Table Of Contents
Resolved Caveats—Cisco IOS Release 12.3(9e)
Resolved Caveats—Cisco IOS Release 12.3(9d)
Resolved Caveats—Cisco IOS Release 12.3(9c)
Resolved Caveats—Cisco IOS Release 12.3(9b)
Resolved Caveats—Cisco IOS Release 12.3(9a)
Resolved Caveats—Cisco IOS Release 12.3(9)
Novell IPX, XNS, and Apollo Domain
Resolved Caveats—Cisco IOS Release 12.3(6f)
Resolved Caveats—Cisco IOS Release 12.3(6e)
Resolved Caveats—Cisco IOS Release 12.3(6c)
Resolved Caveats—Cisco IOS Release 12.3(6b)
Resolved Caveats—Cisco IOS Release 12.3(6a)
Resolved Caveats—Cisco IOS Release 12.3(6)
Novell IPX, XNS, and Apollo Domain
Resolved Caveats—Cisco IOS Release 12.3(9e)
Cisco IOS Release 12.3(9e) is a rebuild release for Cisco IOS Release 12.3(9). The caveats in this section are resolved in Cisco IOS Release 12.3(9e) but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•
Symptoms—A description of what is observed when the caveat occurs.
•
•
Basic System Services
•
Symptoms: The following attributes are duplicated in the RADIUS accounting records of an incoming leg:
Calling-Station-Id
Called-Station-IdConditions: This symptom is observed on a Cisco platform that is configured for AAA.
Workaround: There is no workaround.
•
Remote Authentication Dial In User Service (RADIUS) authentication on a device that is running certain versions of Cisco Internetworking Operating System (IOS) and configured with a fallback method to none can be bypassed.
Systems that are configured for other authentication methods or that are not configured with a fallback method to none are not affected.
Only the systems that are running certain versions of Cisco IOS are affected. Not all configurations using RADIUS and none are vulnerable to this issue. Some configurations using RADIUS, none and an additional method are not affected.
Cisco has made free software available to address this vulnerability. There are workarounds available to mitigate the effects of the vulnerability.
More details can be found in the security advisory which posted at the following URL:
http://www.cisco.com/warp/public/707/cisco-sa-20050629-aaa.shtml•
Cisco IOS may permit arbitrary code execution after exploitation of a heap-based buffer overflow vulnerability. Cisco has included additional integrity checks in its software, as further described below, that are intended to reduce the likelihood of arbitrary code execution.
Cisco has made free software available that includes the additional integrity checks for affected customers.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20051102-timers.shtml.
IP Routing Protocols
•
Symptoms: A router may reset its Border Gateway Protocol (BGP) session.
Conditions: This symptom is observed when a Cisco router that peers with other routers receives an Autonomous System (AS) path with a length that is equal to or greater than 255.
Workaround: Configure the bgp maxas limit command in such as way that the maximum length of the AS path is a value below 255. When the router receives an update with an excessive AS path value, the prefix is rejected and recorded the event in the log.
Miscellaneous
•
Symptoms: When you perform a stress test on a Cisco 7200 series that processes H.323 voice calls, the following error message and traceback may be generated:
%ALIGN-3-SPURIOUS: Spurious memory access made at 0x6241A498 reading 0x94 %ALIGN-3-TRACE: -Traceback= 6241A498 6241C788 623EB0F8 623ED694 00000000 00000000 00000000 00000000 DGK7201#Conditions: This symptom is observed when you make approximately 40 calls per second and when the directory gatekeeper (DGK) loader constantly sends LRQs to the DGKs to query a route server to obtain routes. Note, however, that the router continues to process calls normally.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.3(9d)
Cisco IOS Release 12.3(9d) is a rebuild release for Cisco IOS Release 12.3(9). The caveats in this section are resolved in Cisco IOS Release 12.3(9d) but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•
•
•
Basic System Services
•
Symptoms: The console of a router may stop responding and the router may stop forwarding traffic.
Conditions: This symptom is observed on a Cisco 7206VXR that runs Cisco IOS Release 12.3(6b) and that is configured with an NPE-G1 when the native Gigabit Ethernet interfaces of the NPE-G1 are used. The symptom may also occur in other releases.
Workaround: There is no workaround.
IP Routing Protocols
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messages
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at:
http://www.cpni.gov.uk/docs/re-20050412-00303.pdf
•
Symptoms: A router that is configured with the OSPF routing protocol may reload.
Conditions: This symptom is observed when the OSPF process is simultaneously deconfigured via one session and configured via another session.
Workaround: There is no workaround. Cisco strongly discourages you to configure a router via two different but simultaneous sessions.
•
Symptoms: In a simple network that consists of two routers, SPF calculations occur every minute although no topology changes occur.
Conditions: This symptom is observed on a Cisco router that runs a Cisco IOS release later than Release 12.3(6b) or Release 12.3(7)T4 and that functions as an ABR router when there are static routes in the network.
Workaround: There is no workaround. Note that the symptom does not occur in Release 12.3(6b) and Release 12.3(7)T4: SPF calculations do not occur every minute.
•
Symptoms: Connected routes cannot be redistributed from one protocol to another.
Conditions: This symptom is observed on EIGRP routes when using the shut command followed by the no shut command, but could affect other routing protocols.
Workaround: There is no workaround.
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messages
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at: http://www.cpni.gov.uk/docs/re-20050412-00303.pdf
Miscellaneous
•
Symptoms: A Cisco router may reload when you enter the show standby or show standby brief command.
Conditions: This symptom is observed on a Cisco Multiprocessor WAN Application Module MWAM) when multiple HSRP groups are configured and unconfigured in a loop while traffic for the HSRP groups is being processed. The symptom may be platform-independent.
However, a stress scenario in which many HSRP groups are configured and unconfigured while the show standby or show standby brief command is executed may be a rather uncommon scenario.
Workaround: Do not to enter the show standby or show standby brief command while configuration changes are being made.
•
Symptoms: A Cisco 7200 series or another mid-range router may crash or may stop responding.
Conditions: This symptom is observed on a Cisco 7200 series or other mid-range router that runs Cisco IOS Release 12.3(6a). The crash occurs when an interface that is configured with a rate-limit command is deleted by entering the no interface command and then reenabled by entering the interface command.
Workaround: Remove the rate-limit configuration from the interface before deleting the interface.
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messages
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at: http://www.cpni.gov.uk/docs/re-20050412-00303.pdf
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messages
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at: http://www.cpni.gov.uk/docs/re-20050412-00303.pdf
•
Reception of certain IPv6 fragments with carefully crafted illegal contents may cause a router running Cisco IOS to reload if it has IPv6 configured. This applies to all versions of Cisco IOS that include support for IPv6.
The system may be protected by installing appropriate access lists to filter all IPv6 fragments destined for the system. For example:
interface Ethernet0/0
ipv6 traffic-filter nofragments in
!
ipv6 access-list nofragments
deny ipv6 any <my address1> undetermined-transport
deny ipv6 any <my address2> fragments
permit ipv6 any any
This must be applied across all interfaces, and must be applied to all IPv6 addresses which the system recognizes as its own.
This will effectively disable reassembly of all IPv6 fragments. Some networks may rely on IPv6 fragmentation, so careful consideration should be given before applying this workaround.
We would recommend for customers to upgrade to the fixed IOS release. All IOS releases listed in IPv6 Routing Header Vulnerability Advisory at /en/US/products/products_security_advisory09186a00807cb0fd.shtml contain fixes for this issue.
•
Cisco Internetwork Operating System (IOS) software is vulnerable to a Denial of Service (DoS) and potentially an arbitrary code execution attack from a specifically crafted IPv6 packet. The packet must be sent from a local network segment. Only devices that have been explicitly configured to process IPv6 traffic are affected. Upon successful exploitation, the device may reload or be open to further exploitation.
Cisco has made free software available to address this vulnerability for all affected customers.
More details can be found in the security advisory that is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml.
•
Symptoms: A PCMCIA flash card that is installed in either slot 0 or slot 1 of a Cisco 3620 may become read-only.
Conditions: This symptom is observed occasionally on a Cisco 3620 that runs Cisco IOS Release 12.3(6b).
Workaround: There is no workaround.
•
Symptoms: A Cisco 1760 that runs Cisco IOS Release 12.3(6c) may crash because of a SegV exception.
Conditions: This symptom is observed when the following conditions are present:
- A policy map is applied to a VLAN interface.
- The policy map includes the set cos command.
Workaround: Disable Layer 2 class of service (CoS) packet marking by entering the no set cos command.
•
Symptoms: A gateway that has a higher IP address in comparison with its peer may fail to open a TCP connection for a logical channel.
Conditions: This symptom is observed during fast start when a glare condition occurs while both gateways indicate to each other (in facility or other H.225 messages) that the H.245 control channel should be opened.
Workaround: There is no workaround.
•
Symptoms: A Cisco 7200 VXR router crashes after running out of I/O memory because of a buffer leak in a public particle pool.
Conditions: This symptom is observed on a 7200 VXR router that runs Cisco IOS Release 12.3(9c) or Release 12.3(12) and that is configured with an NPE-G1. The symptom does not occur in Release 12.3(9).
Workaround: There is no workaround.
•
Symptoms: A Cisco voice gateway may drop a voice or fax relay call during CNG tone detection.
Conditions: This symptom is observed on a Cisco voice gateway that is configured with an VXML application script on the incoming POTS dial peer and that receives a fax CNG tone.
Workaround: There is no workaround. However, this is the limitation on voice gateways that use VXML applications: such platforms only support T.37.
Further Problem Description: The fix for this caveat includes support for T.38 on voice gateways that use VXML applications.
•
Symptoms: Backup calls are not initiated after you reload the router.
Conditions: This symptom is observed on a Cisco 2800 series that is configured for QoS. When the dialer interface is a designated backup interface and you reload the router, the dialer interface does enter the backup mode even though the primary interface is down.
Workaround: After you have reloaded the router, enter the shutdown command followed by the no shutdown command on the dialer interface.
•
Symptoms: A Cisco 3660 gateway may crash when a voice call is made.
Conditions: This symptom is observed on a Cisco 3660 that runs Cisco IOS Release 12.3 or interim Release 12.3(12.4)T1 when accounting is enabled.
Workaround: There is no workaround.
•
The Cisco IOS Firewall Authentication Proxy for FTP and/or Telnet Sessions feature in specific versions of Cisco IOS software is vulnerable to a remotely-exploitable buffer overflow condition.
Devices that do not support, or are not configured for Firewall Authentication Proxy for FTP and/or Telnet Services are not affected.
Devices configured with only Authentication Proxy for HTTP and/or HTTPS are not affected.
Only devices running certain versions of Cisco IOS are affected.
Cisco has made free software available to address this vulnerability. There are workarounds available to mitigate the effects of the vulnerability.
This advisory will be posted at http://www.cisco.com/warp/public/707/cisco-sa-20050907-auth_proxy.shtml.
Wide-Area Networking
•
Symptoms: A call may cause the following error messages, after which calls may pause indefinitely:
%DIAL0-3-MSG: %DS_TDM-3-NO_RECOMB_BUS_DS0: Slot 0: no free Recombination bus DS0s left; connection not madeConditions: This symptom is observed on a Cisco platform that functions in a stress environment.
Workaround: There is no workaround. To recover from the symptom, reload the platform.
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messages
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at: http://www.cpni.gov.uk/docs/re-20050412-00303.pdf
Resolved Caveats—Cisco IOS Release 12.3(9c)
Cisco IOS Release 12.3(9c) is a rebuild release for Cisco IOS Release 12.3(9). The caveats in this section are resolved in Cisco IOS Release 12.3(9c) but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•
•
•
Basic System Services
•
Symptoms: When you try to configure NTP on a Cisco platform, the ntp server command is rejected with the following error message:
%NTP: failed to initialize NTP processConditions: This symptom is observed on any Cisco platform that does not support a reference clock.
Workaround: There is no workaround.
•
Symptoms: A specifically crafted Transmission Control Protocol (TCP) connection to a telnet or reverse telnet port of a Cisco device running Internetwork Operating System (IOS) may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases Hypertext Transport Protocol (HTTP) access to the Cisco device. Telnet, reverse telnet, RSH and SSH sessions established prior to exploitation are not affected.
All other device services will operate normally.
Conditions: User initiated specially crafted TCP connection to a telnet or reverse telnet port results in blocking further telnet sessions. Whereas, services such as packet forwarding, routing protocols and all other communication to and through the device remains unaffected.
Workaround: The detailed advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtml
IBM Connectivity
•
Symptoms: A Cisco router that functions as a LANE server may fail to attain the active state and remains in the backup state regardless of the priority. This situation prevents LANE clients from becoming operational.
Conditions: This symptom is observed on a Cisco 7200 series and Cisco 7500 series that run Cisco IOS interim Release 12.3(8.4) and later interim releases. The symptom may also occur in other releases.
Workaround: There is no workaround.
Interfaces and Bridging
•
Symptoms: Packets that originate from a Cisco router that is configured with a PA-MC-8TE1+ port adapter may be corrupted and have an invalid FCS. These packets may have the address and control fields compressed even when PFC and ACFC options are explicitly disabled.
Conditions: This symptom is observed only when traffic is presented simultaneously on several B-channels.
Workaround: There is no workaround.
•
Symptoms: A Cisco 7500 series router may experience a spurious memory access on the VIP with PA-A3, and the VIP might crash.
Conditions: This problem may occur when the PA-A3 interface is flapped continuously. This problem was mainly seen with PA-A3 interface, which is configured with a service policy attached to an ATM permanent virtual circuit (PVC) that has distributed link fragmentation and interleaving (dLFI) enabled. There is a variety of other stress conditions that can cause this problem.
Workaround: There is no workaround.
IP Routing Protocols
•
Symptoms: Network Address Translation (NAT) incorrectly resets the TTL of DNS Dynamic Update (RFC2136) Address Records (A-RR) to zero. This situation impacts updates that are sent within the Microsoft Active Directory (AD) system because the AD server refuses A-RR updates that have a TTL of zero.
Conditions: This symptom is observed only for A-RR record types. Record types other than A-RR are not affected.
Workaround: There is no workaround.
Miscellaneous
•
Symptoms: An MLP bundle configured between a Cisco 7500 series and any other router may not be able to switch traffic when dCEF is enabled on the Cisco 7500 series.
Conditions: This symptom is observed when LFI is enabled with one member link in the MLP bundle.
Workaround: Either remove dCEF or remove LFI. (A combination of CEF and MLP is not supported.) Note that if there are two member links in the interleaving-enabled MLP bundle, the problem does not occur.
•
Symptoms: On a Cisco 7500 series, all PVCs may suddenly enter the down state and remain in this state for about two minutes before they come back up. During the DLCI down state, the subinterface does not go down and no notifications are observed in the message log.
Conditions: This symptom is observed on a Cisco 7500 series that is configured with an RPS4+ or an RSP8 and that runs the rsp-jsv-mz image of Cisco IOS Release 12.2(12i). In addition, the router is configured with an 8-port serial port adapter and an HSSI port adapter, is configured for Frame Relay, and has more than 450 PVCs/DLCIs. Note that the symptom may be platform-independent and may also occur on other Cisco platforms in a similar configuration.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may experience a memory leak. The "Holding" column in the output of the show process memory command shows that the "VTEMPLATE Backgr" process allocates memory without freeing it. This column will continue to grow until all the memory is consumed.
Conditions: This symptom is observed on a Cisco router that is configured for RIP version 2.
Workaround: Schedule the router for a periodic reload before it completely exhausts all available memory.
•
Symptoms: When the Cisco IOS Firewall CBAC is configured, the router seems to have a software-forced reload caused by one of the inspections processed.
Conditions: This symptom is observed when the router is part of a DMVPN hub-spoke with a Cisco VoIP phone solution deployed on it and the router is connected to the central office over the Internet. The Cisco VoIP phone runs the SKINNY protocol.
Workaround: There is no workaround.
•
Symptoms: When a T.38 fax failure occurs, for example because a call is disconnected, a Cisco AS5400 may incorrectly generate the following message in its log:
%DSM-3-DSP_TIMEOUT: DSP timeout on channel <channel specific information> T38
Codec Switch Failed or Timed outConditions: This symptom is observed when there is no real failure in the codec download. The symptom may occur when a disconnect from the telephony side occurs while the Cisco AS5400 is in the middle of a codec download.
Workaround: There is no workaround.
•
Symptoms: Upon resetting or reloading a Cisco 3700 series, the IP phones that are connected to an NM-ESW-16 no longer receive power from the internal power supply.
Conditions: This symptom is observed when a Cisco 3725 is configured with an NM-ESW-16 and when three IP phones are directly connected to the NM-ESW-16. The symptom may also occur on another Cisco 3700 series router.
Workaround: For the interfaces that do not receive power, enter the shutdown command followed by the no shutdown command on the interface of the NM-ESW-16 or disconnect and reconnect the FE cables that run between the NM-ESW-16 and the IP phones.
•
Symptoms: A Cisco router may experience alignment errors involving MPLS and BGP, and the output of the show alignment command may show the following information:
Total Spurious Accesses 1, Recorded 1
Address Count Traceback
C 1 0x612EE93C 0x60BD2894 0x60BD2F0C 0x60B8C2DCConditions: This symptom is observed on a Cisco router that is configured for MPLS and BGP.
Workaround: There is no workaround. However, note that the symptoms are of a transient nature and do not affect the functionality of the router.
•
Symptoms: RIP non-direct neighbor functionality does not work.
Conditions: This symptom is observed on a Cisco platform that runs Cisco IOS Release 12.3.
Workaround: There is no workaround.
•
A Cisco device running Cisco IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DoS) attack from a malformed BGP packet. Only devices with the command `bgp log-neighbor-changes' configured are vulnerable. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet.
If a misformed packet is received and queued up on the interface, this bug may also be triggered by other means which are not considered remotely exploitable such as the use of the command `show ip bgp neighbors' or running the command `debug ip bgp <neighbor> updates' for a configured bgp neighbor.
Cisco has made free software available to address this problem.
For more details, please refer to this advisory, available at http://www.cisco.com/warp/public/707/cisco-sa-20050126-bgp.shtml
•
Symptoms: IPSec tunnels may fail to kick off sometimes.
Conditions: This symptom occurs when the IPSec tunnels are created through tunnel protection CLI, and the user issues the clear crypto sa command.
Workaround: Issue the shut command then the no shut command on the tunnel interface on both ends.
•
Symptoms: Some objects in CISCO-CLASS-BASED-QOS-MIB get a huge value, which is different from the show policy-map interface command output (result is normal statistics).
For example:
CISCO-CLASS-BASED-QOS-MIB::cbQosPoliceCfgConformAction.2361 = INTEGER:1680654100
CISCO-CLASS-BASED-QOS-MIB::cbQosPoliceCfgConformAction.2365 = INTEGER:1680654100
CISCO-CLASS-BASED-QOS-IB::cbQosPoliceCfgConformSetValue.2983=Gauge32:1653639456 CISCO-CLASS-BASED-QOS-IB::cbQosPoliceCfgConformSetValue.3023=Gauge32:1653639456Conditions: This symptom is observed on a Cisco 7200 series router that is running Cisco IOS Release 12.3(9).
Workaround: There is no workaround.
•
Symptoms: An outband named access list on a NAT outside interface is applied before the NAT translation occurs in the NAT-aware VRF configuration. This situation prevents the named access list from functioning properly.
Conditions: This symptom is observed on a Cisco router that is configured for NAT-aware VRF and that has a named access list.
Workaround: There is no workaround.
•
Symptoms: A software-forced crash may occur on a gatekeeper that processes an incoming call.
Conditions: This symptom is observed on a Cisco platform that functions as a gatekeeper and that runs Cisco IOS Release 12.2(15)T13 and occurs only when a GKTMP server is configured for LRQ triggering.
Workaround: There is no workaround.
•
Symptoms: On a Cisco 12000 series that functions as an egress PE router in an MPLS VPN network, after the customer-facing Gigabit Ethernet line card is reloaded, the ingress line card that receives an incoming VPN label with a destination with a glean adjacency (which requires an ARP) without a BGP session may not properly complete the adjacency, causing traffic to be dropped.
Conditions: This symptom is mostly observed with static recursive route configurations. To recover from the symptom, manually ping the interface of the CE router from the adjacent PE router.
Workaround: Configure the static ARP entries for the nexthop router that is configured in the static recursive routes.
•
Symptoms: Subscribers cannot access the network when the ssg qos police session command is enabled.
Conditions: This symptom is observed on a Cisco 6400 series NRP that runs Cisco IOS Release 12.3(9).
Workaround: Disable the ssg qos police session command. The symptom does not occur in Release 12.3(6).
•
Symptoms: A Cisco 3725 that has an AIM slot populated may hang sporadically.
Conditions: This symptom is observed on a Cisco 3725 that runs Cisco IOS Release 12.3(6) or a later release.
Workaround: There is no workaround. To restore the router to normal operation, power-cycle the router.
•
Symptoms: Spurious memory accesses occur on a gatekeeper during RAS communication for H.323 voice calls.
Conditions: This symptom is observed when the gatekeeper sends an LRQ for a voice call.
Workaround: There is no workaround.
•
Symptoms: When the calling number or the called number or both contains the * character, for example *67#1234567890, the call is rejected by the gateway and is released with cause code 63 (service or option not available). In the debugs the following message is generated before call is released:
H225Lib::is_valid_e164_number: Number has non-supported IA5 character - * cch323_ras_arj_notify:calledConditions: This symptom is observed on a Cisco platform that functions as a gateway in an H.323 VoIP network and that runs Cisco IOS Release 12.3(6c) or another release that contains the fix for CSCee07037. The symptom occurs only in gatekeeper-routed call scenarios, that is, RAS-based call flows.
A list of the affected releases can be found at http://www.cisco.com/pcgi-bin/Support/Bugtool/onebug.pl?bugid=CSCee07037. Cisco IOS software releases that are not listed in the "First Fixed-in Version" field at this location are not affected.
The symptom does not occur with other characters such as #.
Workaround: There is no workaround.
•
Symptoms: Mute calls may occur on a Cisco MGCP gateway. The output of the show mgcp connection command shows that the Connection Mode for the originating endpoint remains in a loopback (M=5) after answering the call:
Endpoint Call_ID(C) Conn_ID(I) (P)ort (M)ode ...
1. S7/DS1-0/31 C=3E,315,313 I=0x81 P=0,0 M=3 ...
2. S7/DS1-1/31 C=3E,313,315 I=0x80 P=0,0 M=5 ...Conditions: This symptom is observed for a hairpin call with COT that is requested on the originating call leg from the PSTN side.
Workaround: Disable COT on the PSTN side.
•
Symptoms: A Cisco router crashes when you enter the fsck command for an ATA flash disk.
Conditions: This symptom is observed when the boot sector of the ATA flash disk is corrupted and when the router runs a release that is listed in the "First Fixed-in Version" field at http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCed58384. Cisco IOS software releases that are not listed in the "First Fixed-in Version" field at this location are not affected.
Workaround: Format the disk.
•
Cisco Internetwork Operating System (IOS) Software release trains 12.2T, 12.3 and 12.3T may contain vulnerabilities in processing certain Internet Key Exchange (IKE) Xauth messages when configured to be an Easy VPN Server.
Successful exploitation of these vulnerabilities may permit an unauthorized user to complete authentication and potentially access network resources.
This advisory will be posted to http://www.cisco.com/warp/public/707/cisco-sa-20050406-xauth.shtml
•
Symptoms: Multicast packets such as HSRP and OSPF are not received on a port-channel interface.
Conditions: This symptom is observed when a port-channel interface is configured on a Cisco router, when you reload the router, and when the first member is added to the port-channel interface by entering the no shutdown interface configuration command on physical interface.
Workaround: Enter the do shutdown interface configuration command followed by the no shutdown interface configuration command on the port-channel interface.
Wide-Area Networking
•
Symptoms: A PPP interface may fail to come up when the router is booted or when the interface resets. When this situation occurs, the interface appears to be physically up but PPP does not start. When you enable logging of PPP negotiation events with the debug ppp negotiation command and when packets arrive on the PPP interface, you can see in the log that PPP discards these inbound frames with an "LCP: Lower layer not up, discarding packet" message even though the lower layer (the link) is up.
Conditions: This symptom is observed when a PPP interface transitions from a down state to an up state at the link level. The symptom is most likely to occur when the router operates under a moderate-to-heavy load, or when large numbers of PPP interfaces simultaneously change state (for example when a channelized interface is reset).
Workaround: Any sequence that resets the interface usually clears the symptom. Therefore, you can enter the clear interface interface-name EXEC command or the shutdown interface configuration command followed by the no shutdown interface configuration command on the affected interface.
•
Symptoms: When you enter the show frame-relay lmi command on a router, the router may crash, or alignment errors may occur.
Conditions: This symptom is observed after you first have deleted an MFR interface on the router.
Workaround: There is no workaround.
•
Symptoms: After forwarding an ISDN dialin connection to an LNS via L2TP, the LAC does not disconnect the ISDN connection upon termination of the L2TP session. The ISDN connection must be terminated by the remote user.
Conditions: This symptom is observed on a Cisco platform that functions as a LAC and that runs Cisco IOS interim Release 12.3(10.2). Note that the symptom does not occur in Release 12.3(10) and earlier releases.
Workaround: There is no workaround.
•
Symptoms: When a call is placed from the network side to a VoIP CPE that runs Cisco IOS Release 12.3(6c) and when the called party number is configured on a dial peer that points to a deactivated BRI, the VoIP CPE may release the incoming call to the VoIP leg with incorrect disconnection cause code 16 (normal call clearing) instead of cause code 34 (no circuit).
Conditions: This symptom is observed when the BRI is deactivated by a router that functions as a VoIP CPE and that runs Cisco IOS Release 12.3(6c). Note that a router that runs Release 12.2(11)T7 or Release 12.3(6b) sends the proper cause code 34.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.3(9b)
Cisco IOS Release 12.3(9b) is a rebuild release for Cisco IOS Release 12.3(9). The caveats in this section are resolved in Cisco IOS Release 12.3(9b) but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•
•
•
Basic System Services
•
Symptoms: A bus error crash (that is, an illegal access to a low address) may occur in the RADIUS process.
Conditions: This symptom is observed on a Cisco 7200 series that is configured with an NPE-G1 and that runs Cisco IOS Release 12.3(9).
Workaround: There is no workaround. Note that the symptom does not occur in Release 12.3(3).
IP Routing Protocols
•
Symptoms: A Cisco router that runs Cisco IOS Release 12.3(5a) may reload because of a bus error. The output of the show version command may show the following:
System returned to ROM by bus error at PC 0xXXXXXXXX, address 0xYYYYYYYYConditions: The symptom may be observed when IP NAT is configured.
Workaround: Enter the no ip nat service sip tcp port 5060 command and the no ip nat service sip udp port 5060 command.
The following link provides general information about bus errors: http://www.cisco.com/warp/public/122/crashes_buserror_troubleshooting.html
["Troubleshooting Bus Error Crashes"; Document ID: 7949; replaces http://www.cisco.com/warp/public/122/crashes_buserror_troubleshooting.shtml]
•
Symptoms: A Cisco router may crash when you enter the clear ip route * command.
Conditions: This symptom is observed when the routing table has a default route.
Workaround: There is no workaround.
Miscellaneous
•
Symptoms: A NAS crashes when stress scripts are running and when bulk calls are made.
Conditions: This symptom is observed on a Cisco AS5400 and Cisco AS5800 that are configured for T1 when scripts run that enter the shutdown command followed by the no shutdown command on controllers in digital callers and the clear modem all command in analog callers. The NAS is stressed with both analog and digital calls made from a traffic generator that sends 20 packets per second and the scripts run every 10 minutes.
Workaround: There is no workaround.
•
Symptoms: After marking a high threshold, a call from a gateway that is registered with another gatekeeper is rejected because of Disconnect Cause 34 (no circuit/channel available) though there are channels available.
Conditions: This symptom is observed with a gatekeeper that is running Cisco IOS Release 12.3 T or Release 12.3, and with any gateway (can be from Cisco or a third party) that supports RAI functionality.
Resource Availability Indicator (RAI) and the gatekeeper clustering function are used. The originating gateway and terminating gateway are registered with different gatekeepers.
Workaround: Register all gateways with a single gatekeeper.
•
Symptoms: A Cisco router accepts an incoming plaintext that matches the crypto map that is applied to an interface. The packet should be rejected because is should have been encrypted.
Conditions: This symptom is observed when all the following conditions occur:
- The interface is a serial subinterface.
- The interface has both fast switching and CEF switching disabled.
- The outgoing interface for the packet has fast switching or CEF switching enabled.
Workaround: Ensure that all interfaces have fast switching and CEF switching either enabled or disabled.
•
Symptoms: A Cisco 7500 series that is configured for Distributed Link Fragmentation and Interleaving (DLFI) may cause delays.
Conditions: This symptom is observed on a Cisco 7500 series that is configured with a multilink interface after the router is reloaded.
Workaround: Enter the shutdown command followed by the no shutdown command on the multilink interface.
•
Symptoms: A router may fail to advertise a prefix for which the network portion matches the major net. For example, when 10.0.0.0/8 is the major net, 10.0.0.0/16 is not advertised.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3(4) or a later release when the subnet between the two routers is in the same classful range as the advertised prefix of the advertising router.
Workaround: On the advertising router, enter the shutdown command followed by the no shutdown command on the interface that is connected to the receiving RIP peer.
•
Symptoms: Address 0.0.0.0 and mask 128.0.0.0 are considered invalid if used in a service profile.
Conditions: This symptom is observed on a Cisco platform that runs a Cisco IOS software image that includes the fix for CSCee13629. A list of the affected releases can be found at http://www.cisco.com/pcgi-bin/Support/Bugtool/onebug.pl?bugid=CSCee13629. Cisco IOS software releases that are not listed in the "First Fixed-in Version" field at this location are not affected.
Workaround: Use the following service networks instead of 0.0.0.0/128.0.0.0:
1.0.0.0;255.0.0.032.0.0.0;224.0.0.0
2.0.0.0;254.0.0.0
4.0.0.0;252.0.0.0
8.0.0.0;248.0.0.0
16.0.0.0;240.0.0.0
64.0.0.0;192.0.0.0
128.0.0.0;128.0.0.0•
Symptoms: A router may fail to advertise a major net route such as 10.0.0.0/8 to a RIP peer.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS interim Release 12.3(3.3) or a later release when the route is redistributed from MP-IBGP into RIP and when the subnet connecting the RIP peer is in the classful range of the advertised major net.
Workaround: On the advertising router, enter the shutdown command followed by the no shutdown command on the interface that is connected to the receiving RIP peer.
•
Symptoms: A Cisco Access server that terminates virtual-profile calls with per-user access control lists (ACLs) does not remove all per-user ACLs when calls are terminated. This situation may cause the memory of the access server to be depleted, and the output of the show processes memory EXEC command may indicate that the "AAA Per-User" process holds most of the allocated memory.
Conditions: This symptom is observed on a Cisco access server that runs a Cisco IOS Release that contains the fix for CSCee01688.
Temporary Workaround: To free up memory, manually remove the per-user ACL by entering the no ip access-list extended virtual-access number global configuration command. The number argument consists of the numbers (for example, 2003#671) that are assigned by the Cisco IOS software when the ACL is created.
•
Symptoms: A call may fail with MGCP error code 400 (Voice setup failed).
Conditions: This symptom is observed when call is made from a Cisco AGM that functions as an MGCP gateway and that is registered to a Cisco CallManager.
Workaround: There is no workaround.
•
Symptoms: Spurious memory accesses may occur on a VIP card with installed channelized port adapter(s). the CPU utilization may increase to 99 or 100 percent, causing the performance of the VIP to be impacted.
Conditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.3(6).
Workaround: There is no workaround.
Wide-Area Networking
•
Symptom: A process-switched L2TP packet is dropped on an LNS when the sessions are created into multiple VRFs. There is no problem with a CEF-switched session.
Conditions: This symptom is observed when one of the sessions is process-switched (for example, the UDP checksum is present) and when CEF switching is enabled.
Workaround: Disable CEF switching by entering the no ip route-cache cef interface configuration command on the virtual-template interface or enter the vpdn ip udp ignore checksum global configuration command.
•
Symptoms: A Cisco L2TP network server (LNS) may not send the following RADIUS accounting record attributes:
–
–
–
–
Conditions: This symptom is observed when all of the following conditions are present:
–
–
–
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.3(9a)
Cisco IOS Release 12.3(9a) is a rebuild release for Cisco IOS Release 12.3(9). The caveats in this section are resolved in Cisco IOS Release 12.3(9a) but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•
•
•
Basic System Services
•
Symptoms: A VIP crash can lead to a memory exhaustion situation on the RSP in turn leading to an RSP crash.
Conditions: This will happen more frequently on routers with a high idb count.
Workaround: There is no workaround.
•
Symptoms: Async PPP calls fail on a Cisco AS5850 when an IOS upgrade is performed from 12.3(7)T to 12.3(7)T1.
Conditions: This is seen on a Cisco AS5850 running 12.3(7)T1 and only with async mode interactive. This issue can be service affecting and this is reproducible. The symptom may also occur in Release 12.3.
Workaround: Though not a good solution, configuring async mode dedicated solves the problem.
•
Symptoms: AAA database memory is not released when the AAA ID is deallocated.
Conditions: This symptom is observed when a GGSN PPP context is opened or closed and when AAA authentication is configured but AAA accounting is not.
Workaround: There is no workaround.
•
Symptoms: Users are unable to authenticate using RADIUS, or accounting is not sent to the RADIUS server. In addition, when you enter the debug radius command, the following information is generated:
RADIUS(00000049): sending
%RADIUS-3-NOSERVERS: No Radius hosts configured.
RADIUS/DECODE: parse response no app start; FAIL
RADIUS/DECODE: parse response; FAILThe output of the show running-config command indicates that there are in fact RADIUS servers in the server group.
Conditions: These symptoms are observed after following these steps:
1. Remove and recreate a server group that is still referenced by one or more method lists, by entering the following commands:
no aaa group server radius XXXX
aaa group sever radius XXXX
server x.x.x.x
...2. Allow one of these method lists to be used, causing a transaction to be sent to a RADIUS or TACACS+ server in the server group.
3. Remove and re-add the radius-server host ... command lines for all authentication-capable (or accounting-capable if this group is used for accounting) servers in this server group.
Workaround: Remove all RADIUS or TACACS+ server configurations, remove all RADIUS or TACACS+ server group configurations, and remove all method lists. Then, reconfigure all of them.
Further problem description: If you enter the debug aaa sg-ref-count command before Step 2 of the Conditions, a debug message similar to the following one is generated:
AAA/SG: Server group ref count decoalesced sg_type for public group XXXX and is reduced by 2 to 0Interfaces and Bridging
•
Symptoms: A Cisco 7500 series may show a %SYS-3-CPUHOG error message when an ATM link on the router is flapped.
Conditions: This symptom is observed only when there are a lot of VCs on the ATM interface and when the VIP is oversubscribed.
Workaround: There is no workaround.
•
Symptoms: A Cisco 7500 series may leave ATM PVCs up when the ATM interface is shut down.
Conditions: This symptom is observed on a Cisco 7500 series that has a PA-A3 when the CPU utilization of the VIPs is high.
Workaround: There is no workaround.
•
Symptoms: The show controllers t1 slot/port command may show only the current interval.
Conditions: This symptom is observed on a Cisco 7200 series when FDL is configured.
Workaround: There is no workaround.
Further Problem Description: When FDL is configured, the router updates the MIB data after checking for a valid local and remote MIB data interval that it receives from the T1 PA. During the remote MIB update, and if the received data interval is invalid, the router clears both the remote and the local data instead of clearing only the remote data and starting again.
•
Symptoms: Channelized interfaces on a channelized T3 line card or port adapter that is configured for Frame Relay encapsulation may be in the up/down state, and DLCIs are inactive.
Conditions: This symptom is observed when you reload a Cisco platform and when the interfaces were in the up/up state before you reloaded the platform.
Workaround: Enter the shutdown command followed by the no shutdown command on the controller of either the T3 line card or port adapter on the Cisco platform or on the T3 line card or port adapter on the platform at the remote end.
Alternate Workaround: Enter the shutdown command followed by the no shutdown command on the main interface on the Cisco platform.
IP Routing Protocols
•
Symptoms: A Cisco router with a Border Gateway Protocol (BGP) system may lose the address family's use of aggregate routes after the router reloads. The aggregate routes are moved from the VPN routing/forwarding (VRF) address family and appear under the global IP version 4 (IPv4) address family. When the router reloads, the console displays the following error messages:
exit-address-family
^ % Invalid input detected at Ã^Ã marker.
exit-address-family
^ % Invalid input detected at Ã^Ã marker.
exit-address-family
^ % Invalid input detected at Ã^Ã marker.The above symptom is only one of the possible symptoms. Support for the auto-summary router configuration command and the default-information originate router configuration command has been removed from some of the address families as a result of the caveat CSCdx14351 without providing support to accept these commands silently when being booted with a configuration from a prior Cisco IOS release. The presence of the unsupported commands in address families like Virtual Private Network version 4 (VPNv4) and IPv4 Multicast (MCAST) causes the command-line interface (CLI) to go out of the address family submode and apply these commands to the v4 address family, which results in unpredictable behavior.
Conditions: This symptom is observed on all Cisco platforms that run Cisco IOS Release 12.2(16.4)T or Release 12.3 T. The symptom may also occur in other releases.
Workaround: Reenter the configuration that was present before the router reloaded.
•
Symptoms: When using Cisco CallManager and PAT on the CE router, no voice is observed if a call is made across CCM clusters and is transferred back to another phone on the same CCM, between the IP phones behind PAT.
Conditions: This symptom occurs when Cisco CallManager is configured for Static NAT. The IP phones registered to the CCM in the location are configured to use PAT. A call is made across the CCM cluster and transferred back to the cluster.
Workaround: There is no workaround.
•
Symptom: A router that is configured for multicast routing may reload due to a bus error.
Condition: This symptom is observed on a Cisco router that runs a Cisco IOS software release that contains the fix for CSCec80252. A list of the affected releases can be found at http://www.cisco.com/pcgi-bin/Support/Bugtool/onebug.pl?bugid=CSCec80252. Cisco IOS software releases that are not listed in the "First Fixed-in Version" field at this location are not affected.
Workaround: There is no workaround.
•
Symptoms: It may not be possible to remove a VRF-based static NAT configuration.
Conditions: This symptom is observed on a Cisco platform that runs Cisco IOS Release 12.3 in an MPLS VRF NAT configuration.
Workaround: There is no workaround.
•
Symptoms: The maximum-paths import number-of-paths command enables a VRF to import additional paths in addition to the bestpath. If the original path of the import path is withdrawn, wrong import paths may be purged. This situation may cause traffic disruption up to 15 seconds.
Conditions: This symptom is observed when the original path of the best import path is withdrawn and the import path is at the end of the path list (that is, the one learned the very first). In this situation, all import paths that are derived from other paths may be purged as well. If the imported net has only import paths, the net may not be reachable until other paths are reimported.
Workaround: Ensure that the import path is at the top of the path list or use the same route descriptor (RD) for all import paths.
•
Symptoms: A BGP VPNv4 table may contain paths that may be imported from deleted BGP table entries or from table entries that have a different prefix from the importing prefix.
An example of a path from a deleted BGP table entry is as follows:
Router# sh ip bgp v v vpn2 192.168.0.0
BGP routing table entry for 200:2:192.168.0.0/32, version 52
Paths: (1 available, best #1, table vpn2)
Advertised to non peer-group peers:
10.4.1.2
2 100, imported path from 2829:2829:185404173:11.13.11.13/-53
10.1.1.2 from 10.1.1.2 (10.1.1.2)
Origin IGP, localpref 100, valid, external, bestThe entry that this path is imported from has been removed from the table and its memory contents contain an incorrect pattern. When the incorrect pattern is displayed as a prefix, it appear as "2829:2829:185404173:11.13.11.13/-53".
A mismatched prefix appears as follows:
Router# sh ip bgp v v vpn2 192.168.0.0
BGP routing table entry for 200:2:192.168.0.0/32, version 54
Paths: (2 available, best #1, table vpn2)
Flag: 0x820
Advertised to non peer-group peers:
10.10.10.10 10.20.20.20
2
10.4.1.2 from 10.4.1.2 (10.4.1.2)
Origin IGP, localpref 100, valid, external, best
Extended Community: RT:1:2
2 100, imported path from 200:2:172.16.0.0/24
10.1.1.2 from 10.1.1.2 (10.1.1.2)
Origin IGP, localpref 100, valid, external
Extended Community: RT:1:3This BGP VPNv4 table entry is for prefix 192.168.0.0/32 but it shows that a path is imported from 172.16.0.0/24. This situation occurs when a path has a link to a deleted BGP table entry, and then the memory for the deleted entry is reused for a new table entry of which the prefix may not match with the importing entry.
Conditions: These symptoms are observed when you enter the maximum-paths import number command in router BGP address-family IPv4 VRF mode. The number argument indicates the number of paths to import from one VRF to another.
Workaround: Remove the maximum-paths import number command from the router BGP address-family IPv4 VRF mode.
ISO CLNS
•
Symptoms: A default route is not installed into the Border Gateway Protocol (BGP) routing table when the default-information originate command is configured in Connectionless Network Service Protocol (CLNS) address family configuration mode.
Conditions: This symptom is observed only on routers that run Cisco IOS Release 12.3(4)T2 and are configured to run CLNS, Integrated Intermediate System-to-Intermediate System (IS-IS), and BGP.
Workaround: There is no workaround.
Miscellaneous
•
Symptoms: Voice gateway router may crash during voice and data traffics with high CPU load.
Conditions: This symptom is observed on a Cisco 2600 series router but is platform independent.
Workaround: There is no workaround.
•
Symptoms: When a Cisco 7500 series boots up with low-speed serial interfaces, an error message is generated for each interface for which Cisco IOS legacy fair queueing is disabled.
Conditions: This symptom is observed on a Cisco 7500 series router that has low-speed serial interfaces and dCEF configured. QoS functionality is not impacted.
Workaround: There is no workaround.
•
Symptoms: A router may reload with a bus error.
Conditions: This symptom is observed on a Cisco router that is configured for time-division multiplexing (TDM) hairpinning.
Workaround: There is no workaround.
•
Symptoms: A router running CEF may report a "IP Null turbo vector" status message.
Conditions: This symptom is observed on a Cisco 3725 that runs Cisco IOS Release 12.3(6) and that has an AIM-VPN/EPII.
Workaround: Manually disable and reenable CEF. The status message then changes to "IP CEF VPN Feature Fast switching turbo vector."
•
Symptoms: Channels may occasionally hang on an MRP.
Conditions: This symptom is observed on an MRP that runs Cisco IOS Release 12.3(2)XA and that uses the R2 protocol. The symptom may also occur in Release 12.3.
Workaround: Enter the shutdown command followed by the no shutdown command on the affected voice ports.
•
This caveat consists, of six separate symptoms, conditions, and workaround, of which the first three apply to all Cisco IOS releases and the last three apply only to Cisco IOS Release 12.3 T:
1) Symptoms: There are three symptoms:
- There may be a inconsistent or duplicate display of files between the show diskslot-number and dir diskslot-number commands.
- When a file is deleted from the CLI, the file may be deleted but a "No such file" message may be printed.
- One cluster may leak. Entering the fsck command truncates the original file and creates an orphan file for the leaked cluster.
Conditions: This symptom is observed when an application creates or opens a file without the "O_TRUNC:" mode, as in the following example:
show version | append disk#:
Router#conf t Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#vtp file new Setting device to store VLAN database at filename new. Router(config)#^ZWorkaround: There is no workaround.
2) Symptoms: The show diskslot-number and dir diskslot-number commands may show inconsistent information (such as inconsistent file sizes) when multiple images are copied.
Conditions: This symptom is observed when you make two copies of the image file to the disk by using two vtys and by entering the dir diskslot-number command at the same time.
Workaround: Do not enter the show diskslot-number and dir diskslot-number commands when multiple images are being copied.
3) Symptoms: There are two symptoms:
- The show diskslot-number and dir diskslot-number commands may show inconsistent information.
- Entering the fsck command may delete or truncate the valid files or create an orphan file for an unused cluster.
Conditions: This symptom is observed when you rename a directory that consists of many subdirectories or files.
Workaround: Reload the router.
4) Symptoms: There are two symptoms:
- There may be a duplicate entry for each file when you enter the show diskslot-number command.
- An snmpGet on a ciscoFlashFileSize object may enter a loop.
Conditions: This symptom is observed on a router that runs Cisco IOS Release 12.3 T after the router boots up.
Workaround: There is no workaround.
5) Symptoms: There are two symptoms:
- The show diskslot-number and dir diskslot-number commands may show inconsistent information.
- Entering the fsck command may delete or truncate the original file.
Conditions: This symptom is observed on a router that runs Cisco IOS Release 12.3 T when an application or a CLI command overwrites a file on the disk.
Workaround: Reload the router.
6) Symptoms: A router that runs Cisco IOS Release 12.3 T crashes.
Conditions: This symptom is observed when an application creates or opens a file without the "O_TRUNC" mode and attempts to delete the file, as in the following example:
show version | append disk0:redirect.out" and issuing delete disk0:disk0:redirect.out
Workaround: Reload the router and delete the file.
•
Symptoms: On a Cisco AS5400 Voice Gateway, calls may fail when it is used as an Originating Gateway that is configured with g.clear codec and signalled by an MGCP call agent. NAK messages may also be seen.
Conditions: This symptom is observed on a Cisco AS5400 Voice Gateway.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may crash if a PA driver attempts to convert an uncached iomem address to a cached iomem address.
Conditions: This symptom is observed on a Cisco 7200 series that is configured with an NPE-G1.
Workaround: There is no workaround.
•
Symptoms: A router may reload after sending some traffic during the PPPoE client authentication setup.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3(9) when the clear pppoe all command is entered on the PPPoE client after both corresponding ATM and dialer interfaces have been shut down first.
Workaround: Do not enter the clear pppoe all command on the PPPoE client when the ATM and dialer interfaces are shut down.
•
Symptoms: All SWIDBs may be used.
Conditions: This symptom is observed when PPPoA sessions flap continuously.
Workaround: There is no workaround.
•
Symptoms: During the reloading of a Cisco router with dual RSP8 processors, the following error message may be displayed:
%Error opening nvram:/startup-config (Device or resource busy)As a result, the configuration in NVRAM might not be applied. This problem is unlikely to occur outside a specific timing condition.
Conditions: This symptom is observed on a Cisco 7500 series router with dual RSP8 processors but is platform independent.
Workaround: Use boot config to redirect the config to slot/disk/bootflash.
•
Symptoms: All VIPs in a Cisco 7500 series restart as a consequence of a Cbus complex that is triggered by a stuck output. Just before the output becomes stuck, IPC timeout errors occur.
Conditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.3(5) in a dLFIoATM environment.
Workaround: There is no workaround.
•
Symptoms: IMA link status sticks in NE usable/usable while showing FE active/active.
Conditions: This happens when connecting an IMA module in a Cisco 3640 to a third party vendor switch.
Workaround: Administratively shut down the link and then bring it back.
•
Symptom: The MBS value may be incorrect when you configure VBR-nrt for a PVC on an ATM interface.
Conditions: This symptom is observed when you first configure VBR-nrt with identical values for PCR and SCR, as in the following example:
pvc 2/5 vbr-nrt 3000 3000
When the PCR value is identical to the SCR value, MBS should not be configured. When you then apply a different PCR and SCR value (although still identical values for the PCR and SCR), the MBS is calculated as shown below:
pvc 2/5 vbr-nrt 2000 2000 94
This MBS value is not accepted as a valid value when you reload the router because the MBS should be 1 or nothing when the PCR value is identical to the SCR value.
Workaround: Remove the PVC and reapply the configuration.
•
Symptoms: A router may experience a memory leak when the LSR MIB is queried.
Conditions: This symptom is observed on a Cisco router running Cisco IOS Release 12.2(15)T10 but is software-independent.
Workaround: Disable the LSR MIB queries and reboot the device to reclaim the leaked memory.
•
Symptoms: A Cisco AS5300 may leak memory in the ISDN process.
Conditions: This symptom is observed on a Cisco AS5300 that runs Cisco IOS Release 12.3(6).
Workaround: There is no workaround.
•
Symptoms: A URM that is configured as an LSC does not pass traffic. Xtags come up but traffic does not pass.
Conditions: This symptom is observed on a URM that runs Cisco IOS Release 12.3(6). The symptom does not occur on other software trains.
Workaround: There is no workaround.
•
Symptoms: A Cisco AS5400 may crash with a bus error at address 0xFFFFFFFF.
Conditions: This symptom is observed on a Cisco AS5400 that runs Cisco IOS Release 12.3(6) only when facility messages are generated. The symptom may also occur on a Cisco 1700 series and Cisco 2600 series.
Workaround: There is no workaround.
•
Symptoms: A Cisco router reboots more than once when using Cisco IOS Release 12.2(16b).
Conditions: This problem is observed by doing the shut command followed by the no shut command on the ATM interfaces several times with traffic flowing through and by having QoS, service policy, and hardware encryption configured on ATM IMA interfaces.
Workaround: Remove the service-policy prior to doing the shut command followed by the no shut command. Alternatively, stop the traffic prior to doing the shut command followed by the no shut command.
•
Symptoms: A Cisco AS5300 running Cisco IOS Release 12.3(6) may encounter a bus error.
Conditions: This symptom is observed when a Cisco AS5300 is running voice traffic under a heavy load.
Workaround: There is no workaround.
•
Symptoms: IKE SAs will fail to be created if the two peers are not running the same version of Cisco IOS software. This affects both main mode and aggressive mode negotiations. This also impacts devices negotiating IKE regardless of whether a NAT devices exists in the mix or not, it also impacts router to router and router to client negotiations.
Conditions: An update to the Cisco IOS support for NAT-Transparency (UDP- encaps) in CSCed21558 led to the problem that unless both peers were running the version of code that contained this enhancement, IKE negotiation would fail. The reason for this is that the new functionality contained support for the new version-7 vendor-id. An error in the vendor-id handling caused devices to misinterpret the NAT-T vendor-IDs in such a way that negotiations would break down. The problem occurred in Cisco IOS Release 12.3(9) and Cisco IOS Release 12.3(8.3)T interim.
Workaround: Use the same version of Cisco IOS on peers negotiating with each other. For software clients connecting to Cisco IOS Release 12.3(9) gateways, there is no workaround.
•
Symptoms: A Cisco 3700 series with an NM-1A-OC3, NM-1A-T3, or NM-1A-E3 network module with many VCs of the same class may reload because of a bus error.
Conditions: This symptom is observed when you configure more than 255 VCs of the same QoS type on the ATM interface, when traffic is processed on all VCs, and when a line error occurs.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may reload under a specific sequence of CLI commands:
# conf t
Enter configuration commands, one per line. End with CNTL/Z.
(config)#policy-map Set_BestEffort_IP
(config-pmap)#class class-default
(config-pmap-c)#shape average 4000000
shape is invalid command in input policy.
(config-pmap-c)#exit...router reloads...
(config-pmap)#exit
(config)#interface Serial4/1/0:10
(config-if)#bandw 4096Conditions: This symptom has been observed in Cisco IOS Release 12.2(13)T and Release 12.3(6) software, but it should be reproducible in older Cisco IOS releases as well.
Workaround: Avoid the illegal shape command.
•
Symptoms: MGCP quarantine mode is updated with each incoming MGCP message, independent of the fact that the message may not have Q-line. This behavior may cause regressions.
Note that the legacy behavior is to ignore any updates to the MGCP quarantine mode when no Q-line is present in the MGCP message.
Conditions: This symptom is observed when a Cisco gateway that runs Cisco IOS Release 12.3 or Release 12.3 T is configured for MGCP.
Workaround: There is no workaround.
•
Symptoms: The problem exists when PIM announcement packets are distributed through tunnels, and when crypto map, which specifies the protection on GRE traffic, is only applied to the physical interface. Even though it is a correct way to apply the crypto map only to the physical interface to protect the GRE traffic, the crypto policy checking on PIM announcement packets is missing.
Conditions: This symptom occurs when PIM announcement packets are distributed through tunnels.
Workaround: Apply the crypto map to both tunnel and physical interfaces.
•
Symptoms: When you change the Cisco IOS release from Release 12.2 to Release 12.3(6a), a router may reload because of a bus error.
Conditions: This symptom is observed when a MQC-based policy and legacy fair queueing are configured on different Frame Relay subinterfaces of the same physical interface.
Workaround: There is no workaround.
•
Symptoms: The output of the show ip access-list command does not show extended access lists.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS interim Release 12.3(9.3)T. The symptom may also occur in Release 12.3.
Workaround: There is no workaround.
•
Symptoms: A VIP may crash with a bus error and generate the following error message:
%ALIGN-1-FATAL: Illegal access to a low addressThis occurs after the following scheduler error in the "req_proc" process
%SYS-2-INTSCHED: 'sleep for' at level 2
-Process= "req_proc", ipl= 2, pid= 27Conditions: This symptom is observed on a Cisco 7500 series that runs a Cisco IOS image that contains the fix for CSCec07487 when a PA-MC-8TE1+ is installed in the VIP.
Workaround: There is no workaround.
•
Symptoms: A Cisco7200VXR series router that is installed with PA-MC-8TE1 serial interface and is configured with IPSec encryption enabled may run into hang occasionally.
Conditions: This symptom is observed on Cisco 7200VXR series routers that have the following conditions:
a) Installed with PA-MC-8TE1 serial interface card
b) Configured with IPSec encryption (does not matter if it is tunnel protection or crypto map).
Workaround: There is no workaround except turning off IPSec encryption.
•
Symptoms: A software-forced reload may occur on an MGCP gateway that uses embedded messages in the MGCP protocol.
Conditions: This symptom is observed on a Cisco platform that functions as an MGCP gateway and is caused by the MGCP embedded message processing.
Workaround: There is no workaround.
•
This caveat consists of three symptoms, three conditions, and three workarounds:
Symptom 1: Memory utilization may increase on a Cisco IOS gatekeeper that
functions as an originating gatekeeper (OGK). You must reboot the gatekeeper to enable it to return to normal operating conditions.
Condition 1: This symptom is observed when the following conditions are
present:
- There are two or more remote zones configured for the same prefix and the gatekeeper receives ARQs for this prefix.
- All these remote zones are configured for inter-gatekeeper authentication using Cisco Access Tokens (CAT).
- The zone prefix is configured to send sequential LRQ messages.
Workaround 1: Use the "blast" mode to send LRQ messages or turn off inter-gatekeeper authentication.
Symptom 2: Wrong CATs are sent to remote zones from a Cisco IOS gatekeeper that functions as an OGK.
Condition 2: This symptom is observed when the following conditions are present:
- There are three or more remote zones configured for the same prefix and the gatekeeper receives ARQs for this prefix.
- Each of these remote zones is configured for inter-gatekeeper authentication with a different password to be used for the creation of the CAT.
- The zone prefix is configured to send sequential LRQ messages.
Workaround 2: Use the "blast" mode to send LRQ messages or turn off inter-gatekeeper authentication.
Symptom 3: A spurious memory access may occur on a Cisco IOS gatekeeper that functions as a directory gatekeeper (DGK).
Condition 3: This symptom is observed when the following conditions are
present:
- There are two or more remote zones configured for the same prefix and the gatekeeper receives LRQ messages for this prefix.
- The second and subsequent remote zones are configured for inter-gatekeeper authentication using Cisco Access Tokens (CAT).
- The zone prefix is configured to send sequential LRQ messages.
Workaround 3: Use the "blast" mode to send LRQ messages or turn off inter-gatekeeper authentication.
•
Symptoms: A Cisco access server does not report digital/ISDN data calls in the output of the show controllers e1 call-counters command. Analog calls are correctly counted. The SNMP representation of active DS0s within the CISCO-POP-MGMT-MIB is also affected by this problem: the cpmActiveDS0s OID no longer shows the total number of calls, but reports only the number of analog/modem calls.
Conditions: This symptom is observed on a Cisco access server that runs Cisco IOS interim Release 12.3(7.9) or a later release.
Workaround: To retrieve the number of digital data calls using a CLI command, enter the show caller summary EXEC command. There is no workaround for SNMP retrieval.
•
Symptoms: When you boot a router, VBR-NRT configurations are lost. For example, when MBS is 32 and you boot the router, the VBR-NRT command in the startup configuration is not parsed to the running configuration:
vbr-nrt 1000 1000 32
^
% Invalid input detected at '^' marker.The following example is a configuration before the symptom occurs:
interface ATM5/0.5 point-to-point
ip address xx.xx.xx.xx 255.255.255.0
pvc 1/105
vbr-nrt 1000 1000 32
!After you boot the router, the configuration is as follows:
interface ATM5/0.5 point-to-point
ip address xx.xx.xx.xx 255.255.255.0
pvc 1/105
!Conditions: This symptom is observed on a Cisco router that runs Cisco IOS interim Release 12.3(4.4) or a later release under the following conditions:
–
–
–
Note that symptom does not affect old style PVCs.
Workaround: Reconfigure the PVC to the same PCR and SCR value and configure the MBS value to "1".
•
Symptoms: An NPE-G1 may displays an erroneous parity error message.
Conditions: This symptom is observed on a Cisco 7200 series when the NPE-G1 receives an ECC/bus error.
Workaround: There is no workaround.
•
Symptoms: %ALIGN-3-SPURIOUS and %ALIGN-3-TRACE messages may appear in the logs of a router, and the output of the show align command shows that some spurious memory accesses are recorded.
Conditions: This symptom is observed on a Cisco 7500 series when a dLFIoATM interface on the router flaps.
Workaround: There is no workaround. However, the capabilities and performance of the router are not affected.
•
Symptoms: Configure three routers one as a Generator, one as the reflector and the third as the unit under test. Configure the three routers for a back to back ping with the three routers (using static routes). Ping 50 5200 byte packets from the generator to the reflector. The NPEG1 router crashes.
Conditions: This symptom is seen in Cisco 7200 platform on NPEG1 routers that are running Cisco IOS Release 12.3(9a).
Workaround: There is no workaround.
•
Symptoms: A Cisco 7200 series router with high speed serial interfaces like HSSI or PA-2T3+ PA undergoes unexpected reload.
Conditions: This symptom is observed after OIR on HSSI and PA-2T3+ PAs with traffic.
Workaround: Without any traffic, or if the PA is shutdown before OIR, the defect may not happen.
•
Symptoms: The MGCP default setting for a minimum jitter buffer size is 4 ms; this setting degrades the voice quality until you configure the setting to be different via the mgcp playout command.
Conditions: This symptom is observed under normal operating conditions.
Workaround: Configure the nominal MGCP default setting for the minimum jitter buffer size to be the same as for H.323 and SIP gateways so that the setting for each individual gateway does not need to be changed via the mgcp playout command.
•
Symptoms: A line card reloads continuously after an OIR.
Conditions: This symptom is observed when the line card has MFR and a service policy configured.
Workaround: Remove the service policy before performing an OIR.
•
Symptoms: A Cisco7200VXR series router that is installed with PA-MC-8TE1 serial interface and is configured with IPSec encryption enabled may run into hang occasionally.
Conditions: This symptom is observed on Cisco 7200VXR series routers that have the following conditions:
a) Installed with PA-MC-8TE1 serial interface card
b) Configured with IPSec encryption (does not matter if it is tunnel protection or crypto map).
Workaround: There is no workaround except turning off IPSec encryption.
•
Symptoms: Serial interfaces based on PA-MC-8TE1+ hardware continue to process packets even after interface is placed in ADMINDOWN state. The counters in "show interface" may continue to increment even if the serial interface is "shut down".
Conditions: This defect is seen on serial interfaces based of PA-MC-8TE1+ hardware.
Workaround: Remove the channel-group configuration for the interface.
•
Symptoms: MGCP links between a gateway and an EGW call agent fail may fail to come back into service.
Conditions: This symptom is observed when you change from Cisco IOS Release 12.3(4)T4 to Release 12.3(8)T. The gateway normally uses the source address that is specified to respond to MGCP messages. After upgrading to Release 12.3(8)T, the MGCP bind control seems to be ignored and the gateway uses the WAN interface IP address as the source address. The symptom could also occur in Release 12.3.
Workaround: There is no workaround.
Wide-Area Networking
•
Symptoms: When multiple dialout calls are triggered at virtually the same time on a Cisco AS5300 with a Large-Scale-Dial-Out (LSDO) configuration, the resulting accounting records may be either wrong or missing.
Conditions: This symptom is observed in a stress test under lab conditions when the concurrent dialout attempts are made using the same E1 link and when the packets triggering the dialout arrive at the same time, causing two ISDN SETUP messages within a very short period, that is, within 5 to 10 msec.
Workaround: There is no workaround.
•
Symptoms: A parity error on a Versatile Interface Processor (VIP) card may cause other VIPs to go to a wedged state.
Conditions: This symptom is observed on a Cisco 7500 series router.
Workaround: There is no workaround.
•
Symptoms: A Cisco 7500 series Route Switch Processor (RSP) may crash while Multilink PPP (MLP) is running.
Conditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.3(5), that is equipped with a VIP4-80 and PA-A3 ATM port adapters, and that is configured for distributed Link Fragmentation and Interleaving over ATM (dLFIoATM).
Workaround: There is no workaround.
•
Symptoms: A spurious memory access may occur on a Cisco router that is configured for PPP.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3(5).
Workaround: There is no workaround.
•
Symptoms: With PPP multilink over ATM configured in Cisco IOS, the router may reload with a bus error.
Conditions: This symptom is observed when the PPP over ATM link goes down and is removed from the multilink bundle.
Workaround: Increasing the keepalive interval or retry count, or disabling keepalives altogether, may help to avoid the problem by making it less likely that the PPP over ATM session goes down during periods of instability in the ATM network.
•
Symptoms: A11 sessions on a Cisco PDSN may be stuck in the "EST" establishing state, and PPP negotiation may stop progressing any further. This situation may cause the Cisco PDSN to run out of memory, preventing new PPP sessions (PDSN or otherwise) from being started, and possibly preventing other features from being used.
Conditions: This symptom is observed on a Cisco PDSN that runs Cisco IOS Release 12.3(7)T or a later release later after about 1 million sessions are established and closed.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.3(9)
This section describes possibly unexpected behavior by Cisco IOS Release 12.3(9). All the caveats listed in this section are resolved in Cisco IOS Release 12.3(9). This section describes severity 1 and 2 caveats and select severity 3 caveats.
The following information is provided for each caveat:
•
•
•
Basic System Services
•
Symptoms: Many memory allocation failure (MALLOCFAIL) messages may occur for a Cisco Discovery Protocol (CDP) process:
%SYS-2-MALLOCFAIL: Memory allocation of -1732547824 bytes failed from
x605111F0, pool Processor, alignment 0
-Process= "CDP Protocol", ipl= 0, pid= 42
-Traceback= 602D5DF4 602D78A0 605111F8 60511078 6050EC88 6050E684 602D0E2C 602D0E18Conditions: The symptom is observed on a Cisco 7513 that runs Cisco IOS Release 12.0(17)ST. The symptom may also occur on other Cisco 7500 series routers that run Release 12.0 S, 12.2 S, 12.3, or 12.3 T.
Workaround: To prevent the symptom from occurring again, disable CDP by entering the no cdp run global configuration command.
•
Symptoms: Information about a port adapter (PA) may be missing from the output of a show diag command.
Conditions: This symptom is observed on a controller with a memory size of 128 MB DRAM and 8192 KB SRAM. The controller displays the following information:
PA Bay 0 Information:
Fast-Ethernet PA, 1 ports, 100BaseTX-ISL
EEPROM format version 0
HW rev 0.00, Board revision UNKNOWN
Serial number: 00000000 Part number: 00-0000-00
PA Bay 1 Information:4
Fast-Ethernet PA, 1 ports, 100BaseTX-ISL
EEPROM format version 1
HW rev 1.00, Board revision A0
Serial number: 08534388 Part number: 73-1688-0The problem is related to a timing issue and is not always reproducible.
Workaround: There is no workaround. On the other hand it does not impact the functionality of the router.
•
Symptoms: A Cisco router may fail to process Cisco Discovery Protocol (CDP) packets and update the IP process for On Demand Routing (ODR) routes.
Conditions: This symptom is mainly observed on WAN interfaces with traffic that is passing through the link when a Cisco router fails to update the hold-down timer and the IP process when it receives a CDP packet from a neighbor.
Workaround: There is no workaround.
•
Symptoms: When you configure the Per VRF AAA feature by using a remotely defined customer template, a Virtual Home Gateway (VHG) may fail to parse authentication, authorization, and accounting (AAA) attributes that it receives in an Access-Accept response from a RADIUS server.
Conditions: This symptom is observed when the virtual-template interface is configured to support virtual-access subinterfaces and when the VHG functions under a heavy traffic load.
Workaround: Disable the virtual-access subinterfaces by entering the no virtual-template subinterface global configuration command.
Alternate workaround: Enter the ntp disable interface configuration command on the virtual-template interface.
•
Symptoms: When downloading IP address pools via a Radius Server using Radius Attribute 217, Ascend-IP-Pool-Definition, the ending IP address of the address pool is incorrect. It seems that the translation from the Ascend max entries to a Cisco CLI attribute goes wrong.
See the following example:
Nov 6 11:26:49.696: RADIUS: ascend_pool_definiti[217] 19 "1 10.112.26.1 240"
Nov 6 11:26:49.696: RADIUS: Vendor, Ascend [26] 26
Nov 6 11:26:49.696: RADIUS: ascend_pool_definiti[217] 20 "5 10.112.26.242 10"
Nov 6 11:26:49.696: RADIUS(0000017C): Received from id 21648/217
Nov 6 11:26:49.696: AAA/PER-USER: mode = config; command = [ ip local pool 1 10.112.26.1 10.112.26.240]
Nov 6 11:26:49.696: AAA/PER-USER: line = [ ip local pool 1 10.112.26.1 10.112.26.240]
Nov 6 11:26:49.700: AAA/PER-USER: mode = config; command = [ ip local pool 5 10.112.26.242 10.128.59.6]
Nov 6 11:26:49.700: AAA/PER-USER: line = [ ip local pool 5 10.112.26.242 10.128.59.6]It is unclear where i.e. 10.128.59.6 comes from as it should be 10.112.26.252 (total of 10 addresses in the pool).
The NAS rightfully complains further about it in the debugs as follows:
Nov 6 11:26:49.704: PPP: Message from per-user configuration ...
Nov 6 11:26:49.704: %Bad IP range, 10.112.26.242-10.128.59.6Radius Attribute Translations and Cisco AV-pairs are handled as you would parser the command into the CLI.
Conditions: This seems to fail in about 1 out of 10 IP pool downloads from the Radius-Server.
Workaround: Use Cisco AV-pairs attributes to download IP address pool instead of Radius Attribute 217, Ascend-IP-Pool-Definition.
•
Symptoms: When command accounting is enabled, Cisco IOS routers will send the full text of each command to the ACS server. Though this information is sent to the server encrypted, the server will decrypt the packet and log these commands to the logfile in plain text. Thus sensitive information like passwords will be visible in the server's log files.
Conditions: This problem happens only with command accounting enabled.
Workaround: Disable command accounting.
•
Symptoms: A memory leak may occur in the "dead process" on a Cisco router, and memory allocation failures (MALLOCFAIL) may be reported in the processor pool. The authentication, authorization, and accounting (AAA) User Identifier (UID) database may leak about 200,000 bytes for each failed EXEC call or vty session because of internal errors during the initiation process.
Conditions: This symptom is observed when EXEC Accounting and Network Accounting are enabled and when a failure occurs during an EXEC call or a vty session. The reasons for the EXEC call failure or vty session failure could be low processor memory on the Cisco router, an internal message processing error, or a timeout during the prompting for a username and password.
Workaround: If this is an option, disable EXEC Accounting and Network Accounting.
•
Symptoms: The individual AAA periodic accounting update messages (Radius accounting messages with Acct-Status-Type=Watchdog) generated by an IOS gateway for each call leg (TDM and IP) of the same voice call may be sent to the Radius server more than 5 minutes apart due to the randomized timer algorithm used by the AAA message transmit function.
Conditions: The aaa accounting update newinfo periodic command is configured.
Workaround: There is no workaround.
•
Symptoms: A Cisco router will reload when the tftp-server flash long- string global configuration command is enabled.
Conditions: This symptom occurs on a Cisco router that is running Cisco IOS Release 12.3(4)T and Release 12.3(6).
Workaround: There is no workaround.
•
Symptoms: The AAA method list and server group configuration may not function, that is, a valid server group and method list configuration may be rejected.
Conditions: This symptom is observed on a Cisco platform that runs a Cisco IOS software release that is listed in the "First Fixed-in Version" field at the following location:
http://www.cisco.com/pcgi-bin/Support/Bugtool/onebug.pl?bugid=CSCed25576
Cisco IOS software releases that are not listed in the "First Fixed-in Version" field at this location are not affected.
Workaround: There is no workaround.
•
Symptoms: A Cisco 10000 series functioning as a LAC may become very busy and start queueing up the incoming L2TP packets from an LNS, causes the middle buffer to become exhausted and eventually use all available IO memory. Malloc failures with tracebacks can be seen in the log.
Conditions: This symptom is observed when disconnecting L2TP sessions at 200 calls per second or more.
Workaround: There is no workaround.
•
Symptoms: An SNMP trap configuration may be erased when you enter the snmp-server enable traps snmp global configuration command with any trap type followed by the snmp-server enable traps [syslog | entity] global configuration command.
Conditions: This symptom is observed on multiple Cisco platforms that run Cisco IOS Release 12.2 or Release 12.3.
For example, the symptom occurs when you enter the following configuration:
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart snmp-server enable traps syslog
snmp-server enable traps entityThen you enter:
no snmp-server enable traps snmp authentication
no snmp-server enable traps syslogor you enter:
no snmp-server enable traps snmp authentication
no snmp-server enable traps entityAt this point, the snmp-server enable traps snmp linkdown linkup coldstart warmstart command is no longer in the output of the show running-config command.
Workaround: Manually reconfigure the snmp-server enable traps snmp linkdown linkup coldstart warmstart command.
Alternate Workaround: First enter the no snmp-server enable traps syslog command or the no snmp-server enable traps entity command before you enter the no snmp-server enable traps snmp authentication command.
•
Symptoms: A serial interface on a Cisco 7500 series may stop transmitting traffic and may report the following VIP crashes:
%MDS-2-LC_FAILED_IPC_ACK: RP failed in getting Ack for IPC message of size 84
to LC in slot 2 with sequence 1007, error = timeout
%RSP-3-RESTART: interface Serial3/0/0:0, not transmitting
%VIP2-3-MSG: slotX VIP-3-SVIP_CYBUSERROR_INTERRUPT: A Cybus Error occurred.
%VIP2-1-MSG: slotX CYASIC Error Interrupt register 0x4000000
%VIP2-1-MSG: slotX DMA Transmit Error
%VIP2-1-MSG: slotX CYASIC Other Interrupt register 0x100
%VIP2-1-MSG: slotX QE HIGH Priority Interrupt
%VIP2-1-MSG: slotX QE RX HIGH Priority Interrupt
%VIP2-1-MSG: slotX CYBUS Error Cmd/Addr 0xD00FF3AConditions: This symptom is observed on a Cisco 7500 series running Cisco IOS Release 12.3(5a). This symptom is not observed in Release 12.1(8c).
Workaround: There is no workaround.
•
Symptoms: In Cisco IOS Release 12.3 when double authentication is configured, a change of behavior is noticed regarding the dynamic access lists that are used on the virtual-template and the access lists that are used per user.
Before Cisco IOS Release 12.3 (in Release 11.2, 12.0, 12.1, an 12.2), double authentication occurs when a RADIUS server replies with a "NO ACL" attribute. When the access-profile replace command is enabled, the command removes the existing ACL.
In Cisco IOS Release 12.3 (in particular, in Release 12.3.6), when the access-profile replace command is enabled, the command removes the existing ACL only if the RADIUS reply includes an ACL attribute. Some RADIUS servers do not return an ACL on the second authentication, causing service to stop functioning. This situation may be difficult to detect and troubleshoot.
Following is an example in which the access-profile replace command is applied:
line vty 5
password xxxxx
authorization exec CSCO
login authentication CSCO
rotary 12
autocommand access-profile replace
transport preferred all
transport input telnet
transport output all
line vty 6Conditions: This problem happens when in both phases of double authentication access lists are required to restrict user access.
Workaround: Make use of a per-user access list that is downloaded via a RADIUS attribute during the second phase (with a second user name) of double authentication. Due to legacy implications, this workaround can not always be implemented.
•
Symptoms: SAA RTR key-chain authentication may fail with the following RTT responder:
authentication failure
Conditions: This symptom is observed when SAA is using a key chain which has a key ID that has a value larger than 255.
Workaround: Ensure that the value of the key ID does not exceed 255.
•
Symptoms: A router may crash while accessing an illegal low value that is received from a timer of a RADIUS server.
Conditions: This symptom is observed when there are retransmits for a proxy RADIUS server during the SSG user logon process.
Workaround: There is no workaround.
•
Symptoms: A router may reload due to a software-forced crash.
Conditions: This symptom is observed on a Cisco 3745 that runs Cisco IOS Release 12.2(13)T5 and that has SSH configured. However, the symptom may occur on other platforms that run other releases and that do not have SSH configured.
Workaround: There is no workaround.
•
Symptoms: The session duration time reported in accounting packets may be wrong.
Conditions: This symptom is observed when you enter the show aaa user all command; the session time recorded in the accounting stop record is incorrect. This symptom is seen only when the aaa accounting session-duration ntp-adjusted command is enabled via the CLI.
Workaround: If this is an option, avoid using the aaa accounting session-duration ntp-adjusted command.
•
Symptoms: Attributes 42 and 43 may be of value "zero" in Connection STOP records.
Conditions: This symptom is observed on a Cisco AS5400 and Cisco AS5850 that run Cisco IOS Release 12.3 or Release 12.3(4)T4 when a TCP-clear call is disconnected by the caller. For call disconnects by the NAS, the values are proper.
Workaround: There is no workaround.
•
Symptoms: Two RADIUS accounting records may be generated for a terminal window PPP session.
Conditions: This symptom is observed on a Cisco AS5400 and Cisco AS5800.
Workaround: There is no workaround.
•
Symptoms: The router may not respond to valid PoD packets by disconnecting the user. Instead, the router will return a RADIUS-format packet with a Code of Disconnect-Request-NAKed (42 in decimal) and a Reply-Message attribute with a value set to the string "No Matching Session."
Conditions: This problem happens when you are using PoD to disconnect users, and have aaa pod server ... auth-type all ... configured, and are using a PoD server which includes an EXACT copy of RADIUS attribute 151 from an earlier accounting request in the PoD packet.
Workaround: Either use a program to generate the PoD packets which knows to convert from an ASCII string of hexadecimal characters to a 32-bit number or Configure the router to ignore the value of attribute 151 in the PoD request by configuring aaa pod server ... auth-type all ignore session-key ....
Further Problem Description: In RADIUS accounting packets, IOS generates attribute 151 values as a string of hexadecimal digits, corresponding to a 32-bit integer. When running a Cisco IOS version affected by this bug, the router IOS expects a copy of that 32-bit unsigned integer as a 32-bit unsigned integer, rather than as a string of ascii characters representing a hexadecimal number.
In Cisco IOS versions where the fix for this bug has been integrated, Cisco IOS software will accept either the string that Cisco IOS software sent out, or the 32-bit unsigned integer which unfixed versions accept.
PoD stands for "Packet of Disconnect" or "Packet of Death," depending on the specification version.
•
Symptoms: Console access to a router may not be available after booting up.
Conditions: This symptom is observed when the router does not have the aaa authentication login command enabled.
Workaround: Load a Cisco IOS software image in which this problem does not occur and use one of the following workarounds before loading the Cisco IOS software image in which the problem occurs:
–
–
•
Symptoms: A platform may reload when the aaa dnis map dnis-number authentication ppp group server-group-name command is entered.
Conditions: This symptom is observed when aaa dnis map commands are enabled.
Workaround: There is no workaround.
•
Symptoms: After a VIP crashes, a FIB-3-FIBDISABLE error message due to an IPC timeout may occur for all the slots of the VIP.
Conditions: This symptom is observed on a Cisco 7500 series after the VIP crashes and before the VIP recovers. The FIB-3-FIBDISABLE error message is generated for all the slots of the VIP, causing dCEF switching to become disabled.
Workaround: There is no workaround. You can reenable dCEF by entering the clear cef linecard command.
•
Symptoms: A Cisco router may reload during an attempt to free memory after Simple Network Management (SNMP) operations.
Conditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.3(9), that is configured with an RSP, and that has the SNMP bulk transfer feature enabled.
Workaround: There is no workaround.
•
Symptoms: The "radius-server attribute 196 network-up lcp-open" cannot be configured and is treated as an invalid input.
Conditions: This symptom is observed in Cisco IOS Release 12.3(9).
Workaround: There is no workaround.
•
Symptoms: A TACACS+ server may not switch to an alternate server in the same server group when the connection to the first server times out.
Conditions: This symptom is observed when there are multiple TACACS+ servers configured in the same server group and when the connection to the first TACACS+ server times out.
Workaround: Configure a single server in each server group, and attach multiple server groups to the method list.
As an example, if the symptom occurs in the following configuration:
aaa group server tacacs DIAL
server 1
server 2
aaa authentication ppp default group DIAlchange this configuration to the following:
aaa group server tacacs DIAL1
server 1
aaa group server tacacs DIAL2
server 2
aaa authentication ppp default group DIAL1 group DIAL2•
Symptoms: A router crashes when trying to send an access-request to a server group that has no RADIUS server configured.
Conditions: This symptom is observed when the radius-server retry method reorder command is configured and when a RADIUS server is configured and then unconfigured.
Workaround: There is no workaround.
Further Problem Description: This problem is not seen when there are one or more RADIUS servers configured or when the radius-server retry method reorder command is not enabled.
•
Symptoms: A Cisco device experiences a memory leak in the CDP process.
Conditions: The device sending CDP packets sends a hostname that is 256 or more characters. There are no problems with a hostname of 255 or fewer characters.
Workaround: Configure the neighbor device to use less than a 256 character hostname, or disable the CDP process with the global command no cdp run.
•
Symptoms: A platform may pause indefinitely when the radius-server deadtime command is configured.
Conditions: This symptom is observed on a Cisco platform under the following conditions:
–
–
–
Workaround: There are three different workarounds:
–
–
–
EXEC and Configuration Parser
•
Symptoms: A Cisco router may crash when you perform and online insertion removal (OIR) of a line card.
Conditions: This symptom is observed when an interface on the line card is being configured through the CLI while the OIR of the line card removes the interface.
Workaround: There is no workaround.
•
Symptoms: The startup configuration may not be applied to SPA interfaces.
Conditions: This symptom is observed only on SPA interfaces.
Workaround: There is no workaround.
IBM Connectivity
•
Symptoms: A router may crash and enter the ROMmon. The output of the sysret ROMmon command shows the following:
dlsw_tcpd_async_openf tcp_driver_direct tcp_driverThis symptom is related to memory corruption.
Conditions: This symptom is observed on a Cisco router that is configured for DLSw.
Workaround: There is no workaround.
•
Symptoms: Data-link switching (DLSw) Synchronous Data Link Control (SDLC) does not sends an XID command; the DLSw circuit does goes into the CONNECTED state but stays in the CKT_ESTABLISHED state until it drops.
Conditions: This symptom is observed when SDLC attaches to a PU2.0 and attempts to establish a session via DLSw to an Ethernet-attached Tandem where the DLSw SDLC interface is running as a role primary. After the DLSw router sends an XID P and the tandem returns an XID F, the DLSw router does not send an XID command.
Workaround: There is no workaround.
Interfaces and Bridging
•
Symptoms: A Cisco router may forward the MAC-layer broadcast.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.1(10) but may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: A Cisco 7200 series router may experience a software-forced reload.
The router console may show the following output:
validblock_diagnose, code = 1
current memory block, bp = 0x7001E58,
memory pool type is I/O
data check, ptr = 0x7001E80
next memory block, bp = 0x7001F98,
memory pool type is I/O
data check, ptr = 0x7001FC0
previous memory block, bp = 0x7001D18,
memory pool type is I/O
data check, ptr = 0x7001D40
%SYS-3-OVERRUN: Block overrun at 7001E58 (red zone
FD010220)
-Traceback= 606706A0 60673658 60675324 60675574
%SYS-6-MTRACE: mallocfree: addr, pc
6259BE40,60000730 6259BDE8,6083FFB8 6259FE14,6000002E 6259FDC0,60B03A64
6259F5BC,60B03854 6259F704,60000026 6259F6AC,60B03940 6259E1D8,60000730
%SYS-6-MTRACE: mallocfree: addr, pc
6259E184,60B03854 627BE824,60B03854 6259BDE8,60846E8C 6259BDE8,40000018
6259E184,60B0B1EC 6259E184,40000016 6259F6AC,60B0B4AC 6259F6AC,40000018
%SYS-6-BLKINFO: Corrupted redzone blk 7001E58, words
140, alloc 60620B44, InUse, dealloc 0, rfcnt 1
-Traceback= 6066E188 606706B4 60673658 60675324 60675574
%SYS-6-MEMDUMP: 0x7001E58: 0xAB1234CD 0xFFFFFFFE 0x0
0x615A0EA0
%SYS-6-MEMDUMP: 0x7001E68: 0x60620B44 0x7001F98
0x7001D2C 0x8000008C
%SYS-6-MEMDUMP: 0x7001E78: 0x1 0x0 0x0 0x0Conditions: This symptom is observed on a Cisco 7200 series router that is running Cisco IOS Release 12.2(12). The symptom may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: The media-type interface configuration command cannot be configured on an FEIP interface on a Cisco router.
Conditions: This symptom is observed on a Cisco 7500 series router.
Workaround: There is no workaround.
•
Symptoms: TX Simple Network Management Protocol (SNMP) counters do not update on Fast Ethernet subinterfaces for distributed Cisco Express Forwarding (dCEF) traffic.
Conditions: This symptom is observed on Cisco IOS Release 12.0(26)S and Release 12.3. The hardware is DEC21140A, and the interface receiving the traffic is not located on the same Versatile Interface Processor (VIP).
Workaround: There is no workaround.
•
Symptoms: When a client dials up with Serial Line Internet Protocol (SLIP) in dedicated mode, the IP address may not be dynamically assigned, and the client may have difficulty to get a connection.
Conditions: This symptom is observed when the dialup connection is made via a Cisco AS5350 that runs Cisco IOS Release 12.2(6). The symptom may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: Some of the commands that are related to bridging may be changed dynamically by the router which may result in undesired behavior.
Conditions: This symptom is observed on a Cisco 3745 router that is running Cisco IOS Release 12.3.
Workaround: There is no workaround.
•
Symptoms: A router crashes when you enter the default/no bridge-group bridge group subscriber-loop-control interface configuration command.
Conditions: This symptom is observed when there are no existing bridge-group configurations on the router.
Workaround: There is no workaround.
IP Routing Protocols
•
Symptoms: A Cisco 7204VXR that functions as an L2TP network server (LNS) may pause indefinitely because of a bus error when a user disconnects and then reconnects.
Conditions: This symptom is observed on a Cisco 7204VXR that is configured with a Network Processing Engine G1 (NPE-G1) under the following conditions:
–
–
Workaround: There is no workaround.
•
Symptoms: During BGP scalability testing, error messages and tracebacks similar to the following ones may be logged, indicating a difficulty with TCP and buffer usage:
%SYS-2-MALLOCFAIL: Memory allocation of 4692 bytes failed from 0x6076F714, align
Pool: I/O Free: 11143248 Cause: Memory fragmentation
Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "Pool Manager", ipl= 0, pid= 6
-Traceback= 607FE10C 607FF1EC 6076F71C 6080C1D0 6080C400
%TCP-6-NOBUFF: TTY0, no buffer available
-Process= "BGP I/O", ipl= 0, pid= 139
-Traceback= 6098B4EC 609938C8 60993C1C 60D55CE4 60D0BEB0
%TCP-6-NOBUFF: TTY0, no buffer available
-Process= "BGP Router", ipl= 0, pid= 138
-Traceback= 6098B4EC 609938C8 60993C1C 60D55CE4 60D29858 60D2AF88 60D1B4BCConditions: This symptom is observed on a Cisco router that is in the processing of building BGP sessions for about 80,000 prefixes and about 1200 BGP peers.
Workaround: There is no workaround.
•
Symptoms: Address Resolution Protocol (ARP) may not be triggered for an inside-local address destination after the outside-to-inside translation is performed correctly, causing packets to be dropped because the adjacency remains gleaned.
Conditions: This symptom is observed on a Cisco router when the Multi-VRF feature is configured and when you configure a customer edge (CE) router to perform Network Address Translation (NAT).
Workaround: Perform a ping from the router to the CE router to trigger ARP and to populate the adjacency table.
•
Symptoms: Static routes may be left without deletions. If an interface belonging to a VRF is disabled and reenabled, packets may no longer pass through the VPN instance.
Conditions: This symptom is observed when the egress interface of the static route is in a shutdown state.
Workaround: There is no workaround. One way of recovery is to reset the line card on which the interface was reenabled.
•
Symptom: When you enter the passive-interface default router configuration command in an Open Shortest Path First (OSPF) environment, all interfaces, including a virtual link, become passive interfaces. However, the virtual link may not come up even if the routers that terminate the endpoints of the virtual link have a full neighboring relationship via a nonpassive interface. When you enter the no passive-interface interface-type interface-number router configuration command and you enter virtual 0 for the interface-type interface-number argument, the command may not function, and the virtual link may remain down.
Conditions: These symptoms are observed on a Cisco router that runs Cisco IOS Release 12.0 S, 12.2 S. or 12.3, that functions in an OSPF environment, and that has the passive-interface default router configuration command enabled.
Workaround: Delete the virtual link and disable the passive-interface default router configuration command. Then, reconfigure the virtual link before you reenter the passive-interface default router configuration command.
Alternate Workaround: Do not enter the passive-interface default router configuration command. Rather, enter the passive-interface interface-type interface-number router configuration command for each individual interface that must be configured as a passive interface.
•
Symptoms: Pings fail on an Ethernet-to-VLAN interworking over L2TPv3 due to an IRDP failure.
Conditions: This symptom is observed when you ping between two CE routers. Both of the CE routers do not learn each other's MAC address automatically.
Workaround: Ping from the first CE router to the second CE router, then ping from the second CE router to the first CE router.
•
Symptoms: A Cisco router may crash.
Conditions: This symptom is observed after you enter the shutdown interface configuration command followed by the no shutdown interface configuration command multiple times on different interfaces.
Workaround: There is no workaround.
•
Symptoms: A Cisco router that is configured for SIP NAT may not be able to process authentication messages from a third-party SIP gateway that performs SIP proxy authentication.
Conditions: This symptom is observed in a Call Hold/Resume procedure.
Workaround: There is no workaround.
•
Symptoms: Routes may not be deleted from the routing table correctly.
Conditions: This symptom is observed when variance is configured on a Cisco platform that runs EIGRP.
Workaround: Remove the erroneous routes by entering the clear ip route * command.
•
Symptoms: The withdraw message of a multipath (not bestpath) from a BGP neighbor deletes the path from the BGP table but it does not uninstall the route from the IP routing table.
Conditions: This symptom is observed when the maximum-paths eibgp command or maximum-paths ibgp command is configured.
Workaround: Enter the clear ip bgp * or disable the maximum-paths eibgp command or maximum-paths ibgp command.
•
Symptoms: The output of the show ip nhrp command does not include the pre-NAT private IP address for a spoke behind NAT.
Conditions: This symptom is observed when a spoke is behind NAT and when the transport mode is used on both the hub and the spoke.
Workaround: There is no workaround. This problem is only cosmetic in nature and only the output of the show ip nhrp command is affected.
•
Symptom: This symptom occurs in an OSPF network topology in which a CE router (CE-1) connect to a PE router (PE-1) that connects to two other PE routers (PE- 2 and PE-3), each of which connect to another CE router (CE-2 and CE-3). In turn, both of these CE routers are connected to each other (that is, CE-2 and CE-3 connect to each other).
When the link between the PE-3 and the CE-3 flaps, the OSPF route in the VRF fails to switch back from BGP to OSPF on the PE-1.
Conditions: This symptom is observed in Cisco IOS Release 12.0 S, 12.2 S, and 12.3 T.
Workaround: Clear the ip route, clear the OSPF process, or enter the clear ip bgp * command on the PE-1 to bring the route back from BGP to OSPF.
•
Symptoms: T.38 fax calls between a Cisco router and a third-party gateway may fail.
Conditions: This symptom is observed when two third-party gateways are connected via a Cisco router that runs SIP NAT. The T.38 fax calls fail from one of the third-party gateways to the Cisco router and vice versa.
Workaround: There is no workaround.
•
Symptoms: Enhanced Interior Gateway Routing Protocol (EIGRP) next-hop self- routes are incorrectly deleted from a Routing Information Base (RIB).
Conditions: This symptom is observed when the no ip next-hop-self eigrp interface configuration command is used in a dual hub Dynamic multipoint VPN (DMVPN) network. Routes are learned for the same destination from two different sources over the DMVPN network directly from the spokes and from the other hub. These routes in the EIGRP topology table have the same IP- next-hop, but different metrics. The routes learned from the spokes have a lower metric and are used to populate the routing table. If this hub loses the other hub as an EIGRP neighbor, then EIGRP correctly removes the topology entries from the EIGRP topology table that are learned from the other hub. But EIGRP then deletes these routes from the routing table. EIGRP should not remove the routes from the routing table since the removed topology entries are not used to populate the routing table in the first place.
Workaround: EIGRP does not restore these routes to the routing table until the clear ip route * EXEC command is entered on the router.
•
Symptoms: A software-forced reload occurs on a router when you unconfigure a tunnel interface. After the router has reloaded, the router hangs.
Conditions: This symptom is observed on a Cisco 1760, Cisco 3640, and Cisco 7100 series that run Cisco IOS Release 12.3(9).
Workaround: There is no workaround. The reset the router, enter "send break."
•
Symptoms: A Cisco 1600 series crashes with an "Unexpected exception to CPU vector 2" error.
Conditions: This symptom is observed when stateful NAT is configured with the redundancy in command.
Workaround: There is no workaround.
•
Symptoms: When an IP phone on the inside talks to an analog phone inside or outside the network there is one-way audio in the destination phone.
Conditions: This problem occurs under the following conditions:
–
–
–
The problem was reported in Cisco 3600 routers. However, it seems not to be hardware dependent.
Workarounds:
–
–
•
Symptoms: EIGRP may generate an internal error message after NSF restarts and when there is an EIGRP process configured that has not yet started.
Conditions: This symptom is observed when you enter the router rip command and the redistribute eigrp 1 command. The EIGRP 1 process does not start until you enter the router eigrp 1 command.
Workaround: Prevent the internal error message by disabling the redistribute command or start the process by entering the router eigrp command.
•
Symptoms: NAT calculates an invalid UDP checksum for some checksum values.
Conditions: This symptom is observed in a very particular situation which depends on the NAT configuration and the UDP checksum value. After the translation, the new UDP checksum value of the translated packet is equal to zero. NAT ignores the new checksum value of zero and it uses the original checksum value, which causes a checksum error at the end device.
Workaround: There is no workaround.
•
Symptoms: NHRP registrations may not be sent.
Conditions: This symptom is observed when a tunnel interface goes from the down state to the up state.
Workaround: There is no workaround.
•
Symptoms: EIGRP may incorrectly remove a connected route from a topology.
Conditions: This symptom is observed when you change the router network commands and there are overlapping networks. For example, if the following is configured:
int loopback1
ip addr 10.1.2.2 255.255.255.0
router eigrp 1
net 10.0.0.0 0.3.255.255and you change the network command to:
router(config)# net 10.0.0.0
router(config)# no net 10.0.0.0 0.3.255.255the connected route will be removed when it should be retained.
Workaround: Remove the old network command first before adding the new one, for example:
router(config)# no net 10.0.0.0 0.3.255.255
router(config)# net 10.0.0.0•
Symptoms: Per-user access control lists disappear.
Conditions: This symptoms is observed on a Cisco platform when you enter the show ip access-lists command.
Workaround: There is no workaround.
•
Symptoms: When the debug ip pim auto-rp command is enabled on a Cisco 7500 series, the router crashes when it receives an AutoRP message.
Conditions: This symptom is observed on a Cisco 7500 series that runs the rsp-isv-mz image of Cisco IOS Release 12.2(15)T7 or 12.2(15)T9. The symptom may also occur in Release 12.3 or 12.3 T.
Workaround: There is no workaround.
•
Symptoms: ABRs may continue to generate summary LSA(s) for obsolete non-backbone intra-area route(s).
Conditions: This symptom occurs under the following conditions:
1. The ABR (call ABR X) has at least one non-backbone area (call area X) in common with one or more additional ABRs.2. The ABRs are generating summary LSAs, on behalf of the Area X's two or more intra-area routes, into the backbone area and other areas. The two intra-area routes must be advertised as stub links from two different routers; i.e., one from ABR X, and the other from another router belonging to Area X.
3. The summary LSA IDs for the intra-area routes above, when ORed with the host bits of the corresponding masks, yield identical LSA IDs.
For example, 10.10.10.128/25 and 10.10.10.0/24 yield identical LSA IDs when the network address is logically ORed with the host bits; i.e.,
10.10.10.128 | 0.0.0.127 = 10.10.10.255
10.10.10.0 | 0.0.0.255 = 10.10.10.255Workaround: Perform the clear ip ospf proc command on all ABRs containing the obsolete LSAs.
•
Symptoms: A Cisco 3600 series may crash while unconfiguring NFAS.
Conditions: This symptom is observed on a Cisco 3600 series that runs Cisco IOS Release 12.3(6).
Workaround: There is no workaround.
Miscellaneous
•
Symptoms: A Cisco 7200 series that is configured for IPSec may reboot with a bus error.
Conditions: This symptom is observed under rare circumstances when a race condition occurs.
Possible Workaround: Reload the router.
•
Symptoms: The performance of a router may be lower than you would expect, and CPU utilization may be high during packet forwarding.
Conditions: These symptoms are observed on a nondistributed Cisco router that runs Cisco IOS Release 12.2, 12.2 S, 12.2 T, 12.3, or 12.3 T under the following circumstances:
–
–
–
Workaround: If this is an option, enter the match access-group access-group class-map configuration command in the class maps, that is, enter the access-group argument instead of the access-group-name argument.
•
Symptoms: A Cisco router or switch that is configured with distributed Network-Based Application Recognition (dNBAR) may reload unexpectedly because of a software-forced crash.
Conditions: This symptom is observed under rare circumstances when distributed Cisco Express Forwarding (dCEF) is disabled or reset. The symptom may also occur on routers with unsupported configurations; dNBAR is only supported on a Cisco 7500 series that is configured with a VIP2-50 or a later VIP and on a Catalyst 6000 series switch that is configured with a FlexWAN module.
Workaround: There is no workaround.
•
Symptoms: On an MPLS label edge router that supports hardware-assisted forwarding (that is, platforms such as the Cisco Catalyst 6500 series, the Cisco 7600 series, the Cisco Catalyst 8540, and the Cisco 12000 series) with multiple outgoing MPLS paths, there could be an inconsistency between the hardware and software MPLS forwarding table.
Conditions: This symptom is observed when you enter the shutdown interface command followed by the no shutdown interface configuration command on one of the outgoing MPLS enabled interfaces or you enter the no mpls ldp interface command followed by the mpls ldp interface configuration command on one of the outgoing MPLS enabled interfaces on an MPLS label edge router that supports hardware-assisted forwarding with multiple outgoing MPLS paths.
Workaround: Enter the clear ip route command for the affected prefix to take down all the paths and ensure that the paths are rebuilt.
•
Symptoms: Connectivity difficulties may occur when Virtual Private Network (VPN) routing/forwarding (VRF) packets follow the global routing table instead of the VRF table.
Conditions: This symptom is observed on a low-end Cisco router that runs Cisco IOS Release 12.2(7a) or another release when the global address space in the router overlaps with the VRF address that is configured on a VRF interface of a connected PE router. The VRF interface of this PE router may be unreachable but end-to-end connectivity may not be affected.
Workaround: There is no workaround.
•
Symptoms: V.22B modem connections may not work reliably over modem pass-through.
Conditions: This symptom is observed on V.22B modems when a pair of voice gateways have digital voice ports that are driven by different clock sources. High-speed modem connections (V.32, v32bis) are not affected by this condition.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may reload unexpectedly when you enter the crypto card shutdown slot global configuration command followed by the crypto card enable slot global configuration command while traffic is flowing.
Conditions: This symptom is observed on a Cisco 7200 series that is configured with a VPN Accelerator Module (VAM).
Workaround: Shut down the input interface before you enter the crypto card shutdown slot global configuration command followed by the crypto card enable slot global configuration command.
•
Symptoms: A Cisco router that functions as a voice gateway may reload unexpectedly after a series of calls that include call transfers and diverted calls have been processed.
Conditions: This symptom is observed on a Cisco 2621XM and Cisco 3640 when you use a third-party vendor protocol convertor to translate and provide a tunnel for Digital Private Network Signaling System (DPNSS) traffic over Q Signaling (QSIG). The symptom is not platform specific.
Workaround: There is no workaround.
•
Symptoms: Incorrect playout values may be set for Voice over ATM adaptation layer 2 (AAL2) and may overwrite the playout delay setting on a voice port.
Conditions: This symptom is observed on a Cisco 3600 series.
Workaround: There is no workaround.
•
Symptoms: The following objects are not supported in the ENTITY-MIB:
–
–
–
Conditions: This symptom is observed on a Cisco 7200 series.
Workaround: The values of the objects listed above can be displayed by entering the show c7200 privileged EXEC command or the show diag EXEC command.
•
Symptoms: A Cisco 3640 router that is configured with a Systems Network Architecture Switch (SNASwitch) reloads unexpectedly and displays the following message:
System was restarted by bus error
Conditions: This symptom is observed on a Cisco 3640 router that is running Cisco IOS Release 12.2(15).
Workaround: There is no workaround.
•
Symptoms: A Cisco 7200 series may reload unexpectedly when it is polled by the CiscoWorks Voice Manager (CVM).
Conditions: This symptom is observed on a Cisco 7200 series that runs Cisco IOS Release 12.2(13)T1 or Release 12.3, that is configured with a Network Processing Engine 400 (NPE-400), and that is configured for Voice over IP (VoIP).
Workaround: Disable Simple Network Management Protocol (SNMP) on the router by entering the no snmp server global configuration command.
•
Symptoms: A Foreign Exchange Station (FXS) port may lock up after having functioned fine for a long time.
Conditions: This symptom is observed on a Cisco 3640 that runs Cisco IOS Release 12.2(15)T or Release 12.3 and that is configured with a high-density analog voice network module (NM-HDA). This symptom typically occurs when fax lines are configured on the FXS port.
Workaround: Reboot the router.
•
Symptoms: Q Signaling (QSIG) ISDN BRI ports of a Cisco 2600 series that are connected to a third-party vendor PBX on the user side may become locked after 10 to 20 calls. ISDN layer 2 may change to the "TEI_ASSIGNED" state, and the output of the show controllers bri privileged EXEC command may display the "No reply from DSP" message.
Conditions: These symptoms are observed on a Cisco 2600 series that runs Cisco IOS Release 12.2(8)T5 or a later release, including Release 12.3.
Workaround: Reload the router.
•
Symptoms: Distributed Cisco Express Forwarding (DCEF) may become disabled on a Versatile Interface Processor (VIP) or Cisco 12000 series line card (LC), and the following error message may appear on the console:
%FIB-3-FIBDISABLE: Fatal error, slot 12: Window did not open, LC to RP IPC is non-operationalConditions: This symptom is observed on a Cisco 7500 series VIP2-50 and VIP4- 80 in which ATM OC-3 port adapters such as the PA-A1-OC3 or PA-A3-OC3 are installed when the Cisco 7500 series is upgraded to Cisco IOS Release 12.0(24) S or Release 12.0(24)S1. This symptom is also observed on a Cisco 12000 series LC during significant, prolonged routing table churn.
Workaround: Reload CEF on the VIP or LC by entering the clear cef linecard slot-number EXEC command.
Alternate Workaround: Restart the VIP by performing an online insertion and removal (OIR). Restart the LC by executing the hw-module slot slot # reload command.
•
Symptoms: A Cisco platform that is configured for CME/SRST may reload unexpectedly because of a SIGTRAP exception.
Conditions: This symptom is observed on a Cisco 1760, Cisco 2600 series, and Cisco 3725, but is platform independent. The symptom may occur on any platform that is configured for CME/SRST. The symptom may occur in Release 12.3 T and earlier releases.
Workaround: There is no workaround.
•
Symptoms: When an incoming digital call is not a V.110, V.120 or HDLC call, the "np_dsplib_prepare_digital_modem()" function may fail to set up a NextPort modem for CSM in digital modem mode (the function should return "FALSE" instead of "TRUE").
Conditions: This symptom is observed on a Cisco AS5400 series universal gateway.
Workaround: There is no workaround.
•
Symptoms: A Cisco 3745 that runs Cisco IOS Release 12.2(15)T2 or Release 12.3 may deplete the interrupt level stacks and report the following error messages in the syslog:
%SYS-6-STACKLOW: Stack for level Network interfaces running low, 0/9000 %SYS-6-STACKLOW: Stack for level DMA/Timer Interrupt running low, 0/9000 %SYS-6-STACKLOW: Stack for level PA Management Int Handler running low, 0/9000 %SYS-6-STACKLOW: Stack for level Console Uart running low, 0/9000Interrupt level stacks:
Level Called Unused/Size Name
1 22321736 0/9000 Network interfaces
2 830757 0/9000 DMA/Timer Interrupt
3 453468 0/9000 PA Management Int Handler
4 5100 0/9000 Console Uart
5 0 7656/9000 External Interrupt
7 113396404 8600/9000 NMI Interrupt HandlerConditions: This symptom is observed when the BSTUN configuration is being updated.
Workaround: There is no workaround.
•
Symptoms: When you manually set the value of the ring-limit argument in the tx-ring-limit ring-limit interface configuration command, the value is lost when you reload the router, even though the value is properly saved in the running configuration and in the startup configuration.
Conditions: This symptom is observed only when you manually set the value of the ring-limit argument for an 8-port multichannel T1/E1 PRI port adapter (PA-MC-8TE1+) and you reload the router.
Workaround: There is no workaround.
•
Symptoms: When G.168 echo cancellation is enabled, a high echo level may occur during a call.
Conditions: This symptom is observed on a Cisco router that functions as an echo cancel point and that is configured with one of the following voice interface cards (VICs) when the non-linear processor (NLP) is disabled:
–
–
–
Workaround: Enable the NLP.
•
Symptoms: A Cisco AS5300 may reload unexpectedly. The output of the show version command may show an error message similar to the following:
System restarted by software forced crash at 0x6037EE44Conditions: This symptom is observed on a Cisco AS5300 that runs Cisco IOS Release 12.2(19). The symptom could also occur in Release 12.3.
Workaround: There is no workaround.
•
Symptoms: On an ASBR-PE, the TFIB may be missing a forwarding entry for a prefix that is learnt from a PE.
Conditions: This symptom is observed on an "ABSR-co-located PE" (that is, an ASBR that also functions as a PE router) when the PE functionality is removed by deconfiguring VRF, for example, by entering the no ip vrf vrf-name command.
Since this is a timing issue, it may occur in Cisco IOS Release 12.0 S, 12.2 S, 12.2 T, and 12.3.
Workaround: There is no workaround.
•
Symptoms: A router may reload due to a software-forced crash after experiencing alignments errors.
Conditions: This symptom is observed on a Cisco 3660 router running Cisco IOS Release 12.2(8)T0b when you enter the default ip unnumbered fastethernet0/0 command. The symptom may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: A Cisco router crashes when the crypto key zeroize rsa command is issued.
Conditions: This symptom is observed when the ip http secure-server is enabled.
Workaround: There is no workaround.
•
Symptoms: A Cisco 7200 series that is on a dial interface may unexpectedly reload.
Conditions: This symptom is observed on a Cisco 7200 series that is running Cisco IOS Release 12.2(13)T3, Release 12.2(13)T5, Release 12.2(15)T5, Release 12.3(1a), or Release 12.3(2)T and that has IP header compression configured.
Workaround: Remove TCP and Real-Time Protocol (RTP) header compression from all dial interfaces by entering the no ip tcp header-compression and no ip rtp header-compression interface configuration commands.
•
Symptoms: A Cisco Catalyst 4000 Access Gateway Module (AGM) may reload unexpectedly when you establish a crypto tunnel.
Conditions: This symptom is observed on a Cisco Catalyst 4000 AGM that runs Cisco IOS Release 12.2 T, Release 12.3, or Release 12.3 T.
Workaround: There is no workaround.
•
Symptoms: A Network Processing Engine G1 (NPE-G1) may restart unexpectedly and report the following message:
Last reset from watchdog resetConditions: This symptom is observed on a Cisco 7200VXR series that is configured with an NPE-G1 Network Processing Engine
Workaround: There is no workaround.
•
Symptoms: A Cisco 7206VXR that is configured for Network Address Translation (NAT) to process Reliability, Availability, and Serviceability (RAS) traffic may reload unexpectedly because of a software condition.
Conditions: This symptom is observed on a Cisco 7206VXR that runs Cisco IOS Release 12.2(15)T5 or Release 12.3.
The symptom does not occur when the configuration does not include NAT for H.323 RAS traffic. Therefore, ensure that the ip nat service ras global configuration command is not part of your configuration.
Workaround: Enter the no ip nat service ras global configuration command.
•
Symptoms: A 1-port E3 serial port adapter (PA-E3) may fail to recover to the "up/up" state even when the original cause of the failure is corrected.
Conditions: This symptom is observed on a Cisco 7500 series.
Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the interface of the PA-E3.
•
Symptoms: A Cisco 7206 VXR that is running Cisco IOS Release 12.2(12b) doing OSPF to RIP redistribution may be sending wrong metric in RIP domain. In this case, a route-map used for the OSPF to RIP redistribution sets the metric value to 5, but the RIP updates for some routes are sent with a wrong metric of 1.
Conditions: This symptom is observed on a Cisco 7206 VXR that is running Cisco IOS Release 12.2(12b).
Workaround: There is no workaround.
•
Symptoms: When the CPU utilization of a Cisco router on which an IP Security (IPSec) tunnel is configured exceeds 50 percent, the Internet Security Association and Key Management Protocol (ISAKMP) IPSec rekey may fail, and traffic may be blocked for many minutes until the router or the device on the other side attempts another rekey.
Conditions: These symptoms are observed when traffic is encrypted. The larger the amount of traffic encrypted, the higher the chance that the symptoms occur. For example, on a Cisco 7200 series that is configured with a VPN Acceleration Module 2 (VAM2), the symptoms may occur when more than 60 megabits of traffic are encrypted per second.
Workaround: There is no workaround.
Further Problem Description: This DDTS affects all platforms, but it affects operations only if there is very frequent rekeying. If the IPSec lifetimes are such that a particular SA lasts at least 5 minutes (the default is one hour), the symptom does not occur.
•
Symptoms: There may be no memory for the expanded TFIB PSA. The label allocation may fail with error messages that are shown below and may be followed by a memory traceback.
%TAGCON-3-LCLTAG_ALLOC: Cannot allocate local tag
%TFIB-2-MEMORY: No memory for expanded TFIB PSA
-Traceback=Conditions: This symptom is only observed on an MPLS-capable Cisco platform and only when the label space has been exhausted to the maximum level supported by the platform or is about to be exhausted (only a few hundred labels are available) and when the TFIB table is expanded further.
Workaround: Enter the mpls label range 16 101900 command at the conf-t level to avoid the error messages.
•
Symptoms: A memory leak occurs when a subdirectory is created or extended.
Conditions: This symptom is observed in Cisco IOS Release 12.3 T (but may also occur in other releases) when any of the following actions are performed:
–
–
–
Workaround: If this is an option, do not use any subdirectory. Note that the symptom does not occur when you format a disk.
•
Symptoms: The amount of free memory on a router may decrease by very small amounts as the memory that is held by the Virtual Switch Interface (VSI) master process increases. The decrease in the amount of free memory can be verified by examining the output of the show processes privileged EXEC command. As a consequence of not freeing this memory, a Label Switch Controller (LSC) may reload unexpectedly under the conditions listed below.
Conditions: This symptom is observed when VSI is disabled on an LSC that is running Cisco IOS. VSI is disabled by entering the no label-control-protocol vsi interface configuration command on ATM or switch interfaces. Repeatedly disabling and enabling VSI reduces the free memory on the LSC. When a VSI NAK error 11 or 12 is received in less then five minutes before you disable and reenable VSI, the LSC reloads unexpectedly when you do disable and reenable VSI.
Workaround: To prevent the memory leak, avoid disabling and reenabling VSI. If you must toggle VSI, avoid an unexpected reload of the LSC by first enabling the debug vsi errors command and ensure that no VSI NAK error 11 or 12 is received five minutes before entering this command. Such a NAK error would look similar to the following:
VSI Master: got NAK reason 12 (sec VPI/VCI in use) in CONN CMT RSP rcvd on
Switch1:0/65513
VSI_M xconn conn Cmt NAK code = 12: would Initiate re-sync on slave_id = 9
VSI_M - resync timer started sl=9After such an error is received, wait at least five minutes before you toggle VSI.
•
Symptoms: Analog recEive and transMit (E&M) ports may become stuck intermittently. When the symptom occurs, the following error message is displayed:
%C542-1-NO_RING_DESCRIPTORS: No more ring descriptors on recEive And transMit 3/0/1. Msg id=48, Len=38In addition, the output of the show voice call summary EXEC command indicates that the voice-port state is "EM_PARK_IDLE."
Conditions: This symptom is observed on a Cisco gateway that runs Cisco IOS Release 12.2(15)T5 and that has an analog E&M port to connect to a PBX. Note that the symptom does not occur in Release 12.2(15)T1. The symptom may occur in Release 12.3.
Workaround: Reload the Cisco gateway.
•
Symptoms: Traffic is not forwarded by a line card in a multiple virtual circuit (VC) setup.
Conditions: This symptom may be observed when one of the following actions occur through the command-line interface (CLI):
–
–
–
–
–
Workaround: Enter the clear ip route * EXEC command.
•
Symptoms: A small memory leak is experienced on a Cisco router.
Conditions: The problem appears only in the corner case when ftp operation aborts in the middle and results in a few bytes of memory leak. The memory leak does not happen otherwise. This does not impact any other router operation.
Workaround: There is no workaround.
•
Symptoms: The maximum MTU with a DF set across an L2TP MPLS VPN is 1460 while the physical layer MTU is 1500; any ping larger than 1460 may fail.
Condition: This symptom is observed on a LES platform such as a Cisco 3600 series or a Cisco 4500 series when the router performs MPLS operations and functions as an L2TP Network Server (LNS). The incoming MPLS packet is dropped while the router attempts to inject the packet into the L2TP tunnel.
Workaround: Traffic of packets between 1460 and 1500 bytes can be made possible by fragmenting the tagged packets before the transmission.
Enter the mpls mtu 1450 command on the router in the MPLS cloud before the MPLS packet reaches the router that injects the packet into the L2TP tunnel.
•
Symptoms: A Cisco AS5350 may not recognize that a Telco switch is in the "blocking" state and attempts to receive calls from time slots that are busied out by the Telco switch, causing a low call success rate.
Conditions: This symptom is observed on a Cisco AS5350 that runs Cisco IOS Release 12.3(1a) or Release 12.3(3) when E1 R2 signaling is configured.
The Cisco AS5350 does detect the "blocking" state, but it does so in cycles of six minutes. That means that three hours (180 minutes) would be required to automatically busy out a single E1 port.
Workaround: Configure multiple DS0 groups and map them to multiple plain old telephone service (POTS) dial peers that are all configured with the same preference. Doing so enables the Cisco AS5350 to go from one dial peer to another until it finds one that is available.
•
Symptoms: A router may crash with an address error when you configure or unconfigure a channel group on a VWIC-T1 or on another T1 or E1 VWIC that is installed in an NM-2W or in a variant of an NM-2W.
Conditions: This symptom is observed very rarely.
Workaround: There is not workaround.
•
Symptoms: Packets are route-cache switched instead of being distributed switched.
Conditions: This symptom is observed on a Cisco 6500 series and Cisco 7600 series that run Cisco IOS Release 12.2 S after the router has been reloaded. The symptom may also occur in other releases.
Workaround: Enter the shutdown command followed by the no shutdown command on the affected interface.
•
Symptoms: When you reload a Multiprotocol Label Switching (MPLS) provider edge (PE) router that has 20 PA-MC-2T3+ controllers and 780 channelized interfaces, the first PA-MC-2T3+ controller may have many channelized interfaces in the down/down state.
Conditions: This symptom is observed on an MPLS PE router that has the channelized interfaces that are in the down/down state directly connected to a customer edge (CE) router. If the connection is a T1 interface, then the interfaces on the CE router are in an up/down state. If the connection is sub- T1 (fractional T1), then the interfaces on the CE router are in an up/up state.
Workaround: Reload only the CE router and all the interfaces will go to the up/up state on both the CE router and the PE router.
•
Symptoms: When an ATA disk is formatted on a router that shares ATA-Monlib within its CPU family, any disk-related CLIs may log the following information:
PCMCIAFS-5-DIBERR: PCMCIA disk 0 is formatted from a different router or PC. A format in this router is required before an image can be booted from this device
Conditions: This symptom is observed on a Cisco router that shares ATA-Monlib within its CPU family such as a Cisco 6400 series NSP and a Cisco 10000 series.
Workaround: There is no workaround.
•
Cisco routers and switches running Cisco IOS or Cisco IOS XR software may be vulnerable to a remotely exploitable crafted IP option Denial of Service (DoS) attack. Exploitation of the vulnerability may potentially allow for arbitrary code execution. The vulnerability may be exploited after processing an Internet Control Message Protocol (ICMP) packet, Protocol Independent Multicast version 2 (PIMv2) packet, Pragmatic General Multicast (PGM) packet, or URL Rendezvous Directory (URD) packet containing a specific crafted IP option in the packet's IP header. No other IP protocols are affected by this issue.
Cisco has made free software available to address this vulnerability for affected customers.
There are workarounds available to mitigate the effects of the vulnerability.
This vulnerability was discovered during internal testing. This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20070124-crafted-ip-option.shtml
•
Symptoms: When you enter the show crypto ipsec sa command and an IPSec SA is deleted before the command completes, the router may reload unexpectedly.
Conditions: This symptom is observed on a Cisco 7200 series that runs Cisco IOS Release 12.3(1).
Workaround: There is no workaround.
•
Symptoms: Packet drops may not be seen in the output of the show queueing interface interface command because of an error in the WRED VIP code.
Conditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.3(6) or Release 12.3 T and that is configured for quality of service (QoS). The problem occurs after unconfiguring and reconfiguring WRED.
Workaround: There is no workaround. The information in the show interface interface command is correct.
•
Symptoms: A provider edge (PE) router may not be able to ping other PE routers or a label switch controller (LSC), nor may other platforms be able to ping the PE router.
Conditions: This symptom is observed on a Cisco MGX platform that is configured with a primary Route Processor Module PRemium (RPM-PR) that functions as a PE router and a secondary RPM.
Workaround: Reset the primary RPM to initiate a switchover to the secondary RPM. The symptom does not occur on the secondary RPM.
•
Symptoms: When configuring QoS on a Cisco 7200 series, the router may reload with a bus error. Specifically, the bus error occurs after having entered the no class name command on subinterfaces.
Conditions: This symptom is observed on a Cisco 7200 series that runs the c7200-jk9s-mz image of Cisco IOS Release 12.2(17a). The symptom may also occur in other releases. This behavior is associated to the use of "payload-compression".
Workaround: There is no workaround.
•
Symptoms: The caller ID may not be displayed.
Conditions: This symptom is observed when MGCP is configured on a Cisco IAD2420 series with FXS ports that have the cptone dk command enabled.
Workaround: There is no workaround.
•
Symptoms: A Versatile Interface Processor (VIP) may reload when the clear cef line command is entered or when a new VRF is provisioned on an interface via the CLI.
Conditions: This symptom is observed on a VIP when Multiprotocol Label Switching (MPLS), Egress NetFlow, and distributed Cisco Express Forwarding (dCEF) are configured.
Workaround: Disable dCEF or Egress NetFlow before making configuration changes or before entering the clear cef line command.
•
Symptoms: Periodically, MGCP connections may get stuck in the "CALL_DISCONNECTING" state (S=6).
Conditions: This symptom is observed on an E1 controller of a Cisco AS5xx0.
Workaround. Reset the E1 controller by entering the shutdown command followed by the no shutdown command.
•
Symptoms: A Cisco 7500 series with an RSP may crash when a low memory condition occurs while the router runs RIP.
Conditions: This symptom is observed on a Cisco 7500 series that runs the rsp-jsv-mz image of Cisco IOS Release 12.3(4)T but may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: A router configured for EzVPN (with NEM and auto connection mode) will fail QM negotiation when it is trying to reestablish an IPSec tunnel after a temporary communication problem with a concentrator.
The following error message is displayed:
IPSEC(validate_transform_proposal): invalid local address xxx.yyy.zzz.126Conditions: This problem is observed on a Cisco 800 series and a Cisco 1700 series that run Cisco IOS Release 12.3(2)XA. The symptom may also occur in other releases.
Workaround: Manual intervention is required to restart the tunnel. Enter the clear crypto ipsec client ezvpn command.
•
Symptoms: When a subscriber calls a 911 operator via a Cisco AS5850 trunking gateway T1 CAS FGD trunk running a 12.3(2)T1 image, the operator gets ANI and DNIS and goes off-hook, but the subscriber keeps hearing ringing tone and the call never gets connected to the operator. This problem may not happen with all the 911 calls.
Conditions: Configure CAS FGD trunk on the 5850 to a 911 operator. Make sure the channels are in-service. Place a 911 call. This triggers the above symptom. The symptom may also occur in Release 12.3.
Workaround: There is no workaround.
•
Symptoms: A router may crash upon exiting a Telnet session after changing the configuration on the router.
Conditions: This symptom is observed when the cns config notify diff command is configured on the router and when a Telnet connection is established to the router via another port than the console port.
Workaround: Do not configure the router via a Telnet connection.
•
Symptoms: The output queue of a Gigabit Ethernet port may become stuck, preventing traffic from leaving the interface.
Conditions: This symptom is observed on the Gigabit Ethernet port 0/1 (gig0/1) of a Network Processing Engine NPE-G1 (NPE-G1) that is installed in a Cisco 7200 series.
Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the affected interface.
Alternate Workaround: Reload the router.
•
Symptoms: A Cisco 7200 VXR router that terminates a large number of IPSec tunnels may restart unexpectedly.
Conditions: This symptom is observed when IKE MIB variables are being polled on the router.
Workaround: Avoid polling of IKE MIB variables.
•
Symptoms: When an IP phone user parks or transfers a call from the public switched telephone network (PSTN), the calling party hears music on hold (MOH). However, when the IP phone user resumes the call, the calling party continues to hear MOH while speaking. (The IP phone user does not hear MOH.)
Conditions: The symptom is observed on a Cisco platform that runs Cisco Release 12.2(13)T5 or Release 12.3, that functions as a Media Gateway Control Protocol (MGCP) gateway, and that is connected to a Cisco CallManager that runs software version 3.3(3).
Workaround: There is no workaround.
•
Symptoms: A Cisco router may reload unexpectedly.
Conditions: This symptom is observed when bringing up the multilink interfaces of the router.
Workaround: There is no workaround.
•
Symptoms: A ping from an interface of a Cisco 7500 series that functions as a PE router to a CE router may fail.
Conditions: This symptom is observed on a Cisco 7500 series that runs iMPLS and that has CEF switching enabled. The problem may affect all serial interfaces which allow configuration of PPP, Frame Relay, and HDLC and occurs only when the layer encapsulation of the subinterface is changed.
Workaround: Manually delete subinterfaces before changing the encapsulation
•
Symptoms: Pings fail across PPPoE.
Conditions: This symptom occurs when a Cisco 7500 series router has distributed switching enabled.
Workaround: Disable dCEF on the Cisco 7500 core router or enable a feature that causes the packets to be punted to the RP. Note that CEF works fine.
•
Symptoms: FXO ports on a Cisco IAD2420 may cease to process inbound and outbound calls because a voice port is stuck in the "FXOGS_PARK" state.
Conditions: This symptom is observed on a Cisco IAD2420 voice gateway with FXO ports that runs Cisco IOS Release 12.2(15)T8, 12.3, or 12.3 T. The FXO ports are connected to the PSTN.
Workaround: Enter the shutdown command followed by the no shutdown command on the affected voice port.
•
Symptoms: The show running-config command may not show anything because of a memory leakage in the CCH323_CT process on a Cisco gateway. The output of the show processes memory command may show that the CCH323_CT process holds a lot of memory and does not release it. The output of the show memory summary may show that the free memory continuously decreases as the gateway continues to handle VoIP calls. After the gateway has run out of free memory, the gateway may either hang or crash.
Conditions: This symptom is observed on a Cisco AS5350 that runs Cisco IOS Release 12.2(15)T5 in a SS7 solution environment and that functions as both an originating and a terminating gateway. The symptom may also occur in other releases.
Temporary Workaround: Reload or power-cycle the router.
•
Symptoms: ISDN overlap receiving may not function on a Cisco 2600 series.
Conditions: This symptom is observed on a Cisco 2600 series that runs Cisco IOS Release 12.3(6) when a custom Tool Command Language (Tcl) script is used.
Workaround: There is no workaround.
•
Symptoms: A router may reload unexpectedly because of a bus error when Session Initiation Protocol (SIP) calls are cancelled.
Conditions: This symptom is observed on a Cisco router while Real-Time Transport Protocol (RTP) statistics for the cancelled SIP calls are being updated.
Workaround: There is no workaround.
•
Symptoms: IPv4 routes that are advertised via IPv6 Border Gateway Protocol (BGP) peers may not be injected into the routing table.
Conditions: This symptom is observed when you implement multiprotocol BGP for IPv6.
Workaround: Configure IPv4 peers to enable the IPv4 routes to function.
•
Symptoms: A voice call may fail when it is rotated on another outgoing dial peer that has a lower preference than the originating outgoing dial peer.
Condition: This symptom is observed when the isdn overlap-receiving command is enabled and when one of two dial peers has a lower preference than the other dial peer and has a destination-pattern with either a "T" or with a higher number of digits than the other dial peer that has the higher preference.
Workaround: Configure the same destination-pattern on both dial-peers.
•
Symptoms: Voice hunt may fail.
Conditions: This symptom is observed on an originating gateway (OGW) when the isdn overlap-receiving command is enabled, when the OGW has at least two dial peers that only partially match the called number, and when the terminating gateway (TGW) has dial peers that match the complete called number. For example, the symptom occurs when the OGW has two dial peers that match "destination-pattern 123" while the TGW has dial peers that match "destination-pattern 123456."
Workaround: Do not enable the isdn overlap-receiving command when voice hunt is enabled.
•
Symptoms: A Cisco router may unexpectedly reload if IPv6 encounters a routing loop, and IPv6 CEF is enabled.
Conditions: This symptom occurs under the following conditions:
–
–
–
Router# show ipv6 route
IPv6 Routing Table - 9 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
B ::/0 [200/0]
via 2::2
C 1::/64 [0/0]
via ::, Ethernet0/0
L 1::2/128 [0/0]
via ::, Ethernet0/0
C 2::/64 [0/0]
via ::, Ethernet1/0
L 2::1/128 [0/0]
via ::, Ethernet1/0
B 2001::/16 [200/0]
via 2002::1
B 2002::/16 [200/0]
via 2001::1
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0Note that 2001::/16 and 2002::/16 results in a recursion loop because 2001::/16 is accessible via 2002::/16 and 2002::/16 is accessible via 2001::/16.
Workaround: Disable IPv6 CEF using the global configuration command no ipv6 cef.
•
Symptoms: A router may truncate frames that are larger than 560 bytes.
Conditions: This symptom is observed on a Cisco 1700 series and Cisco 2600 series that have the Airline Product Set (ALPS) configured on a 2-port serial WAN interface card (WIC-2T).
Workaround for both the Cisco 1700 series and Cisco 2600 series: Change the value of the delay argument in the alps t1 delay interface configuration command to a value that allows the frame to go through.
Workaround for the Cisco 2600 series only: Do not use a WIC-2T. Rather, use a 4-port asynchronous/synchronous network module (NM-4A/S).
•
Symptoms: A Node Route Processor (NRP) may reload unexpectedly and generate the following error message:
%UTIL-3-TREE: Data structure error--received a NULL handleConditions: This symptom is observed on a Cisco 6400 series that runs Cisco IOS Release 12.3 and that has an ATM interface that is configured as an Interim Local Management Interface (ILMI) when a virtual circuit (VC) class is configured on this ATM interface.
Workaround: There is no workaround.
•
Symptoms:
–
–
Conditions: These symptoms are observed in a Cisco IOS image that contains the fix for CSCea63829.
Workaround: There is no workaround.
•
Symptoms: The following information tags may be missing: leg_rgn_num, leg_rgn_npi, leg_rgn_pi, leg_rgn_si, and leg_rgn_noa. This situation causes a Tool Command Language (Tcl) script that uses these information tags to fail.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3.
Workaround: To make the missing information tags available for the Tcl script, modify the Tcl script to use the generic transparency descriptor (GTD) object.
•
Symptoms: A Cisco ICS7700 may not recognize that a Telco switch is in the "blocking" state and attempts to place calls on time slots that are busied out by the Telco switch, causing a low call success rate.
Conditions: This symptom is observed on a Cisco ICS7700 that runs Cisco IOS Release 12.3(2)XE when E1 R2 signaling is configured.
Workaround: One possible workaround would be to configure multiple DS0 groups and map them to multiple plain old telephone service (POTS) dial peers that are all configured with the same preference. Doing so enables the ICS to go from one dial peer to another until it finds one that is available. However, this does not scale.
•
Symptoms: The IP multicast throughput in Cisco IOS Release 12.3(6)T is not as good as in Release 12.3(4)T.
Conditions: This symptom is observed when more than 130 kpps of traffic is sent. The symptom may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: A Cisco platform may reload unexpectedly because of a bus error.
Conditions: This symptom is observed when the platform is configured to run IP Interactive Voice Response (IVR) and when a VXML script walks the IVR menu.
Workaround: There is no workaround.
•
Symptoms: An Engine 3 QOC12 LC configured with multicast VPNs may drop or punt traffic to the RP. This may happen when the mdt data group-address-range wildcard-bits threshold threshold-value command is configured in VRF configuration mode.
Conditions: This symptom is observed on a Cisco 12000 series.
Workaround: Remove the mdt data group-address-range wildcard-bits threshold threshold-value command from the VRF configuration.
•
Symptoms: A Route Processor Module-PRemium 512 (RPM-PR-512) may reload unexpectedly. The crashinfo file may show segmentation and reassembly (SAR) autorecovery messages and indicate that the SAR ATM processing unit (APU) has stalled.
Conditions: This symptom is observed on a Cisco MGX8850 when SAR autorecovery is enabled. When SAR autorecovery is disabled and the SAR APU stalls, the RPM-PR-512 does not reload abnormally but is reset by the Processor Switch Module 45 (PXM-45).
Workaround: There is no workaround.
•
Symptoms: When you make call, the dialed digits are displayed on the telephone but the call may not go through and may pause indefinitely.
Conditions: This symptom is observed for a call that is made via a Cisco router that functions as a Media Gateway Control Protocol (MGCP) when the backup Cisco CallManager attempts to switch to the primary Cisco CallManager while the primary Cisco CallManager is in the process of coming up.
Workaround: Hang up the phone and dial the number again. When the primary Cisco CallManager is up, the call should go through.
•
Symptoms: A calling party from the public switched telephone network (PSTN) may not be able to hear multicast enabled Music on Hold (MOH).
Conditions: This symptom is observed on a Cisco 3660 that runs Cisco IOS Release 12.3(4)T, 12.3(4)T1, or 12.2(6)T, that functions as a gateway, and that connect to a Cisco CallManager. The symptom may also occur in Release 12.3. The symptom may not be platform specific.
Workaround: There is no workaround. Note that the symptom does not occur in Release 12.3(2)T3.
•
Symptoms: A Cisco 7200 series NPE-G1 built-in GE (SBeth) MAC filter may accept NULL DAs (00-00-00-00-00-00). This unintentional behavior may pose a denial of service security risk in customer environments when their networks are flooded with NULL DAs.
Conditions: This symptom is observed when NULL DAs are presented to an NPE-G1 GE interface. This situation may be either a third-party vendor product flaw or a third-party vendor documentation error. (The third-party vendor documentation states that NULL DAs may be used for unused MAC Filter entries, implying that they are not accepted.)
Workaround: There is no workaround.
•
Symptoms: An ISDN voice gateway may immediately disconnect a call even though a DISCONNECT message with an PI of "8" is received from the ISDN network. Proper behavior would be for the ISDN voice gateway to postpone the release of the call and keep the voice media for a while.
Conditions: This symptom observed on a Cisco router that runs Cisco IOS 12.3(3), 12.3(5), or a later release and that functions as an ISDN voice gateway when calls are initiated and then released from the ISDN network side. The voice gateway is configured with PRI and BRI interfaces and runs SIP and H.323 as the VoIP protocols.
Workaround: There is no workaround.
•
Symptoms: Some E1 controllers on an STM-1 interface that are configured for MGCP call control may not be able to make calls because a Cisco PGW2200 that functions as the call agent may place the B channels for these E1 controllers in the "INTERFACE DISABLED" gateway state.
Conditions: This symptom is observed on a Cisco AS5850 when one or more adjacent E1 controllers on the STM-1 interface are configured for non-MGCP call control. The Cisco PGW2200 runs software version 9.3.2; the MGCP version is 0.1; SONET is configured for AU4 mapping; the controllers are configured as 3/0.1/1/1, 3/0.1/7/3, 3/0.2/1/1, 3/0.2/7/3, 3/0.3/1/1, and 3/0.3/7/3.
The following configuration is enabled on the Cisco AS5850:
backhaul-session-manager
set set1 client nft
group group1 set set1
session group group1 remote-ip remote-port local-ip local-portcontroller SONET 3/0
au-4 1 tug-3 1
tug-2 1 e1 1
tug-2 2 e1 1
tug-2 6 e1 3
tug-2 7 e1 3controller E1 3/0.1/1/1
pri-group timeslots 1-31 service mgcpcontroller E1 3/0.1/2/1
pri-group timeslots 1-31Workaround: Configure all E1 controllers on a TUG boundary for MGCP.
•
Symptoms: An H.323 proxy may fail when a conference call between a PSTN user and IP phones users is initiated by an IP phone in a Cisco CallManager environment.
Conditions: This symptom is observed on a Cisco router that functions as a gatekeeper, that has the H.323 proxy enabled, and that runs Cisco IOS Release 12.3(5) in the following topology:
An IP phone connects to a Cisco CallManager that connects to the Cisco gatekeeper that has the H.323 proxy enabled. The Cisco gatekeeper connects to yet another gatekeeper that connects to a gateway that, in turn, connects to the PSTN.
All calls to and from the Cisco CallManager IP phone via the Cisco gatekeeper are proxied. The Cisco CallManager runs software version 3.3(3)SR3. The display IE delivery option is disabled in the H.225 trunk configuration in the Cisco CallManager administration web page. The H.225 trunk is controlled by one of the gatekeepers.
The symptom occurs in the following sequence of events:
1.
2.
3.
4.
5.
6.
7.
Workaround: Enable the "Display IE delivery" option in the H.225 trunk configuration Cisco CallManager administration web page.
Alternate Workaround: Disable the H.323 proxy on the Cisco gatekeeper.
•
Symptoms: At 12 cps, the following message is displayed on a V4 gatekeeper:
ASSERT failed: line 9900 in file ../mm/gk/gk_rassrv_util.cConditions: This symptom is observed when an external server is using the GKTMP interface to communicate with the gatekeeper and when the gatekeeper is configured with "send-cisco-circuit-info."
Workaround: There is no workaround.
•
Symptoms: You may not be able to apply a service policy when the parent policy has a shape value that does not exceed the priority value of the child policy.
Conditions: This symptom is observed on a Cisco platform that runs Cisco IOS Release 12.3 when you attempt to configure a hierarchical policy map.
Workaround: There is no workaround. Note that the symptom does not occur in Release 12.2 T.
•
Symptoms: Huge packet drops are observed due to a shaping failure on an AIM ATM switch.
Conditions: This symptom is observed when multiple service category traffic passes through the switch and shaping is applied to the traffic.
Workaround: There is no workaround.
•
Symptoms: A Layer 2 Tunneling Protocol (L2TP) network server (LNS) may not remove a per-user access control list (ACL) from the configuration. This situation may cause the memory of the LNS to be depleted, and the output of the show processes memory EXEC command may indicate that the "AAA Per-User" process holds most of the allocated memory.
Conditions: This symptom is observed on a Cisco router that functions as an LNS in a Large-Scale Dial-Out (LSDO) configuration when a per-user ACL is present in the RADIUS profile of the user.
Temporary Workaround: To free up memory, manually remove the per-user ACL by entering the no ip access-list extended virtual-access number global configuration command. The number argument consists of the numbers (for example, 2003#671) that are assigned by the Cisco IOS software when the ACL is created.
•
Symptoms: A router may reload unexpectedly after it attempts to access a low memory address.
Conditions: This symptom is observed after ACLs have been updated dynamically or after the router has responded dynamically to an IDS signature.
Workaround: Disable IP Inspect and IDS.
•
Symptoms: A Cisco platform may not recognize any command that starts with "no."
Conditions: This symptom is platform independent.
Workaround: There is no workaround.
•
Symptoms: When an interface that is configured with an IP address goes down while another interface is configured with the same IP address, traffic destined to this IP address may not be received by the interface that remains up.
Conditions: This symptom is observed when CEF is enabled.
Workaround: Flap the interface that is up. Doing so enables the interface to receive traffic for the IP address.
•
Symptoms: A router does not send RST packets once the number of half-opened sessions exceeds the "max-incomplete" high threshold.
Conditions: This symptom is observed when the ip audit command is enabled and a SYN flood attack happens on port 80.
Workaround: Disable the ip audit command and enter the ip inspect command instead.
•
Symptoms: A router may reload unexpectedly after renaming a policy-map the second time.
Conditions: This defect may be observed if there are at least two policies configured.
Workaround: Avoid renaming the policy-map.
•
Symptoms: When Cisco IDS is enabled, HTTP browsing slows down considerably.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.2(15)T5 or 12.3.
Workaround: There is no workaround. Note that the symptom does not occur in Cisco IOS Release 12.2(13)T5.
•
Symptoms: When voice calls are made after the first voice call is terminated, a Cisco AS5300, Cisco AS5350, or Cisco AS5400 may reload unexpectedly because of a bus error.
Conditions: This symptom is observed on a Cisco AS5300, Cisco AS5350, and Cisco AS5400 that run the c5350-js-mz image of Cisco IOS Release 12.3 and that are configured for Voice over IP (VoIP).
Workaround: There is no workaround.
•
Symptoms: A router configured as an H.323 voice gateway may leak memory in the ISDN process.
Conditions: This symptom is observed when the gateway receives the name of the calling party from a PBX.
Workaround: Configure the PBX so that it does not forward the name of the calling party to the gateway.
•
Symptoms: The tag forwarding table for a line card on Cisco platforms that have distributed (i.e. linecard based) forwarding, such as the Cisco 7500 Series and the Cisco 12000 Series, may not have complete entries even though the Route Processor (RP) does. This results in ingress tagged traffic being dropped for the missing tag forwarding entries.
Conditions: This symptom is observed on Cisco platforms that have distributed (i.e. linecard based) forwarding in a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) environment with a provider edge (PE) router to customer edge (CE) router link.
The problem is more likely to happen if the PE to CE link experiences quick flaps of an interface (i.e. goes down and come back up in a very small amount of time (e.g. 2 sec)). Although this can happen on any linecard, this situation is more likely to happen on the Engine 3(E3) channelized OC48 line cards due to its quick flapping behavior.
Note: There are additional prerequisites for this bug to happen. These are:
–
–
–
Workaround: There is no workaround.
•
Symptom: A Cisco platform with a voice configuration reloads unexpectedly.
Conditions: This symptom can happen on a Cisco IOS VoIP gateway that functions under stress when H.323 is configured as the VoIP protocol.
The problem is tied to a low memory condition that can be caused by the total memory available or the lack of contiguous memory bytes available and tied to a lot of memory fragmentation. The problem is voice related. The unexpected reload occurs only if fax and/or modem pass-through or modem relay is configured and if fax or modem calls are made under low memory conditions.
The relevant CLI commands are:
voice service voip
fax protocol t38/cisco
modem passthrough nseWorkaround: There is no workaround. If voice is not configured, the unexpected reload does not occur.
•
Symptoms: CPU utilization may reach 98% because of the way messages are handled when the call agent attempts repeatedly to tear down a call that fails on the gateway. The call fails due to an enumeration problem on the STM-1 interface.
Conditions: This symptom is observed when you run MGCP voice traffic on an AS5850 utilizing an STM-1 (channelized E1) interface and occurs only when some controllers on the STM-1 interface are not configured for MGCP and when the call agent is a Cisco PGW 2200 Softswitch that runs software version 9.3.2.
Workaround: The symptom occurs only when some E1 controllers on the STM-1 interface are configured for PRI group and not for MGCP while other controllers are configured for MGCP. Deconfigure any non-MGCP E1 controllers or configure all E1 controllers for MGCP.
•
Symptoms: A Cisco gateway may fall back to Cisco PGW 2200 Softswitch that is in standby mode.
Conditions: This symptom is observed on a Cisco router that functions as a gateway and that is configured for BRI backhaul.
Workaround: There is no workaround.
•
Symptoms: There may be a low call success rate for IAD hairpin/POTS calls.
Conditions: This symptom is observed on a Cisco MC3810 that runs Cisco IOS Release 12.2(15)T or 12.3. The symptom does not occur on a Cisco 2600 series, Cisco 3600 series, or Cisco 7200 series.
Workaround: Allocate DSPs with the round-robin method by entering the voice dsp allocation round-robin command.
•
Cisco Internetwork Operating System (IOS) Software is vulnerable to a Denial of Service (DoS) attack from crafted IPv6 packets when the device has been configured to process IPv6 traffic. This vulnerability requires multiple crafted packets to be sent to the device which may result in a reload upon successful exploitation.
More details can be found in the security advisory, which is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050126-ipv6.shtml.
•
Symptoms: If an incoming call does not include the called-party number IE, a translation rule is not applied, an outbound dial peer is not matched, and the call is terminated.
Conditions: This symptom is observed when a call is placed over PRI into a Cisco AS5400 access server that runs Cisco IOS Release 12.3(6) and that is configured with overlap-receiving and a translation rule. The symptom occurs when any destination pattern other than ".T" is configured on the dial peers of the Cisco AS5400.
Workaround: Configure the ".T" destination pattern on the outbound dial peers.
•
Symptoms: Static routes that are not configured for reverse routing may remain in the routing tables until a reboot of the system. This situation occurs because of a problem with the tracking of route creation and deletion during an IPSec rekey.
Conditions: This symptom is observed on a Cisco platform that runs Cisco IOS Release 12.3(6).
Workaround: Do not use reverse routing or use long lifetimes for IPSec to prevent routes form being manipulated during an IPSec rekey.
•
Symptoms: An alignment error may cause a Cisco router to reload unexpectedly.
Conditions: This symptom is observed under rare conditions (an "extreme corner case") on a MIPS-based Cisco platform or on a Versatile Interface Processor (VIP), port adapter, or line card that contains a MIPS processor. The symptom is not release-dependent and may occur in all Cisco IOS releases.
Workaround: There is no workaround.
Further Problem Description: All 7500 VIP's and 7200 NPEs use MIPS based processors. Additional platforms that use MIPS processors are:
2691,3620,3631,3640,3660,3725,3745,4500,4500-M,4700,4700-M,AS5300,AS5400,AS5450, AS5800 Router Shelf,AS5800 System Controller (3640 based),7120,7140,UBR7100, UBR7200 - All NPE's,7301,7304,7400,6500 MSFC,6500 MSFC2,7600 MSFC,7600 MSFC2, 10000,UBR10012,12000 GRP, most (if not all) 12000 Line Cards
•
Symptoms: Because of memory corruption, a software-forced reload may occur on a router.
Conditions: This symptom is observed on a Cisco router that runs an IP interactive voice response (IVR) script.
Workaround: There is no workaround.
•
Symptoms: Input cell drops may occur on an ingress frame PVC that is configured on a switch interface. This situation may cause LDP/TDP/OSPF flaps.
Conditions: This symptom is observed when a lot of core traffic enters an ingress PVC that has a larger bandwidth then the egress PVC to which the traffic is routed.
Workaround: There is no workaround.
•
Symptoms: A gateway may crash and/or reboot with an "unexpected exception" message.
Conditions: This symptom is observed when a reset request is triggered from a Cisco CallManager after changing an interface setting such as changing an FXO endpoint's Attendant DN setting. The download of a gateway XML configuration file must also be enabled using the ccm-manager config global configuration command on the gateway. The crash occurs during or immediately after the XML download.
Workaround: There is no workaround.
•
Symptoms: There may be no dial tone from a VIC2-2FXS.
Conditions: This symptom is observed on a Cisco router when two VIC2-2FXS are installed in one PVDM-256K-4 DSP.
Workaround: Use two legacy VIC-2FXS.
Alternate Workaround: Use two VIC2-2FXS with two PVDM-256K-8 DSPs.
•
Symptoms: A Versatile Interface Processor (VIP) with an ATM port adaptor may reload unexpectedly.
Conditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.3(5) when the ATM interface is configured for Multilink PPP, Link Fragmentation and Interleave (LFI), and distributed Cisco Express Forwarding (dCEF).
Workaround: Disable LFI by entering the no ppp interleave command.
•
Symptoms: A label switch controller (LSC) may reload unexpectedly after unconfiguring VSI using either the no tag-control-protocol vsi command or the no label-control-protocol vsi command.
Conditions: This symptom is observed when either of the above-mentioned commands is executed within five minutes of receiving a VSI NAK with reason code 11 or 12.
Workaround: When you must enter either of the above-mentioned commands, first enter the debug vsi errors command and ensure there are no VSI NAK errors with cause 11 or 12 within a five minute window before entering the no tag-control-protocol vsi or no label-control-protocol vsi command. Such a VSI NAK error would look similar to the following:
VSI Master: got NAK reason 12 (sec VPI/VCI in use) in CONN CMT RSP rcvd on
Switch1:0/65513
VSI_M xconn conn Cmt NAK code = 12: would Initiate re-sync on slave_id = 9
VSI_M - resync timer started sl=9After these error messages, wait five minutes before entering the command.
•
Symptoms: A Cisco voice gateway may use an incorrect codec payload value (that is different from the configured value) during media transmission after the call is transferred to a new endpoint.
Conditions: This symptom is observed on a Cisco voice gateway that runs Cisco IOS Release 12.2(15)T9 or Release 12.3 and that is configured to use H.323 as the VoIP protocol. The symptom occurs when the remote endpoint sends an H.245 EmptyCapabilitySet (ECS) message to initiate the call transfer (H.323 Version 4, Section 8.4.6) after the initial call establishment and then sends an H.245 OpenLogicalChannel (OLC) message before sending a new H.245 TerminalCapabilitySet (TCS) message.
Workaround: There is no workaround.
•
Symptoms: A Cisco router that functions as a PE router may crash.
Conditions: This symptom is observed when traffic is switched through a multilink interface on which a QoS service policy is configured that includes a set command and when the multilink interface flaps (goes down and comes back up). The symptom occurs at random and depends on the traffic pattern. This applies only to non-distributed CEF platforms.
Workaround: There is no workaround.
•
Symptoms: A Cisco 831 sporadically experiences high-latency and packet-loss for packets traversing the 4-port shared Ethernet 0 interface.
Conditions: This would most likely occur during a reload with the scheduler interval xxx command in the start-up configuration.
Workaround: When this issue occurs, do a shut and no shut on the "interface e0" to get the interface to normal working condition.
•
Symptoms: A Cisco router that runs DNS may reload unexpectedly because of a bus error.
Conditions: This symptom is observed when the DNS process runs during a low memory condition.
Workaround: If this is an option, disable DNS. Otherwise, there is no workaround.
•
Symptoms: A file that is copied to an ATA disk may become corrupted.
Conditions: This symptom is observed on any Cisco IOS image that contains the fix for CSCdz27200. The problem does not occur on a disk that is formatted with 16 or less sectors/cluster.
Workaround: Use an ATA disk that is formatted with 16 or less sectors/cluster. The show disk all command indicates how many sectors are configured per cluster.
•
Symptoms: An incorrect instruction may be executed on a Cisco AS5350 or Cisco AS5400 when low address ranges in the memory are accessed with the show memory command. When some of the CP0 registers are updated, the instruction cache is flushed while the instruction in the pipeline may be loading the instruction cache. This situation may cause an incorrect instruction to be executed.
Conditions: These symptoms are observed only when low address ranges in the memory that should not be viewed with the show memory command are accessed.
Workaround: There is no workaround.
•
Symptoms: Unused ports on a 1-port multichannel STM-1 port adapter (PA-MC-STM-1) may flap even when they are not processing any traffic.
Conditions: This symptom is observed when there is congestion on used ports of the PA-MC-STM-1 and when a committed access rate (CAR) is configured on these used ports.
Workaround: There is no workaround.
•
Symptoms: Several prefixes for non-redistributed connected interfaces in different VRFs may be partially bound to the same MPLS-VPN label, thus disrupting traffic bound to one or more of these VRFs.
Conditions: This symptom can occur on a Cisco router that runs Cisco IOS Releases 12.2, 12.2T, 12.0S, 12.3 after the VRF interfaces have flapped. The symptom may occur in all code levels of these releases.
Workaround: Clear the routes in the VRFs in sequence.
•
Symptoms: When running SIP calls on a Cisco IOS gateway under load/stress, the user is recommended not to use the show sip calls command. However, if the command is given, it can possibly lead to a gateway crash due to memory corruption. The crash may not be seen immediately after giving the command. Instead, it may happen a few minutes or hours later.
Conditions: The following conditions need to be satisfied for memory corruption to happen:
1) SIP calls are running, and there is a heavy load of call setups and tear downs.
2) Run the show sip calls command.
3) Continue with heavy load of SIP calls.
4) May see a memory corruption and crash on the gateway after sometime.
Note that step (4) is not always going to happen. It will more likely happen if there are competing processes, for example ISDN, SNMP, and others, requesting fresh memory.
Workaround: Do not use the show sip calls command for viewing call status for SIP calls when there is call traffic. Instead use the show call active voice command for generic call related information.
•
Symptoms: Sessions may fail with sense code 08150004.
Conditions: This symptom is observed when an SNA switching services Enterprise Extender (EE) is used to connect to a host. New sessions that attempt to reuse an existing EE RTP connection to the host may fail with sense code 08150004. Other RTP connections do accept new sessions.
Workaround: Inactivate the flawed RTP connection on the host. Doing so drops all existing sessions on that RTP connection, but enables the router and all other RTP connections and their sessions to stay up.
•
Symptoms: In Cisco IOS software that is running Multiprotocol Label Switching (MPLS), a router may reload after accessing a freed Label Information Base (LIB) entry. When the symptom occurs, an error message similar to the following is likely to precede the reload:
%TIB-3-LCLTAG: 10.10.10.10/10.10.10.10, tag advert; unexpected tag state=13Conditions: This symptom is observed when a very uncommon timing of a Label Distribution Protocol (LDP) events occurs. The symptom may occur with LDP or Tagswitching Distribution Protocol (TDP).
Workaround: There is no workaround.
•
Symptoms: The native Gigabit Ethernet ports of a Cisco 7200 series NPE-G1 or a Cisco 7301 may stop forwarding traffic.
Conditions: This symptom is observed in a stress situation when bursty traffic is received.
Workaround: There is no workaround.
•
Symptoms: A voice call may fail on an IP-to-IP gateway when the call is hunted on another outgoing dial peer because there is no answer.
Condition: This symptom is observed when the voice-hunt no-answer global configuration command is enabled on the IP-to-IP gateway.
Workaround: There is no workaround.
•
Symptoms: A Cisco AS5300 may stop accepting calls and generate the following error message:
Endpt in transient stateConditions: This symptom is observed after an attempt to relay a fax on a Cisco AS5300 that runs Cisco IOS Release 12.3(4)T1 or Release 12.3(5a) and that is configured for MGCP.
Workaround: There is no workaround.
•
Symptoms: An RPM-XF may crash when a VC is deleted.
Condition: This symptom is observed when the you enter the no switch connection vcc vpi vci command.
Workaround: There is no workaround.
•
Symptoms: A MGCP modem-relay call may fail to resume as a voice session.
Conditions: This symptom is observed when a MGCP modem-relay call is continued as a voice call. During the reversion back to voice, the voice channel may fail.
Workaround: Configure the G.711 codec for modem pass-through.
•
Symptoms: The amount of memory that the crypto IKMP process is holding increases without being released. After some time the crypto IKMP process may use all the memory.
Condition: This symptom is observed when a crypto map is configured on a dialer interface and when there are authentication failures (for example, due to a maximum session number limitation) during the reestablishment of the session.
Workaround: There is no workaround.
•
Symptoms: A gateway may stay at 100 percent CPU utilization, preventing any new calls from being made until the gateway is reloaded.
Conditions: This symptom is observed on a Cisco router that functions as a gateway and that runs Voice XML applications under a high traffic load.
Workaround: There is no workaround.
•
Symptoms: The following error message is generated in a SNASw router while bringing up CP-CP sessions with a network node server:
%SNASW-3-DS_LOG_17: PROBLEM - 22702 - Protocol error while registering resources with network node serverSense code 1014023C is returned by the NN server on the registration failure notification. The SNASw router unbinds the CP-CP sessions with sense code 08900060.
Conditions: This symptom is observed on a Cisco router that functions as an SNASw router when a downstream end node incorrectly registers an APPN network node as an end node.
Workaround: Remove the CP name on the partner LU definition on the downstream end node.
Alternate Workaround: Apply APAR JR16282 to the downstream end node.
•
Symptoms: The show flash-filesystem EXEC command and the dir filesystem EXEC command may not work properly on a Cisco 2600XM, preventing you from seeing the flash images.
In addition, the copy destination url flash: EXEC command may fail when the erase option is not selected (that is, you type in no when you are asked if you want to erase the device). The copy destination url flash: EXEC command functions fine when you do select the erase option.
Conditions: These symptoms are observed on a Cisco 2600XM that is configured with a particular third-party vendor 16-MB SIMM. Note that the router is still functional with this SIMM; you can boot or reload the router, perform a TFTP download operation, and similar actions without any difficulty.
Workaround: There is no workaround.
•
Symptoms: Gigabit Ethernet interfaces on a Network Processing Engine G-1 (NPE-G1) may not accept packets with long MPLS headers. This situation may decrease the performance of some network environment such as an Ethernet over MPLS (EoMPLS) environment.
Packets with a size that exceeds the maximum MTU in the output of the show controller gigabitethernet 0/x command may be dropped.
Conditions: This symptom is observed on a Cisco 7200 series.
Workaround: Increase the MTU at the interface level.
•
Symptom: When the HSRP MIB is polled and there are HSRP groups configured on subinterfaces, an error such as "OID not increasing" may occur on the device that is polling the router. In some cases, a CPUHOG traceback may occur on a router when the HSRP MIB is polled, especially when a lot of interfaces are configured.
Conditions: This symptom is observed under either one of the following two conditions:
–
–
Workaround: Do not initiate an SNMP query for HSRP.
Alternate Workaround: Enter the snmp-server global configuration command to specify which MIBs are available, as in the following example:
snmp-server view HSRP internet included
snmp-server view HSRP ciscoHsrpMIB excluded
snmp-server view HSRP ciscoHsrpExtMIB excluded
snmp-server community public view HSRP RW 20
snmp-server community private view HSRP RW 20
•
Symptoms: The MPLS packets are forwarded with a bogus label when they are sent out on a loadshared non-VRF MPLS enabled "Internet" interface from a VRF.
Condition: A static route for the VRF should be configured to reach the Internet, which would in turn be configured to recurse over 2 static routes to reach the next hop for the global Internet.
Workaround: Shut down one of the interfaces to remove the load-sharing condition.
•
Symptoms: Hardware compression on an AIM-COMPR4 may fail, causing a router to revert to software compression.
Conditions: This symptom is observed on a Cisco router when MLP and Low Latency Queueing (LLQ) are configured and when a service policy is applied to a multilink interface.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may lock up when sending traffic over an X.25 interface.
Conditions: This symptom is observed on a Cisco router that has the encapsulation x25 command enabled.
Workaround: Configure the X.25 interface for priority or custom queuing.
•
Symptoms: A Cisco 2600 series or Cisco 3600 series that is configured with SVC bundles may fail to parse the SVC-bundle configuration at bootup, causing most of the SVC bundles to fail. After bootup, only the SVC bundle that was first configured as part of the bundle svc command may be in the running configuration.
Conditions: This symptom is observed on a Cisco 2600 series and Cisco 3600 series that run Cisco IOS Release 12.2(8)T3, 12.2(8)T10, or 12.3(5) and that are configured with an IMA port adapter.
Workaround: After the router has booted up, reconfigure the SVC bundles.
•
Symptoms: The following error messages may be generated on a Cisco platform:
%SYS-3-INVMEMINT: Invalid memory action (malloc) at interrupt level
-Traceback= 80C1721C 80521C34 80522130 80522DCC 80523008 80271964 80271F30 80273A78 80285954 8007DE1C 8007DE1C 80285A14 80C23698
%SYS-2-MALLOCFAIL: Memory allocation of 600 bytes failed from 0x80521C30, alignment 0
Pool: Processor Free: 28708508 Cause: Interrupt level allocation
Alternate Pool: I/O Free: 8397996 Cause: Interrupt level allocation
-Process= "<interrupt level>", ipl= 4
-Traceback= 80C15E28 80C173E8 80521C34 80522130 80522DCC 80523008 80271964 80271F30 80273A78 80285954 8007DE1C 8007DE1C 80285A14 80C23698Conditions: This symptom is observed on a Cisco platform that runs Cisco IOS Release 12.3(1a) when any of the following XML logging global configuration commands are enabled:
–
–
–
–
Workaround: Disable the XML logging commands.
•
Symptoms: On a Cisco AS5850 using E1 trunks, the debounce-time rai time-interval command does not work.
Conditions: This command is only supported on Cisco AS5850 E1 trunks.
Workaround: There is no workaround.
•
Symptoms: Running a Voice XML application with submit may cause a router to reload with a bus error.
Conditions: This symptom is observed when a subdialog in a Voice XML application is called repeatedly.
Workaround: There is no workaround.
•
Symptoms: From a local customer edge (CE) router, you may not be able to reach or ping some prefixes (subnets) on a remote CE router over an Multiprotocol Label Switching (MPLS) network.
Conditions: This symptom is observed in a cell-based MPLS network.
Workaround: Enter the shutdown command followed by the no shutdown command on the affected subinterface that is connected to the local CE router. Doing so enables the Border Gateway Protocol (BGP) to run a scan again and repopulates the subnets in the Tag Forwarding Information Base (TFIB).
•
Symptoms: When you perform an HTTPS File Get operation on a Cisco router, the router may reload.
Conditions: This symptom is observed when you use SDC.
Workaround: Avoid using HTTP-based java configuration tools such as SDC.
•
Symptoms: A "Spurious memory access" error message may be displayed and tracebacks may occur on a Cisco router.
Conditions: This symptom is observed on a Cisco router that functions as a LAC and that runs PPPoE.
Workaround: There is no workaround.
•
Symptoms: When a large number of VRFs are configured, input OAM F5 loopback cells on the ATM interface are dropped continuously even without traffic. Drop could be seen at OAM cell drops of show atm traffic and at Input queue drops of show interface ATM EXEC commands.
Conditions: This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.2(19), Release 12.3(5), or Release 12.3(4)T2 where the oam-pvc manage command and the ip vrf global command are configured.
Workaround: Remove the ip vrf command. There is no workaround for a router such as a provider edge (PE) router that cannot remove VRFs.
•
Symptoms: A router may log a CPUHOG message that is caused by the CEF reloader process.
Conditions: This symptom is observed on a Cisco router when a VRF with more than 9000 routes is added to the configuration.
Workaround: There is no workaround.
•
Symptoms: A Cisco AS5300 may improperly generate a disconnect cause of 8A10 for any call leg. The proper disconnect cause should be 10.
Conditions: This symptom is observed on a Cisco AS5300 that runs and IP Plus image of Cisco IOS Release 12.3(5) and that is configured for E1 R2 signaling for Thailand. The symptom may not be platform-specific.
Workaround: There is no workaround.
•
Symptoms: A Cisco 2611XM that runs Cisco IOS Release 12.3(5a) and that is configured for encryption may generate spurious memory accesses and may reload unexpectedly because of a SegV exception.
Conditions: This symptom is observed when the router accepts ISDN calls.
Workaround: There is no workaround.
•
Symptoms: The CLI command show run would not show anything. This is due to a memory leakage in the router. The memory leak occurs at process CCH323_CT.
Conditions: This symptom occurs on a Cisco AS5350 that is running Cisco IOS Release 12.2(15)T5 in a SS7 solution environment acting as the originating and terminating gateway. The CLI command show proc mem shows process CCH323_CT holding lots of memory and not releasing it back. The show memory sum will show the free memory continuously decreases as the gateway continues to handle VoIP calls. After the free memory runs out, the router either hangs or crashes.
Workaround: The only way to recover the router is with a reload or power cycle.
•
Symptoms: A Cisco router running Cisco IOS Release 12.3(7)T may reload unexpectedly after a crypto map has been configured for IPSec.
Condition: This symptom is observed when all of the following conditions occur:
–
–
–
The symptom may also occur in Release 12.3.
Workaround: Stop the traffic when changing a crypto map or applying a crypto map to an interface.
Alternate Workaround: Disable CEF switching.
•
Symptoms: After a Route Switch Controller (RSC) has rebooted, line cards are no longer recognized by the RSC. The output of the show chassis command shows the following information:
RSC-Slot6# show chassis
System is in classic-split mode, RSC in slot 6.
Slots owned: none
Slots configured: none
Slots owned by other: 8 9 10 11 12 13
Slots not owned: 0 1 2 3 4 5
Slot Board CPU DRAM I/O Memory State Elapsed
Type Util Total (free) Total (free) Time
System set for auto bootConditions: This symptom is observed on a Cisco AS5850 that runs Cisco IOS Release 12.3(3c) and that has dual RSCs that function in classic split mode.
Workaround: There is no workaround. To recover from the symptoms, manually reload the affected RSC.
•
Symptoms: During periods of high Session Initiation Protocol (SIP) call volumes, a router may reload unexpectedly because of a bus error.
Conditions: This symptom is observed on a Cisco AS5300 series universal gateway when a SIP call is cancelled due to a 408 Request Timeout response received for a SIP PRovisional ACKnowledgement (PRACK) message.
Workaround: There is no workaround.
•
Symptoms: A Cisco platform may crash after the following error is seen:
SCHED: Stack for process CEF IPC Background running low, 48/6000
%SYS-SP-6-STACKLOW: Stack for process CEF IPC Background running low, 48/6000Conditions: This symptom is observed with a recursive prefix with multiple next hops when these next hops match host routes that themselves are recursive prefixes and recurse through themselves.
Workaround: Avoid recursion loops.
•
Symptoms: VRFs do not inherit the proper version setting, preventing RIP from sending the configured packet version to its adjacencies.
Conditions: This symptom is observed when, for example, you enter the version 2 RIP command followed by the address-family ipv4 vrf vrf name command. Version 2 is not inherited by the VRF.
Workaround: Explicitly configure the RIP version under the VRF to enable the configuration to work properly, that is, in the above-mentioned example, enter the version 2 RIP command after you have entered the address-family ipv4 vrf vrf name command.
•
Symptoms: RIP static neighbors may not function properly. Specifically, unicast updates may not be sent to the configured neighbor addresses.
Conditions: This symptom is observed when static neighbors are configured.
Workaround: Do not run the interface with static neighbors, which is often done in combination with the passive-interface command. Rather, rely on the default broadcast or multicast delivery, which depends on the RIP version that is deployed.
•
Symptoms: When Call Admission Control from a gatekeeper is configured, an oversubscribed call may be disconnected immediately without a busy tone.
Conditions: This symptom is observed when an ARJ reject reason "ARJ_REQ_DENIED" is mapped to cause code 31 (Normal unspecified) instead of to cause code 34 (no circuit channel available).
Workaround: There is no workaround.
•
Symptoms: A Cisco 7500 series with a VIP that has any type of ATM port adapter (PA) may crash with a bus error (sig 10) upon bootup. The VIP will ultimately come on line and the services are not impacted thereafter.
Conditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.3 when ATM subinterfaces on the PA are configured for any QoS queueing feature (for example, shaping, LLQ, WRED, CFWFQ, fair-queueing, etc.)
Workaround: There is no workaround.
Further Problem Description: This is a timing issue between ATM interfaces coming up and being fully configured (via IPC) for QoS on the PA. The higher the number of ATM subinterfaces/PVCs, the more likely is a chance that the router crashes. However, if only one subinterface/PVC is configured, there is still a potential problem; the router may not crash but QoS may not function.
•
Symptoms: A WIC-2T interface card that is configured for BSTUN encapsulation may not recognize an MTU setting above 1500. Inbound frames with a size of 1900 bytes that enter the interface may be fragmented in the router before being passed on to BSTUN.
Conditions: This symptom is observed on a Cisco 2691, Cisco 3725, and Cisco 3745 that have a serial WIC interface card installed in the main board WIC slot.
Workaround: Lower the outbound frame size on the Bisync host or remove BSTUN encapsulation from the WIC-2T interface card and configure BSTUN encapsulation on a serial interface of a network module.
•
Symptoms: A Cisco 3600 series or Cisco 3700 series may not initialize correctly and report the following error message during startup:
%VPN_HW-1-INITFAIL: Slot 1: hifn7814_init_dsConditions: This symptom is observed on Cisco 3600 series and Cisco 3700 series that run Cisco IOS Release 12.3(6) and that use a Virtual Private Network (VPN) encryption and hardware advanced integration module AIM-VPN/EPII or an AIM-VPN/HPII. If the AIM is installed in slot 1, it fails to initialize.
Workaround: Install the AIM in slot 0 instead of slot 1.
•
Symptoms: An IPv6 PIM neighbor may be down after changing the PIM configuration.
Conditions: This symptom is observed when the no ipv6 pim command is entered on some subinterfaces of a physical Ethernet interface and PIM is enabled on several subinterfaces of the same physical Ethernet interface.
Workaround: There is no workaround.
•
Symptoms: During an initial boot of a Cisco 7301 that has a PA-MC-8TE1+ or PA-MCX-8TE1-M in bay 0, an unexpected reload may occur.
Conditions: The symptom may occur irrespective of whether a regular Cisco IOS software image or a boot software image is present in the bootflash filesystem.
Workaround: Powercycle the Cisco 7301 and reboot platform. The problem only surfaces during the initial boot of the platform.
•
Symptoms: When mixed channels are defined on a channelized OC-12 line card and these channels include DS3s, T1s, an DS0s, CEF/RIB inconsistency may occur, preventing traffic to be sent over the correct interfaces.
Conditions: This symptom is observed on a Cisco 10000 series.
Workaround: When you delete interfaces or subinterfaces on the channelized OC-12 line card, ensure that the adjacency for the deleted interface is deleted before you configuring a new interface.
This can be checked by entering the show adjacency or show adjacency | include interface name command. When the adjacency no longer appears in the output of the show adjacency command, it is safe to add new interfaces.
Note that the show adjacency type number command cannot be used to get the required information.
When deleting large numbers of interfaces, a delay of about 2 minutes should be enough to ensure that all of the adjacencies have been deleted.
•
Symptoms: A RPM-PR may reload unexpectedly when you enter the a debug command.
Conditions: This symptom is observed when you enter any of the following debug CLI commands:
debug rpm pooltype 4294967295
debug rpm mempool 4294967295
debug rpm regiontype 4294967295Workaround: There is no workaround.
•
Symptom: The line protocol may go down.
Conditions: This symptom is observed when Frame Relay fragmentation is enabled on the main interface.
Workaround: There is no workaround.
•
Symptoms: On a Cisco IOS VoIP gateway, a memory leak may occur in the context of the VTSP process.
Conditions: This symptom is observed when there are low memory conditions and when translation rules are configured.
Workaround: Reload the gateway.
•
Symptoms: Spurious memory accesses and a traceback may occur on a Cisco router, causing the router to reload.
Conditions: This symptom is observed on a Cisco 1760, Cisco 3640, and Cisco 7200 series that run Cisco IOS Release 12.3(9).
Workaround: There is no workaround.
•
Symptoms: Buffer I/O memory starvation may occur and a "%SYS-2-MALLOCFAIL" message may be shown on the console.
Conditions: This symptom is observed on a Cisco 7200 series with an NSE-1 processor board and on a Cisco 7401 series. The symptom occurs when PXF is enabled and when encryption/compression and fair-queueing are enabled on the same interface.
Workaround: Disable PXF by entering the no ip pxf command.
Alternate Workaround: Disable fair-queuing on the egress interface by entering the no fair-queue command.
•
Symptoms: Multiple SYS-3-CPUHOG error messages may be generated in the LDP process, eventually followed by a watchdog timeout crash:
%SYS-3-CPUHOG: Task is running for (2000)msecs, more than (2000)msecs (422/8),process = LDP.
-Traceback= 6101DFC0 6102546C 61016FE4 6101CE24 6101728C 61017A30
...
%SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = LDP.
Traceback= 6085658C 6101DE48 6102546C 61016FE4 6101CE24 6101728C 61017A30After the router has reloaded, the output of the show version command indicates "Last reset from watchdog reset."
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.2(18)S3 or Release 12.2(22)S and that is configured for MPLS LDP.
Workaround: There is no workaround.
•
Symptoms: The cpmISDNCfgBChanInUseForVoice objects are not counted by the cpmISDNCfgBChannelCalls object.
Conditions: This symptom is observed when the CISCO-POP-MGMT-MIB is polled for ISDN voice calls. The expected behavior is that voice calls on all ISDN B-channels should be counted by the cpmISDNCfgBChannelCalls object.
Workaround: There is no workaround.
•
Symptoms: A Cisco AS5350 reloads when an OSP call is made.
Conditions: This symptom is observed on a Cisco AS5350 that runs the c5350-jk8s-mz image of Cisco IOS Release 12.3(9) when you use a CLI command to shut down and then unconfigure the settlement after some OSP calls have occurred, as in the following example:
1. You enter the settlement 0 global configuration command.
2. You enter the shutdown settlement configuration command. This stops the OSP process.
3. You enter the no settlement 0 settlement configuration command. At this point, the Cisco AS5350 may reload.
Workaround: There is no workaround.
•
Symptoms: Multicast packets are not dropped by a drop action in a policy map.
Conditions: This symptom is observed during an MQC drop test.
Workaround: Configure the police command with the drop action for both traffic that conforms and exceeds the policy map.
•
Symptoms: A Versatile Interface Processor (VIP) on a Cisco 7500 series that runs Cisco IOS Release 12.3(5) and that is configured for distributed Link Fragmentation and Interleaving over ATM (dLFIoATM) may reload.
Conditions: This crash occurs when all of the conditions below are present:
–
–
–
–
Workaround: Avoid local VIP switching to the dLFIoATM PVC.
•
Symptoms: On a Cisco 7500 series that is equipped with Versatile Interface Processors (VIPs) with ATM port adapters, the ATM PVCs may not come back up after the ATM interface flaps. This occurs because the interfaces in the VIP do not transmit any packets but still process incoming traffic.
Conditions: This symptom is observed in a dLFIoATM environment in which distributed Class Based Weighted Fair Queueing (dCBWFQ) is configured on PPPoATM virtual templates.
Workaround: Apply any kind of distributed queueing on any interface or subinterface of the affected VIP. Doing so triggers all interfaces to start transmitting again, enabling the ATM PVCs to come back up.
•
Symptoms: On a Cisco IOS VoIP gateway, a memory leak may occur in the context of the H.323 process.
Conditions: This symptom is observed when there are low memory conditions and when translation rules are configured.
Workaround: Reload the gateway.
•
Symptoms: A Cisco AS 5400 reloads at "is_xcsp" when you enter the show users command for async calls.
Conditions: This symptom is observed on a Cisco AS5400 that runs Cisco IOS Release 12.3 or Release 12.3(8)T.
Workaround: There is no workaround.
•
Symptoms: Voice calls fail to go through when a gatekeeper is involved in the call.
Conditions: This symptom is seen for all calls involving a gatekeeper.
Workaround: There is no workaround.
•
Symptoms: A Cisco platform may reload unexpectedly when bulk calls are initiated while an SS7 configuration is being loaded.
Conditions: This symptom is only observed for SS7 configurations. Non-SS7 configurations are not affected.
Workaround: There is no workaround.
•
Symptoms: A router reloads when the origin dhcp command is configured on one or more DHCP pools.
Conditions: This symptom is observed when the subnets allocated to these pools are renewed or released.
Workaround: Do not use the origin dhcp command.
•
Symptoms: Voice calls being placed through a PRI voice gateway using DSPs of an ATM AIM module may encounter no-way voice on either the PSTN or the IP device/phone side.
Conditions: This symptom may be observed when hairpinned calls are placed with a Cisco 3745 that functions as a Cisco IOS voice gateway and that has an AIM-ATM-VOICE-30 module installed.
You can verify that the symptom occurs through the output of the show connection all EXEC command: the command output shows one timeslot twice and shows that it is connected to both another timeslot and to a DSP resource.
Workaround: Reboot the Cisco 3745 voice gateway to fix the no-way audio problem. To prevent the problem from occurring, configure the gateway in such a way that hairpinned calls do not occur.
•
Symptoms: A "not well-formed" error may occur when you run a Voice XML document that contains an XML prolog that includes the "encoding" element. For example:
<?xml version="1.0" encoding="iso-8859-1"?> <---- This line will give an error <vxml version="2.0">Note that not all XML encoding triggers this error. The following encoding does not have any problem:
<?xml version="1.0" encoding="UTF-8"?>Conditions: This symptom is observed on a Cisco IOS gateway that runs Cisco IOS Release 12.3(9).
Workaround: There is no workaround.
•
Symptoms: An MFR interface does not forward traffic.
Conditions: This symptom is observed on a Cisco platform when traffic is forwarded outbound on the MFR interface.
Workaround: Flap the MFR interface.
•
Symptoms: A router may reload due to a bus error when processing VTSP.
Conditions: This symptom is when the router is configured for voice.
Workaround: There is no workaround.
•
Symptoms: You cannot delete a trustpoint, and the following error message is generated on the router:
% The trustpoint appears to be in use. Unable to remove this trustpointConditions: This symptom is observed after IKE negotiation; the trustpoint is locked.
Workaround: Reload the router and remove the trustpoint before IKE negotiation.
•
Symptoms: A router may reload due to a software-forced crash when a voice call is made through a VIC-2DID or VIC2FXO, and the following error message is generated:
%SYS-3-CPUHOG: Task is running for (126207)msecs, more than (2000)msecs (85/5),process = IP Input.
-Traceback= 80C25B98 80C2741C 80C274D8 80C27970 80C2A508 80C07910 80C07134 80C04540 803EEBDC 803ECB3C 803ECD0C 803ECED8 80223338 80227950Conditions: This symptom is observed on a Cisco 1760 running CIsco IOS Release 12.3(4)T3 with the firewall feature set. The symptom may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: A router running SNASw reloads when connecting to downstream devices.
Conditions: This symptom is observed when a downstream device sends an XID with the same ID as a previously connected device.
Workaround: Correct the duplicate PU ID problem at the downstream device or add the snasw dlus command to the configuration.
•
Symptoms: An RPM-PR crashes and switches over to the redundant card. There is a crashinfo file created with traceback.
Conditions: This symptom is observed when 320 IP flows are sent outbound from a switch subinterface that is configured for flow-based fair queueing.
Workaround: There is no workaround.
•
Symptoms: A Cisco IAD2420 series responds to a RQNT with "R: L/hd(N)" with a "519 161233591 No digit map available" answer, which causes the call agent to take the endpoint out of service.
Conditions: This symptom is observed in a normal call flow.
Workaround: There is no workaround.
•
Symptoms: The crypto PKI query mode is not working.
Conditions: This symptom is observed when you perform the following steps:
–
–
–
Workaround: There is no workaround.
•
Symptoms: A Cisco router running Gateway GPRS Support node software (GGSN) Release 5.0 may reload with an exception due an illegal access to a freed memory location after some PPP regeneration sessions are created and deleted and the ppp-regeneration command is unconfigured.
Conditions: This symptom is only observed when the following sequence of events occurs:
1. An APN is configured for PPP-regeneration.
2. PPP regeneration sessions are created and deleted on this APN.
3. The ppp-regeneration command is unconfigured on this APN.
4. After at least 5 minutes, the ppp-regeneration command is reconfigured under the APN.
5. An attempt is made to create a PPP regeneration session.
After Step 5, the GGSN reloads.
Workaround: This is a rare scenario involving an unconfiguration, and if this sequence of events occurs, there is no workaround.
•
Symptom: A router running SNASWitch enterprise extender over a WAN connection experiences intermittent performance problems.
Conditions: This symptom is observed when some type of delay occurs in the IP network between the router and the third-party vendor host.
Workaround: Take down the link. If this is not an option, there is no workaround.
Further Problem Description: The Network Performance Monitor (NPM) on the mainframe reports network response times of up to 13 seconds and a display of the CNR node associated with the affected RTP pipe on the mainframe of the form "D NET,ID=CNR.....,E" shows that the allowed data flow rate is severely throttled.
The problem usually lasts for about one hour before responses fall to acceptable subsecond levels but can take up to three hours to completely stabilize.
No congestion, retransmissions are observed while the problem is occurring and a sniffer trace taken at the mainframe OSA port shows that the Round Trip Time (RTT) is consistently around 16 ms, which is acceptable, but the Server Measurement Interval (SMI), in the Rate Request coming from the mainframe, varies widely.
•
Symptoms: A router with VOIP configured may experience a memory leak in VTSP.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.2(15)T10. The symptom may also occur in Release 12.3 and 12.3 T.
Workaround: There is no workaround.
•
Symptoms: The g729ar8 codec option is not configurable under a VoX dial-peer. The only G.729 codec option available is the g729r8 option.
Conditions: This symptom is observed on a Cisco MC3810 voice gateway that has the C542-based Voice Compression Module (VCM) DSP card installed. The problem is that the g729ar8 option is a medium-complexity (MC) codec but the g729r8 option is a high-complexity (HC) codec. A VCM DSP can handle at most two MC calls or a single HC call, so if a higher call density is required on the Cisco MC3810, you must use the proper codec.
This issue does not pertain to a Cisco MC3810 voice gateway with C549-based High Compression Module (HCM) DSP cards as the only G.729 codec selection for this configuration is the g729r8 option. Whether G.729 proper or G.729 Annex A is used depends on whether the HCM card is configured for, respectively, HC or MC operation mode.
This defect affects Cisco IOS Release 12.2 T and Release 12.3. The symptom does not occur in Release 12.2.
Workaround: There is no workaround.
•
Symptoms: When you configure the autosecure feature through a Telnet session and the Telnet session is closed, terminated, or times-out, you cannot open another Telnet session to the router.
Condition: This symptom is only observed for a Telnet session and does not occur for an SSH session.
Workaround: Use the console or use SSH.
•
Symptoms: Entering the no cns config notify command may cause a router to reload.
Conditions: This symptom is observed when the cns config notify command has been configured previously.
Workaround: There is no workaround.
•
Symptoms: MPLS forwarding may stop.
Conditions: This symptom is observed under the following conditions:
–
–
Workaround: There is no workaround.
•
Symptoms: Stale MPLS COS per-route entries may be left behind.
Conditions: This symptom is observed after the route disappears from the routing table in cell mode multi-VC network.
Workaround: There is no workaround.
•
Symptoms: A Fast Ethernet 100BASE-TX port adapter on an RPM-PR may stop receiving burst traffic packets.
Conditions: This symptom is observed on a FE RPM-PR Backcard.
To identify this problem, the output of the show interface fastethernet command shows no input packets and all packets as overrun:
30 second input rate 0 bits/sec, 0 packets/sec
30 second output rate 100000 bits/sec, 106 packets/sec
0 packets input, 0 bytes
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 263523 overrun, 0 ignoredThe output of the show controllers command for the Fast Ethernet interface shows high numbers for "rx_fifo_overflow" and "throttled":
throttled=5352, enabled=5352, disabled=0
rx_fifo_overflow=434500, rx_no_enp=0, rx_state=0Workaround: There is no workaround. To clear the symptom, enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the Fast Ethernet interface.
Further Problem Description: In the output of the show controllers command for the Fast Ethernet interface, locate the value for CFRV. If the last byte is either 0x20, 0x21, 0x22, or 0x23, the Fast Ethernet is susceptible to the symptom.
•
Symptoms: A PRI trunk of an MGCP controller may come up in an ISDN layer 2 "TEI_ASSIGNED" state.
Conditions: This symptom is observed when the gateway is reloaded or during the initial configuration of MGCP on the gateway and occurs when the PRI backhaul feature is configured with Cisco CallManager.
Workaround: In order to bring up the trunk, reset the associated T1 controller by entering the shutdown command followed by the no shutdown command.
•
Symptoms: A Cisco 2651 does not boot up and enters into a loop with the "Unexpected exception at ..." error message.
Conditions: This symptom is observed when you attempt to load the c2600-a3js-mz image of Cisco IOS Release 12.3(8)T. The symptom may also occur in Release 12.3.
Workaround: There is no workaround.
•
Symptoms: A VoIP call with the required SETUP message is up but may be disconnected when the call initiator sends an H225 Q931 NOTIFY message.
Conditions: This symptom is observed during a test of the ISDN Calling Name Display feature.
Workaround: There is no workaround.
•
Symptoms: An accounting stop record does not account for inbound CEF switched packets such as Acct-Input-Packets and Acct-Input-Octets.
Conditions: This problem only occurs for connections that are terminated onto a virtual-access interface.
Workaround: Disable CEF globally or per interface.
•
Symptoms: CEF may become disabled on a VIP, port adapter, module, or line card because of a fatal error, and the following error message may be generated:
%FIB-3-FIBDISABLE: Fatal error, slot 2: Window did not open, LC to RP IPC is non-operationalConditions: This symptom is observed after an RPR+ switchover.
Workaround: There is no workaround.
•
Symptoms: A router reloads after a CNS configlet includes configuring a TTY.
Conditions: This symptom is observed when the cns config initial command, cns config partial command, or cns config retrieve command is enabled and when the password is set via CNS or any other aspect of a TTY is configured via CNS.
Workaround: Do not configure a TTY by using CNS.
•
Symptoms: Traceback are seen if an SSH connection fails during a version exchange.
Conditions: This symptom is observed when the client and the Cisco IOS software release on the SSH server do not match.
Workaround: There is no workaround.
•
Symptoms: The Fast Ethernet output queue of a Cisco 1700 series may become wedged.
Conditions: This symptom is observed when Multilink PPP is enabled on the incoming serial interface via the ppp multilink fragment-delay delay-max command (with a delay of 10 ms), when there is a low link bandwidth (128 kb), and when there are large packet sizes (1343 bytes).
Workaround: Remove the ppp multilink fragment-delay delay-max command from Multilink PPP configuration.
Alternate Workaround: Disable fast switching on the Fast Ethernet interface.
•
Symptoms: Traffic with large packet sizes may not go through.
Conditions: This symptom is observed on a Cisco 7200 series that is configured with an ATM-to-Ethernet VLAN.
Workaround: There is no workaround.
•
Symptoms: When you enter the write memory command, two files may be missing ("persistent-data" and "rf_cold_starts") or the following error message may be displayed:
startup-config file open failed (Device or resource busy)Conditions: This symptom is observed on any router with redundant RPs running any Cisco IOS release when the following sequence occurs:
–
–
–
Workaround: Do not access the NVRAM of the standby RP when you enter write memory command on the console of the master RP.
•
Symptoms: An uncorrectable ECC parity error may occur on a Cisco 7200 series that is configured with an NPE-G1.
Conditions: This symptom is observed rarely when you enter the show sysctlr or the show tech command on the NPE-G1.
Workaround: Do not enter the show sysctlr or the show tech command.
•
Symptoms: Assertion failure messages along with some traceback messages may be seen after a soft OIR is performed on a universal port card (UPC324).
Conditions: This symptom is observed on a Cisco AS5850.
Workaround: There is no workaround.
•
Symptoms: On a Cisco 3725 or Cisco 3745, hairpin voice calls fail between two J1 digital voice modules with following error message:
%config_tdm_connection: error from reg_invoke_interslot_connect 2When you attempt the calls from one slot to another slot on a J1 voice module, the called party phone rings but the calling party hears dead air. Then, when the called party goes off-hook, there is no audio between the calling party and the called party.
Conditions: This symptom is observed on a Cisco 3725 and Cisco 3745 that runs Cisco IOS Release 12.2(13)T or a later release. The symptom may also occur in other releases. The symptom is not observed on a Cisco 3640.
Workaround: There is no workaround.
•
Symptoms: OAMs are dropped on a Cisco router's ATM IMA interface that is configured for AAL5oMPLs, causing directly connected CE routers that have the oam pvc-manage command enabled to take the PVC down. As a result, the CE routers cannot forward any traffic to the MPLS core, thereby impacting basic connectivity between CE routers that are interconnected via the MPLS core. Errors are also see when the debug atm error command is enabled.
Conditions: This symptom is observed on a Cisco 7200 series that runs Cisco IOS Release 12.0(28)S and that is configured for AAL5oMPLS on an ATM-IMA interface. The symptom may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: The "Transmitted packets" column in the output of the show policy interface command for a particular interface may not be updated for packets that exit via this interface without being random or tail-dropped by WRED.
Conditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.2 S and that has WRED configured in an output service policy on an interface. The symptom may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: On a Cisco AS5400 functioning as an originating gateway, when the calling number is not present, the OSP settlement client receives a 200 OK Authorization Response for its Authorization Request message. However, the call is immediately rejected by IVR because there is no calling number.
Condition: This symptom is observed on a Cisco AS5400 running Cisco IOS Release 12.3(9) when ANI is not present on the originating GW.
Workaround: There is no workaround.
•
Symptoms: Traffic-shaping using MQC fails.
Conditions: This symptom is observed on low-end routers such as a Cisco 3640 for packets that are greater then the MTU size of the output interface.
Workaround: There is no workaround.
•
Symptoms: The copy tftp vfc: command is not accepted by the parser.
Conditions: This symptom is observed in Cisco IOS Release 12.3(8)T and Release 12.3(9).
Workaround: There is no workaround.
•
Symptoms: A router crashes when enrolling with a CA server.
Conditions: This symptom is observed when the CA server encodes a subject name in the "ASN.1 PrintableString" but includes an illegal character such as an underscore (_) in it.
Workaround: Regenerate the CA certificate with the correct set of characters.
The "PrintableString" can include the following characters:
A, B, ..., Z
a, b, ..., z
0, 1, ..., 9
(space) ' ( ) + , - . / : = ?•
Symptoms: The threshold metric (sub)command may be lost.
Conditions: This symptom is observed after a router that runs Cisco IOS Release 12.3(6) has reloaded and boots up again. The symptom may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: A router reloads when receiving IPX packets.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3(9) and that is configured for IPX networking. The router may reload after named ACLs have been displayed.
Workaround: There is no workaround.
•
Symptoms: A gateway may send wrong resource availability information to a gatekeeper. The actual number of "used" and "free" channels that is shown in the output the show trunk group command does not match with the number that is shown in the output of the show call resource voice status and show isdn status commands.
This situation causes the gatekeeper to receive wrong information about the number of free circuits that the gateway has and may also cause the circuits of the gateway to be underutilized.
Conditions: This symptom is observed on a Cisco AS5300 but may not be platform dependent.
Workaround: There is no workaround.
•
Symptoms: An H.323 call across a Cisco IP-to-IP H.323 gateway (GW) may not work correctly.
Conditions: This problem is observed in the following topology:
A third party H.323 GW connects to a Cisco IP-to-IP H.323 GW (a Cisco 3660) that connects to a Cisco GW (a Cisco 2600 series) that, in turn, connects to an FXS phone.
Calls from the FXS phone to the third party GW do not work intermittently. The Cisco IP-to-IP H.323 GW runs Cisco IOS Release 12.3(5). This problem happens only when the Alerting and Connect messages are received by the IP-to-IP H.323 GW very quickly in succession and when the Connect message has a Facility element.
Workaround: There is no workaround.
•
Symptoms: Changing any IP access control list (ACL) may cause a walk of all LC-ATM prefixes.
Conditions: This symptom is observed on a router configured with an LC-ATM Multi-VC when the changed ACL is not related to the Multi-VC.
Workaround: There is no workaround.
•
Symptoms: Spurious memory accesses are recorded in an RPM-PR card acting as Label Switch Controller (LSC). The show alignment EXEC command displays the spurious access records. There are three related spurious accesses that display an address of A, 8, and A respectively, and the records are continuous around one of each of the three per second.
An error message similar to this is logged:
%ALIGN-3-SPURIOUS: Spurious memory access made at 0x60418758 reading 0xA
%ALIGN-3-TRACE: -Traceback= 60418758 6041A718 600835B4 6007F4C4 6008214C
00000000 00000000 00000000
%ALIGN-3-TRACE: -Traceback= 6041875C 6041A718 600835B4 6007F4C4 6008214C
00000000 00000000 00000000
%ALIGN-3-TRACE: -Traceback= 604184D0 604188DC 6041A718 600835B4 6007F4C4
6008214C 00000000 00000000The output of the show alignment command shows the following:
Total Spurious Accesses 7984, Recorded 4
Total Spurious Accesses 7984, Recorded 4
Address Count Traceback
A 2660 0x60418758 0x6041A718 0x600835B4 0x6007F4C4
0x6008214C
8 2660 0x6041875C 0x6041A718 0x600835B4 0x6007F4C4
0x6008214C
A 2660 0x604184D0 0x604188DC 0x6041A718 0x600835B4
0x6007F4C4 0x6008214CConditions: This symptom is observed only on a Cisco RPM-PR.
Workaround: There is no workaround.
•
Symptoms: The output of the show policy-map interface command shows different values than expected.
Conditions: This symptom is observed when CBWFQ is configured on an interface with crypto and QoS preclassification. Hardware encryption works fine.
Workaround: Disable the qos pre-classify command when the service policy matches on IP precedence. Alternatively, use hardware encryption.
•
Symptoms: Downloading to an ATA flash disk may fail and the following error may appear:
%Error writing disk2:/c7200-js-mz.122-14.S7.bin (TF I/O failed in data-out phase)
ATA_Status time out waiting for card ready.
ATA_Status time out waiting for card ready.
ATA_Status time out waiting for card ready.The image size on the flash disk is 0 bytes.
Conditions: This problem is seen on a Cisco 7200 series NPE-G1 that runs Cisco IOS Release 12.2(14)S5 or Release 12.2(14)S7.
Workaround: Attempt a second time; the second attempt may be successful, but you will need to check the image size, even if there were no errors.
•
Symptoms: A Cisco 2691 may fail LCP negotiation.
Conditions: This symptom is observed when making an outgoing 56k speed ISDN BRI call. An outgoing 64k speed call works fine.
Workaround: There is no workaround.
•
Symptoms: When an LC-ATM switch subinterface is created and then deleted on an RPM-PR, the index for the current subinterface for the LVC stuck detection and recovery mechanism is changed in such a way that the "LVC stuck" information for an existing LC-ATM is overwritten when a new LC-ATM is added.
The "LVC stuck" information can be checked with the debug atmdx health_chk_stats EXEC command.
Conditions: This symptom is observed on an RPM-PR with an existing LC-ATM interface.
Workaround: There is no workaround.
•
Symptoms: A Label Switch Controller (LSC) may reload unexpectedly with a software-forced crashed. An error similar to this one followed by a traceback can be seen:
%SYS-2-BADSHARE: Bad refcount in mem_lock, ptr=628371F8, count=0Conditions: This symptom is observed when you enter the show mpls atm-ldp bindings path command to display LVC path information while network changes such as interfaces flaps or prefix flaps are occurring.
Workaround: There is no workaround.
•
Symptoms: The SRP protocol on a Cisco uBR7246VXR may not fully initialize during the boot sequence.
Conditions: This symptom is observed on a Cisco uBR7246VXR running Cisco IOS Release 12.2(15)BC1b when one SRP side is wrapped. The symptom may also occur on a Cisco 7200 series and is not release-specific.
Workaround: Force a wrap by entering the srp ips request forced-switch command and remove this forced wrap. Note that you have to do this manually after a reload/reboot.
•
Symptoms: DTS may not work properly on dot1q Fast Ethernet subinterfaces. Traffic is not shaped at the expected rate
Conditions: This problem is observed on a Cisco 7500 series that is configured as a PE router and that runs Cisco IOS Release 12.2(12i). The symptom may also occur in other releases.
Workaround: If this is an option, use ISL subinterfaces.
•
Symptoms: LC-ATM-enabled subinterface on a PE router stays in "not ready" state when viewing the LDP session to the LSC using the show mpls ldp discovery command. The shutdown interface command followed by the no shutdown interface command will not clear the problem when performed on either the LC-ATM subinterface on the PE or the Xtag interface on the connected LSC.
Conditions: The interface stays in "interface not LDP ready" state when there exists a stray LVC on the switch interface. The PE reaches this state after multiple LDP flaps.
Workaround: The condition may be cleared by entering the clear ip route prefix command where prefix is the local loopback address for the LC- ATM subinterface. This will cause all tailend LVCs on all LC-ATM subinterfaces to be torn down and re-established, causing a brief customer outage. This workaround should only be used if no alternate path exists for MPLS traffic towards this device (i.e., a redundant LC-ATM subinterface). After using this workaround, user should confirm that the expected number of LVCs has been re- established with the output of the show mpls atm summary command. If bindings are not successfully re-established, repeat the clear ip route prefix command, or reload the router.
Reload of the router will remove the stray LVC and bring the LDP session on the PE's LC-ATM subinterface back to normal state.
•
Symptoms: A router crashes when the mgcp command followed by the no mgcp command is entered.
Condition: This symptom is observed while running Cisco test scripts.
Workaround: There is no workaround.
•
Cisco Internetwork Operating System (IOS) Software release trains 12.1YD, 12.2T, 12.3 and 12.3T, when configured for Cisco's IOS Telephony Service (ITS), Cisco CallManager Express (CME) or Survivable Remote Site Telephony (SRST) may contain a vulnerability in processing certain malformed control protocol messages.
A successful exploitation of this vulnerability may cause a reload of the device and could be exploited repeatedly to produce a Denial of Service (DoS). This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20050119-itscme.shtml
Cisco has made free software upgrades available to address this vulnerability for all affected customers.
This vulnerability is documented by Cisco bug ID CSCee08584.
•
Symptoms: When 911 calls are done via MF signaling, calls placed to 911 intermittently fail.
Conditions: This symptom is observed in the following call flow:
A customer dials 911; the call agent sends a RQNT to a TGR (a Cisco AS5850) with call setup information; the TGR acknowledges with a 200 message. At this point no further messages are sent from the TGR.
In most cases a customer abandons the call and reattempts to dial 911 again, which will connect on a different trunk (trunk groups are set up for LRU in the call agent). The MGCP connection on the TGR hangs.
DSIP debug shows that after receiving a wink back from the agent, TGR immediately sends a loop open, which should not be the next event. The caller hears dead air during this entire series of events.
Workaround: There is no workaround.
•
Symptoms: A Cisco platform reloads because of a watchdog timer expiration.
Conditions: This symptom is observed on a Cisco platform that runs Cisco IOS Release 12.2(20)S2 or Release 12.3 under the following conditions:
–
–
–
Workaround: First detach the service policy from the PVC, then rename it and attach it again.
•
Symptoms: Inbound calls through a PRI on a Cisco IOS VoIP gateway may get into a hung state. Further calls attempted to the same timeslot may be rejected with an ISDN cause code of 0x2F (Resource unavailable).
The output of the show voice call summary command may show the affected call in the "S_WAIT_RELEASE" state.
Conditions: This symptom is observed when the isdn global-disconnect ISDN subcommand is enabled and when there is an active call on the PRI at the time the T1/E1 controller goes down (for example, in a loss of frame condition on the controller).
To recover from the above-mentioned state, reload the gateway.
Workaround: Either use H.323 as the signaling protocol or remove the isdn global-disconnect command from the configuration.
•
Symptoms: On certain platforms (in particular but not limited to a Cisco 800 series), the CNS agents code that captures output for later transmission can crash.
Conditions: This symptom is observed on a router that has configuration and EXEC agents and CNS agents that execute CLI commands when you send an XML file to direct these agents to execute a CLI command and return the output (if there is any output).
Workaround: Telnet into the router (not through the console) and exit. This may need to be done multiple times.
•
Symptoms: SSG reloads due to a bus error when a user logs on and logs off from a service more than once.
Conditions: This symptom is observed when the service profile is defined on the platform that runs SSG, using a local profile with more service networks ("R" entries) and with incorrect address mask.
The more "R" attributes with wrong netmasks are configured, the sooner SSG reloads when users log on and log off from the same profile.
This behavior is observed on a Cisco 7206VXR with an NPE-G1 that runs the g4js-mz image of Cisco IOS Release 12.3(3)T, 12.3(4)T, or 12.3(7)T but may also occur in Release 12.3.
Workaround: Ensure that all address/mask pairs are valid.
•
Symptoms: A Cisco 7200 series may crash because of a bus error and the following error message and tracebacks are generated:
Unexpected exception, CPU signal 10, PC = 0x607D3144
-Traceback= 607D3144 607D52D0 60213420 60219874 61320D74 6131F01C 613220B0
613229A8 61322A6C
$0 : 00000000, AT : 63010000, v0 : 00000000, v1 : 00000000
a0 : 62170000, a1 : 00000000, a2 : 64641C04, a3 : 00000000
t0 : 00000001, t1 : 3400FF01, t2 : 3400E100, t3 : FFFF00FF
t4 : 607F6DB8, t5 : 64685888, t6 : 64685884, t7 : 64685880
s0 : 00000000, s1 : FFFFFFD7, s2 : 00000002, s3 : FFFFFFFF
s4 : FFFFFFFF, s5 : 6467D540, s6 : 61EB84F4, s7 : 63420000
t8 : 64641C04, t9 : 00000000, k0 : 3040D001, k1 : 00000000
gp : 6301CDC8, sp : 64641AA8, s8 : 6467D540, ra : 607D3120
EPC : 607D3144, ErrorEPC : 8FD20651, SREG : 3400FF03
MDLO : 00000011, MDHI : 08CB1EE0, BadVaddr : FFFFFFFD
Cause 00000010 (Code 0x4): Address Error (load or instruction fetch) exceptionConditions: This symptom is observed on a Cisco 7200 series running the c7200-ik9s-m image of Cisco IOS Release 12.3(6) that has an ATM interface with MPoA configured when the ATM interface comes up.
Workaround: Remove MPoA.
•
Symptoms: Malicious Call Identification (MCID) does not work because the digits are not being collected, causing the script to time out.
Conditions: This symptom is observed on a Cisco router that is configured for MCID with SIP as the VoIP protocol.
Workaround: There is no workaround.
•
Symptoms: Inbound ISDN B-channels through a Cisco IOS VoIP gateway may get hung in an S_WAIT_STATS state.
Conditions: This symptom is observed when the calling party hangs up the call prior to the called H.323 call leg being answered and when the called H.323 device not send back an H.225 Release_Complete message. This occurs when placing calls from a Cisco IOS gateway to a Cisco CallManager.
Workaround: There is no workaround.
•
Symptoms: A file type sometimes becomes ASCII text when you enter the write memory command on an NRP2-SV. You can see the file type when you enter the show file info disk0:slotX/nrp2-startup-config command on the NSP, as in the following example:
NSP# shos file info disk0:slot5/nrp2-startup-config
disk0:slot5/nrp2-startup-config:
type is ascii text <<<<<Conditions: This symptom is observed on an NRP2-SV that is installed in a Cisco 6400 series that runs Cisco IOS Release 12.2(15)T9 or 12.3(6).
Workaround: There is no workaround.
•
Symptoms: A Cisco AS5400 crashes.
Conditions: This symptom is observed when an NP60 DFC is hot-swapped (OIR'ed) with an NP108 DFC.
Workaround: There is no workaround.
•
Symptoms: A Cisco platform using MGCP with a third-party call agent experiences a problem with signaling outgoing calls from a PBX if an incoming call is first handled after a bootup or after you have entered the no mgcp command followed by the mgcp command.
If the incoming call is handled first, a subsequent outgoing call attempt will fail to provide a 519 response to the RQNT requesting digit collection. This results in the call agent not providing the digit map to the gateway.
If an outgoing call is handled first following a bootup or an MGCP initialization, the RQNT is responded to by the gateway with a 519 (unable to process event request). The call agent then sends another RQNT with the digit map. Digit collection proceeds and the call completes as normal.
Conditions: This symptom is observed on a Cisco MC3810 running Cisco IOS Release 12.3(6) and on a Cisco IAD2420 running Release 12.3(5), Release 12.3(5a), and later releases.
Workaround: Have the call agent include the digit map in RQNT's requesting digit detection request
•
Symptoms: When you enter the format flash: command on a Cisco 2691, Cisco 3725, or Cisco 3745 to format a LEFS flash card, the router fails to give the DOS format and displays this error:
%Error formatting flash (Invalid DOS media or no media in slot)The flash card is no longer accessible until the router is reloaded.
Conditions: This symptom is observed on a Cisco 2691, Cisco 3725, or Cisco 3745 that run Cisco IOS Release 12.3(6) or a later release.
Workaround: There is no workaround.
•
Symptoms: A Cisco AS5850 does not fragment data packets.
Conditions: This symptom is observed when data packets enter the Cisco AS5850 through async (modem) interfaces and when the MTU on the egress Gigabit Ethernet interface is smaller than the ingress MTU or when L2F encapsulation overhead requires fragmentation. Async PPP sessions forwarded via L2TP are not affected by this problem.
Workaround: Increase the Gigabit Ethernet MTU to avoid fragmentation.
•
Symptoms: A format of the compact flash card after a previous erase displays CPUHOG messages.
Conditions: This symptom is observed on a Cisco 3725 and a Cisco 3745.
Workaround: Reformat the compact flash card and the CPUHOG messages will disappear.
•
Symptoms: Spurious memory accesses may occur on a Cisco media gateway, and MGCP request messages that have the Q: parameter (quarantine) may be handled improperly.
Conditions: This symptom is observed on Cisco media gateway that is configured for MGCP call control.
Workaround: There is no workaround.
•
Symptoms: When a call from the PSTN is received on a Cisco 2600 MGCP gateway, the calling party receives a fast busy tone and the call fails if it comes in on timeslot 2. However, this has also been observed on random timeslots. (The first call on timeslot 1 works fine.)
In the Cisco CallManager trace you see the following error:
400 12813 Voice call setup failed.Conditions: This symptom is observed on timeslot 2 of a Cisco 2600 gateway that runs Cisco IOS Release 12.3(5b) and that is configured for MGCP protocol.
Workaround: Busy out the B channel from the Cisco CallManager service parameters. You can do this is in the "Advanced settings" of the Cisco CallManager service parameters (ChangeBChannelMaintenanceStatus1).
Alternate Workaround: Remove the ccm-manager config command from the configuration.
•
Symptoms: A child policy bandwidth calculation is wrongly mixed with the specified rate of an old parent policy.
Conditions: This symptom is observed after you have changed the configuration of a policy map in a hierarchical policy.
Workaround: Detach and reattach the policy map.
•
Symptoms: A router crashes during NBAR initialization.
Conditions: This symptom is observed on a Cisco router that runs a Cisco IOS software release that is included in the list at http://www.cisco.com/pcgi-bin/Support/Bugtool/onebug.pl?bugid=CSCdz04423. Cisco IOS software releases not listed in the "First Fixed-in Version" field at this location are not affected.
Workaround: Only initialize NBAR when the router CPU utilization is low.
•
Symptoms: A Cisco VG200 displays the following error message during the boot process and fails to boot:
Unexpected exception to CPUvector 1100, PC=0Conditions: This symptom is observed on a Cisco VG200 that runs the vg200-i6s-mz image of Cisco IOS interim Release 12.3(8.3) or interim Release 12.3(8.4), both of which are interim releases for Release 12.3(9).
Workaround: There is no workaround. Note that the symptom does not occur in interim Release 12.3(7.10) or earlier releases.
•
Symptoms: A router that functions as a VRF On Demand Address Pool (ODAP) manager may reload.
Conditions: This symptom is observed when the router that functions as a VRF ODAP manager attempts to renew a subnet lease that was removed from the ODAP pool via the clear ip dhcp subnet * command or the no origin dhcp command. The symptom occurs only when the subnets in the ODAP pool are cleared.
Workaround: Do not clear the ODAP pool subnets.
First Alternate Workaround: Configure the VPNID in the global VRF configuration.
Second Alternate Workaround: Do not use a VRF in the ODAP configuration.
•
Reception of certain IPv6 fragments with carefully crafted illegal contents may cause a router running Cisco IOS to reload if it has IPv6 configured. This applies to all versions of Cisco IOS that include support for IPv6.
The system may be protected by installing appropriate access lists to filter all IPv6 fragments destined for the system. For example:
interface Ethernet0/0
ipv6 traffic-filter nofragments in
!
ipv6 access-list nofragments
deny ipv6 any <my address1> undetermined-transport
deny ipv6 any <my address2> fragments
permit ipv6 any any
This must be applied across all interfaces, and must be applied to all IPv6 addresses which the system recognizes as its own.
This will effectively disable reassembly of all IPv6 fragments. Some networks may rely on IPv6 fragmentation, so careful consideration should be given before applying this workaround.
We would recommend for customers to upgrade to the fixed IOS release. All IOS releases listed in IPv6 Routing Header Vulnerability Advisory at /en/US/products/products_security_advisory09186a00807cb0fd.shtml contain fixes for this issue.
•
Symptoms: Object identifiers (OIDs) for the CISCO-ATM-PVCTRAP-EXTN-MIB MIB cannot be accessed.
Conditions: This symptom is observed with the CISCO-ATM-PVCTRAP-EXTN-MIB MIB. The MIB number of the CISCO-ATM-PVCTRAP-EXTN-MIB MIB has to be updated with the MIB number of the approved MIB.
Workaround: There is no workaround.
•
Symptom: A Cisco 7xxx series may crash.
Conditions: This symptom is observed when the traffic rate via a PA-A3-8T1IMA or PA-A3-8E1IMA port adapter is very high (at about or higher than the line rate).
Workaround: There is no workaround.
•
Symptoms: A controller of an 8-port multichannel T1/E1 PRI port adapter (PA-MC-8TE1+) may fail to come up after the router has booted up.
Conditions: This symptom is observed on a Cisco router that is configured with a PA-MC-8TE1+. The symptom is platform independent and port adapter dependent.
Workaround: Enter the shutdown controller configuration command followed the no shutdown controller configuration command on the affected controller.
Alternate Workaround: Enter the clear counters user EXEC or privileged EXEC command on the affected interface of the PA-MC-8TE1+.
•
Symptoms: An MFT WIC performs V.54 and BERT operations in 56k DS0 mode, even if the channel group speed is 64k.
Conditions: This symptom is observed on a Cisco 3700 series but may also occur on other platforms.
Workaround: Run the channel group in 56k mode if V.54 and BERT operations are required.
•
Symptoms: When you enter the channel-group command, a router may crash.
Conditions: This symptom is observed when you enter the channel-group command on native FE interfaces on a Cisco 3660 router or on NM-xFE interfaces on a Cisco 3600 series or Cisco 3700 series.
The channel-group command should not be used on native FE ports or on NM-FE ports because it is not supported on these ports. The channel-group command is meant only for NM-1GE GE ports and switching FE ports.
Workaround: There is no workaround. The fix for this DDTS ensure that the router does not crash. However, the EtherChannel is not supported on native FE ports and NM-xFE ports on a Cisco 3600 series and Cisco 3700 series.
•
Symptoms: TCCS clear-channel codec calls may not go through. The trunks may be up but the signaling information may not be communicated.
Conditions: This symptom is observed only when a medium complex codec is configured.
Workaround: Use a high complex codec, or use stun encapsulation for the D-channel.
•
Symptoms: A T.37 on-ramp fax transmission may fail because the call is disconnected.
Conditions: This symptom is observed during digit collection for E1 R2 signaling.
Workaround: There is no workaround.
•
Symptoms: A router may reload when you enter the show queue atm command.
Conditions: This symptom is observed on a Cisco 7200 series with an NSE-1 processor board and a Cisco 7401 when PXF is enabled. The symptom occurs when the show queue atm command is entered while traffic is flowing through an ATM PVC.
Workaround: Disable PXF globally by entering the no ip pxf command.
•
Symptoms: A Cisco 7500 series with a multilink DLFI configuration may crash.
Conditions: This symptom is observed when an Ethernet packet is received on the RSP and is switched by the RSP to a DLFI multilink interface.
Workaround: There is no workaround.
•
Symptoms: A router may reload when a Tcl IVR verb test script runs.
Conditions: This symptom is observed when a Telnet connection is made through the Ethernet port instead of through the console port and when simultaneous calls are made using all the 23 channels. The symptom occurs only with an automated test script.
Workaround: There is no workaround.
•
Symptoms: A Cisco Home Agent (HA) may reload unexpectedly.
Conditions: This symptom is observed on a Cisco router that functions as an HA under the following circumstances:
–
–
Workaround: Ensure that no FHAE is added when the "D" bit is set in an RRQ.
•
Symptoms: SSG may not send a calling station ID in connection accounting records to a local and a remote AAA server.
Conditions: This symptom is observed when a client log on by using a proxy service with MSISDN.
Workaround: There is no workaround.
•
Symptoms: A FlexWAN, enhanced FlexWAN, or Versatile Interface Processor that has a PA-MC-E3 or PA-MC-T3 installed may crash.
Conditions: This symptom is observed under rare conditions in a stress situation with dFLI and dCRTP configured.
Workaround: There is no workaround.
•
Symptom: PPPoE sessions cannot be established on VCs that have received non-PPPoE SNAP encapsulated frames (like RBE).
Conditions: This symptom is observed on a Cisco platform that functions as a LAC, that runs Cisco IOS Release 12.3(4)T1, Release 12.3(7)T, or a later release, and that is configured with RBE and autoPPP encapsulation. The symptom may also occur in Release 12.3.
Workaround: There is no workaround.
•
Symptoms: A session between a trip-lite gateway and a location server may not be established and may become stuck in OPENSENT.
Conditions: This symptom is observed on a Cisco 3600 series router.
Workaround: There is no workaround.
•
Symptoms: A PPPoE connection may not be established.
Conditions: This symptom is observed when an encapsulation configuration change occurs dynamically.
Workaround: Reboot the router on the LAC side or avoid an autoconfiguration from PPPoA to PPPoE.
•
Symptoms: A Cisco router may reload unexpectedly.
Conditions: This symptom occurs when the router is running under TTS stress.
Workaround: There is no workaround.
•
Symptoms: A VC that is configured on an IMA interface may remain in the inactive state.
Conditions: This symptom is observed when the VC is in the inactive state while the links come up. In this situation, the VC should enter the "up" state, but does not do so.
Workaround: Remove and reconfigure the VC.
Further Problem Description: If there is more then one member in a group, the problem does occur. Also, the problem occurs only on a Cisco 7500 series and not on a 7200 series.
•
Symptoms: A PPPoEoA session may fail to come up on a router on a user side. PPPoE profiles are used for establishing the PPPoE session. When the router receives a "CONFREQ" message from the LNS, the session goes down and cannot be reestablished.
Conditions: This symptom is observed on any Cisco platform that runs Cisco IOS Release 12.3 or Release 12.3(4)T2. The symptom does not occur in Release 12.3(4)T1.
Workaround: Although the following is not a good workaround, it can be used. Use VPDN groups instead of BBA profiles. Normal PPPoEoA sessions using VPDN group can be established, but with some overhead. When a PPPoE session is initiated, it does not come up at the first attempt, but the PPPoE client somehow reinitiates the session.
Alternate Workaround: Remove the "lcp renegotiation always" configuration from the LNS and use BBA groups.
•
Symptoms: A Cisco 7500 series or MSFC2 with a FlexWAN module may spontaneously reload.
Conditions: This problem mainly occurs when there are multiple FR DLCIs or ATM PVCs attached to the same virtual-template interface or the same multilink virtual-access interface and when one of the following conditions occurs:
–
–
Workaround: There is no workaround.
•
Symptoms: Voice calls may not go through on a High Density Voice network module (NM-HDV).
Conditions: This symptom is observed on a Cisco 2691 and Cisco 3700 series that run Cisco IOS Release 12.3 and that are configured with an NM-HDV.
Workaround: There is no workaround.
•
Symptoms: You can configure a router only once with the mgcp auto config command. After the first configuration, the command may no longer function and the router may not be configured.
Conditions: This symptom is observed on a Cisco VG200 and a Cisco IAD2420 series that run Cisco IOS Release 12.3(6).
Workaround: There is no workaround.
•
Symptoms: The line protocol on a T1 of a T3 controller in a PA-MC-2T3+ port adapter may stay in the down state even when looped.
Conditions: This symptom is observed on a Cisco 7200 series and Cisco 7500 series.
Workaround: There is no workaround.
•
Symptoms: Intercepted packets may not be switched to a mediation device (MD), and a traceback may be generated.
Conditions: This symptom is observed on a Cisco router when the Lawful Intercept feature is enabled to intercept packets.
Workaround: There is no workaround.
•
Symptoms: A router may reload while making OSP calls.
Conditions: This symptom is observed on a Cisco 3660 that runs the c3660-ik9s-mz image of Cisco IOS Release 12.3(6). However, the symptom may not be platform-specific or release-specific.
Workaround: There is no workaround.
•
Symptoms: IPCP may not come up when per-user virtual profile attributes are cloned from a remote AAA server.
Conditions: This symptom is observed after a number of sessions are brought up and torn down and when a cloning failure is observed on one or more sessions.
Workaround: There is no workaround.
•
Symptom: The CNG tone from a fax device may be ignored.
Condition: This symptom is observed only on Cisco AS5350 and Cisco AS5400 universal gateways. The symptom occurs when the universal gateway receives a CNG tone from a fax device while the universal gateway call has been connected to a Voice over IP (VoIP) call leg, that is there is end-to-end call connectivity for the VoIP call.
Workaround: There is no workaround.
•
Symptoms: %PXF-2-EXCEPTION messages are observed on the console when L2TP downstream traffic is passing through.
Conditions: This symptom is observed on a Cisco 7200 with a NSE-1 processor board or Cisco 7401 platform (when these platforms functions as LNS) and when PXF is enabled. Rate-limit is configured on L2TP tunnel egress physical interface.
Workaround: Disable PXF by entering the no ip pxf command.
•
Symptoms: A Cisco Catalyst 4224 Access Gateway Switch may crash when you enter the show running-config command while a configuration is being downloaded from a Cisco CallManager.
Conditions: This symptom is observed on a Catalyst C4224 that runs the c4224-io3sx3-mz image of Cisco IOS Release 12.3(6).
Workaround: There is no workaround.
•
Symptoms: You may not be able to add an ATM interface that is configured on an AIM module to an existing IMA group that consists of ATM interfaces that are configured on the same AIM module.
Conditions: This symptom is observed on a Cisco 2600 series (including the Cisco 2691), Cisco 3660, Cisco 3631, Cisco 3725, and Cisco 3745 that run Cisco IOS Release 12.3(6).
Workaround: First, create the IMA links. Then, create the IMA group.
•
Symptoms: A router crashes when you enter the tgrep local-itad command.
Conditions: This symptom is observed on a Cisco 3660. The symptom does not happen when you enter the tgrep local-itad command after the router is reloaded.
Workaround: There is no workaround.
•
Symptoms: A Cisco 3600 series may take an abnormally long time to register to a backup CCM.
Conditions: This symptom is observed on a Cisco 3600 series that runs Cisco IOS Release 12.3(9) after MGCP restarts. The symptom may also occur in Release 12.3 T.
Workaround: There is no workaround.
•
Symptoms: A software-forced crash occurs on a Cisco 828 when you enter the shutdown command followed by the no shutdown command on the ATM interface.
Conditions: This symptom is observed when both AAL5MUX encapsulation and PPP are configured on the ATM interface of Cisco 828.
Workaround: There is no workaround.
•
Symptoms: The ISAKMP profile on a crypto map head may not take effect.
Conditions: This symptom is observed when the crypto map is not configured on any of the interfaces and you configure the ISAKMP profile on the crypto map head. This symptom occurs in Cisco IOS Release 12.3(5), Release 12.3(7)T, and later releases.
Workaround: Apply the crypto map on the interface and then configure the ISAKMP profile on the head.
•
Symptom: A router may not be able to record RTSP.
Condition: This symptom is observed on a router that is configured with a VXML application.
Workaround: There is no workaround.
•
Symptoms: ATM-related MIBS cannot be used to monitor ATM subinterfaces.
Conditions: This symptom is observed on a Cisco 2600 series and Cisco 3700 series when ATM subinterfaces are not added to the "ifTable" in ipbase-mz, ipvoice-mz, entbase-mz, and advsecurityk9-mz images of Cisco IOS software.
Workaround: There is no workaround. Note that the symptom does not occur in entservicesk9-mz images of Cisco IOS software.
•
Symptoms: A PPP session may stay down after a long series of link flaps.
Conditions: This symptom is observed when MLP/LFI is enabled on an ATM PVC.
Workaround: There is no workaround.
•
Symptoms: Attribute 45 is not sent in accounting records.
Conditions: This symptom is observed on a Service Selection Gateway (SSG).
Workaround: There is no workaround.
•
Symptoms: OAMs cells may be dropped from a Cisco 7500 series router, and the interface output errors counter may increase. Errors will be seen when the debug atm error command is enabled.
Conditions: This symptom is observed when either one of the following two conditions occurs:
–
–
Workaround: There is no workaround.
•
Symptoms: Tracebacks are seen on a NAS when a voice call is disconnected.
Conditions: This symptom is observed on a Cisco AS5350 and Cisco AS5400 that function as a NAS.
Workaround: There is no workaround.
•
Symptoms: A cable modem may reload when the domain name ISAKMP group configuration command is entered.
Conditions: This symptom is observed on a Cisco uBR9x5 router and a Cisco CVA120 series that run Cisco IOS Release 12.3(9) when the domain name ISAKMP group configuration command is entered more than once. The symptom does not occur in Cisco IOS Release 12.3(6a) or earlier releases.
Workaround: Configure the command properly during the first attempt.
•
Symptoms: Modem passthrough calls fail with a "Playout Dejitter Mode value" error message and traceback, and a NAK message is generated.
Conditions: This symptom is observed on a Cisco AS5400 access server for every MPT call.
Workaround: There is no workaround.
•
Symptoms: When you perform a physical online insertion and removal (OIR) of a Route Switch Processor (RSP), the router may reload unexpectedly.
Conditions: This symptom is observed on a Cisco 7500 series when Routing Information Protocol next generation (RIPng) for IPv6 is configured.
Workaround: There is no workaround.
•
Symptoms: An MQC policy map with a "compress header" action inside the class can cause a crash.
Conditions: This symptom is observed when the policy map is applied to a virtual-template interface.
Workaround: There is no workaround.
•
Symptom: A Cisco 7500 series router that is running 12.0S may drop traffic to a static route after a microcode reload. The symptom may also occur in other releases.
Conditions: Traffic loss will occur for static routes to /32 prefixes that are attached to an interface, that is, the ip route prefix mask interface-type interface-number command is enabled.
Workaround: Disable Cisco Express Forwarding (CEF) by entering the no ip cef command. Then, reenable CEF by entering the ip cef distributed command.
Novell IPX, XNS, and Apollo Domain
•
Symptoms: IPX network numbers cannot be configured.
Conditions: This symptom is observed on certain subinterfaces, for example, fractional T1 subinterfaces. The IP address and AppleTalk cable range can be configured normally.
Workaround: There is no workaround.
TCP/IP Host-Mode Services
•
Symptoms: A Data-link switching plus (DLSw+) circuit may not function when a TCP connection gets stuck. After about 90 seconds, the TCP connection is closed by DLSw+, and a new TCP connection is built for DLSw+. Once the new TCP connection is up, the DLSw+ circuit starts functioning again.
Conditions: This symptom is observed on a Cisco router that is configured with both a DLSw+ interface and an ATM interface.
Possible Workaround: I this is an option, remove the ATM interface from the router. When you configure the DLSw+ interface and the ATM interface on different routers, the symptom does not occur.
•
Symptoms: A leak may occur in the big buffers of a Cisco platform even when the platform receives a relatively low number of calls.
Conditions: This symptom is observed on a Cisco AS5300 that runs the c5300-js-mz image of Cisco IOS Release 12.1(21) or Release 12.3. The symptom may be platform independent.
Workaround: There is no workaround.
•
Symptoms: Bringing up a BGP session with BGP MD5 authentication may be delayed considerably on a router.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.2(15)BZ2, 12.3, or 12.3 T when MD5 authentication is enabled and when a BGP session is initiated from a peer router that sends a SYNC ACK message that has a wrong total IP length field.
The problem goes unnoticed without MD5 authentication. The problems occurs because of a mishandling on TCP options such as MD5, WND-SCL, TS, and Selective-ACK.
Workaround: There is no workaround.
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messages
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at: http://www.cpni.gov.uk/docs/re-20050412-00303.pdf
Wide-Area Networking
•
Symptoms: A network side router may disconnect a call and display the following cause code:
Cause i = 0x8286 - Channel unacceptableConditions: This symptom is observed on a Cisco 3640 router that has a high density voice network module (NM-HDV) and a BRI voice interface card (VIC) and that is running Cisco IOS Release 12.2. The symptom is not platform-specific and may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may display the following symptoms:
–
–
–
Conditions: These symptoms are observed on a Cisco 7500 series, but the symptoms may be platform independent.
Workaround: Reenter the ip route-cache distributed interface configuration command on the FR interface.
Alternate Workaround: Flap the interface a few times by entering the shutdown interface configuration command followed by the no shutdown interface configuration command.
•
Symptoms: An X.25 over TCP (XOT) connection may not be established even though the "use/match" counter in the output of the show x25 route EXEC command increments by one for each attempt to establish an XOT connection.
Conditions: This symptom is observed when an XOT route is configured to be the secondary route for a serial XOT route by entering the following global configuration commands in succession:
x25 route destination-pattern interface interface number
x25 route destination-pattern xot ip-address
For the interface number argument in the primary route, you enter the serial interface.
Workaround: Remove the primary XOT route.
•
Symptoms: A Cisco 7200 series may reload unexpectedly because of a bus error and generate an "Unexpected exception, CPU signal 10" error message.
Conditions: This symptom is observed on a Cisco 7200 series that runs Cisco IOS Release 12.2(15)T2 or Release 12.3 and that has an ATM interface and a serial interface that have the same backup dialer interface when you remove this dialer interface and save the configuration.
Workaround: Remove the backup interface from the ATM and serial interfaces before you remove the dialer interface.
•
Symptoms: Calls may not be forwarded from an L2TP access concentrator (LAC) to an authentication, authorization, and accounting (AAA) server for dialed number identification service (DNIS).
Conditions: This symptom is observed on a Cisco platform that functions as a LAC when DNIS preauthentication for the V.120 call type and Challenge Handshake Authentication Protocol (CHAP) are configured.
Workaround: There is no workaround.
•
Symptoms: There may be a mismatch between the number of open PPP PDP and the number of DHCP IP addresses leased after all PDPs are deleted.
Conditions: This symptom is observed when a high rate PPP PDP are activated/deactivated on a GGSN and when a local DHCP server is configured on the GGSN to assign IP addresses.
Workaround: Use an external DHCP server or use a local pool on the GGSN.
•
Symptoms: The dialer aaa interface configuration command may not function properly.
Conditions: This symptom is observed when the dialer redial interface configuration command is enabled.
Workaround: In addition to the dialer redial interface configuration command, enter the dialer-map or dialer string interface configuration command.
•
Symptoms: A second callback may not be initiated for an ISDN call.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.2(15)T5 or Release 12.3 when more than one dialer map is configured to the same remote name. The symptom is platform-independent.
Workaround: There is no workaround.
•
Symptoms: Packets may not be resequenced within a Multilink Frame Relay (MFR) bundle. This situation may have a negative impact on some protocols and applications such as VoIP.
Conditions: This symptom is observed on nondistributed Cisco platforms such as the Cisco 2600 series. The symptom does not affect distributed Cisco platforms such as the Cisco 7500 series and the Cisco 12000 series.
Workaround: There is no workaround.
•
Symptoms: A traceback may be generated when a Frame Relay PVC bundle is configured.
Conditions: This symptom is observed on all platforms that support Frame Relay PVC bundles.
Workaround: There is no workaround.
•
Symptoms: Dialer ping packets that are transferred via an asynchronous line may be dropped at the receiving end.
Conditions: This symptom is observed on a Cisco platform when the interface at the receiving end has the dialer map interface configuration command enabled.
Workaround: Do not enter the dialer map interface configuration command. Rather, enter the dialer string interface configuration command.
•
Symptoms: A router may reload unexpectedly because of a bus error after the following error message is displayed:
%ATMPA-3-BADVCD:ATM[int] bad vcd [number] packet -Conditions: This symptom is observed on a Cisco router that is configured with an ATM interface.
Conditions: This symptom is observed on a Cisco router that is configured with an ATM interface when a packet that contains a virtual circuit descriptor (VCD) that is out range is passed on to the ATM driver of the interface in order to be transmitted.
Workaround: There is no workaround.
•
Symptoms: Some ISDN channels on a Cisco AS5850 may remain in the out-of-service state.
Conditions: This symptom is observed on a Cisco AS5850 that has the Redundant Link Manager (RLM) enabled when you reload the Route Switch Controller (RSC) that functions in classic-split mode and that is installed in slot 7.
Workaround: In the RLM configuration, configure the "force-down" timeout to be 60 seconds by entering the rlm group group-number global configuration command followed by the timer force-down 60 RLM configuration command.
•
Symptoms: A switch is learning MAC addresses from the wrong port.
Conditions: This symptom occurs on a dot1q trunk that is connected to that switch port with one of the subinterfaces configured for bridging.
Workaround: There is no workaround.
•
Symptoms: Software interface description blocks (IDBs) may become exhausted after an interface flaps repeatedly.
Conditions: This symptom is observed under the following conditions:
–
–
–
Workaround: There is no workaround.
•
Symptoms: A Cisco 7204VXR in which an enhanced 1-port ATM OC-3c/STM-1 port adapter (PA-A3-OC3) is installed may reload unexpectedly because of a bus error. However, the cause of the symptom may be a segmentation and reassembly (SAR) chip failure that occurs because of an "Address Error (store) exception".
Conditions: This symptom is observed on a Cisco 7204VXR that is configured for Dynamic Bandwidth Selection (DBS) support when you attempt to modify the VC QoS parameters under high traffic conditions.
Workaround: Shut down the ATM interface before attempting to modify the VC QoS parameters.
•
Symptoms: A specified IP address of an interface may not be used to open a XOT session. Instead, the IP address of the egress interface may be used.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3(1a) or Release 12.3(5) when you configure X.25 XOT DNS by entering the x25 route selection-options [modification-options] xot dns pattern xot-source interface global configuration command.
Workaround: There is no workaround. Note that the symptom does not occur in Release 12.2.
•
Symptoms: A Cisco router that functions as a PPPoX aggregator may crash because of a bus error.
Conditions: This symptom is observed in a highly scaled environment when many sessions are simultaneously established and torn down.
Workaround: There is no workaround.
•
Conditions: When the Cisco CallManager Express feature is enabled on a voice gateway and a user sets up a Call Forward All diversion from his internal CME extension number 101 to his mobile phone, an incoming call may fail when it is redirected back to the BRI port of the voice gateway.
Conditions: This symptom is observed on a Cisco router that functions as a voice gateway and occurs in the following topology:
An ISDN device that functions in NT mode connects to the voice gateway that functions in TE mode and that connects to an IP phone. The BRI ports of the voice gateway are configured in the default TE mode of operation.
The call flow is as follows:
1. A user on the PSTN side calls a number for the CME router.
2. The call comes in on a BRI B channel and is sent to the IP phone.
3. The IP phone forwards the call to an external PSTN number (a mobile phone number) so a new call is sent on a second B channel of the BRI.
4. The mobile phone user answers, and a connect message is sent on the second call leg. The connect message contains a Date/Time field.
5. This connect message, including the Date/Time field, is returned to the original call leg.
6. The PSTN side sends a status message.
7. The voice gateway disconnects the call.
The failure appears to be caused by the fact that the Date/Time field is returned to the ISDN device by the voice gateway, which contravenes the ISDN Q931 specification that states that the Date/Time field should be send from the network to the user only.
Workaround: There is no workaround.
•
Symptoms: When a call is not answered, no release cause value may be sent to the public switched telephone network (PSTN) leg and an incorrect release cause value of 102 may be sent to the voice over IP (VoIP) leg.
Conditions: This symptom is observed on a Cisco router that is configured for ISDN when a T301 timer expires. When a call is not answered, a release cause value of 19 ("No answer from user [user alerted]") should be sent to both legs.
Workaround: There is no workaround.
•
Symptoms: A Cisco router running a Cisco IOS image may crash because of a bus error when it accesses an invalid address (0x0B0D0B0D).
Conditions: This symptom is occasionally observed when an MLP bundle containing virtual-access PPP links goes down.
Workaround: There is no workaround.
•
Symptom: A router with a PPPoE configuration may crash because of a bus error at an illegal address.
Condition: This symptom is observed when a PPP session is being established.
Workaround: There is no workaround.
•
Symptoms: After running stress scripts and dropping all calls, there are still active vaccess interfaces shown in the output of the show vtemplate command. If the debug ppp negotiation command is enabled, the debugs for the vaccess interfaces continue to repeat themselves.
Conditions: This symptom is observed on a Cisco AS5300 and Cisco AS5400 that run Cisco IOS Release 12.3(6) when the stress scripts automatically enter the shutdown command followed by the no shutdown command on the E1 controllers.
Workaround: There is no workaround.
•
Symptoms: An LNS bringing up a maximum number of PPoEoA calls at the maximum rate may crash.
Conditions: This symptom is observed in Cisco IOS Release 12.3 T but may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: A Cisco AS5x00 may ignore a service-login attribute and start a PPP session. The Cisco AS5x00 may also start a PPP session when the RADIUS Access-Accept reply contains unknown (that is, unsupported) Framed-Protocol attributes.
Conditions: This symptom is observed when a client uses PAP for authentication.
Workaround: There is no workaround.
•
Symptoms: A Cisco universal access server or universal gateway may be unable to terminate virtual-profile PPP calls on a virtual-access interfaces when virtual-template pre-cloning is enabled. PPP authentication may succeed and PPP may change the state to "FORWARDED," but LCP/NCP may never start on the virtual-access interface, causing a PPP timeout to occur on the client (usually after 30 seconds).
Conditions: This symptom is observed intermittently on a Cisco universal access server or universal gateway that run Cisco IOS Release 12.3(5) when SGBP/VPDN and virtual-profile calls share the same pre-cloned virtual-access interfaces.
Workaround: If this is an option from the point of view of performance, disable virtual-template pre-cloning.
Alternative Workaround: Use a different virtual-template interface for virtual-profile PPP calls.
•
Symptoms: An incoming POTS dial peer may ignored.
Condition: This symptom is observed when ISDN isdn overlap-receiving is enabled and when the port is not configured for the incoming POTS dial peer.
Workaround: Either configure the port for the incoming POTS dial peer or disable ISDN overlap-receiving.
•
Symptoms: A memory leak may occur for templates when the Per-VRF AAA feature is configured.
Conditions: This symptom is observed when a PPP session is cleared from the client side and occurs only on Cisco IOS software images in which the fix for caveat CSCin66024 is integrated.
Workaround: There is no workaround.
•
Symptoms: A RADIUS response may ignore the framed-protocol attribute when it is an unsupported protocol. A Cisco AS5x00 may create an attribute list from this RADIUS response without the framed-protocol attribute. In this situation, PPP may not find the framed-protocol attribute and may continue the session.
Conditions: This symptom is observed when a client uses PAP for authentication.
Workaround: There is no workaround.
•
Symptoms: A dialer watch stops dialing, except for one destination.
Conditions: This occurs when multiple dialer watch-groups are configured and watched routes go down. All the watch-groups begin to dial, and if the remote is busy, only 1 watch-group dial would continue.
Workaround: There is no workaround.
•
Symptoms: Every 128th call on a BRI/PRI interface may have the wrong CallRef.
Conditions: This symptom is observed when you make ISDN calls on a Cisco platform that has a BRI/PRI interface. The CallRef increases from 0x01 to 0x7F for BRI/PRI calls. After 0x7F, if the 128th call is on a BRI and the switch type to which the platform is connected only supports a 1-byte CallRef, the call fails.
Workaround: There is no workaround. However, only every 128th call fails. Calls after the 128th call work fine.
•
Symptoms: An ATM ABR SVC setup could fail while an UBR SVC can succeed.
Conditions: This symptom is observed when an illegal ICR value occurs.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may forward packets that come in on a subinterface that is in an administratively shut down state.
Conditions: This symptom is observed on a Cisco router that is configured with Frame Relay encapsulation.
Workaround: There is no workaround.
•
Symptoms: When you attempt a telephone call by pressing the "redial" button, the call may fail. The situation occurs when the application cannot detect that the T302 timer has expired.
Conditions: This symptom is observed when the call is routed via a Cisco router that runs Cisco IOS Release 12.3(6) and when BRI basic-net3 overlap signaling and the default application is used for the call. Note that the symptom does not occur in Release 12.2(11)T7.
Workaround: Explicitly configure "application default" on the inbound dial peer.
•
Symptoms: When an E1 line is shut down by entering the shutdown command and a switchover from the active RP to the standby RP occurs, the E1 line that is shut down is still reported as being in service on the standby RP.
Conditions: This symptom is observed when SS7 is configured with RLM between a media gateway controller and a Cisco AS5850 universal gateway in RPR+ mode.
Workaround: Instead of the shutdown command, enter the service command to place the E1 line out of service.
•
Symptoms: An L2TP LNS that is configured to perform Multichassis Multilink PPP (MMP) by using SGBP may not be able to bundle Multilink PPP (MLP) connections. The output of the debug sgbp queries command shows no SGBP queries after the connections have been authenticated.
Conditions: This symptom is observed when the MLP connections arrive on different LNS within the same stack group.
Workaround: Enter the sgbp ppp-forward command to enable forwarding of all PPP calls, not only of MLP calls. This workaround may cause some overhead as SGBP queries will also be sent for non-multilink connections.
Alternate Workaround: Enter the lcp renegotiate always command. This workaround may cause compatibility problems with older PPP clients.
•
Symptoms: A software-forced crash occurs on a Cisco AS5400 after a memory corruption is detected in the processor pool.
Conditions: This symptom is observed on a Cisco AS5400 running Cisco IOS Release 12.2(2)XB11 when X.25 (X.28) is configured. The symptom may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: When the l2tp hidden command is configured on a Cisco 10000 series and when the call rate is above 40 calls/second, the Cisco 10000 series uses a wrong tunnel ID in communication with the LNS, which causes the L2TP tunnel to go down.
Conditions: This symptom is observed when there are about 1000 sessions and more than one outgoing L2TP tunnel on the Cisco 10000 series that functions as a LAC and that runs Cisco IOS Release 12.2(16)BX2. The symptom may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may reload unexpectedly with a bus error when you enter the show caller command.
Conditions: This symptom is observed when PPP is configured on a router that runs Cisco IOS Release 12.3, 12.3(3)B1, or 12.3 T.
The problem is more likely to occur when the show caller output is lengthy, and particularly so if the output causes a ---More--- prompt.
The problem is also more likely to occur when there is a high rate of connection and disconnection of PPP sessions, for example, when an interface flaps.
Workaround: There is no workaround.
•
Symptoms: No busy tone may be heard on an IP phone.
Conditions: This symptom is observed when an IP phone calls a busy number on the PSTN and when the gateway receives a DISCONNECT message with a "Network Specific Facilities" IE from the PSTN but send a "Mandatory IE missing" message to the Cisco CallManager.
Workaround: There is no workaround.
•
Symptoms: A router may unexpectedly reload with a bus error with the same address:
System was restarted by bus error at PC 0x606B2BE4, address 0xB0D0C11Decodes indicate that a PPP problem may be the cause of the symptom.
Conditions: This problem is not platform dependent and may occur with any type of IP PPP connection. This problem is also most likely occur when there is a high volume of call connections and disconnections, for example, when an interface carrying multiple calls flaps.
Workaround: There is no workaround.
•
Symptoms: An ISDN layer 2 does not come up.
Conditions: This symptom is observed after changing the switch type on the network side.
Workaround: Enter the isdn protocol-emulate network command after changing the switch type.
•
Symptoms: A router is not able to place a call to an ISDN BRI.
Conditions: This symptom is observed for every outgoing call when the router is configured as a network side ISDN BRI and the user side sends a SETUP ACK message without a Channel ID IE.
Workaround: Add the isdn sending-complete command to the configuration.
•
Symptoms: Removing a multilink interface by using the no interface global configuration command may cause tracebacks and/or the router to reload.
Conditions: This symptom is observed when the shutdown command is used to shut the multilink interface down and is immediately followed by the no interface global configuration command.
Workaround: After shutting down the multilink interface, allow a few seconds to elapse before removing the interface.
•
Symptoms: A Microsoft Point to Point Tunneling Protocol (PPTP) client with Microsoft Point-to-Point Encryption (MPPE) is not able to successfully connect to a router. The client receives the following error:
Error 619: The specified port is not connected.Conditions: This symptom is observed when the router runs Cisco IOS Release 12.3(6).
Workaround: There is no workaround.
•
Symptom: A Cisco router may reload unexpectedly with a bus error.
Condition: This symptom is observed on a Cisco router that has PPP configured.
Workaround: There is no workaround.
•
Symptoms: An AAA unique ID may not be freed when a PPP session goes down.
Conditions: This symptom is observed for a legacy PPP session (serial interfaces) but not for a VPDN/PPPoX session.
Workaround: There is no workaround.
•
Symptoms: An "ALIGN-3-SPURIOUS" spurious memory access and traceback may occur on a Cisco 7500 series.
Conditions: This symptom is observed in one of the following conditions:
–
–
Workaround: There is no workaround.
•
Symptoms: When the Per-VRF AAA feature is enabled, a memory leak may occur for templates.
Conditions: This symptom is observed when a PPP session is cleared from a client side.
Workaround: There is no workaround.
•
Symptoms: A PPP user can get access to a network by using the VPDN profile name and default password that is used for downloading the VPDN profiles.
Conditions: This symptom is observed for any dialin user.
Workaround: For Unix-based servers, configure the service type as one of the check items, coupled with the radius-server attribute 6 on-for-login-auth command on the NAS.
•
Symptoms: Templates remain bound to virtual-access interfaces even when all the PPP sessions are cleared. For example, when you enter the show template command after clearing all sessions, you see templates bound to non-existent virtual-access interfaces. This situation is associated with a memory leak.
Conditions: This happens when a large number of PPP sessions are brought up and torn down.
Workaround: There is no workaround.
•
Symptoms: When you enter the show template command, a router may crash.
Conditions: This symptom is observed during a stress test in which PPPoE sessions are flapped.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.3(6f)
Cisco IOS Release 12.3(6f) is a rebuild release for Cisco IOS Release 12.3(6). The caveats in this section are resolved in Cisco IOS Release 12.3(6f) but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•
•
•
Basic System Services
•
Cisco IOS may permit arbitrary code execution after exploitation of a heap-based buffer overflow vulnerability. Cisco has included additional integrity checks in its software, as further described below, that are intended to reduce the likelihood of arbitrary code execution.
Cisco has made free software available that includes the additional integrity checks for affected customers.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20051102-timers.shtml.
Miscellaneous
•
Through normal software maintenance processes, Cisco is removing deprecated functionality. These changes have no impact on system operation or feature availability.
Resolved Caveats—Cisco IOS Release 12.3(6e)
Cisco IOS Release 12.3(6e) is a rebuild release for Cisco IOS Release 12.3(6). The caveats in this section are resolved in Cisco IOS Release 12.3(6e) but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•
•
•
Basic System Services
•
Symptoms: The console of a router may stop responding and the router may stop forwarding traffic.
Conditions: This symptom is observed on a Cisco 7206VXR that runs Cisco IOS Release 12.3(6b) and that is configured with an NPE-G1 when the native Gigabit Ethernet interfaces of the NPE-G1 are used.
Workaround: There is no workaround.
IP Routing Protocols
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messages
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at: http://www.cpni.gov.uk/docs/re-20050412-00303.pdf
•
Symptoms: A router that is configured with the OSPF routing protocol may reload.
Conditions: This symptom is observed when the OSPF process is simultaneously deconfigured via one session and configured via another session.
Workaround: There is no workaround. Cisco strongly discourages you to configure a router via two different but simultaneous sessions.
•
Symptoms: A Cisco 3600 series may crash while unconfiguring NFAS.
Conditions: This symptom is observed on a Cisco 3600 series that runs Cisco IOS Release 12.3(6).
Workaround: There is no workaround.
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messages
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at: http://www.cpni.gov.uk/docs/re-20050412-00303.pdf
Miscellaneous
•
Symptoms: A Cisco router may reload when you enter the show standby or show standby brief command.
Conditions: This symptom is observed on a Cisco Multiprocessor WAN Application Module MWAM) when multiple HSRP groups are configured and unconfigured in a loop while traffic for the HSRP groups is being processed. The symptom may be platform-independent.
However, a stress scenario in which many HSRP groups are configured and unconfigured while the show standby or show standby brief command is executed may be a rather uncommon scenario.
Workaround: Do not to enter the show standby or show standby brief command while configuration changes are being made.
•
Symptoms: A Cisco router may crash if a PA driver attempts to convert an uncached iomem address to a cached iomem address.
Conditions: This symptom is observed on a Cisco 7200 series that is configured with an NPE-G1.
Workaround: There is no workaround.
•
Symptoms: On a Cisco 7500 series, all PVCs may suddenly enter the down state and remain in this state for about two minutes before they come back up. During the DLCI down state, the subinterface does not go down and no notifications are observed in the message log.
Conditions: This symptom is observed on a Cisco 7500 series that is configured with an RPS4+ or an RSP8 and that runs the rsp-jsv-mz image of Cisco IOS Release 12.2(12i). In addition, the router is configured with an 8-port serial port adapter and an HSSI port adapter, is configured for Frame Relay, and has more than 450 PVCs/DLCIs. Note that the symptom may be platform-independent and may also occur on other Cisco platforms in a similar configuration.
Note. This is a timing issue and is not dependant on the number of VC's.
Workaround: There is no workaround.
•
Symptoms: A Cisco 7200 series or another mid-range router may crash or may stop responding.
Conditions: This symptom is observed on a Cisco 7200 series or other mid-range router that runs Cisco IOS Release 12.3(6a). The crash occurs when an interface that is configured with a rate-limit command is deleted by entering the no interface command and then reenabled by entering the interface command.
Workaround: Remove the rate-limit configuration from the interface before deleting the interface.
•
Symptoms: A router may fail to advertise a prefix for which the network portion matches the major net. For example, when 10.0.0.0/8 is the major net, 10.0.0.0/16 is not advertised.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3(4) or a later release when the subnet between the two routers is in the same classful range as the advertised prefix of the advertising router.
Workaround: On the advertising router, enter the shutdown command followed by the no shutdown command on the interface that is connected to the receiving RIP peer.
•
Symptoms: A router may fail to advertise a major net route such as 10.0.0.0/8 to a RIP peer.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS interim Release 12.3(3.3) or a later release when the route is redistributed from MP-IBGP into RIP and when the subnet connecting the RIP peer is in the classful range of the advertised major net. The symptom may also occur in other releases.
Workaround: On the advertising router, enter the shutdown command followed by the no shutdown command on the interface that is connected to the receiving RIP peer.
For non-MPLS, see non-MPLS-recreated-12-3-6d enclosure, this workaround does not work. A static route is recommended.
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messages
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at: http://www.cpni.gov.uk/docs/re-20050412-00303.pdf.
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messages
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at: http://www.cpni.gov.uk/docs/re-20050412-00303.pdf.
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messages
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at: http://www.cpni.gov.uk/docs/re-20050412-00303.pdf.
•
Reception of certain IPv6 fragments with carefully crafted illegal contents may cause a router running Cisco IOS to reload if it has IPv6 configured. This applies to all versions of Cisco IOS that include support for IPv6.
The system may be protected by installing appropriate access lists to filter all IPv6 fragments destined for the system. For example:
interface Ethernet0/0
ipv6 traffic-filter nofragments in
!
ipv6 access-list nofragments
deny ipv6 any <my address1> undetermined-transport
deny ipv6 any <my address2> fragments
permit ipv6 any any
This must be applied across all interfaces, and must be applied to all IPv6 addresses which the system recognizes as its own.
This will effectively disable reassembly of all IPv6 fragments. Some networks may rely on IPv6 fragmentation, so careful consideration should be given before applying this workaround.
We would recommend for customers to upgrade to the fixed IOS release. All IOS releases listed in IPv6 Routing Header Vulnerability Advisory at /en/US/products/products_security_advisory09186a00807cb0fd.shtml contain fixes for this issue.
•
Cisco Internetwork Operating System (IOS) software is vulnerable to a Denial of Service (DoS) and potentially an arbitrary code execution attack from a specifically crafted IPv6 packet. The packet must be sent from a local network segment. Only devices that have been explicitly configured to process IPv6 traffic are affected. Upon successful exploitation, the device may reload or be open to further exploitation.
Cisco has made free software available to address this vulnerability for all affected customers.
More details can be found in the security advisory that is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml.
•
Symptoms: A PCMCIA flash card that is installed in either slot 0 or slot 1 of a Cisco 3620 may become read-only.
Conditions: This symptom is observed occasionally on a Cisco 3620 that runs Cisco IOS Release 12.3(6b).
Workaround: There is no workaround.
•
Symptoms: A Cisco 1760 that runs Cisco IOS Release 12.3(6c) may crash because of a SegV exception.
Conditions: This symptom is observed when the following conditions are present:
- A policy map is applied to a VLAN interface.
- The policy map includes the set cos command.
Workaround: Disable Layer 2 class of service (CoS) packet marking by entering the no set cos command.
•
Symptoms: A gateway that has a higher IP address in comparison with its peer may fail to open a TCP connection for a logical channel.
Conditions: This symptom is observed during fast start when a glare condition occurs while both gateways indicate to each other (in facility or other H.225 messages) that the H.245 control channel should be opened.
Workaround: There is no workaround.
•
Symptoms: A Cisco 7200 VXR router crashes after running out of I/O memory because of a buffer leak in a public particle pool.
Conditions: This symptom is observed on a 7200 VXR router that runs Cisco IOS Release 12.3(9c) or Release 12.3(12) and that is configured with an NPE-G1. The symptom does not occur in Release 12.3(9).
Workaround: There is no workaround.
•
Symptoms: A Cisco voice gateway may drop a voice or fax relay call during CNG tone detection.
Conditions: This symptom is observed on a Cisco voice gateway that is configured with an VXML application script on the incoming POTS dial peer and that receives a fax CNG tone.
Workaround: There is no workaround. However, this is the limitation on voice gateways that use VXML applications: such platforms only support T.37.
Further Problem Description: The fix for this caveat includes support for T.38 on voice gateways that use VXML applications.
•
Cisco Internetwork Operating System (IOS) Software release trains 12.2T, 12.3 and 12.3T may contain vulnerabilities in processing certain Internet Key Exchange (IKE) Xauth messages when configured to be an Easy VPN Server.
Successful exploitation of these vulnerabilities may permit an unauthorized user to complete authentication and potentially access network resources.
This advisory will be posted to http://www.cisco.com/warp/public/707/cisco-sa-20050406-xauth.shtml
•
Symptoms: Backup calls are not initiated after you reload the router.
Conditions: This symptom is observed on a Cisco 2800 series that is configured for QoS. When the dialer interface is a designated backup interface and you reload the router, the dialer interface does enter the backup mode even though the primary interface is down.
Workaround: After you have reloaded the router, enter the shutdown command followed by the no shutdown command on the dialer interface.
•
Symptoms: A Cisco 3660 gateway may crash when a voice call is made.
Conditions: This symptom is observed on a Cisco 3660 that runs Cisco IOS Release 12.3 or interim Release 12.3(12.4)T1 when accounting is enabled.
Workaround: There is no workaround.
•
The Cisco IOS Firewall Authentication Proxy for FTP and/or Telnet Sessions feature in specific versions of Cisco IOS software is vulnerable to a remotely-exploitable buffer overflow condition.
Devices that do not support, or are not configured for Firewall Authentication Proxy for FTP and/or Telnet Services are not affected.
Devices configured with only Authentication Proxy for HTTP and/or HTTPS are not affected.
Only devices running certain versions of Cisco IOS are affected.
Cisco has made free software available to address this vulnerability. There are workarounds available to mitigate the effects of the vulnerability.
This advisory will be posted at http://www.cisco.com/warp/public/707/cisco-sa-20050907-auth_proxy.shtml.
Wide-Area Networking
•
Symptoms: A call may cause the following error messages, after which calls may pause indefinitely:
%DIAL0-3-MSG:
%DS_TDM-3-NO_RECOMB_BUS_DS0: Slot 0: no free Recombination bus DS0s left; connection not madeConditions: This symptom is observed on a Cisco platform that functions in a stress environment.
Workaround: There is no workaround. To recover from the symptom, reload the platform.
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messages
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at: http://www.cpni.gov.uk/docs/re-20050412-00303.pdf.
Resolved Caveats—Cisco IOS Release 12.3(6c)
Cisco IOS Release 12.3(6c) is a rebuild release for Cisco IOS Release 12.3(6). The caveats in this section are resolved in Cisco IOS Release 12.3(6c) but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•
•
•
Basic System Services
•
Symptoms: Information about a port adapter (PA) may be missing from the output of a show diag command.
Conditions: The show diag command for the affected controller will display similar information:
PA Bay 0 Information:
Fast-Ethernet PA, 1 ports, 100BaseTX-ISL
EEPROM format version 0
HW rev 0.00, Board revision UNKNOWN
Serial number: 00000000 Part number: 00-0000-00The problem is related to a timing issue and is not always reproducible.
Workaround: There is no workaround. On the other hand it does not impact the functionality of the router.
•
Symptoms: A serial interface on a Cisco 7500 series may stop transmitting traffic and may report the following VIP crashes:
%MDS-2-LC_FAILED_IPC_ACK: RP failed in getting Ack for IPC message of size 84
to LC in slot 2 with sequence 1007, error = timeout
%RSP-3-RESTART: interface Serial3/0/0:0, not transmitting
%VIP2-3-MSG: slotX VIP-3-SVIP_CYBUSERROR_INTERRUPT: A Cybus Error occurred.
%VIP2-1-MSG: slotX CYASIC Error Interrupt register 0x4000000
%VIP2-1-MSG: slotX DMA Transmit Error
%VIP2-1-MSG: slotX CYASIC Other Interrupt register 0x100
%VIP2-1-MSG: slotX QE HIGH Priority Interrupt
%VIP2-1-MSG: slotX QE RX HIGH Priority Interrupt
%VIP2-1-MSG: slotX CYBUS Error Cmd/Addr 0xD00FF3AConditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.3(5a) but may also occur in other releases. This symptom is not observed in Release 12.1(8c).
Workaround: There is no workaround.
•
Symptoms: Attributes 42 and 43 may be of value "zero" in Connection STOP records.
Conditions: This symptom is observed on a Cisco AS5400 and Cisco AS5850 that run Cisco IOS Release 12.3 or Release 12.3(4)T4 when a TCP-clear call is disconnected by the caller. For call disconnects by the NAS, the values are proper.
Workaround: There is no workaround.
•
Symptoms: After a VIP crashes, a FIB-3-FIBDISABLE error message due to an IPC timeout may occur for all the slots of the VIP.
Conditions: This symptom is observed on a Cisco 7500 series after the VIP crashes and before the VIP recovers. The FIB-3-FIBDISABLE error message is generated for all the slots of the VIP, causing dCEF switching to become disabled.
Workaround: There is no workaround. You can reenable dCEF by entering the clear cef linecard command.
Interfaces and Bridging
•
Symptoms: A Cisco 7500 series router may show a %SYS-3-CPUHOG error message when an ATM link on the router is flapped.
Conditions: This symptom is observed only when there are a lot of VCs on the ATM interface and when the VIP is oversubscribed.
Workaround: There is no workaround.
•
Symptoms: A Cisco 7500 series may leave ATM PVCs up when the ATM interface is shut down.
Conditions: This symptom is observed on a Cisco 7500 series that has a PA-A3 when the CPU utilization of the VIPs is high.
Workaround: There is no workaround.
•
Symptoms: Channelized interfaces on a channelized T3 line card or port adapter that is configured for Frame Relay encapsulation may be in the up/down state, and DLCIs are inactive.
Conditions: This symptom is observed when you reload a Cisco platform and when the interfaces were in the up/up state before you reloaded the platform.
Workaround: Enter the shutdown command followed by the no shutdown command on the controller of either the T3 line card or port adapter on the Cisco platform or on the T3 line card or port adapter on the platform at the remote end.
Alternate Workaround: Enter the shutdown command followed by the no shutdown command on the main interface on the Cisco platform.
IP Routing Protocols
•
Symptoms: When using Cisco CallManager and PAT on the CE router, no voice is observed if a call is made across CCM clusters and is transferred back to another phone on the same CCM, between the IP phones behind PAT.
Conditions: This symptom occurs when Cisco CallManager is configured for Static NAT. The IP phones registered to the CCM in the location are configured to use PAT. A call is made across the CCM cluster and transferred back to the cluster.
Workaround: There is no workaround.
Miscellaneous
•
Symptoms: On an ASBR-PE, the TFIB may be missing a forwarding entry for a prefix that is learned from a PE.
Conditions: This symptom is observed on an "ABSR-co-located PE" (that is, an ASBR that also functions as a PE router) when the PE functionality is removed by deconfiguring VRF, for example, by entering the no ip vrf vrf-name command.
Since this is a timing issue, it may occur in Cisco IOS Release 12.0 S, 12.2 S, 12.2 T, and 12.3.
Workaround: There is no workaround.
•
Symptoms: A 1-port E3 serial port adapter (PA-E3) may fail to recover to the "up/up" state even when the original cause of the failure is corrected.
Conditions: This symptom is observed on a Cisco 7500 series.
Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the interface of the PA-E3.
•
Symptoms: When configuring QoS on a Cisco 7200 series, the router may reload with a bus error. Specifically, the bus error occurs after having entered the no class name command on subinterfaces.
Conditions: This symptom is observed on a Cisco 7200 series that runs the c7200-jk9s-mz image of Cisco IOS Release 12.2(17a). The symptom may also occur in other releases. This behavior is associated to the use of "payload-compression" and Weighted Random Early Detection (WRED) configurations.
Workaround: There is no workaround.
•
Symptoms: An H.323 proxy may fail when a conference call between a PSTN user and IP phones users is initiated by an IP phone in a Cisco CallManager environment.
Conditions: This symptom is observed on a Cisco router that functions as a gatekeeper, that has the H.323 proxy enabled, and that runs Cisco IOS Release 12.3(5) in the following topology:
An IP phone connects to a Cisco CallManager that connects to the Cisco gatekeeper that has the H.323 proxy enabled. The Cisco gatekeeper connects to yet another gatekeeper that connects to a gateway that, in turn, connects to the PSTN.
All calls to and from the Cisco CallManager IP phone via the Cisco gatekeeper are proxied. The Cisco CallManager runs software version 3.3(3)SR3. The display IE delivery option is disabled in the H.225 trunk configuration in the Cisco CallManager administration web page. The H.225 trunk is controlled by one of the gatekeepers.
The symptom occurs in the following sequence of events:
1.
2.
3.
4.
5.
6.
7.
Workaround: Enable the "Display IE delivery" option in the H.225 trunk configuration Cisco CallManager administration web page.
Alternate Workaround: Disable the H.323 proxy on the Cisco gatekeeper.
•
Symptoms: A Versatile Interface Processor (VIP) with an ATM port adaptor may reload unexpectedly.
Conditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.3(5) when the ATM interface is configured for Multilink PPP, Link Fragmentation and Interleave (LFI), and distributed Cisco Express Forwarding (dCEF).
Workaround: Disable LFI by entering the no ppp interleave command.
•
Symptoms: A Cisco router that functions as a PE router may crash.
Conditions: This symptom is observed when traffic is switched through a multilink interface on which a QoS service policy is configured that includes a set command and when the multilink interface flaps (goes down and comes back up). The symptom occurs at random and depends on the traffic pattern. This applies only to non-distributed CEF platforms.
Workaround: There is no workaround.
•
Symptoms: Channels may occasionally hang on an MRP.
Conditions: This symptom is observed on an MRP that runs Cisco IOS Release 12.3(2)XA and that uses the R2 protocol. The symptom may also occur in Release 12.3.
Workaround: Enter the shutdown command followed by the no shutdown command on the affected voice ports.
•
Symptoms: A router may log a CPUHOG message that is caused by the CEF reloader process.
Conditions: This symptom is observed on a Cisco router when a VRF with more than 9000 routes is added to the configuration.
Workaround: There is no workaround.
•
Symptoms: A Versatile Interface Processor (VIP) on a Cisco 7500 series that runs Cisco IOS Release 12.3(5) and that is configured for distributed Link Fragmentation and Interleaving over ATM (dLFIoATM) may reload.
Conditions: This crash occurs when all of the conditions below are present:
- distributed CEF is enabled.
- dLFIoATM is enabled.
- The ATM permanent virtual circuits (PVCs) flap.
- There are other port adapters in the same Versatile Interface Processor (VIP) that switches traffic to the ATM PVC.
Workaround: Avoid local VIP switching to the dLFIoATM PVC.
•
Symptoms: DTS may not work properly on dot1q Fast Ethernet subinterfaces. Traffic is not shaped at the expected rate
Conditions: This problem is observed on a Cisco 7500 series that is configured as a PE router and that runs Cisco IOS Release 12.2(12i). The symptom may also occur in other releases.
Workaround: If this is an option, use ISL subinterfaces.
•
Cisco Internetwork Operating System (IOS) Software release trains 12.1YD, 12.2T, 12.3 and 12.3T, when configured for Cisco's IOS Telephony Service (ITS), Cisco CallManager Express (CME) or Survivable Remote Site Telephony (SRST) may contain a vulnerability in processing certain malformed control protocol messages.
A successful exploitation of this vulnerability may cause a reload of the device and could be exploited repeatedly to produce a Denial of Service (DoS). This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20050119-itscme.shtml
Cisco has made free software upgrades available to address this vulnerability for all affected customers.
This vulnerability is documented by Cisco bug ID CSCee08584.
•
Symptoms: All VIPs in a Cisco 7500 series restart as a consequence of a Cbus complex that is triggered by a stuck output. Just before the output becomes stuck, IPC timeout errors occur.
Conditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.3(5) in a dLFIoATM environment.
Workaround: There is no workaround.
•
Symptoms: A file type sometimes becomes ASCII text when you enter the write memory command on an NRP2-SV. You can see the file type when you enter the show file info disk0:slotX/nrp2-startup-config command on the NSP, as in the following example:
NSP# shos file info disk0:slot5/nrp2-startup-config
disk0:slot5/nrp2-startup-config:
type is ascii text <<<<<Conditions: This symptom is observed on an NRP2-SV that is installed in a Cisco 6400 series that runs Cisco IOS Release 12.2(15)T9 or 12.3(6).
Workaround: There is no workaround.
•
Symptoms: IMA link status sticks in NE usable/usable while showing FE active/active.
Conditions: This happens when connecting an IMA module in a Cisco 3640 to a third party vendor switch.
Workaround: Administratively shut down the link and then bring it back.
•
Symptoms: A Cisco AS5850 does not fragment data packets.
Conditions: This symptom is observed when data packets enter the Cisco AS5850 through async (modem) interfaces and when the MTU on the egress Gigabit Ethernet interface is smaller than the ingress MTU or when L2F encapsulation overhead requires fragmentation. Async PPP sessions forwarded via L2TP are not affected by this problem.
Workaround: Increase the Gigabit Ethernet MTU to avoid fragmentation.
•
Symptoms: A router may experience a memory leak when the LSR MIB is queried.
Conditions: This symptom is observed on a Cisco router running Cisco IOS Release 12.2(15)T10 but is software independent.
Workaround: Disable the LSR MIB queries and reboot the device to reclaim the leaked memory.
•
Symptoms: A Cisco AS5300 may leak memory in the ISDN process.
Conditions: This symptom is observed on a Cisco AS5300 that runs Cisco IOS Release 12.3(6).
Workaround: There is no workaround.
•
Symptoms: A URM that is configured as an LSC does not pass traffic. Xtags come up but traffic does not pass.
Conditions: This symptom is observed on a URM that runs Cisco IOS Release 12.3(6). The symptom does not occur on other software trains.
Workaround: There is no workaround.
•
Symptoms: When a crypto map is applied to certain subinterface configurations, the IPSec SA path MTU is not always calculated correctly. This does not happen to every subinterface configuration and does not happen all the time. The root cause is related to the event handling when subinterface IP MTU is changed during the router initialization.
Conditions: This symptom occurs when a crypto map is applied to certain subinterface configurations.
Workaround: There is no workaround.
•
Symptoms: A Cisco AS5300 that is running Cisco IOS Release 12.3(6) may encounter a bus error.
Conditions: This symptom is observed when a Cisco AS5300 is running voice traffic under a heavy load.
Workaround: There is no workaround.
•
Symptoms: When you change the Cisco IOS release from Release 12.2 to Release 12.3(6a), a router may reload because of a bus error.
Conditions: This symptom is observed when a MQC-based policy and legacy fair queueing are configured on different Frame Relay subinterfaces of the same physical interface.
Workaround: There is no workaround.
•
Symptoms: A Cisco 7500 series or MSFC2 with a FlexWAN module may spontaneously reload.
Conditions: This problem mainly occurs when there are multiple FR DLCIs or ATM PVCs attached to the same virtual-template interface or the same multilink virtual-access interface and when one of the following conditions occurs:
–
–
Workaround: There is no workaround.
•
Symptoms: A PPP session may stay down after a long series of link flaps.
Conditions: This symptom is observed when MLP/LFI is enabled on an ATM PVC.
Workaround: There is no workaround.
Wide-Area Networking
•
Symptoms: A parity error on a Versatile Interface Processor (VIP) card may cause other VIPs to go to a wedged state.
Conditions: This symptom is observed on a Cisco 7500 series router.
Workaround: There is no workaround.
•
Symptoms: A Cisco 7500 series Route Switch Processor (RSP) may crash while Multilink PPP (MLP) is running.
Conditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.3(5), that is equipped with a VIP4-80 and PA-A3 ATM port adapters, and that is configured for distributed Link Fragmentation and Interleaving over ATM (dLFIoATM).
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.3(6b)
Cisco IOS Release 12.3(6b) is a rebuild release for Cisco IOS Release 12.3(6). The caveats in this section are resolved in Cisco IOS Release 12.3(6b) but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•
•
•
Basic System Services
•
Symptoms: When you configure the Per VRF AAA feature by using a remotely defined customer template, a Virtual Home Gateway (VHG) may fail to parse authentication, authorization, and accounting (AAA) attributes that it receives in an Access-Accept response from a RADIUS server.
Conditions: This symptom is observed when the virtual-template interface is configured to support virtual-access subinterfaces and when the VHG functions under a heavy traffic load.
Workaround: Disable the virtual-access subinterfaces by entering the no virtual-template subinterface global configuration command.
Alternate workaround: Enter the ntp disable interface configuration command on the virtual-template interface.
•
Symptoms: A "%SYS-2-LINKED: Bad enqueue ....." error message may be seen in the syslog of an LNS right after traffic is sent through a PPP multilink bundle that is establish via an L2TP session on the LNS. This message is also seen when multilink PPP fragments are switched or when multicast packets are replicated.
Certain packet buffers (particle clones) are eventually depleted, and multilink fragmentation stops working when all particle clones are exhausted. You can monitor the availability of particle clones by entering the show buffers | begin Particle Clones: EXEC command; the command does not produce any output if no more particle clones are available.
Conditions: This symptom is observed when multilink is configured on a virtual template that is handling the VPDN sessions or when multicast packets are switched.
Workaround: When L2TP multilink calls are terminated, disable multilink fragmentation by entering the ppp multilink fragment disable interface configuration command on the virtual template.
IP Routing Protocols
•
Symptoms: During BGP scalability testing, error messages and tracebacks similar to the following ones may be logged, indicating a difficulty with TCP and buffer usage:
%SYS-2-MALLOCFAIL: Memory allocation of 4692 bytes failed from 0x6076F714, align
Pool: I/O Free: 11143248 Cause: Memory fragmentation
Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "Pool Manager", ipl= 0, pid= 6
-Traceback= 607FE10C 607FF1EC 6076F71C 6080C1D0 6080C400
%TCP-6-NOBUFF: TTY0, no buffer available
-Process= "BGP I/O", ipl= 0, pid= 139
-Traceback= 6098B4EC 609938C8 60993C1C 60D55CE4 60D0BEB0
%TCP-6-NOBUFF: TTY0, no buffer available
-Process= "BGP Router", ipl= 0, pid= 138
-Traceback= 6098B4EC 609938C8 60993C1C 60D55CE4 60D29858 60D2AF88 60D1B4BCConditions: This symptom is observed on a Cisco router that is in the processing of building BGP sessions for about 80,000 prefixes and about 1200 BGP peers.
Workaround: There is no workaround.
•
Symptoms: A Cisco router that is configured for SIP NAT may not be able to process authentication messages from a third-party SIP gateway that performs SIP proxy authentication.
Conditions: This symptom is observed in a Call Hold/Resume procedure.
Workaround: There is no workaround.
•
Symptoms: Routes may not be deleted from the routing table correctly.
Conditions: This symptom is observed when variance is configured on a Cisco platform that runs EIGRP.
Workaround: Remove the erroneous routes by entering the clear ip route * command.
•
Symptoms: T.38 fax calls between a Cisco router and a third-party gateway may fail.
Conditions: This symptom is observed when two third-party gateways are connected via a Cisco router that runs SIP NAT. The T.38 fax calls fail from one of the third-party gateways to the Cisco router and vice versa.
Workaround: There is no workaround.
•
Symptoms: EIGRP may incorrectly remove a connected route from a topology.
Conditions: This symptom is observed when you change the router network commands and there are overlapping networks. For example, if the following is configured:
int loopback1
ip addr 10.1.2.2 255.255.255.0
router eigrp 1
net 10.0.0.0 0.3.255.255and you change the network command to:
router(config)# net 10.0.0.0
router(config)# no net 10.0.0.0 0.3.255.255the connected route will be removed when it should be retained.
Workaround: Remove the old network command first before adding the new one, for example:
router(config)# no net 10.0.0.0 0.3.255.255
router(config)# net 10.0.0.0•
Symptoms: When the debug ip pim auto-rp command is enabled on a Cisco 7500 series, the router crashes when it receives an AutoRP message.
Conditions: This symptom is observed on a Cisco 7500 series that runs the rsp-isv-mz image of Cisco IOS Release 12.2(15)T7 or 12.2(15)T9. The symptom may also occur in Release 12.3 or 12.3 T.
Workaround: There is no workaround.
Miscellaneous
•
Symptoms: A Cisco 7206 VXR that is running Cisco IOS Release 12.2(12b) doing OSPF to RIP redistribution may be sending wrong metric in RIP domain. In this case, a route-map used for the OSPF to RIP redistribution sets the metric value to 5, but the RIP updates for some routes are sent with a wrong metric of 1.
Conditions: This symptom is observed on a Cisco 7206 VXR that is running Cisco IOS Release 12.2(12b).
Workaround: There is no workaround.
•
Symptoms: Analog recEive and transMit (E&M) ports may become stuck intermittently. When the symptom occurs, the following error message is displayed:
%C542-1-NO_RING_DESCRIPTORS: No more ring descriptors on recEive And transMit 3/0/1. Msg id=48, Len=38In addition, the output of the show voice call summary EXEC command indicates that the voice-port state is "EM_PARK_IDLE."
Conditions: This symptom is observed on a Cisco gateway that runs Cisco IOS Release 12.2(15)T5 and that has an analog E&M port to connect to a PBX. Note that the symptom does not occur in Release 12.2(15)T1. The symptom may occur in Release 12.3.
Workaround: Reload the Cisco gateway.
•
Symptoms: A FlexWAN or VIP in which a channelized port adaptor such as a PA-STM1 or PA-MC-8TE1+ is installed may reload continuously.
Conditions: This issue is seen when distributed LFI is configured on channelized serial interfaces and heavy traffic (close to line rate) occurs on these interfaces.
Workaround: There is no workaround.
•
Symptoms: FXO ports on a Cisco IAD2420 may cease to process inbound and outbound calls because a voice port is stuck in the "FXOGS_PARK" state.
Conditions: This symptom is observed on a Cisco IAD2420 voice gateway with FXO ports that runs Cisco IOS Release 12.2(15)T8, 12.3, or 12.3 T. The FXO ports are connected to the PSTN.
Workaround: Enter the shutdown command followed by the no shutdown command on the affected voice port.
•
Symptoms: A router may reload with a bus error.
Conditions: This symptom is observed on a Cisco router that is configured for time-division multiplexing (TDM) hairpinning.
Workaround: There is no workaround.
•
Symptoms: An alignment error may cause a Cisco router to reload unexpectedly.
Conditions: This symptom is observed under rare conditions (an "extreme corner case") on a MIPS-based Cisco platform or on a Versatile Interface Processor (VIP), port adapter, or line card that contains a MIPS processor. The symptom is not release-dependent and may occur in all Cisco IOS releases.
Workaround: There is no workaround.
Further Problem Description: All Cisco 7500 VIPs and Cisco 7200 NPEs use MIPS- based processors. The following are additional platforms that use MIPS processors:
Cisco 2691, 3620, 3631, 3640, 3660, 3725, 3745, 4500, 4500-M, 4700, 4700-M, AS5300, AS5400, AS5450, AS5800 router shelf, AS5800 system controller (3640 based), 7120, 7140, UBR7100, UBR7200 - all NPEs, 7301, 7304, 7400, 6500 MSFC, 6500 MSFC2, 7600 MSFC, 7600 MSFC2, 10000, UBR10012, 12000 GRP, and most (if not all) 12000 line cards.
•
Symptoms: During an initial boot of a Cisco 7301 that has a PA-MC-8TE1+ or PA-MCX-8TE1-M in bay 0, an unexpected reload may occur.
Conditions: The symptom may occur irrespective of whether a regular Cisco IOS software image or a boot software image is present in the bootflash filesystem.
Workaround: Powercycle the Cisco 7301 and reboot platform. The problem only surfaces during the initial boot of the platform.
•
Symptoms: On a Cisco IOS VoIP gateway, a memory leak may occur in the context of the H.323 process.
Conditions: This symptom is observed when there are low memory conditions and when translation rules are configured.
Workaround: Reload the gateway.
•
Symptoms: An MFR interface does not forward traffic.
Conditions: This symptom is observed on a Cisco platform when traffic is forwarded outbound on the MFR interface.
Workaround: Flap the MFR interface.
•
Symptoms: A router may reload due to a bus error when processing VTSP.
Conditions: This symptom is when the router is configured for voice.
Workaround: There is no workaround.
•
Symptoms: A router with VOIP configured may experience a memory leak in VTSP.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.2(15)T10. The symptom may also occur in Release 12.3 and 12.3 T.
Workaround: There is no workaround.
•
Symptoms: An H.323 call across a Cisco IP-to-IP H.323 gateway (GW) may not work correctly.
Conditions: This problem is observed in the following topology:
A third party H.323 GW connects to a Cisco IP-to-IP H.323 GW (a Cisco 3660) that connects to a Cisco GW (a Cisco 2600 series) that, in turn, connects to an FXS phone.
Calls from the FXS phone to the third party GW do not work intermittently. The Cisco IP-to-IP H.323 GW runs Cisco IOS Release 12.3(5). This problem happens only when the Alerting and Connect messages are received by the IP-to-IP H.323 GW very quickly in succession and when the Connect message has a Facility element.
Workaround: There is no workaround.
•
Symptoms: A child policy bandwidth calculation is wrongly mixed with the specified rate of an old parent policy.
Conditions: This symptom is observed after you have changed the configuration of a policy map in a hierarchical policy.
Workaround: Detach and reattach the policy map.
•
Symptoms: A Cisco AS5400 may crash with a bus error at address 0xFFFFFFFF.
Conditions: This symptom is observed on a Cisco AS5400 that runs Cisco IOS Release 12.3(6) only when facility messages are generated. The symptom may also occur on a Cisco 1700 series and Cisco 2600 series.
Workaround: There is no workaround.
•
Symptoms: A Cisco 7500 series with a multilink DLFI configuration may crash.
Conditions: This symptom is observed when an Ethernet packet is received on the RSP and is switched by the RSP to a DLFI multilink interface.
Workaround: There is no workaround.
•
Symptoms: The following tracebacks can occur on a Route Processor (RP) console:
%ALIGN-3-SPURIOUS: Spurious memory access made at 0x619B6AD8 reading 0x10
%ALIGN-3-TRACE:
-Traceback= 619B6AD8 60EC5764 60EC58D0 60EDAC74 6037C6A8 6037C694 00000000 00000000Conditions: This problem is seen when a dLFIoATM interface flaps on a Cisco 7500 platform.
Workaround: There is no workaround.
•
Symptoms: On an LFI over ATM interface, ping does not work.
Conditions: This occurs only when distributed LFI over ATM is configured on a Cisco 7500 platform.
Workaround: There is no workaround.
TCP/IP Host-Mode Services
•
Symptoms: A leak may occur in the big buffers of a Cisco platform even when the platform receives a relatively low number of calls.
Conditions: This symptom is observed on a Cisco AS5300 that runs the c5300-js-mz image of Cisco IOS Release 12.1(21) or Release 12.3. The symptom may be platform independent.
Workaround: There is no workaround.
•
Symptoms: Bringing up a BGP session with BGP MD5 authentication may be delayed considerably on a router.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.2(15)BZ2, 12.3, or 12.3 T when MD5 authentication is enabled. The symptom occurs when the router sends a SYNC ACK message that has a wrong total IP length field after a BGP session is initiated from a peer router.
The problem goes unnoticed without MD5 authentication. The problems occurs because of a mishandling on TCP options such as MD5, WND-SCL, TS, and Selective-ACK.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.3(6a)
Cisco IOS Release 12.3(6a) is a rebuild release for Cisco IOS Release 12.3(6). The caveats in this section are resolved in Cisco IOS Release 12.3(6a) but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•
•
•
Basic System Services
•
Symptoms: When command accounting is enabled, Cisco IOS routers will send the full text of each command to the ACS server. Though this information is sent to the server encrypted, the server will decrypt the packet and log these commands to the logfile in plain text. Thus sensitive information like passwords will be visible in the server's log files.
Conditions: This problem happens only with command accounting enabled.
Workaround: Disable command accounting.
•
Symptoms: The individual AAA periodic accounting update messages (Radius accounting messages with Acct-Status-Type=Watchdog) generated by an IOS gateway for each call leg (TDM and IP) of the same voice call may be sent to the Radius server more than 5 minutes apart due to the randomized timer algorithm used by the AAA message transmit function.
Conditions: The command aaa accounting update newinfo periodic is configured.
Workaround: There is no workaround.
•
Symptoms: An SNMP trap configuration may be erased when you enter the snmp-server enable traps snmp global configuration command with any trap type followed by the snmp-server enable traps [syslog | entity] global configuration command.
Conditions: This symptom is observed on multiple Cisco platforms that run Cisco IOS Release 12.2 or Release 12.3.
For example, the symptom occurs when you enter the following configuration:
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart snmp-server enable traps syslog
snmp-server enable traps entityThen you enter:
no snmp-server enable traps snmp authentication
no snmp-server enable traps syslogor you enter:
no snmp-server enable traps snmp authentication
no snmp-server enable traps entityAt this point, the snmp-server enable traps snmp linkdown linkup coldstart warmstart command is no longer in the output of the show running-config command.
Workaround: Manually reconfigure the snmp-server enable traps snmp linkdown linkup coldstart warmstart command.
Alternate Workaround: First enter the no snmp-server enable traps syslog command or the no snmp-server enable traps entity command before you enter the no snmp-server enable traps snmp authentication command.
•
Symptoms: A Cisco Catalyst 2950 experiences a memory leak in the CDP process.
Conditions: The device sending CDP packets sends a hostname that is 256 or more characters. There are no problems with a hostname of 255 or fewer characters.
Workaround: Configure the neighbor device to use less than a 256 character hostname, or disable the CDP process with the global command no cdp run.
IP Routing Protocols
•
Symptoms: Address Resolution Protocol (ARP) may not be triggered for an inside-local address destination after the outside-to-inside translation is performed correctly, causing packets to be dropped because the adjacency remains gleaned.
Conditions: This symptom is observed on a Cisco router when the Multi-VRF feature is configured and when you configure a customer edge (CE) router to perform Network Address Translation (NAT).
Workaround: Perform a ping from the router to the CE router to trigger ARP and to populate the adjacency table.
•
Symptoms: A Cisco router may crash.
Conditions: This symptom is observed after you enter the shutdown interface configuration command followed by the no shutdown interface configuration command multiple times on different interfaces.
Workaround: There is no workaround.
Miscellaneous
•
Symptoms: Connectivity difficulties may occur when Virtual Private Network (VPN) routing/forwarding (VRF) packets follow the global routing table instead of the VRF table.
Conditions: This symptom is observed on a low-end Cisco router that runs Cisco IOS Release 12.2(7a) or another release when the global address space in the router overlaps with the VRF address that is configured on a VRF interface of a connected PE router. The VRF interface of this PE router may be unreachable but end-to-end connectivity may not be affected.
Workaround: There is no workaround.
•
Symptoms: A Network Processing Engine G1 (NPE-G1) may restart unexpectedly and report the following message:
Last reset from watchdog resetConditions: This symptom is observed on a Cisco 7200 series that is configured with an NPE-G1 and that is running Cisco IOS Release 12.2(14)S3. The symptom may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: There may be no memory for the expanded TFIB PSA. The label allocation may fail with error messages that are shown below and may be followed by a memory traceback.
%TAGCON-3-LCLTAG_ALLOC: Cannot allocate local tag %TFIB-2-MEMORY: No memory for expanded TFIB PSA
-Traceback=Conditions: This symptom is only observed on a Cisco RPM-XF and only when the label space has been exhausted to the maximum level supported by the platform or is about to be exhausted (only a few hundred labels are available) and when the TFIB table is expanded further.
Workaround: Enter the mpls label range 16 101900 command at the conf-t level to avoid the error messages.
•
Symptoms: The maximum MTU with a DF set across an L2TP MPLS VPN is 1460 while the physical layer MTU is 1500; any ping larger than 1460 may fail.
Condition: This symptom is observed on a LES platform such as a Cisco 3600 series or a Cisco 4500 series when the router performs MPLS operations and functions as an L2TP Network Server (LNS). The incoming MPLS packet is dropped while the router attempts to inject the packet into the L2TP tunnel.
Workaround: Traffic of packets between 1460 and 1500 bytes can be made possible by fragmenting the tagged packets before the transmission.
Enter the mpls mtu 1450 command on the router in the MPLS cloud before the MPLS packet reaches the router that injects the packet into the L2TP tunnel.
•
Symptoms: The output queue of a Gigabit Ethernet port may become stuck, preventing traffic from leaving the interface.
Conditions: This symptom is observed on the Gigabit Ethernet port 0/1 (gig0/1) of a Network Processing Engine NPE-G1 (NPE-G1) that is installed in a Cisco 7200 series.
Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the affected interface.
Alternate Workaround: Reload the router.
•
Symptoms: Voice hunt may fail.
Conditions: This symptom is observed on an originating gateway (OGW) when the isdn overlap-receiving command is enabled, when the OGW has at least two dial peers that only partially match the called number, and when the terminating gateway (TGW) has dial peers that match the complete called number. For example, the symptom occurs when the OGW has two dial peers that match "destination-pattern 123" while the TGW has dial peers that match "destination-pattern 123456."
Workaround: Do not enable the isdn overlap-receiving command when voice hunt is enabled.
•
Symptoms: The IP multicast throughput in Cisco IOS Release 12.3(6)T is not as good as in Release 12.3(4)T.
Conditions: This symptom is observed when more than 130 kpps of traffic is sent. The symptom may also occur in other releases.
Workaround: There is no workaround.
•
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
•
Symptoms: A Cisco 7200 series NPE-G1 built-in GE (SBeth) MAC filter may accept NULL DAs (00-00-00-00-00-00). This unintentional behavior may pose a denial of service security risk in customer environments when their networks are flooded with NULL DAs.
Conditions: This symptom is observed when NULL DAs are presented to an NPE-G1 GE interface. This situation may be either a third-party vendor product flaw or a third-party vendor documentation error. (The third-party vendor documentation states that NULL DAs may be used for unused MAC Filter entries, implying that they are not accepted.)
Workaround: There is no workaround.
•
Symptoms: Some E1 controllers on an STM-1 interface that are configured for MGCP call control may not be able to make calls because a Cisco PGW2200 that functions as the call agent may place the B channels for these E1 controllers in the "INTERFACE DISABLED" gateway state.
Conditions: This symptom is observed on a Cisco AS5850 when one or more adjacent E1 controllers on the STM-1 interface are configured for non-MGCP call control. The Cisco PGW2200 runs software version 9.3.2; the MGCP version is 0.1; SONET is configured for AU4 mapping; the controllers are configured as 3/0.1/1/1, 3/0.1/7/3, 3/0.2/1/1, 3/0.2/7/3, 3/0.3/1/1, and 3/0.3/7/3.
The following configuration is enabled on the Cisco AS5850:
backhaul-session-manager
set set1 client nft
group group1 set set1
session group group1 remote-ip remote-port local-ip local-portcontroller SONET 3/0
au-4 1 tug-3 1
tug-2 1 e1 1
tug-2 2 e1 1
tug-2 6 e1 3
tug-2 7 e1 3controller E1 3/0.1/1/1
pri-group timeslots 1-31 service mgcpcontroller E1 3/0.1/2/1
pri-group timeslots 1-31Workaround: Configure all E1 controllers on a TUG boundary for MGCP.
Alternate Workaround: Disable the non-MGCP E1 controllers.
•
Symptoms: At 12 cps, the following message is displayed on a V4 gatekeeper:
ASSERT failed: line 9900 in file ../mm/gk/gk_rassrv_util.cConditions: This symptom is observed when an external server is using the GKTMP interface to communicate with the gatekeeper and when the gatekeeper is configured with "send-cisco-circuit-info."
Workaround: There is no workaround.
•
Symptoms: You may not be able to apply a service policy when the parent policy has a shape value that does not exceed the priority value of the child policy.
Conditions: This symptom is observed on a Cisco platform that runs Cisco IOS Release 12.3 when you attempt to configure a hierarchical policy map.
Workaround: There is no workaround. Note that the symptom does not occur in Release 12.2 T.
•
Symptoms: A Layer 2 Tunneling Protocol (L2TP) network server (LNS) may not remove a per-user access control list (ACL) from the configuration. This situation may cause the memory of the LNS to be depleted, and the output of the show processes memory EXEC command may indicate that the "AAA Per-User" process holds most of the allocated memory.
Conditions: This symptom is observed on a Cisco router that functions as an LNS in a Large-Scale Dial-Out (LSDO) configuration when a per-user ACL is present in the RADIUS profile of the user.
Temporary Workaround: To free up memory, manually remove the per-user ACL by entering the no ip access-list extended virtual-access number global configuration command. The number argument consists of the numbers (for example, 2003#671) that are assigned by the Cisco IOS software when the ACL is created.
•
Symptoms: A router may reload unexpectedly after it attempts to access a low memory address.
Conditions: This symptom is observed after ACLs have been updated dynamically or after the router has responded dynamically to an IDS signature.
Workaround: Disable IP Inspect and IDS.
•
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
•
Cisco Internetwork Operating System (IOS) Software is vulnerable to a Denial of Service (DoS) attack from crafted IPv6 packets when the device has been configured to process IPv6 traffic. This vulnerability requires multiple crafted packets to be sent to the device which may result in a reload upon successful exploitation.
More details can be found in the security advisory, which is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050126-ipv6.shtml.
•
Symptoms: There may be no dial tone from a VIC2-2FXS.
Conditions: This symptom is observed on a Cisco router when two VIC2-2FXS are installed in one PVDM-256K-4 DSP.
Workaround: Use two legacy VIC-2FXS.
Alternate Workaround: Use two VIC2-2FXS with two PVDM-256K-8 DSPs.
•
Symptoms: A Cisco voice gateway may use an incorrect codec payload value (that is different from the configured value) during media transmission after the call is transferred to a new endpoint.
Conditions: This symptom is observed on a Cisco voice gateway that runs Cisco IOS Release 12.2(15)T9 or Release 12.3 and that is configured to use H.323 as the VoIP protocol. The symptom occurs when the remote endpoint sends an H.245 EmptyCapabilitySet (ECS) message to initiate the call transfer (H.323 Version 4, Section 8.4.6) after the initial call establishment and then sends an H.245 OpenLogicalChannel (OLC) message before sending a new H.245 TerminalCapabilitySet (TCS) message.
Workaround: There is no workaround.
•
Symptoms: Several prefixes for non-redistributed connected interfaces in different VRFs may be partially bound to the same MPLS-VPN label, thus disrupting traffic bound to one or more of these VRFs.
Conditions: This symptom is observed on a Cisco 7500 series router that runs Cisco IOS Release 12.2(6f)M1 or Release 12.2(12f) after the VRF interfaces have flapped. The symptom may also occur in other releases.
Workaround: Clear the routes in the VRFs in sequence.
•
Symptoms: The native Gigabit Ethernet ports of a Cisco 7200 series NPE-G1 or a Cisco 7301 may stop forwarding traffic.
Conditions: This symptom is observed in a stress situation when bursty traffic is received.
Workaround: There is no workaround.
•
Symptoms: A Cisco AS5300 may stop accepting calls and generate the following error message:
Endpt in transient stateConditions: This symptom is observed after an attempt to relay a fax on a Cisco AS5300 that runs Cisco IOS Release 12.3(4)T1 or Release 12.3(5a) and that is configured for MGCP.
Workaround: There is no workaround.
•
Symptoms: A Cisco AS5300 may improperly generate a disconnect cause of 8A10 for any call leg. The proper disconnect cause should be 10.
Conditions: This symptom is observed on a Cisco AS5300 that runs and IP Plus image of Cisco IOS Release 12.3(5) and that is configured for E1 R2 signaling for Thailand. The symptom may not be platform-specific.
Workaround: There is no workaround.
•
Symptoms: After a Route Switch Controller (RSC) has rebooted, line cards are no longer recognized by the RSC. The output of the show chassis command shows the following information:
RSC-Slot6# show chassis
System is in classic-split mode, RSC in slot 6.
Slots owned: none
Slots configured: none
Slots owned by other: 8 9 10 11 12 13
Slots not owned: 0 1 2 3 4 5
Slot Board CPU DRAM I/O Memory State Elapsed
Type Util Total (free) Total (free) Time
System set for auto bootConditions: This symptom is observed on a Cisco AS5850 that runs Cisco IOS Release 12.3(3c) and that has dual RSCs that function in classic split mode.
Workaround: There is no workaround. To recover from the symptoms, manually reload the affected RSC.
•
Symptoms: During periods of high Session Initiation Protocol (SIP) call volumes, a router may reload unexpectedly because of a bus error.
Conditions: This symptom is observed on a Cisco AS5300 series universal gateway when a SIP call is cancelled due to a 408 Request Timeout response received for a SIP PRovisional ACKnowledgement (PRACK) message.
Workaround: There is no workaround.
•
Symptoms: RIP static neighbors may not function properly. Specifically, unicast updates may not be sent to the configured neighbor addresses.
Conditions: This symptom is observed when an interface runs in passive mode with static neighbors.
Workaround: Do not run the interface in passive mode with static neighbors. Rather, rely on the default broadcast or multicast delivery. This delivery depends on the RIP version that is deployed.
•
Symptoms: A Cisco 7500 series with a VIP that has any type of ATM port adapter (PA) may crash with a bus error (sig 10) upon bootup. The VIP will ultimately come on line and the services are not impacted thereafter.
Conditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.3 when ATM subinterfaces on the PA are configured for any QoS queueing feature (for example, shaping, LLQ, WRED, CFWFQ, fair-queueing, etc.)
Workaround: There is no workaround.
Further Problem Description: This is a timing issue between ATM interfaces coming up and being fully configured (via IPC) for QoS on the PA. The higher the number of ATM subinterfaces/PVCs, the more likely is a chance that the router crashes. However, if only one subinterface/PVC is configured, there is still a potential problem; the router may not crash but QoS may not function.
•
Symptoms: A Cisco 3600 series or Cisco 3700 series may not initialize correctly and report the following error message during startup:
%VPN_HW-1-INITFAIL: Slot 1: hifn7814_init_dsConditions: This symptom is observed on Cisco 3600 series and Cisco 3700 series that run Cisco IOS Release 12.3(6) and that use a Virtual Private Network (VPN) encryption and hardware advanced integration module AIM-VPN/EPII or an AIM-VPN/HPII. If the AIM is installed in slot 1, it fails to initialize.
Workaround: Install the AIM in slot 0 instead of slot 1.
•
Cisco Internetwork Operating System (IOS) Software releases trains 12.0S, 12.1E, 12.2, 12.2S, 12.3, 12.3B and 12.3T may contain a vulnerability in processing SNMP requests which, if exploited, could cause the device to reload.
The vulnerability is only present in certain IOS releases on Cisco routers and switches. This behavior was introduced via a code change and is resolved with CSCed68575.
This vulnerability can be remotely triggered. A successful exploitation of this vulnerability may cause a reload of the device and could be exploited repeatedly to produce a Denial of Service (DoS).
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-snmp.shtml
•
Symptoms: The cpmISDNCfgBChanInUseForVoice objects are not counted by the cpmISDNCfgBChannelCalls object.
Conditions: This symptom is observed when the CISCO-POP-MGMT-MIB is polled for ISDN voice calls. The expected behavior is that voice calls on all ISDN B-channels should be counted by the cpmISDNCfgBChannelCalls object.
Workaround: There is no workaround.
•
Symptoms: An uncorrectable ECC parity error may occur on a Cisco 7200 series that is configured with an NPE-G1.
Conditions: This symptom is observed rarely when you enter the show sysctlr or the show tech command on the NPE-G1.
Workaround: Do not enter the show sysctlr or the show tech command.
•
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
•
Symptoms: TCCS clear-channel codec calls may not go through. The trunks may be up but the signaling information may not be communicated.
Conditions: This symptom is observed only when a medium complex codec is configured.
Workaround: Use a high complex codec.
•
Symptom: PPPoE sessions cannot be established on VCs that have received non-PPPoE SNAP encapsulated frames (like RBE).
Conditions: This symptom is observed on a Cisco platform that functions as a LAC, that runs Cisco IOS Release 12.3(4)T1, Release 12.3(7)T, or a later release, and that is configured with RBE and autoPPP encapsulation.
Workaround: There is no workaround.
•
Symptoms: A VC that is configured on an IMA interface may remain in the inactive state.
Conditions: This symptom is observed when the VC is in the inactive state while the links come up. In this situation, the VC should enter the "up" state, but does not do so.
Workaround: Remove and reconfigure the VC.
•
Symptoms: IPCP may not come up when per-user virtual profile attributes are cloned from a remote AAA server.
Conditions: This symptom is observed after a number of sessions are brought up and torn down and when a cloning failure is observed on one or more sessions.
Workaround: There is no workaround.
•
Symptoms: You may not be able to add an ATM interface that is configured on an AIM module to an existing IMA group that consists of ATM interfaces that are configured on the same AIM module.
Conditions: This symptom is observed on a Cisco 2600 series (including the Cisco 2691), Cisco 3660, Cisco 3631, Cisco 3725, and Cisco 3745 that run Cisco IOS Release 12.3(6).
Workaround: First, create the IMA links. Then, create the IMA group.
Wide-Area Networking
•
Symptoms: Software interface description blocks (IDBs) may become exhausted after an interface flaps repeatedly.
Conditions: This symptom is observed under the following conditions:
–
–
–
Workaround: There is no workaround.
•
Symptoms: A specified IP address of an interface may not be used to open a XOT session. Instead, the IP address of the egress interface may be used.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3(1a) or Release 12.3(5) when you configure X.25 XOT DNS by entering the x25 route selection-options [modification-options] xot dns pattern xot-source interface global configuration command.
Workaround: There is no workaround. Note that the symptom does not occur in Release 12.2.
•
Symptoms: When a call is not answered, no release cause value may be sent to the public switched telephone network (PSTN) leg and an incorrect release cause value of 102 may be sent to the voice over IP (VoIP) leg.
Conditions: This symptom is observed on a Cisco router that is configured for ISDN when a T301 timer expires. When a call is not answered, a release cause value of 19 ("No answer from user [user alerted]") should be sent to both legs.
Workaround: There is no workaround.
•
Symptoms: A Cisco router running a Cisco IOS image may crash because of a bus error when it accesses an invalid address (0x0B0D0B0D).
Conditions: This symptom is occasionally observed when an MLP bundle containing virtual-access PPP links goes down.
Workaround: There is no workaround.
•
Symptom: A router with a PPPoE configuration may crash because of a bus error at an illegal address.
Condition: This symptom is observed when a PPP session is being established.
Workaround: There is no workaround.
•
Symptoms: A Cisco universal access server or universal gateway may be unable to terminate virtual-profile PPP calls on a virtual-access interfaces when virtual-template pre-cloning is enabled. PPP authentication may succeed and PPP may change the state to "FORWARDED," but LCP/NCP may never start on the virtual-access interface, causing a PPP timeout to occur on the client (usually after 30 seconds).
Conditions: This symptom is observed intermittently on a Cisco universal access server or universal gateway that run Cisco IOS Release 12.3(5) when SGBP/VPDN and virtual-profile calls share the same pre-cloned virtual-access interfaces.
Workaround: If this is an option from the point of view of performance, disable virtual-template pre-cloning.
Alternative Workaround: Use a different virtual-template interface for virtual-profile PPP calls.
•
Symptoms: An incoming POTS dial peer may ignored.
Condition: This symptom is observed when ISDN isdn overlap-receiving is enabled and when the port is not configured for the incoming POTS dial peer.
Workaround: Either configure the port for the incoming POTS dial peer or disable ISDN overlap-receiving.
•
Symptoms: When you attempt a telephone call by pressing the "redial" button, the call may fail. The situation occurs when the application cannot detect that the T302 timer has expired.
Conditions: This symptom is observed when the call is routed via a Cisco router that runs Cisco IOS Release 12.3(6) and when BRI basic-net3 overlap signaling and the default application is used for the call. Note that the symptom does not occur in Release 12.2(11)T7.
Workaround: Explicitly configure "application default" on the inbound dial peer.
•
Symptoms: A router may unexpectedly reload with a bus error with the same address:
System was restarted by bus error at PC 0x606B2BE4, address 0xB0D0C11Decodes indicate that a PPP problem may be the cause of the symptom.
Conditions: This problem is not platform dependent and may occur with any type of IP PPP connection. This problem is also most likely occur when there is a high volume of call connections and disconnections, for example, when an interface carrying multiple calls flaps.
Workaround: There is no workaround.
•
Symptoms: An L2TP LNS that is configured to perform Multichassis Multilink PPP (MMP) by using SGBP may not be able to bundle Multilink PPP (MLP) connections. The output of the debug sgbp queries command shows no SGBP queries after the connections have been authenticated.
Conditions: This symptom is observed when the MLP connections arrive on different LNS within the same stack group.
Workaround: Enter the sgbp ppp-forward command to enable forwarding of all PPP calls, not only of MLP calls. This workaround may cause some overhead as SGBP queries will also be sent for non-multilink connections.
Alternate Workaround: Enter the lcp renegotiate always command. This workaround may cause compatibility problems with older PPP clients.
Resolved Caveats—Cisco IOS Release 12.3(6)
This section describes possibly unexpected behavior by Cisco IOS Release 12.3(6). All the caveats listed in this section are resolved in Cisco IOS Release 12.3(6). This section describes severity 1 and 2 caveats and select severity 3 caveats.
The following information is provided for each caveat:
•
•
•
Basic System Services
•
Symptoms: Many memory allocation failure (MALLOCFAIL) messages may occur for a Cisco Discovery Protocol (CDP) process:
%SYS-2-MALLOCFAIL: Memory allocation of -1732547824 bytes failed from x605111F0, pool Processor, alignment 0 -Process= "CDP Protocol", ipl= 0, pid= 42
-Traceback= 602D5DF4 602D78A0 605111F8 60511078 6050EC88 6050E684 602D0E2C 602D0E18Conditions: The symptom is observed on a Cisco 7513 that runs Cisco IOS Release 12.0(17)ST. The symptom may also occur on other Cisco 7500 series routers that run Release 12.0 S, 12.2 S, 12.3, or 12.3 T.
Workaround: To prevent the symptom from occurring again, disable CDP by entering the no cdp run global configuration command.
•
Symptoms: A router may reload unexpectedly when a flow in an aggregate cache overflows its 32-bit counter. Proper behavior for the router is to age out the existing flow and to recreate a new flow.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.2 S, Release 12.3, or Release 12.3 T during normal operation and that uses aggregate caches. The symptom may also occur in other releases.
Workaround: Deconfigure the aggregate caches.
•
Symptoms: A PC that is running Tactical Software DialOut/EZ (tacticalsoftware.com) may halt data transfer.
Conditions: This symptom is observed with Tactical Software DialOut/EZ that is running on a PC and a modem that is attached to a Cisco AS5300 that is running Cisco IOS software. The Cisco IOS software may lower the Data Set Ready (DSR) Data Carrier Detect (DCD) with a Clear To Send (CTS) message to the PC side. This causes the PC to halt data transfer.
Workaround: There is no workaround.
•
Symptoms: A timer wheel may fail when the same timer is started from both the process level and the interrupt level.
Conditions: This symptom is observed on a Cisco router that runs Network Address Translation (NAT).
Workaround: There is no workaround.
•
Symptoms: When you reload a faulty Cisco IP Conference Station 7935, a Catalyst 4000 Supervisor Engine III or IV may reload. Before the supervisor engine reloads, the following message may be displayed:
%CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet5/1 (not half duplex), with SEP00e0752447b2 port 1 (half duplex).Conditions: This symptom is observed on a Cisco Catalyst 4000 Supervisor Engine III or IV that runs Cisco IOS Release 12.1(19)EW1. The symptom may also occur in other releases.
Workaround: Disconnect the Cisco IP Conference Station 7935 or disable Cisco Delivery Protocol (CDP) by entering the no cdp enable interface configuration command.
•
Symptoms: A Flash memory card may become corrupted. The output of the show flash-filesystem EXEC command may display the following information:
Open device slot0 failed (Bad device info block)Conditions: This symptom is observed on a Cisco platform when you perform an online insertion and removal (OIR) of the Flash memory card.
Workaround: Do not perform an OIR of the Flash memory card. Rather, switch off the router and perform an offline insertion and removal.
If the Flash memory card does become corrupted after an OIR, reformat the Flash memory card.
•
Symptoms: A Cisco router may fail to process Cisco Discovery Protocol (CDP) packets and update the IP process for On Demand Routing (ODR) routes.
Conditions: This symptom is mainly observed on WAN interfaces with traffic that is passing through the link when a Cisco router fails to update the hold-down timer and the IP process when it receives a CDP packet from a neighbor.
Workaround: There is no workaround.
•
Symptoms: A Service Assurance Agent (SAA) version 2.2.0 Response Time Reporter (RTR) jitter probe may fail because of a timeout, Packet Missing in Action (MIA) condition, and internal error.
Some combinations of jitter probe options such as "num-packets," interval, "request-data-size," and frequency may not function either.
Conditions: This symptom is observed when the "type udpEcho" RTR responder option is configured.
Workaround: Only configure RTR responder, that is, without the "type udpEcho" option.
•
Symptoms: The input queue of the Gigabit Ethernet (GE) interface of a SiByte processor complex on a Multi-processor WAN Application Module (MWAM) may become full, preventing traffic from being forwarded between the subinterfaces that are configured on the GE interface of the SiByte processor complex and a Multilayer Switch Feature Card (MSFC). Pings between these subinterfaces and the MSFC may fail.
Conditions: This symptom is observed on a MWAM that is running a Service Selection Gateway (SSG) application and that is installed in a Cisco Catalyst 6500 series or a Cisco 7600 series. The symptom occurs only when an authentication, authorization, and accounting (AAA) server failure occurs and this failure causes the AAA server to return messages that it has received from the SSG application on the MWAM back to the MWAN.
Workaround: Reset the MWAM.
•
Symptoms: Authentication, authorization, and accounting (AAA) authentication may succeed although a RADIUS server sends an Access-Reject message.
Conditions: This symptom is observed when both the aaa authentication ppp group radius none global configuration command and the radius-server attribute 6 mandatory global configuration command are enabled.
Workaround: Remove the none keyword from the aaa authentication ppp group radius none global configuration command.
Alternate Workaround: Disable the radius-server attribute 6 mandatory global configuration command.
•
Symptoms: A Cisco Virtual Home Gateway (VHG) may fail to download authentication, authorization, and accounting (AAA) attributes that contain remote virtual templates.
Conditions: This symptom is observed when the Per VRF AAA feature is configured by using a remotely defined customer template on a RADIUS server.
Workaround: There is no workaround.
•
Symptoms: When a user logs into a system by using authentication, authorization, and accounting (AAA) authentication, the host name of the system may be used as the local user name in the communication to a remote copy protocol (rcp) server.
Conditions: This symptom is observed on a Cisco platform that runs Cisco IOS Release 12.3. Note that in Release 12.2 and earlier releases, the AAA login ID of the user is used as the local user name in the communication to an rcp server.
Workaround: Add the host name of the system to the ".rhosts" file on the rcp server.
•
Symptoms: When the RADIUS accounting record 49 (Acct-Terminate-Cause) indicates "lost-carrier in Accounting-Request," a Cisco network access server (NAS) may not send the following RADIUS accounting record attributes:
–
–
–
–
Conditions: This symptom is observed in Cisco IOS Release 12.3(3). Depending on the network configuration, the symptom can affect up to 10 percent of the connections.
Workaround: There is no workaround.
•
Symptoms: Call setup rates may be reduced when large numbers of PPP over Ethernet (PPPoE) subscribers are terminated.
Conditions: This symptom is observed only when PPPoE subscribers with local authentication or local authorization are terminated and when there are more than 10,000 sessions.
Workaround: Use RADIUS authentication and authorization for large-scale PPP over X (PPPoX) configurations.
•
Symptoms: Several tty lines may become stuck in the "Modem state: Carrier Dropped" state. You can verify this situation by entering the show line line-number EXEC command for an individual line. However, when you enter the show line EXEC command (that is, you do not enter a value for the line-number argument), the output shows that the same tty lines are active (that is, they are in the "*" state):
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int ...
5/00 Dig.mod. - DialIn - - - 78 0 0/0 - *
5/01 Dig.mod. - DialIn - - - 132 0 0/0 - I
5/02 Dig.mod. - DialIn - - - 32 0 0/0 - *
5/03 Dig.mod. - DialIn - - - 120 0 0/0 - A
5/04 Dig.mod. - DialIn - - - 130 0 0/0 - I
5/05 Dig.mod. - DialIn - - - 132 0 0/0 - IIn addition, both the output of the show users EXEC command and the output of the show caller EXEC command do not show a user or caller name or show an incorrect user or caller name. The output of the show caller EXEC command does show that the service is `TTY."
Conditions: These symptoms have been observed on a Cisco AS5850 in which an Universal Port Card 324 (UPC324) is installed. The UPC324 is configured for modem dialin with PPP and EXEC connectivity and for login authentication via a TACACS+ server.
Workaround: Reload the UPC324 by entering the hw-module slot shelf-id/slot-number reload privileged EXEC command. Note that doing so terminates all active modem calls.
•
Symptoms: Protocol translation sessions that require RADIUS authentication may fail to propagate class-attribute or state-attribute information in subsequent authentication and accounting packets.
Conditions: This symptom is observed in Cisco IOS Release 12.2 T, 12.3, and 12.3 T.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may reload unexpectedly because of a bus error when you remove authentication, authorization, and accounting (AAA) named method lists from the aaa accounting global configuration command.
Conditions: This symptom is observed when you remove the named method lists while the aaa accounting global configuration command is still enabled on the router console or the vty and uses the named method lists.
Workaround: First, remove the named method lists from the router console or the vty. Then, remove named method lists from the aaa accounting global configuration command.
•
Symptoms: A "SYS-2-CHUNKBOUNDS" error message may be displayed on the router console. This message may be followed by a "NOTQ" error message.
Conditions: This symptom is observed under rare circumstances during heavy usage of any application that is using chunks. The symptom is platform independent.
Workaround: There is no workaround.
•
Symptoms: An Access Point or router may reload unexpectedly.
Conditions: This symptom is observed when a user enters an invalid encrypted RADIUS server password, for example when the string argument in the radius-server host ip-address auth-port port-number acct- port port-number key 7 string global configuration command is invalid. The number 7 after the key keyword indicates that the string argument must represent an encrypted password. The symptom occurs when you do not enter a valid encrypted password for the string argument.
Workaround: Do not enter an invalid encrypted RADIUS server secret.
•
Symptoms: Authorization that is based on a dialed number identification service (DNIS) may not function, causing a second RADIUS authorization request to be sent.
Conditions: This symptom is observed when DNIS-based RADIUS method lists are enabled with authorization by entering the following commands:
–
–
After authentication has occurred, another authorization request is sent, which is rejected by the RADIUS server. This second authorization request contains a service type that is set to outbound. After authentication has occurred, no further authorization request should be sent for the same session because all authorization information has already been received during the RADIUS authentication phase.
Workaround: Do not enter the aaa dnis map enable global configuration command but use another type of authentication.
•
Symptoms: A Cisco router that runs Service Assurance Agent (SAA) probes may reload unexpectedly and generate the following error message:
System returned to ROM by break at PC 0x40D46778.Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.2, 12.2 T, or 12.3 when you have not enabled the history collection capability for the SAA probes and when you attempt to retrieve the values of one of the objects that is contained in the table for rttMonHistoryCollectionEntry for an SAA probe by using the getone request.
Workaround: When you have not enabled the history collection capability for the SAA probes, do not use the getone request for any of the objects in rttMonHistoryCollectionEntry for an SAA probe. Rather, use the getmany request.
•
Symptoms: A router may reload unexpectedly when a jitter or HTTP operation is terminated.
Conditions: This symptom is observed on a Cisco router that runs a Service Assurance Agent (SAA).
Workaround: There is no workaround.
•
Symptoms: A router may reload unexpectedly because of a software condition while a jitter probe or User Datagram Protocol (UDP) operation is running.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3(3) when the "request-data-size" is increased via a set Simple Network Management Protocol (SNMP) command while the jitter probe or UDP operation is running.
Workaround: Do not increase the "request-data-size" while the jitter probe or UDP operation is running. Rather, configure a new jitter probe or UDP operation with the increased "request-data-size."
•
Symptoms: A router may pause unexpectedly and then reload when you enter the syscon address ip-address password global configuration command.
Conditions: This symptom is observed when the password argument consists of or exceeds 80 characters.
Workaround: Ensure that the password argument does not exceed 79 characters.
•
Symptoms: When the ip radius source-interface global configuration command is configured on a PPP over Ethernet (PPPoE) server, the interface address may not be set in the RADIUS NAS-IP-Address [4] attribute.
Conditions: This symptom is observed on a Cisco platform that runs Cisco IOS Release 12.3(2), 12.3(2)T, 12.3(3)B, or 12.3(4)T, that functions as a PPPoE server, and that has the radius-server attribute nas-port format format global configuration command enabled with the value d for the format argument.
Workaround: Do not use value d for the format argument. Rather, use another value to configure the network access server (NAS) port.
Alternate Workaround: Enter the radius-server attribute 4 nrp global configuration command.
•
Symptoms: A memory leak may occur in the "dead process" on a Cisco router, and memory allocation failures (MALLOCFAIL) may be reported in the processor pool. The authentication, authorization, and accounting (AAA) User Identifier (UID) database may leak about 200,000 bytes for each failed EXEC call or vty session because of internal errors during the initiation process.
Conditions: This symptom is observed when EXEC Accounting and Network Accounting are enabled and when a failure occurs during an EXEC call or a vty session. The reasons for the EXEC call failure or vty session failure could be low processor memory on the Cisco router, an internal message processing error, or a timeout during the prompting for a username and password.
Workaround: If this is an option, disable EXEC Accounting and Network Accounting.
•
Symptoms: After Service Assurance Agent (SAA) probes have been properly created for a period of time, they may no longer be created, and a general error at index 1 may be returned.
Conditions: This symptom is observed on a Cisco platform when Simple Network Management Protocol (SNMP) is used to create SAA probes.
Workaround: Reload the Cisco platform.
•
Symptoms: Retransmissions may not be sent to all RADIUS servers in a server group.
Conditions: This symptom is observed when an active RADIUS server in a server group is declared dead and when the server group already contains some dead RADIUS servers. In this situation, the retransmission attempt is not made to all the dead RADIUS servers in the server group but only to the server that is just declared dead. This is not proper behavior: retransmissions should be sent to all the dead RADIUS servers.
Workaround: There is no workaround.
DECnet
•
Symptoms: A memory leak may occur in the End System-to-Intermediate System (ES-IS) routing process.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3 or 12.3 T.
Workaround: There is no workaround.
EXEC and Configuration Parser
•
Symptoms: The command confirmation procedure in Cisco IOS software allows any word that starts with the letter "y" ("yeah," "yea," and so on) for confirmation and any word that starts with the letter "n" ("nope," "nep," and so on) for rejection.
This situation may lead to the erasure of critical information, for example, when you do not enter an explicit "no" as a rejection after you have entered the copy tftp: startup-config privileged EXEC command and the following warning and user prompt for confirmation is displayed:
% Warning: Saving this config to nvram may corrupt any network management or security files stored at the end of nvram.
Continue? [no]:Note that the symptom is not specific to the behavior of the copy tftp: startup-config privileged EXEC command copy command but relates to the command confirmation procedure that is used in Cisco IOS software.
Conditions: This symptom is platform independent.
Workaround: There is no workaround. The fix for this caveat ensures that only an explicit "yes" is accepted for confirmation and only an explicit "no" is accepted for rejection in the Cisco IOS command confirmation procedure.
IBM Connectivity
•
Symptoms: A Cisco 3640 router may reload unexpectedly because of a software condition.
Conditions: This symptom is observed when the encapsulation bstun interface configuration command is enabled and you change the encapsulation by entering the encapsulation slip interface configuration command.
Workaround: There is no workaround.
•
Symptoms: Data-link switching (DLSw) Synchronous Data Link Control (SDLC) receives a Null XID Command and responds back with another Null XID Command. It should be a Null XID Response. The DLSw circuit never goes into the CONNECTED state but stays in the CKT_ESTABLISHED state until it drops.
Further Problem Description: The Ethernet attached Tandem physical unit (PU) 2.0 attempts to establish a session via DLSw to SDLC where the DLSw SDLC interface is running role secondary. The PU 2.0 sends in a Null XID Command but DLSw / SDLC responds with another Null XID Command instead of sending a Null XID Response. The SDLC interface is constantly receiving Set Normal Response Mode (SNRM) from the SDLC primary device but will not respond with an unnumbered acknowledgement (UA) until it receives a "real" XID from the PU 2.0. A "real" XID is a nonnull XID with a length 3 or more. But, the Tandem's finite state machines (FSM) will not transition to send the "real" XID until it receives a Null XID Response. Additional Information:
A show DLSw circuits [detail] privileged EXEC command shows the circuit in the CKT_ESTABLISHED state with a large number of XIDs both sent and received. A show interfaces serial x/y EXEC command shows the following:
sdlc addr xx state is SNRMSEEN cls_state is CLS_FULL_XID_PENDConditions: This symptom is observed on Cisco platforms that are running Cisco IOS software.
Workaround: There is no workaround.
•
Symptoms: Data-link switching (DLSw) Ethernet redundancy may not function. The output of the show dlsw transparent neighbor privileged EXEC command may display the following information:
Interface Fa0/0.1 0000.6666.0000 SELF MasterHowever, the output should display the following information:
Interface Fa0/0.1 0000.6666.0000 SELF Slave 0000.9999.0000 Connected MASTER.Conditions: This symptom is observed when a dot1q trunk is configured and when a subinterface is configured with DLSW Ethernet Redundancy, Protocol Independent Multicast (PIM), and Hot Standby Router Protocol (HSRP) on a native VLAN.
Workaround: Do not use the native VLAN. Rather, use a VLAN that is configured by a user.
•
Symptoms: A session that is established through Systems Network Architecture Switching Services (SNASw) via source-route bridging (SRB) may not be cleared when SRB is removed from a Token Ring interface on which the downstream Systems Network Architecture (SNA) device is located.
SNASw may still display the link and the physical unit (PU) as "Active," and the output of the show dlsw local-circuit privileged EXEC command and show cls EXEC command may indicate that the session is still active.
Conditions: This symptom is observed on a Cisco platform that runs SNASw on a Virtual Data-link Control (VDLC) port and that has MAC defined to tie into DLSw.
Workaround: Enter the clear dlsw local-circuit circuit-id privileged EXEC command, in which you enter the circuit ID that is listed in the "key" field in the output of the show dlsw local-circuit privileged EXEC command.
•
Symptoms: A Cisco router that runs Data-link switching (DLSw) Ethernet redundancy may reload unexpectedly when a watchdog timeout occurs.
Conditions: This symptom is observed in a configuration in which two DLSw Ethernet routers (router 1 and router 2) form a redundant pair, router 1 is the secondary router, and router 2 is the primary router that has the DLSw circuits. The symptom occurs when the following sequence of events occurs:
1.
2.
Workaround: There is no workaround.
•
Symptoms: During the configuration of a serial interface that is connected to a peer, a router may reload unexpectedly because of a software condition when you enter packet sizes for the in-size and out- size arguments of the x25 pvc circuit qllc x121-address packetsize in-size out-size interface configuration command that are smaller than the packets sizes for the in-size and out-size arguments of the x25 facility packetsize in-size out-size interface configuration or s.25 profile configuration command.
Conditions: This symptom is platform independent and has been observed in Cisco IOS Release 12.2(15)T8 and 12.3(3a) but may also occur in other releases.
Temporary Workaround: On the router and its peers, enter packet sizes for the in-size and out-size arguments of the x25 pvc circuit qllc x121-address packetsize in-size out-size interface configuration command that are larger than the packets sizes for the in-size and out-size arguments of the x25 facility packetsize in-size out-size interface configuration or s.25 profile configuration command.
This workaround is temporary, because after the router reloads, you must apply the workaround again.
Interfaces and Bridging
•
Symptoms: A cbus complex may be observed on a Cisco router when the following message appears on the serial interface:
%RSP-3-RESTART: interface Serial8/1/0/23:23, not transmittingConditions: This symptom is observed on a Cisco 7500 series router when Multilink PPP (MLP) is configured on the serial interface and distributed Cisco Express Forwarding (dCEF) switching is enabled.
Workaround: There is no workaround.
•
Symptoms: Fragments produced on a Route Switch Processor (RSP) may be corrupted. The fragments may have extra bytes of garbage that may cause the remote end to drop the packets since the remote end cannot rebuild the packets.
Conditions: This symptom occurs on a Cisco 7500 router that is configured for Frame Relay fragmentation 12 (FRF.12) on a Packet-over-SONET (POS) subinterface.
Workaround: There is no workaround.
•
Symptoms: A call that is made from an outgoing master asynchronous interface may fail because of a link control protocol (LCP) timeout.
Conditions: This symptom is observed when an automatic script is used to configure the router. The script does not recognize the asynchronous mode configuration for the master asynchronous interface that is defined in the interface group-async global configuration command, causing the call to fail. When you manually configure the asynchronous mode, the symptom does not occur.
Workaround: Manually configure the asynchronous mode for the master asynchronous interface on the terminating side by entering the following interface configuration commands in sequence:
async dynamic address
async dynamic routing
async mode dedicated
•
Symptom: A FlexWAN module may reload unexpectedly while the switch or router boots up and brings up the modules and port adapters.
Conditions: This symptom is observed when a 1-port T3 serial port adapter (PA-T3) is installed in the FlexWAN module.
Workaround: There is no workaround.
•
Symptoms: When a Cisco router reloads, the ATM permanent virtual circuit (PVC) status remains inactive (INAC) even though the ATM subinterface is in an UP/UP state. The following message may also be displayed when you enter the debug atm errors privileged EXEC command:
ATM(ATMx/x/x):point-to-point interface does not have a VCDConditions: This symptom is observed on a Cisco 7500 series router with a PA-A3 port adapter.
Workaround: Enter the no shutdown interface configuration command on the ATM interface.
•
Symptoms: A Cisco 7200 series may reload unexpectedly when spurious memory accesses are generated.
Conditions: This symptom is observed on a Cisco 7200 series that runs Cisco IOS Release 12.3 when a packet that has Logical Link Control but no Subnetwork Access Protocol (SNAP) header (that is, an IEEE 802.2 packet) is received by a dot1q VLAN subinterface.
Workaround: There is no workaround.
•
Symptoms: An interface on a Cisco 7500 series that is configured for distributed Multilink PPP (dMLP) may stop transmitting data.
Conditions: This symptom is observed when the links in an MLP bundle flap. When the router detects that the interface does not transmit data, the router automatically resets all Versatile Interface Processors (VIPs) to restore proper functioning.
The following log information shows the sequence of events when the symptom occurs:
%LINK-3-UPDOWN: Interface Serial10/1/1/11:23, changed state to down
%LINK-3-UPDOWN: Interface Serial10/1/1/12:23, changed state to down
%LINK-3-UPDOWN: Interface Multilink9, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial10/1/1/11:23, changed
state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial10/1/1/12:23, changed
state to down
%LINK-3-UPDOWN: Line protocol on Interface Multilink9, changed
%LINK-3-UPDOWN: Interface Serial10/1/1/12:23, changed state to up
%LINK-3-UPDOWN: Interface Multilink9, changed state to up
%LINK-3-UPDOWN: Interface Serial10/1/1/11:23, changed state to up
%RSP-3-RESTART: interface Serial10/1/1/11:23, output frozen
%RSP-3-RESTART: cbux complexWorkaround: There is no workaround.
•
Symptoms: When a router boots up, a FlexWAN module that is configured with a serial T3 port adapter may come up and may reload immediately.
Conditions: This symptom is observed on a Cisco Catalyst 6000 series or Cisco 7600 series.
Workaround: There is no workaround.
•
Symptoms: The driver code of a third-party vendor Fast Ethernet controller that is part of a C7200-I/O-FE I/O controller may pause indefinitely or reload unexpectedly.
Conditions: This symptom is observed on a Cisco 7200 series when a packet enters the third-party vendor Fast Ethernet controller, when this packet is forwarded to a Multilink PPP (MLP) interface, and when another packet is forwarded by the third-party vendor Fast Ethernet controller before the first packet has left the MLP interface.
Workaround: There is no workaround.
•
Symptoms: A Versatile Interface Processor (VIP) that is configured with an enhanced 1-port ATM OC-12/STM-4 port adapter (PA-A3-OC12) may reload unexpectedly because of memory corruption.
Conditions: This symptom is observed on a Cisco 7500 series when a permanent virtual circuit (PVC) is configured on the PA-A3-OC12.
Workaround: There is no workaround.
IP Routing Protocols
•
Symptoms: Although you may able to configure more than 4 Gbps of bandwidth for Resource Reservation Protocol (RSVP) or for a Multiprotocol Label Switching (MPLS) traffic engineering (TE) tunnel, the actual reserved bandwidth that is established for RSVP or the MPLS TE tunnel may be much less than 4 Gbps.
The output of the show running-config interface type number privileged EXEC command shows the configured bandwidth. The output of the show ip rsvp reservation EXEC command shows the actual reserved bandwidth for RSVP.
Conditions: This symptom is observed when the interface on which RSVP or the MPLS TE tunnel is configured does have sufficient bandwidth available to satisfy the configured bandwidth but the actual reserved bandwidth is less than the configured bandwidth.
Workaround: There is no workaround.
•
Symptoms: When you configure the distribute-list router configuration command under the address-family ipv4 vrf vrf name router configuration command, the distribute-list router configuration command may appear under the main routing process as may be displayed in the output of the show running-config EXEC command.
Conditions: This symptom is observed in either a Routing Information Protocol version 2 (RIPv2) or a Border Gateway Protocol (BGP) configuration when you specify the interface-type and interface-number arguments of the distribute-list {access-list-number | access-list-name} {in | out} [interface-type interface-number] router configuration command.
The symptom does not occur when you do not define the interface-type and interface-number arguments and only enter the distribute-list {access-list-number | access-list-name} {in | out} router configuration command.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may reload if it is low on processor memory and Simple Network Management Protocol (SNMP) get operations are performed on Open Shortest Path First (OSPF) MIBs.
Conditions: This symptom is observed on a Cisco router that is running Cisco IOS Release 12.2(8)YW, Release 12.2(8)YY, Release 12.2 T, Release 12.3, or Release 12.3 T.
Workaround: There is no workaround.
•
Symptoms: An inconsistency between the Cisco Express Forwarding (CEF) table and the Address Resolution Protocol (ARP) table may cause CEF entries to be removed and then recreated at random times. This situation, in turn, may cause unicast packet loss for the affected entry or entries.
Conditions: This symptom is observed on a Cisco Catalyst 6000 series that is configured with three VLAN interfaces and that directly connect to a layer 2 port-channel interface. This port-channel interface connects via a trunk to an access-layer device.
When you enter the following EXEC commands on components of the Cisco Catalyst 6000 series, the output does not show entries for the affected addresses:
–
–
–
–
–
Workaround: Configuring the ARP timeout to a time on a 60-second boundary may resolve this issue in some cases. For example, when you enter the arp timeout 270 interface configuration command, the symptom occurs, but when you enter the arp timeout 300 interface configuration command, the symptom does not occur.
For cases where configuring the ARP timeout to a time on a 60-second boundary does not resolve the issue, upgrading is the only solution.
•
Symptoms: Enhanced Interior Gateway Routing Protocol (EIGRP) next-hop self- routes are incorrectly deleted from a Routing Information Base (RIB).
Conditions: This symptom is observed when the no ip next-hop-self eigrp interface configuration command is used in a dual hub Dynamic multipoint VPN (DMVPN) network. Routes are learned for the same destination from two different sources over the DMVPN network directly from the spokes and from the other hub. These routes in the EIGRP topology table have the same IP next-hop, but different metrics. The routes learned from the spokes have a lower metric and are used to populate the routing table. If this hub loses the other hub as an EIGRP neighbor, then EIGRP correctly removes the topology entries from the EIGRP topology table that are learned from the other hub. But EIGRP then deletes these routes from the routing table. EIGRP should not remove the routes from the routing table since the removed topology entries are not used to populate the routing table in the first place.
Workaround: EIGRP does not restore these routes to the routing table until the clear ip route * EXEC command is entered on the router.
•
Symptoms: The best path is not chosen correctly on a Cisco router.
Conditions: This symptom is observed when the bgp deterministic med router configuration command is configured on a Cisco router. The symptom occurs when different values of Multi Exit Discriminator (MED) are set for peers. In this particular situation, the symptom occurs when different values of MED are set to different peers.
Workaround: There is no workaround.
•
Symptoms: When the following Open Shortest Path First (OSPF) MIB tables are queried via snmpwalk, some interfaces may not be displayed:
–
–
–
Conditions: This symptom is observed on any Cisco platform that runs OSPF.
Workaround: There is no workaround.
•
Symptoms: A Cisco router that is configured with Network Address Translation (NAT) does not tear down the NAT entry for H.245 messages after the call is terminated.
Conditions: This symptom is observed on a Cisco router that is running Cisco IOS Release 12.3(2)T but may also occur in other releases.
Workaround: Reduce the NAT TCP timeout value to time out the unnecessary entry faster.
•
Symptoms: When the neighbor next-hop-self router configuration command is enabled on routers of a peer group, the next-hop calculation is performed only on the first member of the peer group, and the same next-hop value is replicated to the rest of the peers instead of calculating the next hop based on the next-hop-self configuration.
Conditions: This symptom is observed on a Cisco 7200 series that runs Cisco IOS Release 12.2, Release 12.3, or Release 12.3 T when the router is multihomed and when Border Gateway Protocol (BGP) uses those multiple interfaces to peer with the neighbors that are part of the same peer group or the same update group. In this situation, the next-hop value of the leader of the peer group is used for all the members.
Workaround: Remove the peer group to enable the calculation to be run for each neighbor.
Alternate Workaround: Ensure that all the peers of the same peer group can be reached through a single interface, and use the IP address of this interface as the local peer address by entering the neighbor update-source router configuration command.
•
Symptoms: A network link-state advertisement (LSA) may not be originated for an interface.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.0 S, Release 12.2 S, Release 12.3, or Release 12.3 T when an interface that is configured for Open Shortest Path First (OSPF) and that is up has the same address as another interface that is shut down.
Workaround: There is no workaround.
•
Symptom: A Cisco router running Multicast Source Discovery Protocol (MSDP) may reload when the show ip mdsp peer peer-address advertised-SAs user EXEC/privileged EXEC command is entered.
Condition: These symptoms are only observed on a router that is running MDSP.
Workaround: Enter the no ip domain-lookup command in global configuration mode.
If the ip host {name} {address1} global configuration command is configured, the host name should not be more than 36 characters.
•
Symptoms: A router may reload unexpectedly when dynamic Virtual Private Network (VPN) tunnels are initiated.
Conditions: This symptom is observed on a Cisco router that is configured for Next Hop Resolution Protocol.
Workaround: There is no workaround.
•
Symptoms: An Open Shortest Path First version 3 (OSPFv3) adjacency may flap when a standby Route Processor (RP) comes up after a switchover has occurred or after a router has reloaded. The router database may contain duplicate entries of the network link-state advertisement (LSA), or link LSA, or both.
Conditions: This symptom is observed after a switchover has occurred when the interface number of the interface that is configured for OSPFv3 changes.
This symptom is also observed after the router has reloaded when the interface number of the interface that is configured for OSPFv3 changes and when the neighbor still has the LSA (that was generated by the router on which the symptom occurs) with the old Link State ID (LSID) in its database. This situation may occur when the router does not clean up its LSA (for example, when the router reloads unexpectedly) or when the interface that connects to the neighbor is shut down before the router reloads and then brought back up after the router has reloaded.
Workaround: There is no workaround.
•
Symptoms: Point-to-Point Tunneling Protocol (PPTP) Network Address Translation (NAT) may fail.
Conditions: This symptom is observed on a Cisco router that has the VRF aware NAT feature enabled when the inside interface is part of a Virtual Private Network (VPN) routing and forwarding (VRF) instance and the outside interface is a global interface.
Workaround: Disable Cisco Express Forwarding (CEF). However, this may not be a viable workaround because the Multiprotocol Label Switching (MPLS) VPN requires CEF to be enabled.
•
Symptoms: When a path is added to or deleted from the transit area between two virtual link routers that function as virtual link endpoints, the routes that are learned from the network backbone may not be updated in the routing table.
Conditions: This symptom is observed when there are multiple equal-cost paths for virtual links in the transit area.
Workaround: After the path in transit area has changed, enter the clear ipv6 ospf force-spf privileged EXEC command on the virtual link router that functions as a virtual link endpoint and that is not part of the network backbone.
•
Symptoms: A multicast router may stop sending Protocol Independent Multicast (PIM) join messages.
Conditions: This symptom is observed on a Cisco router that is configured for multicast routing when buffer allocation failures occur and when the I/O memory is low.
Workaround: Disable and reenable multicast routing.
•
Symptoms: A router may no longer be able to reach IP destinations through Open Shortest Path First (OSPF).
Conditions: This symptom is observed when the mpls traffic-eng area number router configuration command is removed from the OSPF configuration.
Workaround: Clear the OSPF process by entering the clear ip ospf process privileged EXEC, and wait for the OSPF process to recover. This workaround is not recommended when there is a large routing table.
Alternate Workaround: Reconfigure the mpls traffic-eng area number router configuration.
•
Symptoms: The distance bgp external-distance internal-distance local-distance address family or router configuration command may be missing from a Border Gateway Protocol (BGP) IPv4 Virtual Private Network (VPN) configuration in the output of the show running-config privileged EXEC command when all of the following keywords in the address-family ipv4 vrf vrf-name router configuration command are configured with their default values:
- aggregate-address Configure BGP aggregate entries
- auto-summary Enable automatic network number summarization
- bgp BGP specific commands
- default Set a command to its defaults
- default-information Control distribution of default information
- default-metric Set metric of redistributed routes
- distance Define an administrative distance
- distribute-list Filter networks in routing updates
- exit-address-family Exit from Address Family configuration mode
- help Description of the interactive help system
- maximum-paths Forward packets over multiple paths
- neighbor Specify a neighbor router
- network Specify a network to announce via BGP
- no Negate a command or set its defaults
- redistribute Redistribute information from another routing protocol
- synchronization Perform IGP synchronization
- table-map Map external entry attributes into routing tableHowever, the distance bgp external-distance internal-distance local-distance address family or router configuration command functions fine because the BGP administrative distance for the VPN in which the command is configured does get changed.
Conditions: The symptom is observed after the BGP IPv4 VPN configuration is saved in NVRAM and the router is reloaded.
Workaround: Change any of the keywords for the address-family ipv4 vrf vrf-name router configuration command (see the Symptoms section above) to a nondefault value.
•
Symptoms: A memory leak may occur on a router that runs IPv6 Open Shortest Path First version 3 (OSPFv3), and the following error message that is related to chunks may be generated:
SYS-2-CHUNKSIBLINGS: Attempted to destroy chunk with siblingsTracebacks may also be generated.
Conditions: This symptom is observed when a configuration change occurs in which prefixes are added or deleted or when the router reloads and the same prefix is advertised with a different Link State ID (LSID).
Workaround: There is no workaround.
•
Symptoms: A router may reload unexpectedly when you remove network commands.
Conditions: This symptom is observed on a Cisco router that has the router ospf global configuration command enabled.
Workaround: There is no workaround.
•
Symptoms: A memory allocation failure (MALLOCFAIL) from the I/O memory pool may occur.
Condition: This symptom is observed on a Cisco router that receives excessive multicast control traffic.
Workaround: Apply a quality of service (QoS) policy map to limit the rate of the multicast control traffic that can be received by the router.
•
Symptoms: Return packets for Internet Security Association and Key Management Protocol (ISAKMP) negotiation via User Datagram Protocol (UDP) port 500 may not enter a router.
Conditions: This symptom is observed when Network Address Translation (NAT) is configured via route maps.
Workaround: Do not use a route map to configure NAT. Use an access control list (ACL) to configure NAT by entering the ip nat inside source list {access-list-number | access-list-name} global configuration command. When you apply this workaround or after you have applied this workaround you may need to clear the IP NAT translations by entering the clear ip nat translation * EXEC command.
•
Symptoms: A Cisco router may reload unexpectedly at "ospf_area_delete()."
Conditions: This symptom is observed on a router that is configured for Open Shortest Path First (OSPF) when all of the following conditions are present:
–
–
–
Workaround: Do not use a cut-and-paste operation to remove the network commands simultaneously with the area that is referenced in the network commands.
•
Symptoms: A router may reload unexpectedly because of a bus error when it accesses a low address during the translation of TCP port 514.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3(5) and that is configured for Network Address Translation (NAT).
Workaround: Prevent the translation of TCP port 514.
•
Symptoms: The memory usage of the Open Shortest Path First version 3 (OSPFv3) process may increase unexpectedly.
Conditions: This symptom is observed on a Cisco router that runs OSPFv3 when OSPFv3 advertises routes and when you clear OSPFv3 by entering the clear ipv6 ospf process privileged EXEC command or when you configure or disable OSPFv3 by entering the ipv6 router ospf or no ipv6 router ospf router configuration command.
Workaround: Shut down the interfaces on which OSPFv3 runs before you make changes to the OSPFv3 process by entering the commands stated in the Conditions above.
•
Symptoms: When the multicast route (mroute) expiration timer is set to a nondefault holdtime value, a router may reload unexpectedly because of a watchdog timeout.
Conditions: This symptom is observed on a Cisco router when a nondefault holdtime value is received via a Protocol Independent Multicast (PIM) join message in combination with a bursty source. This situation may cause the mroute expiration timer to enter an infinite loop.
Because the holdtime value is not user configurable on a Cisco router, this situation is caused by a PIM connection with a non-Cisco router or by the modification of the Internet Group Management Protocol (IGMP) query interval on an interface.
Workaround: Ensure that no nondefault holdtime value can be configured for PIM or IGMP.
•
Symptoms: When Protocol Independent Multicast (PIM) dense mode is enabled, an interface in the outgoing interface list may indicate that it is in forwarding mode but the P flag may still be set to the source, group (S,G) state, preventing the interface from forwarding any packets.
Conditions: This symptom is observed when an interface enters the forwarding mode because the prune timer expires and when there is an Internet Group Management Protocol (IGMP) member on this interface.
Workaround: Enter the clear ip mroute group privileged EXEC command.
•
Symptoms: The OSPF Forwarding Address Suppression in Translated Type-5 LSAs feature may fail; a not-so-stubby area (NSSA) area border router (ABR) may fail to set the forwarding address of the translated Type-5 link-state advertisements (LSAs) to zero.
Conditions: This symptom is observed on a Cisco platform that functions as an NSSA ABR when the following sequence of events occurs:
1.
2.
3.
Workaround: Enter the clear ip ospf process privileged EXEC command.
Alternate Workaround: Enter the no area area-id nssa router configuration command followed by the area area-id nssa translate type7 suppress-fa router configuration command.
•
Symptoms: A Cisco router that is configured for Network Address Translation (NAT) may reload unexpectedly because of a software condition.
Conditions: This symptom is observed when the router translates a Lightweight Directory Access Protocol (LDAP) packet.
Workaround: There is no workaround.
•
Symptoms: A Cisco router that terminates both PPP over Ethernet (PPPoE) and PPP over ATM (PPPoA) sessions may fail for a period of up to 3 minutes to switch traffic downstream toward the subscriber via Cisco Express Forwarding (CEF).
Conditions: This symptom is observed when the PPPoE and PPPoA sessions use different virtual templates and when subinterfaces are enabled. The symptom may affect only some subscribers.
Workaround: Configure one virtual template for both PPPoE and PPPoA sessions.
First Alternate Workaround: Disable subinterfaces.
Second Alternate Workaround: Disable CEF.
•
Symptoms: A provider edge (PE) router may reload unexpectedly when you remove a loopback interface.
Conditions: This symptom is observed on a Cisco router that functions as a PE router and that is configured for Any Transport over MPLS (AToM) and Fast Reroute (FRR).
Workaround: Do not remove the loopback interface when AToM and FRR are configured.
•
Symptoms: A Cisco router may reload unexpectedly while running Open Shortest Path First version 3 (OSPFv3) in a negative testing environment.
Conditions: The symptom is observed under rare circumstances when the router is running low on memory and when a successful memory allocation (MALLOC) occurs just before the router reloads.
Workaround: There is no workaround.
•
Symptoms: The Border Gateway Protocol (BGP) table version may continue to increase, causing continuous updates to occur.
Conditions: This symptom is observed when multipath is configured for IPv6 BGP and when a path transitions from multipath to nonmultipath.
Workaround: Disable multipath.
Alternate Workaround: To prevent BGP from checking for version updates, enter the address-family ipv4 unicast router configuration command.
•
Symptoms: A router may not pass on Virtual Private Network version 4 (VPNv4) routes to a Border Gateway Protocol (BGP) neighbor.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3(3) or Release 12.3(5) when a BGP peer group contains both peers that share IPv4 routes only and peers that share IPv4 and VPNv4 routes.
Workaround: Remove the peers that share IPv4 routes only from the BGP peer group.
•
Symptoms: After you have performed a microcode reload onto a Versatile Interface processor (VIP), Fast Ethernet adjacencies may not be recreated when interfaces come back up.
Conditions: This symptom is observed on a Cisco 7500 series that has distributed Cisco Express Forwarding (dCEF) enabled.
Workaround: Enter the clear adjacency privileged EXEC command.
ISO CLNS
•
Symptoms: A router that runs Intermediate System-to-Intermediate System (IS- IS) may reload unexpectedly when there are a lot of adjacencies that continue to flap.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.2 S.
In Release 12.0 S, the symptom may occur when you enter the router isis global configuration command followed by the fast-flood router configuration command.
In Release 12.3, the symptom may occur when you enter the router isis global configuration command followed by the ip fast-convergence router configuration command.
Workarounds: Prevent IS-IS adjacencies from flapping. There is no other workaround for Release 12.2 S.
For Release 12.0 S, do not enter the router isis global configuration command followed by the fast-flood router configuration command.
For Release 12.3, do not enter the router isis global configuration command followed by the ip fast-convergence router configuration command.
Miscellaneous
•
Symptoms: A Cisco router may access a null pointer, which may cause a memory error and may cause the router to reload unexpectedly.
Conditions: This symptom is observed when the router runs out of memory and attempts to increase the size of the maximum link-state advertisement (LSA) that is received via a Multiprotocol Label Switching (MPLS) traffic engineering tunnel.
Workaround: There is no workaround.
•
Symptoms: A Cisco router that runs a Routing with Resource Reservation (RRR) loadbalancing test may reload unexpectedly.
Conditions: This symptom is observed under rare circumstances when you disable tunnels that have the ip load-sharing per-destination interface configuration command enabled and when other tests are run before the RRR loadbalancing test is run.
Workaround: There is no workaround.
•
Symptoms: When you delete a range of permanent virtual circuits (PVCs) that were created by entering the range pvc subinterface configuration command, a CPUHOG condition may occur.
Conditions: This symptom is observed when you delete 2000 PVCs in a range that is configured on an ATM interlace.
Workaround: There is no workaround.
•
Symptoms: A Cisco AS5400 may reload unexpectedly and a high rate of Processor Memory Parity Errors (PMPE) may occur.
Conditions: This symptom is observed on a Cisco AS5400 that runs any Cisco IOS release.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may reload unexpectedly when you run a Routing with Resource Reservation (RRR) load-balancing test.
Conditions: This symptom is observed under rare conditions when tunnels that are configured with the ip load-sharing per-destination interface configuration command are disabled and when other tests are run before you run the RRR load-balancing test.
Workaround: There is no workaround.
•
Symptoms: A Cisco Versatile Interface Processor (VIP) may reload after a software upgrade.
Conditions: This symptom is observed on a Cisco 7500 series that has a VIP 2-50 in which two single-port Fast Ethernet port adapters are installed. The symptom occurs after the Cisco 7500 series is upgraded from Cisco IOS Release 12.1(2) to Release 12.1(16). The symptom may also occur with other Cisco IOS releases.
Workaround: Set the single Fast Ethernet interface or both Fast Ethernet interfaces to be administratively shut down while the router boots up with the new Cisco IOS release. The interfaces can be brought back up individually after the software is loaded and the router is stable.
•
Symptoms: Voice transmission may be distorted.
Conditions: This symptom is observed when you make offnet calls from a Cisco VG200 and double talk occurs. The symptom may also occur on a Media Gateway Control Protocol (MGCP) gateway or on an H.323 gateway.
Workaround: There is no workaround.
•
Symptoms: When the autoselect ppp line configuration command is enabled, a loop may occur, and "NULL username" failures may occur.
Conditions: This symptom is observed on a Cisco AS5xx0 platform.
Workaround: There is no workaround. To clear the loop, enter the flush-at-activation line configuration command.
•
Symptoms: A router may reload unexpectedly when a traffic engineering (TE) tunnel interface changes to the "connected" state.
Conditions: This symptom is observed on a Cisco router that functions in a Multiprotocol Label Switching (MPLS) environment.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may reload unexpectedly when you enter the crypto card shutdown slot global configuration command followed by the crypto card enable slot global configuration command while traffic is flowing.
Conditions: This symptom is observed on a Cisco 7200 series that is configured with a VPN Accelerator Module (VAM).
Workaround: Shut down the input interface before you enter the crypto card shutdown slot global configuration command followed by the crypto card enable slot global configuration command.
•
Symptoms: A Cisco router that functions as a voice gateway may reload unexpectedly after a series of calls that include call transfers and diverted calls have been processed.
Conditions: This symptom is observed on a Cisco 2621XM and Cisco 3640 when you use a third-party vendor protocol convertor to translate and provide a tunnel for Digital Private Network Signaling System (DPNSS) traffic over Q Signaling (QSIG). The symptom is not platform specific.
Workaround: There is no workaround.
•
Symptoms: When polling the cbQosREDClassStatsTable of the CISCO-CLASS-BASED- QOS-MIB, spurious memory accesses may occur on a Cisco 2600 series, Cisco 3600 series, or Cisco 7200 series. A Cisco 3640 router may also reboot. The spurious memory accesses may be reproduced when polling the above-mentioned table via Simple Network Management Protocol (SNMP).
Conditions: This symptom is observed on a Cisco 2600 series, Cisco 3600 series, and Cisco 7200 series that run Cisco IOS Release 12.2(8)T, Release 12.3, or Release 12.3 T.
Workaround: Prevent the router from answering to queries on the cbQosREDClassStatsTable by implementing the following SNMP view in the router configuration:
snmp-server view qos internet included
snmp-server view qos 1.3.6.1.4.1.9.9.166.1.20.1 excluded
snmp-server community string view qos ro
•
Symptoms: An Engine 4 plus (E4+) line card may reload unexpectedly.
Conditions: This symptom is observed when more than one adjacency is established across the interfaces of the E4+ line card while the ip cef accounting per-prefix non-recursive global configuration command is enabled. This symptom may occur when there is no traffic present on the line card.
Workaround: Disable the ip cef accounting per-prefix non-recursive global configuration command.
•
Symptoms: Very choppy voice quality may be heard when a 3-way call is switched back to a 2-way call.
Conditions: This symptom is observed when a user who originated a conference call switches back to a 2-way call.
Workaround: There is no workaround.
•
Symptoms: The following tracebacks may occur when you boot up a router:
%SYS-3-CPUHOG: Task ran for 3100 msec (87338/197), process = TC-ATM Proc, PC = 40B2EAE8.
-Traceback= 40B2EAF0 40B30BA0Conditions: This symptom is observed on a Cisco MGX 8850 Route Processor Module (RPM-XF) during bootup. If this symptom is observed, the RPM-XF card may not respond for a while and the user is unable to "cc" to this card because the CPU hogs all cycles. When the card does not respond, the Label Distribution Protocol (LDP) Open Shortest Path First (OSPF) route may go down with CPUHOG errors and tracebacks logged.
Workaround: There is no workaround.
•
Symptoms: A Cisco Service Selection Gateway (SSG) router may reload because of a bus error.
Conditions: This symptom is observed on a Cisco router when Cisco Express Forwarding (CEF) is enabled and access list configurations on the router are changed.
Workaround: Disable CEF.
•
Symptoms: After a Cisco router has failed to create a permanent virtual circuit (PVC), an error is generated, and the router may reload unexpectedly.
Conditions: This symptom is observed when an ATM interface is oversubscribed.
Workaround: There is no workaround.
•
Symptoms: Routing Information Protocol version 2 (RIPv2) routes get stuck in the routing table even if the next hop interface is down.
Conditions: This symptom is observed when running Cisco IOS Release 12.1(11b)E4. The symptom may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: A Cisco 7200 series may reload unexpectedly when it is polled by the CiscoWorks Voice Manager (CVM).
Conditions: This symptom is observed on a Cisco 7200 series that runs Cisco IOS Release 12.2(13)T1 or Release 12.3, that is configured with a Network Processing Engine 400 (NPE-400), and that is configured for Voice over IP (VoIP).
Workaround: Disable Simple Network Management Protocol (SNMP) on the router by entering the no snmp server global configuration command.
•
Symptoms: A FlexWAN module that is configured with a 1-port multichannel STM-1 port adapter (PA-MC-STM-1) may reload unexpectedly.
Conditions: This symptom is observed on a Cisco 7600 series when you apply Class-Based Weighted Fair Queueing (CBWFQ) on the PA-MC-STM-1 to a Multilink PPP (MLP) bundle that has E1 channels.
Workaround: There is no workaround.
•
Symptoms: A Cisco 7206 VXR may reload unexpectedly when it attempts to translate virtual address 0x3C0C00C0 to a physical address.
Conditions: This symptom is observed under rare conditions on a Cisco 7206 VXR that is configured with a C7200-I/O-FE I/O controller. The symptom is related to an error in the Fast Ethernet controller on the I/O controller.
Workaround: There is no workaround.
•
Symptoms: When a heartbeat failure occurs on an Edge Label Switch Router (ELSR), the Route Processor Module (RPM-PR) is reset by the Processor Switch Module (PXM).
Conditions: This symptom is observed in a Large Scale Network Test (LSNT) environment under the following network conditions:
–
–
–
–
Workaround: There is no workaround.
•
Symptoms: The IP input process may have an abnormally high CPU utilization and eventually causes calls to be rejected.
Conditions: This symptom is observed on a Cisco platform that functions as a gatekeeper and that has the h323-gateway voip bind srcaddr interface configuration command enabled.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may reload because of a protocol control information (PCI) parity error, boot up, and then reload again when it dumps the PCI bridge registers.
Conditions: This symptom is observed on a Cisco 7200 series.
Workaround: There is no workaround.
•
Symptoms: When you make voice phone calls, negative acknowledgement (NAK) messages may be displayed on the console of a Cisco AS5xx0.
Conditions: This symptom is observed when you enable the Debit Card feature on the plain old telephone service (POTS) side.
Workaround: There is no workaround.
•
Symptoms: When asynchronous calls are made, route-map counters may not increment on a feature board. Access control list (ACL) counters for matching entries do increment on the feature board. The route-map counters on the Route Switch Controller (RSC) do increment for packets that are forwarded to the RSC.
Conditions: This symptom is observed on a Cisco AS5850 that is configured for policy routing.
Workaround: Use the ACL counters to measure the asynchronous calls.
•
Symptoms: A time-division multiplexing (TDM) voice-connection failure may occur for the second call that is placed through a back-to-back PRI line, and a "Resource Unavailable" error message is displayed.
Conditions: This symptom is observed when you make Voice over IP (VoIP) calls from one IP telephone to another IP telephone. The first call goes through successfully. From the second call on, you get a get busy tone.
Workaround: There is no workaround.
•
Symptoms: The serial interface of a 1-port multichannel STM-1 port adapter (PA-MC-STM-1) may remain down.
Conditions: This symptom is observed on a PA-MC-STM-1 that is installed in a Cisco 7600 series when an internal resource allocation does not occur.
Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the affected interface.
•
Symptoms: Routing Information Protocol (RIP) does not send updates to some interfaces where updates are received, even if that update has worse metric.
Conditions: This symptom occurs in the following example: (Primary)--RA----RB----RC--(Backup). A customer uses a static route on RA and redistributes the static route into RIP (metric 1). RC has a floating static route as a backup feature and redistributes the floating static route (metric 7). When the primary (RA) static route goes down, the route is switched to a backup (RC) static route. But after the primary static route recovers, RA cannot send updates to RB. RB and RC continue to use the backup route.
Workaround: Configure a static route with both interface and next hop parameters as follows:
ip route 10.0.1.0 255.255.255.0 ehternet 0/0 10.0.2.1•
Symptoms: A Cisco AS5850 router may have high CPU usage in the IP input process because voice packets are punted from the line cards to the Route Switch Controller (RSC) card. To verify this symptom, enter the show interface type number stat EXEC command. The following output from the show interface command indicates that the entry for packets out (Pkts Out) in the "Distributed cache" field is 0.
Router#show interface g6/0 stat
GigabitEthernet6/0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 752 56786 25 3267
Route cache 0 0 3120 666090
Distributed cache 3019 644372 0 0
Total 3771 701158 3145 669357Conditions: This symptom is observed on a Cisco AS5850 that handles voice calls. The symptom is not observed on the Cisco AS5850 with modem calls.
Workaround: There is no workaround.
•
Symptoms: When two or more phone calls (Foreign Exchange Office [FXO] or BRI) are set as "hold" and "hold," or "resume" is repeated by one of the calls, an input queue wedge may occur.
Conditions: This symptom is observed on a Cisco voice gateway that is running Cisco IOS Release 12.2(15)T1 and that has multicast for Music on Hold (MOH) configured.
Workaround: Enable Protocol Independent Multicast (PIM) on the voice gateway.
Alternate Workaround: Use unicast MOH.
Second Alternate Workaround: Reboot the router. Entering the clear interface EXEC command and the shutdown interface configuration command followed by the no shutdown interface configuration command does not clear the input queue wedge.
•
Symptoms: A one-way voice path may occur on the second media stream of a Session Initiation Protocol (SIP) media-forked call.
Conditions: This symptom is observed on a Cisco platform that runs a Cisco IOS image, that functions as a SIP gateway, and that processes a SIP media-forked call. The initial media stream has a two-way voice path, but when a second media stream is added to the call, the added stream has only a one-way voice path.
Workaround: There is no workaround.
•
Symptoms: On a Cisco router, output queue packet drops may occur on the priority queue of an E1 serial interface on a 1-port multichannel E3 port adapter (PA-MC-E3), after which the E1 serial interface becomes congested.
Conditions: This symptom is observed on a Cisco 7200 series that runs Cisco IOS Release 12.1(18)E. However, the symptom is not specific to the platform or the Cisco IOS software release but specific to the port adapter.
Workaround: Enter the tx-ring-limit interface configuration command to increase the value of the drivers that are transmitted on the queue. For additional information, refer to the document at the following location:
http://www.cisco.com/warp/public/121/txringlimit_6142.html
•
Symptoms: A Gigabit Ethernet interface link may flap when Open Shortest Path First (OSPF) restarts on a Cisco AS5850.
Conditions: This symptom is observed on a Cisco AS5850 that has OSPF configured and active on the Gigabit Ethernet interface of the router.
Workaround: Disable autonegotiation on both ends of the Gigabit Ethernet interface link by entering the no negotiate auto interface configuration command.
•
Symptoms: A Cisco router may reload unexpectedly because of a software condition when you enter the show interfaces virtual-access number [configuration] EXEC command.
Conditions: This symptom is observed on a Cisco 7200 series that runs Cisco IOS Release 12.2(17). The symptom may also occur in other releases.
Workaround: Do not enter the show interfaces virtual-access number [configuration] EXEC command.
•
Symptoms: A Cisco router may reload unexpectedly and return to ROM monitor (ROMmon) because of a bus error.
Conditions: This symptom is observed on a Cisco 3640 but may occur on any 2600 series, 3600 series, or 3700 series that runs Cisco IOS Release 12.2(8)T or a later release or Release 12.3. The symptom occurs when both a 32-port asynchronous network module (NM-32A) and a 1-port or 2-port Analog Modem WAN interface card (WIC-1AM or WIC-2AM) are installed in the router, when the NM-32A is installed in the last network module (NM) slot, and when you configure an asynchronous line.
Workaround: On a Cisco 3600 series or Cisco 3700 series, do not install the NM-32A in the last NM slot. Rather, use another NM slot. There is no workaround for a Cisco 2600 series.
•
Symptoms: Modem calls or fax relay calls impair the functionality of Compressed Real-Time Protocol (CRTP). Voice quality becomes choppy and distorted.
Conditions: This symptom is observed on a Cisco router that is configured with CRTP every time a voice call follows a modem call or a fax relay call.
Workaround: Configure the no ip rtp header-compression interface configuration command on the serial interface, and then turn on the serial interface again. This will restore the voice call quality to normal.
•
Symptoms: The Route Processor (RP) queue may build up, causing the Operation, Administration, and Maintenance (OAM) process to time out and Tag Distribution Protocol (TDP) and Open Shortest Path First (OSPF) to flap. The queue buildup lasts about 27 seconds. The symptom may reoccur after 5 to 30 minutes.
Conditions: This symptom is observed under rare circumstances on a Cisco MGX Route Processor Module XF (RPM-XF). Having more interfaces configured in the system increases the possibility of the symptom occurring.
The cause of the symptom is a Parallel Express Forwarding (PXF) hardware issue in which the second timer does not immediately increment, even after the fractional timer rolls over.
Workaround: Reload the PXF processor by entering the microcode reload pxf global configuration command. The fix for this caveat increases the tolerance of the "next send" time, so that the tolerance of the "next send" time is 1 second ahead of the "current" time.
•
Symptoms: A Cisco 3620 router may experience a software-forced reload when constant bit rate (CBR) is configured.
Conditions: This symptom is observed on a Cisco 3600 series router that is running Cisco IOS Release 12.2(17).
Workaround: Shut down the interface or subinterface before modifying the configuration.
•
Symptoms: An interface of a Cisco router may not be able to receive traffic that is destined for an address that is configured on the router.
Conditions: This symptom is platform independent and occurs only when there is a route in a different VPN routing and forwarding instance (VRF) that is attached or connected to the interface. This may occur when the route has been exported from one VRF to another or when a static route in a VRF points to the interface.
Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the affected interface.
•
Symptoms: An 8-port ATM Inverse MUX T1 port adapter (PA-A3-8T1IMA) may drop packets with a certain unknown pattern.
Conditions: This symptom is observed on a Cisco 7200 series router that is running Cisco IOS Release 12.2(16). The symptom may also occur in other releases.
Workaround: There is no workaround.
•
Cisco Routers running Internetwork Operating System (IOS) that supports Multi Protocol Label Switching (MPLS) are vulnerable to a Denial of Service (DoS) attack on MPLS disabled interfaces.
The vulnerability is only present in Cisco IOS release trains based on 12.1T, 12.2, 12.2T, 12.3 and 12.3T. Releases based on 12.1 mainline, 12.1E and all releases prior to 12.1 are not vulnerable.
More details can be found in the security advisory which is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050126-les.shtml.
•
Symptoms: All of the extended Multiprotocol Label Switching (MPLS) ATM (XTagATM) interfaces may flap on a label switch controller (LSC).
Conditions: This symptom is observed when an edge label switch router (LSR) resets or when ATM Services (AXSM) trunks flap.
Workaround: There is no workaround.
•
Symptoms: A spurious memory alignment error is observed on a Cisco router, which causes an input queue wedge on the serial interface.
Conditions: This symptom is observed on a Cisco 2600 series router that is configured with dual port WAN interface cards (WIC-2Ts).
Workaround: Change the switching mode on the serial interface from fast switching to process switching by entering the no ip route-cache command.
•
Symptoms: A security association (SA) may fail to come up when you enter the correct extended authentication (Xauth) password on a PC that functions as a Virtual Private Network (VPN) client. When you enter the vpnclient connect profilename nocertpwd command on the PC, a connection to the remote peer is not established.
Conditions: This symptom is observed when you attempt to make a VPN connection from a PC to a Cisco router.
Workaround: There is no workaround.
•
Symptoms: You may not be able to start a new session on a Cisco router that runs Systems Network Architecture switching services (SNASw). The log may indicate sense code 08150004 ("LSFID already in use"); the log of the host may indicate sense code 08390001.
Conditions: This symptom is observed when a user logs off and then attempts to log back on at a later time.
Workaround: Reload the router.
•
Symptoms: An alignment traceback may occur when a router is configured for Multilink PPP over Frame Relay (MLPoFR) and weighted random early detection (WRED).
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3, Release 12.3 T, or Release 12.3 XA.
Workaround: Remove or modify the service-policy map to prevent WRED from running on MLPoFR interfaces.
•
Symptoms: Traffic from customer premises equipment (CPE) that travels from a Multiprotocol Label Switching (MPLS) environment to an IPv6 environment may not be switched via Cisco Express Forwarding (CEF).
Conditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.3.
Workaround: There is no workaround.
•
Symptoms: When a gateway that is in Media Gateway Control Protocol (MGCP) fallback mode reloads, no calls can be made, nor can calls be received. When the gateway comes up again, all controllers including a serial controller are automatically shut down. When you turn off auto configuration and reload the router again, you can make calls, but you still cannot receive calls.
Conditions: This symptom is observed on a Cisco 3700 series that functions as a gateway when all Cisco CallManagers (including the primary and the backup Cisco CallManager) are down, when the TFTP server is still up, and when the gateway is reloaded. This situation causes an E1 or T1 controllers to be shut down. This caveat is platform independent and may occur on another Cisco router that functions as a gateway.
Workaround: Enter the no shutdown controller configuration command on the affected E1 or T1 controller.
•
Symptoms: A Cisco gatekeeper rejects an AccessRequest with multiple addresses.
Conditions: This symptom is observed with a Cisco gatekeeper that receives AccessRequests from a third-party video interactive gateway.
Workaround: There is no workaround.
•
Symptoms: A Cisco 6400 series Node Switch Processor (NSP) that has a large number of virtual circuits (VCs) configured may encounter resource limitations, and a "no hw resource" error message may be displayed.
Conditions: This symptom is observed when you apply the configuration, the NSP reboots, or a redundancy switchover of the NSP occurs.
Workaround: Reduce the number of virtual channel identifiers (VCIs) per virtual path (VP) by entering the atm input-xlate-table autominblock global configuration command.
•
Symptoms: The number of packets displayed in the output of the show policy-map interface interface-name EXEC command is twice the number of packets actually sent out. The counter is being updated by both the Route Processor (RP) and Parallel Express Forwarding (PXF).
Conditions: This symptom is observed on a Cisco RPM-XF card that has a service policy attached on a multilink interface.
Workaround: Look at PXF statistics using the show pxf cpu statistics qos interface EXEC command.
•
Symptoms: A Route Switch Processor 4 Plus (RSP4+) may reload.
Conditions: This symptom is observed on a Cisco 7500 series when you configure the interface loopback interface-number interface configuration command on an interface of the router and the value of the interface-number argument is a 9-digit number that starts with 10.
Workaround: If possible, use another range of numbers for the numbers that are assigned to the loopback interfaces, that is, a range of numbers that do not start with 10.
•
Symptoms: A Cisco router may fail to send a ping from its local tunnel interface that has Virtual Private Network (VPN) routing and forwarding (VRF) enabled to a remote end.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3(1) when both the ip route-cache cef and the ip nat outside interface configuration commands are enabled on the physical multilink interface on which the tunnel is configured.
Workaround: Disable the high-speed switching cache for IP routing on the physical multilink interface by entering the no ip route-cache cef interface configuration command.
•
Symptoms: A serial interface of a 1-port multichannel E3 port adapter (PA-MC-E3) may fail to enter the "up/up" state when you initially configure the interface or after a number of reconfigurations.
Conditions: This symptom is observed on a PA-MC-E3 that is installed in a Cisco 7500 series or Cisco 7600 series when the following sequence of events occurs:
1.
2.
3.
Although the symptom may occur when you initially configure the interface, it is more likely to occur when you configure, delete, and reconfigure the interface several times.
Workaround: When the interface does not enter the "up/up" state, configure the interface again.
•
Symptoms: A Cisco router may reload unexpectedly because of memory corruption with a corrupted redzone without any intervention.
Conditions: This symptom is observed on a Cisco router when multicast traffic is protected by an IP Security (IPSec) generic routing encapsulation (GRE) tunnel.
Workaround: There is no workaround.
•
Symptoms: An interface may not transmit traffic because the output may be stuck. When this symptom occurs, the console of the Route Switch Processor 4 (RSP4) may display the following error messages:
%ISDN-6-LAYER2DOWN: Layer 2 for Interface Se1/0/2:15, TEI0 changed to down
%ISDN-6-LAYER2DOWN: Layer 2 for Interface Se1/0/1:15, TEI0 changed to down
%ISDN-6-LAYER2DOWN: Layer 2 for Interface Se1/0/3:15, TEI0 changed to down
%RSP-3-RESTART: interface Serial1/0/0:15, not transmitting
Output Stuck on Serial1/0/0:15
%RSP-3-RESTART: interface Serial1/0/1:15, output frozen
%RSP-3-RESTART: interface Serial1/0/2:15, not transmitting
%RSP-3-RESTART: cbus complexConditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.1(19)E1 when the compress stac caim interface configuration command is configured on the interface. The symptom may also occur in other releases.
Workaround: Remove the compress stac caim interface configuration command from the interface.
•
Symptoms: A Cisco AS5300 may fail intermittently to hunt dial-peers for cause codes such as "no circuit," "interworking," and "dest-out-of-order."
Conditions: This symptom is observed on a Cisco AS5300 that runs Cisco IOS Release 12.2(11)T9, 12.3, or 12.3 T when the dial peers are configured for dial-peer hunting.
Workaround: There is no workaround.
•
Symptoms: A Foreign Exchange Office (FXO) port on a Cisco 3600 series may lock up and not process any calls.
To determine if the port is locked up, enter the show voice port summary EXEC command and look for a port that is in the "up, up, idle, on-hook" state, as in the following example:
IN OUT
PORT CH SIG-TYPE ADMIN OPER STATUS STATUS EC
========= == ============ ===== ==== ======== ======== ==
2/0/0 -- fxo-ls up up idle on-hook yConditions: This symptom is observed when the port processes a moderate traffic load.
Workaround: Enter the shutdown port configuration command followed by no shutdown port configuration command on the affected port.
•
Symptoms: A Network Processing Engine G1 (NPE-G1) may restart unexpectedly and report the following message:
Last reset from watchdog resetConditions: This symptom is observed on a Cisco 7200 series that is configured with an NPE-G1 and that is running Cisco IOS Release 12.2(14)S3. The symptom may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: Subinterfaces that are not configured for policing may randomly drop packets.
Conditions: This symptom is observed when modular QoS CLI (MQC) class-based policing is configured on an Inter-Switch Link (ISL) subinterface and when there are other ISL subinterfaces that are not configured for policing.
Possible Workaround: Remove the quality of service (QoS) policy with class-based policing from the ISL subinterface.
•
Symptoms: A router may reload unexpectedly when a Media Gateway Control Protocol (MGCP) call is made to a transcoder that functions as a gateway.
Conditions: This symptom is observed on a Cisco router after a call has failed before the MGCP call is made.
Workaround: There is no workaround.
•
Symptoms: A Virtual Private Network (VPN) client in a VPN routing/forwarding instance (VRF) that is connected to a provider edge (PE) router may have connectivity only to other devices that are directly connected to the same PE router but no connectivity to other PE routers.
Conditions: This symptom is observed when the connectivity between the PE routers is fine. Only VPN clients are affected.
Workaround: There is no workaround.
•
Symptoms: Gateways may not be able to register with the gatekeeper.
Conditions: This symptom is observed when the security password is enabled on the gatekeeper.
Workaround: There is no workaround. If you remove the security password, there is no authentication.
•
Symptoms: On a Cisco router, when packets that are larger than 750 bytes go through from an ATM ingress subinterface with a maximum transmission unit (MTU) size of 4470 bytes to an ATM egress subinterface with an MTU size of 750 bytes, the packets should be fragmented but may be dropped instead.
The output of the show interfaces atm privileged EXEC command may display a queue stack. When you send 150 pings of 1500 bytes (which exceed the MTU size of the ATM subinterface with an MTU size of 750 bytes), packets may be dropped from the 77th ping on.
Conditions: This symptom is observed on a Cisco 3600 series that is configured for Cisco Express Forwarding (CEF) and quality of service (QoS).
Workaround: Disable CEF.
First Alternate Workaround: Disable the MTU of the subinterfaces.
Second Alternate Workaround: Remove the QoS service policy from the subinterfaces.
•
Symptoms: Voice extensible markup language (VXML) version 2.0 caching may not be supported.
Conditions: This symptom is observed when you use caching in a VXML version 2.0 script.
Workaround: Use VXML version 1.0 caching.
•
Symptoms: Call legs may not be cleared properly.
Conditions: This symptom is observed on a Cisco router after an interactive voice response (IVR) application is terminated.
Workaround: There is no workaround.
•
Symptoms: A Cisco gateway may respond to a Notification Request (RQNT) with a cause code of 400 (transaction not executed: transient error).
Conditions: This symptom is observed on a Cisco gateway when it receives a Delete Connection (DLCX) and responds back with a 250 cause code. The gateway may then receive an RQNT from the call agent, and the gateway responds with a 400 cause code.
Workaround: There is no workaround.
•
Symptoms: A Cisco IAD2420 may reload unexpectedly when a watchdog timeout occurs in the voice telephony service provider (VTSP) process.
Conditions: This symptom is observed during normal processing of calls in the local-bypass mode.
Workaround: There is no workaround.
•
Symptoms: A Cisco Media Gateway Control Protocol (MGCP) gateway may be unregistered by a Cisco CallManager.
Conditions: This symptom is observed on a Cisco router that functions as a gateway and that runs Cisco IOS Release 12.2 T, Release 12.3, or Release 12.3 T when the T1 channel-associated signaling (CAS) and PRI backhaul is configured.
Following is an example of the sequence of events that cause the symptom to occur:
1.
2.
3.
4.
5.
6.
7.
8.
9.
Workaround: Do not use MGCP. Rather, use H.323.
•
Symptoms: A Cisco router (router 1) with a digital modem is connected over a public switched telephone network (PSTN) to another router (router 2) with a digital modem. Router 1 is configured to check the basic connectivity to router 2. When router 1 tries to ping router 2, router 1 reloads.
Conditions: This symptom is observed on a Cisco 3725 router with a digital modem that is configured to test the digital modem connectivity between the two routers.
Workaround: There is no workaround.
•
Symptoms: A Versatile Interface Processor 4 (VIP4) in which an 8-port multichannel E1, G.703 120 ohm interface port adapter (PA-MC-8E1/120) is installed may reload unexpectedly and display the following error message:
%ALIGN-1-FATAL: Illegal access to a low address.Conditions: This symptom is observed on a Cisco 7500 series that has a distributed multilink interface on which IP Header Compression (IPHC) is configured when distributed Cisco Express Forwarding (dCEF) is disabled by entering the no ip cef distributed global configuration command and reconfigured by entering the ip cef distributed global configuration command while the interface is operational.
Workaround: Ensure that the multilink interface is shut down before you to disable dCEF.
•
Symptoms: A Cisco router that is in the process of setting up a Multiprotocol Label Switching (MPLS) traffic engineering (TE) tunnel may reload unexpectedly because of a bus error.
Conditions: This symptom is observed under unusual circumstances when the following series of events occur:
–
–
mpls traffic-eng attribute-flags attributes
mpls traffic-eng administrative-weight weight
mpls traffic-eng flooding thresholds
–
Workaround: Before you enter any of the above-mentioned MPLS TE interface configuration commands on the interface, ensure that MPLS TE tunnels are enabled on the interface by entering the mpls traffic-eng tunnels interface configuration command. Before you disable MPLS TE tunnels on the interface by entering the no mpls traffic-eng tunnels interface configuration command, ensure that any of the above-mentioned MPLS TE interface configuration commands are removed from the interface.
•
Symptoms: A Network Processing Engine G-1 (NPE-G1) may forward unicast IP packets that have a Layer 2 multicast MAC address.
Conditions: This symptom is observed on an NPE-G1 that is installed in a Cisco 7200 series.
Workaround: Create an access control list (ACL) to filter the packets.
Alternate Workaround: Configure a static multicast MAC address mapping to the ports of the connected Layer 2 switch.
•
Symptoms: A terminating gateway rejects incoming Voice over IP (VoIP) calls that carry Field Compatibility Information (FDC) national calling party category (CPC) information in the generic transparency descriptor (GTD) message.
Conditions: This symptom is observed on an H.323 version 4 (V4) Cisco gateway that terminates T1 channel-associated signaling (CAS). Calls that originate from Signaling System 7 (SS7) and R2 trunks that carry national CPC vales are affected.
Workaround: There is no workaround.
•
Symptoms: A gateway does not send an H.225 progress (PROG) Information Element (IE) when it receives an ISDN call proceeding (callp) with a progress indicator (PI).
Conditions: This symptom is observed when an ISDN public switched telephone network (PSTN) switch returns a callp message with a PI IE in response to the setup message from the terminating gateway. The callp does not trigger any H.225 message from the terminating gateway to the originating gateway.
Workaround: There is no workaround.
•
Symptoms: The Systems Network Architecture switching services (SNASw) performance via single-hop Enterprise Extender (EE) Rapid Transport Protocol (RTP) connections is not optimum.
Conditions: This symptom is observed on a Cisco router that runs SNASw and that has EE High Performance Routing (HPR)/IP RTP connections. Normal (that is, non-EE) HPR-ISR RTP connections are not affected.
An RTP connection has an alive timer that comes up every 180 seconds when there is no traffic. An EE RTP connection has also an underlying Logical Data Link Control (LDLC) timer that can detect problems with the EE link. For these EE RTP connections, the RTP alive timer is not required when the RTP path is limited to a single hop (or to two hops through a virtual routing node); the LDLC timer is sufficient.
Workaround: There is no workaround. The fix for this caveat disables the RTP alive timer for single-hop EE RTP connections, thereby improving the SNASw performance.
•
Symptoms: A Cisco 7200 series router with a VPN Accelerator Module 2 (VAM2) may reload because of stack corruption.
Conditions: This symptom is not observed under normal router operation. The symptom occurs only when the VAM2 is disabled and enabled through the command- line interface (CLI) (for example, by entering the no crypto engine accelerator global configuration command followed by the crypto engine accelerator global configuration command) or a physical online insertion and removal (OIR) of the VAM2 is performed.
Workaround: There is no workaround.
•
Symptoms: An originating gateway (OGW) may incorrectly insert the calling number information element (IE) in an H.225 call setup message to the terminating gateway (TGW).
Conditions: This symptom is observed on a Cisco AS5400 that functions as an OGW. The symptom occurs only for calls from an H.323-Version 4 OGW to an H.323-Version 2 TGW when the following conditions are present:
–
–
–
Workaround: There is no workaround.
•
Symptoms: Incorrect tags may be imposed after a route has flapped.
Conditions: This symptom is observed on a Cisco router that functions in a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) environment.
Workaround: There is no workaround.
•
Symptoms: When set commands are used with a service policy, a router may reload unexpectedly. In particular, when you use the set cos policy-map class configuration command, a router may reload unexpectedly.
Conditions: This symptom is observed when you make a configuration change of a service policy that is configured on an interface, when the service policy is configured with a set command, and when one or all of the following three features are enabled:
–
–
–
Workaround: There is no workaround.
•
Symptoms: Packets may be stuck in the input queue of a generic routing encapsulation (GRE) tunnel, and the following error messages and tracebacks may be generated:
%SYS-2-BADSHARE: Bad refcount in pak_enqueue, ptr=817F9690, count=0
-Traceback= 80185464 8018666C 8018D7CC 803B0A44 8039E15C 8039F76C 8039D6D4 8039D8A4 8039DA70 801FD068 80200718
%SYS-2-BADSHARE: Bad refcount in datagram_done, ptr=817F9690, count=0
-Traceback= 80182550 8018689C 8018D7CC 803B0A44 8039E15C 8039F76C 8039D6D4 8039D8A4 8039DA70 801FD068 80200718
%SYS-2-BADSHARE: Bad refcount in pak_enqueue, ptr=81A135F4, count=0
-Traceback= 80185464 8018666C 8018D7CC 803B0A44 8039E15C 8039F76C 8039D6D4 8039D8A4 8039DA70 801FD068 80200718Conditions: This symptom is observed on a Cisco 1720 that runs Cisco IOS Release 12.3(1a) or Release 12.3 T and that is configured for Dynamic Multipoint VPN (DMVPN), IP Security (IPSec), and Multipoint GRE. The symptom may occur when a packet buffer is released and when the input queue is not decremented.
Workaround: There is no workaround. Increasing the size of the hold queue of the tunnel interface by increasing the value of the length argument in the hold-queue length in interface configuration command may delay the occurrence of the symptom, but after a period of time, the input queue may fill up again. As a temporary workaround, reload the router until the symptom occurs again.
•
Symptoms: After you enter the oir slot slot number remove command to perform a soft online insertion and removal (OIR) of a Synchronous Transport Module 1 (STM1) card, all of the serial interface configurations that correspond to PRI controllers disappear from the running configuration of a Cisco router. In addition, the ISDN layers never come up even after the manual configuration of serial interfaces.
Conditions: This symptom is observed after an OIR of an STM1 card in a Cisco AS5850.
Workaround: There is no workaround except to reload the Route Switch Controller (RSC) on the router.
•
Symptoms: A router may reload with a bus error, and the following message appears:
PC 0x616F0B80, address 0x3C.Conditions: This symptom is observed on a Cisco 3660 router that has low memory.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may reload when a T3 channel group is unconfigured.
Conditions: For the symptom to be observed, the interface of the channel group must be part of a multilink group that has header compression and distributed Cisco Express Forwarding (dCEF) configured.
Workaround: Remove the header compression configuration from the interface before removing the channel group.
Alternate Workaround: Disable the ip cef distributed global configuration command before unconfiguring the channel group.
•
Symptoms: A router may reload unexpectedly when you delete an IPv6 reflexive access control list (ACL) while an ACL that is defined in the name argument of the evaluate name access-list command continues to reference the deleted reflexive ACL.
Conditions: This symptom occurs when a traffic flow matches the ACL that is defined in the name argument of the evaluate name access-list command.
Workaround: Disable the evaluate name access-list command before you delete the reflexive ACL.
•
Symptoms: A Cisco 7500 series that is configured with a 1-port multichannel STM-1 port adapter (PA-MC-STM-1) may reload unexpectedly.
Conditions: This symptom is observed when the following steps occur in sequence:
1.
2.
3.
4.
Workaround: There is no workaround.
•
Symptoms: One-way audio may occur during a phone call: a user on the public switched telephone network (PSTN) side may not hear a Cisco IP SoftPhone user.
The output of debug command and sniffer traces do not indicate any packets drops, and when you listen to the sniffer trace, there seems to be two-way audio.
Symptoms: This symptom is observed when the Cisco IP SoftPhone calls the PSTN via a Cisco VG200 series that runs Cisco IOS Release 12.2(15)T7 or Release 12.3.
Workaround: There is no workaround. Note that the symptom does not occur in Release 12.2(11)T2.
•
Symptoms: A Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) provider edge (PE) router that is running distributed Cisco Express Forwarding (dCEF) may have high memory usage and memory allocation failures when dCEF is disabled and then reenabled.
Conditions: This symptom is observed on a PE router that has a large number of VPN routes (over 30,000) in a VPN routing/forwarding (VRF) table when CEF is disabled and then reenabled.
Further Problem Description: View the output of the show processes memory EXEC command to verify that the CEF process memory usage increases.
Workaround: Reload the router.
•
Symptoms: An L2TP access concentrator (LAC) may reload when it clears a PPP over Ethernet (PPPoE) session.
Conditions: This symptom is observed on a Cisco 7200 series.
Workaround: There is no workaround.
•
Symptoms: A Cisco AS5850 may reload unexpectedly.
Conditions: This symptom is observed under rare circumstances when bulk calls are brought up.
Workaround: There is no workaround.
•
Symptoms: A router that runs Voice over IP (VoIP) may reload frequently during the authentication, authorization, and accounting (AAA) process when there is an accounting attribute with an invalid length such as a zero-length user name and when too many attributes are sent to the AAA server.
Conditions: This symptom is observed on a Cisco 3660 router that runs Cisco IOS Release 12.2(19). The symptom may also occur in other releases. The condition that causes VoIP to send a zero-length user name is unknown, and is documented in caveat CSCec52917.
Workaround: There is no workaround.
•
Symptoms: On a Cisco 3600 series, all packets that are coming from serial interfaces are process switched.
Conditions: This symptom is observed only on a Cisco 3600 series when integrated routing and bridging (IRB) is configured and when one serial interface is part of a Bridge Group Virtual Interface (BVI). The symptom does not occur when you configure an Ethernet interface instead of a serial interface to be part of the BVI.
Workaround: There is no workaround.
•
Symptoms: A Cisco 2691XM router that is configured as an H.323 gatekeeper may reload when the gatekeeper functionality is shut down and when the dynamic zone prefix gatekeeper configuration command is configured.
Conditions: This symptom is observed on a Cisco 2691XM that is running Cisco IOS Release 12.2(15)T5 or Release 12.3(2)T when the dynamic zone prefix gatekeeper configuration command is enabled by default on both the gateway and the gatekeeper, and when the following conditions occur:
–
–
For example:
This symptom is observed when the gateway and the gatekeeper have the following configurations (the same destination pattern and zone prefix):
Gateway configuration (with dynamic prefix registration enabled):
dial-peer voice 1 pots
destination-pattern 385....Gatekeeper configuration:
zone prefix zone-1 385 ....
gw-priority 10 GW1The symptom is not observed when the gateway and the gatekeeper have the following configurations (the destination pattern and the zone prefix are different):
Gateway configuration (with dynamic prefix registration enabled):
dial-peer voice 1 pots
destination-pattern 555....Gatekeeper configuration:
zone prefix zone-1 385....
gw-priority 10 GW1For information on how to disable dynamic zone prefixes, refer to the following URL: http://www.cisco.com/en/US/docs/ios/12_3/vvf_c/cisco_ios_h323_configuration_guide/old_archives_h323/4gwconf.html
•
Symptoms: No audio or a garbled sound may occur when a voice gateway is in voice mode after first having detected modem tones and subsequently silence for more than 250 milliseconds.
Conditions: This symptom is observed when the voice gateway is configured for Media Gateway Control Protocol (MGCP) and the peer voice gateway is configured for H.323, and when the voice gateway is also configured for modem pass-through. A call agent, such as a Cisco CallManager, functions as an intermediary signaling node. The symptom occurs in the following sequence of events:
1.
2.
3.
Workaround: Configure both voice gateways for H.323.
Alternate Workaround: Use G.711 as the initial codec of the voice call.
•
Symptoms: When you enter the dir, cd, or pwd EXEC command, the command may not have any effect. In the error message that is generated when the command fails, the path may be truncated.
Condition: This symptom is observed in Cisco IOS Release 12.3 and Release 12.3 T.
Workaround: Enter the command with the full path, for example, enter the dir disk0:/dir/file-url command instead of the dir disk0: file-url command.
•
Symptoms: A spurious memory access may be displayed on the console of a Versatile Interface processor (VIP).
Conditions: This symptom is observed on a Cisco 7500 series when TCP/Routing Table Protocol (RTP) IP Header Compression (IPHC) is configured on a distributed multilink bundle interface.
Workaround: There is no workaround.
•
Symptoms: A Cisco 6400 series Node Switch Processor (NSP) may reload unexpectedly when you enter the show ip interface brief EXEC command.
Conditions: This symptom is observed after you have performed an online insertion and removal (OIR) of a network line card (NLC).
Workaround: There is no workaround.
•
Symptoms: After the switchcc command is entered on the Processor Switch Modules (PXM) on an MGX node, the segmentation and reassembly (SAR) autorecovery feature is invoked for the Route Processor Module (RPM-PR) cards.
Conditions: This symptom is observed after the switchcc command is entered and if the poll port open request on any one of the RPM-PR cards times out. The poll port open request can time out if the SAR engine or CPU on the RPM-PR is really busy and drops poll port open requests that come from the PXM.
Workaround: There is no workaround.
•
Symptoms: An incorrect MAC encapsulation string in a Multiprotocol Label Switching (MPLS) forwarding table on a provider edge (PE) router causes traffic to go down.
Conditions: This symptom is observed on a cell-based Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) that rebuilds the MPLS forwarding table after traffic stops on a PE router.
Workaround: Enter the clear ip route network EXEC command on the PE router that has the traffic problem.
Alternate Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface command on the MPLS interfaces of the problem PE.
•
Symptoms: A router may reload unexpectedly when the bandwidth of an interface is changed, for example, when you configure the encapsulation type.
Conditions: This symptom is observed when the interface has a cell-based tagswitching subinterface that has a service policy attached.
Workaround: Detach the service policy from the tagswitching subinterface before you change the bandwidth of the interface.
•
Symptom: When multiple dial peers are configured with different translation rules that are used one the same call, the authentication, authorization, and accounting (AAA) accounting records do not show accurate information of the translated called number.
Conditions: This symptom is observed on a Cisco AS5350 and a Cisco AS5400 when the outbound dial peers have translation rules configured and when multiple dial peers are used for and outbound call because of dial-peer hunting. The symptom does not occur on a Cisco AS5300.
Workaround: Analyze the call by using the correct number that is contained in the gw-final-xlated-cgn vendor-specific attribute (VSA) that is part of the stop record for the RADIUS server.
Further Problem Description: When a universal gateway such as a Cisco AS5350 or Cisco AS5400 receives a call via time-division multiplexing (TDM), and this call needs to be forwarded via Voice over IP (VoIP), the universal gateway tries the first dial peer, which translates the called number and adds a prefix to it. When this call does not go through, the universal gateway tries a second dial peer via dial-peer hunting. This second dial peer translates the number and adds a different prefix to it.
There is a start and stop record for each dial peer:
–
–
Although the number is translated and properly sent, the AAA records are incorrectly populated.
•
Symptoms: When you enter the shutdown interface configuration command followed by the no shutdown interface configuration command on an interface that is configured for Border Gateway Protocol (BGP) loadbalancing, the Parallel Express Forwarding (PXF) processor may reload, a traceback may be displayed on the router console, and loss of data may occur.
Conditions: These symptoms are observed on a Cisco router that is configured for BGP, that has a single peer, that has the neighbor ebgp-multihop 2 router configuration command enabled, and that is configured with static routes for loadbalancing.
Workaround: There is no workaround.
•
Symptoms: A Cisco gateway that runs a voice extensible markup language (VXML) application may pause indefinitely.
Conditions: This symptom is observed on a Cisco gateway that runs Cisco IOS Release 12.2(13)T9 or Release 12.3(3a) but may also occur in other releases. The symptom occurs when the gateway is placed in HTTP streaming mode by entering the ivr prompt streamed all global configuration command or the ivr prompt streamed http global configuration command and when one of the following conditions is present:
–
For example:
<prompt cisco-vcrprompt="true"> <audio src="http://px1-sun/audio/DUCF_33_httpg711ulaw.au"/> <audio src="http://px1-sun/audio/DUCF_33_httpg711ulaw.au"/> </prompt>–
Workaround: Turn off HTTP streaming by entering the no ivr prompt streamed http global configuration command or the ivr prompt streamed none global configuration command.
Alternate Workaround: Turn off HTTP caching by entering the http client cache memory pool 0 global configuration command.
•
Symptoms: An enhanced route switch controller (eRSC) may reload unexpectedly during the bootup process. This symptom does not occur on an RSC (that is, a legacy RSC) but the boot Flash memory may become unusable during the bootup process. The following error messages may be displayed during the bootup process:
%Error: Flash disk0 bank 0 chip 0 unknown, chip id 0x0 (reversed = 0x0 )
%Error: Flash disk0 bank 0 chip 1 unknown, chip id 0x0 (reversed = 0x0 )
%Error: Flash disk0 bank 0 chip 2 unknown, chip id 0x0 (reversed = 0x0 )
%Error: Flash disk0 bank 0 chip 3 unknown, chip id 0x0 (reversed = 0x0 )
%Error: Flash disk0 initialization failedConditions: These symptoms are observed on a Cisco AS5850.
Workaround: There is no workaround.
•
Symptoms: Routing Information Protocol (RIP) may not send updates through an interface that are configured for Virtual Private Network (VPN).
Conditions: This symptom is observed on a Cisco router that has the router rip global configuration command is enabled and on which the RIP router process is configured for VPN.
One of the few configurations in which the symptom is observed is a configuration in which the router has the passive-interface default router configuration command enabled. After the router has reloaded, when you enter the no passive-interface interface-type interface-number router configuration command on the interface that is configured for VPN, the symptom may occur.
The natural order of the configuration is for the no passive-interface interface-type interface-number router configuration command to be enabled before the passive-interface default router configuration command. However, this situation prevents the interface from sending updates.
Workaround: After the router has reloaded and RIP is configured, enter the passive-interface default router configuration command. Then, enter the no passive-interface interface-type interface-number router configuration command for the interface that is configured for VPN.
•
Symptoms: A Cisco AS5850 may reload unexpectedly during the processing of a large number of calls.
Conditions: This symptom is observed on a Cisco AS5850 that runs Cisco IOS Release 12.3 or Release 12.3 T in a Large Scale Dial-Out (LSDO) configuration when the CPU utilization remains above 98 percent for a relatively long period of time.
Workaround: Avoid large numbers of calls, if this is an option. Otherwise, there is no workaround.
•
Symptoms: A PPP over Ethernet (PPPoE) user that logs in for a second time may not become connected to a service.
Conditions: This symptom is observed on a Cisco platform that runs Cisco IOS Release 12.3(3)B and that has Port Bundle Host Key (PBHK) enabled when the PPPoE session is created as a non-Service Selection Gateway (SSG) PPPoE user session. The symptom may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: Service Selection Gateway (SSG) hosts may not be cleared when the PPP over X (PPPoX) session for a user goes down. The output of the show ssg host privileged EXEC command indicates that the memory is low. The output of the show ssg host count privileged EXEC command displays the host count is "-ve," which is caused by entering the clear ssg host all privileged EXEC command.
Conditions: This symptom is observed under the following conditions:
–
–
Workaround: Ensure that SSG does not bind the PPPoX interface dynamically as a downlink by changing the configuration in such as way that a dummy SSG Account-Info attribute in inserted in the Access-Accept packet of the PPPoX user.
•
Symptoms: ATM binding is not used by the Tag Forwarding Information Base (TFIB) Cisco Express Forwarding (CEF) table for some prefixes of remote provider edge (PE) routers on a PE router.
Conditions: This symptom is observed on a Cisco Route Processor Module (RPM- PR) in a cell-based Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN).
Workaround: Enter the clear ip route network EXEC command.
•
Symptoms: The CPU usage on a Cisco AS5850 may be close to 100 percent with a moderate number of voice calls with any Voice over IP (VoIP) device that uses the User Datagram Protocol (UDP) checksum (for example, Cisco Analog Telephone Adapter [ATA] devices and the Cisco 7900 series IP phones).
Conditions: This symptom is observed on a Cisco AS5850 when VoIP devices that use the UDP checksum are installed in a client network as a VoIP gateway that uses the Session Initiation Protocol (SIP) and has the ip udp checksum dial-peer configuration command enabled. This causes the Cisco AS5850 to punt packets to the Route Switch Controller (RSC) and have high CPU usage at the RSC with only a moderate number of calls.
Workaround: Disable the UDP checksum option in the client network by entering the no ip udp checksum dial-peer configuration command. If this is not possible, there is no workaround.
•
Symptoms: When you securely copy a Cisco IOS image to a flash disk by entering the copy scp slot0: or copy scp slot1: EXEC command, the copy process may stop after about 60 to 70 percent has been transferred.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.0(25)S1 or Release 12.3.
Workaround: Copy the Cisco IOS image via another transport protocols such as TFTP.
•
Symptoms: There may be a format difficulty when you save digital signal (DS) power-level information onto the NVRAM of a Cisco uBR900.
Conditions: This symptom is observed on a Cisco uBR900 that runs Cisco IOS Release 12.2(15)T7, 12.3, or 12.3 T.
Workaround: There is no workaround.
•
Symptoms: A Cisco router repeatedly displays the following error message:
%PXF-2-TALLOCFAILConditions: This symptom is observed on a Cisco 7200 series with a Network Service Engine (NSE-1) or on a Cisco 7401 router whenever the router turns on any routing protocol.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may fail to switch traffic downstream towards a user via Cisco Express Forwarding (CEF).
Conditions: This symptom is observed on a Cisco router that terminates both PPP over Ethernet (PPPoE) and PPP over ATM (PPPoA) sessions when different virtual templates are used for these two types of sessions and when subinterfaces are enabled. The symptom may affect only a part of the subscribers.
Workaround: Use only one virtual template for both PPPoE and PPPoA sessions.
First Alternate Workaround: Disable the subinterfaces.
Second Alternate Workaround: Disable CEF.
•
Symptoms: Users fail to authenticate on a Cisco router when the CiscoSecure authorization (CSAuth) service module fails on a primary Access Control Server (ACS).
Conditions: This symptom is observed on a Cisco router when the CSAuth services fail on the primary ACS server. When the primary ACS server is unavailable because CSAuth services stop, the ACS server returns the "Authserver is Down" error message but the router does not detect this message and fails to submit the authentication CSAuth request to the secondary server.
Following is an example of the current server configuration:
aaa group server tacacs+ group-name
server x.x.x.x
server y.y.y.y
aaa authentication ppp default group group- nameWorkaround: If there are only several servers in a group, the servers may be inserted in separate groups and those groups may be included as separate methods. For example:
aaa group server tacacs+ group-name-1
server x.x.x.x
aaa group server tacacs+ group-name-2
server y.y.y.y
aaa authentication ppp default group group-name-1 group-name-2•
Symptoms: A Cisco router may reload unexpectedly because of a watchdog timeout in the crypto Internet Key Management Protocol (IKMP) process. An error message similar to the following one may be displayed on the console while the router reloads or in the crashinfo file after the router has reloaded:
%SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = Crypto IKMP. -Traceback= <string_of_hexidecimal_values>The output of the show version EXEC command displays the following information:
System returned to ROM by error - a Software forced crash, PC 0x<hex_value>Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.2(15)T7, Release 12.3(1), or Release 12.3(3) and that has IP Security (IPSec) tunnels configured.
Workaround: Disable the IPSec tunnels. If this not an option, there is no workaround.
•
Symptoms: A Cisco 7200 series pauses indefinitely in the middle of a link control protocol (LCP) negotiation. The PPP over ATM (PPPoATM) session receives a "Sending Acct Event [Reneg]" message and terminates the LCP phase. The remote peer renegotiates another PPP session and uses the same PPP ID. This causes a continuous LCP state for that user.
Conditions: This symptom is observed on a Cisco 7200 series that is configured for PPPoATM and that runs Cisco IOS Release 12.2(15)T9. The symptom may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: A router may terminate a Secure Shell (SSH) session after the router has fallen back to local authentication and authorization. The output of a debug command may show that the router ended the session normally, as if the SSH had typed "exit" in the SSH client application.
Conditions: This symptom is observed on a Cisco router when authentication and authorization is configured to be performed by a TACACS+ server with local fallback to the router and when the TACACS+ server goes offline. The SSH user must have been authenticated successfully at least once by the TACACS+ server.
Workaround: Use a Telnet connection to access the router.
•
Symptoms: The H.225 setup contains only one calling number in the "sourceAddress" field, but a gateway may incorrectly map this information to a Generic Transparency Descriptor (GTD) Generic Address (GEA) parameter with the qualifier set to "trs2," which indicates an additional calling number.
Conditions: This symptom is observed on a Cisco gateway when a call is redirected.
Workaround: There is no workaround.
•
Symptoms: A router that is configured for HTTP and voice-based services may reload unexpectedly because of an internal memory corruption.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3 or Release 12.3 T.
Workaround: There is no workaround. Note that the fix for this symptom prevents the router from reloading and enables the router to generate the appropriate debug messages. The internal memory corruption is addressed and documented in caveat CSCec20085.
•
Symptom: Cisco IOS software may accept and process a "RESPONDER LIFETIME" notify message before it has processed a "Main Mode 6" message. (A "RESPONDER LIFETIME" notify message is sent by a headend router to a remote device to facilitate the synchronization of Internet Key Exchange (IKE) rekeying.)
Conditions: This symptom is observed when a "RESPONDER LIFETIME" notify message arrives before a "Main Mode 6" message. IKE packets can arrive out of order because IKE relies on User Datagram Protocol (UDP) as the transmission protocol.
Workaround: If the remote device functions as Easy VPN Client, configure the device to operate in "auto connect mode" to prevent you from having to reinitiate the connection manually.
Alternate Workaround: Ensure that the IKE peers have matching lifetimes. Doing so makes the "RESPONDER LIFETIME" notify message unnecessary and prevents Cisco IOS software from sending this message.
•
Symptoms: A Cisco 2600 series or Cisco 3600 series may generate badshare messages.
Conditions: This symptom is observed on a Cisco 2600 series and Cisco 3600 series that are configured with a compression Advanced Integration Module (AIM) and an 8-port asynchronous/synchronous network module (NM-8A/S).
Workaround: Use software compression instead of hardware compression.
•
Symptoms: A call that is routed via H.323 to an IP-to-IP gateway may be dropped when the IP-to-IP gateway sends a Resource Availability Indicator (RAI) message (indicating that it is out of resources) to the H.323 gatekeeper, causing the H.323 gatekeeper to return an Admission Reject (ARJ) message.
Conditions: This symptom is observed on a Cisco platform that functions as a Cisco Internet Service Node (ISN). The Cisco ISN functions as an IP-to-IP gateway that performs interactive voice response (IVR) and IP switching.
Workaround: There is no workaround.
•
Symptoms: A router may reload when the police policy-map class configuration command is enabled under a policy map.
Conditions: This symptom has been observed rarely and is not easily reproduced.
Workaround: There is no workaround.
•
Symptoms: The cptone jp voice-port configuration command may not have any effect on the cadence settings for Japan.
Conditions: This symptom is observed when you enter the cptone jp voice-port configuration command and you observe the signal timing.
Workaround: There is no workaround.
•
Symptoms: Tracebacks may be generated on a Cisco router that runs a Cisco IOS k8 or k9 crypto image, or memory corruption may occur and the router may reload unexpectedly.
Conditions: These symptoms are observed during normal operation, but are more likely to occur when you enter the clear crypto sa EXEC command or when a crypto access control list (ACL) is configured while crypto traffic is flowing through the IP Security (IPSec) tunnel.
Workaround: There is no workaround.
•
Symptoms: Spurious memory accesses may occur on a router.
Conditions: This symptom is observed on a Cisco router that runs Routing Information Protocol (RIP).
Workaround: There is no workaround.
•
Symptoms: A Cisco AS5xx0 platform that is equipped with a particular third-party vendor E1/T1 framer may bring down the controller immediately upon receiving an alarm indication signal (AIS).
Conditions: This symptom is observed when noisy line conditions that last less than 2 seconds cause T1 links to go down or when outages or cable difficulties that last less than 2 seconds cause the controller to go down.
Workaround: There is no workaround.
•
Symptoms: PPP authentication credentials may not be authenticated on a network access server (NAS) if the if-needed keyword is configured in the ppp authentication if-needed interface configuration command and the autoselect during-login line configuration command is configured while login authentication is set to RADIUS.
Conditions: This symptom is observed on a Cisco access server that runs Cisco IOS Release 12.3.
Workaround: Remove the if-needed keyword from the ppp authentication if-needed interface configuration command.
Alternate Workaround: Remove the autoselect during-login line configuration command. Doing so enables the PPP authentication to proceed normally.
•
Symptoms: A host signal processor (HSP) modem in a VPN Accelerator Module 2 (VAM2) may not be fully compliant with the Federal Information Processing Standards specifications for power-up self-tests (FIPS-140-2).
In addition, an HSP modem may not properly handle some error conditions and may cause a router to reload unexpectedly.
Conditions: These symptoms are observed on a Cisco router that is configured with a VAM2.
Workaround: There is no workaround.
•
Symptom: A Cisco 3600 series or Cisco 3700 series may reload because of an unexpected exception.
Conditions: This symptom is observed on Cisco 3600 series and Cisco 3700 series that run Cisco IOS Release 12.3(3) and that are configured with a DES/3DES/AES VPN Encryption and Compression Module (AIM-VPN/EPII or AIM-VPN/HPII). The symptom may occur during Internet Security Association and Key Management Protocol (ISAKMP) tunnel negotiation in all of the following conditions:
–
–
–
Workaround: For the first and second conditions there are no workarounds. For the third condition, match the IKE SA lifetimes on both peers.
•
Symptoms: When the cptone cn voice-port configuration command (the cn prefix stands for China) is enabled on a voice port, a user may not be able to hear the message waiting indicator (MWI). However, when you enter the debug mgcp privileged EXEC command, you can verify that the message has been sent to the Integrated Access Device (IAD).
Conditions: This symptom is observed on a Cisco IAD 2421 and Cisco IAD 2430 but may also be observed on other Cisco platforms.
Workaround: There is no workaround.
•
Symptoms: Output drops may occur and increase on interfaces that have weighted fair queuing (WFQ) enabled by default.
Conditions: This symptom is observed on a Cisco 7200 series that is configured with a Network Service Engine 1 (NSE-1) and a Cisco 7401 that have Parallel Express Forwarding (PXF) enabled and that are using a default hold-queue size.
Workaround: Configure an output hold-queue size on the interface by entering the hold-queue length out interface configuration command. Note that this workaround does not apply to Cisco IOS Release 12.2.
First Alternate Workaround: Disable PXF by entering the no ip pxf global configuration command.
Second Alternate Workaround: Disable WFQ by entering the no fair-queue interface configuration command.
•
Symptoms: A router may reload unexpectedly when an extensible markup language (XML) script requests the Cisco Networking Services (CNS) Exec agent to send a large XML response to the CNS Event Bus.
Conditions: This symptom is observed on a Cisco platform that runs Cisco IOS Release 12.3 or Release 12.3 T.
Workaround: Do not configure an XML script to send large XML responses via the CNS Event Bus.
•
Symptoms: A Cisco MGX8850 Route Processor Module-PRemium 512 (RPM-PR-512) may return to ROM monitor (ROMmon) because of a bus error.
Conditions: This symptom is observed on a Cisco MGX8850 that runs release 3.0.(20.100) and an RPM-PR-512 that runs Cisco IOS Release 12.2(15)T4a or Release 12.3 when you modify a permanent virtual circuit (PVC) or subinterface.
Workaround: Shut down the PVC or subinterface before you change any parameters. Parameters are changed when you modify a service policy, the type of virtual circuit (VC), and so on.
•
Symptoms: You may not be able to configure a permanent virtual circuit (PVC) on an ATM interface.
Conditions: This symptom is observed on a Cisco platform that runs Cisco IOS Release 12.3 or Release 12.3 T.
Workaround: There is no workaround.
•
Symptoms: In a Large Scale Network Testing (LSNT) network, memory may not be deallocated correctly.
Conditions: This symptom is observed on a Cisco MGX Route Processor Module (RPM-XF) when the memory allocation and deallocation of an approved vendor list (AVL) for a prefix of a class of service (CoS) index 0 value is not processed correctly.
Workaround: There is no workaround.
•
Symptoms: A Cisco IOS voice gateway may reload unexpectedly because of a segmentation violation (SegV) exception.
Conditions: This symptom is observed on a Cisco IOS voice gateway when you enter the busyout monitor voice-port configuration command on a voice port and when the Cisco IOS voice gateway runs a Cisco IOS software release that is listed in the "First Fixed-in Version" field at the following location:
http://www.cisco.com/pcgi-bin/Support/Bugtool/onebug.pl?bugid=CSCec07945
Cisco IOS software releases that are not listed in the "First Fixed-in Version" field at this location are not affected.
Workaround: There is no workaround.
•
Symptoms: R2 International Telecommunication Union (ITU) base variants do not apply the correct mapping for the following two ISDN or ISDN User Part (ISUP) cause values (CVs):
–
–
Conditions: This symptom is observed on Cisco gateways that are configured with ISDN and Redundant Link Manager (RLM) and that have R2-ITU trunks.
Workaround: There is no workaround.
•
Symptoms: Foreign Exchange Office (FXO) ground-start voice ports on a Cisco IOS voice gateway may cease to permit outbound calls from the gateway to the connected voice switch. The output of the show voice port summary EXEC command may show that the voice port is in an "UP/UP ONHOOK" state; the proper idle state for the port should be the "UP/DORMANT ONHOOK" state.
Conditions: This symptom is observed on a Cisco IOS voice gateway that is configured with FXO ground-start voice ports. Outbound calls from the gateway to the connected voice switch function properly until an inbound call is made to the port. When this inbound call is completed, the port may be stuck in the "UP/UP ONHOOK" state.
Workaround: To recover the voice port, enter the shutdown voice-port configuration command followed by the no shutdown voice-port configuration command on the affected voice port.
•
Symptoms: A Cisco router may not recognize a 1-port ISDN BRI (S/T) WAN interface card (WIC-1B-S/T) with EEPROM version 4.
Conditions: This symptom is observed on a Cisco 1720 router that is runs Cisco IOS Release 12.3(3). However, the symptom is not platform specific but card specific.
Workaround: Use a WIC-1B-S/T with EEPROM version 1. Note that the symptom does not occur in Cisco IOS Release 12.2(11)T9.
•
Symptoms: A Cisco 7500 series that functions as a provider edge (PE) router may fail to receive an Internet Control Message Protocol (ICMP) echo message on a Multilink PPP (MLP) ingress interface.
Conditions: This symptom is observed on a Cisco 7500 series when Virtual Private Network (VPN) routing/forwarding (VRF) is configured on the MLP interface.
Workaround: There is no workaround.
•
Symptoms: A call may disconnect unexpectedly and the following error message may be displayed on the console:
%NP-3-NAKRSP: NAK Response Received - command 0xF201, result code 0x803A, msg id 0xF2FF, session id 0x75, msg tag 0x0, slot/port 1/9Conditions: This symptom is observed on a Cisco universal gateway when a voice extensible markup language (VXML) application processes automatic speech recognition (ASR) and when a prompt from an Real-Time Streaming Protocol (RTSP) server plays.
Workaround: There is no workaround.
•
Symptoms: Memory corruption may occur when a voice extensible markup language (VXML) application runs and either HHTP streaming is enabled or a "submit" element is processed. This situation may cause the router to reload unexpectedly, or other unexpected behavior may occur.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.2(11)T, 12.3, or 12.3 T when there is a heavy load of traffic and a lot of HTTP data streams from a server to the router.
Workaround: There is no workaround.
•
Symptoms: The cns config initial global configuration command and the cns config retrieve EXEC command may not function when the inventory keyword is excluded from the commands. A success message may be sent, but it is an erroneous message. When the inventory keyword is included in the commands, the router may reload unexpectedly.
Conditions: This symptom is observed on a Cisco platform that runs Cisco IOS Release 12.3 or Release 12.3 T.
Workaround: There is no workaround.
•
Symptoms: You may not be able to configure a plain old telephone system (POTS) dial peer.
Conditions: This symptom is observed when a parser error negatively affects the dial-peer voice tag pots global configuration command.
Workaround: There is no workaround.
•
Symptoms: The set command does not work when you use the command in a non-leaf level in a hierarchical policy.
Conditions: This symptom is observed on a Cisco 7200 series that runs Cisco IOS Release 12.3(3) but may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: You may not be able to send traffic through an IPv6-to-IPv4 (6to4) tunnel, but you may be able to receive traffic through this tunnel.
Conditions: This symptom is observed on a Cisco platform that runs Cisco IOS Release 12.2 S or Release 12.3 when the interface on which the tunnel is configured flaps.
Workaround: There is no workaround.
•
Symptoms: The node of a local Label Switch Controller (LSC) that is part of a Multiprotocol Label Switching (MPLS) cell-based network may observe the following symptoms:
–
–
–
–
–
–
Conditions: These symptoms are observed on the LSC of a Cisco MGX Route Processor Module (MGX-PRM-PR-512) that is running Cisco IOS Release 12.2(15) T4a.
Workaround: From the node of the local LSC that is observing the symptoms, enter the clear ip route network EXEC command.
•
Symptoms: Internet Security Association and Key Management Protocol (ISAKMP) security association (SA) may fail to come up with a Cisco Unity Client application for a third-party vendor platform.
Conditions: This symptom is observed when you enter the vpnclient connect profilename nocertpwd command-line interface (CLI) command in the Cisco Unity Client application but no connection to a remote peer is established.
Workaround: There is no workaround.
•
Symptoms: An I/O buffer leak may cause a Cisco router to pause permanently.
Conditions: This symptom is observed when the Music-On-Hold (MOH) feature is configured in a multicast mode.
Workaround: Configure the MOH feature in a unicast mode.
•
Symptoms: A 4-port serial enhanced port adapter (PA-4T+) may receive packets, even though the status of the serial interface is "down/down."
Conditions: This symptom is observed on a PA-4T+ that is installed in a Cisco 7200 series router and that is connected to a 1-port serial WAN interface card (WIC-1T) that is installed in a Cisco 2600 series. The serial interfaces of both routers are connected with a CSU/DSU.
The input packet counter of the serial port of the PA-4T+ increments even though the status of the serial interface is "down/down." However, the 2600 series functions properly, and the input packet counter of its serial interface does not increment.
Possible Workaround: Administratively shut down the serial port.
•
Symptoms: The no-answer keyword in the voice hunt no-answer global configuration command may not function properly. This situation may prevent dial-peer hunting from occurring when an outgoing call is disconnected because there is no answer.
Conditions: This symptom is observed on a Cisco platform that functions as a terminating gateway (TGW), that has the voice hunt no-answer global configuration command enabled, and that is configured with two dial peers for the same destination pattern. The symptom may also occur on an IP-to-IP gateway.
Workaround: Configure the default.c.old application on the TGW.
•
Symptoms: A router that is configured for quality of service (QoS) may reload unexpectedly because of a segmentation violation (SegV) exception.
Conditions: This symptom was observed on a Cisco 2600 series that runs the c2600-telco-mz image of Cisco IOS Release 12.3(1a). This can be seen on other IOS-based routers.
Possible Workaround: Disable QoS.
•
Symptoms: It is not possible to change to the default value of 64 milliseconds (ms) when you enter the echo-cancel coverage voice-port configuration command.
Conditions: This symptom is observed when the following steps are taken to change to the default value (64) of the echo-cancel coverage voice-port configuration command.
–
–
–
–
–
–
Workaround: There is no workaround.
•
Symptoms: The compression header [rtp | tcp] router configuration command is unavailable within the Modular QoS CLI (MQC) configuration mode for certain IOS feature sets.
Conditions: The Class-Based RTP and TCP Header Compression feature introduced in Cisco IOS Release 12.2(13)T permits the configuration of Real-Time Protocol (RTP) and TCP header compression within MQC. It has been observed that in some of the new Cisco IOS feature sets introduced in Release 12.3 and Release 12.3 T, this feature is not configurable at all; the command-line interface (CLI) command does not exist. The feature is configurable in other feature sets of the same Cisco IOS release. Beginning in Cisco IOS Release 12.3(1), Release 12.3(2)T, and newer releases from these Cisco IOS trains, all images for a given Cisco IOS release should support the feature.
Workaround: Configure RTP and TCP header compression directly on the interface of interest.
You may also review these related caveats:
–
–
•
Symptoms: A gateway that receives a mid-call invite message with a missing contact header may respond with a "400 Bad Request" message, causing the call to be terminated. This is improper behavior.
Conditions: This symptom is observed on a Cisco gateway that runs Cisco IOS Release 12.2(15)T, 12.3, or 12.3 T.
Workaround: There is no workaround.
•
Symptoms: Voice calls may fail.
Conditions: This symptom is observed if calls are attempted to the alternate endpoint (alt-ep) of an IP-to-IP gateway.
Workaround: There is no workaround.
•
Symptoms: Some PPP sessions may not come up and become stuck in the link control protocol (LCP) negotiation state.
Conditions: This symptom is observed on a Cisco 6400 series Node Route Processor (NRP). A list of the affected releases can be found at http://www.cisco.com/pcgi-bin/Support/Bugtool/onebug.pl?bugid=CSCec49097. Cisco IOS software releases that are not listed in the "First Fixed-in Version" field at this location are not affected.
Workaround: There is no workaround.
•
Symptoms: A Cisco voice gateway may reload while testing a Tool Command Language (Tcl) Interactive Voice Response (IVR) voice command (verb testing).
Conditions: This symptom is observed on a Cisco 3660 router that has a main memory size of 128 MB.
Workaround: Increase the main memory size on the router from 128 MB to 256 MB.
•
Symptoms: The Forwarding Information Base (FIB) may be disabled on various types of line cards.
Condition: THis symptom is observed on a Cisco 12000 series after you have performed an online insertion and removal (OIR) of the clock scheduler card (CSC).
Workaround: There is no workaround. (Note that the symptom does not occur in Cisco IOS Release 12.0(26)S.)
•
Symptoms: Spurious memory accesses may occur during an H.323 voice call.
Conditions: This symptom is platform independent.
Workaround: There is no workaround.
•
Symptoms: You may not be able to configure the maximum transmission unit (MTU) on a virtual template.
Conditions: This symptom is platform independent.
Workaround: There is no workaround.
•
Symptoms: You may not be able to configure the output Maximum Burst Size (MBS) in the vbr-nrt output-pcr output-scr output-mbs interface-ATM-VC configuration command because the output-mbs argument accepts only the value 1.
Conditions: This symptom is observed when both the output-pcr and output-scr arguments have the same value.
Workaround: Ensure that the output-pcr and output- scr arguments have different values.
•
Symptoms: You may not be able to reestablish a direct label distribution protocol (LDP) session over an Any Transport over MPLS (AToM) virtual circuit (VC).
Conditions: This symptom is observed on a Cisco router when the mpls ip interface configuration command is not enabled on any interface and when you delete and reenter the xconnect ATM VC configuration command in quick succession.
Workaround: Remove the AToM VC, delete and reenter the xconnect interface configuration command, wait until the router returns to the prompt, and recreate the AToM VC.
•
Symptoms: A Cisco AS5400 may reload unexpectedly and tracebacks may be generated.
Conditions: This symptom is observed when Media Gateway Control Protocol (MGCP) voice calls are made.
Workaround: There is no workaround.
•
Symptoms: A call fallback probe may fail.
Conditions: This symptom is observed when the IP delay is 1000 ms or more. The call fallback probe works fine with an IP delay of less than 1000 ms.
Workaround: There is no workaround.
•
Symptoms: A router may reload unexpectedly when all references to a server group that contains attribute filters are removed from the configuration.
Conditions: This symptom is observed on a Cisco router that runs a Cisco IOS release that is later than Release 12.3(5).
The following is an example of the configuration:
aaa new-model
!
!
aaa group server radius radius-sg
server 192.168.255.255 auth-port 1645 acct-port 1646
authorization accept author-accept-list
accounting accept account-accept-list
!
aaa authentication login default group radius-sg
aaa authentication login console-login none
aaa authentication ppp default group radius-sg
aaa authorization exec default group radius-sg
aaa authorization exec console none
aaa accounting nested
aaa accounting exec default start-stop group radius-sg
aaa accounting network default start-stop group radius-sg
!
radius-server attribute list author-accept-list
attribute 10-25
!
radius-server attribute list account-accept-list
attribute 1-30
!When you enter the following commands to remove all references to the server group "radius-sg," the router reloads:
no aaa group server radius radius-sg
no aaa authentication login default group radius-sg
no aaa authentication login console-login none
no aaa authentication ppp default group radius-sg
no aaa authorization exec default group radius-sg
no aaa authorization exec console none
no aaa accounting nested
no aaa accounting exec default start-stop group radius-sg
no aaa accounting network default start-stop group radius-sg
Workaround: First remove references to the attribute list from the server group by entering the following sequence of commands:
Router(config)#aaa group server radius radius-sg
Router(config-sg-radius)#no server 192.168.255.255 auth-port 1645 acct-port 1646
Router(config-sg-radius)#no authorization accept author-accept-list
Router(config-sg-radius)#no accounting accept account-accept-list
Router(config-sg-radius)#exit
Router(config)#no aaa group server radius radius-sg•
Symptoms: A Cisco Session Initiation Protocol (SIP) gateway does not use calling information that is contained in the Remote-Party-ID header. A traceback may be observed and the following error is displayed in the output of the debug ccsip error privileged EXEC command:
sippmh_parse_remote_party_id: syntax error in Remote-Party -ID headerConditions: This symptom is observed on a Cisco SIP gateway that runs Cisco IOS Release 12.2(13)T, 12.3, or 12.3 T and occurs when the gateway receives an initial INVITE message with a Remote-Party-ID header that contains the "other" parameters in the header. The symptom may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: A CPU may become hogged for about 2 to 11 seconds when you configure a new class map or when you modify the committed information rate (CIR) on an existing policy map.
Conditions: This symptom is observed on a Cisco 7200 series when there are about 1345 or more virtual private dial-up network (VPDN) calls.
Workaround: There is no workaround.
•
Symptoms: A Cisco AS5850 may display the following error message:
%LAPP_OFF-2-LAPP_OFF_INTERNAL_ERROR: Internal software error, loffConnected, ccMspPush failed, cid=3557Conditions: This symptom is observed after the Cisco AS5850 has processed its 255th fax call.
Workaround: There is no workaround.
•
Cisco routers and switches running Cisco IOS or Cisco IOS XR software may be vulnerable to a remotely exploitable crafted IP option Denial of Service (DoS) attack. Exploitation of the vulnerability may potentially allow for arbitrary code execution. The vulnerability may be exploited after processing an Internet Control Message Protocol (ICMP) packet, Protocol Independent Multicast version 2 (PIMv2) packet, Pragmatic General Multicast (PGM) packet, or URL Rendezvous Directory (URD) packet containing a specific crafted IP option in the packet's IP header. No other IP protocols are affected by this issue.
Cisco has made free software available to address this vulnerability for affected customers.
There are workarounds available to mitigate the effects of the vulnerability.
This vulnerability was discovered during internal testing. This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20070124-crafted-ip-option.shtml
•
Symptoms: An output wedge and drops may occur on the multilink interface of a Cisco 7200 series. The output of the show interfaces privileged EXEC command may display the following information:
.
.
.
Multilink3 is up, line protocol is up
.
.
.
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 5526
Queueing strategy: fifo
Output queue: 31/40 (size/max)
.
.
.Conditions: This symptom is observed on a multilink interface that has two E1 interfaces in a multilink bundle when there is a low traffic rate.
Workaround: Use the physical interface without a multilink bundle.
•
Symptoms: NetFlow export may not function when a service policy is enabled.
Conditions: This symptom is observed on a Fast Ethernet interface that has 802.1q encapsulation enabled.
Workaround: There is no workaround.
•
Symptoms: When you delete an Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) tunnel interface by entering the no interface tunnel number global configuration command, a router may reload unexpectedly.
Conditions: This symptom is observed when an IPv6 feature such as the Security ACL feature is configured on the ISATAP tunnel interface.
Workaround: Remove the traffic filter from the interface before you delete the interface.
•
Symptoms: A Cisco 3745 may pause for 20 to 30 seconds when an attached modem is power-cycled. During this period, the router cannot be reached via the console.
Conditions: This symptom is observed on rare occasions on a Cisco 3745 that has a 2-port serial WAN interface card (WIC-2T) or 2-port asynchronous/synchronous WAN interface card (WIC-2A/S) installed in its native WIC slot when the modem that is attached to the WIC-2T or WIC-2A/S is power-cycled.
The symptom is not observed when the WIC is installed in a 2-port Fast Ethernet network module with 2 WIC slots (NM-2FE2W) on the Cisco 3745, nor is the symptom observed on a Cisco 3725.
Workaround: Install the WIC-2T or WIC-2A/S in a NM-2FE2W on the Cisco 3745.
•
Symptoms: When the hash character "#" is used as a termination character in an ISDN Overlap Receiving configuration, a "T" character might be appended in the called number that is sent in the H.323 call setup message.
Conditions: This symptom is observed when the isdn overlap-receiving interface configuration command is enabled.
Workaround: There is no workaround.
•
Symptoms: A Cisco AS5850 may generate the following error message:
%MSPI-1-NOMEMORY: Unit 1380, no memory for mspi_on_xmitConditions: This symptom is observed on a Cisco AS5850 that processes more than 350 calls.
Workaround: There is no workaround.
•
Symptoms: In response to an Information Request (IRQ) that is sent by a gatekeeper for an active call, a gateway may send an Information Request Response (IRR) that has the unsolicited field set to "true." The field should be set to "false."
Conditions: This symptom is observed on a Cisco gateway that runs Cisco IOS Release 12.3(1a).
Workaround: There is no workaround.
•
Symptoms: A Cisco MGX 8800 series Route Processor Module XF (RPM-XF) may reload unexpectedly.
Conditions: This symptom is observed when a permanent virtual circuit (PVC) is deleted while and ATM ping is running on this PVC.
Workaround: There is no workaround.
•
Symptoms: A Cisco IOS gateway that runs a voice extensible markup language (VXML) application may fail to fetch a document because of a timeout error.
Conditions: This symptom is observed when the Cisco IOS gateway receives a "304 response" from a third-party vendor server and when the server response contains a header with a content length of zero.
Workaround: There is no workaround.
•
Symptoms: A router that has the ip inspect interface configuration command enabled may drop a synchronize/acknowledge (SYN/ACK) reply instead of sending it.
Conditions: This symptom is observed when you originate a TCP connection from an interface on another router and when this interface does not have the ip inspect interface configuration command enabled.
The output of the debug ip packet detail privileged EXEC command indicates that the SYN/ACK reply is "dropped by inspect":
IP: s=192.168.128.16 (FastEthernet0.2), d=192.168.192.69 (FastEthernet0.3), len 48, dropped by inspect
TCP src=23, dst=3403, seq=143608234, ack=3669485014, win=5840 ACK SYNWorkaround: Remove the ip inspect interface configuration command from the interface of the router that is supposed to send the SYN/ACK reply.
•
Symptoms: Spurious memory accesses may occur on a Cisco 836, causing a Dynamic Multipoint Virtual Private Network (DMVPN) tunnel to become inoperational. The output of the show alignment EXEC command may show the following information:
Total Spurious Accesses 168, Recorded 1
Address Count Traceback 1C 168 0x80E11D2C 0x80B5E280 0x80B5EF54 0x80B5F124 0x80B53468 0x80B540D4 0x80B78020 0x80B780D4Conditions: This symptom is observed on a Cisco 836 that runs Cisco IOS Release 12.3 or 12.3(2)XC and that has IP Security (IPSec) hardware encryption configured on the DMVPN tunnel.
Workaround: Enter the no crypto engine accelerator global configuration command. Note that doing so causes the encryption performance to drop significantly.
•
Symptoms: The configuration of the switch connection subinterface configuration command may become lost after you reload a Cisco MGX8800 series Route Processor Module XF (RPM-XF).
Conditions: This symptom is observed when the pvc subinterface configuration command is configured after the switch connection subinterface configuration command, causing the switch connection subinterface configuration command to be rejected because there is no underlying permanent virtual circuit (PVC).
Workaround: After the RPM-XF has reloaded, copy the startup configuration into the running configuration by entering the copy startup-config running-config privileged EXEC command.
•
Symptoms: An incoming call may be rejected when the service that is defined in the name argument of the resource-pool profile service name global configuration command is applied to the customer profile.
Conditions: This symptom is observed on a Cisco AS5300 and a Cisco AS5400 that are configured for R2 channel-associated signaling (CAS).
Workaround: Remove the service from the resource-pool profile service name global configuration command.
•
Symptoms: A Cisco Catalyst 4224 Access Gateway Switch may not support Tool Command Language (Tcl) interactive voice response (IVR) 2.0.
Conditions: This symptom is observed on a Cisco Catalyst 4224 Access Gateway Switch that runs Cisco IOS Release 12.3.
Workaround: There is no workaround.
•
Symptoms: A memory leak may occur in the "ATMSIG Input" process.
Condition: This symptom is observed on a Cisco 7500 series Route Switch Processor (RSP) that runs Cisco IOS Release 12.2(16a) or Release 12.2(19a) when ATM Address Resolution Protocol (ARP) is configured and when switched virtual circuit (SVC) collisions occur while ARP map lists are being populated. The symptom may also occur in Release 12.3 or Release 12.3 T.
Workaround: There is no workaround.
•
Symptoms: Spurious memory accesses may occur when calls are made by using Resource-Reservation Protocol (RSVP) and ATM variable bit rate (VBR) over a switched virtual circuit (SVC).
Conditions: This symptom is observed on a Cisco 3640 and Cisco 3660 that are running various IP routing protocols such as Border Gateway Protocol (BGP), Open Shortest Path First (OSPF), Routing Information Protocol (RIP), and Enhanced Interior Gateway Routing Protocol (EIGRP).
Workaround: There is no workaround.
•
Symptoms: Some virtual circuit (VC) information is missing in the Simple Network Management Protocol (SNMP) MIB object cAal5VccEntry from the output of the snmpwalk router configuration command. The ATM VCs 0/100, 0/200 and 0/500 exist on the router but are missing in the MIB.
Conditions: This symptom is observed on a Cisco 7513 router that is running a special image of Cisco IOS Release 12.2(15)T5. The symptom may also occur in other releases.
Workaround: Enter the show atm vc privileged EXEC command on the same device to obtain a complete list of all the VCs.
•
Symptoms: Modem users may hear "dead air" before a call may disconnect with fast busy tone while dialing into a Cisco AS5850.
Conditions: This symptom is observed on a Cisco AS5850 Media Gateway Control Protocol (MGCP) network access server (NAS) that runs Cisco IOS Release 12.3(3) or Release 12.3(4)T when the Resource Pool Management feature is enabled on the Cisco AS5850.
Workaround: There is no workaround.
•
Symptoms: Tag entries may be missing on a Versatile Interface Processor (VIP).
Conditions: This symptom is observed on a Cisco 7500 series that has distributed Cisco Express Forwarding (dCEF) enabled.
Workaround: Enter the clear cef linecard user EXEC or privileged EXEC command.
•
Symptoms: When you enter the undebug all privileged EXEC command on a Cisco 3700 series, all traffic that passes through an encrypted generic routing encapsulation (GRE) tunnel may stop.
Conditions: This symptom is observed on a Cisco 3700 series that is configured with a GRE tunnel that is secured via IP Security (IPSec) and that is using Cisco Express Forwarding (CEF) switching.
Workaround: Reinitialize CEF switching by entering the no ip cef global configuration command followed by the ip cef global configuration command.
Alternate Workaround: Do not enter the undebug all privileged EXEC command. Rather, individually disable each debug command.
•
Symptoms: A buffer leak may occur in the Multilink PPP (MLP) header pool on a Versatile Interface Processor (VIP). The speed of the leak depends on the rate of traffic that is flowing between the interface of the VIP and the interface on the other end. The leak may eventually cause memory allocation failures (MALLOCFAIL) on the VIP and may result in memory fragmentation.
Conditions: This symptom is observed on a Cisco 7500 series when all of the following conditions are present:
–
–
–
–
Workaround: Stop the leak by removing fancy queueing from the VIP interface.
Alternate Workaround: Move the MLP interfaces to a different VIP that does not have an interface that performs fancy queueing.
•
Symptoms: When running BSTUN with Asynchronous Security Protocol (ASP), if you use the no encapsulation bstun interface configuration command, configured line parameters will be overwritten. Speed is reset to 9600. Data bits are set to 8, and stop bits are set to 1.
Conditions: This symptom is not platform specific.
Workaround: Reenter the any of line configuration commands speed, databits or stopbits that were previously set.
•
Symptoms: A voice call may fail when overlap signaling is enabled for H.225.
Condition: This symptom is observed when incoming partial digits of a number that is called via ISDN matches an outgoing Voice over IP (VoIP) dial peer.
Workaround: There is no workaround.
•
Symptoms: When a T1 device that does not respond to channel-associated signaling (CAS) signaling (hereafter referred to as the "T1 device") and that connects to a Cisco router terminates a T1 connection and you remove and reconnect the T1 cable from the Cisco router, the Cisco router may send a message to the T1 device to indicate that the ABCD bit pattern is "1111," which means that the ABCD bit pattern is stable. This is improper behavior.
Conditions: This symptom is observed on a Cisco 3745 that has recEive and transMit (E&M) wink start signaling configured on a T1 High Density Voice Network Module (NM-HDV) that connects to the T1 device.
Workaround: There is no workaround.
•
Symptoms: A telephone that is capable of displaying the caller ID may not display the caller ID for a call coming in from the public switched telephone network (PSTN) via a Foreign Exchange Station (FXS) port on a Cisco 827.
Conditions: This symptom is observed on a telephone that is approved for the Spanish PSTN and that receives a call via an FXS port on a Cisco 827. The symptom does not occur when the telephone has a direct connection to the PSTN.
Workaround: There is no workaround.
•
Symptoms: A Cisco AS5300 may reload unexpectedly while voice extensible markup language (VXML) is being processed.
Conditions: This symptom is observed when Cisco AS5300 is configured with four E1 interfaces. The symptom does not occur when the Cisco AS5300 is configured with only two E1 interfaces.
Workaround: There is no workaround.
•
Symptoms: A Cisco AS5400 may reload unexpectedly after an online insertion and removal (OIR) procedure.
Conditions: This symptom is observed when you perform an OIR of an 8-port E1 dial feature card AS54-DFC-8CE1.
Workaround: Power off the chassis, insert the AS54-DFC-8CE1, and restart the system.
•
Symptoms: The configuration of the switch connection subinterface configuration command may become lost after you reload a Cisco MGX8800 series Route Processor Module PR (RPM-PR).
Conditions: This symptom is observed when the pvc subinterface configuration command is configured after the switch connection subinterface configuration command, causing the switch connection subinterface configuration command to be rejected because there is no underlying permanent virtual circuit (PVC).
Workaround: After the RPM-PR has reloaded, copy the startup configuration into the running configuration by entering the copy startup-config running-config privileged EXEC command.
•
Symptoms: Traffic may be dropped from a hub router that is configured for IP Security (IPSec) hardware encryption and fast switching or process switching.
Conditions: This symptom is observed on a Cisco router that functions as a hub router and that is connected to two spokes through the same interface when traffic is sent from one spoke via the hub router to the other spoke.
Workaround: Enable Cisco Express Forwarding (CEF) on the hub router.
Alternate Workaround: Do not use hardware encryption on the hub router. Rather, use software encryption.
•
Symptoms: The abort counter on a remote serial interface may increase.
Conditions: This symptom is observed when a 1-port universal T3/E3 network module (NM-1T3/E3) that functions in E3 mode connects to a a remote serial interface.
When the symptom occurs and you enter the show controller serial slot/port privileged EXEC command for the NM-1T3/E3, the "errata19 count1" counter in the command output increments in line with the abort counter on the remote serial interface. The error rate depends on the rate of traffic and the packet sizes.
Workaround: There is no workaround.
•
Symptoms: Ping packet that are larger than 1498 bytes may not pass successfully through a multilink interface.
Conditions: This symptom is observed when a bridge group is configured on a multilink interface. The symptom does not occur when there is no bridge group on the multilink interface.
Workaround: Change the maximum transmission unit (MTU) on the multilink interface from the default value of 1500 bytes to 1498 bytes.
•
Symptoms: When you change the parameters that are associated with a virtual circuit (VC) class, a router may reload unexpectedly.
Conditions: This symptom is observed on a Cisco router that has a VC class configured and that has an Interim Local Management Interface (ILMI) permanent virtual circuit (PVC) configured on an ATM interface.
Workaround: There is no workaround.
•
Symptoms: A Cisco 7500 series Versatile Interface Processor (VIP) may stop forwarding traffic.
Conditions: This symptom is observed on a Cisco 7500 series that is configured for distributed Network Based Application Recognition (dNBAR) when traffic is processed on both an interface that is capable of supporting dNBAR and on an opposing ingress or egress interface that is not capable of supporting dNBAR. Both interfaces are on the same router. The symptom does not occur when both interfaces are capable of supporting dNBAR.
For requirements to run dNBAR, refer to the Cisco document at the following location:
VIPs and processors that are not listed at the above-mentioned location do not support dNBAR.
Workaround: Do not use dNBAR when traffic passes through interfaces that are not capable of supporting dNBAR.
•
Symptoms: Hairpin voice calls that are made via recEive and transMit (E&M) wink on multiple channels may cause digital signal processors (DSPs) to time out. The output of the show voice dsp privileged EXEC command may show "-1" followed by "DSP_TIMEOUT."
Conditions: This symptom is observed on a Cisco IAD2420 series. The symptom does not occur with plain old telephone system (POTS) calls, nor does it occur on a Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series.
Workaround: Enter the voice dsp allocation round-robin global configuration command.
•
Symptoms: When an IP phone user parks or transfers a call from the public switched telephone network (PSTN), the calling party hears music on hold (MOH). However, when the IP phone user resumes the call, the calling party continues to hear MOH while speaking. (The IP phone user does not hear MOH.)
Conditions: The symptom is observed on a Cisco platform that runs Cisco Release 12.2(13)T5 or Release 12.3, that functions as a Media Gateway Control Protocol (MGCP) gateway, and that is connected to a Cisco CallManager that runs software version 3.3(3).
Workaround: There is no workaround.
•
Symptoms: A Label Switch Controller (LSC) may reload unexpectedly when there is an invalid address for the "refCount."
Conditions: This symptom is observed on a Cisco MGX 8850 Route Processor Module (RPM-PR) that function as an LSC.
Workaround: There is no workaround.
•
Symptom: A class that matches an access control list (ACL) with a log option may not match packets in a service policy.
Condition: This symptom is observed in all types of service policies.
Workaround: Remove the log option from the definition of the ACL.
•
Symptoms: A terminating gateway (TGW) that receives a group B backward signal 5 (B5 signal) from a terminating switch that is configured for R2 signaling may map the B5 signal to cause value 42 ("Switching equipment congestion") in the H.225 Release Complete message. This is improper behavior: the B5 signal should be mapped to cause value 1 ("Unallocated [unassigned] number").
Conditions: This symptom is observed on a Cisco platform that functions as a TGW.
Workaround: There is no workaround.
•
Symptoms: A gatekeeper that is configured for H.323 version 4 (H.323v4) may not insert service IDs in an Admission Rejection (ARJ) message to an H.323v4 gateway.
Conditions: This symptom is observed on a Cisco platform that functions as a gatekeeper and that receives service IDs from a route server but does not include the service IDs in the ARJ message to the H.323v4 gateway.
Workaround: There is no workaround.
•
Symptoms: A Cisco 7400 series may not recognize its Gigabit Ethernet interface.
Conditions: This symptom is observed on a Cisco 7400 series that runs a Cisco IOS software release that is listed in the "First Fixed-in Version" field at the following location:
http://www.cisco.com/pcgi-bin/Support/Bugtool/onebug.pl?bugid=CSCec86327.
Cisco IOS software releases that are not listed in the "First Fixed-in Version" field at this location are not affected.
Workaround: There is no workaround.
•
Symptoms: When an originating gateway (OGW) receives an R2 Group II signal that is equal to 5 from an incoming E1 R2 trunk, the OGW may map this signal to a generic transparency descriptor (GTD) ISDN User Part (ISUP) calling party category (CPC) that is equal to 6. This is improper behavior: the R2 Group II signal that is equal to 5 should be mapped to a GTD ISUP CPC that is equal to 29.
Conditions: This symptom is observed on a Cisco AS5xxx platform that functions as an OGW with an R2 interface and that uses GTD for signaling transparency across an H.323 Voice over IP (VoIP) network.
Workaround: There is no workaround.
•
Symptoms: A router may reload unexpectedly because of a bus error when Session Initiation Protocol (SIP) calls are cancelled.
Conditions: This symptom is observed on a Cisco router while Real-Time Transport Protocol (RTP) statistics for the cancelled SIP calls are being updated.
Workaround: There is no workaround.
•
Symptoms: An active Media Gateway Control Protocol (MGCP) network access server (NAS) package call may be dropped.
Conditions: This symptom is observed on a Cisco AS5400 when you perform an online insertion and removal (OIR) of an E1 trunk card.
Workaround: There is no workaround.
•
Symptoms: A session may not be set up correctly, or the session is set up but you cannot send any data via the session.
Conditions: This symptom is observed when a Primary Logical Unit (PLU) name that is presented by a Dependent Logical Unit Requestor (DLUR) to a Secondary Logical Unit (SLU) in a BIND request is not the same as the PLU name that is received in an INIT-SELF request. The PLU name in the INIT-SELF request may consist of four characters followed by four blanks (a total of eight characters), but the PLU name in the BIND request may consist of only four characters without any blank padding at the end of the name.
Workaround: Modify the PLU name that is received in the BIND request so that the name consists of eight characters.
•
Symptoms: A router may truncate frames that are larger than 560 bytes.
Conditions: This symptom is observed on a Cisco 1700 series and Cisco 2600 series that have the Airline Product Set (ALPS) configured on a 2-port serial WAN interface card (WIC-2T).
Workaround for both the Cisco 1700 series and Cisco 2600 series: Change the value of the delay argument in the alps t1 delay interface configuration command to a value that allows the frame to go through.
Workaround for the Cisco 2600 series only: Do not use a WIC-2T. Rather, use a 4-port asynchronous/synchronous network module (NM-4A/S).
•
Symptoms: A Node Route Processor (NRP) may reload unexpectedly and generate the following error message:
%UTIL-3-TREE: Data structure error--received a NULL handleConditions: This symptom is observed on a Cisco 6400 series that runs Cisco IOS Release 12.3 and that has an ATM interface that is configured as an Interim Local Management Interface (ILMI) when a virtual circuit (VC) class is configured on this ATM interface.
Workaround: There is no workaround.
•
Symptoms: After an interface flaps or when you enter the shutdown interface configuration command followed by the no shutdown interface configuration command on an interface that is configured for Hot Standby Router Protocol (HSRP), a virtual HSRP address may not respond to pings.
Conditions: This symptom is observed on a Cisco router that is configured with a 2-port Fast Ethernet Inter-Switch Link (ISL) port adapter (PA-2FEISL) that has at least one Fast Ethernet interface configured for HSRP.
The symptom occurs because the Fast Ethernet interface that is configured for HSRP is not switched to promiscuous mode when the HSRP group becomes active, preventing packets that are addressed to the HSRP virtual MAC address from being received by the interface. The output of the show controllers fastethernet user EXEC or privileged EXEC command displays whether the promiscuous mode is enabled or disabled.
Reboot the router to restore the router to proper operation.
Workaround: To prevent the symptom from occurring, enter the standby use-bia interface configuration command on the Fast Ethernet interface that is configured for HSRP.
•
Symptoms: A voice port on a Session Initiation Protocol (SIP) router may pause indefinitely.
Conditions: This symptom is observed when the SIP router receives an Internet Control Message Protocol (ICMP) error from another SIP device instead of an answer to a SIP CANCEL message.
Workaround: Enter the shutdown voice-port configuration command followed by the no shutdown voice-port configuration command on the affected voice port.
•
Symptoms: After a few crypto packets have passed through a generic routing encapsulation (GRE) tunnel, a Virtual Access interface may become stuck.
Conditions: This symptom is observed on a Cisco router when crypto packets are left in the input queue of the Virtual Access interface, causing the Virtual Access interface to become wedged. You can verify that the symptom has occurred when the output of the show interface virtual-access number EXEC command shows the following message:
Input queue: 76/75/0/0 (size/max/drops/flushes); Total output drops: 0Workaround: There is no workaround. To recover the interface, reload the router.
•
Symptoms: The following information tags may be missing: leg_rgn_num, leg_rgn_npi, leg_rgn_pi, leg_rgn_si, and leg_rgn_noa. This situation causes a Tool Command Language (Tcl) script that uses these information tags to fail.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3.
Workaround: To make the missing information tags available for the Tcl script, modify the Tcl script to use the generic transparency descriptor (GTD) object.
•
Symptoms: A Cisco router that is configured for IP Security (IPSec) may reload unexpectedly because of a segmentation violation (SegV) exception.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.2(15)T, 12.3(1), or 12.3(5), but may also occur in other releases. The symptom occurs when one of peers if configured for IKE Mode Configuration (Config) or Extended Authentication (Xauth), or both, and the other peer is not configured to perform this part of the IKE negotiation. The router that is not configured for IKE Mode Config or Xauth may reload.
Workaround: Disable IKE Mode Config or Xauth, or both.
•
Symptoms: A router may reload unexpectedly when packets are tag switched.
Conditions: This symptom is observed when a Bridge-Group Virtual Interface (BVI) is created after the router has booted up, when IP packets are received through the BVI, and when these IP packets are forwarded as Multiprotocol Label Switching (MPLS) packets through another interface.
Workaround: Disable tag switching on the BVI interface by entering the tag-switching ip interface configuration command followed by the no tag-switching ip interface configuration command.
•
Symptoms: Any Transport over Multiprotocol Label Switching (AToM)/Layer 2 Tunneling Protocol version 3 (L2TPv3) data packets that are received on a VLAN subinterface may be dropped when multicast is enabled on any other VLAN subinterface of the same physical interface.
Conditions: This symptom is observed on a Cisco 2600 series and Cisco 3600 series when Xconnect is configured on yet another VLAN subinterface of the same physical interface. However, the symptom is platform independent.
Workaround: Disable multicast on the physical interface or on its subinterfaces that have Xconnect configured. If this is not an option, there is no workaround.
•
Symptoms: An incoming V.110 call may fail.
Conditions: This symptom is observed on a Cisco AS5850 when the Low Layer Compatibility (LLC) connection speed is set to 9600 bps.
Workaround: There is no workaround.
•
Symptoms: When IP Security (IPSec) is configured in passive mode and Cisco Express Forwarding (CEF) is enabled, tracebacks may be generated, which may be observed in the output of the show logging privileged EXEC command.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3.
Workaround: There is no workaround.
•
Symptoms: A calling party from the public switched telephone network (PSTN) may not be able to hear multicast enabled Music on Hold (MOH).
Conditions: This symptom is observed on a Cisco 3660 that runs Cisco IOS Release 12.3(4)T, 12.3(4)T1, or 12.2(6)T, that functions as a gateway, and that connect to a Cisco CallManager. The symptom may also occur in Release 12.3. The symptom may not be platform specific.
Workaround: There is no workaround. Note that the symptom does not occur in Release 12.3(2)T3.
•
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
•
Symptoms: The performance of a Cisco 3600 series may degrade.
Conditions: This symptom is observed when an E1 or T1 controller holds the input rings of interfaces and does not release the input rings in time for the interfaces to receive packets.
Workaround: There is no workaround.
•
Symptoms: A Cisco platform may not recognize any command that starts with "no".
Conditions: This symptom is platform independent.
Workaround: There is no workaround.
•
Symptoms: When voice calls are made after the first voice call is terminated, a Cisco AS5300, Cisco AS5350, or Cisco AS5400 may reload unexpectedly because of a bus error.
Conditions: This symptom is observed on a Cisco AS5300, Cisco AS5350, and Cisco AS5400 that run the c5350-js-mz image of Cisco IOS Release 12.3 and that are configured for Voice over IP (VoIP).
Workaround: There is no workaround.
•
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
•
Symptoms: A Cisco gateway may fall back to Cisco PGW 2200 Softswitch that is in standby mode.
Conditions: This symptom is observed on a Cisco router that functions as a gateway and that is configured for BRI backhaul.
Workaround: There is no workaround.
•
Symptoms: Static routes that are not configured for reverse routing may remain in the routing tables until a reboot of the system. This situation occurs because of a problem with the tracking of route creation and deletion during an IPSec rekey.
Conditions: This symptom is observed on a Cisco platform that runs Cisco IOS Release 12.3(6).
Workaround: Do not use reverse routing or use long lifetimes for IPSec to prevent routes form being manipulated during an IPSec rekey.
•
Symptoms: In Cisco IOS software that is running Multiprotocol Label Switching (MPLS), a router may reload after accessing a freed Label Information Base (LIB) entry. When the symptom occurs, an error message similar to the following is likely to precede the reload:
%TIB-3-LCLTAG: 10.10.10.10/10.10.10.10, tag advert; unexpected tag state=13Conditions: This symptom is observed when a very uncommon timing of a Label Distribution Protocol (LDP) events occurs. The symptom may occur with LDP or Tagswitching Distribution Protocol (TDP).
Workaround: There is no workaround.
•
Symptoms: The show flash-filesystem EXEC command and the dir filesystem EXEC command may not work properly on a Cisco 2600XM, preventing you from seeing the flash images.
In addition, the copy destination url flash: EXEC command may fail when the erase option is not selected (that is, you type in no when you are asked if you want to erase the device). The copy destination url flash: EXEC command functions fine when you do select the erase option.
Conditions: These symptoms are observed on a Cisco 2600XM that is configured with a particular third-party vendor 16-MB SIMM. Note that the router is still functional with this SIMM; you can boot or reload the router, perform a TFTP download operation, and similar actions without any difficulty.
Workaround: There is no workaround.
•
Symptom: When the HSRP MIB is polled and there are HSRP groups configured on subinterfaces, an error such as "OID not increasing" may occur on the device that is polling the router. In some cases, a CPUHOG traceback may occur on a router when the HSRP MIB is polled, especially when a lot of interfaces are configured.
Conditions: This symptom is observed under either one of the following two conditions:
–
–
Workaround: Do not initiate an SNMP query for HSRP.
Alternate Workaround: Enter the snmp-server global configuration command to specify which MIBs are available, as in the following example:
snmp-server view HSRP internet included
snmp-server view HSRP ciscoHsrpMIB excluded
snmp-server view HSRP ciscoHsrpExtMIB excluded
snmp-server community public view HSRP RW 20
snmp-server community private view HSRP RW 20•
Symptoms: A Cisco router may reload when 24 voice calls are successfully established and you enter the show interfaces privileged EXEC command followed by the show interface multilink number privileged EXEC command.
Conditions: This symptom is observed on a Cisco 2691, Cisco 3725 and Cisco 3745 that are configured with the following:
–
–
–
–
Workaround: Disable LLQ or RSVP-support for LLQ.
•
Symptoms: Entering the shutdown interface configuration command followed by the no shutdown interface configuration command on an Gigabit Ethernet interface may prevent customer edge-to-customer edge (CE-to-CE) pings from going through.
Conditions: This symptom is observed when Ethernet over Multiprotocol Label Switching (EoMPLS) is configured in VLAN mode on the Gigabit Ethernet interface of a Network Processing Engine G1 (NPE-G1) on a Cisco 7200 series.
Workaround: Configure EoMPLS in VLAN mode on a port adapter such as a Gigabit Ethernet or Fast Ethernet port adapter.
•
Symptoms: PPP over ATM (PPPoA) sessions may not come up.
Conditions: This symptom is observed on a Cisco platform that runs Cisco IOS Release 12.3(3) and later releases, or Release 12.3(2)T. The symptom does not occur in earlier releases. The symptom occurs under the following conditions:
–
–
Workaround: Enter the vc-class atm name global configuration command and reconfigure the virtual circuit (VC) when the interface is not shut down.
Alternate Workaround: Enter the copy system:running-config nvram: startup-config EXEC command and reload the router.
•
Symptoms: A Cisco 7206VXR may reload when there is a high E1 PRI call load.
Conditions: This symptom is observed on a Cisco 7206VXR that runs the c7200-is-mz image of Cisco IOS Release 12.3(3) or Cisco IOS Release 12.3(2)T.
Workaround: There is no workaround.
•
Symptoms: A Versatile Interface Processor (VIP) may reload, and the following error message may be logged:
%RSP-2-QAERROR: reused or zero link errorAfter the message has been logged, all VIPs in the router may reload.
Conditions: These symptoms are observed on a Cisco 7500 series that runs Cisco IOS Release 12.2 T, 12.3, or 12.3 T, and that has the service single- slot-reload-enable global configuration command enabled.
Workaround: There is no workaround.
•
Symptoms: When you reload the microcode onto an enhanced 8-port multichannel T1/E1 port adapter (PA-MC-8TE1+) while traffic is flowing through the port adapter, the following error message may appear:
%RSP-3-RESTART: interface Serial0/0/4:0, not transmittingIn most cases, the interfaces of the port adapter recover on their own. In very rare cases, the execution of a Cbus Complex occurs.
Conditions: This symptom is observed on a Cisco 7500 series.
Workaround: If the interfaces of the port adapter do not recover on their own, execute a Cbus Complex.
•
Symptoms: The high-byte count in Service Selection Gateway (SSG) accounting records for connections may be incorrect.
Conditions: This symptom is observed when SSG accounting is enabled and there are more than 4 GB bytes accounted for on a connection within the interim accounting interval. The accounting records that are sent for the host and the connections may not account for the higher word in the 64-bit counter.
Workaround: Decrease the interim accounting interval, so that traffic from or to a service for a single host does not exceed 4 GB in the defined period.
•
Symptoms: A provider edge (PE) router may reload when packets are forwarded while a remote Virtual Private Network (VPN) prefix is being reresolved.
Conditions: This symptom is observed when the MPLS VPN—Inter-AS—IPv4 BGP Label Distribution feature is configured for option 4, that is, for a non-VPN transit provider and a multi-hop external Border Gateway Protocol (eBGP) connection between route reflectors (RRs).
Workaround: For the exchange of PE loopback addresses between autonomous systems, do not use eBGP with IPv4 label distribution. Rather, configure redistribution into Interior Gateway Protocol (IGP) or static routes.
•
Symptoms: Some sessions may not come up with aa15snap encapsulation.
Conditions: This symptom is observed on a Cisco 7200 series router that runs Cisco IOS Release 12.3(3)B but is not platform specific. The symptom may also occur in other releases.
The symptom may occur at any time but is most likely to happen under conditions of heavy stress (when the system attempts to bring up thousands of sessions in as little time as possible). Conditions that lead to short-term session flaps, for example, when Operation, Administration, and Maintenance (OAM) runs with a relatively short period, are most likely to expose the symptoms.
Workaround: Short of eliminating all potential sources of session flaps while sessions are initializing, there is no workaround.
•
Symptoms: A cable modem termination system (CMTS) may record a traceback when you either remove a Fast Ethernet (FE) member interface of an EtherChannel interface by entering the shutdown interface configuration command or you add an FE member interface to an EtherChannel interface by entering the no shutdown interface configuration command.
Conditions: This symptom is observed on a Cisco uBR7200 series when IP unicast traffic is sent in both the downstream and the upstream direction.
Workaround: When you add a new member FE interface to the EtherChannel interface, take the following steps:
1.
2.
3.
When you remove an FE member interface from the EtherChannel interface, take the following steps:
1.
2.
3.
•
Symptoms: A router reloads when accounting and authorization filters are modified.
Conditions: This symptom is observed when authorization and accounting filters are already defined in a server group and you attempt to change these filters.
Workaround: Remove the filter and add a new filter instead.
Alternate Workaround: Change the filter.
•
Symptoms: A router may become unresponsive and may reload when you append a file whose size is not a multiple of 512 bytes to an Advanced Technology Attachment (ATA) flash card (for example, boot disk, disk0, disk1).
For example, this situation may occur when you enter the show command | tee /append url privileged EXEC command.
Conditions: This symptom is observed on a Cisco platform that runs a Cisco IOS image that contains the fix for caveat CSCdz27200 and that utilizes an ATA flash card. A list of the affected releases can be found at http://www.cisco.com/pcgi-bin/Support/Bugtool/onebug.pl?bugid=CSCdz27200. Cisco IOS software releases that are not listed in the "First Fixed-in Version" field at this location are not affected.
Workaround: Write the output of the show command to a new file instead of appending it to an existing file by entering the show command | tee url privileged EXEC command.
•
Symptoms: A Cisco 3745 router may reload unexpectedly when an E1 or T1 line flaps.
Condition: This symptom is observed on a Cisco 3745 that runs a Cisco IOS c3745-jsx-mz image (which supports Cisco Express Forwarding [CEF]) when you enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the E1 or T1 interface or when the E1 or T1 line becomes unstable.
Workaround: Disable auto-configuration by entering the no ccm-manager config global configuration command.
•
Symptoms: Path confirmation may not occur, causing a voice call to fail.
Conditions: This symptom is observed when you make a channel-associated signaling (CAS) H.323 call.
Workaround: There is no workaround.
•
Symptoms: Interfaces of a serial port adapter may not be recognized.
Conditions: This symptom is observed on a Cisco 7200 series, Cisco 7500 series, and Cisco 7600 series that run Cisco IOS Release 12.3 or 12.3 T and that have any the following port adapters installed:
–
–
–
–
–
Workaround: There is no workaround.
•
Symptoms: The dial shelf of a Cisco AS5800 may reload unexpectedly, and tracebacks may be generated.
Conditions: This symptom is observed during the bootup process of the Cisco AS5800 or when you enter the no shutdown interface configuration command on an Ethernet interface.
Workaround: There is no workaround.
•
Symptoms: A Cisco 7200 series router with an NSE-1 processor board or a Cisco 7401 platform, where the system acts as Layer 2 Tunnel Protocol (L2TP) network server (LNS) (L2TP termination endpoint), may reload.
Conditions: This symptom occurs with Parallel Express Forwarding (PXF) on IP-to-L2TP downstream traffic, when the shutdown command is issued followed by the no shutdown command on the physical interface toward the L2TP access concentrator (LAC) router, or when the clear adjacency command is issued.
Workaround: Disable PXF using the no ip pxf command.
•
Symptoms: The following error message and traceback may be displayed on a router that runs IP Security (IPSec) and hardware encryption:
%IPRT-4-IPROUTING_INT_ERR: Illegal call flow in interrupt path. Caller needs
to change its code path.
-Process= "<interrupt level>", ipl= 1
-Traceback= 60937C84 61FC604C 61FC62D0 61FC718C 61FC7330 61FD7924 61FD84FC 61FD8D10Conditions: This symptom is observed on a Cisco router that runs a Cisco IOS release that is listed in the "First Fixed-in Version" field at the following location:
http://www.cisco.com/pcgi-bin/Support/Bugtool/onebug.pl?bugid=CSCec39205.
Cisco IOS software releases that are not listed in the "First Fixed-in Version" field at this location are not affected.
Workaround: There is no workaround.
•
Symptoms: You may not be able to configure an ATM permanent virtual circuit (PVC) range on a second ATM subinterface. The ATM PVC range can only be configured on one ATM subinterface.
Condition: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3 or Release 12.3 B when you enter the pvc range subinterface configuration command to configure a second ATM subinterface.
Workaround: There is no workaround.
•
Symptoms: A Cisco 7200 series router may reload unexpectedly when you enter the shutdown interface configuration command followed by the no shutdown interface configuration command on a Packet-over-SONET (POS) interface of a 2-port POS port adaptor (PA-POS-2OC3).
Conditions: This symptom is observed on a Cisco 7200 series that runs Cisco IOS Release 12.2 S, 12.3, or 12.3 T when the POS interface is processing a heavy traffic load. Note that the symptom does not occur on a 1-port POS port adaptor (PA-POS-OC3).
Workaround: There is no workaround.
•
Symptoms: A router may reload unexpectedly while processing Open Settlement Protocol (OSP) calls.
Conditions: This symptom is observed on a Cisco 3660 that runs the c3660-jk9s-mz image of Cisco IOS Release 12.3.
Workaround: There is no workaround.
•
Symptoms: Voice calls may not go through on a High Density Voice network module (NM-HDV).
Conditions: This symptom is observed on a Cisco 2691 and Cisco 3700 series that run Cisco IOS Release 12.3 and that are configured with an NM-HDV.
Workaround: There is no workaround.
•
Symptoms: Traffic that passes through a tunnel interface may be dropped because the application inspection (also referred to as "fixup") is disabled on the tunnel interface adjacency.
Conditions: This symptom is observed in Cisco IOS Release 12.0(24)S or a later release, Release 12.3, or Release 12.3 T.
Workaround: Toggle Cisco Express Forwarding (CEF) by entering the no ip cef distributed global configuration command followed by the ip cef distributed global configuration command.
•
Symptoms: IP Header Compression (IPHC) may not function for IP multicast packets.
Conditions: This symptom is observed when IPHC is enabled for IP multicast routing.
Workaround: There is no workaround.
•
Symptoms: When you deconfigure IP version 6 (IPv6) or IPv6 unicast Reverse Path Forwarding (uRPF) on a Cisco router that runs IPv6 Cisco Express Forwarding (CEF), the configuration may not be removed from a Versatile Interface Processor (VIP) or line card, although it will be removed from the Route Switch Processor (RPS) or Route Processor (RP). This situation may cause IPv6 or IPv6 uRPF to continue to be applied to packets that are switched via distributed CEF (dCEF).
Conditions: This symptom is observed on a Cisco 7500 series and Cisco 12000 series only when dCEF is enabled.
Workaround: There is no workaround.
•
Symptoms: A router may reload unexpectedly when you disable Reverse Path Forwarding (RPF) IPv6 on an interface.
Conditions: This symptom is observed on a Cisco router that runs process switching.
Workaround: Configure Cisco Express Forwarding (CEF) before you disable RPF IPv6.
•
Symptoms: A Cisco Catalyst 4000 Access Gateway Module (AGM) may stop processing calls.
Conditions: This symptom is observed after calls have been properly processed for three hours.
Workaround: Reload the Cisco Catalyst 4000 AGM.
•
Symptoms: High CPU utilization may occur on a Cisco 7200 series that is configured with a Network Processing Engine G1 (NPE-G1), and some unicast packets may be dropped when there is a lot of multicast replication.
Conditions: This symptom is observed when more than 300 packets are replicated for one packet.
Workaround: There is no workaround.
•
Symptoms: A router may reload unexpectedly while you disable label distribution protocol (LDP) on an interface.
Conditions: This symptom is observed on a router that has several interfaces that are configured for LDP when you disable LDP on all interfaces and when there is still one open TCP connection that is passively used by LDP while you disable LDP on the last interface.
Workaround: There is no workaround.
•
Symptoms: Packet redirection to a cache may not occur even though Web Cache Communication Protocol (WCCP) is enabled and the cache farm has formed successfully. The symptom may be invisible to end users because packets (usually packets that are part of HTTP sessions) still flow successfully to and from their original destinations.
Conditions: This symptom is observed on a Cisco platform when both WCCP and Cisco Express Forwarding (CEF) are enabled.
Workaround: Disable CEF on all interfaces on which a WCCP redirect statement is configured.
Novell IPX, XNS, and Apollo Domain
•
Symptoms: Network A may not learn the route to network B.
Conditions: This symptom is observed on a Cisco 3725 series that is configured for Internetwork Packet Exchange (IPX). Routing Information Protocol (RIP) updates are not sent over the PRI link between the two networks.
Workaround: Enter the no ipx network interface configuration command followed by the ipx network interface configuration command on the interface of the router in the network that is not sending the RIP updates.
TCP/IP Host-Mode Services
•
Symptoms: User Datagram Protocol (UDP) port 1985 (on which Hot Standby Router Protocol [HSRP] runs) may be opened by a port scan. This is improper behavior.
According to the router log, the router does not generate a message that indicates that UDP port 1985 cannot be reached, as it should do.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3(2)T1 but may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: A router may reload unexpectedly when a TCP watchdog timer expires.
Conditions: This symptom is observed when the router has hundreds of Border Gateway Protocol (BGP) peers.
Workaround: There is no workaround.
Wide-Area Networking
•
Symptoms: A Cisco 7200VXR series that is configured for ISDN may reload unexpectedly and generate a "low stack for ISDN" error message.
Conditions: This symptom is observed when a high rate of bidirectional traffic occurs on the ISDN B channels.
Workaround: There is no workaround.
•
Symptoms: The Dialer Watch feature may fail to bring up a new connection, and the output of the debug dialer events EXEC command displays the following message:
DDR: Dialer Watch: dialer watch group already set on...Conditions: This symptom is observed when link transitions occur on dialer interfaces.
Workaround: Remove the Dialer Watch feature, and reconfigure it.
•
Symptoms: The idle timer that is associated with a switched virtual circuit (SVC) may time out even when there is traffic flowing across the circuit, and the idle timer may not be reset.
Conditions: These symptoms are observed when packets are (turbo or process) switched via Cisco Express Forwarding (CEF).
Workaround: Set a large value for the idle timer.
Alternate Workaround: Force legacy fast switching by disabling CEF.
•
Symptoms: A Cisco 7500 series may reload with a bus error when you attempt to access a Versatile Interface Processor (VIP) by entering the if-con command.
Conditions: This symptom is observed on a Cisco 7500.
Workaround: Instead of the if-con command, enter the show controllers vip slot-number tech-support EXEC command.
•
Symptoms: A Cisco router may display the following symptoms:
–
–
–
Conditions: These symptoms are observed on a Cisco 7500 series, but the symptoms may be platform independent.
Workaround: Reenter the ip route-cache distributed interface configuration command on the FR interface.
Alternate Workaround: Flap the interface a few times by entering the shutdown interface configuration command followed by the no shutdown interface configuration command.
•
Symptoms: A virtual-access asynchronous call may be disconnected when the local session timer on the physical interface does not stop decrementing and reaches zero.
Conditions: This symptom is observed on a Cisco AS5xx0 and occurs regardless of the value of the absolute session timer that is downloaded from the RADIUS server and that is applied on the virtual-access interface.
Workaround: For the local session timer on the physical interface, configure a larger value than the value of the absolute session timer that is downloaded from the RADIUS server and that is applied on the virtual-access interface.
•
Symptoms: A Cisco router may reboot every five minutes, and the system may return to ROM because of a bus error at PC 0x400F047C, address 0x630BC42E.
Conditions: This symptom is observed on a Cisco 7500 series that runs the rsp- jsv-mz image of Cisco IOS Release 12.2(15)T. The symptom may also occur in other releases.
Workaround: There is no workaround.
•
Symptoms: Spurious memory accesses may occur on a Cisco 7301.
Conditions: This symptom is observed on a Cisco 7301 that functions as a Layer 2 Tunneling Protocol (L2TP) network server (LNS).
Workaround: There is no workaround.
•
Symptoms: After a router has reloaded, an ISDN PRI interface may not reestablish the proper layer 2 state.
Conditions: This symptom is observed on a Cisco router that communicates via Media Gateway Control Protocol (MGCP) with a Cisco CallManager that runs Release 3.3(2)spC.
Workaround: Enter the no mgcp global configuration command followed by the mgcp global configuration command.
Alternate Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the ISDN D channel.
•
Symptoms: An input queue of an interface may become wedged, and the output of the show buffers input-interface EXEC command may not display any packets.
Conditions: This symptom is observed on a Cisco 7500 that is configured with dialer interfaces and a service policy.
Temporary Workaround: Increase the input hold queue.
•
Symptoms: A network access server (NAS) that functions as a Layer 2 Tunneling Protocol (L2TP) access concentrator (LAC) and that authenticates a client via Microsoft CHAP version 2 (MS-CHAPv2) may send a Proxy Authen Type attribute- value pair (AVP) with value 4 (indicating "No Authentication") over the L2TP tunnel. The bundle master interface of the L2TP network server (LNS) may not be able to process this Proxy Authen Type AVP, which may cause the call to fail.
Conditions: This symptom is observed in a multichassis Multilink PPP (MLP) or virtual private dial-up network (VPDN) environment.
Workaround: Configure the LNS in such a way that it always performs link control protocol (LCP) renegotiation.
•
Symptoms: Packet forwarding may not function properly on a terminated Frame Relay permanent virtual circuit (PVC) that is configured on an ISDN link.
Conditions: This symptom is observed on a Cisco 7200 series. The symptom does not occur on other platforms.
Workaround: There is no workaround.
•
Symptoms: A Cisco router may reload unexpectedly while closing a PPP connection.
Conditions: This symptom is observed when many PPP links are being established and closed.
Workaround: There is no workaround.
•
Symptoms: A call from a remote client may be terminated at a Layer 2 Tunneling Protocol (L2TP) network server (LNS) that functions as a multihop node instead of being forwarded to a second LNS.
Conditions: This symptom is observed when the L2TP Tunnel Connection Speed Labeling feature is enabled in a multihop-node configuration in which an LNS functions as a multihop node that authenticates a user based on the connection speed of the user. When the connected Cisco Access Registrar (ARS) RADIUS server sends an Access-Accept message, the LNS should forward the L2TP session to a second LNS, but does not do so, causing the call to be terminated on the LNS itself.
Workaround: There is no workaround.
•
Symptoms: A Call Control Block (CCB) may not be freed when a "suspend" message that was received in an incorrect state is not processed correctly because a CCB leak occurs after a Redundant Link Manager (RLM) flaps.
Conditions: This symptom is observed on a Cisco platform that runs Cisco IOS Release 12.2(15)T7 or Release 12.3 and that is a component of a Cisco PGW 2200 PSTN Gateway that functions in a nailed configuration.
Workaround: There is no workaround.
•
Symptoms: The idle-timeout timer may not be reset, causing a session to be cleared upon expiration of the idle-timeout timer.
Conditions: This symptom is observed when both the ip idle-group interface configuration command and compression are enabled on an interface.
Workaround: There is no workaround.
•
Symptoms: When you enter a nondefault value for the T-activate timer that is used in the ISDN Facility Messaging process, the value does not have any effect.
Conditions: This symptom is observed on a Cisco platform when you change the T-activate timer on a PRI interface.
Workaround: There is no workaround.
•
Symptoms: A Malicious Caller Identification (MCID) request may not be sent for an incoming call on a B channel that had an outstanding MCID request for a previous call.
Conditions: This symptom is observed when the party who invokes the MCID goes on-hook before receiving the MCID response.
Workaround: There is no workaround.
•
Symptoms: Some channels stop sending traffic between two routers after all of the channels are fully utilized.
A multilink interface may occasionally stop transmitting data on a subset of individual links. Various individual links may stall. This symptom occurs on a multilink connection with multiple member links in the bundle. In most situations, the links resume data transmission after a short delay although the links may occasionally stall for an extended time period.
Conditions: This symptom is observed when the traffic load on the bundle is at or near the bundle capacity, and traffic consists of regular patterns of packets (a steady stream of constant-sized packets).
Workaround: Disable fast switching to the bundle interface.
•
Symptoms: A router may reload with a bus error when PPP sessions are disconnected.
Conditions: This symptom is observed on a Cisco router that is running an interim release of Cisco IOS Release 12.3(4). The symptom occurs on PPP sessions that are not directly associated with an interface or a subinterface (for example, PPP over ATM [PPPoATM] or Layer 2 Tunneling Protocol [L2TP]). Earlier releases of Cisco IOS software do not display this symptom.
Workaround: There is no workaround.
•
Symptoms: When the L2TP Extended Failover feature is configured, Layer 2 Tunnel Protocol (L2TP) may not fail over when an L2TP network server (LNS) returns a Stop-Control-Connection-Notification (StopCCN)/Call-Disconnect- Notify (CDN) message.
Conditions: This symptom is observed on a Cisco AS5400 that functions as an L2TP access concentrator (LAC) that is configured to perform authorization via L2TP attributes through a RADIUS server before the Cisco AS5400 forwards traffic.
Workaround: Configure a static virtual private dialup network (VPDN) on the LAC.
•
Symptoms: When a terminating gateway (TGW) receives an ISDN call proceeding (callp) message with a progress indicator (PI) information element (IE), ISDN may not create a generic transparency descriptor (GTD). This situation prevents the TGW from sending an H.225 message to the originating gateway (OGW).
Conditions: This symptom is observed when an ISDN public switched telephone network (PSTN) switch returns a callp message with a PI IE in response to a setup message from the TGW.
The proper behavior should be as follows:
When the TGW receives the callp message, ISDN creates the following GTD:
gtd msg = "
CPG,
PRN,isdn*,,NET5*,"With this GTD, the callp message triggers an H.225 progress message from the TGW to the OGW.
Workaround: There is no workaround.
•
Symptoms: When you enter the frame-relay adaptive-shaping interface-congestion map-class configuration command, the command may not take effect on the configured permanent virtual circuit (PVC), nor may it show up in the running configuration, preventing the command from functioning after the router has reloaded.
Conditions: This symptom is observed on a Cisco 2620XM and a Cisco 3640 that run Cisco IOS Release 12.3 or Release 12.3 T. However, the symptom is platform independent.
Workaround: Reenter the frame-relay adaptive-shaping interface-congestion map-class configuration command after the router has reloaded.
•
Symptoms: A second callback may not be initiated for an ISDN call.
Conditions: This symptom is observed on a Cisco 3725 and AS5800 that runs Cisco IOS Release 12.2(15)T5 or Release 12.3. Problem occurs if more than one dialer map is configured to the same remote-name.
This problem is platform independent.
Workaround: There is no workaround.
•
Symptoms: A Cisco router that functions as a network access server (NAS) and that is configured for Microsoft CHAP version 2 (MS-CHAPv2) may reload unexpectedly.
Conditions: This symptom is observed when a peer of the NAS terminates an MS-CHAPv2 call.
Workaround: Configure the NAS and the peer in such a way that the NAS (instead of the peer) terminates the MS-CHAPv2 call.
•
Symptoms: PPP link control protocol (LCP) may negotiate longer than expected with dialup clients.
Conditions: This symptom is observed on a Cisco AS5400 and a Cisco AS5800.
Workaround: There is no workaround.
•
Symptoms: A network access server (NAS) that runs Microsoft CHAP (MS-CHAP) or Microsoft CHAP version 2 (MS-CHAPv2) may reload unexpectedly.
Conditions: This symptom is observed on a Cisco AS5400 that functions as a NAS but may be platform independent.
Workaround: There is no workaround.
•
Symptoms: Dialer ping packets that are transferred via an asynchronous line may be dropped at the receiving end.
Conditions: This symptom is observed on a Cisco platform when the interface at the receiving end has the dialer map interface configuration command enabled.
Workaround: Do not enter the dialer map interface configuration command. Rather, enter the dialer string interface configuration command.
•
Symptoms: After a router has reloaded, IP connectivity may not be restored. The output of the debug ppp negotiation privileged EXEC command may not indicate any PPP activity.
Conditions: This symptom is observed on a Cisco router that is configured for PPP or Multilink PPP (MLP) connectivity over a serial interface and that runs a Cisco IOS software release that is listed in the "First Fixed-in Version" field at the following location:
http://www.cisco.com/pcgi-bin/Support/Bugtool/onebug.pl?bugid=CSCec54852
Cisco IOS software releases that are not listed in the "First Fixed-in Version" field at this location are not affected.
Workaround: To initiate PPP negotiation to bring up the PPP or MLP link, enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the physical serial interface.
•
Symptoms: A router may not reestablish the backup connection when an active physical ISDN link is interrupted.
Conditions: This symptom is observed on a Cisco router that has dialer backup configured using the Dialer Watch feature. Note that the symptom does not occur when the debug dialer events privileged EXEC command is enabled.
Workaround: To ensure that there is always one B channel available for dialup, even when the ISDN link toggles and causes and active call to be terminated, enter 1 for both the minimum and maximum arguments in the dialer pool-member number min-link minimum max-link maximum interface configuration command.
Alternate Workaround: Enter the debug dialer events privileged EXEC command.
•
Symptoms: A switched virtual circuit (SVC) may not become established. This situation may cause ping failures between routers.
Conditions: This symptom is observed in Cisco IOS Release 12.3.
Workaround: There is no workaround.
•
Symptoms: A router may not be able to renegotiate link control protocol (LCP) after a peer resets a Multilink PPP (MLP) bundle.
Conditions: This symptom is observed on a Cisco router when the peer sends termination requests (TERMREQs) messages to the router via dedicated serial links that are part of an MLP bundle. The router may not be able to renegotiate LCP on these serial links.
Workaround: There is no workaround.
•
Symptoms: Microsoft Callback Control Protocol (MSCB) with a negotiated callback number may not function.
Conditions: This symptom is observed on a Cisco platform when the length of the callback number that is negotiated by the client ("CBK-Client-Num") exceeds 15 digits.
Workaround: There is no workaround.
•
Symptoms: A router may return to ROM monitor (ROMmon) because of a bus error at PC 0x6012F880, address 0x114. The log file may show the following information:
%ALIGN-1-FATAL: Illegal access to a low address addr=0x114, pc=0x6012F880, ra=0x6012F880, sp=0x61FF00B8
%ALIGN-1-FATAL: Illegal access to a low address addr=0x114, pc=0x6012F880, ra=0x6012F880, sp=0x61FF00B8
Unexpected exception, CPU signal 10, PC = 0x6012F880 -Traceback= 6012F880 6010CD54 6010D538 601369A0 600A19BCConditions: This symptom is observed on a Cisco AS5300 that runs Cisco IOS Release 12.3(5) and that is configured for ISDN PRI signaling.
Workaround: There is no workaround.
•
Symptoms: A separate Layer 2 Tunneling Protocol (L2TP) tunnel is created for each L2TP session.
Conditions: This symptom is observed when an L2TP access concentrator (LAC) that has a RADIUS profile tunnel authorization does not have "tunnel-id" or "client-auth-id" attributes configured in the RADIUS profile.
Workaround: Define "tunnel-id" and "client-auth-id" in the RADIUS profile.
•
Symptoms: An "ALIGN-3-SPURIOUS" spurious memory access and traceback may occur on a Cisco 7500 series.
Conditions: This symptom is observed in one of the following conditions:
–
–
Workaround: There is no workaround.
•
Symptoms: A router may reload when Serial Line Internet Protocol (SLIP) is configured on a virtual interface, and then PPP is configured on the same interface.
Conditions: This symptom is observed on the virtual interface of a Layer 2 Tunneling Protocol (L2TP) network server (LNS).
Workaround: There is no workaround.
•
Symptoms: When an attempt is made to bring up a Layer 2 Tunneling Protocol (L2TP) session, the L2TP tunnel may be rejected by an L2TP network server (LNS) and a spurious memory access may occur.
Conditions: This symptom is observed if the "group session-limit" parameter is in the default configuration of the virtual private dial-up network (VPDN) template and the global VPDN session limit is set to any value as shown in the following example:
vpdn-template
group session-limit 2Also, this symptom will be seen only when the VPDN template is configured after an L2TP tunnel and/or session has been set up.
The output of the show vpdn history failure EXEC command displays the following message:
Failure type: Exceeded configured VPDN maximum session limitWorkaround: Configure the VPDN template along with the group session limit before setting up the tunnel for those sessions and not after L2TP tunnel setup. Alternately, if the VPDN template is configured after the session has been set up, before bringing up a new tunnel and/or session again, remove the VPDN template and configure it again.
•
Symptoms: ISDN may not pass on all digits of the number of a calling party to a stack for Voice over IP, modem, or dialer applications.
Conditions: This symptom is observed in a rare situation when the number of a calling party exceeds 28 digits. The digits above 28 are not passed on to the stack.
Workaround: There is no workaround.