Table Of Contents
Resolved Caveats—Cisco IOS Release 12.2(13)T16
Resolved Caveats—Cisco IOS Release 12.2(13)T14
Resolved Caveats—Cisco IOS Release 12.2(13)T13
Resolved Caveats—Cisco IOS Release 12.2(13)T12
Resolved Caveats—Cisco IOS Release 12.2(13)T11
Resolved Caveats—Cisco IOS Release 12.2(13)T10
Resolved Caveats—Cisco IOS Release 12.2(13)T9
Resolved Caveats—Cisco IOS Release 12.2(13)T8
Resolved Caveats—Cisco IOS Release 12.2(13)T5
Resolved Caveats—Cisco IOS Release 12.2(13)T4
Resolved Caveats—Cisco IOS Release 12.2(13)T3
Resolved Caveats—Cisco IOS Release 12.2(13)T2
Resolved Caveats—Cisco IOS Release 12.2(13)T1
Resolved Caveats—Cisco IOS Release 12.2(13)T
Resolved Caveats—Cisco IOS Release 12.2(13)T16
Cisco IOS Release 12.2(13)T16 is a rebuild release for Cisco IOS Release 12.2(13)T. The caveats in this section are resolved in Cisco IOS Release 12.2(13)T16 but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•
Symptoms: A description of what is observed when the caveat occurs.
•
•
Miscellaneous
•
NetFlow Feature Acceleration has been deprecated and removed from Cisco IOS. The global command ip flow-cache feature-accelerate will no longer be recognized in any IOS configuration.
If your router configuration does not currently contain the command ip flow-cache feature-accelerate, this change does not affect you.
The removal of NetFlow Feature Acceleration does not affect any other aspects of Netflow operation, for example Access-list processing. The features are separate and distinct.
Cisco Express Forwarding (CEF) supercedes the deprecated NetFlow Feature Acceleration.
Additionally, the following MIB objects and OIDs have been deprecated and removed from the netflow mib (CISCO-NETFLOW-MIB):
cnfFeatureAcceleration 1.3.6.1.4.1.9.9.99999.1.3
cnfFeatureAccelerationEnable 1.3.6.1.4.1.9.9.99999.1.3.1
cnfFeatureAvailableSlot 1.3.6.1.4.1.9.9.99999.1.3.2
cnfFeatureActiveSlot 1.3.6.1.4.1.9.9.99999.1.3.3
cnfFeatureTable 1.3.6.1.4.1.9.9.99999.1.3.4
cnfFeatureEntry 1.3.6.1.4.1.9.9.99999.1.3.4.1
cnfFeatureType 1.3.6.1.4.1.9.9.99999.1.3.4.1.1
cnfFeatureSlot 1.3.6.1.4.1.9.9.99999.1.3.4.1.2
cnfFeatureActive 1.3.6.1.4.1.9.9.99999.1.3.4.1.3
cnfFeatureAttaches 1.3.6.1.4.1.9.9.99999.1.3.4.1.4
cnfFeatureDetaches 1.3.6.1.4.1.9.9.99999.1.3.4.1.5
cnfFeatureConfigChanges 1.3.6.1.4.1.9.9.99999.1.3.4.1.6Resolved Caveats—Cisco IOS Release 12.2(13)T14
Cisco IOS Release 12.2(13)T14 is a rebuild release for Cisco IOS Release 12.2(13)T. The caveats in this section are resolved in Cisco IOS Release 12.2(13)T14 but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•
•
•
Basic System Services
•
Symptoms: Many memory allocation failure (MALLOCFAIL) messages may occur for a Cisco Discovery Protocol (CDP) process:
%SYS-2-MALLOCFAIL: Memory allocation of -1732547824 bytes failed from x605111F0, pool Processor, alignment 0 -Process= "CDP Protocol", ipl= 0, pid= 42 -Traceback= 602D5DF4 602D78A0 605111F8 60511078 6050EC88 6050E684 602D0E2C 602D0E18Conditions: The symptom is observed on a Cisco 7513 that runs Cisco IOS Release 12.0(17)ST. The symptom may also occur on other Cisco 7500 series routers that run Release 12.0 S, 12.2 S, 12.3, or 12.3 T.
Workaround: To prevent the symptom from occurring again, disable CDP by entering the no cdp run global configuration command.
•
Symptoms: A Cisco device reloads on receipt of a corrupt CDP packet. One possible scenario is:
Reloading a faulty Cisco IP conference station 7935 or 7936 may cause a connected Cisco switch or router to reload. A CDP message may appear on the terminal, such as the following one:
%CDP-4-DUPLEX_MISMATCH duplex mismatch discovered on FastEthernet5/1 (not half duplex), with SEP00e0752447b2 port 1 (half duplex).Conditions: This symptom is observed when an empty "version" field exists in the output of the show cdp entry * command for at least one entry.
Workaround: Disable CDP by entering the no cdp run global configuration command.
First Alternate Workaround: Disable CDP on the specific (sub-)interface(s) whose corresponding neighbor(s) has or have an empty "version" field in the output of the show cdp entry * command.
Second Alternate Workaround: Disconnect the 7935 or 7936 phone, in the case of the specific symptom that is described above.
•
Symptoms: Depending upon configuration, issuing The show cdp entry * protocol command may cause a reload of the device.
Conditions: This symptom occurs on Cisco products that are speaking CDP with configurable interface MTU.
Workaround: Disable CDP, avoid issuing the command under given circumstances, or upgrade to a fixed version of software.
•
A specifically crafted Transmission Control Protocol (TCP) connection to a telnet or reverse telnet port of a Cisco device running Internetwork Operating System (IOS) may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases Hypertext Transport Protocol (HTTP) access to the Cisco device. Telnet, reverse telnet, RSH and SSH sessions established prior to exploitation are not affected.
All other device services will operate normally. Services such as packet forwarding, routing protocols and all other communication to and through the device are not affected.
Cisco will make free software available to address this vulnerability. Workarounds, identified below, are available that protect against this vulnerability.
The Advisory is available at /en/US/products/products_security_advisory09186a00802acbf6.shtml
•
Symptoms: A Cisco device experiences a memory leak in the CDP process.
Conditions: The device sending CDP packets sends a hostname that is 256 or more characters. There are no problems with a hostname of 255 or fewer characters.
Workaround: Configure the neighbor device to use less than a 256 character hostname, or disable the CDP process with the global command no cdp run.
IP Routing Protocols
•
Symptoms: One of two redundant route reflectors (RRs) that are part of the same cluster may reload and may cause a Virtual Private Network (VPN) routing/forwarding (VRF) table to contain incomplete routes. Routes that originated elsewhere in network are in the Route Descriptor table but not in the VRF table, despite import statements and the fact that the routes were in the VRF table previously.
Conditions: This symptom is observed in a Multiprotocol Label Switching (MPLS) VPN network. This is only observed if the route-reflectors have equal cluster-ids.
Workaround: Slightly change the metrics of the routes coming from one of the route-reflectors (e.g., weight or local preference). You can also re-configure one of the RRs with a unique cluster-ID.
Alternatively, reset the Border Gateway Protocol (BGP) neighbor session to the RR that did not reload.
Miscellaneous
•
Cisco Routers running Internetwork Operating System (IOS) that supports Multi Protocol Label Switching (MPLS) are vulnerable to a Denial of Service (DoS) attack on MPLS disabled interfaces.
The vulnerability is only present in Cisco IOS release trains based on 12.1T, 12.2, 12.2T, 12.3 and 12.3T. Releases based on 12.1 mainline, 12.1E and all releases prior to 12.1 are not vulnerable.
More details can be found in the security advisory which is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050126-les.shtml.
•
Symptoms: A router that is running RIPng may crash after receiving a malformed RIPng packet causing a Denial of Service (DoS) on the device.
Conditions: Such malformed packets can normally be sent locally. However, if "ipv6 debug rip" is enabled on a system, then the crash can also be triggered remotely.
RIP for IPv4 is not affected by this vulnerability.
Workaround: There is no workaround.
•
Symptoms: When you enter the undebug all privileged EXEC command on a Cisco 3700 series, all traffic that passes through an encrypted generic routing encapsulation (GRE) tunnel may stop.
Conditions: This symptom is observed on a Cisco 3700 series that is configured with a GRE tunnel that is secured via IP Security (IPSec) and that is using Cisco Express Forwarding (CEF) switching.
Workaround: Reinitialize CEF switching by entering the no ip cef global configuration command followed by the ip cef global configuration command.
Alternate Workaround: Do not enter the undebug all privileged EXEC command. Rather, individually disable each debug command.
•
Cisco Internetwork Operating System (IOS) Software is vulnerable to a Denial of Service (DoS) attack from crafted IPv6 packets when the device has been configured to process IPv6 traffic. This vulnerability requires multiple crafted packets to be sent to the device which may result in a reload upon successful exploitation.
More details can be found in the security advisory, which is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050126-ipv6.shtml.
•
Cisco Internetwork Operating System (IOS) Software release trains 12.1YD, 12.2T, 12.3 and 12.3T, when configured for Cisco's IOS Telephony Service (ITS), Cisco CallManager Express (CME) or Survivable Remote Site Telephony (SRST) may contain a vulnerability in processing certain malformed control protocol messages.
A successful exploitation of this vulnerability may cause a reload of the device and could be exploited repeatedly to produce a Denial of Service (DoS). This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20050119-itscme.shtml
Cisco has made free software upgrades available to address this vulnerability for all affected customers.
This vulnerability is documented by Cisco bug ID CSCee08584.
TCP/IP Host-Mode Services
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1.
2.
3.
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at: http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en.
Wide-Area Networking
•
Symptoms: A parity error on a Versatile Interface Processor (VIP) card may cause other VIPs to go to a wedged state.
Conditions: This symptom is observed on a Cisco 7500 series router.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.2(13)T13
Cisco IOS Release 12.2(13)T13 is a rebuild release for Cisco IOS Release 12.2(13)T. The caveats in this section are resolved in Cisco IOS Release 12.2(13)T13 but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•
•
•
Interfaces and Bridging
•
Symptoms: When a Cisco router reloads, the ATM permanent virtual circuit (PVC) status remains inactive (INAC) even though the ATM subinterface is in an UP/UP state. The following message may also be displayed when you enter the debug atm errors privileged EXEC command:
ATM(ATMx/x/x):point-to-point interface does not have a VCDConditions: This symptom is observed on a Cisco router with a PA-A3 port adapter and is caused by some physical line errors that occur while the router reloads. These physical line errors cause carrier transition on the PA-A3 interface, which in turn causes the symptom to occur.
Workaround: Enter the no shutdown interface configuration command on the ATM interface.
Further Problem Description: The symptom may even occur while the router reloads without any traffic.
•
Symptoms: The input packet and byte counters remain "zero" regardless of traffic effectively being received on a channelized interface.
Conditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.2(13)T10 or 12.2(13)T11 and is specific to a PA-MC-8TE1+ port adapter.
Workaround: Enter the show interfaces serial slot/port[:channel-group] accounting command to display the correct data.
IP Routing Protocols
•
Symptoms: When the debug ip pim auto-rp command is enabled on a Cisco 7500 series, the router crashes when it receives an AutoRP message.
Conditions: This symptom is observed on a Cisco 7500 series that runs the rsp-isv-mz image of Cisco IOS Release 12.2(15)T7 or 12.2(15)T9. The symptom may also occur in other releases of Release 12.2 T, or in Release 12.3 or Release 12.3 T.
Workaround: There is no workaround.
Miscellaneous
•
Symptoms: Modem passthrough calls fail with a "Playout Dejitter Mode value" error message and traceback, and a NAK message is generated.
Conditions: This symptom is observed on a Cisco AS5400 access server for every MPT call.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.2(13)T12
Cisco IOS Release 12.2(13)T12 is a rebuild release for Cisco IOS Release 12.2(13)T. The caveats in this section are resolved in Cisco IOS Release 12.2(13)T12 but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•
•
•
IP Routing Protocols
•
Symptoms: A Cisco 7400 series router that is configured with Network Address Translation (NAT) experiences high CPU utilization.
Conditions: This symptom is observed when a large number of TCP packet sessions are translated by the router and stay on the router for up to 24 hours even though the connections have been terminated.
Workaround: Clear the translations table using the clear ip nat translations EXEC command.
•
Symptoms: A Cisco router that is configured for SIP NAT may not be able to process authentication messages from a third-party SIP gateway that performs SIP proxy authentication.
Conditions: This symptom is observed in a Call Hold/Resume procedure.
Workaround: There is no workaround.
•
Symptoms: T.38 fax calls between a Cisco router and a third-party gateway may fail.
Conditions: This symptom is observed when two third-party gateways are connected via a Cisco router that runs SIP NAT. The T.38 fax calls fail from one of the third-party gateways to the Cisco router and vice versa.
Workaround: There is no workaround.
Miscellaneous
•
Symptoms: When polling the cbQosREDClassStatsTable of the CISCO-CLASS-BASED- QOS-MIB, spurious memory accesses may occur on a Cisco 2600 series, Cisco 3600 series, or Cisco 7200 series. A Cisco 3640 router may also reboot. The spurious memory accesses may be reproduced when polling the above-mentioned table via Simple Network Management Protocol (SNMP).
Conditions: This symptom is observed on a Cisco 2600 series, Cisco 3600 series, and Cisco 7200 series that run Cisco IOS Release 12.2(8)T, Release 12.3, or Release 12.3 T.
Workaround: Prevent the router from answering to queries on the cbQosREDClassStatsTable by implementing the following SNMP view in the router configuration:
snmp-server view qos internet included
snmp-server view qos 1.3.6.1.4.1.9.9.166.1.20.1 excluded
snmp-server community string view qos ro
•
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
•
Symptoms: A Cisco router may reload after Virtual Private Network (VPN) clients disconnect.
Conditions: This symptom is observed intermittently on a Cisco router that is running Cisco IOS Release 12.2(13)T or a later release when the IP Security (IPSec) Network Address Translation Transversal (NAT-T) mode is configured.
Workaround: There is no workaround.
•
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
•
Symptoms: A router may reload unexpectedly after it attempts to access a low memory address.
Conditions: This symptom is observed after ACLs have been updated dynamically or after the router has responded dynamically to an IDS signature.
Workaround: Disable IP Inspect and IDS.
•
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
•
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
•
Symptoms: LC-ATM-enabled subinterface on a PE router stays in "not ready" state when viewing the LDP session to the LSC using the show mpls ldp discovery command. The shutdown interface command followed by the no shutdown interface command will not clear the problem when performed on either the LC-ATM subinterface on the PE or the Xtag interface on the connected LSC.
Conditions: The interface stays in "interface not LDP ready" state when there exists a stray LVC on the switch interface. The PE reaches this state after multiple LDP flaps.
Workaround: The condition may be cleared by entering the clear ip route prefix command where prefix is the local loopback address for the LC- ATM subinterface. This will cause all tailend LVCs on all LC-ATM subinterfaces to be torn down and re-established, causing a brief customer outage. This workaround should only be used if no alternate path exists for MPLS traffic towards this device (i.e., a redundant LC-ATM subinterface). After using this workaround, user should confirm that the expected number of LVCs has been re- established with the output of the show mpls atm summary command. If bindings are not successfully re-established, repeat the clear ip route prefix command, or reload the router.
Reload of the router will remove the stray LVC and bring the LDP session on the PE's LC-ATM subinterface back to normal state.
Wide-Area Networking
•
Symptoms: Software interface description blocks (IDBs) may become exhausted after an interface flaps repeatedly.
Conditions: This symptom is observed under the following conditions:
- PPP sessions go down.
- The same PPP sessions come back up and make use of a new IDB rather than the previously used IDB.
- A virtual-access interface is used rather than a virtual-access subinterface.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.2(13)T11
Cisco IOS Release 12.2(13)T11 is a rebuild release for Cisco IOS Release 12.2(13)T. The caveats in this section are resolved in Cisco IOS Release 12.2(13)T11 but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•
•
•
Miscellaneous
•
Symptoms: On a Cisco router that is configured with a Multilink PPP (MLP) interface, the available processor memory may decrease rapidly because of a memory leak.
Conditions: This symptom is observed when the MLP interface flaps repeatedly.
Workaround: There is no workaround. You must resolve the cause of the flapping MPL interface.
•
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
•
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
Wide-Area Networking
•
Symptoms: A voice call that is placed over a Frame Relay (FR) link with Low Latency Queueing (LLQ) and FR end-to-end fragmentation (FRF.12) enabled may cause the router to pause indefinitely.
Conditions: This symptom is observed on a router when the voice path is established with LLQ and fragmented data traffic active.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.2(13)T10
Cisco IOS Release 12.2(13)T10 is a rebuild release for Cisco IOS Release 12.2(13)T. The caveats in this section are resolved in Cisco IOS Release 12.2(13)T10 but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•
•
•
Interfaces and Bridging
•
Symptoms: Router interfaces that are created on a Cisco PA-MC-8TE1+ port adapter and a Cisco PA-CE3 port adapter may display input counters and input rate counters with a value of 0.
Conditions: This symptom is observed on the router interfaces of a Cisco 7500 series.
Workaround: Enter the show interfaces serial [slot/port [channel-group]] [accounting] privileged EXEC command as an alternative method for displaying the value of the input counters. There is no alternative for finding the input rate.
IP Routing Protocols
•
Symptoms: In a large Border Gateway Protocol (BGP) Open Shortest Path First (OSPF) environment, the OSPF neighbors may go down when the BGP link flaps and a large number of BGP routes are flushed out of the route table or are repopulated.
Conditions: The conditions under which this symptom occurs seem to depend upon when the BGP configuration is applied to the router. There is no OSPF neighbor drop if the router reloads without the BGP configuration and BGP is added after the router reloads. However, the router drops OSPF neighbors when a BGP link flaps if BGP is already configured before the router is reloaded.
Workaround: There is no workaround.
Miscellaneous
•
Symptoms: You may not be able to use the command-line interface (CLI) to disable a remote loopback request on the network.
Conditions: This symptom is observed when a remote loopback is initiated toward a Cisco AS5xx0 and the Cisco AS5xx0 responds to the remote loopback request.
Workaround: Enter the loopback network ignore controller configuration command on the T1 controllers.
•
Symptoms: The digital signal processors (DSPs) on T1 high-density voice network modules (NM-HDVs) that support the clear channel codec may become unresponsive.
Conditions: This symptom is observed when the Enhanced ITU-T G.168 Echo Cancellation feature is enabled for NM-HDVs that link two Cisco voice gateways that are configured for Transparent Common Channel Signaling (T-CCS). This symptom does not occur when the Enhanced ITU-T G.168 Echo Cancellation feature is not used.
Workaround: There is no workaround.
•
Symptoms: After a few weeks of normal operation, the interface on a Cisco PA- MC-8E1 begins flapping and finally pauses with the output queue stuck as follows:
Serial1/1:1 is up, line protocol is up
Encapsulation HDLC, crc 16, Data non-inverted
Keepalive set (120 sec)
Last input 00:00:03, output 04:14:23, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 21952
Queueing strategy: weighted fair
Output queue: 30/4000/64/21855 (size/max total/threshold/drops)
30 second input rate 0 bits/sec, 0 packets/sec
30 second output rate 0 bits/sec, 0 packets/sec
43903807 packets input, 3646461183 bytes, 0 no buffer
Received 0 broadcasts, 321 runts, 0 giants, 0 throttles
5160 input errors, 4 CRC, 0 frame, 0 overrun, 0 ignored, 2945 abort
42026998 packets output, 2185017012 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets 0 output buffer failures,
0 output buffers swapped out 31 carrier transitions
no alarm present
Timeslot(s) Used:1-31, subrate: 64Kb/s, transmit delay is 0 flagsThe following traceback is observed in the log:
%LINK-4-TOOBIG: Interface Serial60:1, Output packet size of 1526 bytes too big Traceback= 0x604007F8 0x604A927C 0x6084E4D4 0x6057425C 0x60CE921C 0x60CE55EC %LINK-4-TOOBIG: Interface Serial20:1, Output packet size of 1526 bytes too big Traceback= 0x604007F8 0x604A927C 0x6084E4D4 0x6057425C 0x60CE921C 0x60CE55ECConditions: This symptom is observed on a Cisco router that is configured with a PA-MC-8E1 interface.
Workaround: There is no workaround.
•
Symptoms: A Cisco router that runs Real-Time Protocol (RTP) traffic over a Voice over IP (VoIP) connection may reload.
Conditions: This symptom may be observed on any Cisco router.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may generate a "SYS-2-GETBUF" message during the "Tag Input" process and may subsequently reload unexpectedly.
Conditions: This symptom is observed when the router fragments a Multiprotocol Label Switching (MPLS) packet.
Workaround: There is no workaround.
•
Symptoms: When a gateway that is in Media Gateway Control Protocol (MGCP) fallback mode reloads, no calls can be made, nor can calls be received. When the gateway comes up again, all controllers including a serial controller are automatically shut down. When you turn off auto configuration and reload the router again, you can make calls, but you still cannot receive calls.
Conditions: These symptoms are observed on a Cisco 3745 that functions as a gateway and that runs MGCP.
Workaround: There is no workaround.
•
Symptoms: A multilink interface may stop processing received packets.
Conditions: This symptom is observed on a Cisco 7500 series when Multilink PPP (MLP) is configured and when a lot of traffic is forwarded to the process-switching path.
Workaround: To clear the symptom, move the physical interfaces to a new multilink interface with a new interface number.
•
Symptoms: A Cisco AS5400 may reload unexpectedly while running Media Gateway Control Protocol (MGCP) in normal mode of operation.
Conditions: This symptom is observed on a Cisco AS5400 that runs Cisco IOS Release 12.2(11)T8 and occurs because of incorrect memory management.
Workaround: There is no workaround.
•
Symptoms: A Cisco voice gateway may report IP and telephony call legs that remain active even though the calls are no longer active.
Conditions: This symptom is observed on a Cisco AS5400HPX voice gateway that is running Cisco IOS Release 12.2(11)T under high CPU utilization. In addition, the gateway uses the interactive voice response (IVR) 2.0 session application to handle blind call transfers.
Workaround: There is no workaround.
•
Symptoms: The Cisco AS5xxx series routers that are equipped with the Bt8370 T1/E1 framer will bring down the controller immediately upon receiving an alarm indication signal (AIS).
Conditions: This symptom occurs when noisy line conditions that last less than 2 seconds can result in T1s going down, or outages or cable problems that last for less than 2 seconds can bring down the controller.
Workaround: There is no workaround. The fix is available in Cisco IOS Release 12.3.
•
Symptoms: A Cisco Session Initiation Protocol (SIP) gateway does not use calling information contained in the Remote-Party-ID header. A traceback may be observed and the following error is displayed in the output of the debug ccsip error privileged EXEC command:
sippmh_parse_remote_party_id: syntax error in Remote-Party -ID headerConditions: This symptom is observed on a Cisco SIP gateway that is running images of Cisco IOS Release 12.2(13)T and occurs when the gateway receives an initial INVITE message with a Remote-Party-ID header that contains the "other" parameters in the header.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may reload when a member is removed and then added back to a multilink interface.
Conditions: This symptom is observed on a Cisco 7500 series when distributed Multilink PPP (MLP) is enabled.
Workaround: Shut down the multilink and then add or remove the member links. This action can prevent this symptom, but is not a very acceptable workaround.
Wide-Area Networking
•
Symptoms: A router may experience a memory leak in the vtemplate background process. This symptom may be confirmed by entering the show processes memory EXEC command to monitor memory usage.
Conditions: This symptom is observed on a router that is running Cisco IOS Release 12.2(13)T5.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.2(13)T9
Cisco IOS Release 12.2(13)T9 is a rebuild release for Cisco IOS Release 12.2(13)T. The caveats in this section are resolved in Cisco IOS Release 12.2(13)T9 but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•
•
•
Miscellaneous
•
Symptoms: Configuring a bind statement multiple times under a serial interface causes the existing ISDN Q.921-User Adaptation (IUA) configurations to be removed.
Conditions: This symptom is observed on a Cisco AS5850 that is running the C5850-p9-mz.122-11.T image.
Workaround: There is no workaround.
•
Symptoms: Automatic Speech Recognition (ASR) does not function after Regex dual tone multifrequency (DTMF) is used on a Cisco gateway.
Conditions: This symptom may be observed when XML and Regex-based grammar are used in the same call. The Cisco gateway prevents the use of XML and Regex grammars in the same call even if they are in different VoiceXML (VXML) documents.
Workaround: There is no workaround.
•
Symptoms: A nonexistent policy map that is configured as the input or output service policy of an ATM virtual circuit (VC) causes a router to be unable to display or save its configuration.
Conditions: This symptom is observed on Cisco Route Processor Module (RPM) routers, but may affect any Cisco router that uses ATM interfaces.
Workaround: Do not specify nonexistent policy maps as an ATM VC service policy.
•
Symptoms: A Cisco router ignores an ISDN User Adaptation (IUA) 0x508 (REL-REQ) message that is sent by a third party call agent. The router does not act upon or reject the message by taking down ISDN Layer 3.
Conditions: This symptom is observed on a Cisco AS5850.
Workaround: There is no workaround.
•
Symptoms: Data packets may be punted to the process path when user logon and logoff activity occurs.
Conditions: This symptom is observed in all of the Service Selection Gateway (SSG) images of Cisco IOS software under heavy load conditions.
Workaround: There is no workaround.
•
Symptoms: The use of a VoiceXML (VXML) application on a Cisco gateway may cause the gateway to pause indefinitely.
Conditions: This symptom is observed if the following two conditions are met:
–
–
In addition, one of the following conditions must also be present:
–
For example:
<prompt cisco-vcrprompt="true"> <audio
src="http://px1-sun/audio/DUCF_33_httpg7llulaw.au"/>}<audio
src="http://px1-sun/audio/DUCF_33_httpg7llulaw.au"/></prompt>–
Workaround: Turn off HTTP streaming by entering the no ivr prompt streamed http global configuration command or the ivr prompt streamed none global configuration command.
Alternate Workaround: Turn off HTTP caching by entering the http client cache memory pool 0 global configuration command.
•
Symptoms: A router may pause indefinitely when modem relay calls are made.
Conditions: This symptom is observed on a Cisco 3600 series that is running Cisco IOS Release 12.2(11)T9.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may pause indefinitely when a VoiceXML (VXML) dialog is initiated.
Conditions: This symptom is observed on a Cisco AS5350 router when a VXML dialog is initiated and standard VXML events (for example, help, nomathc, noinput, and error) are sent.
Workaround: There is no workaround.
Wide-Area Networking
•
Symptoms: A router may reload after you enter the ppp multilink interface configuration command.
Conditions: This symptom occurs when multilink is configured on an active serial interface and neither the ppp multilink group interface configuration command nor the multilink virtual- template global configuration command is entered. Under these conditions, multilink normally fails to create a bundle because of the lack of a configuration source for the bundle interface, but in this instance, it causes the router to reload.
Workaround: Use the shutdown interface configuration command to shut down the serial interface until it is configured with the ppp multilink group interface configuration command.
Resolved Caveats—Cisco IOS Release 12.2(13)T8
Cisco IOS Release 12.2(13)T8 is a rebuild release for Cisco IOS Release 12.2(13)T. The caveats in this section are resolved in Cisco IOS Release 12.2(13)T8 but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•
•
•
Basic System Services
•
Symptoms: After a Versatile Interface Processor (VIP) has reloaded, there does not seem to be a crashinfo file because the crashinfo file is not closed; therefore, it is not visible or accessible. If the same VIP reloads again, both the first and second crashinfo files are accessible.
Conditions: This symptom is observed on a Cisco 7500 series that is running Cisco IOS Release 12.2(6f).
Workaround: There is no workaround.
•
Symptoms: The memory that is held by the "RTT Responder" process may increase, as is indicated by the amount of memory in the "Hold" column in the output of the show processes memory include {rtt | pid} EXEC command.
Conditions: This symptom is observed when many jitter probes are sent simultaneously to the same destination port.
Workaround: Do not use the same destination port for all the probes.
First Alternate Workaround: To free memory once in a while, enter the no rtr responder global configuration command followed by the rtr responder global configuration command.
Second Alternate Workaround: Lower the duration of the probes.
•
Symptoms: The order of the Service Assurance Agent (SAA) Response Time Reporter (RTR) schedule command options is incorrect in the output of the show running-config EXEC command. This may cause problems with third-party software configuring and managing RTR probes.
Conditions: This symptom is observed on all Cisco platforms that are running Cisco IOS Release 12.2(13)T1.
Workaround: There is no workaround.
Miscellaneous
•
Symptoms: I/O memory corruption may occur in the Cisco CallManager software during the bootup process of a Cisco IOS platform that is functioning as a gateway.
Conditions: This symptom is observed only rarely and occurs when a call-load generator is already generating calls to the gateway when the gateway is still booting up.
Workaround: There is no workaround.
•
Symptoms: A digital signal processor (DSP) may time out on a Cisco IAD2420 series because of a Host Port Interface (HPI) error.
Conditions: This symptom is observed on a Cisco IAD2420 series that is running Cisco IOS Release 12.2(11)T4 every time a call is placed or received.
Workaround: Use the command-line interface (CLI) to issue the following command to the DSPs that have a timeout symptom:
[no] voice dsp waitstate ws dsp_id
where ws is in the range of 1 to 3 with 1 being the default and dsp_id is a 1-based DSP number. The recommended ws value to set in this particular case is 2. Do not set the ws value higher than 2. The issuance of the CLI command will not take effect until the next DSP reset occurs either through an automatic mechanism or through test commands.
•
Symptoms: A Cisco AS5350 or Cisco AS5400 may get spurious access errors and output the following digital signal processor (DSP) timeout errors:
Local7.Error gw4-kyiv 50: %ALIGN-3-TRACE: -Traceback= 60279AA0 60A7F4D4 60A8397C 00000000 00000000 00000000 00000000 00000000
Local7.Error gw4-kyiv 49: %ALIGN-3-TRACE: -Traceback= 60279A94 60A7F4D4 60A8397C 00000000 00000000 00000000 00000000 00000000
Local7.Error gw4-kyiv 48: %ALIGN-3-SPURIOUS: Spurious memory access made at 0x60279A94 reading 0x10
Local7.Error gw4-kyiv 52: %VTSP-3-DSP_TIMEOUT: DSP timeout on channel 3/6:D (10), event 0x1306: DSP ID=0x10040: DSPRM FAX/VOICE Set Codec (call mode=0) ...
Local7.Error gw4-kyiv 56: %VTSP-3-DSP_TIMEOUT: DSP timeout on channel 3/2:D (928), event 0x1306: DSP ID=0x10230: DSPRM FAX/VOICE Set Codec (call mode=0)
Local7.Error gw4-kyiv 55: %VTSP-3-DSP_TIMEOUT: DSP timeout on channel 3/4:D (757), event 0x1306: DSP ID=0x21030: DSPRM FAX/VOICE Set Codec (call mode=0)
Local7.Error gw4-kyiv 54: %VTSP-3-DSP_TIMEOUT: DSP timeout on channel 3/4:D (781), event 0x1306: DSP ID=0x10450: DSPRM FAX/VOICE Set Codec (call mode=0)Conditions: This symptom is observed on a Cisco AS5350 or Cisco AS5400 that is configured with NextPort and that uses T.38 fax to send faxes over IP.
Workaround: There is no workaround.
•
Symptoms: A Cisco 6400 series Node Route Processor 2 (NRP2) may reload.
Conditions: This symptom is observed when the Cisco 6400 series NRP2 is running Cisco IOS Release 12.2(13)T1 and the Service Selection Gateway (SSG) is enabled.
Workaround: There is no workaround.
•
Symptoms: The following error message and tracebacks may be generated on a Cisco 3660 router that is configured with a Virtual Private Network High Performance advanced interface module (AIM-VPN/HP):
%SYS-2-BADSHARE: Bad refcount in retparticle, ptr=6344EB40, count=0 -Traceback= 60449944 61A9DCB4 61A9E000 61A9E898 61AA2CCC 61A96100 61A82EB8Conditions: This symptom is observed on a Cisco 3660 router that is running the c3660-ik9o3s-mz image of Cisco IOS Release 12.2(13)T but may also occur on other Cisco 3600 series routers that are running other Cisco IOS images.
Workaround: Disable compression.
•
Symptoms: After a "%VTSP-3-DSP_TIMEOUT" error message is generated, the affected digital signal processor (DSP) may not automatically recover.
Conditions: This symptom is observed on a Cisco IAD2420 series, but may not be platform specific.
Workaround: There is no workaround. To recover the affected DSP, reload the router.
•
Symptoms: A user session may pause indefinitely, causing a Cisco router to become unresponsive.
Conditions: This symptom is observed when multiple simultaneous users enter modular QoS CLI (MQC) commands on the same router via separate vty sessions.
Workaround: Allow only one user at a time to enter MQC commands.
•
Symptoms: A Cisco 6400 series Node Route Processor 2 (NRP2) may reload when high CPU utilization occurs.
Conditions: This symptom is observed on a Cisco 6400 series NRP2 that is configured for Service Selection Gateway (SSG) when high CPU utilization (above 80 percent) occurs.
Workaround: There is no workaround.
•
Symptoms: A memory leak may occur on a Cisco 6400 series Node Route Processor 1 (NRP1) during the installation of per-user access control lists (ACLs) that are downloaded from a RADIUS server.
Conditions: This symptom is observed on a Cisco 6400 series NRP1 that is running Cisco IOS Release 12.2(13)T and that is configured for PPP over Ethernet (PPPoE) when there is a high-call setup rate and the CPU utilization of the NRP1 exceeds 70 percent. The symptom may be platform independent.
Workaround: Disable the per-user ACLs.
Alternate Workaround: Decrease the call setup rate.
•
Symptoms: IP sockets are not cleared properly by the router when a call to a terminating gateway (TGW) is not completed successfully. This may lead to a socket leak that could use all the resources of the originating gateway (OGW).
Conditions: This symptom is caused when alternate endpoints are configured in the gatekeeper. If the OGW does not successfully complete a call to the TGW provided in the Admission Confirm (ACF), the OGW will then try the alternate endpoint. However, the socket that is used to send the SETUP message to the first TGW is not cleared properly.
Workaround: Configure the gatekeeper without the use of alternate endpoints, and then reboot the router. There is no way to clear the sockets that are left behind.
•
Multiple voice-related vulnerabilities are identified in Cisco IOS software, one of which is also shared with Cisco Unified Communications Manager. These vulnerabilities pertain to the following protocols or features:
–
–
–
–
–
Cisco has made free software available to address these vulnerabilities for affected customers. Fixed Cisco IOS software listed in the Software Versions and Fixes section contains fixes for all vulnerabilities mentioned in this advisory.
There are no workarounds available to mitigate the effects of any of the vulnerabilities apart from disabling the protocol or feature itself.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20070808-IOS-voice.shtml
•
Symptoms: The "Class-Based RTP and TCP Header Compression" feature introduced in Cisco IOS Release 12.2(13)T permits the configuration of Real-Time Protocol (RTP) and TCP header compression within MQC. On the Cisco 3725 platform, this feature is not configurable in Cisco IOS Release 12.2(13)T and Cisco IOS Release 12.2(15)T.
Conditions: This symptom is observed on a Cisco 3725 router. The feature is configurable in Cisco IOS Release 12.2(13)T and Release 12.2(15)T on more mature platforms like the Cisco 3640, and also the Cisco 3745 platform which was introduced at the same time as the Cisco 3725 platform. The feature is not configurable on the Cisco 3725 for the same Cisco IOS releases. See the following information for the Cisco 3725:
c3725#
c3725#conf t
Enter configuration commands, one per line. End with CNTL/Z.
c3725(config)#policy-map llq_voice
c3725(config-pmap)#class voice-rtp
c3725(config-pmap-c)#?
QoS policy-map class configuration commands:
bandwidth Bandwidth
drop Drop all packets
exit Exit from QoS class action configuration mode
no Negate or set default values of a command
police Police
priority Strict Scheduling Priority for this Class
queue-limit Queue Max Threshold for Tail Drop
random-detect Enable Random Early Detection as drop policy
service-policy Configure QoS Service Policy
set Set QoS values
shape Traffic Shaping
c3725(config-pmap-c)#compression header ip rtp
^
% Invalid input detected at '^' marker.
c3725(config-pmap-c)#class voice-tcp
c3725(config-pmap-c)#compression header ip tcp
^
% Invalid input detected at '^' marker.
c3725(config-pmap-c)#^Z
c3725#
Note
(2) In Cisco IOS Release 12.2(15)T, the MQC IPHC CLI is not available.Workarounds: (1) Configure RTP and TCP header compression directly on the interface of interest. (2) The MQC IPHC CLI is available, configurable, and will persist in the running configuration in the latest Cisco IOS Release 12.3 mainline and Cisco IOS Release 12.3 T builds. For example, the feature works in Cisco IOS Release 12.3(1) and Cisco IOS Release 12.3(2)T.
Also, see related caveat CSCeb13548 "c2691: MQC IPHC compression header CLI and feature is not available."
•
Symptoms: After a `submit' element with `post' method in a Voice XML (VXML) document, the `submit' element with the `get' method no longer works.
Conditions: This symptom is observed on all Cisco gateways that support VXML.
Workaround: There is no workaround.
•
Symptoms: A Cisco VG200 that has a transcoder and is configured with Cisco Conference Connection (CCC) has only one-way audio for certain callers.
Conditions: This symptom is observed under the following conditions:
–
–
–
–
–
Workaround: Use Cisco IOS Release 12.1(5)YH4.
•
Symptoms: When the tx-ring-limit interface configuration command is used and the value is set at 3, packets are dropped.
Conditions: This symptom is observed on a Cisco router that is configured with QoS and that uses digital subscriber line (DSL) interfaces.
Workaround: Remove the tx-ring-limit 3 command for non-QoS configurations. When QoS configuration is required, use Cisco IOS Release 12.2(15)T or a later release, or use Release 12.3(1).
•
Symptoms: The Cisco IAD2420 series integrated access device (IAD) with digital interface is interconnected with a BTS10200 softswitch that is running 3.5.1v01. When the Cisco IAD2420 is rebooted and sends Restart in Progress (RSIP) to the call agent (CA), the trunks are automatically brought back into service. If a PBX goes off-hook, then on-hook (without dialing digits), then goes off-hook on the same channel and begins dialing, the Cisco IAD2420 does not collect digits properly. It was observed that a 2 becomes two 4s in the dialed digits detected by the voice telephony service provider (VTSP).
Conditions: This symptom is observed on a Cisco IAD240 that is running Cisco IOS Release 12.2(11)T8.
Workaround: There is no workaround. The customer will be provided with a special image based off Cisco IOS Release 12.2(11)T8 with in-band signal detection hardcoded to work around this problem.
•
Symptoms: The output from the show diag EXEC command indicates that a voice interface card (VIC-1J1) is an unknown card.
Conditions: This symptom is observed on a Cisco router that has a VIC-1J1.
Workaround: There is no workaround.
•
Symptoms: After a Cisco gateway receives an ATM switch processor (ASP) down (ASPDN) message, it sends the ASPDN acknowledgement (DOWN ACK) without a reason code. To be compliant with the Internet Engineering Task Force (IETF) Draft 0.4, the reason field must be included.
Conditions: This symptom is observed on a Cisco router that is running a PRI backhaul and that uses Stream Control Transmission Protocol (SCTP).
Workaround: There is no workaround.
•
Symptoms: The ATM interface on a Cisco Node Route Processor (NRP2) may go into the down state.
Conditions: This symptom is observed when 8000 PPP over ATM (PPPoA) sessions are loaded on a redundant NRP2 and then the NRP2 is reloaded.
Workaround: Flap the interface for the sessions to go up.
•
Symptoms: Packets received from or going to unauthenticated users may be punted to the process path.
Conditions: This symptom is observed on all Service Selection Gateway (SSG) images of Cisco IOS software. If there is high unauthorized user traffic on the network, this symptom may cause a load on the process path (the IP input), but it does not break the functionality of the network.
Workaround: Configure the SSG TCP Redirect feature for unauthenticated users and unauthorized services. With this configuration, there will be no unauthenticated packets punted to the process path, and all packets will be handled in the Cisco Express Forwarding (CEF) path.
•
Symptoms: Domain Name System (DNS) packets may take more time than normal to process.
Conditions: This symptom is observed in all Service Selection Gateway (SSG) images of Cisco IOS software.
Workaround: If the number of domains is large, provide Internet service to each user and let the domains be resolved through the Internet DNS service.
•
Symptoms: Data packets gets punted to the process path when the Service Selection Gateway (SSG) timeout process is scheduled.
Conditions: This symptom is observed in all SSG images of Cisco IOS software.
Workaround: There is no workaround.
Wide-Area Networking
•
Symptoms: A Cisco 1700 series may not release a backup call, and the CPU utilization may increase to 100-percent when the dial-on-demand routing (DDR) timers are active.
Conditions: These symptoms are observed when the backup call is initiated through Dialer Watch and the dialer watch-list group-number delay disconnect disconnect-time global configuration command is configured.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may reload with a bus error when the authentication, authorization, and accounting (AAA) server experiences severe delays (several seconds) in the response to IP Control Protocol (IPCP) authorization requests.
Conditions: This symptom is observed on a Cisco 7200 series router that is running Cisco IOS Release 12.3(1.5) and that is configured as an L2TP Network Server (LNS). The symptom is observed only when there is a significant AAA delay.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.2(13)T5
Cisco IOS Release 12.2(13)T5 is a rebuild release for Cisco IOS Release 12.2(13)T. The caveats in this section are resolved in Cisco IOS Release 12.2(13)T5 but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•
•
•
Miscellaneous
•
A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet. BGP MD5 is a valid workaround for this problem.
Cisco has made free software available to address this problem. For more details, please refer to this advisory, available at http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml.
•
Symptoms: When a provider edge (PE) router has multiple paths to an Autonomous System Boundary Router (ASBR) that is used as a next hop in a Virtual Private Network (VPN) routing/forwarding (VRF) static route with a global keyword, there is no Internet connectivity for the customers that are defined in the VRF.
Conditions: This symptom is observed in a Multiprotocol Label Switching (MPLS) VPN.
Workaround: Shut down one of the outgoing interfaces on the PE router.
•
Symptoms: A Cisco AS5300 that is functioning as a voice gateway may reload because of an incoming bus error exception.
Conditions: This symptom is observed on a Cisco AS5300 that is running Cisco IOS Release 12.2(6d).
Workaround: There is no workaround.
•
Guest
