Table Of Contents
Release Notes for Cisco AON Release 2.4
Contents
New Features in Cisco AON Release 2.4
AON Application System Requirements
AON Supported Hardware
AON Node Supported Software
Upgrade Paths
Using Cisco IOS Release 12.4(9)T
Important Notes
Resolved Caveats
Open Caveats
Related Documentation
Obtaining Documentation, Obtaining Support, and Security Guidelines
Release Notes for Cisco AON Release 2.4
July 31, 2007
Cisco Application-Oriented Networking (AON) is the first in a new line of Cisco products that embed intelligence into the network to meet the needs of application deployment. AON enables you to:
•
Integrate dissimilar applications by routing information to the appropriate destination, in the format required at the destination.
•Enforce policies for information access and exchange.
•Optimize bandwidth and reduce processing overhead for application traffic.
•Increase management of information flow, including monitoring for business and infrastructure.
•Enhance business continuity by transparently backing up or rerouting critical business data.
Working at the message rather than packet level, AON provides this support by understanding more about the content and context of information flow.
Contents
These release notes cover Cisco AON Release 2.4 and include the following topics:
•New Features in Cisco AON Release 2.4
•AON Application System Requirements
•AON Supported Hardware
•AON Node Supported Software
•Upgrade Paths
•Using Cisco IOS Release 12.4(9)T
•Important Notes
•Resolved Caveats
•Open Caveats
•Related Documentation
•Obtaining Documentation, Obtaining Support, and Security Guidelines
New Features in Cisco AON Release 2.4
AON Release 2.4 includes the following new features and functionality:
•Project Management
This feature introduces the concept of projects to partition the work performed by different development teams. Teams can manipulate the resources assigned to their projects without regard for the resources used by other projects.
•Programmatic Management Interface
This feature provides an interface so that third-party applications can manipulate data in AMC.
•Standalone Nodes with TACACS+ Support
AON nodes can be configured to operate in an environment without AMC. In standalone mode, nodes are managed by a third-party application such as AlterPoint, which configures the node using SSH and the command-line interface (CLI). Additionally, nodes can be configured to use TACACS+ for authentication, authorization, and accounting of users.
•Promiscuous Mode Enhancements
PMode now has the ability to capture UDP packets. The feature is enabled by default; no further configuration is necessary. Pmode has also been enhanced to capture packets at time-based intervals.
•Bladelet enhancements:
–Support for a mix of one-way and two-way sends in a PEP
–Support for Send bladelet exception handling
–Support for LoadBalancing bladelet exception handling
–URL rewriting
–Port rewriting
–Ability to cache Request Content
–Ability to remove cache entries
–Ability to cache PEP variable content
–PEP support for HTTP 302 redirect response
–Support for early reply (response)
–Send Bladelet Specific Timeout Properties
•Adapters
–Weblogic JMS adapter
–SMTP adapter
–Radius UDP
–Thick Client deployment at adapter extension
–Inbound Notification change/queue based adapter consistent use of dead letter queue (DLQ)
–Adapter updates no longer require a restart of the AON node.
•Ability to disable retry policy
•Support for configurable AcccessDB connection pool
•Distributed cache enhancements for virtual cluster
•Specialized LoadBalancing custom bladelet APIs to allow user-defined policies
•CLI extensions for troubleshooting
•WCCP UDP Redirection
•NTP enhancements
•Command for TCPDump
•Daylight Saving Time changes implemented because of U.S. Energy Policy Act of 2005
•Scriptable interface for node deployment, promotion, and rollback
For more information on using these features, see the "Related Documentation" section.
AON Application System Requirements
Table 1 lists the minimum requirements for installing AON applications for Cisco AON Release 2.4.
Table 1 AON Minimum System Requirements
Application
|
Operating System
|
CPU
|
RAM
|
Hard Drive
|
Software Image
|
AON Management Console (AMC)
|
Red Hat Enterprise Linux 3.0 or later
|
Single processor;
Pentium III or Xeon
|
1 GB (minimum)
2 GB (recommended for large adapters)
|
20 GB
|
AON 2.4.0.58
|
AON Development Studio (ADS)
|
Windows 2000 or Windows XP with latest service packs.
|
Pentium IV
|
1 GB (minimum)
2 GB (recommended for large adapters)
|
40 GB
|
AON 2.4.0.58
|
AON Supported Hardware
Table 2 lists the hardware platforms that are supported by Cisco AON Release 2.4.
Table 2 Supported Hardware
AON Appliance
|
AON Service Module (AON-SM)
|
AON Network Module (AON-NM)
|
AON Enhanced Network Module (AON NME)
|
Cisco 8340 AON Appliance
•APL-AON-8340-K9
Cisco 8342 AON Appliance
•APL-AON-8342-K9
|
•WS-6503
•WS-C6503-E
•WS-C6506
•WS-6506-E
•WS-C6509
•WS-6509-E
•WS-C6509-NEB-A
•WS-6513
|
•Cisco 2610XM
•Cisco 2611XM
•Cisco 2620XM
•Cisco 2650XM
•Cisco 2651XM
•Cisco 2691XM
•Cisco 2811
•Cisco 2821
•Cisco 2851
•Cisco 3725
•Cisco 3745
•Cisco 3825
•Cisco 3845
|
•Cisco 2811
•Cisco 2821
•Cisco 2851
•Cisco 3725
•Cisco 3745
•Cisco 3825
•Cisco 3845
|
AON Node Supported Software
Table 3 lists the software levels for the Cisco platforms that support AON.
Table 3 Supported Software on Nodes
Platform
|
Minimum Software Release Supported
|
Latest Software Release Supported
|
AON-SM
Catalyst 6500 Series Switches with Supervisor Engine 720
|
Cisco IOS Release 12.2(18)SXF2
|
Cisco IOS Release 12.2(18)SXF7
|
AON-SM with Catalyst OS
Catalyst 6500 Series Switches with Supervisor Engine 720
|
Cisco IOS Release 12.2(18)SXF MCF2
Catalyst Operating System Release 8.5(3)
|
Cisco IOS Release 12.2(18)SXF7 MCF2
Catalyst Operating System Release 8.5(8)
|
AON-SM 2
Catalyst 6500 Series Switches with Supervisor Engine 2
|
Cisco IOS Release 12.2(18)SXF2
|
Cisco IOS Release 12.2(18)SXF7
|
AON-SM 2 with Catalyst OS
Catalyst 6500 Series Switches with Supervisor Engine 2
|
Cisco IOS Release 12.2(18)SXF2 MCF2
Catalyst Operating System Release 8.5(4)
|
Cisco IOS Release 12.2(18)SXF7 MCF2
Catalyst Operating System Release 8.5(8)
|
AON-NM
Cisco 2600, Cisco 2800, Cisco 3700,
and Cisco 3800 Series Routers
|
Cisco IOS Release 12.3(14)T1
|
Cisco IOS Release 12.4(9)T
|
AON-NME
Cisco 2800, Cisco 3700, and
Cisco 3800 Series Routers
|
Cisco IOS Release 12.4(9)T
|
—
|
Cisco 8340 AON Appliance
|
AON release 1.1.0.189
AON release 2.1.2.29
(with firmware upgrade)
|
Cisco AON Release 2.4.0.58
|
Cisco 8342 AON Appliance
|
AON release 2.1.2.29
|
Cisco AON Release 2.4.0.58
|
Upgrade Paths
Table 4 lists the valid upgrade paths for each AON software release. Previous AON releases did not require you to upgrade software on AON nodes. However, due to several architectural changes included in Cisco AON Release 2.4, you must upgrade all nodes for this release. A version 2.4 AMC cannot manage nodes running previous AON software releases.
Table 4 AON Upgrade Paths
AON Release
|
Valid Upgrade Paths
|
Node Upgrade Required
|
AON 1.x
|
AON 2.1 only
|
Yes
|
AON 2.1
|
Any AON 2.x
|
Only if upgrading to AON 2.4
|
AON 2.1.x
|
Any AON 2.x
|
Only if upgrading to AON 2.4
|
AON 2.2
|
AON 2.4
|
Yes
|
Using Cisco IOS Release 12.4(9)T
Cisco IOS Release 12.4(9)T changes the name of the AON-NM in Cisco IOS. It is now referred to as AON-Engine instead of AONS-Engine. Because of this change, you must perform the following additional steps as part of your upgrade:
•Back up your startup and running configurations.
•After the upgrade, reenter the AON-NM's network configuration using the AON-Engine interface.
For further details on configuring the AON-NM, see the AON Installation and Upgrade Guide.
Important Notes
Important Notes that Affect AON Release 2.4
•Due to several architectural changes in AON software, you must recompile custom adapters and custom bladelets used with previous AON releases before they can be used with Cisco AON Release 2.4.
•Your AON environment may be affected by changes to Daylight Saving Time specified by the U.S. Energy Policy Act of 2005. See the following document for more complete details: Impact of U.S. Daylight Savings Time Changes on Cisco Application-Oriented Networking.
•An excessive number of open SSL connections can cause an AON node to become inoperable. AON has been verified to handle up to 100 connections without effect. However, the node goes out of service when there are 350 open SSL connections.
Important Notes from Previous AON Releases
•The AON Management Console (AMC) supports only Microsoft Internet Explorer 6. AMC pages may not render properly in other web browsers.
•AON is implemented in Java, where memory is automatically managed by the Java runtime system. This means that there might be moments in the system when the garbage collection (automatic memory management) is still working at freeing up memory. The graceful-handling mechanism checks the free memory to determine if a message should be let into the system. So under high loads it is possible that AON will reject messages because the garbage collection is taking time to free up memory.
•The following issues may affect AON Development Studio (ADS) installation; however, the root causes are beyond the control of Cisco:
–Using the ALT key during ADS installation can cause some InstallShield screens to become corrupted. Despite this display problem, the ADS installer continues to function. If the display gets corrupted, minimize the ADS installer and then maximize it again. The display should return to normal. This is a known InstallShield issue when using JVMs with version 1.4.2.x.
–In rare situations when initially launching ADS on Windows 2000, an error message may be returned indicating that the database is busy or unavailable. The error can occur even though the database is listed as started in the list of Windows Services. This occurs when a database port is chosen in the ADS installer that also appears in the output of the netstat -a command in a loopback situation. The port is shown as pointing to another server port which in turn points back to it. This behavior has been seen only with one port, although not always the same port on the system. Reboot the PC to correct this problem.
Resolved Caveats
Table 5 lists the caveats that have been resolved in this AON release.
Table 5 Caveats Resolved in AON 2.4
Defect ID
|
Description
|
CSCej69080
|
AON-NM MAC address should be displayed using show interface command.
|
CSCek18587
|
TTL expiration fails.
|
CSCek28868
|
Deprecate rollback feature from EMS delivery failure policy
|
CSCek28910
|
Graceful handling activates in AON-SM within a few hours of processing 15 concurrent 600KB messages
|
CSCek29582
|
Input stream truncated. Results in 0.03% failure.
|
CSCek29630
|
Virtual cluster does not connect to Tibco server after Tibco is restarted.
|
CSCek29803
|
JMS adapter source batch failure policy is not correctly applied.
|
CSCek29828
|
JMS source and destination on different brokers cannot be statically linked.
|
CSCek30721
|
Caching does not work with MQ messages.
|
CSCek32772
|
Timestamp is incorrect on AON appliance after software upgrade.
|
CSCek33304
|
AON does not preserve original proxy host and port in implicit mode.
|
CSCek34188
|
MDS delete entry not deleting after a few hours.
|
CSCek36378
|
Cookie header in 302 response is not correctly handled.
|
CSCsd99036
|
Unable to create a PEP with branch bladelet inside loop bladelet.
|
CSCsd99156
|
Xpath returns value of null from rule when processed the first time.
|
CSCse41928
|
Multiple modifications to JMS Property & Single deployment does not work.
|
CSCse47151
|
Message log bladelet asynchronous is not working with connection error.
|
CSCsf04907
|
Bootloader configuration deleted after log trace boot.
|
CSCek35365
|
AON crashes when deploying schema validation.
|
Open Caveats
Table 6 lists the caveats for this AON release, including defect identification numbers and symptoms. When applicable, conditions under which the defects occur and workarounds are also included.
Table 6 Open Defects in Cisco AON Version 2.4
Defect ID
|
Description
|
CSCek25514
|
Symptom
Fastpath does not support wildcards in a uniform resource identifier (URI) for message-type classification.
Condition
In a message type URI, if a string such as "/index*" is specified, Fastpath classification does not classify messages with URIs "/index.html" or "/index1.html" to that message type.
Workaround
Use complete URI for message-type classification. If more than one URI must be classified to a single message type and execute the same policy execution plan (PEP), define a message type for each URI and map all message types to the same PEP.
|
CSCek29892
|
Symptom
Tibco Enterprise Message Service (EMS) broker runs out of resources when the AON EMS adapter is misconfigured.
Condition
This symptom occurs when the broker's EMS queue and the AON EMS adapter are mismatched. For example, if the queue is configured within the AON adapter to receive messages, and the queue is in fact configured to send, the adapter continues to try to connect to the broker to register itself, causing resource issues for the EMS broker.
Workaround
Correct the configuration of the EMS adapter.
|
CSCek31626
|
Symptom
Classification based on URI does not seem to work correctly. Messages are rejected even if there is an entry for that URI.
Condition
This occurs under the following sample configuration:
•A message type named "T1" is based on 5-tuple named "A" and a URI of "/index-nomatch.html"
•Another message type is named "T2" and based only on a URI of "/index.html"
Messages that match 5-tuple "A" and URI "/index.html" do not get classified to type "T2" and are rejected.
Workaround
Use one of the following options:
•Add a third message type that is based on 5-tuple "A" and URI "/index.html"
•If 5-tuple based classification is not required for "T1" classification, remove the 5-tuple detail from that message type.
|
CSCek37187
|
Symptom
Following an upgrade, the log level for Fastpath resets to the default setting, as it is designed to do. However, the running configuration incorrectly shows the previous log level.
Workaround
Configure the appropriate log level after each upgrade.
|
CSCse55758
|
Symptom
When the URI is http:cisco.com/index.html, instead of sending the data to http://cisco.com/index.html, AON sends the request to the destination specified in the "host" header field.
Condition
This occurs when the URI is incorrect. Although http:www.cisco.com is a correct form of URI, Fastpath misinterprets it. Fastpath then reconstructs the URL from the "host" header field and attempts to connect to it.
Workaround
None.
|
CSCsg55520
|
Symptom
A user starts a deployment, and it hangs indefinitely. If the user retries the deployment from a different browser window, or if the user attempts to deploy a different deployment request (DR) to one of the nodes involved in the hung deployment, the deployment fails with the error "another user is currently deploying to node."
Condition
This situation was observed when an AON-SM was out of service. No processes were running on the AON-SM.
Workaround
To end the locked deployment, restart the AON-SM and AMC. Once AMC and the node are running again, attempt another deployment.
|
CSCsg76007
|
Symptom
Port 6666 becomes unresponsive after a massive number of HTTPS requests. The port does not recover.
Workaround
Restart AON.
|
CSCsg76516
|
Symptom
DNS names are not resolved when they are used in BEA JMS naming configuration from AMC.
Condition
This happens when use DNS names from AMC BEA JMS Naming configuration but use IP address in the PEP.
Workaround
Use IP address instead of DNS names.
Further Problem Description
There are four different scenarios to consider, and this issue only happens with the fourth scenario.
1. Use Weblogic server host-name in AMC under the JMS Naming configuration and use this host-name in PEP as the message destination.
2. Use Weblogic server IP address in AMC under the JMS Naming configuration and use this IP address in PEP as the message destination.
3. Use Weblogic server IP address in AMC under the JMS Naming configuration and use host-name in PEP as the message destination.
4. Use Weblogic server host-name in AMC under the JMS Naming configuration and use IP address in PEP as the message destination.
|
CSCsh18315
|
Symptom
The JMS adapter is unable to take multiple URIs from a remote factory.
Condition
This is applicable only when a JMS adapter is configured with Tibco as the remote Java Naming and Directory Interface (JNDI) naming service.
Workaround
Specify only a single JNDI name for the connection in the Tibco factory configuration file.
|
CSCsh63068
|
Symptom
While attempting to register an HTTP adapter extension package, the following error dialog occurs:
Error registering the package. null.
The following error messages are logged by AMC:
01-Feb-2007 11:53:27 WARN [http7010-Processor23] AMC.Extensions.ExtensionLogic Error
deploying extension com.cisco.aons.amc.data.AdapterExtExtension:
java.lang.NullPointerException; null 01-Feb-2007 11:53:27 WARN [http7010-Processor23]
AMC.Extensions.ExtensionsAction Error in Registration: java.lang.NullPointerException; null
While attempting to configure a number of different global AON properties, an error similar to the following occurs:
Unable to get attribute domain for 'com.cisco.aons.policies.mec.SendProperties' in the
'AMCGLobalPolicy' context. Make sure the corresponding XML file is located in the $AMCROOT
directory structure".
Condition
Immediately after AMC is launched following a new installation, the application spends some time (usually 3 to 5 minutes) initializing its database. Interrupting this process causes this problem. To ensure that AMC completes this task, look for the following entry in amc.log before shutting down a newly installed AMC:
DBUtils.initializeDB() completed
This problem does not affect AMC following an upgrade.
Workaround
None. Reinstall AMC if this problem occurs.
|
CSCsh67373
|
Symptom
AON lacks correct time zone information for the U.S. state of Indiana.
Workaround
Change your time zone setting to a locale that equates to the correct time for your area. See the following document for more complete details: Impact of U.S. Daylight Savings Time Changes on Cisco Application-Oriented Networking.
|
CSCsh70150
|
Symptom
A custom bladelet was lost after rebooting an AON node. This occurs when the reload command is used in AON, and it also occurs when the reset button is pushed on the host switch or router.
Workaround
Reload AON a second time.
|
Related Documentation
The AON documentation set includes the following guides:
•AON Installation and Upgrade Guide—Covers the installation and upgrade of the AON environment.
•AON Administration Guide—Covers the administration of AMC and AON nodes.
•AON Development Studio User Guide—Covers ADS, bladelets, and PEP creation.
•AON Programming Guide—Covers the development of custom bladelets, custom adapters, and other features related to extending AON functionality.
Obtaining Documentation, Obtaining Support, and Security Guidelines
For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
© 2007 Cisco Systems, Inc. All rights reserved.
