Cisco IOS Software Releases 12.4 Special and Early Deployments

Table Of Contents

Release Notes for Cisco AS5000 Universal Gateways with Cisco IOS Release 12.4(11)XW

Contents

Introduction

System Requirements

Memory Requirements

Supported Hardware

Determining the Software Version

Upgrading to a New Software Release

Feature Set Tables

New and Changed Information

New Hardware Features in Cisco IOS Release 12.4(11)XW9

New Software Features in Cisco IOS Release 12.4(11)XW9

New Hardware Features in Cisco IOS Release 12.4(11)XW8

New Software Features in Cisco IOS Release 12.4(11)XW8

New Hardware Features in Cisco IOS Release 12.4(11)XW7

New Software Features in Cisco IOS Release 12.4(11)XW7

New Hardware Features in Cisco IOS Release 12.4(11)XW6

New Software Features in Cisco IOS Release 12.4(11)XW6

New Hardware Features in Cisco IOS Release 12.4(11)XW5

New Software Features in Cisco IOS Release 12.4(11)XW5

New Hardware Features in Cisco IOS Release 12.4(11)XW3

New Software Features in Cisco IOS Release 12.4(11)XW3

New Hardware Features in Cisco IOS Release 12.4(11)XW2

New Software Features in Cisco IOS Release 12.4(11)XW2

New Hardware Features in Cisco IOS Release 12.4(11)XW1

New Software Features in Cisco IOS Release 12.4(11)XW1

New Hardware Features in Cisco IOS Release 12.4(11)XW

New Software Features in Cisco IOS Release 12.4(11)XW

AMR-NB and iLBC Codec Support for MGCP

DSP Voice Quality Metrics Guide

Universal Voice Transcoding Support for IP-to-IP Gateways

New Features in Release 12.4T

Limitations and Restrictions

Caveats

Open Caveats - Release 12.4(11)XW9

Resolved Caveats - Release 12.4(11)XW9

Open Caveats - Release 12.4(11)XW8

Resolved Caveats - Release 12.4(11)XW8

Open Caveats - Release 12.4(11)XW7

Resolved Caveats - Release 12.4(11)XW7

Open Caveats - Cisco IOS Release 12.4(11)XW6

Resolved Caveats - Cisco IOS Release 12.4(11)XW6

Open Caveats - Cisco IOS Release 12.4(11)XW5

Resolved Caveats - Cisco IOS Release 12.4(11)XW5

Open Caveats - Cisco IOS Release 12.4(11)XW3

Resolved Caveats - Cisco IOS Release 12.4(11)XW3

Open Caveats - Cisco IOS Release 12.4(11)XW2

Resolved Caveats - Cisco IOS Release 12.4(11)XW2

Open Caveats - Cisco IOS Release 12.4(11)XW1

Resolved Caveats - Cisco IOS Release 12.4(11)XW1

Open Caveats - Cisco IOS Release 12.4(11)XW

Resolved Caveats - Cisco IOS Release 12.4(11)XW

Additional References

Release-Specific Documents

Platform-Specific Documents

Cisco IOS Software Documentation Set

Documentation Modules

Notices

Release Notes for Cisco AS5000 Universal Gateways with Cisco IOS Release 12.4(11)XW

---

First Released: May 4, 2007

Last Revised: August 12, 2008

Cisco IOS Release 12.4(11)XW9

OL-13466-08 Eighth Release

These release notes describe new features and significant software components for the Cisco AS5350, Cisco AS5350XM, Cisco AS5400, Cisco AS5400HPX, Cisco AS5400XM, and Cisco AS5850-ERSC universal gateways that support the Cisco IOS Release 12.4(11)XW releases. These release notes are updated as needed. Use these release notes with the Cross-Platform Release Notes for Cisco IOS Release 12.4T and About Cisco IOS Release Notes.

For a list of the software caveats that apply to Cisco IOS Release 12.4(11)XW, see the "Caveats" section and the online Caveats for Cisco IOS Release 12.4T. The caveats document is updated for every 12.4T maintenance release.

Contents

•Introduction

•System Requirements

•New and Changed Information

•Caveats

•Additional References

•Notices

Introduction

The Cisco AS5350XM, Cisco AS5400XM, and Cisco AS5850 universal gateways are the only 1-rack unit, 2-, 4-, or 8-PRI gateway that provides universal services—data, voice, and fax services on any service, any port. The Cisco AS5350XM, Cisco AS5400XM, and Cisco AS5850 universal gateways offer high performance and high reliability in a compact, modular design. This cost-effective platform is ideally suited for Internet service providers (ISPs) and enterprises that require innovative universal services.

System Requirements

This section describes the system requirements for Cisco IOS Release 12.4(11)XW and includes the following sections:

•Memory Requirements

•Supported Hardware

•Determining the Software Version

•Upgrading to a New Software Release

•Feature Set Tables

Memory Requirements

Table 1and Table 2 describe the memory requirements for the Cisco IOS feature sets that are supported by Cisco IOS Release 12.4(11)XW on the Cisco AS5350XM, Cisco AS5400XM, and Cisco AS5850 universal gateways.

Table 1 Memory Requirements for the Cisco AS5350XM Universal Gateway 

Platform	Image Name	Feature Set	Software Image	Flash Memory (MB)	DRAM (MB)
Cisco AS5350XM	Cisco AS5350 Ser. IOS INT Voice/Video IPIPGW, TDMIP GW LI	INT Voice/Video IPIPGW, TDMIP GW LI	c5350-jk9su2_ivs-mz	128	512
	Cisco AS5350 Ser. IOS INT Voice/Video IPIPGW, TDMIP GW EPLUS	INT Voice/Video IPIPGW, TDMIP GW EPLUS	c5350-js_ivs-mz	64	512
Cisco AS5350, AS5350XM	Cisco AS5350 Ser. IOS IP Plus IPsec 3DES	IP Plus IPsec 3DES	c5350-ik9s-mz	64	512
	Cisco AS5350 Ser. IOS IP PLUS IPSEC 3DES Lawful Intercept	IP Plus IPSEC 3DES Lawful Intercept	c5350-ik9su2-mz	64	512
	Cisco AS5350 Ser. IOS IP Plus	IP Plus	c5350-is-mz	64	512
	Cisco AS5350 Ser. IOS Enterprise Plus IPsec 3DES	Enterprise Plus IPsec 3DES	c5350-jk9s-mz	64	512
	Cisco AS5350 Ser. IOS Enterprise Plus	Enterprise Plus	c5350-js-mz	64	512

Table 2 Memory Requirements for the Cisco AS5400XM Universal Gateway 

Platform	Image Name	Feature Set	Software Image	Flash Memory (MB)	DRAM (MB)
Cisco AS5400XM	Cisco AS5400 Ser. IOS INT Voice/Video IPIPGW, TDMIP GW LI	INT Voice/Video IPIPGW, TDMIP GW LI	c5400-jk9su2_ivs-mz	128	512
	Cisco AS5400 Ser. IOS IP PLUS IPSEC 3DES	IP Plus IPsec 3DES	c5400-ik9s-mz
	Cisco AS5400 Ser. IOS INT Voice/Video IPIPGW, TDMIP GW EPLUS	INT Voice/Video IPIPGW, TDMIP GW EPLUS	c5400-js_ivs-mz
Cisco AS5400, AS5400HPX, AS5400XM	Cisco AS5400 Ser. IOS Enterprise Plus	Enterprise Plus	c5400-js-mz	64	512
	Cisco AS5400 Ser. IOS Enterprise Plus IPsec 3DES	Enterprise Plus IPsec 3DES	c5400-jk9s-mz	64	512
	Cisco AS5400 Ser. IOS IP Plus	IOS IP Plus	c5400-is-mz	64	512
	Cisco AS5400 Ser. IOS IP Plus IPsec 3DES Lawful Intercept	IP Plus IPsec 3DES Lawful Intercept	c5400-ik9su2-mz	64	512
Cisco AS5850-ERSC	Cisco AS5850 IOS ERSC Service Provider Plus IPsec 3DES	Service Provider Plus IPsec 3DES	c5850tb-k9p9-mz	64	512
	Cisco AS5850 IOS ERSC Service Provider Plus	Service Provider Plus	c5850tb-p9-mz	64	512

Supported Hardware

Cisco IOS Release 12.4(11)XW supports the following Cisco AS5x00 platforms:

•Cisco AS5350

•Cisco AS5350XM

•Cisco AS5400

•Cisco AS5400HPX

•Cisco AS5400XM

For detailed descriptions of new hardware features and which features are supported on each router, see the "New and Changed Information" section.

For descriptions of existing hardware features and supported modules, see the hardware installation guides, configuration and command reference guides, and additional documents specific to the Cisco AS5350 series routers, which are available at

http://www.cisco.com/en/US/products/sw/accesssw/ps502/tsd_products_support_series_home.html

For descriptions of existing hardware features and supported modules, see the hardware installation guides, configuration and command reference guides, and additional documents specific to the Cisco AS5400 series routers, which are available at

http://www.cisco.com/en/US/products/hw/univgate/ps505/tsd_products_support_series_home.html

Determining the Software Version

To determine the version of Cisco IOS software currently running on your Cisco AS5000 series router, see About Cisco IOS Release Notes located at http://www.cisco.com/en/US/docs/ios/12_4/12_4x/12_4xy15/ReleaseNote.html.

Upgrading to a New Software Release

For general information about upgrading to a new software release, see About Cisco IOS Release Notes located at http://www.cisco.com/en/US/docs/ios/12_4/12_4x/12_4xy15/ReleaseNote.html.

Feature Set Tables

For information about feature set tables, see About Cisco IOS Release Notes located at http://www.cisco.com/en/US/docs/ios/12_4/12_4x/12_4xy15/ReleaseNote.html.

New and Changed Information

•New Hardware Features in Cisco IOS Release 12.4(11)XW9

•New Software Features in Cisco IOS Release 12.4(11)XW9

•New Hardware Features in Cisco IOS Release 12.4(11)XW9

•New Software Features in Cisco IOS Release 12.4(11)XW8

•New Hardware Features in Cisco IOS Release 12.4(11)XW7

•New Software Features in Cisco IOS Release 12.4(11)XW7

•New Hardware Features in Cisco IOS Release 12.4(11)XW6

•New Software Features in Cisco IOS Release 12.4(11)XW6

•New Hardware Features in Cisco IOS Release 12.4(11)XW5

•New Software Features in Cisco IOS Release 12.4(11)XW5

•New Hardware Features in Cisco IOS Release 12.4(11)XW3

•New Software Features in Cisco IOS Release 12.4(11)XW3

•New Hardware Features in Cisco IOS Release 12.4(11)XW2

•New Software Features in Cisco IOS Release 12.4(11)XW2

•New Hardware Features in Cisco IOS Release 12.4(11)XW1

•New Software Features in Cisco IOS Release 12.4(11)XW1

•New Hardware Features in Cisco IOS Release 12.4(11)XW

•New Software Features in Cisco IOS Release 12.4(11)XW

•New Features in Release 12.4T

New Hardware Features in Cisco IOS Release 12.4(11)XW9

There are no new hardware features in this release.

New Software Features in Cisco IOS Release 12.4(11)XW9

There are no new software features in this release.

New Hardware Features in Cisco IOS Release 12.4(11)XW8

There are no new hardware feature in this release.

New Software Features in Cisco IOS Release 12.4(11)XW8

There are no new software features in this release.

New Hardware Features in Cisco IOS Release 12.4(11)XW7

There are no new hardware feature in this release.

New Software Features in Cisco IOS Release 12.4(11)XW7

There are no new software features in this release.

New Hardware Features in Cisco IOS Release 12.4(11)XW6

There are no new hardware features in this release.

New Software Features in Cisco IOS Release 12.4(11)XW6

There are no new software features in this release.

New Hardware Features in Cisco IOS Release 12.4(11)XW5

There are no new hardware features in this release.

New Software Features in Cisco IOS Release 12.4(11)XW5

There are no new software features in this release.

New Hardware Features in Cisco IOS Release 12.4(11)XW3

There are no new hardware features in this release.

New Software Features in Cisco IOS Release 12.4(11)XW3

There are new software features in this release.

New Hardware Features in Cisco IOS Release 12.4(11)XW2

There are no new hardware features in this release.

New Software Features in Cisco IOS Release 12.4(11)XW2

There are new software features in this release.

New Hardware Features in Cisco IOS Release 12.4(11)XW1

There are no new hardware features in this release.

New Software Features in Cisco IOS Release 12.4(11)XW1

There are new software features in this release.

New Hardware Features in Cisco IOS Release 12.4(11)XW

There are no new hardware features in this release.

New Software Features in Cisco IOS Release 12.4(11)XW

The following new software is supported in this release:

•AMR-NB and iLBC Codec Support for MGCP

•DSP Voice Quality Metrics Guide

•Universal Voice Transcoding Support for IP-to-IP Gateways

AMR-NB and iLBC Codec Support for MGCP

The Adaptive Multirate Narrow Band (AMR-NB) codec is a high complexity multimode codec that adapts to speech and channel coding depending on channel conditions. The internet Low Bitrate Codec (iLBC) is a standard, high-complexity speech codec that is suitable for robust voice communication over IP. These codecs are now available for use with MGCP.

http://www.cisco.com/en/US/docs/ios/12_4t/12_4t15/it_amrnb.html

DSP Voice Quality Metrics Guide

DSP voice quality metrics improve your ability to monitor, analyze, and ultimately meet your quality of service (QoS) objectives for your network. For more information, go to:

http://www.cisco.com/en/US/docs/ios/12_4t/12_4t15/vqmetric.html

Universal Voice Transcoding Support for IP-to-IP Gateways

Universal Transcoding allows transcoding from any supported codec to any other supported codec. For more information, go to:

http://www.cisco.com/en/US/docs/ios/12_4t/12_4t15/it_unitr.html

New Features in Release 12.4T

For information regarding the features supported in Cisco IOS Release 12.4T, see the Cross-Platform Release Notes links at: http://www.cisco.com/en/US/products/ps6441/prod_release_notes_list.html

Limitations and Restrictions

There are no known limitations or restrictions in this release.

Caveats

For general information on caveats and the bug toolkit, see About Cisco IOS Release Notes located at http://www.cisco.com/en/US/docs/ios/12_4/12_4x/12_4xy15/ReleaseNote.html.

This section contains the following caveat information:

•Open Caveats - Release 12.4(11)XW9

•Resolved Caveats - Release 12.4(11)XW9

•Open Caveats - Release 12.4(11)XW9

•Resolved Caveats - Release 12.4(11)XW8

•Open Caveats - Release 12.4(11)XW7

•Resolved Caveats - Release 12.4(11)XW7

•Open Caveats - Cisco IOS Release 12.4(11)XW6

•Resolved Caveats - Cisco IOS Release 12.4(11)XW6

•Open Caveats - Cisco IOS Release 12.4(11)XW5

•Resolved Caveats - Cisco IOS Release 12.4(11)XW5

•Open Caveats - Cisco IOS Release 12.4(11)XW3

•Resolved Caveats - Cisco IOS Release 12.4(11)XW3

•Open Caveats - Cisco IOS Release 12.4(11)XW2

•Resolved Caveats - Cisco IOS Release 12.4(11)XW2

•Open Caveats - Cisco IOS Release 12.4(11)XW1

•Resolved Caveats - Cisco IOS Release 12.4(11)XW1

•Open Caveats - Cisco IOS Release 12.4(11)XW

•Resolved Caveats - Cisco IOS Release 12.4(11)XW

Open Caveats - Release 12.4(11)XW9

There are no open caveats in this release.

Resolved Caveats - Release 12.4(11)XW9

CSCsq13348

The Cisco IOS Intrusion Prevention System (IPS) feature contains a vulnerability in the processing of certain IPS signatures that use the SERVICE.DNS engine. This vulnerability may cause a router to crash or hang, resulting in a denial of service condition.

Cisco has released free software updates that address this vulnerability. There is a workaround for this vulnerability.

NOTE: This vulnerability is not related in any way to CVE-2008-1447 - Cache poisoning attacks. Cisco Systems has published a Cisco Security Advisory for that vulnerability, which can be found at http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080924-iosips.shtml.

CSCek52673 Single crafted udp packet reloads router with dhcp server

Symptom    A router that has DHCP server enabled could reload after receiving a malformed UDP packet.

Workaround   There is no workaround.

CSCek71149 Error message when dir is issued

Symptom    "Error getting file system status (Unknown error 0) or (Bad file number)" was observed when dir <archive/system/tmpsys:> was issued. The rest of the file systems have no problem (i.e. dir nvram/flash/usbtoken0:... etc)

Conditions   Load routers with problem releases.

Workaround   There is no workaround.

CSCsg42546 Reload when MGCP CRCX has sRTP and V150 params in LCO

Symptom    An MGCP gateway reloads when receiving Secure Real-Time Transport Protocol (SRTP) and V.150 parameters in the local connection options of a Create Connection (CRCX) message.

Conditions   This symptom has been observed when the gateway is configured to use SRTP and V.150 protocols.

Workaround   Disable the use of either SRTP or V.150 protocol in the gateway.

CSCsj32422 CBWFQ:Unable to reconfigure the policy map after exceeding the 
bandwidth

Symptom    Once policy map is configured and bandwidth is exceeded while dividing amongst the classes, re-configuration of the policy map is not possible.

Conditions   Create a policy map, exceed the bandwidth amongst the classes (e.g. try to divide more than 75% in CBWFQ).

Workaround   Don't exceed the bandwidth while configuring the policy map.

CSCsj50773 High cpu when querying ipRouteTable MIB

Symptom    Performing the snmpwalk on the ipRouteTable MIB may cause high CPU and reloads.

Conditions   This symptom is observed on a router that is running Cisco IOS Release 12.4(13b) or later releases.

Workaround   Create a view that excludes the ipRouteTable:

snmp-server view cutdown 1.3.6.1.2.1.4.21 exclude

snmp-server view cutdown internet included

snmp-server community <comm> view cutdown RO

This view restricts the objects that the NMS can poll. It excludes access to the ipRouteTable, but allows access to the other MIBs.

CSCsj82622 Crash editing ACL cce_dp_named_db_ip_access_list_impure

Symptom    A router may crash when you configure an access control list (ACL) that has at least 50-60 ACEs (about 100 nodes) that is used in policy maps that are already applied to an interface or when you boot the router after having made the configuration change. When the crash occurs, the following error message is generated: %ALIGN-1-FATAL: Corrupted program counter pc=0x0 , ra=0x0 , sp=0x66EFB8A0

Conditions   This symptom is observed on a Cisco 7200 series that runs Cisco IOS Release 12.4(15)T or Release 12.4(15)T1.

Workaround   There is no workaround.

CSCsk27147 SNMP stops responding while polling from CISCO-MEMORYPOOL-MIB

Symptom    The following SNMP is incorrectly generated:"%SNMP-3-INPUT_QFULL_ERR: Packet dropped due to input queue full". This issue is affecting the CISCO-MEMORYPOOL-MIB instead.

Conditions   Occurs on a Cisco 2600 series router running Cisco IOS Release 12.4(11)T3. The router keeps dropping SNMP packets. The log shows that the packets are dropped because of the input queue being full. Although the utilization is sometimes high, this could not be the root cause, as the router keeps dropping packets regardless of the current utilization. Also, the snmp process takes 5-20% of the CPU load.

Workaround   Exclude ciscoMemoryPoolMIB from your query with the following commands:

snmp-server view public-view iso included

snmp-server view public-view ciscoMemoryPoolMIB excluded.

Apply this view to the RW community string. This view will exclude only ciscoMemoryPoolMib, all other MIBs will be available.

CSCsk39642 router crash when copying saved config to running config

Symptom    A router crashes.

Conditions   This symptom is observed when you are running Cisco IOS Release 12.4(17) or Release 12.4T and when you copy the saved configuration to the running configuration.

Workaround   There is no workaround.

CSCsk94676 dlsw with tbridge, COMMON_FIB-4-FIBIDBMISMATCH

Symptom    Transparent bridging into DLSw does not work.The following messages are displayed:

*Jan 29 19:00:50.727: %COMMON_FIB-4-FIBHWIDBMISMATCH: Mis-match between hwidb DLSw Port0 (ifindex 5) and fibhwidb GigabitEthernet2/3 (ifindex 5)-Traceback= 407C7004 407C8A38 407C7CEC 407C7EE4 413C9900 41BCE138 41BCCD54 41BCCFA8 41BCA330 413C0128 413C0114

*Jan 29 19:00:50.727: %COMMON_FIB-4-FIBMISSINGHWIDB: No fibhwidb while initializing fibidb for DLSw Port0 (if_number 5)

-Traceback= 407C83D4 407C8A9C 407C7CEC 407C7EE4 413C9900 41BCE138 41BCCD54 41BCCFA8 41BCA330 413C0128 413C0114

Conditions   When using DLSw+ together with transparent bridging.

Workaround   For a workaround, all transparent bridging commands related to dlsw can be replaced with DLSW Ethernet redundancy.

i.e.

As global command:

no dlsw bridge-group X

and on the interface:

no bridge-group X

on the interface replace it with:

dlsw transparent redundancy-enable 9999.9999.9999

CSCsl70722 Router crash polling rttmon mib with active IP SLA probes

Symptom    A router running Cisco IOS may crash due to watchdog timeout.

Conditions   Occurs when IP SLA probes are configured and active for a period of 72 weeks. After this much time has passed, polling the rttmon mib for the probe statistics will cause the router to reload. Then the problem will not be seen again for another 72 weeks.

Workaround   There is no workaround.

CSCsm17281 Router crashes when adding ACL line to Service Policy

Symptom    Device running 12.4(17.6)T will crash after adding line to an access-list attached to a service policy

Workaround   There is none.

CSCsm77199 DATACORRUPTION-1-DATAINCONSISTENCY HTTP_FIND_FLASH_FILE

Symptom    If the HTTP secure server capability is present, Switch shows the error message "%DATACORRUPTION-1-DATAINCONSISTENCY: copy error" with tracebacks after initializing the supervisor. This error message can be verified in show logging output.

Conditions   ip http server is configured.

Workaround   Configure no ip http server. The switch functionality is not affected by this error message.The problem is cosmetic.

CSCso09539 ACK not sent to 200 OK from CUE during h323 slowstart -- sip delayed med

Symptom    Incoming H323 slow start call to CME when forwarded to voicemail in CUE may result in no audio.

Conditions   This problem was observed when CME did not send ACK to 200 OK response from CUE.

Workaround   Use H323 Faststart.If incoming H323 calls need to be slow-start for video calls and calls to voicemail need to be faststart, enable H.450 call transfer feature and use two incoming dial-peers:

•One H323 dial-peer configured with "incoming called-number <ephone-dn extension range>"

and H323 slowstart using voice-class h323.

•Another H323 dial-peer configured with "incoming called-number <voicemail dn>" and

H323 faststart using voice-class h323.

CSCsq42134 JPN: 7921 XML Services are displayed as squares

Symptom    7921 directories are displayed as squires in CME Userlocale: JP environment.

Conditions   7921: 1.1.1

CME: 4.2 (IOS 12.4(11)XW7)

Locale File : CME-locale-jp_JP-4.1.0.1.tar

Workaround   There is no workaround.

CSCsq44013 View used twice with logging enabled

Symptom    The CPE does not reply to the DNS query from the client for the first try, first response is being dropped.

Conditions   This is seen on a router running 12.4T IOS image configured with Split DNS

The view is used twice rather than once.

Workaround   There is no workaround.

CSCsq64715 EM login credential could be set to stack junk in error condition

Symptom    EM login username and password may be set to random values in process stack in case the actual input from the phone is in an invalid format. And if both string picked up from the stack happen to match a username/password pair in a configured user profile, EM will login the user accidentally.

Workaround   There is no workaround.

CSCsq67163 IPSLA RTP operation crashes the router

Symptom    Scheduling of IP SLA RTP operation crashes the router.

Conditions   This problem occurs only when IPSLA RTP operation is configured and is scheduled to run.

Workaround   There is no workaround.

CSCsq74999 SCCP FXS ports connected to FAX machines lock up

Symptom    FXS that have fax/modems connected intermittently fail. Once they are in this stuck state, an incoming call to them will not ring the line, there will be no output in debug vpm sig. Outbound calls/faxes typically still work.

FXS port must be SCCP controlled. The problem is likely to occur when the pots leg is disconnected before the voip leg. If this occurs the port can go into this "stuck" state. Any subsequent calls will not ring the fax machine on this port.

Workaround   Temporary workaround is to "shut/no shut" the voice-port. This problem seems to be related to cisco fax-relay being invoked and it's interoperability with SCCP in this IOS version. Configuring:

voice service voip

fax protocol none

will prevent the problem from happening. Removing the SCCP config from the ports will also prevent it from happening.

CSCsr01058 SPLIT_DNS: Debug msg Forwarding back reply is missing

Symptom    An IOS device configured as a DNS server is vulnerable to forged answer attacks. In this type of attack, a malicious user can cause the IOS DNS server to accept a forged answer that associates a name with an IP address chosen by the malicious user. This answer ends up in the cache of the DNS server. This attack can be made more difficult by randomizing both the DNS transaction ID and the UDP source port number that the DNS server (the IOS device) uses to relay DNS queries for domain it is not authorized for.

Conditions   The above symptom is seen on a router loaded with 12.4(19.18)T image and above.

Workaround   In the case of IOS, when the IOS name server relays a query, the DNS transaction ID that is used is the original ID received from the client, and the source UDP port is always 53. To make the IOS DNS server more resilient and less vulnerable to DNS cache poisoning attacks, at the very minimum both the DNS transaction ID and the UDP source port number must be randomized. The use of bit 0x20 in DNS labels to improve transaction identity is also recommended.

This is a security issue. The problem, however, only exists for customers who are running the IOS DNS Server/Forwarder and this is presumed to not be the usual case.

CSCsr18200 busy tone issue when receiving a 183 Message

Symptom    A busy tone is not heard when a 183 message is received before a 4xx busy message.

Conditions   SIP Trunk architecture with Italtel SSW. The bug affects both 12.4(15)T and 12.4(11)XW software releases.

Workaround   A patch is required, forcing the media off when a busy message is received.

CSCsr71715 Call display missing when park or xfer HW conference call

Symptom    Caller ID and Call bubble missing when a HW conference call is parked or Xfere

Open Caveats - Release 12.4(11)XW8

There are no open caveats in this release.

Resolved Caveats - Release 12.4(11)XW8

CSCse70333 CFwdAll erroneously reconfigured after disabling night service

Symptom    CFwdAll incorrectly appears after night service is disabled.

Conditions   CFwdAll was initially configured via softkey and un-configured via CLI. On the same dn as CFwdAll was on, night service is enabled and disabled.

Workaround   Remove CFwdAll via softkey or reload the router.

CSCsj38755 Ping Fails over ATM interface.

Symptom    Ping fails over the atm interface while applying Quality of Service.

Conditions   When we configure the qos on ATM interfaces on the back to back connected routers the ping fails.

Workaround   There is no workaround.

CSCsl26765 DTMF not detected by CUE if I/C call is txfer to ph with CFDWALL to VM

Symptom    On CUBE DTMF is not detected to stop prompt playback or record message.

Conditions   When the REMOTE incoming call is transferred to SCCP phone with CFWDALL to CUE-VM, DTMF is not detected to stop prompt playback or message recording. If original caller was LOCAL and followed the same call sequence, then there was no issue

Workaround   There is no workaround.

CSCsm23378 DTMF transcoding from rtp-nte to in-band fails for same codec

Symptom    DTMF transcoding should be done between call legs if DTMF relay is different, even if voice codecs are the same.

Conditions   If voice codecs are the same, but DTMF relay settings are different then no transcoding is done. But when voice codecs are different then transcoding is invoked, and DTMF is transcoded from rtp-nte to in-band.

Workaround   There is no workaround.

CSCsm34706 CUBE sends fixed DTMF duration and ignores received H.245 User Input

Symptom    CUBE sends a fixed 800 time units for every digit pressed (sent via RFC 2833) regardless of what it receives in the duration of a H.245 User Input field.

Conditions   In H323-SIP interworking scenario on CUBE, for DTMF conversion from 245-alphanumeric to RFC2833, regardless of the duration received in H.245 User Input field, CUBE always sends a fixed 800 ms for every digit pressed (sent via RFC 2833).

Workaround   There is no workaround.

CSCsm37093 CME 4.1after security is enabled 7970 will register with US locale.

Symptom    After security is enabled locale in the phone 7970 cannot be changed.

Conditions   Customer cannot leave security enabled and configure their locale on Cisco 7960 and Cisco 7940 do not present the issue as they have the firmware locally stored (flash)

CSCsm64258 ephone-hunt group does NOT present calls to overlaid DNs

Symptom    When an ephone hunt-group is configured with 'present-call idle-phon', the ephone hunt-group skips the DNs which are configured as overlay.

Conditions   The problem is observed under the following conditions:

- ephone hunt-group is configured with 'present-call idle-phone'

- DN is configured as overlay

Workaround   Remove the 'present-call idle-phone' configuration from the ephone-hunt configuration and do not use overlaying.

CSCsm74560 phone does not look for network locale file for user defined languages

Symptom    Wireless IP phone 7920 does not download the 7960-tones.xml files when user defined network locale is configure.

Conditions   CME writes incomplete XML tags in the phone config file, for user defined language network locale. So phone cannot generate the query for the relevant network locale file.

Workaround   Complete the following steps to resolve the problem:

a. Along with User defined, we also need to define inbuilt network locale. For example:

–DE - Germany

– telephony- service

– network- locale DE

– create cnf- files

b. Rename the user defined file to 'germany_7960-tones.xml'.

c. Replace the file under ITS directory with the new 'germany_7960-tones.xml' (Make sure the name is the system defined name).

d. Do not run 'create cnf-file' as it will again override with the system defined parameters.

e. Reboot the 7921 wireless phone.

In case if you have issue in 'create cnf-file', then ensure to repeat all the steps mentioned above again.

CSCsm88771 CME trunk optimized calls being put on hold automatically

Symptom    Answering a trunk call transferred from another phone is automatically put on hold and cannot be resumed.

Conditions   The call originally came in on a trunk dn and is transferred to another extension on a phone sharing that trunk. Trunk optimization takes place.

Workaround   There is no workaround.

CSCsm89158 7921 does not display call park number while the call is parked

Symptom    7921 does not show the parked number when the call is parked.

Conditions   UC520W-16U-4FXO-K9 and 7921(CP7921G-1.0.3.LOADS)

Workaround   There is no workaround.

CSCso25982 SIP transfer at connect with No Audio

Symptom    No audio when one SIP extension transfers a call from PSTN side to second SIP extension.

Conditions   The call flows from PSTN to SIP Extension-A, transfer at connect to SIP Extension-B.Make a call from PSTN to DID number of SIP extension-A, extension-A answers. SIP extension-A transfer-at-connect to SIP extension-B, Extension-B answers. Extension-A completes the transfer by pressing transfer button. PSTN and Extension-B gets connected but NO AUDIO.

Workaround   There is no workaround.

CSCso26056 SIP Extension unable to transfer at alert to a PSTN number

Symptom    SIP(XOR) extension is also UNABLE to retrieve the call to PSTN-A(XEE) (hold state).

PSTN-A(XEE) remains in hold state.

Conditions   "No supplementary-service sip refer" XEE coming to CME through SIP trunk, to SIP phone XOR, consultation transfer to XTO going out through SIP trunk. The SIP trunk dial-peer has same destination pattern as pots dial-peer, and pots dial-peer needs to have preference lower than SIP trunk dial-peer.

Workaround   Use "supplementary-service sip refer" or remove pots dial-peer with same destination pattern or make SIP trunk dial-peer preference lower than pots dial-peer.

CSCso27097 One way audio after xferring incoming SIP trunk call with transcoder

Symptom    One way audio after transfer.

Conditions   XEE SIP trunk or phone, XOR SIP Phone, XTO sccp. XEE codec is different from XOR codec, using transcoder.

Workaround   Try to use same codec.

CSCso36239 wrong primary-phone observed after re-configure primary-dn of the 
ephone

Symptom    Wrong primary-phone observed after re-configure primary-dn of the ephone

Conditions   Wrong primary-phone observed after re-configure primary-dn of the ephone

Workaround   There is no workaround.

CSCso39201 ephone gets into DND mode while in Connected state

Symptom    7961 and 7941 phones going into DND mode in Connected state.

Conditions   User getting incoming call on 7941 and 7961 phones. Since the softkeys do not update fast, if the user presses DND immediately after going into connected state then after going onhook the user phone would be stuck in DnD mode.

Workaround   There is no workaround.

CSCso42145 CCME ephone name config result in called number display issue

Symptom    IP phone is displaying the calling name in placed of called name for an incoming call from PSTN.

Conditions   The problem exists in 12.4(15)XW code.

Workaround   There is no workaround.

CSCso45361 High jitter in ringback from CUE

Symptom    External caller gets transferred from CUE to an internal DN number, and the ringback sent to the caller is distorted because of jitter.

Conditions   Internal DN to Internal DN ringbacks on CUE are fine, only external calls.

Workaround   There is no workaround.

CSCso56824 SCCP OOB-RFC2833 DTMF interworking issue for CME customer

Symptom    RFC2833 DTMF packets are sent too fast to be processed by IVR systems.

Conditions   Send DTMF tone via RTP-NTE.

Workaround   There is no workaround.

CSCso64585 redundant CallRemoteMultiLine sccp msg to monitor park DN

Symptom    Jitter or voice quality issue may occur.

Conditions   If there are a lot of ephones, say there are 50, monitoring same park DN, there will be 2500 same sccp messages sent to these 50 phones respectively in few mili seconds.

Workaround   There is no workaround.

CSCso67655 S2 CFD: Secure DSPFarm doesn't register after a reload of the router

Symptom    After Reload, Secure Conference profile does not register with Cisco Call Manager.

Conditions   This happens when a specific trustpoint is specified for Cisco Call Manager cert authentication during TLS handshake.

Workaround   Do not specify the trustpoint when configuring CallManager CCM using CLI "sccp ccm <ip address> tag version <x>.

CSCso74656 MG2:device-based BLF shown incorrect status for EM

CSCso78702 7961 IP Phone acct softkey get "no park number available"

Symptom    2851 Version 12.4(15)T4 press the ACCT SoftKey and get "NO PARK NUMBER AVAILABLE".

CSCso95643 sRTP Package missing in c1861

Symptom    MGCP srtp-package option is not available in c1861 platform.

Conditions   This occurs on Cisco 1861 only.

Workaround   There is no workaround.

Open Caveats - Release 12.4(11)XW7

There are no open caveats in this release.

Resolved Caveats - Release 12.4(11)XW7

•CSCsl62609

Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS that can be exploited remotely to trigger a memory leak or to cause a reload of the Cisco IOS device.

Cisco has released free software updates that address these vulnerabilities. Fixed Cisco IOS software listed in the Software Versions and Fixes section contains fixes for all vulnerabilities addressed in this advisory.

There are no workarounds available to mitigate the effects of any of the vulnerabilities apart from disabling the protocol or feature itself, if administrators do not require the Cisco IOS device to provide voice over IP services.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080924-sip.shtml.

•CSCsk60020

The Secure Shell server (SSH) implementation in Cisco IOS contains multiple vulnerabilities that allow unauthenticated users the ability to generate a spurious memory access error or, in certain cases, reload the device.

The IOS SSH server is an optional service that is disabled by default, but its use is highly recommended as a security best practice for management of Cisco IOS devices. SSH can be configured as part of the AutoSecure feature in the initial configuration of IOS devices, AutoSecure run after initial configuration, or manually. Devices that are not configured to accept SSH connections are not affected by these vulnerabilities.

Common Vulnerabilities and Exposures (CVE) identifier CVE-2008-1159 has been assigned to this bug.

The Security Advisory for this issue is posted at

http://www.cisco.com/warp/public/707/cisco-sa-20080521-ssh.shtml.

CSCsi55685- kron removes recurring tclsh cli after first run

Symptom    The following recurring kron schedule fails and gets removed after the first run. kron occurrence tcl in 1 recurring policy-list tcl ! kron policy-list tcl cli tclsh disk0:hello.tcl!

Conditions   enter the following configuration commands: kron occurrence tcl in 1 recurring policy-list tcl ! kron policy-list tcl cli tclsh unix:hello.tcl ! create a file on disk0: called hello.tcl with the following contents: puts "hello"

Workaround   There is no workaround.

CSCsk25697- unprotected buginf may cause cpuhog under repeated udp traffic to 53

Symptom    A router with DNS server configured may show CPUHOG tracebacks when it receives repeated crafted udp packets to its port 53. Sample for 3800 router: %SYS-3-CPUHOG: Task is running for (40004)msecs, more than (2000)msecs (5/0),process = DNS Server Input. -Traceback=0x60D68CDC 0x6033D984 0x6180E58C FFFFFFA0 3F 4E 60 0x708DFD18 06 FFFFFFFE FFFFFF88 FFFFFFA5 FFFFFFA3 FFFFFF92 FFFFFFA7 FFFFFF8B 7A 3A FFFFFFF5 17 FFFFFF9B FFFFFFC9 FFFFFF9B FFFFFFA2

Conditions   Router needs to have dns server configured and listen to udp port 53 conf t ip dns server end

Workaround   Apply rate limit to port 53 to interfaces facing untrusted networks: access-list 100 permit udp any any eq domain access-list 100 deny ip any any interface GigabitEthernet0/0 ip address 10.2.2.2 255.255.255.0 rate-limit input access-group 100 8000 1500 2000 conform-action transmit exceed-action drop.

CSCsl48237- incorrect bounding length in sstrncpy() calls in l2tp files

Symptom    If a large name string is used when configuring the command "security crypto-profile" under the l2tp-class submode, we could have a buffer overflow which may crash the router.

Conditions   This problem only occurs if a large name string is used in the "security crypto-profile" command.

Workaround   There is no workaround.

CSCsl59294- %DATACORRUPTION-1-DATAINCONSISTENCY at caplog_logger_proc

Symptom    A Cisco router may see the following error once shortly after bootup: *Nov 21 15:16:28 CDT: %DATACORRUPTION-1-DATAINCONSISTENCY: copy error, -PC= 0x416DE178 -Traceback= 0x412593C0 0x41276250 0x412947F4 0x416DE178 0x416DE650 0x423E303C 0x423E3020 *Nov 21 15:16:28 CDT: %DATACORRUPTION-1-DATAINCONSISTENCY: copy error, -PC= 0x416DE188 -Traceback= 0x412593C0 0x41276250 0x412947F4 0x416DE188 0x416DE650 0x423E303C 0x423E3020 No functional impact is seen.

Conditions   Occurs on a Cisco 2811 router running Cisco IOS Release 12.4(13d).

Workaround   Disable the following configuration on the router: voice hpi capture buffersize voice hpi capture destination filename

CSCek41543- Cisco2811 Processor Pool Memory Leak in ISDN and Crash

Symptom    A Cisco 2811 router running Cisco IOS Release 12.4(7a) may have a memory leak in the ISDN process as has been seen in the show process memory. The leak rate appears to be about 1.20MB/Hour.

Conditions   This symptom has been observed with BRI-U interface that is UP/UP (spoofing).

Workaround   Administratively shut down the BRI interface.

CSCsi21389- One-way multicast traffic over wireless.

Symptom    Routers that have the ability to use the optional 802.11b/g card, such as the Cisco ISR series do not pass multicast traffic across the wireless interface.

Conditions   Cisco routers that have the 802.11 b/g HWIC card do not pass multicast traffic across the wireless interface, though multicast routing is enabled and otherwise is configured normally. Wireless hosts cannot pass multicast traffic between each other, and multicast traffic from the wired network will not be transmitted out the wireless interface.

Workaround   None

CSCsi44510- CME multicast audio to the 7921 cuts out on HWIC-AP

Symptom    Multicast audio to the 7921 cuts out after a few seconds and will not resume.

Conditions   A 7921 registered to CME doing multicast paging or multicast MOH

Workaround   None

CSCsj14277- Wrong Calling ID by transfer, only with 7931 - 12.4(4)XC6

Symptom    The caller id on the transfer-to is not updated with the transferee after the transferrer commits the transfer.

Conditions   When the transfer-to answers the call from the transferrer, the caller id on the transfer-to shows that the call is from transferrer. After the transferrer commits the transfer, the caller id should be updated with the transferee. This caller id display issue can be observed if the transferrer DN is shared by the transfer-to.

Workaround   There is no workaround without removing the XOR DN from the XTO.

CSCsj34770- Having problem in establishing QSIG Prime call

Symptom    QSIG PRIME call is not going between slave and master routers

Conditions   This issue is seen in 12.4(16.5)T

Workaround   There is no workaround .

CSCsj50982- Wrong isdn cause code while making call to wrong destination

Symptom    Wrong isdn cause code coming while making call to wrong destination

Conditions   While call made to wrong destination number

Workaround   None

CSCsk25697- unprotected buginf may cause cpuhog under repeated udp traffic to 53

Symptom    A router with DNS server configured may show CPUHOG tracebacks when it receives repeated crafted udp packets to its port 53. Sample for 3800 router: %SYS-3-CPUHOG: Task is running for (40004)msecs, more than (2000)msecs (5/0),process = DNS Server Input. -Traceback= 0x60D68CDC 0x6033D984 0x6180E58C FFFFFFA0 3F 4E 60 0x708DFD18 06 FFFFFFFE FFFFFF88 FFFFFFA5 FFFFFFA3 FFFFFF92 FFFFFFA7 FFFFFF8B 7A 3A FFFFFFF5 17 FFFFFF9B FFFFFFC9 FFFFFF9B FFFFFFA2.

Conditions   Router needs to have dns server configured and listen to udp port 53 conf t ip dns server end.

Workaround   Apply rate limit to port 53 to interfaces facing untrusted networks: access-list 100 permit udp any any eq domain access-list 100 deny ip any any interface GigabitEthernet0/0 ip address 10.2.2.2 255.255.255.0 rate-limit input access-group 100 8000 1500 2000 conform-action transmit exceed-action drop.

CSCsk71610- CCSIP_UDP_SOCKET causes high CPU Usage

Symptom    Incoming and outgoing calls fail due to high CPU Usage.

Conditions   CPU Usage is at 99-100% and CCSIP_UDP_SOCKET is using 88+%.

Workaround   There is no workaround.

CSCsl18024- HWIC Country Code Issue

Symptom    Error message %DOT11-3-POWERS_INVALID: Interface Dot11Radio0/3/0, no valid power levels available is displayed during boot up.

Conditions   Occurs for certain HWIC-AP cards with wrong country code values

Workaround   Work around is to use HWIC AP cards of correct country code values.

CSCsl59294- %DATACORRUPTION-1-DATAINCONSISTENCY at caplog_logger_proc

Symptom    A Cisco router may see the following error once shortly after bootup: *Nov 21 15:16:28 CDT: %DATACORRUPTION-1-DATAINCONSISTENCY: copy error, -PC= 0x416DE178 -Traceback= 0x412593C0 0x41276250 0x412947F4 0x416DE178 0x416DE650 0x423E303C 0x423E3020 *Nov 21 15:16:28 CDT: %DATACORRUPTION-1-DATAINCONSISTENCY: copy error, -PC= 0x416DE188 -Traceback= 0x412593C0 0x41276250 0x412947F4 0x416DE188 0x416DE650 0x423E303C 0x423E3020 No functional impact is seen.

Conditions   Occurs on a Cisco 2811 router running Cisco IOS Release 12.4(13d).

Workaround   Disable the following configuration on the router: voice hpi capture buffersize voice hpi capture destination filename.

CSCsm04209- PVDM2-DM fails to initiate calls over EuroISDN BRI while TEI is 
inactive.

Symptom    Modem calls fail to establish when 'isdn tei-negotiation firstcall' configured on ISDN interfaces.

Conditions   The ISDN BRI interfaces are added to CSM signaling interface queue only when they are active (layer 2, MULTI-FRAME-ESTABLISHED). Since, the ISDN L2 is not activated until the first call is initiated which in turn means there is no signaling interface available, which results in call failure.

Workaround   Add the ISDN BRI interfaces to CSM signaling interface if they are not administratively down (shutdown).

CSCsm45689- UC520 crashed when system test was executed with debug logs enabled.

Symptom    UC520 crashed when system test was executed with debug logs enabled.

Conditions   UC520 crashed when system test was executed with the below debug logs enabled. debug callmon core debug callmon info debug callmon detail debug ccsip message.

Workaround   None.

CSCsm46227- Router crash with CPUHOG for trunk port monitoring.

Symptom    Cisco 3845 may crash when there is an incoming trunk call.

Conditions   Occurs if the shared trunk DN is monitored by a FXO port and it is call-forwarded to another trunk DN with "call-forward all".

Workaround   None.

CSCsm49011- VG224 SCCP port plays reorder before CM routes call-IOS interdigit 
timer.

Symptom    On an FXS port configured for SCCP usage (such as on a VG224), reorder is heard 10 seconds after the last digit dialed when a number is dialed that requires waiting for interdigit timeout on CallManager.

Conditions   Using SCCP controlled FXS port on an IOS box. Dialing a number which requires waiting for interdigit timeout to route (such as a variable length international number).

Workaround   Increase the interdigit timeout setting on each SCCP FXS port to 16 secs (to be greater than CallManager's 15 secs). This is done by configuring "timeouts interdigit 16" under each voice port. OR decrease the CallManager interdigit timeout to 9 seconds (to be less than the VG224 port's 10 secs). This is done by changing the CallManager service parameter T302 Timer value to 9000 msec (9 seconds). If this workaround is chosen the new interdigit timeout setting will apply to all devices attached to the CallManager, not just the IOS SCCP FXS ports.

CSCsm55045- Crash illegal deallocation of unassigned/in-use memory.

Symptom    A Cisco router configured with Call Manager Express (CME) may reload due to point to illegal deallocation of unassigned/in-use memory.

Conditions   Occurs when CME is enabled.

Workaround   There is no workaround.

CSCsm50874- CME: calling name in facility IE doesn't display on IP phone.

Symptom    CME 4.2 does not display calling name when sent in an ISDN facility IE message. The facility is received and interpreted correctly however it doesn't show up on the IP phone display.

Workaround   IOS 12.4(11)XW3 and 12.4(15)XY correct display the calling name.

CSCsm65685- Need to enable vendorConfig parameters on 7912.

Symptom    After the configuration of telephony-service phone settings Access 2 <settingsAccess>2</settingsAccess>" is missing in system:/its/XMLDefault7921.cnf.xml.

Workaround   None.

CSCsm92260- CSKU wrong country code issue. 

Symptom    Error message Feb 28 08:50:28.459: %DOT11-3-POWERS_INVALID: Interface Dot11Radio0/0/0, no valid power levels available seen on router console during router boot up.

Conditions   Occurs for certain CSKU cards with wrong country code values.

Workaround   Work around is to use CSKU cards of correct country code values.

CSCso33776- spurious access error in AFW_M_Destination_Initiate.

Symptom    Spurious memory access messages may be generated by a router. Mar 28 02:45:02.016: %ALIGN-3-SPURIOUS: Spurious memory access made at 0x41DCE7E0 reading 0x60 Mar 28 02:45:02.016: %ALIGN-3-TRACE: -Traceback= 0x41DCE7E0 0x41DCF674 0x41DD351C 0x41DD6BBC 0x41DA96CC 0x41E0E428 0x41E0F2C4 0x41DF36D4. This issue may be cosmetic in nature.

Conditions   These spurious memory accesses may be triggered by a T1/E1 PRI call or other event.

Workaround   There is no known workaround. This issue may be cosmetic in nature.

Open Caveats - Cisco IOS Release 12.4(11)XW6

There are no open caveats in this release.

Resolved Caveats - Cisco IOS Release 12.4(11)XW6

CSCsg91306

Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS that can be exploited remotely to trigger a memory leak or to cause a reload of the Cisco IOS device.

Cisco has released free software updates that address these vulnerabilities. Fixed Cisco IOS software listed in the Software Versions and Fixes section contains fixes for all vulnerabilities addressed in this advisory.

There are no workarounds available to mitigate the effects of any of the vulnerabilities apart from disabling the protocol or feature itself, if administrators do not require the Cisco IOS device to provide voice over IP services.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080924-sip.shtml.

CSCsi17020

A series of segmented Skinny Call Control Protocol (SCCP) messages may cause a Cisco IOS device that is configured with the Network Address Translation (NAT) SCCP Fragmentation Support feature to reload.

Cisco has released free software updates that address this vulnerability. A workaround that mitigates this vulnerability is available.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080924-sccp.shtml.

CSCsj85065

A Cisco IOS device may crash while processing an SSL packet. This can happen du