Table Of Contents
Release Notes for Cisco 7000 Family for Cisco IOS Release 12.3 XB
Determining the Software Version
Upgrading to a New Software Release
New Hardware Features in Cisco IOS Release 12.3(2)XB3
New Software Features in Cisco IOS Release 12.3(2)XB3
New Hardware Features in Cisco IOS Release 12.3(2)XB2
New Software Features in Cisco IOS Release 12.3(2)XB2
New Hardware Features in Cisco IOS Release 12.3(2)XB1
New Software Features in Cisco IOS Release 12.3(2)XB1
New Hardware Features in Cisco IOS Release 12.3(2)XB
New Software Features in Cisco IOS Release 12.3(2)XB
Deprecated and Replacement MIBs
New Implementations and Behavior Changes in Cisco IOS Release 12.3(2)XB2
Configurable SGSN PLMN ID in G-CDRs
New Implementations and Behavior Changes in Cisco IOS Release 12.3(2)XB1
New Recommended IPSec Configuration for VRF-Aware/GRE Tunnel Interfaces
3GPP RADIUS Attributes Support for PPP PDP Contexts
Support for Sending MSISDN to LNS for PPP-Regeneration
Caveats for Cisco IOS Release 12.3 XB
Open Caveats—Cisco IOS Release 12.3(2)XB3
Resolved Caveats—Cisco IOS Release 12.3(2)XB3
Open Caveats—Cisco IOS Release 12.3(2)XB2
Resolved Caveats—Cisco IOS Release 12.3(2)XB2
Open Caveats—Cisco IOS Release 12.3(2)XB1
Resolved Caveats—Cisco IOS Release 12.3(2)XB1
Open Caveats—Cisco IOS Release 12.3(2)XB
Resolved Caveats—Cisco IOS Release 12.3(2)XB
Cisco IOS Software Documentation Set
Cisco IOS Release 12.3 Documentation Set Contents
Obtaining Technical Assistance
Contacting TAC by Using the Cisco TAC Website
Release Notes for Cisco 7000 Family for Cisco IOS Release 12.3 XB
April 21, 2004
Cisco IOS Release 12.3(2)XB3
0L-4851-03
These release notes for the Cisco 7000 family describe the enhancements provided in Cisco IOS Release 12.3(2)XB3. These release notes are updated as needed.
For a list of the software caveats that apply to Cisco IOS Release 12.3(2)XB3, see the "Important Notes" section and Caveats for Cisco IOS Release 12.3. The caveats document is updated for every maintenance release and is located on Cisco.com and the Documentation CD-ROM.
Use these release notes with Cross-Platform Release Notes for Cisco IOS Release 12.3 located on Cisco.com and the Documentation CD-ROM.
Contents
These release notes describe the following topics:
•
MIBs
•
•
System Requirements
This section describes the system requirements for Cisco IOS Release 12.3(2)XB3 and includes the following sections:
•
•
Memory Recommendations
Supported Hardware
Cisco IOS Release 12.3(2)XB3 supports the following Cisco 7000 platforms:
•
•
For detailed descriptions of the new hardware features, see the "New and Changed Information" section.
Determining the Software Version
To determine the version of Cisco IOS software running on your Cisco 7000 family router, log in to the Cisco 7000 family router and enter the show version EXEC command. The following sample show version command output is from a router running a Cisco 7200 series software image with Cisco IOS Release 12.3(2)XB3:
Router> show versionCisco Internetwork Operating System SoftwareIOS (tm) 7200 Software (c7200-g6is-mz), Version 12.3(2)XB3, RELEASE SOFTWAREUpgrading to a New Software Release
For general information about upgrading to a new software release, refer to Upgrading the Cisco IOS Software Release in Cisco Routers and Modems located at:
http://www.cisco.com/warp/public/620/6.html
Feature Set Tables
The Cisco IOS software is packaged in feature sets consisting of software images—depending on the platform. Each feature set contains a specific set of Cisco IOS features.
Cisco IOS Release 12.3(2)XB3 supports the same feature sets as Cisco IOS Release 12.3, but Cisco IOS Release 12.3(2)XB3 can include new features supported by the Cisco 7000 family.
Caution
Table 5 lists the feature and feature set supported by the Cisco 7200 series routers in Cisco IOS Release 12.3(2)XB3.
The table uses the following conventions:
•
•
•
Note
New and Changed Information
The following sections list the new hardware and software features supported by the Cisco 7000 family of routers for Cisco IOS Release 12.3 XB.
New Hardware Features in Cisco IOS Release 12.3(2)XB3
There are no new hardware features supported in Cisco IOS Release 12.3(2)XB3.
New Software Features in Cisco IOS Release 12.3(2)XB3
There are no new software features supported in Cisco IOS Release 12.3(2)XB3.
New Hardware Features in Cisco IOS Release 12.3(2)XB2
There are no new hardware features supported in Cisco IOS Release 12.3(2)XB2.
New Software Features in Cisco IOS Release 12.3(2)XB2
There are no new software features supported in Cisco IOS Release 12.3(2)XB2.
New Hardware Features in Cisco IOS Release 12.3(2)XB1
There are no new hardware features supported in Cisco IOS Release 12.3(2)XB1.
New Software Features in Cisco IOS Release 12.3(2)XB1
There are no new software features supported in Cisco IOS Release 12.3(2)XB1.
New Hardware Features in Cisco IOS Release 12.3(2)XB
There are no new hardware features supported in Cisco IOS Release 12.3(2)XB.
New Software Features in Cisco IOS Release 12.3(2)XB
The following new software features are supported by the Cisco 7000 family for Cisco IOS Release 12.3(2)XB:
GGSN
Platforms: Cisco 7200 series routers
GPRS is a service designed for Global System for Mobile Communications (GSM) networks. GSM is a digital cellular technology that is used worldwide, predominantly in Europe and Asia. GSM is the world's leading standard in digital wireless communications.
GPRS is standardized by the European Telecommunications Standards Institute (ETSI). The most common application of GPRS is expected to be Internet/intranet access. Cisco Systems' GPRS solution enables mobile wireless service providers to supply their mobile subscribers with packet-based data services in GSM networks.
GPRS introduces the following two new major network elements:
•
•
MIBs
Current MIBs
To obtain lists of supported MIBs by platform and Cisco IOS release, and to download MIB modules, go to the Cisco MIB website on Cisco.com at http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml.
Deprecated and Replacement MIBs
Old Cisco MIBs will be replaced in a future release. Currently, OLD-CISCO-* MIBs are being converted into more scalable MIBs without affecting existing Cisco IOS products or network management system (NMS) applications. You can update from deprecated MIBs to the replacement MIBs as shown in Table 6.
Important Notes
New Implementations and Behavior Changes in Cisco IOS Release 12.3(2)XB2
The following sections describe new implementations and behavior changes since Cisco IOS Release 12.3(2)XB1:
Redirecting Traffic
With Cisco IOS Release 12.3(2)XB2 and later, you can use the redirect all ip in an APN configuration command to redirect all traffic.
Using the Redirect All Traffic feature, you can:
•
If redirecting traffic using the Mobile-to-Mobile Redirect feature, only packets for which the destination address belongs to an MSs that is active on the same GGSN can be redirected. If the receiving MS has no PDP context in the GGSN where the sending MSs PDP context is created, the packets are dropped.
•
To redirect all traffic to a specific IP address, issue the following command while in an APN configuration mode:
redirect all ip ip-address
Configurable SGSN PLMN ID in G-CDRs
With this release of the GGSN software, you can configure G-CDRs to include the SGSN PLMN ID attribute. To maintain interoperability with a charging gateway that does not support the SGSN PLMN ID parameter, by default, this parameter is not included in G-CDRs.
To configure the GGSN to include the SGSN PLMN ID in G-CDRs, issue the following command while in global configuration mode. To return to the default, issue the no form of this command:
gprs charging cdr-option sgsn-plmn
This new feature is identified by CSCed61417.
New Implementations and Behavior Changes in Cisco IOS Release 12.3(2)XB1
The following sections describe new implementations and behavior changes since Cisco IOS Release 12.3(2)XB:
Packet of Disconnect
In previous releases, the IMSI and NASPI attribute were mandatory in POD request to identify every session. In Cisco IOS Release 12.3(2)XB1 and later, these two attributes are no longer mandatory.
Additionally, in Cisco IOS Release 12.3(2)XB1 and later, the Acct-Session-Id is now a supported attribute in POD.
Route Probe
With this release, once a PDP context has been established, the GGSN can send a route probe to a specified destination. The source IP address of the probe packet is the PDP context IP address.
To enable the route probe feature, issue the following command while in global configuration mode:
ip probe path address protocol udp [ port port ttl ttl ]
Note
L2TP over VRF
With Cisco IOS Release 12.3(2)XB1, the GGSN supports VRF-aware L2TP.
When using VRF-aware L2TP, when GTP tries to open an L2TP tunnel for a PPP context on an APN, it initiates a tunnel with the LNS at the address within the address range of the VRF configured. Once this tunnel is established, all subsequent L2TP-encapsulated packets are sent within this VRF.
Note
Configuration Example
GGSN Configuration
The following is the configuration example for multiple APNs in different L2TP VRFs.
!ip vrf apn-vrf1rd 1:1!ip vrf apn-vrf2rd 1:2!interface Gi1ip forwarding vrf apn-vrf1ip address 1.1.1.2 255.255.0.0!interface Gi2ip forwarding vrf apn-vrf2ip address 2.1.1.2 255.255.0.0!vpdn-group 1request-dialinprotocol l2tpdomain www.apn1.cominitiate-to ip 1.1.1.1vpn vrf apn-vrf1!vpdn-group 2request-dialinprotocol l2tpdomain www.apn2.cominitiate-to ip 2.1.1.1vpn vrf apn-vrf2!gprs access-point-list gprsaccess-point 1access-point-name www.apn1.comvrf abc1!access-point 2access-point-name www.apn2.comvrf abc2!RADIUS Configuration
Note
The following is a configuration example of the tunnel configurations on the RADIUS server:
www.apn1.com Password = "cisco"Service-Type = Outbound-User,cisco-avpair = "vpdn:tunnel-type=l2tp",cisco-avpair = "vpdn:ip-addresses=1.1.1.1",cisco-avpair = "vpdn:vpn-vrf=apn-vrf1"Limitations
When using the L2TP over VRF feature, the following limitations apply:
1.
2.
3.
TFTP/FTP over VRF
With Cisco IOS Release 12.3(2)XB1 and later, GGSN 4.0 supports TFTP/FTP over VRF.
To enable this feature, issue the following configuration command where interface is the interface that has the required VRF associated with it:
ip [t]ftp source-interface interface
Note
New Recommended IPSec Configuration for VRF-Aware/GRE Tunnel Interfaces
The following example is the recommended configuration for when configuring IPSec using VRF and IPSec Profiles.
GGSN Configuration
!hostname ggsn1!! IPSec configuration for GGSNcrypto isakmp policy 1authentication pre-sharegroup 2!! 10.58.0.8 is address of peer, or PDN!crypto isakmp key sharedkey address 10.58.0.8crypto ipsec transform-set auth2 esp-des esp-sha-hmaccrypto ipsec profile tunnelset tranform-set auth2!! ISA card is required for IPSec support!controller ISA 1/1!interface Tunnel100ip vrf forwarding vpn1ip address 10.58.0.7 255.255.0.0tunnel source FastEthernet2/0tunnel destination 14.0.0.3tunnel protection ipsec profile tunnelrouter eigrp 10network 10.56.0.0network 10.58.0.0PDN configuration
!hostname pdn1a!!! IPSec configuration on the PDN!crypto isakmp policy 1authentication pre-sharegroup 2!! 10.58.0.7 is address of peer, or GGSN!crypto isakmp key sharedkey address 10.58.0.7crypto ipsec transform-set auth2 esp-des esp-sha-hmaccrypto ipsec profile tunnelset transform-set auth2!controller ISA 1/1!!interface Tunnel100ip address 1.1.1.5 255.255.255.0tunnel source FastEthernet2/0tunnel destination 14.0.0.1tunnel protection ipsec profile tunnel!! ISA card is required for IPSec support!router eigrp 10network 10.2.0.0network 10.58.0.0network 10.59.0.0!!3GPP RADIUS Attributes Support for PPP PDP Contexts
In previous releases, the 3GPP RADIUS attributes were only supported for IP PDP contexts. With this release, 3GPP RADIUS attributes are also sent for PPP PDP contexts.
Improved DHCP Performance
With this release of the Cisco IOS GGSN software, with route aggregation configured under the access point, DHCP performance is approximately 50 activations per second.
Support for Sending MSISDN to LNS for PPP-Regeneration
With Cisco IOS Release 12.3(2)XB1, the calling_station_id (MSISDN) is sent over L2TP tunnels for PPP-Regeneration users.
Caveats for Cisco IOS Release 12.3 XB
Caveats describe unexpected behavior in Cisco IOS software releases. Severity 1 caveats are the most serious caveats; severity 2 caveats are less serious. Severity 3 caveats are moderate caveats, and only select severity 3 caveats are included in the caveats document.
This section contains only open and resolved caveats for the current Cisco IOS maintenance release.
All caveats in Cisco IOS Release 12.3 and Cisco IOS Release 12.3 T are also in Cisco IOS Release 12.3(2)XB3.
For information on caveats in Cisco IOS Release 12.3, see Caveats for Cisco IOS Release 12.3.
For information on caveats in Cisco IOS Release 12.3 T, see Caveats for Cisco IOS Release 12.3 T, which lists severity 1 and 2 caveats and select severity 3 caveats and is located on Cisco.com and the Documentation CD-ROM.
Note
Because Cisco IOS Release 12.3(2)XB is the initial base release, there are no resolved caveats. For a list of the resolved caveats, refer to the next set of release notes for this release version.
Open Caveats—Cisco IOS Release 12.3(2)XB3
This section documents possible unexpected behavior by Cisco IOS Release 12.3(2)XB3 and describes only severity 1 and 2 caveats and select severity 3 caveats.
•
Cisco GGSN sends a wrong NAS-IP-Address value in the requests to the Radius server under the condition that the radius source interface is configured. This might cause the Radius servers to reject the AAA requests.
Workaround: Do not use this CLI. Instead, use the outgoing interface IP address for the NAS-IP-Address.
•
Cisco GGSN sends an Accounting Stop request to the AAA server under the condition that the User Authentication had failed and there were no Accounting Start sent for the same.
There are no known workarounds.
Resolved Caveats—Cisco IOS Release 12.3(2)XB3
All the caveats listed in this section are resolved in Cisco IOS Release 12.3(2)XB3. This section describes only severity 1 and 2 caveats and select severity 3 caveats.
•
Cisco GGSN may not store the local records sequence number properly.
This issue occurs if the Cisco GGSN is under a little stress. This is a rare occurrence as the box needs to be under constant stress and should reload during that stress.
There are no known workarounds.
•
A Cisco router running gateway GPRS Support node software (GGSN) may see a traceback when trying to ping a MN address from GGSN.
This issue occurs when PDP context is activated for a MN and then pinging the MN from GGSN. Traceback will appear on console.
There are no known workarounds.
•
A Cisco router running Gateway GPRS Support Node (GGSN) may reload when entries in cgprsCgGatewayTable are periodically created/deleted.
GGSN unexpectedly reloads under the following conditions:
–
–
–
There are no known workarounds.
•
When using transmission control protocol (TCP) towards the Charging gateway, A Cisco router running gateway General Packet Radio Service (GPRS) support node (GGSN) software may send a Call Data Record (CDR) with one byte repeated in the message.
This issue only occurs when TCP message could not be sent out of GGSN in the first attempt due to any of the socket related failures.
Workaround: Only the particular message above would not be understood by the charging gateway. All following messages are not affected by this error.
•
On a Cisco GGSN Router running IOS 12.3(2)XB2 with charging enabled, if any APN is removed after any PDP Context is created and deleted, the GGSN router will leak some small amount of memory.
There are no known workarounds.
•
This problem happens to a GTP Create Response sent from a Cisco GGSN as a reply to a Create Request for an already existing IP PDP. The PCO IE is added multiple times into the Create Response.
This defect exists in GGSN release R3.1, R4.0 and R5.0.
There are no known workarounds.
•
The ppp_regen_total_drop counter in "show gprs gtp statistics" and its corresponding MIB parameter, cGgsnDroppedPppRegenPdps, does not get updated when the ppp-regeneration max-session limit is hit.
This issue occurs when the "ppp-regeneration max-session" limit (as configured at the APN level) is reached.
There are no known workarounds.
•
When conditional debug is enabled on a Cisco GGSN for debugging conditionally for a give IMSI/TID PDP session in conjunction with PPP regeneration debugs, the output display some information for other sessions as well.
There are no known workarounds.
•
On a Cisco router running Gateway GPRS support node software (GGSN), Packet Of Disconnect (POD) does not delete the PDP when Accounting Session ID is used.
There are no known workarounds.
•
GGSN reloads under stress.
This issue occurs when the following is perform:
–
–
–
–
–
There are no known workarounds.
•
A Cisco router running gateway GPRS support node (GGSN) software release 4.0 may not delete the PDP contexts when a different restart counter is received from the SGSN in a echo response message.
This issue only occurs when the Serving GPRS support node (SGSN) reloads and then sends a create PDP context request message to the GGSN with the new restart counter before a Echo request is received from the GGSN. When the GGSN gets a create request with new restart count, GGSN would record the SGSN's restart count and deletes any other PDP context in the SGSN path. Subsequently if SGSN again reloads and sends another restart counter, this time in the Echo response, the earlier created PDP context does not get deleted.
Workaround: The PDP contexts left without a corresponding PDP context on SGSN (due to SGSN reload) can be cleared either manually or would get deleted after the idle timer expiry or would get updated when the MS subsequently again tries to connect to the network.
•
A Cisco router running gateway GPRS Support node (GGSN) software sends back a Radius Packet of Disconnect (POD) response with an incorrect source port.
When Cisco GGSN received a POD request to disconnect a PDP context, GGSN processes the request and sends back a response with 1645 as the source port.
This issue occurs under all conditions when a POD response is being sent from the GGSN.
There are no known workarounds.
•
When a GTPv1 PDP create request is rejected with a cause value of "no resource" because the maximum number of PDP contexts on the GGSN is exceeded, no GGSN trap (cGgsnNotification) is generated.
This issue is observed on Cisco IOS 12.3(2)XB1 or earlier with GGGSN service enabled and with GTPv1.
There are no known workarounds.
•
When the Cisco GGSN receives a t-pdu with option field included in the ip header of the payload and umts qos mapping is enabled, then the header checksum after remarking the tos field may be incorrect. This causes the GGSN to discard these packets and also not account for them.
This issue is observed on Cisco IOS 12.3(2)XB2 or earlier with GGGSN service enabled.
Workaround: Unconfigure umts qos mapping.
•
When a Cisco router is running GGSN software, if SGSN sends an echo request message to GGSN, GGSN always marks IP TOS with charging data TOS in the echo response message.
Workaround: To mark IP TOS in the echo response message correctly with GTP signaling TOS, configure both the GTP signaling and charging data as the same TOS value using the following command:
gprs umts-qos map traffic-class signalling
gprs charging map data tos
•
Cisco ggsn, under low IO memory/stress situations, shows the counters for "Number of CDRs" and "Number of Containers buffered" non-zero values even when there are no PDPs present.
There are no known workarounds.
•
With Cisco GGSN router running IOS 12.3(2)XB2, the router could reload if TCP is used as the charging path protocol when no service gprs ggsn is used to disable GPRS service.
Workaround: Use UDP as the charging path protocol.
•
With Cisco GGSN router running 12.3(2)XB2, the router could experience high CPU utilization rate when "gprs charging cdr-option local-record-sequence-number" is configured.
Workaround: Remove the above CLI and reload the GGSN router.
•
Traceback appeared when a secondary pdp is sent with a different restart counter value.
The traceback should not be seen in 4.0. The diff is applied to 4.0. It will make the code consistent and save some wasted cycles.
There are no known workarounds.
•
This problem is with the last_access_time display in GTP's show output for a PPP PDP context, regardless if L2TP is used for its further forwarding. The reception of downlink user traffic by the context does not get this time stamp updated.
This issue occurs on GGSN release R3.1, R4.0, and R5.0.
Workaround: CEF-switch all user traffic for all PPP PDP contexts and do not use L2TP at all (if these are possible).
•
A Cisco router running Gateway general packet radio service (GPRS) Support Node (GGSN) may reload for cgprsAccPtAaaAuthServerGroup config scenario.
This issue occurs when a Cisco router running Gateway general packet radio service (GPRS) Support Node (GGSN) may reload when trying to unconfigure Access point AAA authorization server group name and at the same time trying to suppress MSISDN on access point, both using multiple SNMP varbind.
There are no known workarounds.
•
GGSN unexpectedly reloads upon memory corruption after unconfiguring and reconfiguring CGs.
This issue occurs when CG have been removed and reconfigured using maintenance mode when there are pending messages on the charging path.
Workaround: Do not unconfigure CG with pending messages on the path.
Open Caveats—Cisco IOS Release 12.3(2)XB2
This section documents possible unexpected behavior by Cisco IOS Release 12.3(2)XB2 and describes only severity 1 and 2 caveats and select severity 3 caveats.
•
Cisco GGSN Router running 12.3(2)XB1 will leak about 32 bytes memory for each PPP regeneration PDP Context created and deleted.
There are no known workarounds.
•
Not able to configure more than 97 authentication/autorization/acct group method list on a cisco router running ggsn r4.0 image.
There are no known workarounds.
•
The cisco router running gateway GPRS support node software (GGSN) does not accept a GTP request containing a Release 97 QoS profile with peak throughput set to a value higher than 9. As per the specification, any value higher than 9 should be treated as default value.
This issue occurs only when GGSN receives a GTP create or update request with an release 97 qos profile with a peak throughput value set to greater than 9.
There are no known workarounds.
Resolved Caveats—Cisco IOS Release 12.3(2)XB2
All the caveats listed in this section are resolved in Cisco IOS Release 12.3(2)XB2. This section describes only severity 1 and 2 caveats and select severity 3 caveats.
•
This problem is with the simultaneous use of aggregated routes and mobile-to-mobile redirection on the same APN on the same GGSN. When these two features are used together, there is no way to redirect all packets to a desired destination and those destined to inactive PDP contexts get dropped.
This problem happens to all GGSN release R3.1, R4.0 and R5.0.
Workaround: Do not use these two features if possible. If not, then there is no workaround.
•
A Cisco router that is running Gateway General Packet Radio Service (GPRS) Support Node (GGSN) software is incrementing "optional-IE-incorrect" counter of the show gprs gtp statistic command wrongly.
This happens when the optional parameters required in a GTP's Create Request for a PDP context are wrong or missing.
There are no known workarounds.
•
When the idle timeout value is set from RADIUS user profile to 0, Cisco GGSN router still deletes the PDP Contexts when the minimum idle timer (3600 seconds) expires.
This issue occurs on all Cisco GGSN releases.
There are no known workarounds.
•
On a Cisco router running gateway general packet radio service (GPRS) support node software (GGSN), the point to point (PPP) packet data protocol (PDP), PPP over layer two tunneling protocol (L2TP), and PPP Regeneration, the PDP Contexts are deleted by Cisco GGSN when the idle purge timer expires based on the values configured on GGSN, but not from the RADIUS user profile.
This issue occurs under all conditions for the specified type of PDP contexts.
There are no known workarounds.
•
Cisco GGSN sends more than 1 CDR with the PDP Context session terminate cause when a lot of data is being sent through the PDP Context while the PDP Context is being deleted.
Cisco GGSN IOS 12.3(4)T and 12.3(2)XB have this issue.
There are no known workarounds.
•
When packets are sent to GGSN PPP PDP context with PPP PFC/ACFC configured, there is traceback initially.
Workaround: Unconfigure PFC/ACFC from GGSN virtual-template for PPP.
•
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
•
With the Cisco GGSN router running 12.3(2)XB1, for PPP PDP terminated at GGSN, if the idle timeout value is set from the RADIUS user profile, when the idle timer express, the accounting terminate cause value is in-correctly set to none. It should be Idle Timeout.
There are no known workarounds.
•
GGSN reloaded under stress condition when a lot of dynamic PDP context create requests are sent at high rate with address allocation by (slow) external DHCP Server and authentication by RADIUS server.
There are no known workarounds.
•
A Cisco router running gateway general packet radio service (GPRS) support node (GGSN) software may reload under low memory conditions due to memory corruption. Messages are seen on GGSN console indicating out of memory situation and a subsequent crash due to access to a corrupt memory.
These issues occur only when memory allocation failures are happening and charging volume containers are closed at a high rate.
Workaround: Configure memory threshold of 50MB so that GGSN does not get into the low memory situation.
•
A Cisco router running gateway general packet radio service (GPRS) support node (GGSN) software, may encounter a spurious memory access under stress situation when the router has low memory causing memory allocation to fail to open a container. A spurious memory access is recorded on the GGSN.
This issue occurs only when GGSN is running low on memory under stress situations and containers cannot be allocated to close CDR.
There are no known workarounds.
•
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
•
When a PDP context is rejected with a cause value of "no resource", for the case where this is caused by a local pool running out of ip addresses, no GGSN trap (cGgsnNotification) is generated.
This issue is observed on Cisco IOS 12.3(2)XB1 or earlier with GGGSN service enabled and APN using local pool for address allocation.
There are no known workarounds.
•
Some T-PDU may not be counted by G-CDR. Due to an issue with the timing of the T-PDU and process switch of two internal processes.
This issue is easier to see under bursts of traffic.
There are no known workarounds.
•
The charging characteristics value in the CDR can sometimes be incorrect value when it is supposed to be zero.
This issue occurs only when the parameter is not set or zero.
Workaround: CG should ignore this parameter as a workaround since in GGSN 4.0 the Charging Characteristics parameter is not really used.
•
Add new command to enable SGSN PLMN ID in CDR. And to maintain interpretability with a CG which does not support this parameter, it should also be by default disabled.
The CLI would be:
gprs charging cdr-option sgsn-plmnThere are no known workarounds.
•
The GGSN does not respond to a GTP v1 create request from a different SGSN for an existing PDP context when the restart counter is included in the gtpv1 create request.
This issue is observed on Cisco IOS 12.3(2)XB1 or earlier with GGSN service enabled. This happens only if the restart counter is included in the create request and the create request is from a different SGSN for an already existing PDP session on the GGSN.
There are no known workarounds.
•
When broadcast traffic is sent under the following condition, the packet is not counted by GGSN.
1) PDP is in VRF
2) VRF has default route to a gateway outside GGSN
3) GPRS Virtual template configure ip unnumbered, not directly config ip address.
The reason is broadcast packet failed to be switched out, the packet will be restore to its original (include GTP encap) and punt to process level. In this restore handling, we didn't restore the VRF setting on the packet. So the packet end up in VRF routing table. but since VRF table doesn't have route for GGSN address, so it will be forward to default gateway without enqueue for GTP manager.
The fix is in the "restore" procedure, we also restore the packet routing table setting to global routing table.
Workaround: Config a GGSN address in the VRF table either by loopback interface or config the GGSN address directly in gprs virtual-template. but if use the later option, you need to also config "no virtual-template sub-interface" as well.
•
A Cisco router that is running Gateway General Packet Radio Service (GPRS) Support Node (GGSN) software is sending attribute IMSI-MCC-MNC incorrectly in radius records (access/accounting).
This issue occurs when the number of digits of configured MNC in GGSN is different from the actual.
There are no known workarounds.
•
A Cisco router running gateway general packet radio service (GPRS) support node (GGSN) software, changes the APN name for an existing pdp when an update request is sent with a new APN information.
This issue only occurs when an update request is sent with this APN information element, this happens.As per the spec 29.060 update req does not have the APN ie in it.
There are no known workarounds.
•
When a PDP Create Request without TFT IE sent on existing PDP and that PDP had no TFT, GGSN rejects the request instead of updating the PDP context.
There are no known workarounds.
•
A Cisco router running gateway general packet radio service GPRS) support node (GGSN) software, may encounter a traceback when a secondary create pdp context is sent with a different restart counter.
This issue occurs only when the secondary pdp context is sent with a different restart counter value.
There are no known workarounds.
•
On a cisco router running gateway GPRS support node (GGSN) software, if transport control protocol (TCP) is used as path protocol to a charging gateway (CG) which is ACTIVE, and if the CG is unconfigured, the TCP connection to the charging gateway is not terminated.
A TCP connection is seen on the GGSN, even though there is no charging gateway owning the connection.
This problem only occurs when a charging gateway is unconfigured after TCP connection is established.
Workaround: TCP connection has to be cleared by CLI "clear tcp tcb <>".
•
This unexpected reloading of the router happens to on APN configured with PPP-Regen on a GGSN running release R4.0 or R5.0. When continuous data traffic is sent downlink through this PPP-Regen session while an attempt to delete this session is simultaneously done, the GGSN crashes.
There are no known workarounds.
•
A Cisco router running GPRS Gateway Support Node Software does not send attribute 45 in the accounting records for PPP PDP terminating on GGSN.
This issue occurs when the attribute 45 is not send in accounting records when PDP is PPP terminating on GGSN.
There are no known workarounds.
•
SGSN PLMN ID is not sent in the CDR after receiving the RA update with RAI change.
There are no known workarounds.
•
A Cisco router running gateway GPRS Support node software (GGSN), may not send a create context response for a PPP-Regeneration type PDP context, when IP address cannot be allocated for the session. A Create response is not sent back with negative cause code when a PPP-Regeneration type PDP context fails to get an IP address allocated.
This issue occurs only when IP address allocation fails for the context.
Workaround: The PDP context eventually gets deleted after the session timeout/ idle timeout or a manual clear command can be issued to clear this PDP context.
•
On a Cisco router running Gateway GPRS support node software (GGSN), if accounting is not configured,then PPP PDP is not created.
This issue is observed in R3.1 YY3, R4.0 YW1 and R5.0 GGSN images.
Workaround: Have accounting configured.
Open Caveats—Cisco IOS Release 12.3(2)XB1
This section documents possible unexpected behavior by Cisco IOS Release 12.3(2)XB1 and describes only severity 1 and 2 caveats and select severity 3 caveats.
•
For PPP PDP, PPP over L2TP, and PPP Regeneration, the PDP Contexts are deleted by Cisco GGSN when the idle purge timer expires based on the values configured on GGSN, but from the RADIUS user profile.
This problem occurs on all Cisco GGSN IOS releases.
There are no known workarounds.
•
This problem happens with PPP PDP contexts when IP CEF is turned ON on the GGSN and these contexts' TPDUs are carried in IP fragments over the IP link between the SGSN and the GGSN. The required condition is that the length of the TPDU does not exceed the MTU before the addition of the GTP/UDP/IP headers in front, but after. This makes IP fragmentation happens to the IP transport between the SGSN and the GGSN.
When this problem occurs, the last fragment got CEF switched through the GGSN but its prior fragments of the same frame, which arrived earlier, got punt to the process level and then processed later and considered out of sequence.
This problem happens to GGSN release R4.0 and later off Cisco IOS release 12.2(8)YW.
Workaround: Enforce the use of an MTU on the handsets shorter than 1.5K minus the total length of the headers of GTP/UDP/IP.
•
On a cisco router running gateway GPRS support node (GGSN) software, if transport control protocol (TCP) is used as path protocol to a charging gateway (CG) which is ACTIVE, and if the CG is unconfigured, the TCP connection to the charging gateway is not terminated.
A TCP connection is seen on the GGSN, even though there is no charging gateway owning the connection.
This problem only occurs when a charging gateway is unconfigured after TCP connection is established.
Workaround: TCP connection has to be cleared by CLI "clear tcp tcb <>".
Resolved Caveats—Cisco IOS Release 12.3(2)XB1
All the caveats listed in this section are resolved in Cisco IOS Release 12.3(2)XB1. This section describes only severity 1 and 2 caveats and select severity 3 caveats.
•
If a Cisco router running Gateway GPRS Support node software (GGSN) receives a Create PDP context request with faulty IPCP options in protocol configuration options (PCO) information element, there is a possibility of a reload.
This is a rare circumstance and only encountered if such a malformed Create PDP context request is received by the GGSN. The PCO IE in the create request packet should have IPCP options with code as 0 and length as 0 for this problem to occur. This is a rare situation because SGSN would validate this information element before sending the create request to the GGSN.
There are no known workarounds.
•
GGSN leaks memory when IP-IMSI mappings are configured and unconfigured for the Network Initiated PDP feature.
This only happens under the condition of configuring and unconfiguring the IP-IMSI mappings with the following CLI:
gprs nip ip-imsi single <apn index> <ip addr> <IMSI>no gprs nip ip-imsi single <apn index> <ip addr> <IMSI>There are no known workarounds.
•
If activate/deactivate PPP PDP for L2TP at the high rate with high traffic and charging on, there is some potential small memory leak on VPDN.
There are no known workarounds.
•
On a Cisco router running gateway GPRS support node (GGSN) software, the command line interface (CLI) to configure general packet radio service (GPRS) memory threshold does not clearly indicate the unit used to compute the memory threshold value. This leads to come ambiguity when configuring this value on the GGSN.
This problem occurs only when the CLI "gprs memory threshold" is being used to change the default value of memory threshold on the GGSN.
Workaround: The description and unit used by the CLI can found in the user documentation of GGSN.
•
GGSN shows the CLI "show gprs gtp pdp" as valid when it is actually an incomplete command.
ggsn#sh gprs gtp pdp ?access-point show pdp by apnall show all PDPsimsi show pdp by imsi valuems-address show pdp by end user ip addresspath show pdp by pathpdp-type show pdp by protocol typeqos-delay show PDPs by qos-delaytid show pdp by tidversion show pdp by gtp version| Output modifiers<cr>There are no known workarounds.
•
GGSN reloads if charging redirection request is sent from a charging gateway with a very large length value in the Information Element (instead of the correct value of 4 for IPv4 types).
There are no known workarounds.
•
Cisco GGSN does not send teardown indicator set when the DHCP address lease is expired and can not be extended. Hence in the condition where primary and secondary PDP's are existing for the same IMSI there it might end up having the IP address released back to the DHCP server despite having at least one PDP still using the same.
There are no known workarounds.
•
Cisco GGSN takes some time to insert routes for MS under high rate of PPP PDP activation with external DHCP server assigning IP addresses
This problem occurs when Cisco GGSN receives PPP pdp context creation at high rate.
Workaround: One way is to configure "ppp hold-queue <queue-limit>".
•
GGSN cannot fallback to GTP version 0 when it receives a version not supported message as a response to version 1 signalling message.
This problem occurs only in case of receipt of version not supported message. The other triggers for GGSN to fallback to a lower version are as follows:
–
–
There are no known workarounds.
•
Cisco GGSN running Rel 3.1 or Rel 4.0 software, uses code 02 (CONF ACK) instead of 03 (CONF NACK) when sending back IPCP address related option(s) (IPCP address, primary/secondary DNS/NBNS address) in the PCO of Create PDP Context Response message even though the address(es) in the response message is/are different from that in the PCO of Create PDP Request message.
There are no known workarounds.
•
For a v1 PDP with a r99 QoS (QoS profile length 11), a change in the allocation/retention priority causes a container/CDR to be added.
Normally this should not occur as a MS using a r99 QoS would not change its allocation/retention priority because it does not use it.
There are no known workarounds.
•
When GGSN detects there is SGSN change and which belongs to a different PLMN, it closes current CDR but subsequently does not open a new one.
There are no known workarounds.
•
When a ISRAU is received with a different QoS, the first container in the second CDR repeats the byte counts that have already been reported in the last container of the previous CDR.
The total byte counts for closing the CDR on volume trigger is still correct.
This problem occurs when PDP is updated with both SGSN and QoS at the same time.
There are no known workarounds.
•
For v1 PDP with a r99 qos (length = 11), the r98 qos should be ignored.
For a v1 PDP which was created with a r99 QoS profile (length = 11), a change in the r98 QoS causes the current charging container closed with change condition: QoS change. So an extra container is generated in this case.
This should not happen as there is no reason why a v1 PDP using r99 QoS, would change the r98 QoS after the PDP is created, since it doesn't use it.
There are no known workarounds.
•
When down stream cef switch failed, the packet punt to process level. The gtp sequence number will be incremented by 2.
This occurs with down stream packet only and cef switch has to fail.
Workaround: Disable cef or correct the problem that failed the cef switch.
•
When GGSN sends back a NACK in responding to a POD from a Cisco Radius simulator, the radius simulator is complaining invalid attribute of length 40.
There are no known workarounds.
•
Cisco GGSN shows wrong 'activated gtpv0 pdp'/'activated gtpv1 pdp' in the gtp status display after many GTPv1<->GTPv0 handoff's under low memory condition.
The problem occurs when the configured low memory threshold is reached.
There are no known workarounds.
•
Cisco GGSN sends a wrong value for the NAS ID attribute in the Accounting request than the one configured under the Access Point under the condition when the NAS ID is configured under the Access Point as well as at the global level.
Workaround: Configure the same either at the Access Point or at the Global Level, but not both.
•
Cisco gateway GPRS support node (GGSN) reloads when configuring/unconfiguring the default aggregate configuration using SNMP Object cGgsnDefaultAggregRowStatus (defined in CISCO-GGSN-MIB) and then reconfiguring the same.
This problem is observed on a Cisco 7200 series router that is running Cisco IOS Release 12.3(4)T but is not platform specific.
There are no known workarounds.
•
Under very high rate of IP PDP open/close on GGSN, there will be process memory leak.
Workaround: More GGSN is needed to increase system capacity and load.
•
After sending a lot of packet, the PDP byte count shows negative number.
Root cause: counter overflow
There are no known workarounds.
•
Cisco GGSN doesn't attempt to connect to the Charging Gateway at the configured value for the same, instead it makes a connection at a much earlier time.
Workaround: Configure more number of TCP re-transmissions.
•
When a Create Request with a new restart count comes on existing PDP context, Cisco GGSN deletes the PDP context without creating a new one and sending back a response.
There are no known workarounds.
•
Cisco GGSN does not delete the corresponding PDP context when receiving an Error Indiction message. This happens if the source port of the Error Indication is not the well-known port.
There are no known workarounds.
•
On a cisco router running gateway GPRS support node (GGSN) software, the call data record (CDR) may be incorrectly closed when a routing area update (RAU) is received with a different routing area identity (RAI) information element (IE) in a PDP update request.
The existing CDR is closed for the PDP context and no new CDR is opened although the PDP is still active on GGSN.
This problem only occurs when a update PDP context request is received with a different RAI IE.
There are no known workarounds.
•
Cisco GGSN when sending Echo Response with Private Extension IE includes a wrong length field (8 instead of 5) in the IE.
There are no known workarounds.
•
Cisco GGSN may crash while displaying APN contents with the show gprs access-point <index> command. This can happen if concurrently other management tools is being used to create/delete APN on the GGSN.
There are no known workarounds.
•
All the serdes are reset before LC/RP bringup
There ar e known workarounds.
•
When GGSN receives a Create PDP Context Request with the header length less than the total GTP packet length, the GTP message too short counter is not incremented.
There are no known workarounds.
•
GGSN displays incorrect Mobile ip addresses for Mobile to Mobile redirection packets in the "debug gprs gtp messages output".
There are no known workarounds.
•
Cisco GGSN may drop uplink packets for PPP PDP type when the Gi is configured under VRF. This happens when CEF is turned on.
This happens for the following:
–
–
–
There are no known workarounds.
•
This problem happens to the redirection of mobile-to-mobile traffic in Cisco GGSN's YW Throttle Release 4.0. When such traffic is sent from any mobile to another which uses the PPP PDP type, during the redirection of this traffic away from the egress APN towards a Gi interface, the number of bytes in these redirected packets is accounted incorrectly on the GGSN. A few more bytes would be accounted and shown in the show output under the corresponding PDP context.
This problem does not happen if the PDP type of the second mobile handset is not PPP.
There are no known workarounds.
•
When a Cisco gateway GPRS support node (GGSN) receives the routing area update to change the data address of the serving GPRS support node (SGSN), the downstream traffic for the PPP packet data protocol (PDP) interface may fail to reach the SGSN and traffic may be dropped.
This problem is observed on a Cisco GGSN that is running Cisco IOS Release 12.2(8)YW.
There are no known workarounds.
•
Cisco GGSN keeps the TCP connection to both the PRIMARY and Secondary CG as UP and in ESTAB state under stress scenario or when memory is low.
There are no known workarounds.
•
A cisco router running Gateway GPRS support node software (GGSN) may potentially leak small memory if DHCP server responds with a NAK for the initial ADDRESS request. This is a rare situation since DHCP would NAK initial request only if it finds the DHCP REQ parameters wrong. These are picked up from the initial DHCP OFFER and the possibility of being wrong is very remote.
There are no known workarounds.
•
Cisco GGSN leaks memory when ggsn service is started and stopped repeatedly.
This happens only when you configure the following repeatedly:
Router(config)#service gprs ggsnRouter(config)#no service gprs ggsnThere are no known workarounds.
•
CISCO GGSN runs out of IO memory and CPU will be hogged by GTP PDP Cleanup process when delete requests are sent to those pdps which are under process of deletion by some other means such as deactivation of pdps while access-violation happens.This problem occurs only if this scenario runs for multiple sessions and long hours.
There are no known workarounds.
•
When PPP PDP ACFC (i.e. no 0xFF03), for upstream traffic, if they are rejected due to the access-list configuration at the GGSN, we could see the traceback.
There are no known workarounds.
•
A Cisco router running Gateway GPRS Support Node (GGSN) software may reload under stress conditions during sending Accounting records.
This problem occurs under extremely rarely conditions when wait accounting is enabled in GGSN.
There are no known workarounds.
•
When the authentication parameters required in a GTP's Create Request for a PPP-Regen context are wrong or missing, the GGSN properly fails the call but does not increment the optional-IE-incorrect counter in the output of the show gprs gtp statistic command.
This problem happens to both GGSN releases R3.1 & R4.0.
There are no known workarounds.
•
GGSN shows invalid characters in show gprs gtp ms all command output on creating a PPP PDP.
There are no known workarounds.
•
A Cisco router running Gateway GPRS Support node software (GGSN), may reload due to access to an illegal address. This occurs when the process on the GGSN that is sending out a GTP response is suspended, due to multiple pending events. If any of these events acts on this PDP context causing its deletion within this timeframe, there is a possibility of a reload, if the suspended process accesses this context after resumption.
There are no known workarounds.
•
GGSN displays incorrect counter value (for cef_up_byte field) in the "sh gprs gtp pdp tid" output on sending an US TPDU having payload as gtp packet.
There are no known workarounds.
•
GSN unexpectedly reloads with the following traceback:
0x60798124:free(0x6079809c)+0x880x60024680:gtp_gtpsock_free(0x60024658)+0x280x60025CDC:gtp_io_cleanup_gtpsock(0x60025ca0)+0x3c0x600263D8:gtp_io_process_message(0x600260ec)+0x2ec0x60026850:gtp_io_process(0x60026704)+0x14cThis problem occurs in come images. It is a combination of events happening at the same time.
There are no known workarounds.
•
GGSN SNMP agent expects the InetAddress to be in dotted decimal which should rather be in hexadecimal string.
for eg:-To set an ip address of 10.13.14.15, GGSN SNMP agent expects it to bein "10.13.14.15" string.. it needs to accept it as hexadecimal value0a:0d:0e:0f (where ":" is a delimiter).There are no known workarounds.
•
While querying cgprsGtpTotalNumAllocIpAddr defined in CISCO-GPRS-GTP-MIB, the counter shows up a very high value.
Workaround: The object cgprsGtpTotalNumAllocIpAddr defined in CISCO-GPRS-GTP-MIB has been deprecated by cgprsAccPtIpAddrAllocations defined in CISCO-GPRS-ACC-PT-MIB.
Note
•
On CISCO GGSN,US byte counts rcv_byte_count/cef_up_byte are not incremented properly when cef is on incase off ppp term. session.
There are no known workarounds.
•
In CISCO GGSN, ppp-regen session is not properly cleaned if creation fails due to some reason like user/tunnel authentication fails resulting stale session.
Workaround: Clear this session using CLI, clear gprs gtp pdp all.
•
A Cisco router running Gateway GPRS Support Node (GGSN) software is not increment the "optional_ie_incorrect' counter of `sh gprs gtp statistics" output.
This happens when it gets a redirection request with an incorrect optional IE (Address of Recommended Node incorrectly). Here instead of incementing "optional_ie_incorrect" counter, it is incrementing "ie_unknown" counter.
There are no known workarounds.
•
CISCO GGSN sends incorrect flow label in pdp create response while creating a session
There are no known workarounds.
•
CISCO GGSN leaks IO and processor memory if charging gateway switchover happens during charging data record (CDR) transmission
There are no known workarounds.
•
Cisco GGSN running R4.0 image leaks memory after querying the following snmp mibs:
CISCO-GPRS-ACC-PT-MIBCISCO-GPRS-CHARGING-MIBCISCO-GTP-MIBCISCO-GGSN-MIBThere is no workaround.
•
A Cisco router that is running Gateway general packet radio service (GPRS) Support Node (GGSN) software is not showing the virtual access information of ppp terminating at ggsn in show gprs commands output in consistent with that of ppp l2tp or ppp regen type pdps
There are no known workarounds.
•
When a Cisco Router running Gateway GPRS Support Node (GGSN) software receives a create request for PPP-Regeneration context with nameserver (DNS/NetBIOS) address request in the PCO (Protocol Configuration Option), it may not return Create response to the SGSN even though PPP comes up between GGSN and LNS (L2TP Network Server).
This happens only if nameserver address is requested by the MS for a PPP regen session and there is some misconfiguration on LNS because of which it is not able to assign the requested nameserver addresses for the PPP session.
Workaround: Configure the name server addresses at LNS.
•
A Cisco router running Gateway GPRS Support Node (GGSN) software does not send recovery ie information in the update response when it receives an Update Request to a non-existing pdp.
This problem occurs under situations wherein GGSN receives an Update Request to a non-existing pdp from an SGSN in contact the first time, GGSN includes Cause IE Non-existent in Update Response but no Recovery IE.
There are no known workarounds.
•
A Cisco router that is running R4.0 GGSN software may reject PDP context request incorrectly when GGSN receives R99 QoS profile that contains 0xFF for guaranteed bit rate (GBR).
This problem is observed when GGSN receives GTP v1 PDP context create request and R99 QoS is included in the message.
There are no known workarounds.
•
The TOS byte of IP header in downlink T-PDU packet is not marked correctly.
This problem is observed when CEF switching is disabled.
There are no known workarounds.
Open Caveats—Cisco IOS Release 12.3(2)XB
This section documents possible unexpected behavior by Cisco IOS Release 12.3(2)XB and describes only severity 1 and 2 caveats and select severity 3 caveats.
•
A security hole has been found in GGSN when a charging redirection-request is sent with a very large "length" value in the information element (instead of the correct value of 4 for IPV4 types). GGSN reloads under such circumstances.
There are no known workarounds.
•
Cisco GGSN does not send teardown indicator set when the DHCP address lease is expired and can not be extended. Hence in the condition where primary and secondary PDP's are existing for the same IMSI there it might end up having the IP address released back to the DHCP server despite having at least one PDP still using the same.
There are no known workarounds.
Resolved Caveats—Cisco IOS Release 12.3(2)XB
All the caveats listed in this section are resolved in Cisco IOS Release 12.3(2)XB. This section describes only severity 1 and 2 caveats and select severity 3 caveats.
There are no known resolved caveats for Cisco IOS Release 12.3(2)XB.
Related Documentation
The following sections describe the documentation available for the Cisco 7000 family of routers. These documents consist of hardware and software installation guides, Cisco IOS configuration guides and command references, system error messages, feature modules, and other documents.
Documentation is available as printed manuals or electronic documents, except for feature modules, which are available online on Cisco.com and the Documentation CD-ROM.
Use these release notes with these documents:
•
Release-Specific Documents
The following documents are specific to Cisco IOS Release 12.3 and are located on Cisco.com and the Documentation CD-ROM:
•
On Cisco.com at:
Technical Documents: Cisco IOS Software: Cisco IOS Release 12.3: Release Notes: Cross-Platform Release Notes
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.3: Release Notes: Cross-Platform Release Notes
•
Technical Documents
•
As a supplement to the caveats listed in "Important Notes" in these release notes, see Caveats for Cisco IOS Release 12.3 and Caveats for Cisco IOS Release 12.3 T, which contains caveats applicable to all platforms for all maintenance releases of Cisco IOS Release 12.3 and Cisco IOS Release 12.3 T.
On Cisco.com at:
Technical Documents: Cisco IOS Software: Cisco IOS Release 12.3: Release Notes: Caveats
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.3: Caveats
Note
Platform-Specific Documents
These documents are available for the Cisco 7000 family of routers on Cisco.com and the Documentation CD-ROM:
•
•
•
•
•
•
•
•
•
On Cisco.com at:
Technical Documents: All Product Documentation: Core/High-End Routers
On the Documentation CD-ROM at:
Cisco Product Documentation: All Product Documentation: Core/High-End Routers
Feature Modules
Feature modules describe new features supported by Cisco IOS Release 12.3(2)XB3 and are updates to the Cisco IOS documentation set. A feature module consists of a brief overview of the feature, benefits, configuration tasks, and a command reference. As updates, the feature modules are available online only. Feature module information is incorporated in the next printing of the Cisco IOS documentation set.
On Cisco.com at:
Technical Documents: Cisco IOS Software: Cisco IOS Release 12.3: New Feature Documentation
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.3: New Feature Documentation
Feature Navigator
Feature Navigator is a web-based tool that enables you to quickly determine which Cisco IOS software images support a particular set of features and which features are supported in a particular Cisco IOS image.
Feature Navigator is available 24 hours a day, 7 days a week. To access Feature Navigator, you must have an account on Cisco.com. If you have forgotten or lost your account information, e-mail the Contact Database Administration group at cdbadmin@cisco.com. If you do not have an account on Cisco.com, go to http://www.cisco.com/register and follow the directions to establish an account.
To use Feature Navigator, you must have a JavaScript-enabled web browser such as Netscape 3.0 or later, or Internet Explorer 4.0 or later. Internet Explorer 4.0 always has JavaScript enabled. To enable JavaScript for Netscape 3.x or Netscape 4.x, follow the instructions provided with the web browser. For JavaScript support and enabling instructions for other browsers, check with the browser vendor.
Feature Navigator is updated when major Cisco IOS software releases and technology releases occur. You can access Feature Navigator at the following URL:
http://www.cisco.com/go/fn
Cisco IOS Software Documentation Set
The Cisco IOS software documentation set consists of the Cisco IOS configuration guides, Cisco IOS command references, and several other supporting documents. The Cisco IOS software documentation set is shipped with your order in electronic form on the Documentation CD-ROM—unless you specifically ordered the printed versions.
Documentation Modules
Each module in the Cisco IOS documentation set consists of one or more configuration guides and one or more corresponding command references. Chapters in a configuration guide describe protocols, configuration tasks, and Cisco IOS software functionality, and contain comprehensive configuration examples. Chapters in a command reference provide complete command syntax information. Use each configuration guide with its corresponding command reference.
On Cisco.com at:
Technical Documents: Cisco IOS Software: Cisco IOS Release 12.3: Configuration Guides and Command References
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.3: Configuration Guides and Command References
Cisco IOS Release 12.3 Documentation Set Contents
Table 8 lists the contents of the Cisco IOS Release 12.3 software documentation set, which is available in electronic form and in printed form if ordered.
Note
On Cisco.com at:
Technical Documents: Cisco IOS Software: Cisco IOS Release 12.3
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.3
Obtaining Documentation
The following sections provide sources for obtaining documentation from Cisco Systems.
World Wide Web
The most current Cisco documentation is available on the World Wide Web at http://www.cisco.com. Translated documentation can be accessed at http://www.cisco.com/public/countries_languages.shtml.
Documentation CD-ROM
Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or as an annual subscription.
Ordering Documentation
Cisco documentation is available in the following ways:
•
http://www.cisco.com/cgi-bin/order/order_root.pl
•
http://www.cisco.com/go/subscription
•
Documentation Feedback
If you are reading Cisco products documentation on the World Wide Web, you can submit technical comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco.
You can e-mail your comments to bug-doc@cisco.com.
For your convenience, many documents contain a response card behind the front cover for submitting your comments by mail. Otherwise, you can mail your comments to the following address:
Cisco Systems, Inc.
Document Resource Connection
170 West Tasman Drive
San Jose, CA 95134-9883We appreciate your comments.
Obtaining Technical Assistance
The following sections provide sources for obtaining technical assistance from Cisco Systems.
Cisco.com
Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information and resources at anytime, from anywhere in the world. This highly integrated Internet application is a powerful, easy-to-use tool for doing business with Cisco.
Cisco.com provides a broad range of features and services to help customers and partners streamline business processes and improve productivity. Through Cisco.com, you can find information about Cisco and our networking solutions, services, and programs. In addition, you can resolve technical issues with online technical support, download and test software packages, and order Cisco learning materials and merchandise. Valuable online skill assessment, training, and certification programs are also available.
Customers and partners can self-register on Cisco.com to obtain additional personalized information and services. Registered users can order products, check on the status of an order, access technical support, and view benefits specific to their relationships with Cisco.
To access Cisco.com, go to the following website:
http://www.cisco.com
Technical Assistance Center
The Cisco TAC website is available to all customers who need technical assistance with a Cisco product or technology that is under warranty or covered by a maintenance contract.
Contacting TAC by Using the Cisco TAC Website
If you have a priority level 3 (P3) or priority level 4 (P4) problem, contact TAC by going to the TAC website:
http://www.cisco.com/tac
P3 and P4 level problems are defined as follows:
•
•
In each of the above cases, use the Cisco TAC website to quickly find answers to your questions.
To register for Cisco.com, go to the following website:
http://www.cisco.com/register/
Cisco.com registered users who cannot resolve a technical issue by using the TAC online resource can open a case online by using the TAC Case Open tool at the following website:
http://www.cisco.com/tac/caseopen
Contacting TAC by Telephone
If you have a priority level 1(P1) or priority level 2 (P2) problem, contact TAC by telephone and immediately open a case. To obtain a directory of toll-free numbers for your country, go to the following website:
http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
P1 and P2 level problems are defined as follows:
•
•
