documentation CD-ROM and on CCO:

•On the Documentation CD-ROM, go to Cisco Product Documentation, select Cisco IOS Software Configuration, click on Cisco IOS Release 11.2, then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, select Important Notes and Caveats for Release 11.2.

•On CCO, go to Software and Support and select Documentation. Next, go to Cisco Documentation, click on Cisco IOS Software Configuration, select Cisco IOS Release 11.2, and then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, click on Important Notes and Caveats for Release 11.2.

Caveats for Release 11.2(1) Through 11.2(4)

Possibly unexpected behavior in Cisco IOS Release 11.2 exists in the following areas:

•Basic System Services

•IBM Connectivity

•Interfaces and Bridging

•IP Routing Protocols

•ISO CLNS

•Novell IPX, XNS, and Apollo Domain

•REXEC and Configuration Parser

•TCP/IP Host-Mode Services

•VINES

•Wide-Area Networking

A complete list of the caveats, including descriptions and possible workarounds, is available on the Documentation CD-ROM and on CCO:

•On the Documentation CD-ROM, go to Cisco Product Documentation, select Cisco IOS Software Configuration, click on Cisco IOS Release 11.2, then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, select Important Notes and Caveats for Release 11.2.

•On CCO, go to Software and Support and select Documentation. Next, go to Cisco Documentation, click on Cisco IOS Software Configuration, select Cisco IOS Release 11.2, and then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, click on Important Notes and Caveats for Release 11.2.

Caveats for Release 11.2(1) Through 11.2(3)

Possibly unexpected behavior in Cisco IOS Release 11.2 exists in the following areas:

•AppleTalk

•Basic System Services

•IBM Connectivity

•Interfaces and Bridging

•IP Routing Protocols

•ISO CLNS

•Novell IPX, XNS, and Apollo Domain

•Protocol Translation

•TCP/IP Host-Mode Services

•VINES

•Wide-Area Networking

•Interfaces and Bridging

A complete list of the caveats, including descriptions and possible workarounds, is available on the Documentation CD-ROM and on CCO:

•On the Documentation CD-ROM, go to Cisco Product Documentation, select Cisco IOS Software Configuration, click on Cisco IOS Release 11.2, then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, select Important Notes and Caveats for Release 11.2.

•On CCO, go to Software and Support and select Documentation. Next, go to Cisco Documentation, click on Cisco IOS Software Configuration, select Cisco IOS Release 11.2, and then select Release Notes for Cisco IOS Release 11.2. From the bulleted list, click on Important Notes and Caveats for Release 11.2.

Cisco Connection Online

Cisco Connection Online (CCO) is Cisco Systems' primary, real-time support channel. Maintenance customers and partners can self-register on CCO to obtain additional information and services.

Available 24 hours a day, 7 days a week, CCO provides a wealth of standard and value-added services to Cisco's customers and business partners. CCO services include product information, product documentation, software updates, release notes, technical tips, the Bug Navigator, configuration notes, brochures, descriptions of service offerings, and download access to public and authorized files.

CCO serves a wide variety of users through two interfaces that are updated and enhanced simultaneously: a character-based version and a multimedia version that resides on the World Wide Web (WWW). The character-based CCO supports Zmodem, Kermit, Xmodem, FTP, and Internet e-mail, and it is excellent for quick access to information over lower bandwidths. The WWW version of CCO provides richly formatted documents with photographs, figures, graphics, and video, as well as hyperlinks to related information.

You can access CCO in the following ways:

•WWW:  http://www.cisco.com

•WWW:  http://www-europe.cisco.com

•WWW:  http://www-china.cisco.com

•Telnet:  cco.cisco.com

•Modem:  From North America, 408 526-8070; from Europe, 33 1 64 46 40 82. Use the following terminal settings: VT100 emulation; databits: 8; parity: none; stop bits: 1; and connection rates up to 28.8 kbps.

For a copy of CCO's Frequently Asked Questions (FAQ), contact cco-help@cisco.com. For additional information, contact cco-team@cisco.com.

---

Note   If you are a network administrator and need personal technical assistance with a Cisco product that is under warranty or covered by a maintenance contract, contact Cisco's Technical Assistance Center (TAC) at 800 553-2447, 408 526-7209, or tac@cisco.com. To obtain general information about Cisco Systems, Cisco products, or upgrades, contact 800 553-6387, 408 526-7208, or cs-rep@cisco.com.

---

Documentation CD-ROM

Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM, a member of the Cisco Connection Family, is updated monthly. Therefore, it might be more current than printed documentation. To order additional copies of the Documentation CD-ROM, contact your local sales representative or call customer service. The CD-ROM package is available as a single package or as an annual subscription. You can also access Cisco documentation on the World Wide Web at http://www.cisco.com, http://www-china.cisco.com, or http://www-europe.cisco.com.

If you are reading Cisco product documentation on the World Wide Web, you can submit comments electronically. Click Feedback in the toolbar, select Documentation, and click Enter the feedback form. After you complete the form, click Submit to send it to Cisco. We appreciate your comments.

78-4839-04