Table Of Contents
Release Notes for Cisco 1600 Series for Cisco IOS Release 12.0 T
Determining the Software Version
Upgrading to a New Software Release
New Software Features in Release 12.0(7)T
Dynamic Multiple Encapsulations for Dial-In over ISDN
Multicast Source Discovery Protocol
X.25 Switch Local Acknowledgment
New Software Features in Release 12.0(5)T
Frame Relay End-to-End Keepalive
Layer 2 Tunneling Protocol Dial-out
Web Cache Communications Protocol Version 2 (WCCPv2)
No New Software Features in Release 12.0(4)T
New Software Features in Release 12.0(3)T
Annex-G (X.25 over Frame Relay)
DLSw+ RSVP Bandwidth Reservation
Fancy Queuing on Frame Relay for Cisco HDLC
SLIP-PPP Banner and Banner Tokens
No New Software Features in Release 12.0(2)T
New Software Features in Release 12.0(1)T
Layer Two Tunneling Protocol (L2TP)
Last Maintenance Release of Cisco IOS Release 12.0 T
Caveat CSCdr91706 and IOS HTTP Vulnerability
Affected Devices and Software Versions
Cisco IOS Software Documentation Set
Release 12.0 Documentation Set
Obtaining Technical Assistance
Software Configuration Tips on the Cisco Technical Assistance Center Home Page
Release Notes for Cisco 1600 Series for Cisco IOS Release 12.0 T
December 13, 1999
Note
Update, May 2003: The Cisco 1600 Series has reached End-of-Sale (EoS) status as of February 2003; it cannot be ordered and may no longer be supported. The Cisco 1700 Series are the recommended replacement products.
Note
These release notes for Cisco 1600 series support Cisco IOS Release 12.0 T, up to and including Release 12.0(7)T. These release notes describe new features, memory requirements, hardware support, software platform deferrals, and changes to the microcode or modem code and related documents.
For a list of the software caveats that apply to Release 12.0(7)T, see the Caveats for Cisco IOS Release 12.0 T document that accompanies these release notes. The caveats document is updated for every maintenance release and is located on Cisco Connection Online (CCO) and the Documentation CD-ROM.
Use these release notes with Cross-Platform Release Notes for Cisco IOS Release 12.0 on CCO and the Documentation CD-ROM.
Contents
These release notes describe the following topics:
•
System Requirements
This section describes the system requirements for Release 12.0 T:
•
•
Memory Requirements
Table 1 Memory Requirements for Cisco 1600 Series Routers
Cisco 1600-
Cisco 1604IP Feature Sets
IP
c1600-y-l
6 MB
4 MB
Flash
IP Plus
c1600-sy-l
8 MB
4 MB
Flash
IP Plus 40
c1600-sy40-l
82 MB
4 MB
Flash
IP Plus 56
c1600-sy56-l
82 MB
4 MB
Flash
IP Plus IPSEC 56
c1600-sy56i-l
8 MB
6 MB
Flash
IP/IPX
c1600-ny-l
8 MB
4 MB
Flash
IP/IPX/AT/IBM
c1600-bnr2y-l
12 MB
4 MB
Flash
IP/IPX/AT/IBM Plus
c1600-bnr2sy-l
12 MB
6 MB
Flash
IP/FW
c1600-oy-1
127 MB
63 MB
Flash
IP/IPX/FW Plus
c1600-nosy-l
124 MB
65 MB
Flash
IP/FW Plus IPSEC 56
c1600-osy56i-l
124 MB
6 MB
Flash
IP/IPX/AT/IBM/FW Plus IPSEC 56
c1600-bnor2sy56i-l
166 MB
87 MB
Flash
Cisco 1601-R - 1605-R
IP Feature Sets
IP
c1600-y-mz
4 MB
8 MB
RAM
IP Plus
c1600-sy-mz
4 MB
10 MB
RAM
IP Plus 40
c1600-sy40-mz
4 MB
10 MB
RAM
IP Plus 56
c1600-sy56-mz
4 MB
128 MB
RAM
IP Plus IPSEC 56
c1600-sy56i-mz
4 MB
12 MB
RAM
IP/IPX
c1600-ny-mz
4 MB
8 MB
RAM
IP/IPX/AT/IBM
c1600-bnr2y-mz
4 MB
12 MB
RAM
IP/IPX/AT/IBM Plus
c1600-bnr2sy-mz
6 MB
16 MB
RAM
IP/FW
c1600-oy-mz
4 MB
164 MB
RAM
IP/IPX/FW Plus
c1600-nosy-mz
69 MB
168 MB
RAM
IP/FW Plus IPSEC 56
c1600-osy56i-mz
69 MB
166 MB
RAM
IP/IPX/AT/IBM/FW Plus IPSEC 56
c1600-bnor2sy56i-mz
6 MB
2410 MB
RAM
1 Release 12.0 T features sets were not available for the Cisco 1600 series until Release 12.0(3)T.
2 6 MB in Release 12.0(3)T and earlier.
3 4 MB in Release 12.0(5)T. 6 MB in Release 12.0(4)T and earlier.
4 8 MB in Release 12.0(5)T and earlier.
5 4 MB in Release 12.0(5)T. 12 MB in Release 12.0(4)T and earlier.
6 12 MB in Release 12.0(5)T and earlier.
7 6 MB in Release 12.0(5)T and earlier.
8 10 MB in Release 12.0(5)T and earlier.
9 4 MB in Release 12.0(5)T and earlier.
10 16 MB in Release 12.0(5)T and earlier.
Hardware Supported
Cisco IOS Release 12.0 T supports the Cisco 1600 series:
•
•
•
•
•
Cisco 1600 series routers have two memory architectures: one run-from-Flash (RFF) and one run-from RAM (RFR). Router model names with an R are RFR routers; all other models are RFF. In this document, model names without an R refer to both RFF and RFR models, except where otherwise noted.
For detailed descriptions of the new hardware features, see the "New and Changed Information" section.
Table 2 lists the interfaces supported on the Cisco 1600 series. For more complete information, see the "Overview of the Router" chapter in the Cisco 1600 Series Hardware Installation Guide.
Determining the Software Version
To determine the version of Cisco IOS software running on your Cisco 1600 series, log in to the router and enter the show version EXEC command:
router> show versionCisco Internetwork Operating System SoftwareIOS (tm) 1600 Software (C1600-NY-L), Version 12.0(7)T, RELEASE SOFTWAREUpgrading to a New Software Release
For information on upgrading to a new software release, see the product bulletin Cisco IOS Software Release 12.0 T Upgrade Paths and Packaging Simplification (#819: 1/99) on CCO at:
Technical Documents: Product Bulletins: Software
Under Cisco IOS 12.0, click Cisco IOS Software Release 12.0 T Upgrade (#819: 1/99).
Feature Set Tables
The Cisco IOS software is packaged in feature sets consisting of software images—depending on the platform. Each feature set contains a specific set of Cisco IOS features.
Release 12.0 T supports the same feature sets as Release 12.0, but Release 12.0 T can include new features supported by the Cisco 1600 series.
Caution
Table 3 and Table 4 list the features and feature sets supported by the Cisco 1600 series in Cisco IOS Release 12.0 T and use the following conventions:
•
•
•
Note
New and Changed Information
The following sections list the new hardware and software features supported by the Cisco 1600 series for Release 12.0 T:
New Software Features in Release 12.0(7)T
The following new software enhancements are supported by the Cisco 1600 series for Release 12.0(7)T and later releases:
Dynamic Multiple Encapsulations for Dial-In over ISDN
The Dynamic Multiple Encapsulations feature allows incoming calls over ISDN to be assigned an encapsulation type such as Frame Relay, PPP, and X.25 based on calling line identification (CLID) or DNIS. It also allows various encapsulation types and per-user configurations on the same ISDN B channel at different times according to the type of incoming call.
The Dynamic Multiple Encapsulations feature allows per-user configuration for each dial-in caller on any ingress ISDN B channel on which encapsulation can be run independently from other B channels on the same ISDN link. The caller is identified by CLID (caller ID) or DNIS to ensure that only incoming calls with authorization and valid user profiles are accepted. When PPP is used, authentication and profile binding can also be done by PPP name.
In addition, a large set of user profiles can be stored in dialer profiles locally or on a remote AAA server. (For large scale dial-in, storing user-specific configurations on a remote server becomes necessary for enhancing expandability and local memory efficiency.) However, whether stored locally or on a remote AAA server, the user-specific encapsulation and configuration can be applied to individual B channels dynamically and independently.
Dynamic multiple encapsulation is especially important in Europe where ISDN is relatively inexpensive and maximum use of all 30 B channels on the same ISDN link is desirable. Further, the feature removes the need to statically dedicate channels to a particular encapsulation and configuration type, and improves channel usage.
Low Latency Queueing
The Low Latency Queueing feature brings strict priority queueing to Class-Based Weighted Fair Queueing (CBWFQ). Strict priority queueing allows delay-sensitive data, such as voice, to be dequeued and sent first (before packets in other queues are dequeued), giving delay-sensitive data preferential treatment over other traffic.
Without Low Latency Queueing, CBWFQ provides weighted fair queueing based on defined classes with no strict priority queue available for real-time traffic. CBWFQ allows you to define traffic classes and then assign characteristics to that class. For example, you can designate the minimum bandwidth delivered to the class during congestion.
For CBWFQ, the weight for a packet belonging to a specific class is derived from the bandwidth you assigned to the class when you configured it. Therefore, the bandwidth assigned to the packets of a class determines the order in which packets are sent. All packets are serviced fairly based on weight; no class of packets may be granted strict priority.This scheme poses problems for voice traffic that is largely intolerant of delay, especially variation in delay. For voice traffic, variations in delay introduce irregularities of transmission manifesting as jitter in the heard conversation.
The Low Latency Queueing feature provides strict priority queueing for CBWFQ, reducing jitter in voice conversations. Configured by the priority command, Low Latency Queueing enables use of a single, strict priority queue within CBWFQ at the class level, allowing you to direct traffic belonging to a class to the CBWFQ strict priority queue.
In the event of congestion, when the bandwidth is exceeded policing is used to drop packets. Voice traffic enqueued to the priority queue is UDP-based and therefore not adaptive to the early packet drop characteristic of Weighted Random Early Detection (WRED).
When congestion occurs, traffic destined for the priority queue is metered to ensure that the bandwidth allocation configured for the class to which the traffic belongs is not exceeded.
Multicast Source Discovery Protocol
Multicast Source Discovery Protocol (MSDP) connects multiple PIM sparse-mode (SM) domains. MSDP allows multicast sources for a group to be known to all rendezvous points (RPs) in different domains. Each PIM-SM domain uses its own RPs and need not depend on RPs in other domains. An RP runs MSDP over TCP to discover multicast sources in other domains.
An RP in a PIM-SM domain has an MSDP peering relationship with MSDP-enabled routers in another domain. The peering relationship occurs over a TCP connection, where primarily a list of sources sending to multicast groups is exchanged. The TCP connections between RPs are achieved by the underlying routing system. The receiving RP uses the source lists to establish a source path.
The purpose of this topology is to have domains discover multicast sources in other domains. If the multicast sources are of interest to a domain that has receivers, multicast data is delivered over the normal, source-tree building mechanism in PIM-SM.
MSDP is also used to announce sources sending to a group. These announcements must originate at the domain's RP.
MSDP depends heavily on (M)BGP for interdomain operation. You should run MSDP in your domain's RPs that act as sources, sending to global groups for announcement to the Internet.
Policy Routing with CEF
IP policy routing now works with Cisco Express Forwarding (CEF), Distributed CEF (dCEF), and NetFlow. IP policy routing was formerly supported only in fast-switching and process-switching. Now that policy routing is integrated into CEF, policy routing can be deployed on a wide scale and on high-speed interfaces.
X.25 Closed User Groups
The X.25 specification for Closed User Groups (CUG):
•
•
Note
X.25 Switch Local Acknowledgment
Cisco offers an X.25 switch function that creates virtual connections (VC) by connecting channels between X.25 class services.
The following X.25 class services are supported:
•
•
•
The current Cisco implementation provides end-to-end acknowledgment, which means that flow control or window and packet size acknowledgment is between the originating and terminating data terminal equipment (DTE).
Acknowledgment is not local to the DTE and data communications equipment (DTE), and the overall effect is low throughput.
VPN Tunnel Management
The VPN Tunnel Management feature provides network administrators with two new functions for managing VPN tunnels:
•
•
These functions can be used on either end of a VPN tunnel—the Network Access Server (NAS) or on the home gateway.
When this feature is enabled, Multichassis Multilink PPP (MMP) Layer 2 Forwarding (L2F) tunnels can still be created and established.
New Software Features in Release 12.0(5)T
The following new software enhancements are supported by the Cisco 1600 series in Release 12.0(5)T and later releases.
DNS-Based X.25 Routing
Managing a large TCP/IP network requires accurate and up-to-date maintenance of IP addresses and X.121 address mapping information on each router database in the network. Currently, this data is managed manually. Because these addresses are constantly being added and removed in the network, the routing table of every router frequently needs to be updated, which is a time-consuming and error-prone task.
X.25 has long operated over an IP network, specifically using Transmission Control Protocol (TCP) as a reliable transport mechanism. This method is known as X.25 over TCP (XOT). However, large networks and financial legacy environments experienced problems with the amount of route configuration that needed to be performed manually because each router switching calls over TCP needed every destination configured. Every destination from the host router needed a static IP route statement, and for larger environments, these destinations could be as much as several thousand per router. Until now, the only way to map X.121 addresses and IP addresses was on a one-to-one basis using the x25 route x121address xot ipaddress command.
The solution to this problem was to centralize route configuration that routers could then access for their connectivity needs. This centralization is the function of the DNS-Based X.25 Routing feature, because the DNS server is a database of all domains and addresses on a network.
DSLw+ Ethernet Redundancy
The DLSw+ Ethernet Redundancy feature provides redundancy in an Ethernet environment. It enables DLSw+ to support parallel paths between two points in an Ethernet environment, ensuring resiliency in the case of a router failure and providing load balancing for traffic load.
DLSw+ could provide redundancy prior to this feature in a Token Ring environment or via backup peers. When an end station on an Ethernet LAN had multiple active paths into a DLSw+ network, problems occurred.
Redundancy is not possible in an Ethernet environment because, unlike Token Ring, it does not have a RIF field in its packet. The RIF notifies a router of the path a packet has traveled by tracking each ring number and bridge it travels along a path. If a bridge notices that the next ring matches a ring already in the RIF, then the frame is not copied on to that ring. The RIF prevents unreliable local reachability information, circuit contention, and undetected looping explorers.
Frame Relay End-to-End Keepalive
The Frame Relay End-to-End Keepalive feature enables the router to keep track of permanent virtual circuit (PVC) status, independent of the switches in the Frame Relay network. The routers at both ends of a PVC in a Frame Relay network engage in a keepalive session where one router issues keepalive messages and the router at the other end of the PVC connection responds. The time interval for the keepalive is configurable and is enabled on a per-PVC basis. As long as the keepalive-issuing router receives response messages, the PVC status is up. When response messages are not received (because of line failure, a faulty switch in the Frame Relay network, or a router failure), the PVC is down. This mechanism enables bidirectional communication of PVC status to both routers at the ends of a PVC connection.
Firewall Feature Set
The Cisco IOS Firewall feature set, available for a wide range of Cisco router platforms, adds greater depth and flexibility to existing Cisco IOS software security capabilities, enriching features such as authentication, encryption, and failover with robust firewall functionality and intrusion detection. A Cisco IOS software-based, integrated firewall solution scales to meet the bandwidth and performance requirements of any network. It also maximizes a Cisco router investment by combining multiprotocol routing functionality with sophisticated security policy enforcement throughout the network.
The Cisco IOS Firewall feature set delivers cost-effective perimeter security packaged with advanced features like stateful, application-based filtering, dynamic per-user authentication and authorization, defense against network attacks, Java blocking, and real-time alerts. Because it is completely interoperable with Cisco IOS software features including NAT, VPN tunneling protocols, Cisco Express Forwarding (CEF), AAA extensions, Cisco encryption technology, and Cisco IOS IPSec, It is a complete, integrated VPN solution.
Layer 2 Tunneling Protocol Dial-out
The Layer 2 Tunneling Protocol (L2TP) Dial-Out feature enables L2TP Network Servers (LNSs) to tunnel dial-out VPDN calls using L2TP as the tunneling protocol. This feature enables a centralized network to efficiently and inexpensively establish a virtual point-to-point connection with any number of remote offices.
Using the L2TP Dial-Out feature, Cisco routers can carry both dial-in and dial-out calls in the same L2TP tunnels.
Previously, only dial-in VPDN calls were supported.
L2TP dial-out involves two devices: an LNS and an L2TP Access Concentrator (LAC). When the LNS wants to perform L2TP dial-out, it negotiates an L2TP tunnel with the LAC. The LAC then places a PPP call to the client(s) the LNS wants to dial-out to.
Multicast Routing Monitor
The Multicast Routing Monitor (MRM) feature is a management diagnostic tool that provides network fault detection and isolation in a large multicast routing infrastructure. It is designed to notify a network administrator of multicast routing problems in near real time.
MRM has three components that play different roles: the Manager, the Test Sender, and the Test Receiver. The Manager can reside on the same device as the Test Sender or Test Receiver. You can test a multicast environment using test packets (perhaps before an upcoming multicast event), or you can monitor existing IP multicast traffic.
You create a test based on various test parameters, name the test, and start the test. The test runs in the background and the command prompt returns. If the Test Receiver detects an error (such as packet loss or duplicate packets), it sends an error report to the router configured as the Manager. The Manager immediately displays the error report. Also, by issuing a certain show command, you can see the error reports, if any. You then troubleshoot your multicast environment as normal, perhaps using the mtrace command from the source to the Test Receiver. If the show command displays no error reports, the Test Receiver is receiving test packets without loss or duplicates from the Test Sender.
PGM Router Assist
The PGM Router Assist feature allows Cisco routers to support the optimal operation of Pragmatic General Multicast (PGM). The PGM Reliable Transport Protocol itself is implemented on the hosts of the customer.
•
Service Assurance Agent
The Service Assurance (SA) Agent is both an enhancement to and a new name for the Response Time Reporter (RTR) feature that was introduced in Cisco IOS Release 11.2. The feature allows you to monitor network performance by measuring key Service Level Agreement metrics such as response time, network resources, availability, jitter, connect time, packet loss, and application performance.
With Cisco IOS Release 12.0(5)T, the SA Agent provides new capabilities that enable you to:
•
•
•
Web Cache Communications Protocol Version 2 (WCCPv2)
The Web Cache Communications Protocol enables Cisco IOS routing platforms to transparently redirect content requests (for example, web requests) from clients to a locally connected Cisco Cache Engine (or Cache Cluster) instead of the intended origin server. When a Cache Engine receives such a request, it attempts to service it from its own local cache if the requested information is present. If not, the Cache Engine issues its own request to the originally requested origin server to get the required information. When the Cache Engine retrieves the requested information, it forwards it to the requesting client and caches it to fulfill future requests, thus maximizing download performance and significantly reducing WAN transmission costs.
WCCPv2 provides enhancements to WCCPv1, including:
•
•
•
•
•
X.25 Remote Failure Detection
Static routes are used over a packet-switched data network in order to reduce volume-based costs of the network. Until now, if two routers were connected via multiple X.25 links (a primary and a secondary), a router could not detect failure of the primary link. If a failure occurred, the data was not transferred to the second link because X.25 was unable to determine whether remote links were up or down. Therefore X.25 could not use an alternate connection to a destination.
The X.25 Remote Failure Detection feature is important for X.25 users because now, after a primary link failure, the router can establish a secondary link and continue sending data. This feature is a way for the router to detect a call failure and to use a secondary route to send subsequent packets to the remote destination, at the same time as making periodic attempts to reconnect to its primary link.
No New Software Features in Release 12.0(4)T
There are no new features supported by the Cisco 1600 series in Cisco IOS Release 12.0(4)T.
New Software Features in Release 12.0(3)T
The following new software enhancements are supported by the Cisco 1600 series in Release 12.0(3)T and later releases.
Annex-G (X.25 over Frame Relay)
Annex G (X.25 over Frame Relay) facilitates the migration from an X.25 backbone to a Frame Relay backbone by permitting encapsulation of CCITT X.25/X.75 traffic within a Frame Relay connection. Annex G has developed to accommodate the many Cisco customers in Europe, where X.25 still is a popular protocol. With Annex G, the process of transporting X.25 over Frame Relay has been simplified, by allowing direct X.25 encapsulation over a Frame Relay network.
This simple process is largely achieved using X.25 profiles (similar to dialer profiles), which were created to streamline the configuration of X.25 on a per DLCI basis. X.25 profiles can contain any existing X.25 command and, once created and named, can be simultaneously associated with more than one Annex G DLCI connection, just using the profile name.
CDP Additions for Cisco IOS
The Cisco Discovery Protocol (CDP) is a media-independent device discovery protocol that runs on all cisco manufactured equipment, including routers, bridges, access servers, and switches. Each device sends periodic messages to a multicast address. Each device listens to the periodic messages sent by others in order to learn about neighboring devices and determine when their interfaces to the media go up or down. With CDP, network management applications can learn the device type and the SNMP agent address of neighboring devices. This process enables applications to send SNMP queries to neighboring devices.
CDP runs on all media that support Subnetwork Access Protocol (SNAP), including local-area network (LAN), Frame Relay, and Asynchronous Transfer Mode (ATM) media. CDP runs over the data link layer only. Therefore, two systems that support different network-layer protocols can learn about each other.
Each device configured for CDP sends periodic messages to a multicast address. Each device advertises at least one address at which it can receive SNMP messages. The advertisements also contain time-to-live, or holdtime, information, which indicates the time a receiving device should hold CDP information before discarding it.
Additions for Cisco Discovery Protocol (CDP) include the following:
•
•
The benefits include, transparent support of X.25 encapsulation over the Frame Relay network; direct X.25 configurations on a per DLCI basis; multiple Annex G DLCIs can use the same X.25 profile; multiple logical X.25 SVCs per Annex G link, and the fact that Cisco routers already contain the functionality necessary to perform the framing and frame removal required by Annex G.
DLSw+ Enhanced Load Balancing
In a network with multiple capable paths, the DLSw+ Load Balancing Enhancements feature improves traffic load balancing between peers by distributing new circuits based on existing loads and the desired ratio.
For each capable peer (peers that have the lowest or equal cost specified), the DLSw+ Load Balancing feature calculates the difference between the desired and the actual ratio of circuits being used on a peer. It detects the path that is underloaded in comparison to the other capable peers and assigns new circuits to that path until the desired ratio is achieved.
DLSw+ Peer Clusters
The DLSw+ Peer Clusters feature reduces the explorer packet replication that typically occurs in a large DLSw+ Peer Group design, where there are multiple routers connected to the same LAN.
The DLSw+ Peer Clusters feature associates DLSw+ peers (that are connected to the same LAN) into logical groups. Once the multiple peers are defined in the same peer group cluster, the DLSw+ Border Peer recognizes that it does not have to forward explorers to more than one member within the same peer group cluster.
DLSw+ RSVP Bandwidth Reservation
The DLSw+ RSVP Bandwidth Reservation feature allows DLSw+ to reserve network bandwidth for the DLSw+ TCP connection between DLSw+ peers.
Although it has been possible in the past to reserve bandwidth for a particular existing DLSw+ peer connection through the RSVP CLI support in Cisco IOS software, the CLI required prior knowledge of the TCP ports for which the reservation was being made. Because DLSw+ uses one well-known port and one randomly assigned port, the reservation could not be made until after the peer connection was active.
The DLSw+ RSVP feature permits new DLSw+ peer connections to automatically request bandwidth reservations upon connection, thereby removing the need for user intervention after the peer is connected. This feature assures the reservation will survive a network or device failure and that the DLSw+ traffic carried over a TCP connection is not affected by congestion.
Fancy Queuing on Frame Relay for Cisco HDLC
In previous releases, when the voice-encap option was configured on Frame Relay or Cisco HDLC, all fancy queuing (such as weighted fair queuing, custom queuing, and priority queuing) on the interface was disabled, and queuing was handled on a first-come first-served (FCFS) basis. In this release, new enhancements have been made to support fancy queuing on Frame Relay and Cisco HDLC.
For Frame Relay, a new interface command, frag-pre-queuing, has been added that allows you to set the queuing to be performed after the data segmentation. The command is available for Frame Relay interfaces only. The syntax for this new command is the following:
frag-pre-queuing
no frag-pre-queuing
By default, this command is enabled, which allows only FCFS queuing at the interface level. If you enter no frag-pre-queuing, you can configure weighted fair queuing, custom queuing, or priority queuing at the interface level. Note that if you enter no frag-pre-queuing, you still must explicitly configure the fancy queuing type on the interface.
For HDLC encapsulation, the queuing now takes place after segmentation when the voice-encap option is entered. Weighted fair queuing, custom queuing, and priority queuing are now supported on an interface configured for Cisco HDLC.
Flow-based WRED
This feature provides a mechanism to penalize the flows that do not respond to Weighted Random Early Detection (WRED) drops. This feature is provided as an extension to the existing WRED functionality and can be turned on after WRED is turned on.
Flow-WRED ensures that no single flow can hog all the buffer resources at the output interface queue. With WRED alone, this can occur in the presence of traffic sources that do not back off during congestion. Flow-WRED maintains minimal information about the buffer occupancy per flow. Whenever a flow exceeds it's share of the output interface buffer resource the packets of the flow are penalized by increasing the probability of their drop (by WRED).
Multilink Inverse Multiplexer
The Multilink Point to Point Protocol (MLP) Inverse Multiplexer feature allows you to combine multiple T1/E1 lines in a Versatile Interface Processor (VIP) T1/E1 interface into a bundle that has the combined bandwidth of the multiple T1/E1 lines. This is done by using a VIP MLP link. You choose the number of bundles and the number of T1/E1 lines in each bundle. This allows you to increase the bandwidth of you network links beyond that of a single T1/E1 line without having to purchase a T3 line.
Process MIB
The addition of the CISCO-PROCESS-MIB and changes to the CISCO-MEMORY-POOL-MIB allow the retrieval of additional CPU and memory statistics and their reporting by SNMP. The CISCO-PROCESS-MIB provides CPU 5-second, 1-minute, and 5-minute statistics. In addition, this MIB provides CPU utilization and memory allocation/deallocation statistics for each process on each CPU listed in the CISCO-PROCESS-MIB.
The CISCO-PROCESS-MIB is enabled when the first SNMP command is configured. The background statistics collection for VIP cards and the master CPU occurs even if the SNMP subsystem is not initialized.
SLIP-PPP Banner and Banner Tokens
The SLIP-PPP Banner section of this feature enables you to configure the banner that is displayed when making a SLIP connection. This improves compatibility with non-Cisco SLIP dial-up software.
The Banner Tokens section of this feature introduces the use of tokens to all existing banner commands. Tokens allow you to display current information from the configuration, such as the router's hostname, IP address, encapsulation type, and MTU size.
SNMP v3
Simple Network Management Protocol version 3 (SNMPv3) addresses issues related to the large scale deployment of SNMP for configuration, accounting and fault management. Currently SNMP is predominantly used for monitoring and performance management. The primary goal of SNMPv3 is to define a secure version of the SNMP protocol. SNMPv3 also facilitates remote configuration of the SNMP entities which make remote administration of SNMP entities a much simpler task. SNMPv3 builds on top of SNMPv1 and SNMPv2 to provide a secure environment for the management of systems and networks.
SNMPv3 provides an identification strategy for SNMP devices to facilitate communication only between known SNMP strategy. Each SNMP device has an identifier called the SNMP EngineID which is a copy of SNMP. Each SNMP message contains an SNMP EngineID. SNMP communication is possible only if an SNMP entity knows the identity of its peer SNMP device.
SNMPv3 also contains a security model or security strategy that exists between an SNMP user and the SNMP group to which the user belongs. A security model may define the security policy within an administrative domain or a intranet. The SNMPv3 protocol consists of the specification for the User based Security Model (USM).
Definition of security goals where the goals of message authentication service includes the following protection strategies:
•
•
•
•
–
–
–
X.25 Load Balancing
As the number of users accessing the same host has grown, competition for these application resources has become a problem. Internet service providers (ISPs) have had to increase the number of users they could support by increasing the number of X.25 lines to the host.
In order to support a large number of virtual circuits (VCs) to a particular destination, configuration of more than one serial interface to that destination was needed. When a serial interface is configured to support X.25, there is a fixed number of VCs available for use.
Using a facility called "hunt-group" (the method for X.25 load balancing), a switch is able to view a pool of X.25 lines going to the same host as one address and assign VCs on an "idle logical channel" basis. With this feature, X.25 calls can be load-balanced among all configured outgoing interfaces to fully use and balance all managed lines. The benefits include, the choice of two load-balancing distribution methods (rotary or vc-count) and improved performance of serial lines.
No New Software Features in Release 12.0(2)T
There are no new features supported by the Cisco 1600 series in Cisco IOS Release 12.0(2)T.
New Software Features in Release 12.0(1)T
The following new software enhancements are supported by the Cisco 1600 series in Release 12.0(1)T and later releases.
Easy IP Phase 2-DHCP Server
With the introduction of Easy IP Phase 2, Cisco IOS software also supports Intelligent DHCP Relay functionality. A DHCP Relay Agent is any host that forwards DHCP packets between clients and servers. A DHCP Relay Agent enables the client and server to reside on separate subnets. If the Cisco IOS DHCP server cannot satisfy a DHCP request from its own database, it can forward the DHCP request to one or more secondary DHCP servers defined by the network administrator using standard Cisco IOS ip helper-address functionality.
OSPF Packet Pacing
The former OSPF implementation for sending update packets needed to be more efficient. Some update packets were getting lost in cases where the link was slow, a neighbor could not receive the updates fast enough, or the router was out of buffer space. For example, packets might be dropped if either of these topologies existed:
•
•
OSPF update packets are now automatically paced by a delay of 33 milliseconds. Pacing is also added between retransmissions to increase efficiency and minimize lost retransmissions.
OSPF update and retransmission packets are sent more efficiently. Also, you can display the LSAs waiting to be sent out an interface.
Time-Based Access Lists
It is now possible to implement access lists based on the time of day. To do so, you create a time range that defines specific times of the day and week. The time range is identified by a name, and then referenced by a function, so that those time restrictions are imposed on the function itself.
Currently, IP and IPX extended access lists are the only functions that can use time ranges. The time range allows the network administrator to define when the permit or deny statements in the access list are in effect. Prior to this feature, access list statements were always in effect once they were applied. Both named or numbered access lists can reference a time range.
RIP Enhancements
Triggered extensions to IP RIP increase efficiency of RIP on point-to-point, serial interfaces.
Routers are used on connection-oriented networks to allow potential connectivity to many remote destinations. Circuits on the WAN are established on demand and are relinquished when the traffic subsides. Depending on the application, the connection between any two sites for user data could be short and relatively infrequent.
There were two problems using RIP to connect to a WAN:
•
•
To overcome these limitations, triggered extensions to RIP cause RIP to send information on the WAN only when there has been an update to the routing database. Periodic update packets are suppressed over the interface on which this feature is enabled.
ISDN MIB RFC2127
The new Integrated Services Digital Network (ISDN) Management Information Base (MIB) RFC2127 has been designed to provide useful information in accordance with the IETF's new standard for the management of ISDN interfaces. It controls all aspects of ISDN interfaces. RFC2127 provides information on the physical Basic Rate Interfaces (BRIs), control and statistical information for B (bearer) and D (signaling) channels, terminal endpoints, and directory numbers.
IOS STP Enhancements
IOS Spanning Tree Protocol enhancements broaden the original IOS STP implementation with increased port identification capability, improved path cost determination, and support for a new VLAN bridge spanning-tree protocol.
Layer Two Tunneling Protocol (L2TP)
Layer Two Tunneling Protocol (L2TP) is an emerging Internet Engineering Task Force (IETF) standard that combines the best features of two existing tunneling protocols: Cisco's Layer Two Forwarding (L2F) and Microsoft's Point-to-Point Tunneling Protocol (PPTP). L2TP is an extension to the Point-to-Point Protocol (PPP), which is an important component for Access Virtual Private Networks (VPNs). Access VPNs allow mobile users to connect to their corporate intranets or extranets, thus improving flexibility and reducing costs.
Traditional dial-up networking services only supported registered IP address, which limited the types of applications that could be implemented over Virtual Private Networks (VPNs). L2TP supports multiple protocols and unregistered and privately administered IP addresses over the Internet. This allows the existing access infrastructure, such as the Internet, modems, access servers, and ISDN terminal adaptors (TAs), to be used.
L2TP can be initiated wherever PPTP or L2F is currently deployed and can be operated as a client initiated tunnel, such as PPTP, or a network access server (NAS) initiated tunnel, such as L2F.
PPP Over Frame Relay
The PPP over Frame Relay feature allows a router to establish end-to-end Point-to-Point Protocol (PPP) sessions over Frame Relay. IP datagrams are transported over the PPP link using RFC 1973 compliant Frame Relay framing. This feature is useful for remote users running PPP to access their Frame Relay corporate networks.
PPP over Frame Relay provides the following benefits:
•
•
Important Notes
The following sections contain important notes about Cisco IOS Release 12.0 that can apply to the Cisco 1600 series.
Last Maintenance Release of Cisco IOS Release 12.0 T
Cisco IOS Release 12.0(6)T has been renamed 12.0(7)T to align this release with the 12.0(7) mainline release. The closed caveats for Release 12.0(7)T are identical to the caveats closed in the 12.0(7) mainline release. There was no change in the feature content of the renamed release—the features in 12.0(6)T are the same as 12.0(7)T. Release 12.0(7)T is the last maintenance release of the 12.0 T release train.
Customers needing closure of caveats for the 12.0 T features should migrate to the 12.1mainline release, which has the complete feature content of Release 12.0 T and will eventually reach General Deployment (GD). Release 12.0 T is a super set of the 12.0 mainline release, so all caveats closed in the 12.0 mainline are also closed in 12.0 T.
Caveat CSCdr91706 and IOS HTTP Vulnerability
A defect in multiple releases of Cisco IOS software will cause a Cisco router or switch to halt and reload if the IOS HTTP service is enabled, browsing to http://router-ip/anytext?/ is attempted, and the enable password is supplied when requested. This defect can be exploited to produce a denial of service (DoS) attack.
The vulnerability, identified as Cisco bug ID CSCdr91706, affects virtually all mainstream Cisco routers and switches running Cisco IOS software releases 12.0 through 12.1, inclusive. This is not the same defect as CSCdr36952.
The vulnerability has been corrected and Cisco is making fixed releases available for free to replace all affected IOS releases. Customers are urged to upgrade to releases that are not vulnerable to this defect as shown in detail below.
This vulnerability can only be exploited if the enable password is known or not set.
You are strongly encouraged to read the complete advisory, which is available at http://www.cisco.com/warp/public/707/ioshttpserverquery-pub.shtml .
Cisco IOS Syslog Failure
Certain versions of Cisco IOS software may fail or hang when they receive invalid User Datagram Protocol (UDP) packets sent to their syslog ports (port 514). At least one commonly used Internet scanning tool generates packets that cause such problems. This fact has been published on public Internet mailing lists, which are widely read both by security professionals and by security crackers. This information should be considered in the public domain.
Attackers can cause Cisco IOS devices to repeatedly fail and reload, resulting in a completely disabled Cisco IOS device that needs to be reconfigured by its administrator. Some Cisco IOS devices have been observed to hang instead of failing when attacked. These devices do not recover until they are manually restarted by reset or power cycling. An administrator must personally visit an attacked, hung device to restart it, even if the attacker is no longer actively sending any traffic. Some devices have failed without providing stack traces; some devices may indicate that they were "restarted by power-on," even when that is not the case.
Assume that any potential attacker is likely to know that existence of this problem and the ways to exploit it. An attacker can use tools available to the public on the Internet and does not need to write any software to exploit the vulnerability. Minimal skill is required and no special equipment is required.
Despite Cisco specifically inviting such reports, Cisco has received no actual reports of malicious exploitation of this problem.
This vulnerability notice was posted on Cisco's World Wide Web site:
http://www.cisco.com/warp/public/770/iossyslog-pub.shtml
This information was also sent to the following e-mail and USENET news recipients:
•
•
•
•
•
•
•
Affected Devices and Software Versions
Vulnerable devices and software versions are specified in Table 5, Affected and Repaired Software Versions. Affected versions include Releases 11.3 AA, 11.3 DB, and all 12.0 versions (including 12.0 mainline, 12.0 S, 12.0 T, and any other regular released version whose number starts with 12.0), up to the repaired releases listed in Table 5. Cisco is correcting the problem in certain special releases and will correct it in future maintenance and interim releases. See Table 5, Affected and Repaired Software Versions for details. Cisco intends to provide fixes for all affected IOS variants.
No particular configuration is needed to make a Cisco IOS device vulnerable. It is possible to filter out attack traffic by using access lists. See the "Workarounds" section for techniques. However, except at Internet firewalls, the appropriate filters are not common in customer configurations. Carefully evaluate your configuration before assuming that any filtering you have protects you against this attack.
The most commonly used or asked-about products are listed below. If you are unsure whether your device is running Cisco IOS software, log in to the device and issue the show version command. Cisco IOS software will identify itself simply as "IOS" or "Internetwork Operating System Software". Other Cisco devices will not have the show version command, or they will identify themselves differently in their output. The most common Cisco devices that run Cisco IOS software include the following:
•
•
•
•
Affected software versions, which are relatively new, are not necessarily available on every device listed above. If you are not running Cisco IOS software, you are not affected by this problem.
The following Cisco devices are not affected:
•
•
•
•
•
•
•
•
This vulnerability has been assigned Cisco bug ID CSCdk77426.
Solution
Cisco offers free software updates to correct this vulnerability for all affected customers—regardless of their contract status. However, because this vulnerability information has been disseminated by third parties, Cisco has released this notice before updates are available for all software versions. Table 5 gives Cisco's projected fix dates.
Make sure your hardware has adequate RAM to support the new software before installing it. The amount of RAM is seldom a problem when you upgrade within a major release (say, from 11.2[11]P to 11.2[17]P), but it is often a factor when you upgrade between major releases (say, from 11.2 P to 11.3 T).
Because fixes will be available for all affected releases, this vulnerability will rarely, if ever, require an upgrade to a new major release. Cisco recommends very careful planning for any upgrade between major releases. Make certain no known bugs will prevent the new software from working properly in your environment.
Further upgrade planning assistance is available on Cisco's World Wide Web site at:
http://www.cisco.com
If you have service contracts you can obtain new software through your regular update channels (generally through Cisco's World Wide Web site). You can upgrade to any software release, but you must remain within the boundaries of the feature sets you have purchased.
If you do not have service contracts, you can upgrade to obtain only the bug fixes; free upgrades are restricted to the minimum upgrade required to resolve the defects. In general, you will be restricted to upgrading within a single row of Table 5, except when no upgrade within the same row is available in a timely manner. Obtain updates by contacting one of the following Cisco Technical Assistance Centers (TACs):
•
•
•
Give the URL of this notice (http://www.cisco.com/warp/public/770/iossyslog-pub.shtml) as evidence for a free update. Non-contract customers must request free updates through the TAC. Please do not contact either "psirt@cisco.com" or "security-alert@cisco.com" for software updates.
Workarounds
You can work around this vulnerability by preventing any affected Cisco IOS device from receiving or processing UDP datagrams addressed to its port 514. This can be done either by using packet filtering on surrounding devices, or by using input access list filtering on the affected IOS device itself.
If you use an input access list, apply that list to all interfaces to which attackers may be able to send datagrams. Interfaces include not only physical LAN and WAN interfaces but also virtual subinterfaces of those physical interfaces, as well as virtual interfaces and interface templates corresponding to GRE, L2TP, L2F, and other tunneling protocols.
The input access list must block traffic destined for UDP port 514 at any of the Cisco IOS device's own IP addresses, as well as at any broadcast or multicast addresses on which the Cisco IOS device may be listening. Be sure to block both old-style "all-zeros" broadcasts and new-style "all-ones" broadcasts. It is not necessary to block traffic being forwarded to other hosts—only traffic actually addressed to the Cisco IOS device is of interest.
No single input access list works in all configurations. Know the effect of your access list in your specific configuration before activating it.
The following example shows a possible access list for a three-interface router, along with the configuration commands needed to apply the list. The example assumes input filtering is not needed, other than as a workaround for this problem:
! Deny all multicasts, and all unspecified-net broadcasts, to port 514access-list 101 deny udp any 224.0.0.0 31.255.255.255 eq 514! Deny old-style unspecified-net broadcastsaccess-list 101 deny udp any host 0.0.0.0 eq 514! Deny network-specific broadcasts. This example assumes that all of! the local interfaces are on the class B network 172.16.0.0, subnetted! everywhere with mask 255.255.255.0. This will differ from network! to network. Note that we block both new-style and old-style broadcasts.access-list 101 deny udp any 172.16.0.255 0.0.255.0 eq 514access-list 101 deny udp any 172.16.0.0 0.0.255.0 eq 514! Deny packets sent to the addresses of our own network interfaces.access-list 101 deny udp any host 172.16.1.1 eq 514access-list 101 deny udp any host 172.16.2.1 eq 514access-list 101 deny udp any host 172.16.3.3 eq 514! Permit all other traffic (default would be to deny)access-list 101 permit ip any any! Apply the access list to the input side of each interfaceinterface ethernet 0ip address 172.16.1.1 255.255.255.0ip access-group 101 ininterface ethernet 2ip address 172.16.2.1 255.255.255.0ip access-group 101 ininterface ethernet 3ip address 172.16.3.3 255.255.255.0ip access-group 101 inListing all possible addresses—especially all possible broadcast addresses—to which attack packets may be sent is complicated. If you do not need to forward any legitimate syslog traffic received on an interface, you can block all syslog traffic arriving on that interface. Remember that blocking will affect traffic routed through the Cisco IOS device as well as traffic destined to the device; if the IOS device is expected to forward syslog packets, you will have to do the detailed filtering. Because input access lists impact system performance, install them with caution—especially on systems running very near their capacity.
Software Versions and Fixes
Many Cisco software images have been or will be specially reissued to correct this vulnerability. For example, regular released Cisco IOS version 12.0(2) is vulnerable, as are interim versions 12.0(2.1) through 12.0(2.3). The first fixed interim version of Release12.0 mainline software is Release12.0(2.4). However, a special release, 12.0(2a), contains only the fix for this vulnerability and does not include any other bug fixes from later 12.0 interim releases.
If you are running Release 12.0(2) and want to fix this problem without risking possible instability presented by installing the 12.0(2.4) interim release, you can upgrade to Release 12.0(2a). Release 12.0(2a) is a "code branch" from the Release 12.0(2) base, which will merge back into the Release 12.0 mainline at Release 12.0(2.4).
Special releases, like 12.0(2a), are one-time, spot fixes, and they will not be maintained. Thus, the upgrade path from Release 12.0(2a) is to Release 12.0(3).
Table 5 specifies information about affected and repaired software versions.
Note
Table 5 Affected and Repaired Software Versions
11.2 and earlier releases—all variants
Unaffected early releases (no syslog server)
Unaffected
Unaffected
Unaffected
11.3, 11.3 T, 11.3 DA, 11.3 MA, 11.3 NA, 11.3 WA, 11.3(2)XA
11.3 releases without syslog servers
Unaffected
Unaffected
Unaffected
11.3 AA
11.3 early deployment for AS58xx
11.3(7)AA2, 8-JAN-19994
11.3(7.2)AA
11.3(8)AA, 15-FEB-1999
11.3 DB
11.3 for Cisco NRP routing blade in Cisco 6400 xDSL DSLAM
11.3(7)DB2, 18-JAN-1999
12.0
12.0 Mainline
12.0(2a), 8-JAN-1999
12.0(2.4)
12.0(3), 1-FEB-1999
12.0 T
12.0 new technology early deployment
12.0(2a)T1, 11-JAN-1999
12.0(2.4)T
12.0(3)T, 15-FEB-1999
12.0 S
ISP support; 7200, RSP, GSR
12.0(2.3)S, 27-DEC-1998
12.0(2)S5 , 18-JAN-1999
12.0 DB
12.0 for Cisco 6400 universal access concentrator node switch processor (lab use)
12.0(2)DB, 18-JAN-1999
12.0(1)W
12.0 for Catalyst 8500 and LS1010
12.0(1)W5(5a) and 12.0(1a)W5(5b) (LS1010 platform only)
12.0(1)W5(5.15)
12.0(1)W5(6) (platform support for Catalyst 8540M will be in 12.0(1)W5(7))
12.0(0.6)W5
One-time early deployment for CH-OC-12 module in Catalyst 8500 series switches
Unaffected; one-time release
Unaffected
Unaffected; To upgrade use 12.0(1)W5 releases.
12.0(1)XA3
Short-life release; merged to 12/0T at 12.0(2)T
Obsolete
Merged
Upgrade to 12.0(2a)T1 or to 12.0(3)T.
12.0(1)XB
Short-life release for Cisco 800 series; merged to 12.0 T and 12.0 (3)T
12.0(1)XB1
Merged
Upgrade to 12.0(3)T.
12.0(2)XC
Short-life release for new features in Cisco 2600, Cisco 3600, uBR7200, uBR900 series; merged to 12.0 T at 12.0(3)T
12.0(2)XC1, 7-JAN-1999
Merged
Upgrade to 12.0(3)T
12.0(2)XD
Short-life release for ISDN voice features; merged to 12.0 T at 12.0(3)T
12.0(2)XD1, 18-JAN-1999
Merged
Upgrade to 12.0(3)T
12.0(1)XE
Short-life release
12.0(2)XE, 18-JAN-1999
Merged
Upgrade to 12.0(3)T
1 A special fix is a one-time release that provides the most stable immediate upgrade path.
2 Interim releases are tested less rigorously than regular maintenance releases; interim releases can contain serious bugs.
3 Fixed maintenance releases are on a long-term upgrade path. Other long-term upgrade paths also exist.
4 All dates in this table are estimates and are subject to change.
5 This entry is not a misprint. The 12.0(2.3)S interim release is available before the 12.0(2)S regular release.
Deprecated MIBs
Old Cisco Management Information Bases (MIBs) will be replaced in a future release. OLD-CISCO-* MIBs are currently being migrated into more scalable MIBs—without affecting existing Cisco IOS products or NMS applications. You can update from deprecated MIBs to the replacement MIBs as shown inTable 6.
Caveats
Caveats describe unexpected behavior in Cisco IOS software releases. Severity 1 caveats are the most serious caveats; severity 2 caveats are less serious.
This section only contains open and resolved caveats for the current Cisco IOS maintenance release.
All caveats in Release 12.0 T are also in Release 12.0.
For information on caveats in Cisco IOS Release 12.0, see Caveats for Cisco IOS Release 12.0.
For information on caveats in Cisco IOS Release 12.0 T, see Caveats for Cisco IOS Release 12.0 T, which lists severity 1 and 2 caveats and is located on CCO and the Documentation CD-ROM.
Note
Caveats for Release 12.0(7)T
This section describes possibly unexpected behavior by Release12.0(7)T, specific to the Cisco 1600 series routers. Only severity 1 and 2 caveats are included.
CSCdp60086
The frame-relay tunnel subcommand is not available on the Cisco 1600, 1700, and 800 series platforms. This subcommand is only available in IOS images corresponding to Enterprise feature sets:
router(config-if)# frame-relay route 19 interface ?
Serial Serial
Tunnel Tunnel interfaceRelated Documentation
The following sections describe the documentation available for the Cisco 1600 series. These documents consist of hardware and software installation guides, Cisco IOS configuration and command references, system error messages, feature modules, and other documents.
Documentation is available as printed manuals or electronic documents, except for feature modules, which are available online on CCO and the Documentation CD-ROM.
Use these release notes with these documents:
•
Release-Specific Documents
The following documents are specific to Release 12.0 and are located on CCO and the Documentation CD-ROM:
•
On CCO at:
Technical Documents: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 12.0: Release Notes: Cross-Platform Release Notes
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.0: Release Notes: Cross-Platform Release Notes
•
Service & Support: Technical Documents
•
This document contains caveats applicable to all platforms for all maintenance releases of Release 12.0 T.
On CCO at:
Technical Documents: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 12.0: Caveats
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.0: Caveats
Note
Platform-Specific Documents
These documents are available for the Cisco 1600 series on CCO and the Documentation CD-ROM:
•
•
•
•
•
•
•
•
•
On CCO at:
Technical Documents: Documentation Home Page: Access Servers and Access Routers: Modular Access Routers: Cisco 1600 Series Routers
On the Documentation CD-ROM at:
Cisco Product Documentation: Access Servers and Access Routers: Modular Access Routers: Cisco 1600 Series Routers
Feature Modules
Feature modules describe new features supported by Release 12.0 T and are updates to the Cisco IOS documentation set. A feature module consists of a brief overview of the feature, benefits, configuration tasks, and a command reference. As updates, the feature modules are available online only. Feature module information is incorporated in the next printing of the Cisco IOS documentation set.
On CCO at:
Technical Documents: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 12.0: New Feature Documentation
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.0: New Feature Documentation
Cisco IOS Software Documentation Set
The Cisco IOS software documentation set consists of the Cisco IOS configuration guides, Cisco IOS command references, and several other supporting documents that are shipped with your order in electronic form on the Documentation CD-ROM—unless you specifically ordered the printed versions.
Documentation Modules
Each module in the Cisco IOS documentation set consists of two books: a configuration guide and a corresponding command reference. Chapters in a configuration guide describe protocols, configuration tasks, Cisco IOS software functionality, and contain comprehensive configuration examples. Chapters in a command reference provide complete command syntax information. Use each configuration guide with its corresponding command reference.
On CCO and the Documentation CD-ROM, two master hot-linked documents provide information for the Cisco IOS software documentation set.
On CCO at:
Technical Documents: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 12.0:Configuration Guides and Command References
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.0: Configuration Guides and Command References
Release 12.0 Documentation Set
Table 7 describes the contents of the Cisco IOS Release 12.0 software documentation set, which is available in electronic form and in printed form upon request.
Note
On CCO at:
Technical Documents: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 12.0
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.0
Note
Obtaining Documentation
World Wide Web
You can access the most current Cisco documentation on the World Wide Web at http://www.cisco.com, http://www-china.cisco.com, or http://www-europe.cisco.com.
Documentation CD-ROM
Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM is updated monthly. Therefore, it is probably more current than printed documentation. The CD-ROM package is available as a single unit or as an annual subscription.
Ordering Documentation
Registered Cisco.com users can order the Documentation CD-ROM and other Cisco Product documentation through our online Subscription Services at http://www.cisco.com/cgi-bin/subcat/kaojump.cgi.
Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco's corporate headquarters (California, USA) at 408 526-4000 or, in North America, call 800 553-NETS (6387).
Obtaining Technical Assistance
Cisco provides Cisco.com as a starting point for all technical assistance. Warranty or maintenance contract customers can use the Technical Assistance Center. All customers can submit technical feedback on Cisco documentation using the web, e-mail, a self-addressed stamped response card included in many printed documents, or by sending mail to Cisco.
Cisco.com
Cisco continues to revolutionize how business is done on the Internet. Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information and resources at anytime, from anywhere in the world. This highly integrated Internet application is a powerful, easy-to-use tool for doing business with Cisco.
Cisco.com's broad range of features and services helps customers and partners to streamline business processes and improve productivity. Through Cisco.com, you will find information about Cisco and our networking solutions, services, and programs. In addition, you can resolve technical issues with online support services, download and test software packages, and order Cisco learning materials and merchandise. Valuable online skill assessment, training, and certification programs are also available.
Customers and partners can self-register on Cisco.com to obtain additional personalized information and services. Registered users may order products, check on the status of an order and view benefits specific to their relationships with Cisco.
You can access Cisco.com in the following ways:
•
•
•
–
–
You can e-mail questions about using Cisco.com to cco-team@cisco.com.
Technical Assistance Center
The Cisco Technical Assistance Center (TAC) is available to warranty or maintenance contract customers who need technical assistance with a Cisco product that is under warranty or covered by a maintenance contract.
To display the TAC web site that includes links to technical support information and software upgrades and for requesting TAC support, use www.cisco.com/techsupport.
To contact by e-mail, use one of the following:
In North America, TAC can be reached at 800 553-2447 or 408 526-7209. For other telephone numbers and TAC e-mail addresses worldwide, consult the following web site: http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml.
Software Configuration Tips on the Cisco Technical Assistance Center Home Page
If you have a Cisco.com log-in account, you can access the following URL, which contains links and tips on configuring your Cisco products:
http://www.cisco.com/public/technotes/tech_sw.html
This URL is subject to change without notice. If it changes, point your Web browser to Cisco.com, press Login, and click on this path: Technical Assistance Center: Technical Tips.
The following sections are provided from the Technical Tips page:
•
•
•
•
•
•
•
Documentation Feedback
If you are reading Cisco product documentation on the World Wide Web, you can submit technical comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco.
You can e-mail your comments to bug-doc@cisco.com.
To submit your comments by mail, for your convenience many documents contain a response card behind the front cover. Otherwise, you can mail your comments to the following address:
Cisco Systems, Inc.
Document Resource Connection
170 West Tasman Drive
San Jose, CA 95134-9883We appreciate and value your comments.
